300-415 Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Question and Answers

Which VManage dashboard is used to monitor the next-hop reachability between two devices traversing through OMP for a service VPN’

Which policy configures an application-aware routing policy under Configuration > Policies?

What is a description of vManage NMS?

What is the OMP graceful restart default value on vSmart controllers and WAN Edge routers?

Drag and drop the attributes from the left that make each transport location unique onto the right. Not all options are used.

What is the maximum number of IPsec that are temporarily created and converged on a new set if IPsec Sas in the pairwise keys process during a simultaneous rekey?

Refer to the exhibit.

A customer wants to implement primary and secondary Cisco SD-WAN overlay routing for prefixes that are advertised for both data centers. The east data center (TLOC 101.101.101.101) is primary for east sites, and the west data center (TLOC 100.100.100.100) is primary for west sites. Which configuration change achieves this objective?

An engineer is troubleshooting a certificate issue on vEdge. Which command is used to verify the validity of the certificates?

Refer to the exhibit.

Customer XYZ cannot provison dual connectivity on both Its routers due to budget constratnts but wants to use tnth RI and R2 interface for users behind them for load toward the hub site Which configurauon achieves this objectives?

A)

B)

C)

D)

Which configuration allows users to reach YouTube from a local Internet breakout?

A)

B)

C)

D)

Which two sets of identifiers does OMP carry when it advertises TLOC routes between WAN Edge routers? (Choose two.)

A network engineer must configure all branches to communicate with each other through the Service Chain Firewall located at the headquarters site. Which configuration allows the engineer to accomplish this task?

A)

B)

C)

D)

What are the two components of an application-aware firewall? (Choose two.)

Refer to the exhibit.

Which command-line configuration on a WAN Edge device achieves these results?

A)

B)

C)

D)

Drag and drop the steps from the left into the sequence on the right for a WAN Edge router after powering on for zero touch provisioning.

A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the master device. What must be configured to get the fastest failover to standby?

A network is configured with IP connectivity, and the routing protocol between devices started having problems right after the maintenance window to implement network changes. Troubleshoot and resolve to a fully functional network to ensure that:

R4

R5

Which Cisco SD-WAN configuration provides the advantages of day-zero deployment and reusable configuration components?

An engineering team must prepare a traffic engineering policy where an MPLS circuit is preferred for traffic coming from the Admin VLAN Internet should be used as a backup only. Which configuration fulfill this requirement?

A)

B)

C)

D)

Refer to the exhibit.

Customer XYZ cannot provision dual connectivity on both of its routers due to budget constraints but wants to use both R1 and R2 interlaces for users behind them for load balancing toward the hub site. Which configuration achieves this objective?

Refer to the exhibit. A customer wants to deploy service insertion at site1. Which traffic from VPN 10 must route to this site through a firewall. A policy must be in place to route VPN 10 traffic from all sites toward this firewall. Which configuration must be on the vSmart controller to meet this requirement?

Drag and drop the actions from the left into the correct sequence on the right to create a data policy to direct traffic to the Internet exit.

Which timer specifies information in the cache after all OMP sessions are lost at location S0123T4E56F78?

An administrator wants to create a policy to add a traffic policer called "politer-ccnp" to police data traffic on the WAN Edge. Which configuration accomplishes this task in vSmart?

An engineer must configure VRRP for redundancy on WAN Edge router1 running an earlier version than 20.6, considering WAN Edge router2 is configured correctly. Which configuration meets the requirement?

How are custom application ports monitored in Cisco SD-WAN controllers?

A company must avoid downtime at the remote sites and data plane to continue forwarding traffic between WAN Edge devices if the branch router loses connectivity to its OMP peers Which configuration meets the requirement?

A)

B)

C)

D)

How is the scalability of the vManage increased in Cisco SD-WAN Fabric?

Which two protocols are supported for software image delivery when images are hosted on a remote server? (Choose two.)

Which multicast component is irrelevant when defining a multicast replicator outside the local network without any multicast sources or receivers?

An administrator must configure an ACL for traffic coming in from the service-side VPN on a specific WAN device with circuit ID 391897770. Which policy must be used to configure this ACL?

Refer to the exhibit.

The network design team has advised to use private IP addresses and private colors over the SP circuit for the data plane connections. The Public IP should be used for control connections. Which configuration should be applied at SiteA to achieve this task?

An engineer configured a data policy called ROME-POLICY. Which configuration allows traffic flow from the Rome internal network toward other sites?

Refer to the exhibit.

What does the BFD value of 8 represent?

Which routing protocol has the highest default administrative distance?

Which two different states of a WAN Edge certificate are shown on vManage? (Choose two.)

Which policy tracks path characteristics such as loss, latency, and jitter in vManage?

Which device information is required on PNP/ZTP to support the zero-touch onboarding process?

How do WAN Edge devices operate when vSmart is inaccessible or fails to be reached by the WAN Edge?

Which control policy assigned to Drenches in the out direction establishes a strict hub-and-spoke topology tor VPN2?

A)

B)

C)

D)

An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?

Refer to the exhibit Cisco SD-WAN is deployed with controllers hosted in a data center All branches have WAN Edge devices with dual connections to the data center one via Internet and the other using MPLS Three branches out of 20 have issues with their control connections on MPLS circuit The local error refers to Control Connection Failure Which action resolves the issue*?

When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?

A network administrator is configuring a centralized control policy based on match action pairs for multiple conditions, which order must be configured to prefer Prefix List over TLOC and TLOC over Origin?

What is a key element used in a vBond Orchestrator redundancy topology?

Which OMP route is selected for equal OMP route preference values on WAN Edge routers?

What is the order of operations for software upgrades of Cisco SD-WAN nodes'?

What problem happens on a device with two serial numbers, a unique device identifier (UDI), and secure unique device identifier (SUDI) when an engineer provisions ISR 4000 by PnP using only a UDI?

In which Cisco SD-WAN deployment scenario does Cisco Umbrella SIG deliver the most value?

Drag and drop the components from the left onto the corresponding Cisco NFV infrastructure Building Blocks on the right. Not all options are used.

Which two vRoute attributes should be matched or set in vSmart policies and modified by data policies? (Choose two.)

Refer to the exhibit A small company was acquired by a large organization As a result, the new organization decided to update information on their Enterprise RootCA and generated a new certificate using openssl Which configuration updates the new certificate and issues an alert in vManage Monitor | Events Dashboard?

Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?

Which device information is requited on PNP/ZTP to support the zero-touch onboarding process?

Refer to the exhibit. The ge0/0 interface connects to a 30-MB link. A network administrator wants to always have 10 MB available for high priority traffic. When lower-priority traffic busts exceed 20 MB. Traffic should be redirected to the second WAN interface ge0/1. Which set of configurations accomplishes this task?

A)

B)

C)

D)

An engineer is applying QoS policy for the transport-side tunnel interfaces to enable scheduling and shaping for a WAN Edge cloud router Which command accomplishes the task?

An engineer must improve video quality by limiting HTTP traffic to the Internet without any failover. Which configuration in vManage achieves this goal?

What does forward error correction addresses in Cisco SO-WAN?

Drag and drop the vManage policy configuration procedures from the left onto the correct definitions on the right.

Refer to the exhibit.

Which two configurations are needed to get the WAN Edges registered with the controllers when certificates are used? (Choose two)

A network administrator is creating an OMP feature template from the vManage GUI to be applied to WAN edge routers. Which configuration attribute will avoid the redistribution of the routes back into the OMP from the LAN side?

An enterprise needs DIA on some of its branches with a common location ID: A041:B70C: D78E::18 Which WAN Edge configuration meets the requirement?

A)

B)

C)

D)

Refer to the exhibit.

Which configuration change is needed to configure the tloc-extention on Branch1-Edge1?

Refer to the exhibit.

The SD-WAN network is configured with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use MPLS TLOC as the preferred TLOC when communicating with Rome site. Which configuration must the engineer use to create a list to select MPLS color toward the Rome TLOC?

A)

B)

C)

D)

An engineer provisions a WAN Edge router. Which command should be used from the WAN Edge router to activate it with vManage?

The Cisco SD-WAN engineer is configuring service chaining for a next-generation firewall located at the headquarters. Which configuration creates the service?

A)

B)

C)

D)

Which TLOC color is used for site-to-site communication in a Google Cloud integration with Cisco SD-WAN?

A network administrator is configuring an application-aware firewall between inside zones to an outside zone on a WAN edge router using vManage GUI. What kind of Inspection is performed when the ‘’inspect’’ action is used?

In a Cisco SD-WAN network, which component is responsible for distributing route and policy information via the OMP?

An engineer creates this data policy for DIA for VPN 10:

Which policy sequence enables DIA for external networks?

Two sites have one WAN Edge each WAN Edge has two public TLOCs with no restriction configured. There is full reachability between the TLOCs. How many data tunnels are formed on each Edge router?

Drag and drop the BFD parameters from the left onto the BFD configurations on the right.

An engineer is adding a tenant with location ID 399533345 in vManage. What is the maximum number of alphanumeric characters that is accepted in the tenant name filed?

What do receivers request to join multicast streams in a Cisco SO-WAN network?

How is an event monitored and reported for an individual device in the overlay network at site ID:S4300T6E43F36?

Which two products that perform lifecycle management for virtual instances are supported by WAN Edge cloud routers? (Choose two.)

Refer to the exhibit.

The network team must configure branch B WAN Edge device 103 to establish dynamic full-mesh IPsec tunnels between all colors with branches over MPLS and Internet circuits. The branch ts configured with:

Which configuration meets the requirement?

A)

B)

C)

D)

Exhibit.

The SD-WAN network Is configured with a default full-mesh topology. The network engineer wants the Rome WAN Edge to use the MPLS TLOC as the preferred TLOC when ….. Telnet traffic as long as me MPLS Ink has these, characteristics:

Loss: 5%

Latency: 100ms

Jitter: 100 ms

Which configuration must the network engineer use to create a list that that classifies the MPLS link characteristics?

A)

B)

C)

D)

Which port is used for vBond under controller certificates if no alternate port is configured?

A Cisco SD-WAN customer has a requirement to calculate the SHA value for files as they pass through the device to see the returned disposition and determine if the file is good, unknown or malicious. The customer also wants to perform real-time traffic analysis and generate alerts when threats are detected Which two Cisco SD-WAN solutions meet the requirements? (Choose two.)

Which command disables the logging of syslog messages to the local disk?

An administrator needs to configure SD-WAN to divert traffic from the company's private network to an ISP network. What action should be taken to accomplish this goal?

An engineer modifies a data policy for DIA in VPN 200 to meet the requirements for traffic destined to these locations:

* external networks; must be translated

* external networks; must use a public TLOC color

* syslog servers, must use a private TLOC color

Here is the existing data policy configuration:

Which policy configuration sequence set meets the requirements?

Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?

Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?

How does the replicator role function in cisco SD-WAN?

Refer to the exhibit. The network administrator has configured a centralized topology policy that results in the displayed routing table at a branch office. Which two configurations are verified by the output? [Choose two.)

What is a benefit of the application-aware firewall?

Refer to the exhibit An engineer must configure a QoS policy between me hub and site A (spoke) over a standard internet circuit where traffic shaping is adjusted automatically based on evaiiabk» bandwidth Which configuration meets the requirement?

An administrator is configuring the severity level on the vManage NMS for events that indicate that an action must be taken immediately. Which severity level must be configured?

An engineer is configuring a list that matches all IP prefixes with lengths from /1 to /16 in a centralized control policy. Which list accomplishes this task?

Which Cisco router provides a distributed multicore architecture optimized for SD-WAN branch support?

Which two hardware platforms support Cisco IOS XE SD-WAN images'' (Choose two)

Which component of the Cisco SD-WAN control plane architecture should be located in a public Internet address space and facilitates NAT-traversal?

Refer to the exhibit.

An enterprise has hub and spoke topology where it has several VPNs. An engineer must allow users in VPN91 to reach users in VPN92 and VPN10 to reach VPN91 and VPN92. Which configuration meets these requirements?

Refer to the exhibit. An ongineer configured OMP with an ovorlay-as of 10666. What is tho AS-PATH for prefix 104.104.104.104/32 on R1007?

A customer has 1 to 100 service VPNs and wants to restrict outbound updates for VPN1 Which control policy configuration restricts these updates?

A)

B)

C)

D)

Which configuration allows VPN 10 traffic to have direct internet access locally from the WAN Edge device?

A)

B)

C)

D)

Drag and drop the alarm slates from the left onto the corresponding alarm descriptions on the right.

If Smart Account Sync is not used, which Cisco SD-WAN component is used to upload an authorized serial number file?

Which encryption algorithm is used for encrypting SD-WAN data plane traffic?

Which configuration step is taken on vManage after WAN Edge list is uploaded?

Refer to the exhibit.

An organization is testing a Cisco SD-WAN solution and decided to have the control plane established first and not the data plane at the time of migration. Which configuration achieves this goal?

Which actions must be taken to allow certain departments to require firewall protection when interacting with data center network without including other departments? (Choose two.)

Which two virtualized environments are available for a company to install the controllers using the on-premises model? (Choose two )

Drag and drop the devices from the left into order on the right to upgrade the software from version 19 to version 20.

Which component is responsible for routing protocols such as BGP and OSPF in a Cisco SD-WAN solution?

Which third-party Enterprise CA server must be used (or a cloud-based vSmart controller?

Refer to exhibit. An engineer is troubleshooting tear of control connection even though a valid CertificateSerialNumber is entered. Which two actions resolve Issue? (Choose two)

Refer to the exhibit The network team must configure application-aware routing for the Service VPN 50.0.0.0/16 The SLA must prefer MPLS for video traffic but the remaining traffic must use a public network What must be defined other than applications before the application-aware policy is create?

In which device state does the WAN edge router create control connections, but data tunnels are not created?

How many concurrent sessions does a vManage REST API have before it invalidates the least recently used session if the maximum concurrent session number is reached?

The network administrator is configuring a QoS scheduling policy on traffic received from transport side tunnels on WAN Edge 5000 routers at location 406141498 Which command must be configured on these devices?

Which two REST API functions are performed for Cisco devices in an overlay network? (Choose two)

Refer to the exhibit. An engineer is troubleshooting a control connection issue on a WAN Edge device that shows socket errors. The packet capture shows some ICMP packets dropped between the two devices. Which action resolves the issue?

When redistribution is configured between OMP and BGP at two Data Center sites that have Direct Connection interlink, which step avoids learning the same routes on WAN Edge routers of the DCs from LAN?

Which two criteria ate supported to filter traffic on a Cisco Umbrella Cloud-delivered firewall? (Choose two )

Which two products are used to deploy Cisco WAN Edge Router virtual platforms? (Choose two.)

Drag and drop the devices from the left onto the correct functions on the right.