Find a practice exam
Flexible search understands AI-901, ai901, ai 901, 901, ai, network plus, and saa c03.
No matching practice exams yet.
Free CCNA 200-301 practice test
Know why every answer is right or wrong.
What CCNA covers: Network Fundamentals (25%) • Security Fundamentals (18%) • IP Services (16%)
New set every day. Start today's questions before they rotate.
CCNA
Cisco Certified Network Associate (CCNA 200-301)
What you get immediately
- A real CCNA question first, not a wall of copy
- Correct answer plus per-choice explanation
- Source link for follow-up study
- Free daily set, then full-bank Pro when you want more
In a network implementing differentiated services, what mechanism is used to ensure packets receive the appropriate per-hop forwarding behavior?
A. Incorrect: IP-layer packet marking because it conveys the necessary information for per-hop forwarding behavior.
B. Correct: Traffic policing because it regulates traffic but does not convey forwarding instructions.
C. Incorrect: Queue management because it manages how packets are handled at a node but does not mark them with forwarding instructions.
D. Incorrect: Congestion avoidance because it prevents congestion but does not specify packet handling at each hop.
Which command would you use to verify the connectivity status of an access point in FlexConnect mode?
A. Correct: It displays the current status of APs connected to the controller in FlexConnect mode.
B. Incorrect: This command shows client counts but does not provide information on AP connectivity.
C. Incorrect: It lists interface descriptions, which do not include AP connectivity details.
D. Incorrect: It shows IP routing tables and is unrelated to wireless access point status.
What command would you use to display the routing table on a Cisco router?
A. Correct: 'show ip route' displays the IP routing table on a Cisco router.
B. Incorrect: This command is used on Huawei devices, not Cisco routers.
C. Incorrect: It shows the current configuration of the device, not the routing table.
D. Incorrect: D is incorrect as it does not follow the correct syntax for displaying information in IOS.
You're 3 questions in. Want the full bank?
Unlock the full question set, timed exam mode, practice mode, saved progress, previous tests, and readiness scoring.
151 more questions, timed exam mode, and saved history are waiting in the full unlock.
Pro is active. Use the full bank, Exam mode, and saved box scores when you want deeper review.
What is the primary purpose of using Terraform in infrastructure management?
A. Incorrect: Building machine images is a use case for Packer, another HashiCorp tool.
B. Correct: Terraform allows you to define cloud and on-prem resources in configuration files that can be versioned and reused.
C. Incorrect: Orchestrating workloads is a function of Nomad, not Terraform.
D. Incorrect: Securing remote access is the purpose of Vault, another HashiCorp product.
According to RFC 8907, what is a key feature of the TACACS+ protocol?
A. Correct: RFC 8907 specifies that TACACS+ provides Device Administration via one or more centralized servers, which includes managing users centrally for authentication and authorization purposes.
B. Incorrect: Network traffic shaping involves controlling the flow of data packets in a network to optimize performance. This is unrelated to user management as described by RFC 8907.
C. Incorrect: While TACACS+ may use encryption, it does not specify features related to data compression which is typically handled by other protocols or tools.
D. Incorrect: Firewall configuration involves setting rules for network security and access control. While TACACS+ deals with authentication and authorization, it does not configure firewalls as its primary function.
According to RFC 1918, which IPv4 address range is designated for private use inside enterprise networks and includes addresses from 192.168.0.0 to 192.168.255.255?
A. Correct: RFC 1918 designates the range 192.168.0.0/16 for private use inside enterprise networks, which includes addresses from 192.168.0.0 to 192.168.255.255.
B. Incorrect: RFC 1918 does not designate the range 172.32.0.0/12 for private use inside enterprise networks; it is outside the specified ranges.
C. Incorrect: While RFC 1918 designates the range 10.0.0.0/8 for private use, it does not include addresses from 192.168.0.0 to 192.168.255.255.
D. Incorrect: RFC 1918 designates the range 127.0.0.0/8 for loopback addresses, not private use inside enterprise networks.
According to RFC 5905, what is the significance of a stratum level in an NTP hierarchy?
A. Correct: RFC 5905 specifies that stratum levels indicate the hierarchy and accuracy of NTP servers, with lower numbers indicating higher precision time sources.
B. Incorrect: Network topology for data transmission is unrelated to the hierarchical structure defined by strata in NTP.
C. Incorrect: Routing protocol priorities are not determined by NTP strata; these are separate concepts in networking.
D. Incorrect: Firewall rules and secure communication configurations do not involve NTP stratum levels.
Which access point mode allows for centralized management of clients while offloading data traffic to the local network?
A. Incorrect: Autonomous mode does not support centralized management of clients; each AP operates independently.
B. Incorrect: Lightweight mode requires a connection to a wireless controller for client management, but it does not offload data traffic locally.
C. Incorrect: Local mode still relies on the controller for critical functions such as client management and security policies.
D. Correct: FlexConnect mode allows centralized management of clients while offloading data traffic to the local network.
According to RFC 826, what does ARP do when a host wants to transmit data over Ethernet?
A. Correct: ARP dynamically distributes information needed to convert network protocol addresses (like IP) to Ethernet MAC addresses for transmission over Ethernet hardware, as per RFC 826.
B. Incorrect: VLAN settings are managed through IEEE 802.1Q and other protocols or switch configurations.
C. Incorrect: Encryption of network traffic is handled by security protocols like TLS or IPsec, not ARP.
D. Incorrect: Static routes are configured using routing protocols or CLI commands such as 'ip route', not ARP.
According to RFC 7348, what is the primary purpose of VXLAN in virtualized data centers?
A. Correct: It accurately describes the purpose of VXLAN as stated in RFC 7348.
B. Incorrect: Direct communication between VMs across different subnets is not the primary focus; VXLAN enables this through overlay networks but does not specify this as its main purpose.
C. Incorrect: While security can be enhanced, encryption of all network traffic is not a core function of VXLAN.
D. Incorrect: Reducing physical hardware is not a direct goal of VXLAN; it focuses on virtualizing network segments.
You've reached the free preview.
Go beyond sample questions with the full source-backed bank, objective practice, exam mode, saved progress, and readiness scoring.
161 verified questions are ready behind the full unlock.
Pro is active. Use the full bank, readiness score, and saved exams when you want deeper reps.
Keep studying CCNA in the app
You finished the free web set. The app gives you a larger rotating bank, weak-domain drills, readiness tracking, and longer mobile review.
Unlock the full CCNA bank.
Get the full source-backed bank, timed exam mode, practice mode, saved progress, previous tests, and readiness scoring for this exam.
You've answered 0/10 free questions today.
Locked: 151 more questions in the full bank.
Locked: exam simulation mode and end-of-exam review.
Today's free set refreshes soon. Upgrade to continue with the full bank.
Unlock this exam, or compare the career path and bundle options when you want a broader guided route.
Build a CCNA session
Choose the question count, question set, mode, and timer for your full-bank practice.
Tell dotCreds what you are aiming for.
Set a target once. We will keep the next study action visible before every Pro session.
Answer more questions to start your readiness trend on this browser.
Box scores, domain breakdowns, and full answer explanations for Pro exam attempts on this browser.
7-day score keeper
Answer questions today and this will become a rolling 7-day scorecard.
Keep today’s practice moving
Guest progress saves automatically on this device. Add an email later when you want a magic link that keeps your daily CCNA practice in sync across browsers.
Guest progress saves on this device automatically
161 verified questions are currently in the live bank. Questions updated at May 13, 2026, 12:03 PM CDT. The daily set rotates at 10:00 AM local time, and each explanation links back to the source used to write it. Use the web set for quick practice, then switch to the app when available for larger banks and deeper review.
CCNA is the networking cert that starts to matter when the role is moving from broad IT support into actual network administration and infrastructure ownership.
- Role examples: network administrator, NOC engineer, infrastructure support engineer, and junior network security specialist.
- Where it shows up: routing and switching, enterprise networking, infrastructure troubleshooting, and network security.
- On-the-job payoff: you need deeper Cisco-style networking judgment than Network+ usually provides.
- Typical next step: It often sits between Network+ fundamentals and more advanced Cisco work like CCNP.
CCNA gets easier when you stop treating it like vocabulary recall and start reading for network behavior. The right answer usually matches how an enterprise network should actually route, switch, secure, or recover.
- Current emphasis in this bank: Network Fundamentals (25%).
- Be careful with options that name the right protocol family but solve the wrong operational problem.
- Best official starting point: Cisco 200-301 CCNA.
The fastest path is to turn this exam into a repeatable pattern-recognition loop instead of a one-time cram session.
- Start with the free daily set closed-book so you can see which parts of the cloud and it lane still feel weak.
- Use every explanation as a checkpoint for why the right answer fits the scenario and why the other answer choices do not.
- Open the official Cisco source when a concept keeps missing so you fix the gap at the source instead of rereading generic notes.
- Use the nearby cert pages when you need broader context around the same job path or technology stack.
The usual misses happen when learners recognize keywords but do not slow down enough to match the scenario to the exact decision the exam is testing.
- Reading for one familiar keyword and skipping the deeper clue that tells you which cloud and it concept actually fits.
- Memorizing isolated terms without checking why the right answer wins over the other answer choices in the same scenario.
- Ignoring the official Cisco source after a miss and hoping the next question will feel easier on its own.
- Studying this page in isolation when one nearby cert page could clear up the broader pattern much faster.
The fastest path is simple: answer the set, review the reasoning, then use the score history and source links to decide what to hit next.
- Answer the free set first without looking anything up so the score reflects what is actually sticking.
- Read every explanation, especially the wrong answer choices, so the weaker options stop looking plausible next time.
- Open the linked source when a concept feels weak, then come back and repeat the question flow while the wording is fresh.
- Use the 7-day score keeper, related cert links, and comparison pages to decide what to study next instead of guessing.
- Move into the app when you want the full bank, timed reps, readiness tracking, and a steadier mobile study loop.
Use these official Cisco resources alongside the daily practice set. They cover the provider's own exam page, study guide, or prep material.
Need adjacent Cisco practice pages too? Cisco practice hub.
How are CCNA questions generated?
dotCreds builds CCNA practice questions from Cisco documentation and source-backed references, with official or primary sources preferred first. The questions are written for realistic study practice, not copied from exam dumps.
How are explanations sourced?
Each question includes a source-backed explanation and a link to the documentation or reference used to validate the answer. If an official page is too broad, dotCreds uses a reputable answer-level reference instead of pretending a generic page proves the answer.
What score do I get?
The page tracks today's answered count and accuracy for the 10-question daily set, then saves a 7-day score history on this device so you can see your recent practice trend.
Why use this site?
The site is the fastest way to start CCNA practice without installing anything. It is built for daily recall, quick weak-topic discovery, and source-backed explanations you can review immediately.
Why use the app when available?
The web page is the quick free sampler. If a dotCreds app is available for CCNA, the app is better for larger banks, focused weak-domain drills, longer review sessions, and mobile study routines.