Summer Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Cisco 300-415 Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Exam Practice Test

Demo: 121 questions
Total 405 questions

Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Questions and Answers

Question 1

After deploying Cisco SD-WAN the company realized that by default, all sites built direct IPsec VPN tunnels to each other In their previous topology all spoke sites used the head office as their next hop for the LAN segment that belongs to network 40.0.0.0/16 The company wants to deploy its previous policy, which allows the 40.0.0.0/16 network that originates at the hub to advertise to the spokes. Which configuration meets the requirement'?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 2

Refer to the exhibit.

Customer XYZ cannot provison dual connectivity on both Its routers due to budget constratnts but wants to use tnth RI and R2 interface for users behind them for load toward the hub site Which configurauon achieves this objectives?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 3

A policy is created to influence routing in the network using a group of prefixes. What policy application will achieve this goal when applied to a site list?

Options:

A.

Vpn-membership policy

B.

Control-policy

C.

cflowd-template

D.

App-route policy

Question 4

Which plane assists in the automatic onboarding of the SD-WAN routers into the SD-WAN overlay?

Options:

A.

Data

B.

Orchestration

C.

Management

D.

Control

Question 5

Which port is used for vBond under controller certificates if no alternate port is configured?

Options:

A.

12345

B.

12347

C.

12346

D.

12344

Question 6

Which routing protocol has the highest default administrative distance?

Options:

A.

OMP

B.

external EIGRP

C.

IS-IS

D.

IBGP

Question 7

Refer to the exhibit.

The control connection is failing. Which action resolves the issue?

Options:

A.

import vSmart in vManager

B.

Validate the certificates authenticity on vSmart

C.

Upload the WAN Edge list on vManage.

D.

Restore the reachability to the vSmart

Question 8

A network is configured with IP connectivity, and the routing protocol between devices started having problems right after the maintenance window to implement network changes. Troubleshoot and resolve to a fully functional network to ensure that:

R4

R5

Options:

Question 9

A customer is receiving routes via OMP from vSmart controller for a specific VPN. The customer must provide access to the W2 loopback received via OMP to the OSPF neighbor on the service-side VPN, which configuration fulfils these requirements?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Question 10

Refer to the exhibit. An enterprise network is connected with an ISP network on an 80 Mbps bandwidth link. The network operation team observes 100 Mbps traffic on the 1Gig-ISP link during peak hours Which configuration provides bandwidth control to avoid traffic congestion during peak hours?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 11

Refer to the exhibit.

Which QoS treatment results from this configuration after the access list acl-guest is applied inbound on the vpn1 interface?

Options:

A.

A UDP packet sourcing from 172.16.20.1 and destined to 172.16.10.1 is accepted

B.

A TCP packet sourcing from 172.16.10.1 and destined to 172.16.20.1 is dropped

C.

A UDP packet souring from 172.16.10.1 and destined to 172.16.20.1 is dropped.

D.

A TCP packet sourcing from 172.16.20.1 and destined to 172.16.10.1 is accepted

Question 12

An engineer is applying QoS policy for the transport-side tunnel interfaces to enable scheduling and shaping for a WAN Edge cloud router Which command accomplishes the task?

Options:

A.

cloud-qos-service-side

B.

qos-scheduler QOS_0

C.

qos-map QOS

D.

rewrite-rule QOS-REWRITE

Question 13

An engineer configured a data policy called ROME-POLICY. Which configuration allows traffic flow from the Rome internal network toward other sites?

Options:

A.

apply-policy site-list Rome data-policy ROME-POLICY from-tunnel

B.

apply-policy site-list Rome data-policy ROME-POLICY from-service

C.

site-list Rome control-policy ROME-POLICY in

D.

site-list Rome control-policy ROME-POLICY out

Question 14

What happens if the intelligent proxy is unreachable in the Cisco SD-WAN network?

Options:

A.

The grey-listed domains are unresolved

B.

The Cisco Umbrella Connector locally resolves the DNS request

C.

The block-listed domains are unresolved

D.

The Cisco Umbrella Connector temporarily redirects HTTPS traffic

Question 15

Customer has two branch silos with overlapping IPs How must the data policy be configured to establish communication between the sites and server to avoid overlapping?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 16

How do WAN Edge devices operate when vSmart is inaccessible or fails to be reached by the WAN Edge?

Options:

A.

They cease to forward traffic in the data plane.

B.

They continue operation normally.

C.

They continue to receive reachability updates.

D.

They continue operating normally for a configurable time.

Question 17

Refer to the exhibit.

An MPLS connection on R2 must extend to R1 Users behind R1 must have dual connectivity for data traffic Which configuration provides R1 control connectivity over the MPLS connection?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 18

Refer to the exhibit.

An engineer configured OMP with an overlay-as of 10666. What is the AS-PATH for prefix 104.104.104.104/32 on R100?

Options:

A.

100 10666

B.

100 20 104

C.

100 10666 20 104

D.

100 10666 104

Question 19

In a Cisco SD-WAN network, which component is responsible for distributing route and policy information via the OMP?

Options:

A.

vManage

B.

vSmart Controler

C.

vBond Orchestrator

D.

WAN Edge Router

Question 20

Which two protocols are supported for software image delivery when images are hosted on a remote server? (Choose two.)

Options:

A.

HTTPS

B.

SSL

C.

HTTP

D.

TFTP

E.

FTP

Question 21

An engineer modifies a data policy for DIA in VPN 200 to meet the requirements for traffic destined to these locations:

* external networks; must be translated

* external networks; must use a public TLOC color

* syslog servers, must use a private TLOC color

Here is the existing data policy configuration:

Which policy configuration sequence set meets the requirements?

Options:

A.

B.

B.

C.

C.

Question 22

A customer must upgrade the cisco SD-WAN devices and controllers from version 19.2 to version 20.3. The devices include WAN Edge cloud, vManage, vSmart, and vBond. Which types of image types of image files are needed for this upgrade?

Options:

A.

one file for vManage and one file for all other devices with extension tar.gz

B.

one file for vManage, one for vSmart and one for vBond + WAN Edge Cloud with extension.bin

C.

one file for vManaga, one for vSmart and one for vBond + WAN Edge Cloud with extension tar.gz

D.

one file for vManaga and one file for all other devices with extension .bin

Question 23

Which configuration step is taken on vManage after WAN Edge list is uploaded?

Options:

A.

Send the list to controllers

B.

Enable the ZTP process

C.

Verify the device certificate

D.

Set the device as valid

Question 24

A company must avoid downtime at the remote sites and data plane to continue forwarding traffic between WAN Edge devices if the branch router loses connectivity to its OMP peers Which configuration meets the requirement?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 25

Which two services are critical for zero touch provisioning on-boarding? (Choose two)

Options:

A.

SNMP

B.

DNS

C.

DHCP

D.

AAA

E.

EMAIL

Question 26

Refer to exhibit.

An engineer is troubleshooting tear down of control connections even though a valid Certificate Serial Number is entered Which two actions resolve the Issue? (Choose two)

Options:

A.

Enter a valid serial number on the controllers for a given device

B.

Remove the duplicate IP in the network.

C.

Enter a valid product ID (model) on the PNP portal

D.

Match the serial number file between the controllers

E.

Restore network reachability for the controller

Question 27

Which timer specifies information in the cache after all OMP sessions are lost at location S0123T4E56F78?

Options:

A.

advertisement interval

B.

EOR timer

C.

graceful restart timer

D.

hold time

Question 28

REST applications communicate over HTTP or HTTPS to make calls between network devices. Which two HTTPS standard methods are included? (Choose two.)

Options:

A.

Array

B.

DELETE

C.

POST

D.

Scalar

E.

Object

Question 29

What is a requirement for deployment of on-premises vBond controllers through the Cisco Plug and Play Connect process?

Options:

A.

a DNS name that identifies vBond

B.

a defined controller profile

C.

Internet connectivity from vManage

D.

a CSV The that contains ail controllers

Question 30

Which configuration component is used in a firewall security policy?

Options:

A.

numbered sequences of match-action pairs

B.

application match parameters

C.

URL filtering policy

D.

intrusion prevention policy

Question 31

Drag and drop the vManage policy configuration procedures from the left onto the correct definitions on the right.

Options:

Question 32

Which platform is a Cisco SD-WAN virtual platform?

Options:

A.

Cisco ISR 4000

B.

Cisco Nexus 1000V

C.

Cisco CSR 1000V

D.

Cisco ASR 1000

Question 33

An administrator wants to create a policy to add a traffic policer called "politer-ccnp" to police data traffic on the WAN Edge. Which configuration accomplishes this task in vSmart?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 34

What is the purpose of ‘’vpn 0’’ in the configuration template when onboarding a WAN edge node?

Options:

A.

It carries control traffic over secure DTLS or TLS connections between vSmart controllers and vEdge routers, and between vSmart and vBond

B.

It carries control out-of-band network management traffic among the Viptela devices in the overlay network.

C.

It carries control traffic over secure IPsec connections between vSmart controllers and vEdge routers, and between vSmart and vManager

D.

It carries control traffic over secure IPsec connections between vSmart controllers and vEdge routers, and between vSmart and vBond

Question 35

Refer to the exhibit.

The Cisco SD-WAN network is configured with a default full-mesh topology. An engineer wants Paris WAN Edge to use the Internet HOC as the preferred TLOC for MSN Messenger and AOL Messenger traffic. Which policy achieves this goal?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 36

An engineer configures an application-aware routing policy for a group of sites The locations depend on public and private transports The policy does not work as expected when one of the transports does not perform properly This policy is configured:

which configuration completes the policy so that it works for all locations?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 37

Which two mechanisms are used by vManage to ensure that the certificate serial number of the WAN Edge router that is needed to authenticate is listed in the WAN Edge Authorized Señal Number Hst’ (Choose two)

Options:

A.

Synchronize to the PnP

B.

Manually upload it to vManage

C.

The devices register to vManage directly as the devices come online

D.

The vManage is shipped with the list

E.

Synchronize to the Smart Account

Question 38

Which actions must be taken to allow certain departments to require firewall protection when interacting with data center network without including other departments? (Choose two.)

Options:

A.

Use classification policing and marking

B.

Apply data policies at vEdge.

C.

Deploy a service-chained firewall service per VPN

D.

The regional hub advertises the availability of the firewall service

E.

Advertise lo vSmart controllers

Question 39

Refer to the exhibit vManage and vBond have an issue establishing a connection with each other Which action resolves the issue?

Options:

A.

Reconfigure the system IPs to belong to the same subnet

B.

Change the organization name on both controllers to match vipteta.com.

C.

Remove the encapsulation ipsec command under the tunnel interface of vBond

D.

Configure the encapsulation ipsec command under the tunnel interface on vManage

Question 40

Drag and drop the actions from the left into the correct sequence on the right to create a data policy to direct traffic to the Internet exit.

Options:

Question 41

What are the two protocols redistributed into OMP? (Choose two.)

Options:

A.

OSPF

B.

RIP

C.

LDP

D.

RSVP

E.

EIGRP

Question 42

Which two advanced security features are available on the Cisco SD-WAN WAN Edge (vEdge) device? (Choose two.)

Options:

A.

URL filtering

B.

snort intrusion prevention system

C.

Cisco Umbrella DNS Security

D.

Cisco AMP and AMP Threat Grid

E.

Enterprise Firewall

Question 43

Refer to the exhibit. Which configuration value is used to change the administrative distance of iBGP routes to 20?

Options:

A.

Configure internal Routes Distance to 20

B.

Configure Propagate AS Path to off

C.

Configure Local Distance to 20

D.

Configure External routes distance 20

Question 44

An engineer is troubleshooting a vEdge router and identifies a “DCONFAIL – DTLS connection failure” message. What is the problem?

Options:

A.

certificate mismatch

B.

organization mismatch

C.

memory issue

D.

connectivity issue

Question 45

An engineer creates a data policy to prevent communication from the 172.20.21.0/24 network to the 172.20.41.0/24 network. Which configuration accomplishes this task?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 46

Drag and drop the route verification output from show omp tlocs from the left onto the correct explanations on the right.

Options:

Question 47

Which vBond system configuration under VPN 0 allows for a routable public IP address even if the DNS name, hostname, or IP address of the vBond orchestrator are omitted?

Options:

A.

local

B.

vbond-only

C.

dns-name

D.

WAN

Question 48

What is the minimum Red Hat Enterprise Linux operating system requirement for a Cisco SD-WAN controller deployment via KVM?

Options:

A.

RHEL7.5

B.

RHEL 6.5

C.

RHEL4.4

D.

RHEL 6.7

Question 49

What is the main purpose of using TLOC extensions in WAN Edge router configuration?

Options:

A.

creates hardware-level transport redundancy at the local site

B.

creates an IPsec tunnel from WAN Edge to vBond Orchestrator

C.

transports control traffic to a redundant vSmart Controller

D.

transports control traffic w remote-site WAN Edge routers

Question 50

A network administrator is configuring a centralized control policy based on match action pairs for multiple conditions, which order must be configured to prefer Prefix List over TLOC and TLOC over Origin?

Options:

A.

highest to lowest sequence number

B.

nonsequential order

C.

deterministic order

D.

lowest to highest sequence number

Question 51

An engineer is configuring a data policy for IPv4 prefixes for a single WAN Edge device on a site with multiple WAN Edge devices How is this policy added using the policy configuration wizard?

Options:

A.

ln vManage NMS, select the configure ► policies screen, select the localized policy tab and click add policy

B.

In vSmart controller, select the configure ► policies screen, select the localized policy tab. and click add policy

C.

In vManage NMS. select the configure ► policies screen select the centralized policy tab and click add policy

D.

In vBond orchestrator. select the configure ► policies screen, select the localized policy tab. and click add policy

Question 52

A customer has MPLS and Internet as the TLOC colors An engineer must configure conlroJIers with the Internet and not with MPLS Which configuration achieves this requirement on vManage?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 53

How many subnets are necessary in Azure VNet for a WAN Edge device to function in the cloud deployment?

Options:

A.

CSR is the WAN Edge device that is supported in the Microsoft cloud. The Microsoft underlay cloud fabric performs the management function.

B.

There must be three subnets in VNet: management, public, and services.

C.

One public subnet is required in VNet. The Microsoft underlay cloud fabric performs all of the routing functions for WAN Edge.

D.

Public and services subnets are required in VNet. The Microsoft underlay cloud fabric performs the management function.

Question 54

What must an engineer conewef when decoying an SD-WAN on-pfemlses architecture based on ESXi hypervisor?

Options:

A.

Cisco must provision the backup and snapshots platform lor ihe SD-WAN arctoecture

B.

The managed service provider must provision controllars with their appropriate cerHwcatsi

C.

The IT team a required to provision the SO-WAN controllers and Is responsAte lor backups and disaster recovery implementation

D.

The IT team will be given access by Cisco to a vManage for configuration If templates and policies coeigmalim

Question 55

Drag and drop the components from the left onto the corresponding Cisco NFV infrastructure Building Blocks on the right. Not all options are used.

Options:

Question 56

Which two platforms for the Cisco SD-WAN architecture are deployable in a hypervisor on-premises or in IAAS Cloud? (Choose two.)

Options:

A.

CSR 1000v

B.

vEdge 100c

C.

vEdge Cloud

D.

vEdge 2000

E.

ISR 4431

Question 57

An engineer is configuring a list that matches all IP prefixes with lengths from /1 to /16 in a centralized control policy. Which list accomplishes this task?

Options:

A.

0.0.0.0/1 le 16

B.

0.0.0.0/0 ge 1

C.

0.0.0.0/0 le l6

D.

0.0.0.0/16 ge 1

Question 58

Which two hardware platforms support Cisco IOS XE SD-WAN images'' (Choose two)

Options:

A.

ASR1000 series

B.

ISR9300 series

C.

vEdge-1000 series

D.

ASR9000 series

E.

ISR4000 series

Question 59

In a Cisco SD-WAN architecture, what is the role of the WAN Edge?

Options:

A.

It provides orchestration to assist in automatic provisioning of WAN Edge routers and overlay

B.

It is the management plane responsible for centralized configuration and monitoring

C.

It is the control plane that builds and maintains network topology

D.

It is the data plane that is responsible for forwarding traffic

Question 60

Refer to the exhibit. An engineer is troubleshooting a control connection issue on a WAN Edge device that shows socket errors. The packet capture shows some ICMP packets dropped between the two devices. Which action resolves the issue?

Options:

A.

Recover the vManage controller that is down m a high availability cluster

B.

Change the system IP or restart the VWN Edge 4 the system IP is changed

C.

Remove IP duplication in the network and configure a unique IP address

D.

Recover vBond or wart for the controller to reload which could be caused by a reset

Question 61

An engineer must improve video quality by limiting HTTP traffic to the Internet without any failover. Which configuration in vManage achieves this goal?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 62

Refer to the exhibit. The network administrator has configured a centralized topology policy that results in the displayed routing table at a branch office. Which two configurations are verified by the output? [Choose two.)

Options:

A.

The routing table is for the transport VPN.

B.

The default route is learned via OMP.

C.

This routing table is from a cEdge router.

D.

The default route is configured locally.

E.

The configured policy is adding a route tag of 300 to learned routes.

Question 63

How is lhe software managed in Cisco SD-WAN?

Options:

A.

Software upgrade operation in the group must include vManage. vBond. and vSmart.

B.

Software downgrades are unsupported for vManage

C.

Software images must be uploaded to vManage through HTTP or FTP.

D.

Software images must be transferred through VPN 512 or VPN 0 of vManage.

Question 64

A bank is looking for improved customer experience for applications and reduce overhead related to compliance and security. Which key feature or features of the Cisco SD-WAN solution will help the bank to achieve their goals?

Options:

A.

Integration with PaaS providers to offer the best possible application experience

B.

QoS including application prioritization and meeting critical applications SLA for selecting optimal path.

C.

implementation of a modem age core banking system

D.

implementation of BGP across the enterprise routing for selecting optimal path

Question 65

Which routing protocol is used to exchange control plane information between vSmart controllers and WAN Edge routers in the Cisco SD-WAN secure extensible network?

Options:

A.

BGP

B.

OSPF

C.

BFD

D.

OMP

Question 66

Drag and drop the functions from the left onto the correct templates on the right.

Options:

Question 67

Which table is used by the vSmart controller to maintain service routes of the WAN Edge routers in the hub and local branches?

Options:

A.

RIB

B.

FIB

C.

OMP

D.

TLOC

Question 68

On which device is a service FW address configured to Insert firewall service at the hub?

Options:

A.

vEdge at the branch

B.

vSmart at the hub

C.

vEdge at the hub

D.

vSmart at the branch

Question 69

Which two actions are necessary to set the Controller Certificate Authorization mode to indicate a root certificate? (Choose two)

Options:

A.

Select the Controller Certificate Authorization mode that is recommended by Cisco

B.

Change the organization name of the Cisco SO-WAN fabric.

C.

Upload an SSL certificate to vManape,

D.

Select a private certificate signing authority instead of a public certificate signing authority

E.

Select a validity period from the drop-down menu

Question 70

What is the result during a WAN Edge software upgrade process if the version of the WAN Edge software is higher than the one running on a controller device?

Options:

A.

The upgrade button is greyed out

B.

The upgrade proceeds with no warning message.

C.

The upgrade fails with a warning message

D.

The upgrade proceeds with a warning message

Question 71

What prohibits deleting a VNF image from the software repository?

Options:

A.

if the image is stored by vManage

B.

if the image is referenced by a service chain

C.

if the image is uploaded by a WAN Edge device

D.

if the image is included in a configured policy

Question 72

How is multicast routing enabled on devices in the Cisco SD-WAN overlay network?

Options:

A.

The WAN Edge routers originate multicast service routes to the vSmart controller via OMP, which then forwards joins for requested multicast groups based on IGMP v1 or v2 toward the source or PIM-RP as specified m the original PIM join message.

B.

The vSmart controller originates multicast service routes to the WAN Edge routers via OMP, which then forwards joins for requested multicast groups cased on IGMP v1 or v2 toward the source or PlM-RP as specified m the original PIM join message

C.

The vSmart controller originates multicast service routes to the WAN Edge routers via OMP, which then forwards joins (or requested multicast groups based on IGMP v2 or v3 toward the source or PIM-RP as specified in the original PIM join message

D.

The WAN Edge routers originate multicast service routes to the vSmart controller via OMP. which then forwards joins for requested multicast groups based on iGMP v2 or v3 toward the source or PIM-RP as specified in the original PIM join message

Question 73

An application team is getting ready to deploy a new business-critical application to the network. To protect the traffic, the network team must add another queue to the QoS map and then deploy the map to fabric Which configuration slop must be completed prior to adding the queue to the QoS map and applying If

Options:

A.

The relationship between die new QoS class and the hardware queue must be configured from the 'lists' page of the Local Policy section of vManage. The QoS map is then applied to the WAN interface

B.

The relationship between The new QoS class and the hardware queue must be configured from the 'lists' page of the Local Policy section of vManage. The QoS map is then applied to the service-side interface.

C.

The relationship between the new QoS class and the hardware queue must be configured from the "lisla" page of the Centralized Policy section of vManage. The QoS map is then applied to the WAN interface.

D.

The relationship between the new QoS class and the hardware queue must be configured from the "lists" page of the Centralized Policy section of vManage. The QoS map is then applied to the service-side interface.

Question 74

Refer to the exhibit Which command allows traffic through the IPsec tunnel configured in VPN 0?

Options:

A.

service local

B.

service FW address 1.1.1.1

C.

service netsvc1 vpn 1

D.

service netsvc1 address 1.1.1.1

Question 75

Which platform cannot provide IPS and URL filtering capabilities?

Options:

A.

Cisco CSR 1000V

B.

Cisco ISR 1000

C.

Cisco Catalyst 8300

D.

Cisco ISR 4000

Question 76

How are custom application ports monitored in Cisco SD-WAN controllers?

Options:

A.

Customers add custom application ports in vAnalytics and vManage.

B.

Customers add custom application ports in vAnalytics and vSmart.

C.

Cisco adds custom application ports In vAnalytics and vManage.

D.

Cisco adds custom application ports In vAnalytics and vSmart.

Question 77

Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?

Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?

Options:

A.

A domain is nonexistent.

B.

A domain is block-listed.

C.

A domain is locally reachable.

D.

A domain is grey-listed.

Question 78

Which application list is preconfigured?

Options:

A.

Google_Apps

B.

Cisco Apps

C.

Microsoft_Office365

D.

P2P_Apps

Question 79

Which protocol advertises WAN edge routes on the service side?

Options:

A.

EIGRP

B.

OSPF

C.

BGP

D.

ISIS

Question 80

A WAN Edge device has several service VPNs with no routing protocol configured in the service VPNs The device must be configured so that all connected routes are visible in OMP for VPN 10 Which configuration meets the requirement?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 81

An engineer is adding a tenant with location ID 399533345 in vManage. What is the maximum number of alphanumeric characters that is accepted in the tenant name filed?

Options:

A.

64

B.

128

C.

256

D.

8

Question 82

Refer to the exhibit.

A network administrator is configuring OMP in vManage to advertise all the paths for the same prefix from a site that has two WAN Edge devices Each WAN Edge device is connected to three ISPs and two private MPLS transports. What is the minimum value for 'Number of Paths advertised per Prefix" that should be configured?

Options:

A.

2

B.

3

C.

5

D.

10

Question 83

An engineer must create a QoS policy by creating a class map and assigning it to the LLQ queue on a WAN Edge router Which configuration accomplishes the task?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 84

Refer to the exhibit. An ongineer configured OMP with an ovorlay-as of 10666. What is tho AS-PATH for prefix 104.104.104.104/32 on R1007?

Options:

A.

100 10666 104

B.

100 10666

C.

100 10666 20 104

D.

100 20 104

Question 85

A network administrator is creating an OMP feature template from the vManage GUI to be applied to WAN edge routers. Which configuration attribute will avoid the redistribution of the routes back into the OMP from the LAN side?

Options:

A.

configure "Number of Paths Advertised per Prefix"

B.

configure "Overlay AS Number"

C.

configure "Send Backup Paths"

D.

configure "ECMP limit"

Question 86

What problem happens on a device with two serial numbers, a unique device identifier (UDI), and secure unique device identifier (SUDI) when an engineer provisions ISR 4000 by PnP using only a UDI?

Options:

A.

It encounters spanning tree issues

B.

It faces interface buffer overflow patterns

C.

It encounters redirection problems.

D.

It encounters memory overload problems

Question 87

What is the OMP graceful restart default value on vSmart controllers and WAN Edge routers?

Options:

A.

21,600 seconds

B.

43,200 seconds

C.

86,400 seconds

D.

604,800 seconds

Question 88

Which policy allows communication between TLOCs of data centers and spokes and blocks communication between spokes?

Options:

A.

centralized data policy

B.

centralized control policy

C.

localized control policy

D.

localized data policy

Question 89

An engineer is adding a tenant with location JD 306432373 in vManage. What is the maximum number of alphanumeric characters that are accepted in the tenant name field?

Options:

A.

64

B.

128

C.

256

D.

8

Question 90

Which pathway under Monitor > Network > Select Device is used to verify service insertion configuration?

Options:

A.

System Status

B.

Troubleshooting

C.

Real Time

D.

Events

Question 91

Which type of route advertisement of OMP can be verified?

Options:

A.

OMP, VPN. and origin

B.

Origin, TLOC, and VPN

C.

Origin, TLOC, and service

D.

OMP, TLOC and service

Question 92

Which type of policy must be applied on a WAN Edge application-aware firewall to control traffic between two or more VPNs?

Options:

A.

service-insertion policy

B.

data policy

C.

firewall policy

D.

control policy

Question 93

A customer wants to use AWS for Cisco SD-WAN laaS services by deploying virtual SD-WAN routers in a transit AWS VPC The transit VPC then connects via site-to-site IPsec tunnels to an AWS transit gateway Which transit VPC connects via site-to-site IPsec tunnels to an AWS transit gateway?

Options:

A.

Cisco Cloud onRamp for Multicloud

B.

Cisco Cloud onRamp for SaaS

C.

Cisco Cloud onRamp for Colocation

D.

Cisco Cloud onRamp for laaS

Question 94

In the Cisco SD_WAN solution, vSmart controller is responsible for which two actions? (Choose two.)

Options:

A.

Distribute crypto key information among vEdge routers

B.

Configure and monitor vEdge routers.

C.

Authenticate and authorize vEdge routers.

D.

Distribute the IP address from DHCP server to vEdge routers.

E.

Distribute route and policy information via OMP.

Question 95

Refer to the exhibit. An engineer is enabling command line access via MPLS for in-band management. Which command completes the partial SD-WAN interface configuration with the highest degree of security?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 96

At which layer does the application-aware firewall block applications on a WAN Edge?

Options:

A.

3

B.

7

C.

5

D.

2

Question 97

What is vBond reachability resolved by vManage?

Options:

A.

OMP

B.

DNS

C.

BGP

D.

IPsec

Question 98

Refer to the exhibit. A network administrator is configuring OSPF advanced configuration pararmeters from a template using the vManager GUI for a branch WAN Edge router to calculate the cost of summary routes to an ASBR. Which action achieves this configuration?

Options:

A.

Disable RFC 1583 Compatiblt

B.

Enable Originate

C.

Enable RFC 1M3 Compatible

D.

Disable Original

Question 99

In which Cisco SD-WAN deployment scenario does Cisco Umbrella SIG deliver the most value?

Options:

A.

when a centralized Internet breakout solution is implemented

B.

when resource-intensive security operations are offloaded from entry-level WAN Edge devices

C.

when the identity of several WAN Edge devices is verified throughout the networkthroughout the network

Question 100

What is a benefit of using REST APIs?

Options:

A.

predefined automation and orchestration platform for event management and logging

B.

user-defined automation and integration into other orchestration systems or tools

C.

vAnalytics to simplify operational services integration and real-time event monitoring

D.

predefined SD-WAN controller with other platform integration for event management and logging

Question 101

Refer to the exhibit.

The tunnel interface configuration on both WAN Edge routers is:

Which configuration for WAN Edge routers will connect to the Internet?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 102

A network administrator configures SNMFV3 on a Cisco WAN Edge router from CL I for monitoring purposes How many characters are supported by the snmp user username command?

Options:

A.

from 1 to 8

B.

from 1 to 16

C.

from 1 to 32

D.

from 1 to 48

Question 103

Refer to the exhibit.

The engineer must assign community tags to 3 of its 74 critical server networks as soon as that are advertised to BGP peers. These server networks must not be advertised outside AS. Which configuration fulfill this requirement?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 104

Where on vManage does an engineer find the details of control node failure?

Options:

A.

Alarms

B.

Events

C.

Audit log

D.

Network

Question 105

Which configuration allows VPN 10 traffic to have direct internet access locally from the WAN Edge device?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 106

Which two metrics must a cloud Edge router use to pick the optimal path for a SaaS application reachable via a gateway site? (Choose two.)

Options:

A.

HTTP loss and latency metrics to the SaaS application

B.

ICMP loss and latency metrics to the SaaS application

C.

BFD loss and latency metrics to the gateway site

D.

BFD loss and latency metrics to the SaaS application

E.

HTTP loss and latency metrics to the gateway site

Question 107

Which VPNs must be configured outside the workflow to complete the SD-WAN overlay setup when using the Quick Connect workflow?

Options:

A.

service and transport VPNs

B.

service VPNs

C.

transport VPNs

D.

management VPNs

Question 108

Which controller is excluded from the process of checking against the authorized, allowed list?

Options:

A.

vBond

B.

PnP

C.

vSmart

D.

vManage

Question 109

Which component of the Cisco SD-WAN control plane architecture facilitates the storage of certificates and configurations for network components?

Options:

A.

vSmart

B.

vBond

C.

WAN Edge

D.

vManage

Question 110

Which protocol Is used by the REST API to communicate with network services in the Cisco SO-WAN network?

Options:

A.

SSL

B.

HTTP

C.

iPsec

D.

SSM

Question 111

An engineer wants to change the configuration of the certificate authorization mode from manual to automated. Which GUI selection will accomplish this?

Options:

A.

Maintenance > Security

B.

Configuration > Certificates

C.

Administration > Settings

D.

Tools > Operational Commands

Question 112

Which attributes are configured to uniquely Identify and represent a TLOC route?

Options:

A.

system IP address, link color, and encapsulation

B.

firewall, IPS, and application optimization

C.

site ID, tag, and VPN

D.

origin, originator, and preference

Question 113

An engineer is configuring a shaping rate of 1 Mbps on the WAN link of a WAN Edge router Which configuration accomplishes this task’?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 114

A network administrator is configuring Qos on a vEdge 5000 router and needs to enable it on the transport side interface. Which policy setting must be selected to accomplish this goal?

Options:

A.

Cloud QoS Service side

B.

Cloud QoS

C.

NetFlow

D.

Application

Question 115

What is the ZTP workflow for Cisco IOS XE-based devices?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 116

How is TLOC defined?

Options:

A.

It is represented by a unique identifier to specify a site in as SD-WAN architecture.

B.

It specifies a Cisco SD-WAN overlay in a multitenant vSMART deployment.

C.

It is a unique collection of GRE or iPsec encapsulation, link color, and system IP address.

D.

It is represented by group of QoS policies applied to a WAN Edge router.

Question 117

Which two REST API functions are performed for Cisco devices in an overlay network? (Choose two)

Options:

A.

distributing a Snort image among devices

B.

attaching a device configuration template

C.

managing connections for smart licensing

D.

monitoring device certificates

E.

querying a device and aggregating statistics

Question 118

Refer to exhibit. An engineer is troubleshooting tear of control connection even though a valid CertificateSerialNumber is entered. Which two actions resolve Issue? (Choose two)

Options:

A.

Restore network reachability on the controller.

B.

Enter a valid serial cumber on the controller for a given device

C.

Enter a valid product ID (mode) on the PNP portal.

D.

Match the serial number file between the controller

E.

Remove the duplicate IP in the network

Question 119

Refer to the exhibit. The Cisco SD-VYAN is deployed using the default topology. The engineer v/ants to configure a service insertion policy such that all data traffic between Rome to Paris is forwarded through the NGFW located in London. Which configuration fulfills this requirement, assuming that the Sen/ice VPN ID is 1?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 120

Refer to the exhibit The Cisco SD-WAN network is configured with a default full-mesh topology. Islamabad HQ and Islamabad WAN Edges must be used as the hub sites. Hub sites MPLS TLOC must be preferred when forwarding FTP traffic based on a configured SLA class list. Which policy configuration does the network engineer use to call the SLA class and set the preferred color to MPLS?

Options:

A.

Localized Policy, Route Policy

B.

Centralized Policy, Traffic Policy

C.

Localized Policy, Forwarding Class

D.

Centralized Policy Topology

Question 121

What are the default username and password for vSmart Controller when it is installed on a VMware ESXi hypervisor'?

Options:

A.

username Cisco password admin

B.

username admin password Cisco

C.

username Cisco password Cisco

D.

username admin password admin

Demo: 121 questions
Total 405 questions