March Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Cisco 400-007 Cisco Certified Design Expert (CCDE v3.0) Written Exam Exam Practice Test

Demo: 89 questions
Total 299 questions

Cisco Certified Design Expert (CCDE v3.0) Written Exam Questions and Answers

Question 1

An IT service provider is upgrading network infrastructure to comply with PCI security standards. The network team finds that 802.1X and VPN authentication based on locally-significant certificates are not available on some legacy phones.

Which workaround solution meets the requirement?

Options:

A.

Replace legacy phones with new phones because the legacy phones will lose trust if the certificate is renewed.

B.

Enable phone VPN authentication based on end-user username and password.

C.

Temporarily allow fallback to TLS 1.0 when using certificates and then upgrade the software on legacy phones.

D.

Use authentication-based clear text password with no EAP-MD5 on the legacy phones.

Question 2

Which design principal improves network resiliency?

Options:

A.

Added load-balancing

B.

Added redundancy

C.

Added confidentiality

D.

Added reliability

Question 3

Which two impacts of adding the IP event dampening feature to a network design are true? (Choose two.)

Options:

A.

It protects against routing loops.

B.

It switches traffic immediately after a link failure.

C.

lt speeds up link failure detection.

D.

It reduces the utilization of system processing resources.

E.

It improves overall network stability.

Question 4

SDN emerged as a technology trend that attracted many industries to move from traditional networks to SDN. Which challenge is solved by SDN for cloud service providers?

Options:

A.

need for intelligent traffic monitoring

B.

exponential growth of resource-intensive application

C.

complex and distributed management flow

D.

higher operating expense and capital expenditure

Question 5

What are two top cloud-native security challenges faced by today's cloud-oriented organizations? (Choose two.)

Options:

A.

establishing user roles

B.

polymorphism

C.

lack of visibility and tracking

D.

increased attack surface

E.

user credential validation

Question 6

Company XYZ, a global content provider, owns data centers on different continents Their data center design involves a standard three-layer design with a Layer 3-only core VRRP is used as the FHRP They require VLAN extension across access switches in all data centers, and they plan to purchase a Layer 2 interconnection between two of their data centers in Europe in the absence of other business or technical constraints which termination point is optimal for the Layer 2 interconnection?

Options:

A.

at the core layer, to offer the possibility to isolate STP domains

B.

at the access layer because the STP root bridge does not need to align with the VRRP active node

C.

at the core layer because all external connections must terminate there for security reasons

D.

at the aggregation layer because it is the Layer 2 to Layer 3 demarcation point

Question 7

Company ABC uses IPv4-only. Recently they started deploying new endpoint devices. For operational reasons, IPv6 cannot be disabled on these new endpoint devices. Which security measure prevents the new endpoint from learning an IPv6 prefix from an attacker?

Options:

A.

Source Guard and Prefix Guard

B.

Router Advertisement Guard

C.

Prefix Guard

D.

Secure Neighbor Discovery

Question 8

If the desire is to connect virtual network functions together to accommodate different types of network service connectivity what must be deployed?

Options:

A.

bridging

B.

service chaining

C.

linking

D.

daisy chaining

E.

switching

Question 9

You were tasked to enhance the security of a network with these characteristics:

• A pool of servers is accessed by numerous data centers and remote sites

• The servers are accessed via a cluster of firewalls

• The firewalls are configured properly and are not dropping traffic

• The firewalls occasionally cause asymmetric routing of traffic within the server data center.

Which technology should you recommend to enhance security by limiting traffic that could originate from a hacker compromising a workstation and redirecting flows at the servers?

Options:

A.

Poison certain subnets by adding static routes to Null0 on the core switches connected to the pool of servers.

B.

Deploy uRPF strict mode.

C.

Limit sources of traffic that exit the server-facing interface of the firewall cluster with ACLs.

D.

Deploy uRPF loose mode

Question 10

The network designer needs to use GLOP IP addresses in order to make them unique within their ASN Which multicast address range should be used?

Options:

A.

232.0.0.0 to 232 255.255.255

B.

H233.0.0 0 to 233.255.255 255

C.

239000 to 239255255.255

D.

224000 to 2240.0 255

Question 11

The SD-WAN architecture is composed of separate orchestration management, control, and data planes Which activity happens at the orchestration plane?

Options:

A.

automatic onboarding of the SD-WAN routers into the SD-WAN overlay

B.

decision-making process on where traffic flows

C.

packet forwarding

D.

central configuration and monitoring

Question 12

A small organization of 20 employees is looking to deliver a network design service for modernizing customer networks to support advanced solutions.

  • Project scope and weekly progress should be visualized by the management.

  • Always consider feedback and make changes accordingly during the project.

  • Should consider flexibility to change scope at the point of time.

Which project methodology meets the requirements and have the least impact on the outcome?

Options:

A.

Scrum

B.

LEAN

C.

Kanban

D.

Six-Sigma

Question 13

Company XYZ has 30 sites running a legacy private WAN architecture that connects to the Internet via multiple high- speed connections The company is now redesigning their network and must comply with these design requirements :

  • Use a private WAN strategy that allows the sites to connect to each other directly and caters for future expansion.
  • Use the Internet as the underlay for the private WAN.
  • Securely transfer the corporate data over the private WAN.

Which two technologies should be Incorporated into the design of this network? (Choose two.)

Options:

A.

S-VTI

B.

IPsec

C.

DMVPN

D.

GET VPN

E.

PPTP

Question 14

Which two statements describe the functionality of OSPF packet-pacing timers? (Choose two )

The group-pacing timer controls the interval that is used for group and individual LSA refreshment

Options:

A.

OSPF flood-pacing timers allow dynamic control of the OSPF transmission queue size

B.

OSPF retransmission-pacing timers allow control of interpacket spaang between consecutive link-state update packets in the OSPF retransmission queue.

C.

OSPF retransmission-pacing timers allow control of packet interleaving between nonconsecutive link-state update packets in the OSPF retransmission queue.

D.

OSPF flood-pacing timers allow control of interpacket spacing between consecutive link-state update packets in the OSPF transmission queue

Question 15

The network team in XYZ Corp wants to modernize their infrastructure and is evaluating an implementation and migration plan to allow integration MPLS-based, Layer 2 Ethernet services managed by a service provider to connect branches and remote offices. To decrease OpEx and improve

response times when network components fail, XYZ Corp decided to acquire and deploy new routers. The network currently is operated over E1 leased lines (2 Mbps) with a managed CE service provided by the telco.

Drag and drop the implementation steps from the left onto the corresponding targets on the right in the correct order.

Options:

Question 16

Drag and drop the characteristics from the left onto the corresponding network management options on the right.

Options:

Question 17

SDN is still maturing Throughout the evolution of SDN which two things will play a key role in enabling a successful deployment and avoiding performance visibility gaps in the infrastructure? (Choose two.)

Options:

A.

rapid on-demand growth

B.

dynamic real-time change

C.

falling back to old behaviors

D.

peer-to-peer controller infrastructure

E.

integration of device context

Question 18

Company XYZ has two routing domains in their network, EIGRP and OSPF. The company wants to provide full reachability between the two domains by implementing redistribution on a router running both protocols. They need to design the redistribution in a way that the OSPF routers will see link costs added to external routes. How must the redistribution strategy be designed for this network?

Options:

A.

Redistribute using metric type 2 into OSPF.

B.

Redistribute using metric type 1 into OSPF.

C.

Redistribute using metric type 1 into EIGRP.

D.

Redistribute using metric type 2 into EIGRP.

Question 19

A business requirement is supplied to an architect from a car manufacturer stating their business model is changing to just-in-time manufacturing and a new network is required, the manufacturer does not produce all of the specific components m-house. which area should the architect focus on initially?

Options:

A.

Automation

B.

Zero Trust Networking

C.

Low Latency Infrastructure

D.

Modularity

Question 20

In an OSPF network with routers connected together with Ethernet cabling, which topology typically takes the longest to converge?

Options:

A.

partial mesh

B.

full mesh

C.

ring

D.

squared

E.

triangulated

Question 21

Refer to the exhibit.

This network is running legacy STP 802.1 d. Assuming "hello_timer" is fixed to 2 seconds, which parameters can be modified to speed up convergence times after single link/node failure?

Options:

A.

The transit_delay=5 and dpdu_delay=20 are recommended values, considering helto_timer=2 and specified

B.

Only the maximum_transmission_halt_delay and diameter parameters are configurable parameters in 802. to speed up STP convergence process C. The max_age and forward delay parameters can be adjusted to speed up STP convergence process.

C.

Only the transit_delay and bpdu_delay timers are configurable parameters in 802.1d to speed up STP convergence process.

Question 22

Which two benefits can software-defined networks provide to businesses? (Choose two.)

Options:

A.

provides additional redundancy

B.

reduction of OpEx/CapEx

C.

reduced latency

D.

decentralized management

E.

enables innovation

F.

meets high traffic demands

Question 23

Which two advantages of using DWDM over traditional optical networks are true? (Choose two.)

Options:

A.

inherent topology flexibility and service protection provided without penalty through intelligent oversubscription of bandwidth reservation

B.

ability to expand bandwidth over existing optical Infrastructure

C.

inherent topology flexibility with built-in service protection

D.

inherent topology flexibility with intelligent chromatic dispersion

E.

inherent topology flexibility with a service protection provided through a direct integration with an upper layer protocol

Question 24

Which two conditions must be met for EIGRP to maintain an alternate loop-free path to a remote network? (Choose two.)

Options:

A.

The Reported Distance from a successor is lower than the local Feasible Distance.

B.

The Reported Distance from a successor is higher than the local Feasible Distance.

C.

The feasibility condition does not need to be met.

D.

The Feasible Distance from a successor is lower than the local Reported Distance.

E.

A feasible successor must be present.

Question 25

Which optimal use of interface dampening on a fast convergence network design is true?

Options:

A.

When occasional flaps of long duration occur

B.

when numerous adjacent flaps of very short duration occur

C.

when the router hardware it slower than the carrier delay down detection

D.

when the switch hardware is faster than the debounce timer down detection

Question 26

Which two features are advantages of SD-WAN compared to MPLS-based connectivity? (Choose two.)

Options:

A.

uses FEC constructs for traffic forwarding, thereby improving efficiency

B.

separates infrastructure and policy

C.

uses policy-based forwarding of real-time traffic with less complexity

D.

unifies the WAN backbone

E.

manages failures through backup links

Question 27

Which Interconnectivity method offers the fastest convergence in the event of a unidirectional issue between three Layer 3 switches connected together with routed links in the same rack in a data center?

Options:

A.

Copper Ethernet connectivity with BFD enabled

B.

Copper Ethernet connectivity with UDLD enabled

C.

Fiber Ethernet connectivity with BFD enabled

D.

Fiber Ethernet connectivity with UDLD enabled

Question 28

As network designer, which option is your main concern with regards to virtualizing multiple network zones into a single hardware device?

Options:

A.

Fate sharing

B.

CPU resource allocation

C.

Congestion control

D.

Security

E.

Bandwidth allocation

Question 29

Which two statements explain the operation of BFD asynchronous mode? (Choose two )

Options:

A.

BFD asynchronous mode with echo packets combines the control packets and echo packets into a single packet.

B.

BFD asynchronous mode without echo packets uses control packets, and BFD asynchronous mode with echo packets does not.

C.

BFD asynchronous mode with and without echo packets use control packets.

D.

BFD asynchronous without echo packets has control packets sent back to the originating router, which echoes the control packet to detect failures.

E.

BFD asynchronous mode with echo packets uses separate control packets and echo packets.

Question 30

Which BGP feature provides fast convergence?

Options:

A.

BGP PIC |

B.

BGP-EVPN

C.

BGP FlowSpec

D.

BGP-LS

Question 31

Company XYZ is designing the network for IPv6 security and they have these design requirements:

  • A switch or router must deny access to traffic from sources with addresses that are correct, but are topologically incorrect
  • Devices must block Neighbor Discovery Protocol resolution for destination addresses that are not found in the binding table.

Which two IPv4 security features are recommended for this company? (Choose two)

Options:

A.

IPv6 DHCP Guard

B.

IPv6 Source Guard

C.

IPv6 Destination Guard

D.

IPv6 Prefix Guard

E.

IPv6 RA Guard

Question 32

Which tool automates network implementation activities and shortens the implementation lifecycle?

Options:

A.

LISP

B.

Java

C.

Conclusion

D.

Python

Question 33

The Layer 3 control plane is the intelligence over the network that steers traffic toward its intended destination. Which two techniques can be used in service provider-style networks to offer a more dynamic, flexible, controlled, and secure control plane design? (Choose two.)

Options:

A.

access control lists

B.

firewalls

C.

QoS policy propagation with BGP

D.

remote black-holing trigger

E.

prefix lists

Question 34

Refer to the exhibit.

After a network audit a network engineer must optimize the current network convergence time The proposed solution must consider link layer and control plane failures. Which solution meets the requirements?

Options:

A.

Configure debounce timers

B.

Increase fast hello timers

C.

Implement BFD

D.

Enable LSP fast flood

Question 35

Company XYZ needs advice in redesigning their legacy Layer 2 infrastructure. Which technology should be included in the design to minimize or avoid convergence delays due to STP or FHRP and provide a loop-free topology?

Options:

A.

Use switch clustering in the access layer.

B.

Use switch clustering in the core/distribution layer.

C.

Use spanning-tree PortFast.

D.

Use BFD.

Question 36

Which two actions ensure voice quality in a branch location with a low-speed, high-latency WAN connection? (Choose two.)

Options:

A.

Increase WAN bandwidth

B.

Increase memory branch switch.

C.

Fragment data packets.

D.

Replace any electrical links with optical links

E.

Prioritize voice packets

Question 37

What are two primary design constraints when a robust infrastructure solution is created? (Choose two.)

Options:

A.

monitoring capabilities

B.

project time frame

C.

staff experience

D.

component availability

E.

total cost

Question 38

SD-WAN can be used to provide secure connectivity to remote offices, branch offices, campus networks, data centers, and the cloud over any type of IP-based underlay transport network. Which two statements describe SD WAN solutions? (Choose two.)

Options:

A.

SD-WAN networks are inherently protected against slow performance.

B.

Control and data forwarding planes are kept separate.

C.

Improved operational efficiencies result In cost savings.

D.

Solutions include centralized orchestration, control, and zero-touch provisioning.

E.

Solutions allow for variations of commodity and specialized switching hardware.

Question 39

Which two statements describe the usage of the IS-IS overload bit technique? (Choose two )

Options:

A.

lf overload-bit is set on a Level 2 intermediate system, the other Level 2 intermediate systems in the topology will stop using the overloaded IS to forward Level 2 traffic However, the intermediate system can still forward Level 1 traffic

B.

It can be set in intermediate systems (IS-IS routers) to prioritize control plane CSNP packets.

C.

It can be used to automatically synchronize the link-state database between Level 1 intermediate systems

D.

It can be set in intermediate systems (IS-IS routers) to avoid traffic black holes until routing protocols are fully converged after a reload operation.

E.

It can be set in intermediate systems (IS-IS routers) to attract transit traffic from other intermediate systems

Question 40

Company XYZ is running SNMPv1 in their network and understands that it has some flaws. They want to change the security design to implement SNMPv3 in the network Which network threat is SNMPv3 effective against?

Options:

A.

man-in-the-middle attack

B.

masquerade threats

C.

DDoS attack

D.

brute force dictionary attack

Question 41

A multicast network is sing Bidirectional PIM. Which two combined actions achieve high availability so that two RPs within the same network can act in a redundant manner? (Choose two)

Options:

A.

Use two phantom RP addresses

B.

Manipulate the administration distance of the unicast routes to the two RPs

C.

Manipulate the multicast routing table by creating static mroutes to the two RPs

D.

Advertise the two RP addresses in the routing protocol

E.

Use anycast RP based on MSDP peering between the two RPs

F.

Control routing to the two RPs through a longest match prefix

Question 42

Company XYZ uses an office model where the employees can use any open desk and plug their laptops in. They want to authenticate the end users using their domain username and password before allowing them access to the network. The design must also accommodate the ability of controlling traffic within the same group or subnet if a macro (or micro) segmentation-based model is adopted in the future. Which protocol can be recommended for this design to authenticate end users?

Options:

A.

LDAP

B.

EAP

C.

TACACS+

D.

RADIUS

Question 43

Refer to the table.

A customer investigates connectivity options for a DCI between two production data centers. The solution must provide dual 10G connections between locations with no single points of failure for Day 1 operations. It must also include an option to scale for up to 20 resilient connections in the second year to accommodate isolated SAN over IP and isolated, dedicated replication IP circuits. All connectivity methods are duplex 10 Gbps. Which transport technology costs the least over two years, in the scenario?

Options:

A.

Metro Ethernet

B.

DWDM

C.

CWDM

D.

MPLS

Question 44

Which issue poses a challenge for security architects who want end-to-end visibility of their networks?

Options:

A.

too many overlapping controls

B.

too many disparate solutions and technology silos

C.

an overabundance of manual processes

D.

a network security skills shortage

Question 45

Which two types of planning approaches are used to develop business-driven network designs and to facilitate the design decisions? (Choose two)

Options:

A.

cost optimization approach

B.

strategic planning approach

C.

modular approach

D.

tactical planning approach

E.

business optimization approach

Question 46

Which management category is not part of FCAPS framework?

Options:

A.

Configuration

B.

Security

C.

Performance

D.

Authentication

E.

Fault-management

Question 47

A network architect in an enterprise is designing a network policy for certain database applications. The goal of the policy is to allow these applications to access the internet directly, whereas other user and network applications that communicate with systems or users outside their own network must be routed through the data center. The focus is on achieving higher availability and a better user experience for the database applications, but switching between different network paths based on performance characteristics must be supported.

Which solution meets these requirements?

Options:

A.

MPLS L3VPN with QoS

B.

Cloud onRamp for laaS

C.

Cloud onRamp for SaaS

D.

MPLS direct connect

Question 48

A Tier-3 Service Provider is evolving into a Tier-2 Service Provider due to the amount of Enterprise business it is receiving The network engineers are re-evaluating their IP/MPLS design considerations in order to support duplicate/overlapping IP addressing from their Enterprise customers within each Layer3 VPN. Which concept would need to be reviewed to ensure stability in their network?

Options:

A.

Assigning unique Route Distinguishers

B.

Assigning unique Route Target ID'S

C.

Assigning unique IP address space for the Enterprise NAT/Firewalls

D.

Assigning unique VRF ID's to each L3VPN

Question 49

According to the CIA triad principles for network security design, which principle should be priority for a Zero Trust network?

Options:

A.

requirement for data-in-motion encryption and 2FA authentication

B.

requirement for data-at-rest encryption foe user identification within the VPN termination hardware

C.

categorization of systems, data, and enterprise BYOD assets that are connected to network zones based on individual privacy needs

D.

ensuring that authorized users have high-availability system access from defined zones to defined systems or zones

Question 50

Which two pain points are the most common for container technology adoption? (Choose two)

Options:

A.

Performance

B.

Security

C.

Cost

D.

Container deployment

E.

Skilled staff

F.

Compliance

Question 51

An enterprise organization currently provides WAN connectivity to their branch sites using MPLS technology, and the enterprise network team is considering rolling out SD-WAN services for all sites.

With regards to the deployment planning, drag and drop the actions from the left onto the corresponding steps on the right.

Options:

Question 52

Company XYZ is running BGP as their routing protocol. An external design consultant recommends that TCP path MTU discovery be enabled. Which effect will this have on the network?

Options:

A.

It will enhance the performance of TCP-based applications.

B.

It will increase the convergence time.

C.

It will improve the convergence time.

D.

It will create a loop free path.

Question 53

Which two characteristics are associated with 802 1s? (Choose two)

Options:

A.

802.1s supports up to 1024 instances of 802.1

B.

802.1 s is a Cisco enhancement to 802.1w.

C.

802.1s provides for faster convergence over 802 1D and PVST+.

D.

CPU and memory requirements are the highest of all spanning-tree STP implementations.

E.

802.1s maps multiple VLANs to the same spanning-tree instance

Question 54

Which two statements describe the hierarchical LAN design model? (Choose two)

Options:

A.

It is a well-understood architecture that provides scalability

B.

It is the best design for modern data centers

C.

It is the most optimal design but is highly complex

D.

It provides a simplified design

E.

Changes, upgrades, and new services can be introduced in a controlled and stagged manner

Question 55

A business wants to centralize services via VDI technology and to replace remote WAN desktop PCs with thin client-type machines to reduce operating costs Which consideration supports the new business requirement?

Options:

A.

VDI servers should be contained centrally within a DMZ

B.

The thin client traffic should be placed in a WAN QoS priority queue

C.

VDI servers should be contained within dedicated VLANs in each branch location

D.

The WAN should offer low latency and be resized

Question 56

As a network designer you need to support an enterprise with hundreds of remote sites connected over a single WAN network that carries different types of traffic, including VoIP, video, and data applications which of following design considerations will not impact design decision?

Options:

A.

Focus on the solution instead of the problem, which helps to reduce downtime duration

B.

The location of the data collection

C.

What direction the data or flows should be metered

D.

Identify traffic types and top talkers over this link

Question 57

A key to maintaining a highly available network is building in the appropriate redundancy to protect against failure. This redundancy is carefully balanced with the inherent complexity of redundant systems. Which design consideration is relevant for enterprise WAN use cases when it comes to resiliency?

Options:

A.

Design in a way that expects outages and attacks on the network and its protected resources

B.

The design approach should consider simple and centralized management aspect

C.

Design in a way that it simplifies and improves ease of deployment

D.

Design automation tools wherever it is appropriate for greater visibility

Question 58

You are designing an Out of Band Cisco Network Admission Control. Layer 3 Real-IP Gateway deployment for a customer Which VLAN must be trunked back to the Clean Access Server from the access switch?

Options:

A.

authentication VLAN

B.

user VLAN

C.

untrusted VLAN

D.

management VLAN

Question 59

Company XYZ must design a strategy to protect their routers from DoS attacks, such as traffic destined to the router's own route processor, using separate control plane categories. Which two capabilities can be used to achieve this requirement? (Choose two.)

Options:

A.

Control Plane Protection using queue thresholding on the transit subinterface

B.

Control Plane Protection using port filtering on the transit subinterface

C.

Control Plane Protection using port filtering on the main interface

D.

Control Plane Protection using queue thresholding on the host subinterface

E.

Control Plane Protection using port filtering on the host subinterface

Question 60

Sometimes SDN leverages various overlay networking technologies to create layer(s) of network abstraction. What describes an overlay network?

Options:

A.

It transmits packets that traverse over network devices like switches and routers

B.

It encapsulates packets at source and destination, which incurs additional overhead

C.

Packet delivery and reliability occurs at Layer 3 and Layer 4

D.

It is responsible for the delivery of packets; NAT- or VRF-based segregation is required

Question 61

Refer to the exhibit.

Company XYZ must design a DMVPN tunnel between the three sites Chicago is going to act as the NHS and the company wants DMVPN to detect peer endpoint failures Which technology should be used m the design?

Options:

A.

VPLS

B.

IP SLA

C.

GRE

D.

L2TPv3

Question 62

Refer to the exhibit.

This network is running EIGRP as the routing protocol and the internal networks are being advertised in EIGRP. Based on the link speeds, all traffic between London and Rome is getting propagated via Barcelona and the direct link between London and Rome is not being utilized under normal working circumstances. The EIGRP design should allow for efficiency in the routing table by minimizing the routes being exchanged. The link between London and Rome should be utilized for specific routes. Which two steps accomplish this task? (Choose two.)

Options:

A.

Configure EIGRP route summarization on all the interfaces to summarize the internal LAN routes

B.

Filter the routes on the link between London and Barcelona

C.

Filter the routes on the link between London and Rome

D.

Configure route leaking of summary routes on the link between London and Rome

Question 63

Refer to the exhibit. An architect must design an enterprise WAN that connects the headquarters with 22 branch offices. The number of remote sites is expected to triple in the next three years. The final solution must comply with these requirements:

  • Only the loopback address of each of the enterprise CE X and Y routers must be advertised to the interconnecting service provider cloud network.
  • The transport layer must carry the VPNv4 label and VPN payload over the MP-BGP control plane.
  • The transport layer must not be under service provider control.

Which enterprise WAN transport virtualization technique meets the requirements?

Options:

A.

EIGRP Over the Top

B.

MPLS over BGP over multipoint GRE

C.

DMVPN per VRF

D.

point-to-point GRE per VRF

Question 64

A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different systems using different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling?

Options:

A.

Enforce risk-based and adaptive access policies.

B.

Assess real-time security health of devices.

C.

Apply a context-based network access control policy for users.

D.

Ensure trustworthiness of devices.

Question 65

Which technology is an open-source infrastructure automation tool that automates repetitive tasks for users who work in networks such as cloud provisioning and intraservice orchestration?

Options:

A.

Ansible

B.

Contrail

C.

Java

D.

Jinja2

Question 66

Options:

A.

low bandwidth

B.

security

C scalability

C.

high latency

Question 67

Which development model is closely associated with traditional project management?

Options:

A.

static model

B.

Agile model

C.

evolutionary delivery model

D.

lifecycle model

Question 68

Drag and drop the multicast protocols from the left onto the current design situation on the right.

Options:

Question 69

An enterprise campus is adopting a network virtualization design solution with these requirements

  • It must include the ability to virtualize the data plane and control plane by using VLANs and VRFs
  • It must maintain end-to-end logical path transport separation across the network
  • resources available grouped at the access edge

Which two primary models can this network virtualization design be categorized? (Choose two)

Options:

A.

Path isolation

B.

Session isolation

C.

Group virtualization

D.

Services virtualization

E.

Edge isolation

Question 70

IPFIX data collection via standalone IPFIX probes is an alternative to flow collection from routers and switches. Which use case is suitable for using IPFIX probes?\

Options:

A.

performance monitoring

B.

security

C.

observation of critical links

D.

capacity planning

Question 71

When designing a WAN that will be carrying real-time traffic, what are two important reasons to consider serialization delay? (Choose two )

Options:

A.

Serialization delays are invariable because they depend only on the line rate of the interface

B.

Serialization delays are variable because they depend on the line rate of the interface and on the type of the packet being serialized.

C.

Serialization delay is the time required to transmit the packet on the physical media.

D.

Serialization delays are variable because they depend only on the size of the packet being serialized

E.

Serialization delay depends not only on the line rate of the interface but also on the size of the packet

Question 72

Which three Cisco products are used in conjunction with Red Hat to provide an NFVi solution? (Choose three.)

Options:

A.

Cisco Prime Service Catalog

B.

Cisco Open Virtual Switch

C.

Cisco Nexus switches

D.

Cisco UCS

E.

Cisco Open Container Platform

F.

Cisco Virtual Network Function

Question 73

An enterprise wants to provide low-cost delivery of network systems that can be scaled on business demand, followed by an initiative to reduce capital expenses for new IT equipment. Which technology meets these goals'?

Options:

A.

laaS within a private cloud

B.

laaS within an on-premises location

C.

PaaS within a public cloud

D.

SaaS within an on-premises location

Question 74

Company XYZ has a multicast domain that spans across multiple autonomous systems. The company wants to choose a technology that provides simplified and controlled approach to interconnecting the multicast domains. Which technology is the best fit for this purpose?

Options:

A.

MSDP

B.

PIM SSM

C.

MPLS

D.

PIM sparse mode

Question 75

Refer to the exhibit.

Company XYZ BGP topology is as shown in the diagram. The interface on the LA router connected toward the 10.1.5.0/24 network is faulty and is going up and down, which affects the entire routing domain. Which routing technique can be used in the routing policy design so that the rest of the network is not affected by the flapping issue?

Options:

A.

Use route dampening on LA router for the 10 1 5 0/24 network so that it does not get propagated when it flaps up and down

B.

Use route filtering on Chicago router to block the 10.1.5.0/24 network from coming in from the LA router

C.

Use route filtering on LA router to block the 10.15.0/24 network from getting propagated toward Chicago and New York

D.

Use route aggregation on LA router to summarize the 10.1.4.0V24, 10.1.5.0724, 10.1.6.0/24. and 10.1.7.0/24 networks toward Chicago

Question 76

Which parameter is the most important factor to consider when deciding service placement in a cloud solution?

Options:

A.

data replication cost

B.

application structure

C.

security framework Implementation time

D.

data confidentiality rules

Question 77

Company XYZ wants to redesign the Layer 2 part of their network and wants to use all available uplinks for increased performance. They also want to have end host reachability supporting conversational learning. However, due to design constraints, they cannot implement port-channel on the uplinks. Which other technique can be used to make sure the uplinks are in active/active state?

Options:

A.

TRILL

B.

LISP

C.

MSTP

D.

switch stack

Question 78

A company plans to use BFD between its routers to detect a connectivity problem inside the switched network. An IPS is transparently installed between the switches. Which packets shold the IPS forward for BFD to work under all circumstances?

Options:

A.

Fragmented packet with the do-not-fragment bit set

B.

IP packets with broadcast IP source addresses

C.

IP packets with the multicast IP source address

D.

IP packet with the multicast IP destination address

E.

IP packets with identical source and destination IP addresses

F.

IP packets with the destination IP address 0.0.0.0.

Question 79

Refer to the exhibit.

ACME Mining has four data centers in Santiago. Cape Town. Mumbai, and Beijing, full-mesh connected via a 400 Mb/s EVP-LAN They want to deploy a new mission-critical application with these

requirements:

  • cluster heartbeat 2 Mb/s continuous (250 KB/s)
  • cluster heartbeat one-way maximum latency 100 ms

These are the current ping tests results between the four data centers:

Which hosting data center pair can host the new application?

Options:

A.

Mumbai and Beijing

B.

Santiago and Cape Town

C.

Santiago and Mumbai

D.

Cape Town and Mumbai

E.

Cape Town and Beijing

F.

Santiago and Beijing

Question 80

Company XYZ is planning to deploy primary and secondary (disaster recovery) data center sites. Each of these sites will have redundant SAN fabrics and data protection is expected between the data center sites. The sites are 100 miles (160 km) apart and target RPO/RTO are 3 hrs and 24 hrs, respectively. Which two considerations must Company XYZ bear in mind when deploying replication in their scenario? (Choose two.)

Options:

A.

Target RPO/RTO requirements cannot be met due to the one-way delay introduced by the distance between sites.

B.

VSANs must be routed between sites to isolate fault domains and increase overall availability.

C.

Synchronous data replication must be used to meet the business requirements

D.

Asynchronous data replication should be used in this scenario to avoid performance impact in the primary site.

E.

VSANs must be extended from the primary to the secondary site to improve performance and availability.

Question 81

Retef to the exhibit.

An engineer is designing a multiarea OSPF network for a client who also has a large EIGRP domain EIGRP routes are getting redistributed into OSPF ,OSPF area 20 has routers with limited memory and CPU resources The engineer wants to block routes from EIGRP 111 from propagating into area 20 and allow EIGRP 222 routes to How in Which OSPF area type fulfills this design requirement?

Options:

A.

area 20 as a stub area

B.

type 5 LSA filtering on the ASBR between EIGRP 111 and area a

C.

area 20 as a NSSA area

D.

type 3 LSA filtering on the ABR between area 0 area 20

Question 82

An architect designs a multi-controller network architecture with these requirements:

  • Achieve fast failover to control traffic when controllers fail.

  • Yield a short distance and high resiliency in the connection between the switches and the controller.

  • Reduce connectivity loss and enable smart recovery to improve the SDN survivability.

  • Improve connectivity by adding path diversity and capacity awareness for controllers.

Which control plane component of the multi-controller must be built to meet the requirements?

Options:

A.

control node reliability

B.

controller stale consistency

C.

control path reliability

D.

controller clustering

Question 83

An enterprise plans to evolve from a traditional WAN network to a software-defined WAN network. The existing devices have limited capability when it comes to virtualization. As the migration is carried out, enterprise applications and services must not experience any traffic impact. Which implementation plan can be used to accommodate this during the migration phase?

Options:

A.

Deploy controllers, deploy SD-WAN edge routers. In the data center, and migrate branch sites.

B.

Migrate data center WAN routers, migrate branch sites, and deploy SD-WAN edge routers.

C.

Migrate branch sites, migrate data center WAN routers, and deploy controllers.

D.

Deploy SD-WAN edge routers in the data center, deploy controllers, and migrate branch sites

Question 84

A customer has a functional requirement that states HR systems within a data center should be segmented from other systems that reside in the same data center and same VLAN. The systems run legacy applications by using hard-coded IP addresses. Which segmentation method is suitable and scalable for the customer?

Options:

A.

data center perimeter firewalling

B.

VACLs on data center switches

C.

transparent firewalling

D.

routed firewalls

Question 85

What is a description of a control plane action?

Options:

A.

de-encapsulating and re-encapsulating a packet in a data-link frame

B.

matching the destination MAC address of an Ethernet frame to the MAC address table

C.

matching the destination IP address of an IP packet to the IP routing table

D.

hosts locating routers that reside on attached links using the IPv6 Neighbor Discover Protocol

Question 86

An engineer is designing the QoS strategy for Company XYZ. Based on initial analysis, a lot of scavenger type of traffic is traversing the network's 20Mb Internet link toward the service provider. The new design must use a QoS technique that limits scavenger traffic to 2 Mbps, which helps avoid oversubscription of the link during times of congestion. Which QoS technique can be used to facilitate this requirement?

Options:

A.

class-based traffic policing

B.

LLQ

C.

CBWFQ

D.

class-based traffic shaping

Question 87

Which two points must network designers consider when designing a new network design or when evaluating an existing network design to help them understand the high-level design direction with regards to the security aspects? (Choose two)

Options:

A.

Consider Business objectives and goals

B.

Consider organization’s security policy standards

C.

Consider for only multi-site networks

D.

Consider for only new network technologies and components

Question 88

Refer to the exhibit.

There are multiple trees in the Cisco FabricPath All switches in the Layer 2 fabric share the same view of each tree. Which two concepts describe how the multicast traffic is load-balanced across this topology? (Choose two )

Options:

A.

A specific (S.G) traffic is not load-balanced

B.

All trees are utilized at the same level of the traffic rate

C.

Every leaf node assigns the specific (S.G) to the same tree.

D.

A specific (S.G) multicast traffic is load-balanced across all trees due to better link utilization efficiency.

E.

The multicast traffic is generally load-balanced across all trees

Question 89

What are two design constraints in a standard spine and leaf architecture? (Choose two.)

Options:

A.

Spine switches can connect to each other.

B.

Each spine switch must connect to every leaf switch.

C.

Leaf switches must connect to each other.

D.

Endpoints connect only to the spine switches.

E.

Each leaf switch must connect to every spine switch.

Demo: 89 questions
Total 299 questions