Summer Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Cisco 350-401 Dumps

Page: 1 / 70
Total 927 questions

Implementing Cisco Enterprise Network Core Technologies (ENCOR) Questions and Answers

Question 1

Which JSON script is properly formatted?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 2

Which action is the vSmart controller responsible for in a Cisco SO-WAN deployment?

Options:

A.

gather telemetry data from WAN Edge routes

B.

manage, maintain, and gather configuration and status for nodes within me SD-WAN fabric

C.

onboard WAN Edge nodes into the SD-WAN fabric

D.

distribute security information for tunnel establishment between WAN Edge routers

Question 3

An engineer must contigure a rou'.er to allow users to run specHic configuration commands by validating the user against the router database. Which configuration must be applied?

Options:

A.

aaa authentication network default local

B.

aaa authentication exec default local

C.

aaa authorization exec default local

D.

aaa authorization network default local

Question 4

Drag the drop the description from the left onto the routing protocol they describe on the right.

Options:

Question 5

What is a benefit of YANG modules?

Options:

A.

tightly coupled models with encoding to improve performance

B.

easier multivendor interoperability provided by common or industry models

C.

avoidance of ecosystem fragmentation by having fixed that cannot be changed

D.

single protocol and model couple to simplify maintenance and supported

Question 6

Refer to the exhibit.

Which antenna emits this radiation pattern?

Options:

A.

omnidirectional

B.

Yagi

C.

RP-TNC

D.

dish

Question 7

Simulation 10

Options:

Question 8

Which Cisco WLC feature allows a wireless device to perform a Layer 3 roam between two separate controllers without changing the client IP address?

Options:

A.

mobile IP

B.

mobility tunnel

C.

LWAPP tunnel

D.

GRE tunnel

Question 9

To which category does a REST API that has been developed for IP address management integration belong?

Options:

A.

southbound

B.

eastbound

C.

northbound

D.

westbound

Question 10

An engineer must use IP SLA to measure the network performance and record statistics hop-by-hop. Which configuration must be used?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 11

Which method ensures the confidentiality ot data exchanged over a REST API?

Options:

A.

Use the POST method instead of URL-encoded GET to pass parameters.

B.

Encode sensitive data using Base64 encoding.

C.

Deploy digest-based authentication to protect the access to the API.

D.

Use TLS to secure the underlying HTTP session.

Question 12

A technician is assisting a user who cannot connect to a website. The technician attempts to ping the default gateway and DNS server of the workstation. According to troubleshooting methodology, this is an example of:

Options:

A.

a divide-and-conquer approach.

B.

a bottom-up approach.

C.

a top-to-bottom approach.

D.

implementing a solution.

Question 13

When a branch location loses connectivity, which Cisco FlexConnect state rejects new users but allows existing users to function normally?

Options:

A.

Authentication-Down / Switch-Local

B.

Authentication-Down / Switching-Down

C.

Authentication-Local / Switch-Local

D.

Authentication-Central f Switch-Local

Question 14

What is a characteristics of traffic shaping?

Options:

A.

can be applied in both traffic direction

B.

queues out-of-profile packets until the buffer is full

C.

drops out-of-profile packets

D.

causes TCP retransmits when packet are dropped

Question 15

Which configuration enables a device to be configured via NETCONF over SSHv2?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 16

Drag and drop the code snippets from the bottom onto the blanks in the Python script to convert a Python object into a JSON string. Not all options are used.

Options:

Question 17

What function does VXLAN perform in a Cisco SD-Access deployment?

Options:

A.

data plane forwarding

B.

control plane forwarding

C.

systems management and orchestration

D.

policy plane forwarding

Question 18

Which security feature does stateless authentication and authorization use for REST API calls?

Options:

A.

OAuth 2 token

B.

API keys

C.

SSL/TLS certificate encryption

D.

Cookie-based session authentication

Question 19

Which function is performed by vSmart in the Cisco SD-WAN architecture?

Options:

A.

distribution of IPsec keys

B.

Redistribution between OMP and other routing protocols

C.

facilitation of NAT detection and traversal

D.

execution of localized policies

Question 20

A wireless network engineer must configure a WPA2+WPA3 policy with the Personal security type. Which action meets this requirement?

Options:

A.

Configure the GCMP256 encryption cipher.

B.

Configure the CCMP256 encryption cipher.

C.

Configure the CCMP128 encryption cipher.

D.

Configure the GCMP128 encryption cipher.

Question 21

What is a characteristic of the Cisco DMA Center Template Editor feature?

Options:

A.

It facilitates software upgrades lo network devices from a central point.

B.

It facilitates a vulnerability assessment of the network devices.

C.

It provides a high-level overview of the health of every network device.

D.

It uses a predefined configuration through parameterized elements or variables.

Question 22

An engineer receives a report that an application exhibits poor performance. On the switch where the server is connected, this syslog message is visible:

SW_MATM4-MACFLAP_N0HF: Host 0054.3831.8253 in vlan 14 is flapping between port GUAM and port Gi1/0/2.

What is causing the problem?

Options:

A.

wrong SFP+ and cable connected between the server and the switch

B.

undesirable load-balancing configuration on the switch

C.

failed NIC on the server

D.

invalid port channel configuration on the switch

Question 23

Which of the following should a junior security administrator recommend implementing to mitigate malicious network activity?

Options:

A.

Intrusion prevention system

B.

Load balancer

C.

Access logging

D.

Endpoint encryption

Question 24

A network administrator wants to install new VoIP switches in a small network closet but is concerned about the current heat level of the room. Which of the following should the administrator take into consideration before installing the new equipment?

Options:

A.

The power load of the switches

B.

The humidity in the room

C.

The fire suppression system

D.

The direction of airflow within the switches

Question 25

Refer to the exhibit. What is the result of this Python code?

Options:

A.

1

B.

0

C.

7

D.

7.5

Question 26

A company recently rearranged some users' workspaces and moved several users to different desks. The network administrator receives a report that all of the users who were moved are having connectivity issues. Which of the following is the most likely reason?

Options:

A.

Ports are error disabled.

B.

Ports are administratively down.

C.

Ports are having an MDIX issue.

D.

Ports are trunk ports.

Question 27

in Cisco DNA Center what is used to publish events and notifications to a third party product such as IPAM?

Options:

A.

intent API

B.

southbound SDK

C.

integration API

D.

RESTfulAPI

Question 28

What is a command-line tool for consuming REST APIs?

Options:

A.

Postman

B.

CURL

C.

Firefox

D.

Python requests

Question 29

What is a characteristics of Cisco SD-WAN?

Options:

A.

operates over DTLS/TLS authenticated and secured tunnels

B.

requires manual secure tunnel configuration

C.

uses unique per-device feature templates

D.

uses control connections between routers

Question 30

A wireless administrator must create a new web authentication corporate SSID that will be using ISE as the external RADIUS server. The guest VLAN must be specified after the authentication completes. Which action must be performed to allow the ISE server to specify the guest VLAN?

Options:

A.

Set AAA Policy name.

B.

Enable AAA Override

C.

Set RADIUS Profiling

D.

Enable Network Access Control State.

Question 31

Why would an architect use an OSPF virtual link?

Options:

A.

to allow a stub area to transit another stub area

B.

to connect two networks that have overlapping private IP address space

C.

to merge two existing Area Os through a nonbackbone

D.

to connect a nonbackbone area to Area 0 through another nonbackbone area

Question 32

Simulation 07

Options:

Question 33

Drag and drop the automation characteristics from the left to the corresponding tools on the right.

Options:

Question 34

Refer to the exhibit. What is the result of the configuration?

Options:

A.

It enables NTP in client mode

B.

It allows interface g0/1 to send and receive NTP broadcast packets

C.

It allows interface g0/1 to send NTP broadcast packets.

D.

It allows interface g0/1 to receive NTP broadcast packets.

Question 35

Refer to the exhibit.

Which HTTP request produced the REST API response that was returned by Cisco DNA Center?

Options:

A.

fetch /network-device?macAddress=ac:4a:56:6c:7c:00

B.

POST/network-device?macAddress=ac:4a:56:6c:7c:00

C.

GET/network-device?macAddress=ac:4a:56:6c:7c:00

Question 36

Refer to the exhibit. A network engineer configures NAT on R1 and enters me show command to verity me configuration What toes the output confirm?

Options:

A.

The first pocket triggered NAT to add an entry to the NAT table

B.

R1 is configured with NAT overload parameters.

C.

A Telnet session from 160.1.1.1 to 10.1.1.10 has been initiated.

D.

R1 a configured win PAT overload parameters

Question 37

Refer to the exhibit.

A network engineer issues the debug command while troubleshooting a network issue. What does the output confirm?

Options:

A.

ACL100 is tracking ICMP traffic from 1.1.1.1 destined for 10.1.1.1.

B.

ACL100 is tracking all traffic from 10.1.1.1 destined far 1.1.

C.

ACL100 is tracking ICMP traffic from 10.1.1.1 destined for 11.1.1

D.

ACL100 is tracking ICMP traffic from Serial 1/0 destined for Serial3/0.

Question 38

Which policy feature is used with TrustSec to provide endpoint entitlement in an enterprise network?

Options:

A.

access control lists

B.

virtual routing and forwarding

C.

virtual local area network

D.

security groups tags

Question 39

: 262 DRAG DROP

Drag and drop the snippets onto the blanks within the code to construct a script that brings up the failover Ethernet port if the primary port goes down and also shuts down the failover port when the primary returns to service. Not all options are used.

Options:

Question 40

An engineer must construct an access list tot a Cisco Catalyst 9800 Series WLC that will -edirect wireless guest users to a splash page that is hosted on a Cisco ISE server. The Cisco ISE servers are hosted at 10.9.11.141 and 10.1.11.141. Which access list meets the requirements?

A)

B)

C)

D)

Options:

A.

Option

B.

Option

C.

Option

D.

Option

Question 41

Refer to the exhibit.

What happens to access interfaces where VLAN 222 is assigned?

Options:

A.

STP BPDU guard is enabled

B.

A description "RSPAN" is added.

C.

They are placed into an inactive state.

D.

They cannot provide PoE.

Question 42

Which of the following security methods uses physical characteristics of a person to authorize access to a location?

Options:

A.

Access control vestibule

B.

Palm scanner

C.

PIN pad

D.

Digital card reader

E.

Photo ID

Question 43

Which two methods are used to assign security group tags to the user in a Cisco Trust Sec architecture? (Choose two )

Options:

A.

modular QoS

B.

policy routing

C.

web authentication

D.

DHCP

E.

IEEE 802.1x

Question 44

Refer to the exhibit. What is the result of the IP SLA configuration?

Options:

A.

The operation runs 300 times a day

B.

The operation runs 5000

C.

The rate is configured to repeat every 5 minutes

D.

IP SLA is scheduled to run at 3 a.m

Question 45

Refer to the exhibit. An engineer must configure HSRP for VLAN 1000 on SW2 The secondary switch musí immediately lake over the rote of active router if the interlink with the primary switch fails Which command set completes this task?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 46

What is one being of implementing a data modetag language?

Options:

A.

accuracy of the operations performed

B.

uses XML style of data formatting

C.

machine-oriented logic and language-facilitated processing.

D.

conceptual representation to simplify interpretation.

Question 47

Refer to the exhibit. What is achieved when this Python script is executed?

Options:

A.

Each device that is looped through in the devices.txt file is put into its own list that is appended to the parent dictionary.

B.

Each device that is looped through in the devices.txt file is put into its own dictionary that is appended to the parent list.

C.

All devices that are looped through in the devices.txt file are put into a list that is appended to the parent dictionary.

D.

All devices that are looped through in the devices.txt file are put into a single dictionary that is appended to the parent list.

Question 48

In a Cisco SD-Access network architecture, which access layer cabling design is optimal for the underlay network?

Options:

A.

Switches are cross-linked at the same layer and have a single connection to each upstream distribution device.

B.

Switches are connected to each upstream distribution and core device.

C.

Switches are connected to each upstream distribution device.

D.

Switches are cross-linked to devices at the same layer and at the upstream and downstream devices.

Question 49

An engineer must use flexible NetFlow on a group of switches. To prevent overloading of the flow collector, if the flow is idle for 20 seconds, the flow sample should be exported. Which command set should be applied?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 50

Refer to the exhibit.

Which type of antenna do the radiation patterns present?

Options:

A.

Patch

B.

Omnidirectional

C.

Yagi

D.

Dipole

Question 51

What do Chef and Ansible have in common?

Options:

A.

They rely on a declarative approach.

B.

They rely on a procedural approach.

C.

They use YAML as their primary configuration syntax.

D.

They are clientless architectures.

Question 52

Refer to the exhibit.

Which result Is achieved by the CoPP configuration?

Options:

A.

Traffic that matches entry 10 of ACL 100 is always allowed.

B.

Class-default traffic is dropped.

C.

Traffic that matches entry 10 of ACL 100 is always allowed with a limited CIR.

D.

Traffic that matches entry 10 of ACL 100 is always dropped.

Question 53

Refer to the exhibit. What is the cause of the communication failure between R1 and R4?

Options:

A.

R1 is configured with the no ip unreachables command.

B.

R2 is denying ICMP

C.

R4 is denying ICMP.

D.

R3 is denying ICMP.

Question 54

Which JSON script is properly formatted?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 55

Which of the following protocols has a default administrative distance value of 90?

Options:

A.

RIP

B.

EIGRP

C.

OSPF

D.

BGP

Question 56

Refer to the exhibit. An engineer must save the configuration of router R2 using the NETCONF protocol. Which script must be used?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 57

Refer to the exhibit.

What is output by this code?

Options:

A.

8 7 6 5

B.

-4 -5 -6 -7

C.

-1 -2-3-4

D.

4 5 6 7

Question 58

the following system log message is presented after a network administrator configures a GRE tunnel:

%TUN-5-RECURDOWN Interface Tunnel 0 temporarily disabled due to recursive routing

Why is tunnel 0 disabled?

Options:

A.

Because dynamic routing is not enabled

B.

Because the tunnel cannot reach its tunnel destination

C.

Because the best path to the tunnel destination is through the tunnel itself

D.

Because the router cannot recursively identify its egress forwarding interface

Question 59

Refer to the exhibit.

Which action results from executing the Python script?

Options:

A.

display the output of a command that is entered on that device in a single line

B.

SSH to the IP address that is manually entered on that device

C.

display the output of a command that is entered on that device

D.

display the unformatted output of a command that is entered on that device

Question 60

What is the function of vBond in a Cisco SD-WAN deployment?

Options:

A.

initiating connections with SD-WAN routers automatically

B.

pushing of configuration toward SD-WAN routers

C.

onboarding of SD-WAN routers into the SD-WAN overlay

D.

gathering telemetry data from SD-WAN routers

Question 61

Which LISP component decapsulates messages and forwards them to the map server responsible for the egress tunnel routers?

Options:

A.

Ingress Tunnel Router

B.

Map Resolver

C.

Proxy ETR

D.

Router Locator

Question 62

Which solution supports end to end line-rate encryption between two sites?

Options:

A.

IPsec

B.

TrustSec

C.

MACseC

D.

GRE

Question 63

How do the RIB and the FIB differ?

Options:

A.

FIB contains routes learned through a dynamic routing protocol, and the RIB contains routes that are static or directly connected.

B.

RIB contains the interface for a destination, and the FIB contains the next hop information.

C.

FIB is derived from the control plane, and the RIB is derived from the data plane.

D.

RIB is derived from the control plane, and the FIB is derived from the RIB.

Question 64

What is the rose of the vSmart controller in a Cisco SD-WN environment?

Options:

A.

it performs authentication and authorization

B.

it manages the control plane.

C.

it is the centralized network management system

D.

it manages the data plane

Question 65

What is one characteristic of Cisco DNA Center and vManage northbound APIs?

Options:

A.

They push configuration changes down to devices.

B.

They implement the RESTCONF protocol.

C.

They exchange XML-formatted content.

D.

They implement the NETCONF protocol.

Question 66

Which of the following are examples of Type 2 hypervisors? (Choose three.)

Options:

A.

VMware ESXi

B.

Oracle VirtualBox

C.

Oracle Solaris Zones

D.

Microsoft Hyper-V

E.

Microsoft Virtual PC

Question 67

Refer to the exhibit.

Which two commands ensure that DSW1 becomes the root bridge for VLAN 10 and 20? (Choose two.)

Options:

A.

spanning-tree mst 1 priority 1

B.

spanning-tree mstp vlan 10.20 root primary

C.

spanning-tree mil 1 root primary

D.

spanning-tree mst 1 priority 4096

E.

spanning-tree mst vlan 10.20 priority root

Question 68

Which device, in a LISP routing architecture, receives and de-encapsulates LISP traffic for endpoints within a LISP-capable site?

Options:

A.

MR

B.

ETR

C.

OMS

D.

ITR

Question 69

Refer to the exhibit.

An engineer configures a new WLAN that will be used for secure communications; however, wireless clients report that they are able to communicate with each other. Which action resolves this issue?

Options:

A.

Enable Client Exclusions.

B.

Disable Aironet IE

C.

Enable Wi-Fi Direct Client Policy

D.

Enable P2P Blocking.

Question 70

: 194

Refer to the exhibit.

Which type of antenna is shown on the radiation patterns?

Options:

A.

Yagi

B.

dipole

C.

patch

D.

omnidirectional

Question 71

By default, which virtual MAC address does HSRP group 15 use?

Options:

A.

05:5e:ac:07:0c:0f

B.

c0:42:34:03:73:0f

C.

00:00:0c:07:ac:0f

D.

05:af:1c:0f:ac:15

Question 72

An engineer applies this configuration to router R1. How does R1 respond when the user ‘cisco’ logs in?

Options:

A.

It displays the startup config and then permits the user to execute commands

B.

It places the user into EXEC mode and permits the user to execute any command

C.

It displays the startup config and then terminates the session.

D.

It places the user into EXEC mode but permits the user to execute only the show startup-config command

Question 73

What is a benefit of using segmentation with TrustSec?

Options:

A.

Packets sent between endpoints on a LAN are encrypted using symmetric key cryptography.

B.

Firewall rules are streamlined by using business-level profiles.

C.

Integrity checks prevent data from being modified in transit.

D.

Security group tags enable network segmentation.

Question 74

What are two benefits of implementing a traditional WAN instead of an SD-WAN solution? (Choose two.)

Options:

A.

comprehensive configuration standardization

B.

lower control plane abstraction

C.

simplify troubleshooting

D.

faster fault detection

E.

lower data plane overhead

Question 75

In a Cisco SD-Access fabric, which control plane protocol is used for mapping and resolving endpoints?

Options:

A.

DHCP

B.

VXLAN

C.

SXP

D.

LISP

Question 76

Which activity requires access to Cisco DNA Center CLI?

Options:

A.

provisioning a wireless LAN controller

B.

creating a configuration template

C.

upgrading the Cisco DNA Center software

D.

graceful shutdown of Cisco DNA Center

Question 77

Which Python library is used to work with YANG data models via NETCONF?

Options:

A.

Postman

B.

requests

C.

nccllent

D.

cURL

Question 78

Where in Cisco DNA Center is documentation of each API call, organized by its functional area?

Options:

A.

Developer Toolkit

B.

platform management

C.

platform bundles

D.

Runtime Dashboard

Question 79

Refer to the exhibit.

Assuming all links are functional, which path does PC1 take to reach DSW1?

Options:

A.

PC1 goes from ALSW1 to DSW2 to CORE to DSW1.

B.

PC1 goes from ALSW1 to DSW2 to DSW1.

C.

PC1 goes from ALSW1 to DSW1.

D.

PC1 goes from ALSW1 to DSW2 to ALSW2 to DSW1.

Question 80

If AP power level is increased from 25 mW to 100 mW. what is the power difference in dBm?

Options:

A.

6 dBm

B.

14 dBm

C.

17 dBm

D.

20 dBm

Question 81

Which IP SLA operation requires the IP SLA responder to be configured on the remote end?

Options:

A.

TCP connect

B.

ICMP echo

C.

ICMP jitter

D.

UDP jitter

Question 82

How do stratum levels relate to the distance from a time source?

Options:

A.

Stratum 1 devices are connected directly to an authoritative time source.

B.

Stratum 15 devices are connected directly to an authoritative time source

C.

Stratum 0 devices are connected directly to an authoritative time source.

D.

Stratum 15 devices are an authoritative time source.

Question 83

Which two pieces of information are necessary to compute SNR? (Choose two.)

Options:

A.

transmit power

B.

noise floor

C.

EIRP

D.

antenna gain

E.

RSSI

Question 84

Which two security features are available when implementing NTP? (Choose two.)

Options:

A.

symmetric server passwords

B.

dock offset authentication

C.

broadcast association mode

D.

encrypted authentication mechanism

E.

access list-based restriction scheme

Question 85

Refer to the exhibit. An engineer must configure an ERSPAN tunnel that mirrors traffic from linux1 on Switch1 to Linux2 on Switch2. Which command must be added to the destination configuration to enable the ERSPAN tunnel?

Options:

A.

(config-mon-erspan-dst-src)# origin ip address 172.16.10.10

B.

(config-mon-erspan-dst-src)# erspan-id 172.16.10.10

C.

(config-mon-erspan-dst-src)# no shut

D.

(config-mon-erspan-dst-src)# erspan-id 110

Question 86

Refer to the exhibit. An engines configured TACACS^ to authenticate remote users but the configuration is not working as expected Which configuration must be applied to enable access?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 87

Which NTP mode must be activated when using a Cisco router as an NTP authoritative server?

Options:

A.

primary

B.

server

C.

broadcast client

D.

peer

Question 88

Refer to the exhibit.

The OSPF neighborship fails between two routers. What is the cause of this issue?

Options:

A.

The OSPF router ID is missing on this router.

B.

The OSPF process is stopped on the neighbor router.

C.

There is an MTU mismatch between the two routers.

D.

The OSPF router ID is missing on the neighbor router.

Question 89

Which technology enables a redundant supervisor engine to take over when the primary supervisor engine fails?

Options:

A.

NSF

B.

graceful restart

C.

SSO

D.

FHRP

Question 90

Refer to the exhibit.

The traceroute fails from R1 to R3. What is the cause of the failure?

Options:

A.

The loopback on R3 Is in a shutdown stale.

B.

An ACL applied Inbound on loopback0 of R2 Is dropping the traffic.

C.

An ACL applied Inbound on fa0/1 of R3 is dropping the traffic.

D.

Redistribution of connected routes into OSPF is not configured.

Question 91

Refer to the exhibit.

The WLC administrator sees that the controller to which a roaming client associates has Mobility Role Anchor configured under Clients > Detail. Which type of roaming is supported?

Options:

A.

Indirect

B.

Layer 3 intercontroller

C.

Layer 2 intercontroller

D.

Intracontroller

Question 92

An engineer is describing QoS to a client. Which two facts apply to traffic policing? (Choose two.)

Options:

A.

Policing adapts to network congestion by queuing excess traffic

B.

Policing should be performed as close to the destination as possible

C.

Policing drops traffic that exceeds the defined rate

D.

Policing typically delays the traffic, rather than drops it

E.

Policing should be performed as close to the source as possible

Question 93

A customer has a pair of Cisco 5520 WLCs set up in an SSO cluster to manage all APs. Guest traffic is anchored to a Cisco 3504 WLC located in a DMZ. Which action is needed to ensure that the EolP tunnel remains in an UP state in the event of failover on the SSO cluster?

Options:

A.

Configure back-to-back connectivity on the RP ports.

B.

Enable default gateway reachability check.

C.

Use the same mobility domain on all WLCs.

D.

Use the mobility MAC when the mobility peer is configured.

Question 94

What are two characteristics of Cisco SD-Access elements? (Choose two.)

Options:

A.

The border node is required for communication between fabric and nonfabric devices.

B.

Traffic within the fabric always goes through the control plane node.

C.

Fabric endpoints are connected directly to the border node.

D.

The control plane node has the full RLOC-to-EID mapping database.

E.

The border node has the full RLOC-to-EID mapping database.

Question 95

Refer to the exhibit Which command must be applied to complete the configuration and enable RESTCONF?

Options:

A.

ip http secure-server

B.

ip http server

C.

ip http secure-port 443

D.

ip http client username restconf

Question 96

Refer to the exhibit.

An engineer must assign an IP address of 192.168.1.1/24 to the GigabitEtherenet1 interface. Which two commands must be added to the existing configuration to accomplish this task? (Choose two.)

Options:

A.

Router(config-vrf)#ip address 192.168.1.1 255.255.255.0

B.

Router(config-vrf)#address-family ipv4

C.

Router(config-if)#address-family ipv4

D.

Router(config-vrf)#address-family ipv6

E.

Router(config-if)#ip address 192.168.1.1 255.255.255.0

Question 97

An engineer is configuring RADIUS-Based Authentication with EAP MS-CHAPv2 is configured on a client device.

Which outer method protocol must be configured on the ISE to support this

authentication type?

Options:

A.

EAP-TLS

B.

PEAP

C.

LDAP

D.

EAP-FAST

Question 98

An engineer must configure a new WLAN that allows a user to enter a passphrase and provides forward secrecy as a security measure. Which Layer 2 WLAN configuration is required on the Cisco WLC?

Options:

A.

WPA2 Personal

B.

WPA3 Enterprise

C.

WPA3 Personal

D.

WPA2 Enterprise

Question 99

Refer to the exhibit. Which command filters the ERSPAN session packets only to interface GigabitEthernet1?

Options:

A.

source ip 10.10.10.1

B.

source interface gigabitethernet1 ip 10.10.10.1

C.

filter access-group 10

D.

destination ip 10.10.10.1

Question 100

Refer to the exhibit. An engineer constructs an EEM applet to prevent anyone from entering configuration mode on a switch. Which snippet is required to complete the EEM applet?

Options:

A.

sync yes skip yes

B.

sync no skip yes

C.

sync no skip no

D.

sync yes skip no

Question 101

Refer to the exhibit. Cisco IOS routers R1 and R2 are interconnected using interface Gi0/0. Which configuration allows R1 and R2 to form an OSPF neighborship on interface Gi0/0?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 102

Refer to the exhibit.

Why does the OSPF neighborship fail between the two interfaces?

Options:

A.

The IP subnet mask is not the same.

B.

There is a mismatch in the OSPF interface network type.

C.

The OSPF timers are different.

D.

The MTU is nor the same.

Question 103

An engineer is connected to a Cisco router through a Telnet session. Which command must be issued to view the logging messages from the current session as soon as they are generated by the router?

Options:

A.

logging buffer

B.

service timestamps log uptime

C.

logging host

D.

terminal monitor

Question 104

Which two new security capabilities are introduced by using a next-generation firewall at the Internet edge? (Choose two.)

Options:

A.

DVPN

B.

NAT

C.

stateful packet inspection

D.

application-level inspection

E.

integrated intrusion prevention

Question 105

Refer to the exhibit. An engineer builds an EEM script to apply an access list. Which statement must be added to complete the script?

Options:

A.

event none

B.

action 2.1 cli command "ip action 3.1 ell command 101''

C.

action 6.0 ell command ''ip access-list extended 101''

D.

action 6.0 cli command ''ip access-list extended 101"

Question 106

In which two ways does the routing protocol OSPF differ from EIGRP? (Choose two.)

Options:

A.

OSPF supports an unlimited number of hops. EIGRP supports a maximum of 255 hops.

B.

OSPF provides shorter convergence time than EIGRP.

C.

OSPF is distance vector protocol. EIGRP is a link-state protocol.

D.

OSPF supports only equal-cost load balancing. EIGRP supports unequal-cost load balancing.

E.

OSPF supports unequal-cost load balancing. EIGRP supports only equal-cost load balancing.

Question 107

Drag and drop the characteristics from the left onto the deployment models on the right Not all options are used.

Options:

Question 108

Drag and drop the code snippets from the bottom onto the blanks in the Python script to print the device model to the screen and write JSON data to a file Not all options are used

Options:

Question 109

An engineer applies this EEM applet to a router:

What does the applet accomplish?

Options:

A.

It generates a syslog message every 600 seconds on the status of the specified MAC address.

B.

It checks the MAC address table every 600 seconds to see if the specified address has been learned.

C.

It compares syslog output to the MAC address table every 600 seconds and generates an event when there is a match.

D.

It compares syslog output to the MAC address table every 600 seconds and generates an event when no match is found.

Question 110

Drag and drop the characteristics from the left onto the switching architectures on the right.

Options:

Question 111

Refer to the exhibit.

Which configuration enables fallback to local authentication and authorization when no TACACS+ server is available?

Options:

A.

Router(config)# aaa authentication login default local Router(config)# aaa authorization exec default local

B.

Router(config)# aaa authentication login default group tacacs+ local Router(config)# aaa authorization exec default group tacacs+ local

C.

Router(config)# aaa fallback local

D.

Router(config)# aaa authentication login FALLBACK local Router(config)# aaa authorization exec FALLBACK local

Question 112

What is the recommended minimum SNR for Voice applications for networks?

Options:

A.

15

B.

20

C.

25

D.

10

Question 113

Drag and drop the characteristics from the left onto the infrastructure deployment models on the right.

Options:

Question 114

What is one characteristic of the Cisco SD-Access control plane?

Options:

A.

It is based on VXLAN technology.

B.

Each router processes every possible destination and route

C.

It allows host mobility only in the wireless network.

D.

It stores remote routes in a centralized database server

Question 115

How do EIGRP metrics compare to OSPF metrics?

Options:

A.

EIGRP metrics are based on a combination of bandwidth and packet loss, and OSPF metrics are based on interface bandwidth.

B.

EIGRP uses the Dijkstra algorithm, and OSPF uses The DUAL algorithm

C.

The EIGRP administrative distance for external routes is 170. and the OSPF administrative distance for external routes is undefined

D.

The EIGRP administrative distance for external routes is 170. and the OSPF administrative distance for external routes is 110

Question 116

Drag anti drop the characteristics from the ten onto the configuration models on the right.

Options:

Question 117

Drag and drop the characteristics from the left to the table types on the right.

Options:

Question 118

Refer to the exhibit.

Which configuration must be applied to the HQ router to set up a GRE tunnel between the HQ and BR routers?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 119

Refer to the exhibit.

A network engineer must log in to the router via the console, but the RADIUS servers are not reachable Which credentials allow console access1?

Options:

A.

the username "cisco" and the password "Cisco"

B.

no username and only the password "test123"

C.

no username and only the password "cisco123"

D.

the username "cisco" and the password “cisco123"

Question 120

Refer to the exhibit.

What is the result of the API request?

Options:

A.

The "params" variable sends data fields to the network appliance.

B.

The native interface information is read from the network appliance.

C.

The Information for all interfaces is read from the network appliance.

D.

The "params" variable reads data fields from the network appliance

Question 121

What is one main REST security design principle?

Options:

A.

separation of privilege

B.

password hashing

C.

confidential algorithms

D.

OAuth

Question 122

By default, which virtual MAC address Goes HSRP group 25 use?

Options:

A.

05:5c:5e:ac:0c:25

B.

04:16:6S:96:1C:19

C.

00:00:0c:07:ac:19

D.

00:00:0c:07:ac:25

Question 123

Drag and drop the characteristics from the left onto the routing protocols they describe on the right.

Options:

Question 124

Refer to the exhibit. Which configuration must be added to enable GigabitEthemet 0/1 to participate in OSPF?

Options:

A.

SF_router (config-router)# network 10.10.1.0 0.0.0.255 area 0

B.

SF_rouier (conng)# network 10.10.1.0 0.0.0.255 area 1

C.

SF_router (conflg-routerp) network 10.10.1.0 0.0.0.255 area 1

D.

SF_rouler (contlg-rouler)# network 10.10.1.0 255.255.255.0 area 0

Question 125

Refer to the exhibit.

Which command set is needed to configure and verify router R3 to measure the response time from router R3 to the file server located in the data center?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 126

What are the main components of Cisco TrustSec?

Options:

A.

Cisco ISE and Enterprise Directory Services

B.

Cisco ISE. network switches, firewalls, and routers

C.

Cisco ISE and TACACS+

D.

Cisco ASA and Cisco Firepower Threat Defense

Question 127

The Gig0/0 interface of two routers is directly connected with a 1G Ethernet link. Which configuration must be applied to the interface of both routers to establish an OSPF adjacency without maintaining a DR/BDR relationship?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 128

What is a characteristics of traffic policing?

Options:

A.

lacks support for marking or remarking

B.

must be applied only to outgoing traffic

C.

can be applied in both traffic directions

D.

queues out-of-profile packets until the buffer is full

Question 129

Refer to the exhibit. A network administrator configured RSPAN to troubleshoot an issue between switch1 and switch2. The switches are connected using interface GigabitEthernet 1/1. An external packet capture device is connected is switch2 interface GigabitEthernet 1/2. Which two commands must be added to complete this configuration? (Choose two)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

E.

Option E

Question 130

Which function does a fabric wireless LAN controller perform In a Cisco SD-Access deployment?

Options:

A.

manages fabric-enabled APs and forwards client registration and roaming information to the Control Plane Node

B.

coordinates configuration of autonomous nonfabric access points within the fabric

C.

performs the assurance engine role for both wired and wireless clients

D.

is dedicated to onboard clients in fabric-enabled and nonfabric-enabled APs within the fabric

Question 131

Refer to the exhibit. An engineer has configured an IP SLA for UDP echo’s. Which command is needed to start the IP SLA to test every 30 seconds and continue until stopped?

Options:

A.

ip sla schedule 100 start-time now life forever

B.

ip sla schedule 30 start-time now life forever

C.

ip sla schedule 100 start-time now life 30

D.

ip sla schedule 100 life forever

Question 132

Refer to the exhibit.

R1 is able to ping the R3 fa0/1 Interface. Why do the extended pings fail?

Options:

A.

The DF bit has been set

B.

The maximum packet size accepted by the command is 147G bytes

C.

R2 and R3 do not have an OSPF adjacency

D.

R3 is missing a return route to 10.99.69.0/30

Question 133

Refer to the exhibit. An engineer must configure an eBGP neighborship to Router B on Router A. The network that is connected to GO/1 on Router A must be advertised to Router B. Which configuration should be applied?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 134

Refer to the exhibit. Which EEM script generates a critical-level syslog message and saves a copy of the running configuration to the bootflash when an administrator saves the running configuration to the startup configuration?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 135

Refer to the exhibit.

The port channel between the switches does not work as expected. Which action resolves the issue?

Options:

A.

Interface Gi0/0 on Switch2 must be configured as passive.

B.

Interface Gi0/1 on Switch1 must be configured as desirable.

C.

interface Gi0/1 on Switch2 must be configured as active.

D.

Trucking must be enabled on both Interfaces on Switch2.

Question 136

Drag and drop the characteristics from the left onto the deployment types on the right.

Options:

Question 137

What Is the difference between the MAC address table and TCAM?

Options:

A.

The MAC address table supports partial matches. TCAM requires an exact match.

B.

The MAC address table is contained in TCAM ACL and QoS information is stored in CAM.

C.

Router prefix lookups happen in TCAM. MAC address table lookups happen In CAM.

D.

TCAM is used to make L2 forwarding decisions. CAM is used to build routing tables

Question 138

Options:

A.

S2 is configured as LACP. Change the channel group mode to passive

B.

S2 is configured with PAgP. Change the channel group mode to active.

C.

S1 is configured with LACP. Change the channel group mode to on

D.

S1 is configured as PAgP. Change the channel group mode to desirable

Question 139

what is a benefit of using a Type 2 hypervisor instead of a Type 1 hypervisor?

Options:

A.

better application performance

B.

Improved security because the underlying OS is eliminated

C.

Improved density and scalability

D.

ability to operate on hardware that is running other OSs

Question 140

What is an OVF?

Options:

A.

a package that is similar to an IMG and that contains an OVA file used to build a virtual machine

B.

an alternative form of an ISO that Is used to install the base operating system of a virtual machine

C.

the third step in a P2V migration

D.

a package of files that is used to describe a virtual machine or virtual appliance

Question 141

What is one benefit of adopting a data modeling language?

Options:

A.

augmenting management process using vendor centric actions around models

B.

refactoring vendor and platform specific configurations with widely compatible configurations

C.

augmenting the use of management protocols like SNMP for status subscriptions

D.

deploying machine-friendly codes to manage a high number of devices

Question 142

Drag and drop the Cisco SD-Access solution areas from the left onto the protocols they use on the right.

Options:

Question 143

Which protocol is implemented to establish secure control plane adjacencies between Cisco SD-WAN nodes?

Options:

A.

IKF

B.

TLS

C.

IPsec

D.

ESP

Question 144

What is a characteristics of a vSwitch?

Options:

A.

supports advanced Layer 3 routing protocols that are not offered by a hardware switch

B.

enables VMs to communicate with each other within a virtualized server

C.

has higher performance than a hardware switch

D.

operates as a hub and broadcasts the traffic toward all the vPorts

Question 145

What is the recommended minimum SNR for data applications on wireless networks?

Options:

A.

15

B.

20

C.

25

D.

10

Question 146

Which two characteristics apply to the endpoint security aspect of the Cisco Threat Defense architecture? (Choose two.)

Options:

A.

detect and black ransomware in email attachments

B.

outbound URL analysis and data transfer controls

C.

user context analysis

D.

blocking of fileless malware in real time

E.

cloud-based analysis of threats

Question 147

Refer to the exhibit.

The administrator troubleshoots an EtherChannel that keeps moving to err-disabled. Which two actions must be taken to resolve the issue? (Choose two.)

Options:

A.

Reload the switch to force EtherChannel renegotiation

B.

Ensure that interfaces Gi1/0/2 and Gi1/0/3 connect to the same neighboring switch.

C.

Ensure that the switchport parameters of Port channel1 match the parameters of the port channel on the neighbor switch

D.

Ensure that the corresponding port channel interface on the neighbor switch is named Port-channel1.

E.

Ensure that the neighbor interfaces of Gi1/0/2 and Gi/0/3 are configured as members of the same EtherChannel

Question 148

What is an emulated machine that has dedicated compute memory, and storage resources and a fully installed operating system?

Options:

A.

Container

B.

Mainframe

C.

Host

D.

virtual machine

Question 149

What is a characteristic of the overlay network in the Cisco SD-Access architecture?

Options:

A.

It uses a traditional routed access design to provide performance and high availability to the network.

B.

It consists of a group of physical routers and switches that are used to maintain the network.

C.

It provides isolation among the virtual networks and independence from the physical network.

D.

It provides multicast support to enable Layer 2 Hooding capability in the underlay network.

Question 150

Refer to the exhibit. What is achieved by this code?

Options:

A.

It unshuts the loopback interface

B.

It renames the loopback interface

C.

It deletes the loopback interface

D.

It displays the loopback interface

Question 151

If the maximum power level assignment for global TPC 802.11a/n/ac is configured to 10 dBm, which power level effectively doubles the transmit power?

Options:

A.

13dBm

B.

14 dBm

C.

17dBm

D.

20 dBm

Question 152

Refer to the exhibit. A network engineer checks connectivity between two routers. The engineer can ping the remote endpoint but cannot see an ARP entry. Why is there no ARP entry?

Options:

A.

The ping command must be executed in the global routing table.

B.

Interface FastEthernet0/0 Is configured in VRF CUST-A, so the ARP entry is also in that VRF.

C.

When VRFs are used. ARP protocol must be enabled In each VRF.

D.

When VRFs are used. ARP protocol is disabled in the global routing table.

Question 153

Refer to the exhibit.

An engineer must configure an ERSPAN session with the remote end of the session 10.10.0.1. Which commands must be added to complete the configuration?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 154

Which Python snippet should be used to store the devices data structure in a JSON file?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 155

Refer to the exhibit. A network engineer must block Telnet traffic from hosts in the range of 10.100 2.248 to 10.100.2 255 to the network 10.100.3.0 and permit everything else. Which configuration must the engineer apply'?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 156

An engineer must configure a new loopback Interface on a router and advertise the interface as a fa4 in OSPF. Which command set accomplishes this task?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 157

Which benefit is provided by the Cisco DNA Center telemetry feature?

Options:

A.

provides improved network security

B.

inventories network devices

C.

aids In the deployment network configurations

D.

improves the user experience

Question 158

A system must validate access rights to all its resources and must not rely on a cached permission matrix. If the access level to a given resource is revoked but is not reflected in the permission matrix, the security is violated. Which term refers to this REST security design principle?

Options:

A.

economy of mechanism

B.

complete mediation

C.

separation of privilege

D.

least common mechanism

Question 159

Refer to the exhibit .

Which command must be configured for RESTCONF to operate on port 8888?

Options:

A.

ip http port 8888

B.

restconf port 8888

C.

ip http restconf port 8888

D.

restconf http port 8888

Question 160

What happens when a FlexConnect AP changes to standalone mode?

Options:

A.

All controller-dependent activities stop working except the DFS.

B.

All client roaming continues to work

C.

Only clients on central switching WLANs stay connected.

D.

All clients on an WLANs are disconnected

Question 161

What is the JSON syntax that is formed the data?

Options:

A.

{'Name'';''Bob johnon';''Age': Sevenfive,''Alive'': true,''FavoriteFoods';[''Cereal';''Mustard';''Onions'}}

B.

{'Name'':''Bob johnon':''Age': 75 ''Alive'': true,''Favorite Foods';[''Cereal';''Mustard';''Onions'}}

C.

{'Name'':''Bob johnon':''Age: 75,''Alive: true, FavoriteFoods;[Cereal, Mustard';''Onions}}

D.

{'Name'': 'Bob johnon','Age': 75,'Alive': true,''FavoriteFoods': 'Cereal';'Mustard','Onions'}}

Question 162

Which Cisco FlexConnect state allows wireless users that are connected to the network to continue working after the connection to the WLC has been lost?

Options:

A.

Authentication Down/Switching Down

B.

Authentication-Central/Switch-Local

C.

Authentication- Down/Switch-Local

D.

Authentication-Central/Switch-Central

Question 163

Refer io me exhibit.

An engineer configures the trunk and proceeds to configure an ESPAN session to monitor VLANs10. 20. and 30. Which command must be added to complete this configuration?

Options:

A.

Device(config.mon.erspan.stc)# no filter vlan 30

B.

Devic(config.mon.erspan.src-dst)# no vrf 1

C.

Devic(config.mon.erspan.src-dst)# erspan id 6

D.

Device(config.mon-erspan.Src-dst)# mtu 1460

Question 164

A network engineer is configuring OSPF on a router. The engineer wants to prevent having a route to 177.16.0.0/16 learned via OSPF. In the routing table and configures a prefix list using the command ip prefix-list OFFICE seq S deny 172.16.0.0/16. Winch two identical configuration commands must be applied to accomplish the goal? (Choose two.)

Options:

A.

distribute-list prefix OFFICE in under the OSPF process

B.

Ip prefix-list OFFICE seq 10 permit 0.0.0.0/0 Ie 32

C.

ip prefix-list OFFICE seq 10 permit 0.0.0.0/0 ge 32

D.

distribute-list OFFICE out under the OSPF process

E.

distribute-list OFFICE in under the OSPF process

Question 165

In a Cisco Catalyst switch equipped with two supervisor modules an administrator must temporally remove the active supervisor from the chassis to perform hardware maintenance on it. Which mechanism ensure that the active supervisor removal is not disruptive to the network operation?

Options:

A.

NSF/NSR

B.

SSO

C.

HSRP

D.

VRRP

Question 166

A Cisco DNA Center REST API sends a PUT to the /dna/intent/api/v1/network-device endpoint A response code of 504 is received What does the code indicate?

Options:

A.

The response timed out based on a configured interval

B.

The user does not have authorization to access this endpoint.

C.

The username and password are not correct

D.

The web server is not available

Question 167

Refer to The exhibit.

Assuming that R1 is a CE router, which VRF is assigned to Gi0/0 on R1?

Options:

A.

VRF VFN_A

B.

VRF VPN_B

C.

management VRF

D.

default VRF

Question 168

Which configuration creates a CoPP policy that provides unlimited SSH access from dient 10.0.0.5 and denies access from all other SSH clients'?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 169

Which element enables communication between guest VMs within a virtualized environment?

Options:

A.

hypervisor

B.

vSwitch

C.

virtual router

D.

pNIC

Question 170

Refer to the exhibit.

Which type of antenna does the radiation pattern represent?

Options:

A.

Yagi

B.

multidirectional

C.

directional patch

D.

omnidirectional

Question 171

Refer to the exhibit.

On which interfaces should VRRP commands be applied to provide first hop redundancy to PC-01 and PC-02?

Options:

A.

G0/0 and G0/1 on Core

B.

G0/0 on Edge-01 and G0/0 on Edge-02

C.

G0/1on Edge-01 and G0/1 on Edge-02

D.

G0/0 and G0/1 on ASW-01

Question 172

Which deployment option of Cisco NGFW provides scalability?

Options:

A.

tap

B.

clustering

C.

inline tap

D.

high availability

Question 173

Refer to the exhibit.

What step resolves the authentication issue?

Options:

A.

use basic authentication

B.

change the port to 12446

C.

target 192 168 100 82 in the URI

D.

restart the vsmart host

Question 174

In a Cisco SD-Access solution, which protocol is used by an extended node to connect to a single edge node?

Options:

A.

VXLAN

B.

IS-IS

C.

802 1Q

D.

CTS

Question 175

How can an engineer prevent basic replay attacks from people who try to brute force a system via REST API?

Options:

A.

Add a timestamp to the request In the API header.

B.

Use a password hash

C.

Add OAuth to the request in the API header.

D.

UseHTTPS

Question 176

Which cisco DNA center application is responsible for group-based accesss control permissions?

Options:

A.

Design

B.

Provision

C.

Assurance

D.

Policy

Question 177

Refer the exhibit.

Which router is the designated router on the segment 192.168.0.0/24?

Options:

A.

This segment has no designated router because it is a nonbroadcast network type.

B.

This segment has no designated router because it is a p2p network type.

C.

Router Chicago because it has a lower router ID

D.

Router NewYork because it has a higher router ID

Question 178

Which technology uses network traffic telemetry, contextual information, and file reputation to provide insight into cyber threats?

Options:

A.

threat defense

B.

security services

C.

security intelligence

D.

segmentation

Question 179

Refer to the exhibit.

An engineer is troubleshooting an application running on Apple phones. The application Is receiving incorrect QoS markings. The systems administrator confirmed that ail configuration profiles are correct on the Apple devices. Which change on the WLC optimizes QoS for these devices?

Options:

A.

Enable Fastlane

B.

Set WMM to required

C.

Change the QoS level to Platinum

D.

Configure AVC Profiles

Question 180

Refer to the exhibit.

Cisco DNA Center has obtained the username of the client and the multiple devices that the client is using on the network. How is Cisco DNA Center getting these context details?

Options:

A.

The administrator had to assign the username to the IP address manually in the user database tool on Cisco DNA Center.

B.

Those details are provided to Cisco DNA Center by the Identity Services Engine

C.

Cisco DNA Center pulled those details directly from the edge node where the user connected.

D.

User entered those details in the Assurance app available on iOS and Android devices

Question 181

Refer to the exhibit.

An engineer configures the BGP adjacency between R1 and R2, however, it fails to establish Which action resolves the issue?

Options:

A.

Change the network statement on R1 to 172.16 10.0

B.

Change the remote-as number for 192 168.100.11.

C.

Enable synchronization on R1 and R2

D.

Change the remote-as number on R1 to 6500.

Question 182

What is a benefit of Type 1 hypervisors?

Options:

A.

Administrators are able to load portable virtual machine packages in OVA or QCOW2 formats.

B.

Network engineers are able to create virtual networks o interconnect virtual machines in Layer 2 topologies

C.

Operators are able to leverage orchestrators to manage workloads that run on multiple Type 1 hypervisors

D.

Storage engineers are able to leverage VMDK files to provide storage to virtual machine.

Question 183

A client device roams between access points located on different floors in an atrium. The access points are Joined to the same controller and configured in local mode. The access points are in different AP groups and have different IP addresses, but the client VLAN in the groups is the same. Which type of roam occurs?

Options:

A.

inter-controller

B.

inter-subnet

C.

intra-VLAN

D.

intra-controller

Question 184

Which network devices secure API platform?

Options:

A.

next-generation intrusion detection systems

B.

Layer 3 transit network devices

C.

content switches

D.

web application firewalls

Question 185

Refer to the exhibit. Which configuration must be applied to R1 to enable R1 to reach the server at 172.16.0.1?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 186

Refer to the exhibit. PC-1 must access the web server on port 8080. To allow this traffic, which statement must be added to an access control list that is applied on SW2 port G0/0 in the inbound direction?

Options:

A.

permit host 172.16.0.2 host 192.168.0.5 eq 8080

B.

permit host 192.168.0.5 host 172.16.0.2 eq 8080

C.

permit host 192.168.0.5 eq 8080 host 172.16.0.2

D.

permit host 192.168.0.5 it 8080 host 172.16.0.2

Question 187

Refer to the exhibit.

An engineer must establish eBGP peering between router R3 and router R4. Both routers should use their loopback interfaces as the BGP router ID. Which configuration set accomplishes this task?

Options:

A.

R3(config)#router bgp 200

R3(config-router)#neighbor 10.4.4.4 remote-as 100

R3(config-router)# neighbor 10.4.4.4 update-source Loopback0

R4(config)#router bgp 100

R4(config-router)#neighbor 10.3.3.3 remote-as 200

R4(config-router)#network 10.3.3.3 update-source Loopback0

B.

R3(config)#router bgp 200

R3(config-router)#neighbor 10.24.24.4 remote-as 100

R3(config-router)#neighbor 10.24.24.4 update-source Loopback0

R4(config)#router bgp 100

R4(config-router)#neighbor 10.24.24.3 remote-as 200

R4(config-router)#neighbor 10.24.24.3 update-source Loopback0

C.

R3(config)#router bgp 200

R3(config-router)#neighbor 10.4.4.4 remote-as 100

R3(config-router)#bgp router-id 10.3.3.3

R4(config)#router bgp 100

R4(config-router)#neighbor 10.3.3.3 remote-as 200

R4(config-router)#bgp router-id 10.4.4.4

D.

R3(config)#router bgp 200

R3(config-router)#neighbor 10.24.24.4 remote-as 100

R3(config-router)#bgp router-id 10.3.3.3

R4(config)#router bgp 100

R4(config-router)#neighbor 10.24.24.3 remote-as 200

R4(config-router)#bgp router-id 10.4.4.4

Question 188

Drag and drop the characteristics from the left onto the routing protocols they describe on the right.

Options:

Question 189

What does the Cisco DNA Center use to enable the delivery of applications through a network and to yield analytics for innovation?

Options:

A.

process adapters

B.

Command Runner

C.

intent-based APIs

D.

domain adapters

Question 190

An engineer configures GigabitEthernet 0/1 for VRRP group 115. The router must assume the primary role when it has the highest priority in the group. Which command set is required to complete this task?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 191

Refer to the exhibit.

After configuring HSRP an engineer enters the show standby command. Which two facts are derived from the output? (Choose two.)

Options:

A.

The router with IP 10.10 1.3 is active because it has a higher IP address

B.

If Fa0/0 is shut down, the HSRP priority on R2 becomes 80

C.

R2 Fa1/0 regains the primary role when the link comes back up

D.

R2 becomes the active router after the hold time expires.

E.

R2 is using the default HSRP hello and hold timers.

Question 192

Refer to the exhibit.

The trunk does not work over the back-to-back link between Switch1 interface Giq1/0/20 and Switch2 interface Gig1/0/20. Which configuration fixes the problem?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 193

In a Cisco StackWise Virtual environment, which planes are virtually combined in the common logical switch?

Options:

A.

management and data

B.

control and management

C.

control, and forwarding

D.

control and data

Question 194

In which two ways does TCAM differ from CAM? (Choose two.)

Options:

A.

CAM is used to make Layer 2 forwarding decisions, and TCAM is used for Layer 3 address lookups.

B.

The MAC address table is contained in CAM, and ACL and QoS Information Is stored in TCAM.

C.

CAM Is used by routers for IP address lookups, and TCAM is used to make Layer 2 forwarding decisions.

D.

CAM is used for software switching mechanisms, and TCAM is used for hardware switching mechanisms.

E.

The MAC address table Is contained in TCAM, and ACL and QoS information is stored in CAM.

Question 195

AN engineer is implementing a route map to support redistribution within BGP. The route map must configured to permit all unmatched routes. Which action must the engineer perform to complete this task?

Options:

A.

Include a permit statement as the first entry

B.

Include at least one explicit deny statement

C.

Remove the implicit deny entry

D.

Include a permit statement as the last entry

Question 196

Refer to the exhibit.

An engineer reconfigures the pot-channel between SW1 and SW2 from an access port to a trunk and immediately notices this error in SW1's log.

Which command set resolves this error?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 197

Drag and drop the snippets onto the blanks within the code to construct a script that configures BGP according to the topology. Not all options are used, and some options may be used twice.

Options:

Question 198

In a Cisco SD-WAN solution, how Is the health of a data plane tunnel monitored?

Options:

A.

with IP SLA

B.

ARP probing

C.

using BFD

D.

with OMP

Question 199

Which outcome is achieved with this Python code?

Options:

A.

connects to a Cisco device using SSH and exports the routing table information

B.

displays the output of the show command in a formatted way

C.

connects to a Cisco device using SSH and exports the BGP table for the prefix

D.

connects to a Cisco device using Telnet and exports the routing table information

Question 200

Refer to the exhibit.

An engineer attempts to bundle interface Gi0/0 into the port channel, but it does not function as expected. Which action resolves the issue?

Options:

A.

Configure channel-group 1 mode active on interface Gi0/0.

B.

Configure no shutdown on interface Gi0/0

C.

Enable fast LACP PDUs on interface Gi0/0.

D.

Set LACP max-bundle to 2 on interface Port-channeM

Question 201

Refer to the exhibit.

What is the result when a switch that is running PVST+ is added to this network?

Options:

A.

DSW2 operates in Rapid PVST+ and the new switch operates in PVST+

B.

Both switches operate in the PVST+ mode

C.

Spanning tree is disabled automatically on the network

D.

Both switches operate in the Rapid PVST+ mode.

Question 202

Refer to the exhibit.

A GRE tunnel has been created between HO and BR routers. What is the tunnel IP on the HQ router?

Options:

A.

10.111.111.1

B.

10.111.111.2

C.

209.165.202.130

D.

209.165.202.134

Question 203

A network monitoring system uses SNMP polling to record the statistics of router interfaces The SNMP queries work as expected until an engineer installs a new interface and reloads the router After this action, all SNMP queries for the router fail What is the cause of this issue?

Options:

A.

The SNMP community is configured incorrectly

B.

The SNMP interface index changed after reboot.

C.

The SNMP server traps are disabled for the interface index

D.

The SNMP server traps are disabled for the link state.

Question 204

By default, which virtual MAC address does HSRP group 16 use?

Options:

A.

c0:41:43:64:13:10

B.

00:00:0c 07:ac:10

C.

00:05:5c:07:0c:16

D.

05:00:0c:07:ac:16

Question 205

Refer to the exhibit.

Which command must be applied to Router 1 to bring the GRE tunnel to an up/up state?

Options:

A.

Routed (config if funnel mode gre multipoint

B.

Router1(config-if)&tunnel source Loopback0

C.

Router1(config-if)#tunnel source GigabitEthernet0/1

D.

Router1 (config)#interface tunnel0

Question 206

Refer to the exhibit.

What are two reasons for IP SLA tracking failure? (Choose two )

Options:

A.

The destination must be 172 30 30 2 for icmp-echo

B.

A route back to the R1 LAN network is missing in R2.

C.

The source-interface is configured incorrectly.

D.

The default route has the wrong next hop IP address

E.

The threshold value is wrong

Question 207

What are two benefits of implementing a Cisco SD-WAN architecture? (Choose two)

Options:

A.

It provides resilient and effective traffic flow using MPLS.

B.

It improves endpoint protection by integrating embedded and cloud security features.

C.

It allows configuration of application-aware policies with real time enforcement.

D.

It simplifies endpoint provisioning through standalone router management

E.

It enforces a single. scalable. hub-and-spoke topology.

Question 208

What is required for a virtual machine to run?

Options:

A.

a Type 1 hypervisor and a host operating system

B.

a hypervisor and physical server hardware

C.

only a Type 1 hypervisor

D.

only a Type 2 hypervisor

Question 209

How does Cisco Trustsec enable more flexible access controls for dynamic networking environments and data centers?

Options:

A.

uses flexible NetFlow

B.

assigns a VLAN to the endpoint

C.

classifies traffic based an the contextual identity of the endpoint rather than its IP address

D.

classifies traffic based on advanced application recognition

Question 210

Drag and drop characteristics of PIM dense mode from the left to the right.

Options:

Question 211

Drag and drop the tools from the left onto the agent types on the right.

Options:

Question 212

When is the Design workflow used In Cisco DNA Center?

Options:

A.

in a greenfield deployment, with no existing infrastructure

B.

in a greenfield or brownfield deployment, to wipe out existing data

C.

in a brownfield deployment, to modify configuration of existing devices in the network

D.

in a brownfield deployment, to provision and onboard new network devices

Question 213

A customer requests a design that includes GLBP as the FHRP The network architect discovers that the members of the GLBP group have different throughput capabilities Which GLBP load balancing method supports this environment?

Options:

A.

host dependent

B.

least connection

C.

round robin

D.

weighted

Question 214

The login method is configured on the VTY lines of a router with these parameters.

  • The first method for authentication is TACACS
  • If TACACS is unavailable, login is allowed without any provided credentials

Which configuration accomplishes this task?

Options:

A.

R1#sh run | include aaa

aaa new-model

aaa authentication login VTY group tacacs+ none

aaa session-id common

R1#sh run | section vty

line vty 0 4

password 7 0202039485748

R1#sh run | include username

R1#

B.

R1#sh run | include aaa

aaa new-model

aaa authentication login telnet group tacacs+ none

aaa session-id common

R1#sh run | section vty

line vty 0 4

R1#sh run | include username

R1#

C.

R1#sh run | include aaa

aaa new-model

aaa authentication login default group tacacs+ none

aaa session-id common

R1#sh run | section vty

line vty 0 4

password 7 0202039485748

D.

R1#sh run | include aaa

aaa new-model

aaa authentication login default group tacacs+

aaa session-id common

R1#sh run | section vty

line vty 0 4

transport input none

R1#

Question 215

Refer to the exhibit.

What does the output confirm about the switch's spanning tree configuration?

Options:

A.

The spanning-tree mode stp ieee command was entered on this switch

B.

The spanning-tree operation mode for this switch is IEEE.

C.

The spanning-tree operation mode for this switch is PVST+.

D.

The spanning-tree operation mode for this switch is PVST

Question 216

In a three-tier hierarchical campus network design, which action is a design best-practice for the core layer?

Options:

A.

provide QoS prioritization services such as marking, queueing, and classification for critical network traffic

B.

provide redundant Layer 3 point-to-point links between the core devices for more predictable and faster convergence

C.

provide advanced network security features such as 802. IX, DHCP snooping, VACLs, and port security

D.

provide redundant aggregation for access layer devices and first-hop redundancy protocols such as VRRP

Question 217

Drag and drop the characteristics from the left onto the deployment models on the right.

Options:

Question 218

How does the EIGRP metric differ from the OSPF metric?

Options:

A.

The EIGRP metric is calculated based on bandwidth only. The OSPF metric is calculated on delay only.

B.

The EIGRP metric is calculated based on delay only. The OSPF metric is calculated on bandwidth and delay.

C.

The EIGRP metric Is calculated based on bandwidth and delay. The OSPF metric is calculated on bandwidth only.

D.

The EIGRP metric Is calculated based on hop count and bandwidth. The OSPF metric is calculated on bandwidth and delay.

Question 219

Refer to the exhibit.

VPN-A sends point-to-point traffic to VPN-B and receives traffic only from VPN-C VPN-B sends point-to-point traffic to VPN-C and receives traffic only from VPN-A Which configuration is applied?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 220

Refer to the exhibit. Which result does the python code achieve?

Options:

A.

The code encrypts a base64 decrypted password.

B.

The code converts time to the "year/month/day" time format.

C.

The code converts time to the yyyymmdd representation.

D.

The code converts time to the Epoch LINUX time format.

Question 221

Which NGFW mode block flows crossing the firewall?

Options:

A.

Passive

B.

Tap

C.

Inline tap

D.

Inline

Question 222

Refer to the exhibit.

Which configuration change ensures that R1 is the active gateway whenever it is in a functional state for the 172.30.110.0724 network?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 223

Refer to the exhibit.

Which IP address becomes the active next hop for 192.168.102 0/24 when 192.168.101.2 fails?

Options:

A.

192.168.101.18

B.

192.168.101.6

C.

192.168.101.10

D.

192.168.101.14

Question 224

Refer to the exhibit.

An engineer must configure a SPAN session. What is the effect of the configuration?

Options:

A.

Traffic sent on VLANs 10, 11, and 12 is copied and sent to interface g0/1.

B.

Traffic sent on VLANs 10 and 12 only is copied and sent to interface g0/1.

C.

Traffic received on VLANs 10, 11, and 12 is copied and sent to Interface g0/1.

D.

Traffic received on VLANs 10 and 12 only is copied and sent to interface g0/1.

Question 225

What is a characteristic of a virtual machine?

Options:

A.

It must be aware of other virtual machines, in order to allocate physical resources for them

B.

It is deployable without a hypervisor to host it

C.

It must run the same operating system as its host

D.

It relies on hypervisors to allocate computing resources for it

Question 226

Which AP mode allows an engineer to scan configured channels for rogue access points?

Options:

A.

sniffer

B.

monitor

C.

bridge

D.

local

Question 227

Refer to the exhibit. Which configuration change will force BR2 to reach 209 165 201 0/27 via BR1?

Options:

A.

Set the weight attribute to 65.535 on BR1 toward PE1.

B.

Set the local preference to 150 on PE1 toward BR1 outbound

C.

Set the MED to 1 on PE2 toward BR2 outbound.

D.

Set the origin to igp on BR2 toward PE2 inbound.

Question 228

Drag and drop the Qos mechanisms from the left to the correct descriptions on the right

Options:

Question 229

Refer to the exhibit.

An engineer must deny HTTP traffic from host A to host B while allowing all other communication between the hosts, drag and drop the commands into the configuration to achieve these results. Some commands may be used more than once. Not all commands are used.

Options:

Question 230

Which controller is capable of acting as a STUN server during the onboarding process of Edge devices?

Options:

A.

vBond

B.

vSmart

C.

vManage

D.

PNP server

Question 231

What are two benefits of YANG? (Choose two.)

Options:

A.

It enforces the use of a specific encoding format for NETCONF.

B.

It collects statistical constraint analysis information.

C.

It enables multiple leaf statements to exist within a leaf list.

D.

It enforces configuration semantics.

E.

It enforces configuration constraints.

Question 232

While configuring an IOS router for HSRP with a virtual IP of 10 1.1.1. an engineer sees this log message.

Which configuration change must the engineer make?

Options:

A.

Change the HSRP group configuration on the local router to 1.

B.

Change the HSRP virtual address on the local router to 10.1.1.1.

C.

Change the HSRP virtual address on the remote router to 10.1.1.1.

D.

Change the HSRP group configuration on the remote router to 1.

Question 233

What is the centralized control policy in a Cisco SD-WAN deployment?

Options:

A.

list of ordered statements that define user access policies

B.

set of statements that defines how routing is performed

C.

set of rules that governs nodes authentication within the cloud

D.

list of enabled services for all nodes within the cloud

Question 234

What are two benefits of virtual switching when compared to hardware switching? (Choose two.)

Options:

A.

increased MTU size

B.

hardware independence

C.

VM-level isolation

D.

increased flexibility

E.

extended 802.1Q VLAN range

Question 235

An engineer has deployed a single Cisco 5520 WLC with a management IP address of 172.16.50.5/24. The engineer must register 50 new Cisco AIR-CAP2802I-E-K9 access points to the WLC using DHCP option 43. The access points are connected to a switch in VLAN 100 that uses the 172.16.100.0/24 subnet. The engineer has configured the DHCP scope on the switch as follows:

The access points are failing to join the wireless LAN controller. Which action resolves the issue?

Options:

A.

configure option 43 Hex F104.AC10.3205

B.

configure option 43 Hex F104.CA10.3205

C.

configure dns-server 172.16.50.5

D.

configure dns-server 172.16.100.1

Question 236

Which benefit is offered by a cloud infrastructure deployment but is lacking in an on-premises deployment?

Options:

A.

efficient scalability

B.

virtualization

C.

storage capacity

D.

supported systems

Question 237

What is a consideration when designing a Cisco SD-Access underlay network?

Options:

A.

End user subnets and endpoints are part of the underlay network.

B.

The underlay switches provide endpoint physical connectivity for users.

C.

Static routing is a requirement,

D.

It must support IPv4 and IPv6 underlay networks

Question 238

Which two components are supported by LISP? (Choose two.)

Options:

A.

Proxy ETR

B.

egress tunnel router

C.

route reflector

D.

HMAC algorithm

E.

spoke

Question 239

What is one benefit of implementing a VSS architecture?

Options:

A.

It provides multiple points of management for redundancy and improved support

B.

It uses GLBP to balance traffic between gateways.

C.

It provides a single point of management for improved efficiency.

D.

It uses a single database to manage configuration for multiple switches

Question 240

What is one fact about Cisco SD-Access wireless network deployments?

Options:

A.

The access point is part of the fabric underlay

B.

The WLC is part of the fabric underlay

C.

The access point is part the fabric overlay

D.

The wireless client is part of the fabric overlay

Question 241

How does the RIB differ from the FIB?

Options:

A.

The RIB is used to create network topologies and routing tables. The FIB is a list of routes to particular network destinations.

B.

The FIB includes many routes a single destination. The RIB is the best route to a single destination.

C.

The RIB includes many routes to the same destination prefix. The FIB contains only the best route

D.

The FIB maintains network topologies and routing tables. The RIB is a Iist of routes to particular network destinations.

Question 242

Which configuration restricts the amount of SSH that a router accepts 100 kbps?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 243

Which two network problems Indicate a need to implement QoS in a campus network? (Choose two.)

Options:

A.

port flapping

B.

excess jitter

C.

misrouted network packets

D.

duplicate IP addresses

E.

bandwidth-related packet loss

Question 244

Which command set configures RSPAN to capture outgoing traffic from VLAN 3 on interface GigabitEthernet 0/3 while ignoring other VLAN traffic on the same interface?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 245

Which measure is used by an NTP server to indicate its closeness to the authoritative time source?

Options:

A.

latency

B.

hop count

C.

time zone

D.

stratum

Question 246

Refer to the exhibit.

Which type of antenna is show on the radiation patterns?

Options:

A.

Dipole

B.

Yagi

C.

Patch

D.

Omnidirectional

Question 247

Refer to the exhibit.

An engineer implemented several configuration changes and receives the logging message on switch1. Which action should the engineer take to resolve this issue?

Options:

A.

Change the VTP domain to match on both switches

B.

Change Switch2 to switch port mode dynamic auto

C.

Change Switch1 to switch port mode dynamic auto

D.

Change Switch1 to switch port mode dynamic desirable

Question 248

Refer to the exhibit.

Assuming the WLC's interfaces are not in the same subnet as the RADIUS server, which interface would the WLC use as the source for all RADIUS-related traffic?

Options:

A.

the interface specified on the WLAN configuration

B.

any interface configured on the WLC

C.

the controller management interface

D.

the controller virtual interface

Question 249

An engineer must configure HSRP group 300 on a Cisco IOS router. When the router is functional, it must be the must be the active HSRP router. The peer router has been configured using the default priority value. Which command set is required?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 250

Which function in handled by vManage in the cisco SD-WAN fabric?

Options:

A.

Establishes BFD sessions to test liveliness of links and nodes.

B.

Distributes polices that govern data forwarding.

C.

Performs remote software upgrades for WAN Edge vSmart and vBond.

D.

Establishes iPsec tunnels with nodes

Question 251

How does Cisco Trustsec enable more access controls for dynamic networking

environments and data centers?

Options:

A.

classifies traffic based on advanced application recognition

B.

uses flexible NetFlow

C.

classifies traffic based on the contextual identity of the endpoint rather than its IP

address correct

D.

assigns a VLAN to the endpoint

Question 252

Refer to the exhibit. An engineer attempts to configure a trunk between switch sw1 and switch SW2 using DTP, but the trunk does not form. Which command should the engineer apply to switch SW2 to resolve this issue?

Options:

A.

switchport mode dynamic desirable

B.

switchport nonegotiate

C.

no switchport

D.

switchport mode access

Question 253

A customer has several small branches and wants to deploy a WI-FI solution with local management using CAPWAP. Which deployment model meets this requirement?

Options:

A.

Autonomous

B.

Mobility Express

C.

SD-Access wireless

D.

Local mode

Question 254

Refer to the exhibit. Rapid PVST+ is enabled on all switches. Which command set must be configured on switch1 to achieve the following results on port fa0/1?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 255

Refer to the exhibit.

Which troubleshooting a routing issue, an engineer issues a ping from S1 to S2. When two actions from the initial value of the TTL? (Choose two.)

Options:

A.

The packet reaches R3, and the TTL expires

B.

R2 replies with a TTL exceeded message

C.

R3 replies with a TTL exceeded message.

D.

The packet reaches R2 and the TTL expires

E.

R1 replies with a TTL exceeded message

F.

The packet reaches R1 and the TTL expires.

Question 256

Refer to the exhibit. Communication between London and New York is down. Which command set must be applied to the NewYork switch to resolve the issue?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 257

What is a benefit of a virtual machine when compared with a physical server?

Options:

A.

Multiple virtual servers can be deployed on the same physical server without having to buy additional hardware.

B.

Virtual machines increase server processing performance.

C.

The CPU and RAM resources on a virtual machine cannot be affected by other virtual machines.

D.

Deploying a virtual machine is technically less complex than deploying a physical server.

Question 258

Which method of account authentication does OAuth 2.0 within REST APIs?

Options:

A.

username/role combination

B.

access tokens

C.

cookie authentication

D.

basic signature workflow

Question 259

Refer to Exhibit.

MTU has been configured on the underlying physical topology, and no MTU command has been configured on the tunnel interfaces. What happens when a 1500-byte IPv4 packet traverses the GRE tunnel from host X to host Y, assuming the DF bit is cleared?

Options:

A.

The packet arrives on router C without fragmentation.

B.

The packet is discarded on router A

C.

The packet is discarded on router B

D.

The packet arrives on router C fragmented.

Question 260

Which two threats does AMP4E have the ability to block? (Choose two.)

Options:

A.

DDoS

B.

ransomware

C.

Microsoft Word macro attack

D.

SQL injection

E.

email phishing

Question 261

Which exhibit displays a valid JSON file?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 262

What does the cisco DNA REST response indicate?

Options:

A.

Cisco DNA Center has the Incorrect credentials for cat3850-1

B.

Cisco DNA Center is unable to communicate with cat9000-1

C.

Cisco DNA Center has the incorrect credentials for cat9000-1

D.

Cisco DNA Center has the Incorrect credentials for RouterASR-1

Question 263

Which two operations are valid for RESTCONF? (Choose two.)

Options:

A.

HEAD

B.

REMOVE

C.

PULL

D.

PATCH

E.

ADD

F.

PUSH

Question 264

Which action is the vSmart controller responsible for in an SD-WAN deployment?

Options:

A.

handle, maintain, and gather configuration and status for nodes within the SD-WAN fabric

B.

distribute policies that govern data forwarding performed within the SD-WAN fabric

C.

gather telemetry data from vEdge routers

D.

onboard vEdge nodes into the SD-WAN fabric

Question 265

Refer to the exhibit. Which action completes the configuration to achieve a dynamic continuous mapped NAT for all users?

Options:

A.

Configure a match-host type NAT pool

B.

Reconfigure the pool to use the 192.168 1 0 address range

C.

Increase the NAT pool size to support 254 usable addresses

D.

Configure a one-to-one type NAT pool

Question 266

What are two differences between the RIB and the FIB? (Choose two.)

Options:

A.

The FIB is derived from the data plane, and the RIB is derived from the FIB.

B.

The RIB is a database of routing prefixes, and the FIB is the Information used to choose the egress interface for each packet.

C.

FIB is a database of routing prefixes, and the RIB is the information used to choose the egress interface for each packet.

D.

The FIB is derived from the control plane, and the RIB is derived from the FIB.

E.

The RIB is derived from the control plane, and the FIB is derived from the RIB.

Question 267

Refer to the exhibit. What is the effect of this configuration?

Options:

A.

When users attempt to connect to vty lines 0 through 4, the device will authenticate them against TACACS+ if local authentication fails

B.

The device will authenticate all users connecting to vty lines 0 through 4 against TACACS+

C.

The device will allow users at 192.168.0.202 to connect to vty lines 0 through 4 using the password ciscotestkey

D.

The device will allow only users at 192.166.0.202 to connect to vty lines 0 through 4

Question 268

Which data is properly formatted with JSON?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 269

An engineer is concerned with the deployment of new application that is sensitive to inter-packet delay variance. Which command configures the router to be the destination of jitter measurements?

Options:

A.

Router(config)# ip sla responder udp-connect 172.29.139.134 5000

B.

Router(config)# ip sla responder tcp-connect 172.29.139.134 5000

C.

Router(config)# ip sla responder udp-echo 172.29.139.134 5000

D.

Router(config)# ip sla responder tcp-echo 172.29.139.134 5000

Question 270

Which measurement is used from a post wireless survey to depict the cell edge of the access points?

Options:

A.

SNR

B.

Noise

C.

RSSI

D.

CCI

Question 271

Refer to the exhibit. POSTMAN is showing an attempt to retrieve network device information from Cisco DNA Center API. What is the issue?

Options:

A.

The URI string is incorrect

B.

The token has expired.

C.

Authentication has failed

D.

The JSON payload contains the incorrect UUID

Question 272

How does EIGRP differ from OSPF?

Options:

A.

EIGRP is more prone to routing loops than OSPF

B.

EIGRP supports equal or unequal path cost, and OSPF supports only equal path cost.

C.

EIGRP has a full map of the topology, and OSPF only knows directly connected neighbors

D.

EIGRP uses more CPU and memory than OSPF

Question 273

Which features does Cisco EDR use to provide threat detection and response protection?

Options:

A.

containment, threat intelligence, and machine learning

B.

firewalling and intrusion prevention

C.

container-based agents

D.

cloud analysis and endpoint firewall controls

Question 274

What does Call Admission Control require the client to send in order to reserve the bandwidth?

Options:

A.

SIP flow information

B.

Wi-Fi multimedia

C.

traffic specification

D.

VoIP media session awareness

Question 275

A network engineer configures a new GRE tunnel and enters the show run command. What does the output verify?

Options:

A.

The tunnel will be established and work as expected

B.

The tunnel destination will be known via the tunnel interface

C.

The tunnel keepalive is configured incorrectly because they must match on both sites

D.

The default MTU of the tunnel interface is 1500 byte.

Question 276

Refer to the exhibit.

After implementing the configuration 172.20.20.2 stops replaying to ICMP echoes, but the default route fails to be removed. What is the reason for this behavior?

Options:

A.

The source-interface is configured incorrectly.

B.

The destination must be 172.30.30.2 for icmp-echo

C.

The default route is missing the track feature

D.

The threshold value is wrong.

Question 277

An engineer must provide wireless converge in a square office. The engineer has only one AP and believes that it should be placed it in the middle of the room. Which antenna type should the engineer use?

Options:

A.

directional

B.

polarized

C.

Yagi

D.

omnidirectional

Question 278

Under which network conditions is an outbound QoS policy that is applied on a router WAN interface most beneficial?

Options:

A.

under interface saturation condition

B.

under network convergence condition

C.

under all network condition

D.

under traffic classification and marking conditions.

Page: 1 / 70
Total 927 questions