Refer to the exhibit. An enterprise decides to use the Cisco SD-WAN Cloud onRamp for SaaS feature and utilize H.Q site Biz iNET to reach SaaS Cloud for branch C. currently reaching SaaS Cloud directly. Which role must be assigned to devices at both sites in vManage Cloud Express for this solution to work?
An engineer modifies a data policy for DIA in VPN 67. The location has two Internet-bound circuits. Only the web browsing traffic must be admitted for DIA. without further discrimination about which transport to use.
Here is the existing data policy configuration:
Which policy configuration sequence meets the requirements?
When the VPN membership policy is being controlled at the vSmart controller, which policy disallows VPN 1 at sites 20 and 30?
A)
B)
C)
D)
Refer to the exhibit.
What does the BFD value of 8 represent?
Which on-the-box security feature supported by the Cisco ISR 4451 SD-WAN device and not on vEdge?
Which SD-WAN component is configured to enforce a policy to redirect branch-to-branch traffic toward a network service such as a firewall or IPS?
An engineer configures policing with a rate of 125 Bps and a burst rate of 8000 bits, as shown here:
Which configuration completes this task?
What is an advantage of using auto mode versus static mode of power allocation when an access point is connected to a PoE switch port?
An engineer is tasked to improve throughput for connection-oriented traffic by decreasing round-trip latency. Which configuration will achieve this goal?
Which two sets of identifiers does OMP carry when it advertises TLOC routes between WAN Edge routers? (Choose two.)
Which encryption algorithm is used for encrypting SD-WAN data plane traffic?
Refer to the exhibit. An enterprise network is connected with an ISP network on an 80 Mbps bandwidth link. The network operation team observes 100 Mbps traffic on the 1Gig-ISP link during peak hours Which configuration provides bandwidth control to avoid traffic congestion during peak hours?
A)
B)
C)
D)
Which port is used for vBond under controller certificates if no alternate port is configured?
Which VPN connects the transport-side WAN Edge interface to the underlay/WAN network?
Refer to the exhibit.
The control connection is failing. Which action resolves the issue?
An engineering team must prepare a traffic engineering policy where an MPLS circuit is preferred for traffic coming from the Admin VLAN Internet should be used as a backup only. Which configuration fulfill this requirement?
A)
B)
C)
D)
How many subnets are necessary in Azure VNet for a WAN Edge device to function in the cloud deployment?
How are custom application ports monitored in Cisco SD-WAN controllers?
Which policy configures an application-aware routing policy under Configuration > Policies?
Which Cisco SD-WAN component facilitates the initial communication between WAN Edge devices to join the fabric?
An engineer configured a data policy called ROME-POLICY. Which configuration allows traffic flow from the Rome internal network toward other sites?
Which protocol is used between redundant vSmart controllers to establish a permanent communication channel?
Refer to the exhibit. A network administrator is setting the queueing value for voice traffic for one of the WAN Edge routers using vManager GUI. Which queue value must be set to accomplish this task?
A network administrator is configuring Qos on a vEdge 5000 router and needs to enable it on the transport side interface. Which policy setting must be selected to accomplish this goal?
Which protocol advertises WAN edge routes on the service side?
Refer to the exhibit.
The network team must configure branch B WAN Edge device 103 to establish dynamic full-mesh IPsec tunnels between all colors with branches over MPLS and Internet circuits. The branch ts configured with:
Which configuration meets the requirement?
A)
B)
C)
D)
In a Cisco SD-WAN network, which component is responsible for distributing route and policy information via the OMP?
Refer to the exhibit A WAN Edge device was recently added to vManage but a control connection could not be established Which action resolves this issue?
Which controller is used for provisioning and configuration in a Cisco SD-WAN solution?
Which value is verified in the certificates to confirm the identity of the physical WAN Edge device?
A network administrator is configuring a centralized control policy based on match action pairs for multiple conditions, which order must be configured to prefer Prefix List over TLOC and TLOC over Origin?
An organization requires the use of integrated preventative engines, exploit protection, and the most updated and advanced signature-based antivirus with sandboxing and threat intelligence to stop malicious attachments before they reach users and get executed. Which Cisco SD-WAN solution meets the requirements?
An engineer must use data prefixes to configure centralized data policies using the vManage policy configuration wizard. What is the first step to accomplish this task?
Drag and drop the policies from the left onto the correct policy types on the right.
Drag and drop the actions from the left into the correct sequence on the right to create a data policy to direct traffic to the Internet exit.
Which two virtualized environments are available for a company to install the controllers using the on-premises model? (Choose two )
How must the application-aware enterprise firewall policies be applied within the same WAN Edge router?
Refer to the exhibit.
What binding is created using the tloc-extension command?
An enterprise deployed a Cisco SD-WAN solution with hub-and-spoke topology using MPLS as the preferred network over the Internet. A network engineer must implement an application-aware routing policy to allow ICMP traffic to be load-balanced over both the available links. Which configuration meets the requirement?
A)
B)
C)
D)
An engineer builds a three-node vManage cluster and then realizes that multiple nodes are unnecessary for the size of the company. How should the engineer revert the setup to a single vManage?
Refer to the exhibit.
vManage and vBond have an issue establishing a connection to each other. Which configuration resolves the issue?
Which command on a WAN Edge device displays the information about the colors present in the fabric that are learned from vSmart via OMP?
How is TLOC defined?
What is a benefit of using REST APIs?
Which timer specifies information in the cache after all OMP sessions are lost at location S0123T4E56F78?
Which type of connection is created between a host VNet and a transit VNet when configuring Cloud OnRamp for laaS?
Which two different states of a WAN Edge certificate are shown on vManage? (Choose two.)
Which routes are similar to the IP route advertisements when the routing information of WAN Edge routers is learned from the local site and local routing protocols?
An administrator needs to configure SD-WAN to divert traffic from the company's private network to an ISP network. What action should be taken to accomplish this goal?
In which device state does the WAN edge router create control connections, but data tunnels are not created?
Which routing protocol is used to exchange control plane information between vSmart controllers and WAN Edge routers in the Cisco SD-WAN secure extensible network?
Refer to exhibit. An engineer is troubleshooting tear of control connection even though a valid CertificateSerialNumber is entered. Which two actions resolve Issue? (Choose two)
Which two products that perform lifecycle management for virtual instances are supported by WAN Edge cloud routers? (Choose two.)
A policy is created to influence routing in the network using a group of prefixes. What policy application will achieve this goal when applied to a site list?
Which two hardware platforms support Cisco IOS XE SD-WAN images'' (Choose two)
Which type of certificate is installed on vManage for a user to access vManage via a web browser?
Which OMP route is selected for equal OMP route preference values on WAN Edge routers?
How does the replicator role function in cisco SD-WAN?
Drag and drop the attributes from the left that make each transport location unique onto the right. Not all options are used.
WAN Edge routers are configured manually to use UDP port offset to use nondefault offset values when IPsec tunnels are created. What is the offse range?
REST applications communicate over HTTP or HTTPS to make calls between network devices. Which two HTTPS standard methods are included? (Choose two.)
When a WAN Edge device joins the SD-WAN overlay, which Cisco SD-WAN components orchestrates the connection between the WAN Edge device and a vSmart controller?
An engineer must configure local redundancy on a site. Which configuration accomplish this task?
An engineer must deploy a QoS policy with these requirements:
• policy name: App-police
• police rate: 1000000
• burst: 1000000
• exceed: drop
Which configuration meets the requirements?
Which protocol is configured on tunnels by default to detect loss, latency, jitter, and path failures in Cisco SD-WAN?
An engineer must configure the SD-WAN Edge router to identify DSCP 26 traffic coming from the router's local site and then change the DSCP value to DSCP 18 before sending it over to the SD-WAN fabric. What are the two ways to create the required configuration? (Choose two).
An enterprise needs DIA on some of its branches with a common location ID: A041:B70C: D78E::18 Which WAN Edge configuration meets the requirement?
A)
B)
C)
D)
How many vCPUs and how much RAM are recommended to run the vSmart controller on the KVM server for 251 to 1000 devices in software version 20.4.x?
Refer to the exhibit.
Which command-line configuration on a WAN Edge device achieves these results?
A)
B)
C)
D)
Which third-party Enterprise CA server must be used (or a cloud-based vSmart controller?
An engineer must create a QoS policy by creating a class map and assigning it to the LLQ queue on a WAN Edge router Which configuration accomplishes the task?
A)
B)
C)
D)
An engineer is troubleshooting a vEdge router and identifies a “DCONFAIL – DTLS connection failure” message. What is the problem?
Which pathway under Monitor > Network > Select Device is used to verify service insertion configuration?
Which component of the Cisco SD-WAN control plane architecture should be located in a public Internet address space and facilitates NAT-traversal?
Which component of the Cisco SD-WAN architecture oversees the control plane of overlay network to establish, adjust, and maintain the connections between the WAN Edge devices that form the Cisco SD-WAN fabric?
Which controller is excluded from the process of checking against the authorized, allowed list?
Refer to the exhibit Which configuration must the engineer use to form underlay connectivity for the Cisco SD-WAN network?
A)
B)
C)
D)
Which type of certificate is installed on vManage for a user to access vManage via a web browser?
A bank is looking for improved customer experience for applications and reduce overhead related to compliance and security. Which key feature or features of the Cisco SD-WAN solution will help the bank to achieve their goals?
What is a benefit of the application aware firewall feature in the Cisco SD-WAN solution?
If Smart Account Sync is not used, which Cisco SD-WAN component is used to upload an authorized serial number file?
Which IP address must be reachable by a WAN Edge device for the ZIP process to work?
Drag and drop the steps from the left Into the order on the right to delete a software image for a WAN Edge router starting with Maintenance > Software Upgrade > Device list on vManage.
Which configuration changes the packet loss priority from low to highly?
A)
B)
C)
D)
What are the default username and password for vSmart Controller when it is installed on a VMware ESXi hypervisor'?
Which OSPF command makes the WAN Edge router a less preferred exit from a site with a dual WAN Edge design?
A)
B)
C)
D)
The network administrator is configuring a QoS scheduling policy on traffic received from transport side tunnels on WAN Edge 5000 routers at location 406141498 Which command must be configured on these devices?
An enterprise is continuously adding new sites to its Cisco SD-WAN network. It must configure any cached routes flushed when OMP peers have lost adjacency Which configuration allows the cached OMP routes to be flushed after every 24 hours from its routing table?
Which command disables the logging of syslog messages to the local disk?
An administrator wants to create a policy to add a traffic policer called "politer-ccnp" to police data traffic on the WAN Edge. Which configuration accomplishes this task in vSmart?
What is the procedure to upgrade all Cisco SD-WAN devices to a recent version?
Which secure tunnel type should be used to connect one WAN Edge router to other WAN Edge routers?
Which alarm setting is configured to monitor serious events that affect but do not shut down, the operation of a network function?
For data plane resiliency, what does the Cisco SD-WAN software implement?
Which protocol is used to measure jitter, loss, and latency on SD-WAN overlay tunnels?
Which SD-WAN component allows an administrator to manage and store software images for SD-WAN network elements?
Refer to the exhibit A small company was acquired by a large organization As a result, the new organization decided to update information on their Enterprise RootCA and generated a new certificate using openssl Which configuration updates the new certificate and issues an alert in vManage Monitor | Events Dashboard?
A vEdge platform is sending VRRP advertisement messages every 10 seconds. Which value configures the router back to the default timer?
Refer to the exhibit. vManage logs are available for the past few months. A device name change deployed mistakenly at a critical site. How is the device name change tracked by operation and design teams?
A)
B)
C)
Refer to the exhibit, Which configuration routes Site 2 through the firewall in Site 1?
An engineer wants to track tunnel characteristics within an SLA-based policy for convergence. Which policy configuration will achieve this goal?
Which VPN must be present on at least one interface to install Cisco vManage and integrate it with WAN Edge devices in an overlay network site ID:S4307T7E78F29?
Refer to the exhibit.
Which two configurations are needed to get the WAN Edges registered with the controllers when certificates are used? (Choose two)
How is a TLOC uniquely identified from a WAN Edge router to the SD-WAN transport network?
Refer to the exhibit.
A network administrator is configuring OMP in vManage to advertise all the paths for the same prefix from a site that has two WAN Edge devices Each WAN Edge device is connected to three ISPs and two private MPLS transports. What is the minimum value for 'Number of Paths advertised per Prefix" that should be configured?
An organization wants to discover monitor and track the applications running on the WAN Edge device on the LAN Which configuration achieves this goal?
Refer to the exhibit.
The SD-WAN network is configured with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use MPLS TLOC as the preferred TLOC when communicating with Rome site. Which configuration must the engineer use to create a list to select MPLS color toward the Rome TLOC?
A)
B)
C)
D)
