Unlock your Full 350-401 Cisco Stable Exam

Implementing Cisco Enterprise Network Core Technologies (350-401 ENCOR) Questions and Answers

Question 1

Which API does Cisco DNA Center use to retrieve information about images?

Options:

SWIM

Img-Mgmt

PnP

Client Health

Question 2

Question # 2

Refer to the exhibit. What is the output of this code?

Question # 2

Options:

Option A

Option B

Option C

Option D

Question 3

Which DNS record type is needed to allow a Cisco AP to discover a WLC when using IPv4?

Options:

CNAME record

A record

NS record

SOA record

Question 4

Which deployment option of Cisco NGFW provides scalability?

Options:

tap

inline tap

high availability

clustering

Question 5

Drag and drop the automation characteristics from the left to the corresponding tools on the right.

Question # 5

Options:

Question 6

What is the role of the vSmart controller in a Cisco Catalyst SD-WAN environment?

Options:

It is the centralized network management system.

It manages the data plane.

It manages the control plane.

It performs authentication and authorization.

Question 7

Question # 7

Refer to the exhibit. An engineer builds an EEM script to apply an access list. Which statement must be added to complete the script?

Options:

event none

action 6.0 cli command "ip access-list extended 101"

action 2.1 cli command "ip access-list extended 101"

action 3.1 cli command "ip access-list extended 101"

Question 8

Question # 8

Reler to the exhibit. An engineer configuring WebAuth on a Cisco Catalyst 9000 Series WIC. The engineer has purchased a third-party certificate using the FQDN of the WLC as the CN and intends to use bit on the WebAuth splash page What must be configured so that the clients do not receive a certificate error?

Options:

Virtual IPv4 Address must be set to a routable address.

Virtual IPv4 Hostname must match the CN of the certificate.

Trustpoint must be set to the management certificate of the WLC.

Web Auth Intercept HTTPs must be enabled.

Question 9

Question # 9

Refer to the exhibit. The IP SLA is configured in a router. An engineer must configure an EEM applet to shut down the interface and bring it back up when there is a problem with the IP SLA. Which configuration should the engineer use?

Options:

event manager applet EEM_IP_SLAevent track 10 state down

event manager applet EEM_IP_SLAevent sla 10 state unreachable

event manager applet EEM_IP_SLAevent sla 10 state down

event manager applet EEM_IP_SLAevent track 10 state unreachable

Question 10

When a wireless client roams between two different wireless controllers, a network connectivity outage is experience for a period of time. Which configuration issue would cause this problem?

Options:

Not all of the controllers in the mobility group are using the same mobility group name.

All of the controllers within the mobility group are using the same virtual Interface IP address.

Not all of the controllers within the mobility group are using the same virtual interface IP address.

All of the controllers in the mobility group are using the same mobility group name

Question 11

Which feature is needed to maintain the IP address of a client when an inter-controller Layer 3 roam is performed between two WLCs that are using different mobility groups?

Options:

interface groups

RF groups

AAA override

auto anchor

Question 12

In a wireless network environment, which measurement compares the received signal to the background noise?

Options:

free space path loss

link power budget

fading

SNR

Question 13

An engineer is reviewing a PCAP file that contains a packet capture of a four-way handshake exchange between a dient and AP using WPA2 Enterprise Which EAPOL message validates and confirms that the client device has successfully Installed the GTK?

Options:

M4-Message

M3-Message

M2-Message

M1-Message

Question 14

Which data is properly formatted with JSON?

Question # 14

Options:

Option A

Option B

Option C

Option D

Question 15

Why does the vBond orchestrator have a public IP?

Options:

to enable vBond to learn the public IP of WAN Edge devices that are behind NAT gateways or in private address space

to facilitate downloading and distribution of operational and security patches

to allow for global reachability from all WAN Edges in the Cisco SD-WAN and to facilitate NAT traversal

to provide access to Cisco Smart Licensing servers for license enablement

Question 16

Which type of tunnel is required between two WLCs to enable intercontroller roaming?

Options:

LWAPP

CAPWAP

IPsec

mobility

Question 17

What is a Type 1 hypervisor?

Options:

runs directly on a physical server and depends on a previously installed operating system

runs directly on a physical server and includes its own operating system

runs on a virtual server and depends on an already installed operating system

run on a virtual server and includes its own operating system.

Question 18

What is a characteristic of VXLAN?

Options:

It extends Layers 2 and Layer 3 overlay network over a Layer 2 underly.

It has a 12-byte packet header.

Its frame encapsulation is performed by MAC-in-UDP.

It uses TCP for transport

Question 19

What is the function of an intermediate node in a Cisco SD-Access fabric?

Options:

to route packets within the fabric based on the Layer 3 information in the header

to provide an entry and exit point between the fabric and external resources

to encapsulate and de-encapsulate packets with a VXLAN header

to provide reachability between fabric clients and nonfabric clients on the same subnet

Question 20

What is the name of the numerical relationship of the wireless signal compared to the noise floor?

Options:

SNR

RSSI

EIRP

gain

Question 21

A customer has several small branches and wants to deploy a Wi-Fi solution with local management using CAPWAP. Which deployment model meets this requirement?

Options:

local mode

SD-Access wireless

autonomous

Mobility Express

Question 22

Question # 22

Refer to the exhibit A network engineer must use a Python script lo convert data received from a network device. Which type of data is printed to the console when the script runs?

Options:

dictionary with a key-value pair

list of lists

list of strings

tuple list

Question 23

How is a data modelling language used?

Options:

To enable data to be easily structured grouped validated and replicated

To represent finite and well-defined network elements that cannot be changed

To model the flows of unstructured data within the infrastructure

To provide human readability to scripting languages

Question 24

What is a benefit of YANG modules?

Options:

tightly coupled models with encoding to improve performance

easier multivendor interoperability provided by common or industry models

avoidance of ecosystem fragmentation by having fixed modules that cannot be changed

single protocol and model coupling to simplify maintenance and support

Question 25

Why is a Type 1 hypervisor more efficient than a Type 2 hypervisor?

Options:

Type 1 hypervisor is the only type of hypervisor that supports hardware acceleration techniques.

Type 1 hypervisor runs directly on the physical hardware of the host machine without relying on the underlying OS.

Type 1 hypervisor enables other operating systems to run on it.

Type 1 hypervisor relies on the existing OS of the host machine to access CPU, memory, storage, and network resources.

Question 26

Which two Cisco SD-Access components provide communication between traditional network elements and the controller layer? (Choose two.)

Options:

network underlay

network control platform

network data platform

partner ecosystem

fabric overlay

Question 27

Which AP mode allows an engineer to scan configured channels for rogue access points?

Options:

sniffer

monitor

bridge

local

Question 28

Which AP mode analyzes the spectrum to detect sources of interference?

Options:

Monitor

Rogue detector

SE-Connect

Sniffer

Question 29

Which two mechanisms are used with OAuth 2.0 for enhanced validation? (Choose two.)

Options:

custom headers

authentication

authorization

request management

accounting

Question 30

Which WLC discovery method uses CISCO-CAPWAP-CONTROLLER as an identifier?

Options:

static configuration

DHCP

L3 broadcast

DNS

Question 31

Which feature allows clients to perform Layer 2 roaming between wireless controllers?

Options:

SSO

N+1 high availably

mobility groups

RF grouping

Question 32

In a Cisco SD-Access wireless architecture, which device manages endpoint ID to edge node bindings?

Options:

fabric control plane node

fabric edge node

fabric border node

fabric wireless controller

Question 33

Which solution should be used in a high-density wireless environment to increase bandwidth for each user?

Options:

Increase antenna size.

Increase the cell size of each AP.

Increase the mandatory minimum data rate.

Increase TX power.

Question 34

What is contained in the VXLAN header?

Options:

original Layer 2 VLAN ID

Endpoint ID

VXLAN network identifier

source and destination RLOC ID

Question 35

Question # 35

Refer to the exhibit. Drag and drop the snippets into the RESTCONF request to form the request that returns this response. Not all options are used.

Question # 35

Options:

Question 36

What is provided by the Stealthwatch component of the Cisco Cyber Threat Defense solution?

Options:

real-time threat management to stop DDoS attacks to the core and access networks

malware control

real-time awareness of users, devices, and traffic on the network

dynamic threat control for web traffic

Question 37

A customer requests a design that includes GLBP as the FHRP. The network architect discovers that the members of the GLBP group have different throughput capabilities. Which GLBP load balancing method supports this environment?

Options:

host dependent

weighted

least connection

round robin

Question 38

Drag and drop the characteristics from the left onto the corresponding orchestration tool on the right.

Question # 38

Options:

Question 39

In which forms can Cisco Catalyst SD-WAN routers be deployed at the perimeter of a site to provide SD-WAN services?

Options:

virtualized instances

hardware, software, cloud, and virtualized instances

hardware, virtualized. and cloud instances

hardware and virtualized instances

Question 40

Question # 40

Refer to the exhibit. Based on this JSON response:

Question # 40

Which Python statement parses the response and prints "10:42:36.111 UTC Mon Jan 1 2024"?

Question # 40

Options:

printfresponset[jsonrpc'][‘body’]['simple_time'])

print(response[result'][0][,simple_time,])

printfresponsefresult'Jfbody'JfsimpleJime'])

printfresponsel'body'jrsimplejime'])

Question 41

What happens when a FlexConnect AP changes to standalone mode?

Options:

All client roaming continues to work.

All controller-dependent activities stop working except the DFS.

Only clients on central switching WLANs stay connected.

All clients on all WLANs are disconnected.

Question 42

What is one primary REST security design principle?

Options:

fail-safe defaults

password hash

adding a timestamp in requests

OAuth

Question 43

Which two protocols are used with YANG data models? (Choose two.)

Options:

NETCONF

RESTCONF

SSH

TLS

HTTPS

Question 44

A customer has two Cisco WLCs that manage separate APs throughout a building. Each WLC advertises the same SSID but terminates on different interfaces. Users report that they drop their connections and change IP addresses when roaming. Which action resolves this issue?

Options:

Enable client load balancing

Enable fast roaming.

Configure high availability.

Configure mobility groups.

Question 45

What is YANG used for?

Options:

scraping data via CLI

processing SNMP read-only polls

describing data models

prowling a transport for network configuration data between client and server

Question 46

Which method displays text directly into the active console with a synchronous EEM applet policy?

Options:

event manager applet boomevent syslog pattern 'UP'action 1.0 gets 'logging directly to console'

event manager applet boomevent syslog pattern 'UP'action 1.0 syslog priority direct msg 'log directly to console'

event manager applet boomevent syslog pattern 'UP'action 1.0 puts 'logging directly to console'

event manager applet boomevent syslog pattern 'UP'action 1.0 string 'logging directly to console'

Question 47

Which two functions is an edge node responsible for? (Choose two.)

Options:

provides multiple entry and exit points for fabric traffic

provides the default exit point for fabric traffic

provides the default entry point for fabric traffic

provides a host database that maps endpoint IDs to a current location

authenticates endpoints

Question 48

What is used to measure the total output energy of a Wi-Fi device?

Options:

dBi

EIRP

dBm

Question 49

Which technique is used to protect end user devices and data from unknown file behavior?

Options:

crypto file ransomware protection using a file hash calculation

file retrospection using continuous scan and analyses

phishing file quarantine using an internal environment to store attached files

file sandboxing using a protected environment to analyze and simulate the behavior of unknown files

Question 50

In a high-density AP environment, which feature can be used to reduce the RF cell size and not demodulate radio packets above a given threshold?

Options:

RX-SOP

FRA

80211k

RRM

Question 51

What is a TLOC in a Cisco SD-WAN deployment?

Options:

value that identifies a specific tunnel within the Cisco SD-WAN overlay

identifier that represents a specific service offered by nodes within the Cisco SD-WAN overlay

attribute that acts as a next hop for network prefixes

component set by the administrator to differentiate similar nodes that offer a common service

Question 52

Which device makes the decision for a wireless client to roam?

Options:

wireless client

Wireless LAN controller

access point

WCS location server

Question 53

Which unit measures the power of a radio signal with reference to 1 milliwatt?

Options:

dBi

dBw

dBm

Question 54

Drag and drop the wireless elements on the left to their definitions on the right.

Question # 54

Options:

Question 55

A company recently decided to use RESTCONF instead of NETCONF. and many of their NETCONF scripts contain the operation (operation-create). Which RESTCONF operation must be used to replace these statements?