200+ Free CCNA Practice Questions

Pass your Cisco Certified Network Associate (200-301) exam on the first try — instant access, no signup required.

✓ No registration✓ No credit card✓ No hidden fees✓ Start practicing immediately

~25-30% Pass Rate

200+ Questions

100% Free

1 / 10

Question 1

Score: 0/0

Which network device operates at Layer 3 of the OSI model and makes forwarding decisions based on IP addresses?

Hub

Switch

Router

Bridge

to track

2026 Statistics

Key Facts: CCNA Exam

~25-30%

First-Attempt Pass Rate

Industry estimate

825/1000

Passing Score

Cisco

200-300 hrs

Study Time

Recommended

$93,830

Median Network Admin Salary

BLS 2024

$330

Exam Fee

Cisco

3 years

Certification Valid

Cisco

The CCNA 200-301 v1.1 is Cisco's associate-level networking certification with an estimated 25-30% first-attempt pass rate, making it one of the most challenging entry-level IT certifications. It requires 825/1000 to pass with 100-120 questions in 120 minutes. IP Connectivity (25%) is the largest domain. The v1.1 update (August 2024) added AI/ML in network operations and Terraform, while removing Puppet and Chef. CCNA holders earn a median of $93,830 (network administrators, BLS 2024).

Sample CCNA Practice Questions

Try these sample questions to test your CCNA exam readiness. Each question includes a detailed explanation. Start the interactive quiz above for the full 200+ question experience with AI tutoring.

1Which network device operates at Layer 3 of the OSI model and makes forwarding decisions based on IP addresses?

A.Hub

B.Switch

C.Router

D.Bridge

Explanation: A router operates at Layer 3 (Network layer) of the OSI model and uses IP addresses to make forwarding decisions between different networks. Hubs operate at Layer 1, forwarding all traffic out every port. Switches and bridges operate at Layer 2, using MAC addresses for forwarding. Routers examine the destination IP address in each packet and use their routing table to determine the best path to the destination network.

2A company uses Cisco Meraki cloud-managed access points and switches. What is a key advantage of cloud-managed network devices compared to traditional on-premises management?

A.Cloud-managed devices do not require any network connectivity after initial deployment

B.Centralized dashboard management, zero-touch provisioning, and automatic firmware updates

C.Cloud-managed devices always perform faster than locally managed devices

D.Cloud-managed devices eliminate the need for physical network hardware entirely

Explanation: Cloud-managed network devices like Cisco Meraki provide centralized management through a cloud-based dashboard, allowing administrators to configure, monitor, and troubleshoot devices from anywhere. Key benefits include zero-touch provisioning (devices auto-configure when connected to the internet), automatic firmware updates, and simplified management across multiple sites. Cloud-managed devices still require network connectivity to communicate with the management platform, they use the same physical hardware, and their forwarding performance is comparable to locally managed devices.

3Which device provides wireless connectivity to clients and typically connects to a wired switch port configured as a trunk or access port?

A.Wireless router

B.Wireless LAN controller (WLC)

C.Access point (AP)

D.Firewall

Explanation: An access point (AP) provides wireless connectivity to clients and connects to the wired network through a switch port. In enterprise environments, the AP connects to a switch port that may be configured as a trunk (to carry multiple VLANs) or an access port (for a single VLAN). A wireless LAN controller (WLC) manages the APs but does not directly provide wireless connectivity to clients in a centralized deployment. A wireless router combines routing, switching, and AP functionality in a single device, typically for small office/home office use.

4A network engineer is deploying a new branch office. The design calls for a device that can provide routing, switching, wireless, and security functions in a single platform. Which type of device best meets this requirement?

A.Layer 2 switch

B.Dedicated firewall appliance

C.Cisco Integrated Services Router (ISR)

D.Standalone wireless access point

Explanation: Cisco Integrated Services Routers (ISRs) are designed to consolidate multiple network functions into a single platform, including routing, switching, wireless, VPN, and security. This makes them ideal for branch office deployments where space, power, and management overhead must be minimized. A Layer 2 switch provides only switching, a firewall provides only security, and a standalone AP provides only wireless. The ISR platform reduces the number of devices needed and simplifies management in remote locations.

5In a three-tier campus network architecture, which layer aggregates connections from access layer switches and applies policies such as QoS and access control?

A.Core layer

B.Distribution layer

C.Access layer

D.Service layer

Explanation: The distribution layer (also called the aggregation layer) in a three-tier campus architecture aggregates connections from access layer switches, enforces network policies such as QoS, routing, filtering, and access control, and connects to the core layer. The access layer provides direct connectivity to end devices. The core layer provides high-speed backbone connectivity between distribution blocks. The three-tier model (access, distribution, core) is the traditional Cisco hierarchical design for campus networks.

6A small campus has only 200 users spread across two buildings. The network architect recommends a collapsed core design instead of a full three-tier architecture. What does this mean?

A.The access layer and core layer are combined into a single layer

B.The distribution layer and core layer functions are combined into a single layer

C.All three layers are combined into a single high-performance switch

D.The access layer is eliminated and users connect directly to core switches

Explanation: In a collapsed core (two-tier) design, the distribution layer and core layer are merged into a single layer. This is appropriate for smaller networks where a dedicated core layer would be unnecessary and cost-prohibitive. The distribution/core switches handle both policy enforcement (distribution function) and high-speed backbone connectivity (core function). The access layer remains as a separate layer, providing direct connectivity to end-user devices. This design reduces cost and complexity while still maintaining a logical hierarchical structure.

7Which network topology provides the highest redundancy by connecting every device to every other device, but becomes impractical as the network scales?

A.Star topology

B.Bus topology

C.Full mesh topology

D.Ring topology

Explanation: A full mesh topology connects every device to every other device, providing maximum redundancy and fault tolerance. If any single link fails, traffic can still reach its destination through alternate paths. However, the number of links grows exponentially with the formula n(n-1)/2, making it impractical for large networks. For example, 10 devices require 45 links, but 100 devices require 4,950 links. This is why full mesh is typically used only in small, critical areas such as WAN core connections or between distribution switches, while partial mesh is used elsewhere.

8What is the maximum cable length for a single segment of Cat 6a UTP cabling used for 10GBASE-T Ethernet?

A.55 meters

B.100 meters

C.150 meters

D.300 meters

Explanation: Cat 6a (Category 6a, augmented) UTP cabling supports 10GBASE-T Ethernet at distances up to 100 meters, the same maximum distance as Cat 5e and Cat 6 for their respective speeds. Cat 6 (non-augmented) also supports 10GBASE-T but only up to approximately 55 meters due to higher alien crosstalk at 10 Gbps frequencies. Cat 6a was specifically designed with improved shielding and tighter twist ratios to eliminate this limitation and achieve the full 100-meter distance at 10 Gbps.

9A network technician needs to connect a switch to a router using a copper Ethernet cable. Both devices have auto-MDIX disabled. Which type of cable is required?

A.Straight-through cable

B.Crossover cable

C.Rollover (console) cable

D.Coaxial cable

Explanation: Without auto-MDIX, traditional cabling rules apply. Switches use MDIX pinout on their ports, while routers, PCs, and servers use MDI pinout. When connecting unlike pin configurations (MDI to MDIX), a straight-through cable is used. This applies to switch-to-router, switch-to-PC, and switch-to-server connections. A crossover cable is required when connecting like pin configurations (MDI-to-MDI or MDIX-to-MDIX), such as switch-to-switch, router-to-router, or PC-to-PC. A rollover cable is used for console management connections. With auto-MDIX enabled (default on modern Cisco switches), any cable type works because the interface automatically detects and adjusts its pinout.

10Which type of fiber optic cable uses a larger core diameter (typically 50 or 62.5 microns) and is commonly used for shorter distances within a campus?

A.Single-mode fiber (SMF)

B.Multimode fiber (MMF)

C.Plastic optical fiber (POF)

D.Dispersion-shifted fiber (DSF)

Explanation: Multimode fiber (MMF) uses a larger core diameter (typically 50 or 62.5 microns) that allows multiple light modes (paths) to propagate simultaneously. This makes it less expensive and easier to terminate than single-mode fiber, but limits its effective distance due to modal dispersion. MMF is commonly used within buildings and campus environments for distances up to 400-550 meters at 10 Gbps (using OM3/OM4 grades). Single-mode fiber (SMF) uses a much smaller core (8-10 microns), supports a single light mode, and can span distances up to tens of kilometers, making it suitable for WAN and long-haul connections.

About the CCNA Exam

The industry-leading networking certification covering network fundamentals, IP connectivity, security, and automation. The CCNA 200-301 v1.1 (updated August 2024) includes new topics on AI/ML in network operations and Terraform. IP Connectivity is the highest-weighted domain at 25%.

Questions

102 scored questions

Time Limit

2 hours

Passing Score

825/1000

Exam Fee

$330 (Cisco / Pearson VUE)

CCNA Exam Content Outline

20%

Network Fundamentals

Network components, topologies, cabling, IPv4/IPv6, TCP/UDP, switching concepts

20%

Network Access

VLANs, trunking, STP (RPVST+), EtherChannel, wireless architectures

25%

IP Connectivity

Routing tables, static routing, OSPFv2, FHRP concepts

10%

IP Services

NAT, NTP, DHCP, DNS, SNMP, syslog, QoS, SSH

15%

Security Fundamentals

ACLs, VPNs, DHCP snooping, DAI, port security, WPA2/WPA3

10%

Automation and Programmability

SDN, REST APIs, Ansible, Terraform, AI/ML in networking

How to Pass the CCNA Exam

What You Need to Know

Passing score: 825/1000
Exam length: 102 questions
Time limit: 2 hours
Exam fee: $330

Keys to Passing

Complete 500+ practice questions
Score 80%+ consistently before scheduling
Focus on highest-weighted sections
Use our AI tutor for tough concepts

CCNA Study Tips from Top Performers

1Master subnetting — practice daily until you can subnet in your sleep (it appears across multiple domains)

2Focus on IP Connectivity (25%) — understand routing tables, OSPF adjacencies, and forwarding decisions

3Lab extensively with Cisco Packet Tracer (free) — configure VLANs, OSPF, ACLs, and NAT hands-on

4Know Cisco IOS commands: show ip route, show ip ospf neighbor, show vlan brief, show running-config

5Study the new v1.1 topics: AI/ML in networking, Terraform, and BPDU guard/filter

6Complete 500+ practice questions and score 85%+ before scheduling your exam

Frequently Asked Questions

What is the CCNA pass rate?

Cisco does not officially publish pass rates. Industry estimates suggest a 25-30% first-attempt pass rate, making CCNA one of the more challenging entry-level IT certifications. The passing score is 825 out of 1000 (~82.5%). However, with proper preparation (200-300 study hours), most dedicated candidates pass. The overall pass rate including retakes is estimated at 80-85%.

How many questions are on the CCNA exam?

The CCNA 200-301 exam has 100-120 questions (the exact number varies by exam form). Question types include multiple-choice, multiple-answer, drag-and-drop, and simulation/simlet items. You have 120 minutes (2 hours) to complete the exam. The passing score is 825 out of 1000.

What changed in CCNA v1.1?

The v1.1 update (August 2024) added: AI/ML in network operations (new topic 6.4), root guard/loop guard/BPDU filter/BPDU guard for STP, cloud-managed device access, Terraform as a configuration management tool (replacing Puppet/Chef), and authentication types for REST APIs. Domain weights remained unchanged.

How long should I study for CCNA?

Plan for 200-300 hours of study over 3-6 months. Focus heavily on IP Connectivity (25% of exam) and master subnetting, OSPF, and routing concepts. Get hands-on practice with Cisco Packet Tracer (free) or GNS3. Complete 500+ practice questions and score 85%+ consistently before scheduling. Lab practice is essential — you cannot pass CCNA with theory alone.

Is CCNA worth it in 2026?

Yes — CCNA remains the gold standard for networking careers. Network administrators earn a median of $93,830 (BLS 2024). The v1.1 update added automation and AI topics, making it more relevant than ever. CCNA is often required or preferred for network engineer, network administrator, and systems administrator roles. It's also a stepping stone to CCNP and CCIE.

What is the best way to study for CCNA?

1) Use official Cisco study materials and OCG (Official Cert Guide). 2) Practice subnetting daily until it's second nature. 3) Lab extensively with Packet Tracer or GNS3. 4) Focus on IP Connectivity (25%) and Network Fundamentals (20%) — together they're 45% of the exam. 5) Master OSPF configuration and verification. 6) Complete 500+ practice questions. 7) Learn Cisco IOS commands by doing, not just reading.