Summer Sale- Special Discount Limited Time 65% Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

Cisco 400-007 Cisco Certified Design Expert (CCDE v3.1) Exam Practice Test

Page: 1 / 35
Total 349 questions

Cisco Certified Design Expert (CCDE v3.1) Questions and Answers

Question 1

When a company network architect is working on a new network design, they are expected to ensure that business requirements and technical aspects are factored in, but often there are other factors that come into play as well. Which non-business constraint must also be considered throughout the design phase?

Options:

A.

Location

B.

Cost

C.

Time

D.

Compliance

Question 2

Question # 2

Refer to the exhibit: A customer is migrating from a TDM-based Layer 2 VPN (L2VPN) to an MPLS Layer 3 VPN (L3VPN) in phases. The backbone OSPF connection between HUB A and HUB B will be replaced by eBGP. During the migration, some spokes (A2 and B1) are already moved to the L3VPN. The goal is to avoid routing loops during this hybrid transition.

Which design choice helps prevent routing loops during the backbone link migration?

Options:

A.

Enable route filtering on OSPF backbone routers for spoke traffic

B.

Advertise low AD value for transit traffic on hub sites

C.

OSPF backbone area advertises summarized routes to hub

D.

Redistribute EIGRP 200 and 300 with low cost into BGP

Question 3

The goal for any network designer is to strive to build a resilient network that adapts to changing conditions rapidly with minimal impact on the services running over the network. A resilient network can adapt to failures, but which soft failure can be harder to define and detect?

Options:

A.

A network with operational challenges due to lack of skills

B.

A network that is not running in an optimal way

C.

A network which does not solve complexity issues

D.

A network or service that experiences outages

Question 4

Company XYZ wants to deploy OSPF. The design plan requires that two OSPF networks be mutually redistributed at multiple locations and ensure end-to-end connectivity to all of the company's networks. Which technology can be used to fulfill the requirements while avoiding the creation of routing loops?

Options:

A.

Create a virtual link between ASBRs.

B.

Change the router ID for both ASBRs.

C.

Redistribute routes as external type 2 routes.

D.

Use route maps on ASBRs to filter routes with tags so they are not redistributed.

Question 5

A product manufacturing organization is integrating cloud services into their IT solution. The IT team is working on the preparation phase of the implementation approach, which includes the Define Strategy step. This step defines the scope of IT, the application, and the service. What is one topic that should be considered in the Define Strategy step?

Options:

A.

Financial and governance models

B.

Innovate and align with business according to volume

C.

Due diligence and financial scenarios

D.

Contingency exit strategy steps

Question 6

Sometimes SDN leverages various overlay networking technologies to create layer(s) of network abstraction. What describes an overlay network?

Options:

A.

It transmits packets that traverse over network devices like switches and routers

B.

It encapsulates packets at source and destination, which incurs additional overhead

C.

Packet delivery and reliability occurs at Layer 3 and Layer 4

D.

It is responsible for the delivery of packets; NAT- or VRF-based segregation is required

Question 7

You are designing a new Ethernet-based metro-area network for an enterprise customer to connect 50 sites within the same city. OSPF will be the routing protocol used. The customer is primarily concerned with IPv4 address conservation and convergence time. Which two combined actions do you recommend? (Choose two)

Options:

A.

Use a multipoint Metro-E service for router connections

B.

Use a single address per router for all P2P links

C.

Use P2P links between routers in a hub-and-spoke design

D.

Configure address aggregation at each site router

E.

Determine which OSPF routers will be DR/BDR

Question 8

Company XYZ wants to use the FCAPS ISO standard for network management design. The focus of the design should be to monitor and keep track of any performance issues by continuously collecting and analyzing statistical information to monitor, correct, and optimize any reduced responsiveness across the network. Which layer accomplishes this design requirement?

Options:

A.

fault management

B.

accounting management

C.

performance management

D.

security management

Question 9

Company XYZ was not satisfied with the reconvergence time OSPF is taking. BFD was implemented to try to reduce the reconvergence time, but the network is still experiencing delays when having to reconverge. Which technology will improve the design?

Options:

A.

OSPF fast hellos

B.

BFD echo

C.

Change the protocol to BGP

D.

Change the OSPF hello and dead intervals

Question 10

How can EIGRP topologies be designed to converge as fast as possible in the event of a point-to-point link failure?

Options:

A.

Limit the query domain by use of distribute lists.

B.

Build neighbor adjacencies in a triangulated fashion.

C.

Build neighbor adjacencies in squared fashion.

D.

Limit the query domain by use of summarization.

E.

Limit the query domain by use of default routes.

Question 11

Which three Cisco products are used in conjunction with Red Hat to provide an NFVi solution? (Choose three.)

Options:

A.

Cisco Prime Service Catalog

B.

Cisco Open Virtual Switch

C.

Cisco Nexus switches

D.

Cisco UCS

E.

Cisco Open Container Platform

F.

Cisco Virtual Network Function

Question 12

When designing a WAN that will be carrying real-time traffic, what are two important reasons to consider serialization delay? (Choose two.)

Options:

A.

Serialization delays are invariable because they depend only on the line rate of the interface.

B.

Serialization delays are variable because they depend on the line rate of the interface and on the type of the packet being serialized.

C.

Serialization delay is the time required to transmit the packet on the physical media.

D.

Serialization delays are variable because they depend only on the size of the packet being serialized.

E.

Serialization delay depends not only on the line rate of the interface but also on the size of the packet.

Question 13

The administrator of a small branch office wants to implement the Layer 2 network without running STP. The office has some redundant paths. Which mechanism can the administrator use to allow redundancy without creating Layer 2 loops?

Options:

A.

Use double-sided VPC on both switches

B.

Use two port channels as Flex links

C.

Use FabricPath with ECMP

D.

Use 802.3ad link bundling

Question 14

Refer to the exhibit.

Question # 14

As part of a redesign project, you must predict multicast behavior. What happens to the multicast traffic received on the shared tree (*,G), if it is received on the LHR interface indicated?

Options:

A.

It is dropped due to an unsuccessful RPF check against the multicast source

B.

It is switched given that no RPF check is performed

C.

It is switched due to a successful RPF check against the routing table

D.

It is dropped due to an unsuccessful RPF check against the multicast receiver.

Question 15

Network changes due to mergers, acquisitions, and divestitures can be highly disruptive if not carefully planned. When an organization sells part of its business, it must detach those parts of the network with minimal risk and downtime.

Which network design approach is appropriate to minimize the impact and risks as the divested parts of the network are detached?

Options:

A.

Redundant design

B.

Modular design

C.

Less complex design

D.

Routed access design

Question 16

A consultant needs to evaluate project management methodologies for a new service deployment on the existing network of a customer. The customer wants to be involved in the end-to-end project progress and be provided with frequent updates. The customer also wants the ability to change the requirements if needed, as the project progresses. Which project management methodology should be used?

Options:

A.

Three principles

B.

Phased

C.

Agile

D.

Waterfall

Question 17

An IT service provider is upgrading network infrastructure to comply with PCI security standards. The network team finds that 802.1X and VPN authentication based on locally-significant certificates are not available on some legacy phones. Which workaround solution meets the requirement?

Options:

A.

Replace legacy phones with new phones because the legacy phones will lose trust if the certificate is renewed.

B.

Enable phone VPN authentication based on end-user username and password.

C.

Temporarily allow fallback to TLS 1.0 when using certificates and then upgrade the software on legacy phones.

D.

Use authentication-based clear text password with no EAP-MD5 on the legacy phones.

Question 18

The Company XYZ network requires OSPF dead neighbor detection in a subsecond manner. However, the company network does not support BFD. Which other feature can be used to fulfill the design requirement?

Options:

A.

STP

B.

Fast hello

C.

LFA

D.

DPD

Question 19

What statement describes the application layer as defined in the software-defined networking architecture?

Options:

A.

This layer is responsible for collecting the network status such as network usage and topology.

B.

This layer contains programs that communicate their desired network behavior to controllers.

C.

This layer is responsible for handling packets based on the rules provided by the controller.

D.

This layer processes the instructions and requirements sent by networking components.

Question 20

Which two foundational aspects of IoT are still evolving and being worked on by the industry at large? (Choose two)

Options:

A.

WiFi protocols

B.

Regulatory domains

C.

Low energy Bluetooth sensors

D.

IoT consortia

E.

Standards

Question 21

Refer to the exhibit.

Question # 21

There are multiple trees in the Cisco FabricPath. All switches in the Layer 2 fabric share the same view of each tree. Which two concepts describe how the multicast traffic is load-balanced across this topology? (Choose two.)

Options:

A.

A specific (S,G) traffic is not load-balanced

B.

All trees are utilized at the same level of the traffic rate

C.

Every leaf node assigns the specific (S,G) to the same tree

D.

A specific (S,G) multicast traffic is load-balanced across all trees due to better link utilization efficiency

E.

The multicast traffic is generally load-balanced across all trees

Question 22

Which methodology is the leading lifecycle approach to network design and implementation?

Options:

A.

PPDIOO

B.

Waterfall model

C.

Spiral model

D.

V model

Question 23

What is a web-based model in which a third-party provider hosts applications that are available to customers over the Internet?

Options:

A.

PaaS

B.

SaaS

C.

IaaS

D.

WaaS

Question 24

A network engineering team is in the process of designing a lab network for a customer demonstration. The design engineer wants to show that the resiliency of the MPLS Traffic Engineering Fast Reroute solution has the same failover/failback times as a traditional SONET/SDH network (around 50 msec). In order to address both link failure and node failure within the lab topology network, which type of the MPLS TE tunnels must be considered for this demonstration?

Options:

A.

TE backup tunnel

B.

Next-hop (NHop) tunnel

C.

FRR Backup tunnel

D.

Next-next-hop (NNHop) tunnel

Question 25

The network designer needs to use GLOP IP addresses in order to make them unique within their ASN. Which multicast address range should be used?

Options:

A.

232.0.0.0 to 232.255.255.255

B.

233.0.0.0 to 233.255.255.255

C.

239.0.0.0 to 239.255.255.255

D.

224.0.0.0 to 224.0.0.255

Question 26

An engineer is designing a DMVPN network where OSPF has been chosen as the routing protocol. A spoke-to-spoke data propagation model must be set up. Which two design considerations must be taken into account? (Choose two)

Options:

A.

Configure all the sites as network type broadcast.

B.

The network type on all sites should be point-to-multipoint.

C.

The network type should be point-to-multipoint for the hub and point-to-point for the spokes.

D.

The hub should be set as the DR by specifying the priority to 255.

E.

The hub should be the DR by changing the priority of the spokes to 0.

Question 27

What advantage of placing the IS-IS Layer 2 flooding domain boundary at the core layer in a three-layer hierarchical network is true?

Options:

A.

The Layer 1 and Layer 2 domains can easily overlap

B.

It reduces the complexity of the Layer 1 domains

C.

It can be applied to any kind of topology

D.

The Layer 2 domain is contained and more stable

Question 28

A company requires an RPO of less than 10 seconds to ensure business continuity. Which technology should be deployed?

Options:

A.

Geographically dispersed data centers with asynchronous replication

B.

A single data center with duplicated infrastructure, dual PSUs, and a UPS

C.

Geographically dispersed data centers with synchronous replication

D.

A single data center with duplicated infrastructure and dual PSUs

Question 29

Which two actions ensure voice quality in a branch location with a low-speed, high-latency WAN connection? (Choose two.)

Options:

A.

Increase WAN bandwidth

B.

Increase memory branch switch.

C.

Fragment data packets.

D.

Replace any electrical links with optical links

E.

Prioritize voice packets

Question 30

A software-defined networking (SDN) controller learns network topology information by using BGP link-state sessions with the route reflectors of an MPLS-enabled network. The controller then uses the topology information to apply on-demand traffic policies to the network through a protocol that is supported from all Layer 3 routers. Each policy is represented as a RIB entry in the control plane of the router. Which SDN model has been implemented?

Options:

A.

SDN centralized

B.

SDN traffic engineering

C.

SD-WAN

D.

SDN hybrid

Question 31

You have been tasked with designing a data center interconnect as part of business continuity. You want to use FCoE over this DCI to support synchronous replication. Which two technologies allow for FCoE via lossless Ethernet or data center bridging? (Choose two.)

Options:

A.

DWDM

B.

EoMPLS

C.

SONET/SDH

D.

Multichassis EtherChannel over Pseudowire

E.

VPLS

Question 32

As a network designer, you need to support an enterprise with hundreds of remote sites connected over a single WAN network that carries different types of traffic, including VoIP, video, and data applications. Which of the following design considerations will not impact design decision?

Options:

A.

Focus on the solution instead of the problem, which helps to reduce downtime duration

B.

The location of the data collection

C.

What direction the data or flows should be metered

D.

Identify traffic types and top talkers over this link

Question 33

Which main IoT migration aspect should be reviewed for a manufacturing plant?

Options:

A.

Sensors

B.

Security

C.

Applications

D.

Wi-Fi Infrastructure

E.

Ethernet Switches

Question 34

In outsourced IT services, the RTO is defined within the SLA. Which two support terms are often included in the SLA by IT and other service providers? (Choose two.)

Options:

A.

Network size and cost

B.

Support availability

C.

Network sustainability

D.

Network reliability

E.

Resolution time

Question 35

In a redundant hub-and-spoke design with inter-spoke links, load oscillation and routing instability occur due to overload conditions. Which two design changes improve resiliency? (Choose two)

Options:

A.

Increase the number of redundant paths considered during the routing convergence calculation

B.

Eliminate links between every spoke

C.

Increase routing protocol convergence timers

D.

Increase unequal-cost parallel paths

E.

Use two links to each remote site instead of one

Question 36

An enterprise campus is adopting a network virtualization design solution with these requirements:

• It must include the ability to virtualize the data plane and control plane by using VLANs and VRFs

• It must maintain end-to-end logical path transport separation across the network

• Resources available grouped at the access edge

Which two primary models can this network virtualization design be categorized? (Choose two)

Options:

A.

Path isolation

B.

Session isolation

C.

Group virtualization

D.

Services virtualization

E.

Edge isolation

Question 37

Which two actions must be taken when assessing an existing wireless network implementation for its readiness to support voice traffic? (Choose two.)

Options:

A.

Check for high roaming delay.

B.

Check for uniform radio coverage across the floors.

C.

Check for high channel utilization.

D.

Check for latency over wireless.

E.

Identify frequent TX power changes.

Question 38

In an OSPF network with routers connected together with Ethernet cabling, which topology typically takes the longest to converge?

Options:

A.

Partial mesh

B.

Full mesh

C.

Ring

D.

Squared

E.

Triangulated

Question 39

Over the years, many solutions have been developed to limit control plane state which reduces the scope or the speed of control plane information propagation. Which solution removes more specific information about a particular destination as topological distance is covered in the network?

Options:

A.

Aggregation

B.

Summarization

C.

Back-off timers

D.

Layering

Question 40

Software-defined networking architecture is used for cost-effective, adaptable, and easily manageable applications. In which two software-defined networks is SDN commonly used? (Choose two.)

Options:

A.

Wide area network

B.

Mobile network

C.

Metro network

D.

Application network

E.

Control network

Question 41

A network architect is designing a policy where database applications access the internet directly, while other traffic routes through the data center, with dynamic path switching based on performance. Which solution meets these requirements?

Options:

A.

MPLS L3VPN with QoS

B.

Cloud OnRamp for IaaS

C.

Cloud OnRamp for SaaS

D.

MPLS Direct Connect

Question 42

Which two advantages of using DWDM over traditional optical networks are true? (Choose two.)

Options:

A.

inherent topology flexibility and service protection provided without penalty through intelligent oversubscription of bandwidth reservation

B.

ability to expand bandwidth over existing optical infrastructure

C.

inherent topology flexibility with built-in service protection

D.

inherent topology flexibility with intelligent chromatic dispersion

E.

inherent topology flexibility with service protection provided through a direct integration with an upper layer protocol

Question 43

A business invests in SDN and develops its own SDN controller that, due to budget constraints, runs on a single controller. The controller actively places an exclusive lock on the configuration of the devices to ensure it is the only source of changes to the environment. What is the result if the controller fails?

Options:

A.

All device configurations are in read-only mode until the controller is restored.

B.

The control plane is unavailable until the controller is restored.

C.

If a device fails, the configuration backup is unavailable.

D.

Manual changes are only possible until the controller is restored.

Question 44

Which design benefit of PortFast is true?

Options:

A.

PortFast does not generate a spanning tree topology change when a station on a port is connected or disconnected

B.

PortFast disables spanning tree on the port, which puts the port into the forwarding state immediately after it is connected

C.

PortFast allows small, unmanaged switches to be plugged into ports of access switches without risking switch loops

D.

PortFast detects one-way communications on the physical port, which prevents switch loops

E.

PortFast prevents switch loops that are caused by a unidirectional point-to-point link condition on Rapid PVST+ and MST

F.

PortFast prevents switched traffic from traversing suboptimal paths on the network

Question 45

Company XYZ is in the process of identifying which transport mechanism(s) to use as their WAN technology. Their main two requirements are:

    A technology that could offer DPI, SLA, secure tunnels, privacy, QoS, scalability, reliability, and ease of management.

    A technology that is cost-effective.

Which WAN technology(ies) should be included in the design of company XYZ?

Options:

A.

Software-defined WAN should be the preferred choice because it complements both technologies, covers all the required features, and it is the most cost-effective solution.

B.

Internet should be the preferred option because it is cost-effective and supports BFD, IP SLA, and IPsec for secure transport over the public Internet.

C.

Both technologies should be used. Each should be used to back up the other one; where the primary links are MPLS, the Internet should be used as a backup link with IPsec (and vice versa).

D.

MPLS meets all these requirements and it is more reliable than using the Internet. It is widely used with defined best practices and an industry standard.

Question 46

Company XYZ wants to prevent switch loops caused by unidirectional point-to-point link conditions on Rapid PVST+ and MST. Which technology can be used in the design to meet this requirement?

Options:

A.

STP BPDU Guard

B.

STP Bridge Assurance

C.

MSTP

D.

TRILL

Question 47

What is a disadvantage of the traditional three-tier architecture model when east-west traffic between different pods must go through the distribution and core layers?

Options:

A.

Low bandwidth

B.

Security

C.

Scalability

D.

High latency

Question 48

The controller has a global view of the network, and it can easily ensure that the network is in a consistent and optimal configuration. Which two statements describe a centralized SDN control path? (Choose two.)

Options:

A.

Scaling of the centralized controller cluster is challenging for services like DHCP and load-balancing.

B.

It is highly-available by design with no single-point-of-failure risks present.

C.

Integrating smart NIC capabilities on the local host level is made easier through REST APIs.

D.

It significantly improves the latency when performing reactive handling of PACKET_IN events.

E.

The centralized controller can support all southbound APIs, which allows for easy integration with legacy equipment.

Question 49

The Company XYZ network is experiencing attacks against their router. Which type of Control Plane Protection must be used on the router to protect all control plane IP traffic that is destined directly for one of the router interfaces?

Options:

A.

Control Plane Protection host subinterface

B.

Control Plane Protection main interface

C.

Control Plane Protection transit subinterface

D.

Control Plane Protection CEF-exception subinterface

Question 50

An architect prepares a network design for a startup company. The design must meet business requirements while the business grows and divests due to rapidly changing markets. What is the highest priority in this design?

Options:

A.

The network should be hierarchical.

B.

The network should be modular.

C.

The network should be scalable.

D.

The network should have a dedicated core.

Question 51

Which DCI technology utilizes a “flood and learn” technique to populate the Layer 2 forwarding table?

Options:

A.

LISP

B.

OTV

C.

VPLS

D.

EVPN

Question 52

Which feature must be part of the network design to wait a predetermined amount of time before notifying the routing protocol of a change in the path in the network?

Options:

A.

Transmit delay

B.

Throttle timer

C.

SPF hold time

D.

Interface dampening

Question 53

Company XYZ, a global content provider, owns data centers on different continents. Their data center design involves a standard three-layer design with a Layer 3-only core. VRRP is used as the FHRP. They require VLAN extension across access switches in all data centers and plan to purchase a Layer 2 interconnection between two of their data centers in Europe. In the absence of other business or technical constraints, which termination point is optimal for the Layer 2 interconnection?

Options:

A.

At the core layer, to offer the possibility to isolate STP domains

B.

At the access layer because the STP root bridge does not need to align with the VRRP active node

C.

At the core layer because all external connections must terminate there for security reasons

D.

At the aggregation layer because it is the Layer 2 to Layer 3 demarcation point

Question 54

What is a disadvantage of the traditional three-tier architecture model when east-west traffic between different pods must go through the distribution and core layers?

Options:

A.

Low bandwidth

B.

Security

C.

Scalability

D.

High latency

Question 55

Refer to the exhibit.

Question # 55

This network is running legacy STP 802.1d. Assuming "hello_timer" is fixed to 2 seconds, which parameters can be modified to speed up convergence times after single link/node failure?

Options:

A.

The transit_delay=5 and bpdu_delay=20 are recommended values, considering hello_timer=2 and specified.

B.

Only the maximum_transmission_halt_delay and diameter parameters are configurable parameters in 802.1d to speed up STP convergence process.

C.

The max_age and forward delay parameters can be adjusted to speed up STP convergence process.

D.

Only the transit_delay and bpdu_delay timers are configurable parameters in 802.1d to speed up STP convergence process.

Question 56

Company XYZ has implemented policy-based routing in their network. Which potential problem must be kept in mind about network reconvergence and PBR?

Options:

A.

It can limit network scalability

B.

It can create microloops during reconvergence

C.

It increases convergence time.

D.

It reduces convergence time.

Question 57

Which two impacts of adding the IP event dampening feature to a network design are true? (Choose two.)

Options:

A.

It protects against routing loops.

B.

It switches traffic immediately after a link failure.

C.

It speeds up link failure detection.

D.

It reduces the utilization of system processing resources.

E.

It improves overall network stability.

Question 58

Which two data plane hardening techniques are true? (Choose two)

Options:

A.

warning banners

B.

redundant AAA servers

C.

Control Plane Policing

D.

SNMPv3

E.

infrastructure ACLs

F.

disable unused services

G.

routing protocol authentication

Question 59

Which three elements help network designers to construct secure systems that protect information and resources (such as devices, communication, and data) from unauthorized access, modification, inspection, or destruction? (Choose three.)

Options:

A.

confidential

B.

serviceability

C.

reliability

D.

availability

E.

integrity

F.

scalability

Question 60

Refer to the diagram.

Question # 60

Which solution must be used to send traffic from the foreign wireless LAN controller to the anchor wireless LAN controller?

Options:

A.

Send packets from the foreign controller to the anchor controller via Layer 3 MPLS VPN or VRF-Lite

B.

Send packets without encapsulation to the anchor controller over the routed network.

C.

Encapsulate packets into an EoIP tunnel and send them to the anchor controller.

D.

Send packets from the foreign controller to the anchor controller via IPinIP or IPsec tunnel.

Question 61

Drag and drop the design use cases from the left onto the correct uRPF techniques used to prevent spoofing attacks Not all options are used.

Question # 61

Options:

Question 62

Which two statements describe the usage of the IS-IS overload bit technique? (Choose two.)

Options:

A.

If overload-bit is set on a Level 2 intermediate system, the other Level 2 intermediate systems in the topology will stop using the overloaded IS to forward Level 2 traffic. However, the intermediate system can still forward Level 1 traffic.

B.

It can be set in intermediate systems (IS-IS routers) to prioritize control plane CSNP packets.

C.

It can be used to automatically synchronize the link-state database between Level 1 intermediate systems.

D.

It can be set in intermediate systems (IS-IS routers) to avoid traffic black holes until routing protocols are fully converged after a reload operation.

E.

It can be set in intermediate systems (IS-IS routers) to attract transit traffic from other intermediate systems.

Question 63

A network design includes a long signaling delay in notifying the Layer 3 control plane that an interface has failed. Which two of these actions would reduce that delay? (Choose two.)

Options:

A.

Increase network stability.

B.

Reduce the time for the network to reconverge.

C.

Increase the notification of interface flaps.

D.

Enable lower data link layer recovery systems to have an opportunity to restore the interface.

Question 64

Which two application requirements are mandatory for traffic to receive proper treatment when placed in the priority queue? (Choose two.)

Options:

A.

Small transactions (HTTP-like behavior)

B.

WRED drop treatment

C.

Tolerance to packet loss

D.

Intolerance to jitter

E.

TCP-based application

Question 65

You are designing a network running both IPv4 and IPv6 to deploy QoS. Which consideration is correct about the QoS for IPv4 and IPv6?

Options:

A.

IPv4 and IPv6 traffic types can use queuing mechanisms such as LLQ, PQ, and CQ.

B.

IPv6 packet classification is only available with process switching, whereas IPv4 packet classification is available with both process switching and CEF.

C.

IPv6 and IPv4 traffic types can use a single QoS policy to match both protocols.

D.

Different congestion management mechanisms need to be used for IPv4 and IPv6 traffic types.

Question 66

A customer migrates from a traditional Layer 2 data center network into a new SDN-based spine-and-leaf VXLAN EVPN data center within the same location. The networks are joined to enable host migration at Layer 2. Which activity should be completed each time a legacy network is migrated?

Options:

A.

The migrated VLAN should be pruned from the Layer 2 interconnects.

B.

The migrated network should have a VXLAN VNID configured within the new network.

C.

The migrated network should be advertised to the EVPN network as a Type 2 network.

D.

The migrated network should be added to the EVPN BGP routing.

Question 67

Drag and drop the characteristics from the left onto the corresponding network management options on the right.

Question # 67

Options:

Question 68

Which Interconnectivity method offers the fastest convergence in the event of a unidirectional issue between three Layer 3 switches connected together with routed links in the same rack in a data center?

Options:

A.

Copper Ethernet connectivity with BFD enabled

B.

Copper Ethernet connectivity with UDLD enabled

C.

Fiber Ethernet connectivity with BFD enabled

D.

Fiber Ethernet connectivity with UDLD enabled

Question 69

Which issue poses a challenge for security architects who want end-to-end visibility of their networks?

Options:

A.

Too many overlapping controls

B.

Too many disparate solutions and technology silos

C.

An overabundance of manual processes

D.

A network security skills shortage

Question 70

Refer to the table.

Question # 70

A customer investigates connectivity options for a DCI between two production data centers to aid a large-scale migration project. The migration is estimated to take 20 months to complete but might extend an additional 10 months if issues arise. All connectivity options meet the requirements to migrate workloads. Which transport technology provides the best ROI based on cost and flexibility?

Options:

A.

CWDM over dark fiber

B.

MPLS

C.

DWDM over dark fiber

D.

Metro Ethernet

Question 71

What is a description of a control plane action?

Options:

A.

De-encapsulating and re-encapsulating a packet in a data-link frame

B.

Matching the destination MAC address of an Ethernet frame to the MAC address table

C.

Matching the destination IP address of an IP packet to the IP routing table

D.

Hosts locating routers that reside on attached links using the IPv6 Neighbor Discovery Protocol

Question 72

The SD-WAN architecture is composed of separate orchestration, management, control, and data planes. Which activity happens at the orchestration plane?

Options:

A.

Automatic onboarding of the SD-WAN routers into the SD-WAN overlay

B.

Decision-making process on where traffic flows

C.

Packet forwarding

D.

Central configuration and monitoring

Question 73

An international media provider faces challenges managing deployed services with a homegrown orchestration system. Which platform is well-suited as a state-aware orchestration system?

Options:

A.

Puppet

B.

Kubernetes

C.

Ansible

D.

Terraform

Question 74

An MPLS service provider is offering a standard EoMPLS-based VPLS service to Customer A, providing Layer 2 connectivity between a central site and approximately 100 remote sites. Customer A wants to use the VPLS network to carry its internal multicast video feeds which are sourced at the central site and consist of 20 groups at Mbps each. Which service provider recommendation offers the most scalability?

Options:

A.

EoMPLS-based VPLS can carry multicast traffic in a scalable manner

B.

Use a mesh of GRE tunnels to carry the streams between sites

C.

Enable snooping mechanisms on the provider PE routers

D.

Replace VPLS with a Layer 3 MVPN solution to carry the streams between sites

Question 75

Which two features are advantages of SD-WAN compared to MPLS-based connectivity? (Choose two.)

Options:

A.

Uses FEC constructs for traffic forwarding, thereby improving efficiency

B.

Separates infrastructure and policy

C.

Uses policy-based forwarding of real-time traffic with less complexity

D.

Unifies the WAN backbone

E.

Manages failures through backup links

Question 76

A multinational enterprise integrates a cloud solution with these objectives:

• Achieve seamless connectivity across different countries and regions

• Extend data center and private clouds into public clouds and provider-hosted clouds

What are two outcomes of deploying data centers and fabrics that interconnect different cloud networks? (Choose two.)

Options:

A.

Enhanced security

B.

Data and network ownership

C.

Ability to place workloads across clouds

D.

Centralized visibility

E.

Unidirectional workload mobility across the cloud

Question 77

What are two advantages of controller-based networks versus traditional networks? (Choose two.)

Options:

A.

The ability to have forwarding tables at each device

B.

More flexible configuration per device

C.

More consistent device configuration

D.

Programmatic APIs that are available per device

E.

The ability to configure the features for the network rather than per device

Question 78

Refer to the exhibit.

Question # 78

ACME Mining has four data centers in Santiago. Cape Town. Mumbai, and Beijing, full-mesh connected via a 400 Mb/s EVP-LAN They want to deploy a new mission-critical application with these

requirements:

    clusterheartbeat2Mb/s continuous (250 KB/s)

    cluster heartbeat one-way maximum latency 100 ms

These are the current ping tests results between the four data centers:

Question # 78

Which hosting data center pair can host the new application?

Options:

A.

Mumbai and Beijing

B.

Santiago and Cape Town

C.

Santiago and Mumbai

D.

Cape Town and Mumbai

E.

Cape Town and Beijing

F.

Santiago and Beijing

Question 79

Company XYZ has 30 sites running a legacy private WAN architecture that connects to the Internet via multiple high-speed connections. The company is now redesigning their network and must comply with these design requirements:

    Use a private WAN strategy that allows the sites to connect to each other directly and caters for future expansion.

    Use the Internet as the underlay for the private WAN.

    Securely transfer the corporate data over the private WAN.

Which two technologies should be incorporated into the design of this network? (Choose two.)

Options:

A.

S-VTI

B.

IPsec

C.

DMVPN

D.

GET VPN

E.

PPTP

Question 80

Router R1 is a BGP speaker with one peering neighbor over link "A". When link "A" fails, routing announcements are terminated, which results in the tearing down of the state for all BGP routes at each end of the link. What is this a good example of?

Options:

A.

Fault isolation

B.

Resiliency

C.

Redundancy

D.

Fate sharing

Question 81

Which three tools are used for ongoing monitoring and maintenance of a voice and video environment? (Choose three.)

Options:

A.

Flow-based analysis to measure bandwidth mix of applications and their flows

B.

Call management analysis to identify network convergence-related failures

C.

Call management analysis to identify CAC failures and call quality issues

D.

Active monitoring via synthetic probes to measure loss, latency, and jitter

E.

Passive monitoring via synthetic probes to measure loss, latency, and jitter

F.

Flow-based analysis with PTP time-stamping to measure loss, latency, and jitter

Question 82

Refer to the exhibit.

Question # 82

Company XYZ must design a DMVPN tunnel between the three sites. Chicago is going to act as the NHS, and the company wants DMVPN to detect peer endpoint failures. Which technology should be used in the design?

Options:

A.

VPLS

B.

IP SLA

C.

GRE

D.

L2TPv3

Question 83

How many fully established neighbour relationships exist on an Ethernet with five routers running OSPF as network type broadcast?

Options:

A.

5

B.

6

C.

7

D.

10

E.

20

Question 84

A key to maintaining a highly available network is building in the appropriate redundancy to protect against failure. This redundancy is carefully balanced with the inherent complexity of redundant systems. Which design consideration is relevant for enterprise WAN use cases when it comes to resiliency?

Options:

A.

Design in a way that expects outages and attacks on the network and its protected resources

B.

The design approach should consider simple and centralized management aspect

C.

Design in a way that it simplifies and improves ease of deployment

D.

Design automation tools wherever it is appropriate for greater visibility

Question 85

Which two benefits can software defined networks provide to businesses? (Choose two.)

Options:

A.

Provides additional redundancy

B.

Decentralized management

C.

Reduced latency

D.

Enables innovation

E.

Reduction of OpEx/CapEx

F.

Meets high traffic demands

Question 86

You are designing a network for a branch office. In order to improve convergence time, you are required to use the BFD feature. Which four routing protocols can you use to facilitate this? (Choose four.)

Options:

A.

IS-IS

B.

static

C.

RIP

D.

EIGRP

E.

BGP

Question 87

What best describes the difference between Automation and Orchestration?

Options:

A.

Automation refers to an automatic process for completing a single task and Orchestration refers to assembling and coordinating a set of tasks and conditions.

B.

Automation describes a hands-off configuration process while Orchestration refers to sets of automation tasks that require the network administrator to coordinate.

C.

Automation refers to an automatic process for completing multiple tasks with conditions and Orchestration refers to executing tasks in parallel.

D.

Automation refers to scripting languages (Python, Ansible etc.) and Orchestration refers to commercial products that control configuration deployment.

Question 88

Refer to the exhibit.

Question # 88

The WAN network of the General Bank of Greece has experienced several outages. It takes too long to activate a new branch site. The networking department of the bank plans to upgrade the legacy end-of-life WAN network with a new flexible, manageable, and scalable in-house solution. The number of branches will increase exponentially in the next fiscal year. The CTO states that the bank’s main goal is OPEX reduction. The network engineering team prepares a table to evaluate the available options. Which WAN technology can be used for the solution?

Options:

A.

DMVPN over L3VPN

B.

Managed SD-WAN

C.

SD-WAN over L3VPN

D.

SD-WAN over L2VPN

Question 89

An enterprise solution team is analyzing multilayer architecture and multicontroller SDN solutions for multisite deployments. The analysis focuses on the ability to run tasks on any controller via a standardized interface. Which requirement addresses this ability on a multicontroller platform?

Options:

A.

Deploy a root controller to gather a complete network-level view.

B.

Use the East-West API to facilitate replication between controllers within a cluster.

C.

Build direct physical connectivity between different controllers.

D.

Use OpenFlow to implement and adapt new protocols.

Question 90

When consumers that leverage IaaS reach 100% resource capacity, what can be used to redirect the overflow of traffic to the public cloud so there is no disruption to service?

Options:

A.

Cloud policing

B.

Cloud spill

C.

Cloud bursting

D.

Cloud shaping

Question 91

What is a country-specific requirement that data is subject to the laws of the country in which it is collected or processed and must remain within its borders?

Options:

A.

Data sovereignty

B.

Data rationality

C.

Data inheritance

D.

Data replication

Question 92

IPFIX data collection via standalone IPFIX probes is an alternative to flow collection from routers and switches. Which use case is suitable for using IPFIX probes?

Options:

A.

performance monitoring

B.

security

C.

observation of critical links

D.

capacity planning

Question 93

Which two statements describe network automation and network orchestration? (Choose two.)

Options:

A.

Network automation does not provide governance or policy management.

B.

Network automation spans multiple network services, vendors, and environments.

C.

Network orchestration is done through programmatic REST APIs enabling automation across devices and management platforms.

D.

Provisioning network services is an example of network automation.

E.

Network orchestration is used to run single, low-level tasks without human intervention.

Question 94

Company XYZ asks for design recommendations for Layer 2 redundancy. The company wants to prioritize fast convergence and resiliency elements. In the design, which two technologies are recommended? (Choose two.)

Options:

A.

Design MLAG/MC-LAG into the network wherever possible.

B.

Configure DHCP snooping on the switches.

C.

Use root guard.

D.

Use BPDU guard.

E.

Use UniDirectional Link Detection.

Question 95

You were tasked to enhance the security of a network with these characteristics:

    A pool of servers is accessed by numerous data centers and remote sites

    The servers are accessed via a cluster of firewalls

    The firewalls are configured properly and are not dropping traffic

    The firewalls occasionally cause asymmetric routing of traffic within the server data center.

Which technology should you recommend to enhance security by limiting traffic that could originate from a hacker compromising a workstation and redirecting flows at the servers?

Options:

A.

Poison certain subnets by adding static routes to Null0 on the core switches connected to the pool of servers.

B.

Deploy uRPF strict mode.

C.

Limit sources of traffic that exit the server-facing interface of the firewall cluster with ACLs.

D.

Deploy uRPF loose mode.

Question 96

Identity and access management between multiple users and multiple applications has become a mandatory requirement for Company XYZ to fight against ever-increasing cybersecurity threats. To achieve this, federated identity services have been deployed to provide Single Sign-On and Multi-Factor Authentication. Which protocol can be used by Company XYZ to provide authentication and authorization services?

Options:

A.

OAuth2

B.

OpenID Connect

C.

OpenID

D.

SAML2.0

Question 97

Company XYZ has a new network based on IPv6. Some of the subnets that they are planning to use will be confidential and need an addressing scheme that confines them to the local campus network. Which type of IPv6 addresses can be used for these networks in the IPv6 addressing design?

Options:

A.

local addresses

B.

private addresses

C.

link-local addresses

D.

unique local addresses

Question 98

Company XYZ wants to redesign the Layer 2 part of their network to use all uplinks for increased performance, support host reachability with conversational learning, and avoid port-channels. Which other technique can be used?

Options:

A.

TRILL

B.

LISP

C.

MSTP

D.

Switch stack

Question 99

You have been asked to design a remote access VPN solution to support up to 2000 devices. You must ensure that only corporate assets are allowed to connect to the VPN, and users must authenticate to gain access based on their user role. Users must use a password that they are already using to access existing applications. A user may not always use the same device to access the VPN. Which two options combined meet the requirements? (Choose two)

Options:

A.

Use local usernames and passwords on the VPN device

B.

Deploy a central authentication directory that users can be authenticated and authorized against

C.

Deploy certificates that are unique to each user

D.

Deploy an IPsec VPN solution

E.

Deploy certificates that are unique to each device

F.

Deploy a SSL VPN solution

Question 100

An enterprise plans to evolve from a traditional WAN network to a software-defined WAN network. The existing devices have limited capability when it comes to virtualization. As the migration is carried out, enterprise applications and services must not experience any traffic impact. Which implementation plan can be used to accommodate this during the migration phase?

Options:

A.

Deploy controllers, deploy SD-WAN edge routers in the data center, and migrate branch sites.

B.

Migrate data center WAN routers, migrate branch sites, and deploy SD-WAN edge routers.

C.

Migrate branch sites, migrate data center WAN routers, and deploy controllers.

D.

Deploy SD-WAN edge routers in the data center, deploy controllers, and migrate branch sites.

Question 101

Company XYZ is running SNMPv1 in their network and understands that it has some flaws. They want to change the security design to implement SNMPv3 in the network. Which network threat is SNMPv3 effective against?

Options:

A.

Man-in-the-middle attack

B.

Masquerade threats

C.

DDoS attack

D.

Brute force dictionary attack

Question 102

Company XYZ has two routing domains (EIGRP and OSPF). They want full reachability and need OSPF to see link costs added to external routes. How must redistribution be designed?

Options:

A.

Redistribute using metric type 2 into OSPF.

B.

Redistribute using metric type 1 into OSPF.

C.

Redistribute using metric type 1 into EIGRP.

D.

Redistribute using metric type 2 into EIGRP.

Question 103

Company XYZ is running a redundant private WAN network using OSPF as the underlay protocol. The current design accommodates for redundancy in the network, but it is taking over 30 seconds for the network to reconverge upon failure. Which technique can be implemented in the design to detect such a failure in a subsecond?

Options:

A.

STP

B.

fate sharing

C.

OSPF LFA

D.

BFD

E.

flex links

Question 104

Which two statements about MLD snooping are true? (Choose two)

Options:

A.

When MLD snooping is enabled, QoS is automatically enabled

B.

A VLAN can support multiple active MLD snooping queriers, as long as each one is associated to a different multicast group

C.

An MLD snooping querier election occurs when any MLD snooping querier goes down or if there is an IP address change on the active querier

D.

When multiple MLD snooping queriers are enabled in a VLAN, the querier with the lowest IP address in the VLAN is elected as the active MLD snooping querier

Page: 1 / 35
Total 349 questions