Latest Cisco 350-401 Dumps PDF Questions Answers 2025

Implementing Cisco Enterprise Network Core Technologies (350-401 ENCOR) Questions and Answers

Question 1

What is used to measure the total output energy of a Wi-Fi device?

Options:

dBi

EIRP

dBm

Buy Now

Question 2

Which definition describes JWT in regard to REST API security?

Options:

an encrypted JSON token that is used for authentication

an encrypted JSON token that is used for authorization

an encoded JSON token that is used to securely exchange information

an encoded JSON token that is used for authentication

Question 3

Which component of the Cisco Cyber Threat Defense solution provides user and flow context analysis?

Options:

Cisco Firepower and FireSIGHT

Cisco Stealth watch system

Advanced Malware Protection

Cisco Web Security Appliance

Question 4

Which framework is used for third-party authorization?

Options:

API keys

custom tokens

OAuth

SOAP

Question 5

Which characteristic applies to Cisco SD-Access?

Options:

It uses dynamic routing the discover and provision access switches.

It uses VXLAN for the control plane

It uses VXLAN for the data plane

It uses dynamic routing to discover and provision border switches

Question 6

Refer to the exhibit. A network engineer must be notified when a user switches to configuration mode. Which script should be applied to receive an SNMP trap and a critical-level log message?

Options:

Option A

Option B

Option C

Option D

Question 7

What is the purpose of data modeling languages?

Options:

to describe a data schema convertible into any data encoding format

to specify algorithms necessary to decode binary-encoded protocol data units

to translate encoded data for interoperability between different CPU architectures

to provide a framework to describe data flow patterns in networks

Question 8

An engineer must configure a new 6 Ghz only SSID on a cisco catalyst 9800 series WLC, with these requirements:

Provide 802.11ax data rates for supported devices

All users authenticate using a certificate

Which wireless layer 2 security mode meets the requirements?

Options:

WPA2 Enterprise

WPA3 Personal

WPA2 Personal

WPA3 Enterprise

Question 9

Refer to the exhibit. Which Python snippet stores the data structure of the device in JSON format?

Options:

A close up of a text AI-generated content may be incorrect.

A close up of a logo AI-generated content may be incorrect.

A close up of a text AI-generated content may be incorrect.

A black text on a white background AI-generated content may be incorrect.

Question 10

How does NETCONF YANG represent data structures?

Options:

as strict data structures defined by RFC 6020

in an XML tree format

In an HTML format

as modules within a tree

Question 11

Refer to the exhibit. What is the output of this code?

Options:

Option A

Option B

Option C

Option D

Question 12

Drag and drop the snippets onto the blanks within the code to construct a script that blocks a MAC address.

Options:

Question 13

Refer to the exhibit. The IP SLA is configured in a router. An engineer must configure an EEM applet to shut down the interface and bring it back up when there is a problem with the IP SLA. Which configuration should the engineer use?

Options:

event manager applet EEM_IP_SLA

event track 10 state down

event manager applet EEM_IP_SLA

event sla 10 state unreachable

event manager applet EEM_IP_SLA

event sla 10 state down

event manager applet EEM_IP_SLA

event track 10 state unreachable

Question 14

What are two methods of ensuring that the multicast RPF check passes without changing the unicast routing table? (Choose two.)

Options:

disabling the interface of the router back to the multicast source

implementing MBGP

disabling BGP routing protocol

implementing static mroutes

implementing OSPF routing protocol

Question 15

What is a client who is using 802.1x for authentication referred to as?

Options:

authenticator

policy enforcement point

NAC device

supplicant

Question 16

Which three methods does Cisco Catalyst Center (formerly DNA Center) use to discover devices? (Choose three.)

Options:

SNMP

a specified range of IP addresses

NETCONF

LLDP

ping

CDP

Question 17

An engineer measures the Wi-Fi coverage at a customer site. The RSSI values are recorded as follows:

•LocationA -72dBm

• Location B:-75 dBm

• Location C; -65 dBm

• Location D -80 dBm

Which two statements does the engineer use to explain these values to the customer? (Choose two.)

Options:

The signal strength at location B is 10 dB better than location C.

The signal strength at location C is too weak to support web surfing

Location D has the strongest RF signal strength.

The RF signal strength at location B is 50% weaker than location A.

The RF signal strength at location C is 10 times stronger than location B

Question 18

What is a characteristic of VXLAN?

Options:

It extends Layers 2 and Layer 3 overlay network over a Layer 2 underly.

It has a 12-byte packet header.

Its frame encapsulation is performed by MAC-in-UDP.

It uses TCP for transport

Question 19

Which language can be used to model configuration and state data?

Options:

JSON

XML

XDR

YANG

Question 20

Which deployment option of Cisco NGFW provides scalability?

Options:

tap

inline tap

high availability

clustering

Question 21

Which action controls the maximum cell size in a high-density wireless environment?

Options:

Statically set TX power on access points to max.

Disable low data rates.

Set mandatory data rates.

Decrease TX power on access points.

Question 22

Which protocol is used by vmanage to push centralized policies to vsmart controllers?

Options:

NETCONF

TLS

STUN

OMP

Question 23

Drag and drop the code snippets from the bottom onto the blanks in the Python script to convert a Python object into a JSON string. Not all options are used.

Options:

Question 24

Refer to the exhibit. An engineer must adjust the configuration so that Router A becomes the active router. Which commands should be applied to router A? (Choose two)

Options:

vrrp 1 priority 90

vrrp 1 timers advertise 1

vrrp lip 10.1.0.11

ip address 10.1.0.11 255.0.0.0

vrrp 1 priority 120

Question 25

Which two functions is an edge node responsible for? (Choose two.)

Options:

provides multiple entry and exit points for fabric traffic

provides the default exit point for fabric traffic

provides the default entry point for fabric traffic

provides a host database that maps endpoint IDs to a current location

authenticates endpoints

Question 26

What does the statement print(format(0.8, \0%')) display?

Options:

80%

8.8%

.08%

Question 27

When deploying Cisco SD-Access Fabric APs, where does the data plane VXLAN tunnel terminate?

Options:

on the first-hop fabric edge switch

on the WLC node

on the fabric border node switch

directly on the fabric APs

Question 28

What is the API keys option for REST API authentication?

Options:

a credential that is transmitted unencrypted

one-time encrypted token

a username that is stored in the local router

a predetermined string that is passed from client to server.

Question 29

Refer to the exhibit. Which HTTP request produced the REST API response that was returned by the Cisco Catalyst Center (formerly DNA Center) platform?

Options:

POST /auth/token

GET /network-device

GET /template-programmer/template/version/42a3df73-3ef4-49e2-b4f0-6927bbd4bf52

POST /discovery

Question 30

Drag and drop the code snippets from the bottom onto the blanks in the code to construct a request that configures a deny rule on an access list?

Options:

Question 31

What is a characteristics of a type 1 hypervisor?

Options:

It runs on top of the host operating system.

It is preferred for supporting nonproduction workloads.

It has greater latency than a Type 2 hypervisor.

It runs on top of bare metal servers.

Question 32

Refer to the exhibit.

Which EEM script generates a critical-level syslog message and saves a copy of the running configuration to the bootflash when an administrator saves the running configuration to the startup configuration?

Options:

Option A

Option B

Option C

Option D

Question 33

Which RF value represents the decline of the RF signal amplitude over a given distance"?

Options:

signal-to-noise ratio

received signal strength indicator

free space path loss

effective isotropic radiated power

Question 34

Which action is a LISP Map Resolver responsible for?

Options:

forwarding user data traffic

accepting map-request messages from ITRs

finding EID-to-RLOC mappings

accepting registration requests from ETRs

Question 35

A customer requests a design that includes GLBP as the FHRP. The network architect discovers that the members of the GLBP group have different throughput capabilities. Which GLBP load balancing method supports this environment?

Options:

host dependent

weighted

least connection

round robin

Question 36

What are two benefits of using Cisco TrustSec? (Choose two.)

Options:

unknown file analysis using sandboxing

advanced endpoint protection against malware

end-to-end traffic encryption

simplified management of network access

consistent network segmentation

Question 37

Refer to the exhibit. An engineer must configure a Cisco WLC with WPA2 Enterprise mode and avoid global server lists. Which action is required?

Options:

Enable EAP parameters.

Apply CISCO ISE default settings.

Disable the RADIUS server accounting interim update.

Select a RADIUS authentication server.

Question 38

Which method does FastLocate use to collect location-based information?

Options:

RFID

client probing

beacons

data packets

Question 39

An engineer must create a new SSID on a Cisco 9800 wireless LAN controller. The client has asked to use a pre-shared key for authentication. Which profile must the engineer edit to achieve this requirement?