300-415 Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Question and Answers

What is the main purpose of using TLOC extensions in WAN Edge router configuration?

A large retail organization decided to move some of the branch applications to the AWS cloud. How does the network architect extend the in-house Cisco SD-WAN branch to cloud network into AWS?

Refer to the exhibit, which configuration configures IPsec tunnels in active and standby?

Drag and drop the actions from the left into the correct sequence on the right to create a data policy to direct traffic to the Internet exit.

Refer to the exhibit Which configuration must the engineer use to form underlay connectivity for the Cisco SD-WAN network?

A)

B)

C)

D)

An engineer must configure two branch WAN Edge devices where an Internet connection is available and the controllers are in the headquarters. The requirement is to have IPsec VPN tunnels established between the same colors. Which configuration meets the requirement on both WAN Edge devices?

Refer to the exhibit. Which configuration ensures that OSPP routes learned from Site2 are reachable at Stein and vice-versa?

Refer to the exhibit. An enterprise decides to use the Cisco SD-WAN Cloud onRamp for SaaS feature and utilize H.Q site Biz iNET to reach SaaS Cloud for branch C. currently reaching SaaS Cloud directly. Which role must be assigned to devices at both sites in vManage Cloud Express for this solution to work?

An engineer is adding a tenant with location ID 399533345 in vManage. What is the maximum number of alphanumeric characters that is accepted in the tenant name filed?

Which feature builds transport redundancy by using the cross link between two redundant WAN Edge routers?

Which two advanced security features are available on the Cisco SD-WAN WAN Edge (vEdge) device? (Choose two.)

Refer to the exhibit. Company ABC has a hub-and-spoke topology in place and currently is load balancing their data traffic at the hub site over MPLS and the public Internet. The leased circuit must be preferred over the shared circuit. Which configuration meets the requirement?

An engineer must advertise OSPF-learned routes and modify the update interval for route filtering by TLOC color to 300 on an SD-WAN device. Which configuration accomplishes this

task?

Refer to the exhibit. A user in the branch is connecting to Office 365 for the first time. Over which path does the branch WAN Edge router traffic follow?

What is the ZTP workflow for Cisco IOS XE-based devices?

Refer to the exhibit The network team must configure ElGRP peering at HQ with devices in the service VPN connected to WAN Edge CSRv. CSRv is currently configured with

Which configuration on the WAN Edge meets the requiremnet

A)

B)

C)

D)

Which two virtualized environments are available for a company to install the controllers using the on-premises model? (Choose two )

How is the software managed in Cisco SD-WAN?

Refer to the exhibit. A network administrator is configuring OSPF advanced configuration parameters from a template using the vManager GUI for a branch WAN Edge router to calculate the cost of summary routes to an ASBR. Which action achieves this configuration?

Which SD-WAN component is configured to enforce a policy to redirect branch-to-branch traffic toward a network service such as a firewall or IPS?

An engineer is configuring a data policy for packets that must be captured through the policy. Which command accomplishes this task?

What does forward error correction addresses in Cisco SO-WAN?

Refer to the exhibit.

The Cisco SD-WAN network is configured with a default full-mesh topology. An engineer wants Paris WAN Edge to use the Internet HOC as the preferred TLOC for MSN Messenger and AOL Messenger traffic. Which policy achieves this goal?

A)

B)

C)

D)

An enterprise deployed a Cisco SD-WAN solution with hub-and-spoke topology using MPLS as the preferred network over the Internet. A network engineer must implement an application-aware routing policy to allow ICMP traffic to be load-balanced over both the available links. Which configuration meets the requirement?

A)

B)

C)

D)

Drag and drop the attributes from the left that make each transport location unique onto the right. Not all options are used.

When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?

What is a benefit of the application aware firewall feature in the Cisco SD-WAN solution?

Which alarm setting is configured to monitor serious events that affect but do not shut down, the operation of a network function?

A customer has MPLS and Internet as the TLOC colors An engineer must configure conlroJIers with the Internet and not with MPLS Which configuration achieves this requirement on vManage?

A)

B)

C)

D)

Which two criteria ate supported to filter traffic on a Cisco Umbrella Cloud-delivered firewall? (Choose two )

Which multicast component is irrelevant when defining a multicast replicator outside the local network without any multicast sources or receivers?

A policy is created to influence routing in the network using a group of prefixes. What policy application will achieve this goal when applied to a site list?

Which policy blocks TLOCs from remotes and allows TLOCs from the data center to form hub-and-spoke peering?

Refer to the exhibit.

An enterprise has hub and spoke topology where it has several VPNs. An engineer must allow users in VPN91 to reach users in VPN92 and VPN10 to reach VPN91 and VPN92. Which configuration meets these requirements?

How are policies deployed on cloud-tiosted Cisco SD-WAN controllers?

Which two platforms for the Cisco SD-WAN architecture are deployable in a hypervisor on-premises or in IAAS Cloud? (Choose two.)

Refer to the exhibit Which configuration ensures that OSPF routes learned from Site2 are reachable at Sitel and vice-versa?

Refer to the exhibit.

Which shaping-rate does the engineer use to shape traffic at 9 Mbps?

Refer to the exhibit.

Customer XYZ cannot provison dual connectivity on both Its routers due to budget constratnts but wants to use tnth RI and R2 interface for users behind them for load toward the hub site Which configurauon achieves this objectives?

A)

B)

C)

D)

Drag and drop the alarm states from the left onto the corresponding alarm descriptions on the right.

How is lhe software managed in Cisco SD-WAN?

Drag and drop the definitions from the left to the configuration on the right.

Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?

Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?

An engineer creates this data policy for DIA for VPN 10:

Which policy sequence enables DIA for external networks?

Which two metrics must a cloud Edge router use to pick the optimal path for a SaaS application reachable via a gateway site? (Choose two.)

Which port is used for vBond under controller certificates if no alternate port is configured?

What are two benefits of installing Cisco SD-WAN controllers on cloud-hosted services? (Choose two.)

On which device is a service FW address configured to Insert firewall service at the hub?

A voice packet requires a latency of 50 msec. Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?

An organization wants to discover monitor and track the applications running on the WAN Edge device on the LAN Which configuration achieves this goal?

Which platform cannot provide IPS and URL filtering capabilities?

How is TLOC defined?

Refer to exhibit. An engineer is troubleshooting tear of control connection even though a valid CertificateSerialNumber is entered. Which two actions resolve Issue? (Choose two)

Refer to the exhibit.

A customer wants to implement primary and secondary Cisco SD-WAN overlay routing for prefixes that are advertised for both data centers. The east data center (TLOC 101.101.101.101) is primary for east sites, and the west data center (TLOC 100.100.100.100) is primary for west sites. Which configuration change achieves this objective?

What is a key element used in a vBond Orchestrator redundancy topology?

Refer to the exhibit An engineer must configure a QoS policy between me hub and site A (spoke) over a standard internet circuit where traffic shaping is adjusted automatically based on evaiiabk» bandwidth Which configuration meets the requirement?

Which action is performed during the onboarding process when a WAN Edge router is connected to ZTP server ztp.viptela com?

Drag and drop the Cisco SD-WAN components from the left onto their functions on the right.

Which Cisco SD-WAN WAN Edge platform supports LTE and Wi-Fi?

What problem happens on a device with two serial numbers, a unique device identifier (UDI), and secure unique device identifier (SUDI) when an engineer provisions ISR 4000 by PnP using only a UDI?

An engineer is tasked to improve throughput for connection-oriented traffic by decreasing round-trip latency. Which configuration will achieve this goal?

An enterprise has these three WAN connections:

public Internet

business internet

MPLS

An engineer must configure two available links to route traffic via both links. Which configuration achieves this objective?

How many vManage NMSs should be installed in each domain to achieve scalability and redundancy?

An engineer must avoid routing loops on the SD-WAN fabric for routes advertised between data center sites Which BGP loop prevention attribute must be configured on the routers to meet this requirement?

Which SD-WAN devices require multicast PIM and IGMP configurations when setting up SD-WAN multicast?

An administrator is configuring the severity level on the vManage NMS for events that indicate that an action must be taken immediately. Which severity level must be configured?

What is the behaviour of vBond orchestrator?

Which Cisco SD-WAN configuration provides the advantages of day-zero deployment and reusable configuration components?

Refer to the exhibit.

Which command-line configuration on a WAN Edge device achieves these results?

A)

B)

C)

D)

Which percentage for total memory or total CPU usage for a device is classified as normal in the WAN Edge Health pane?

What are the two protocols redistributed into OMP? (Choose two.)

What is the default value (in milliseconds) set tor the poll interval in the BFD basic configuration?

An engineer is creating a policy for VPN1 users. Their scavenger traffic at site 101 must pass through a firewall. Which two match conditions must be selected to enable this policy? (Choose two.)

Which device in the SD- WAN solution receives and categorizes event reports, and generates alarms?

Which component of the Cisco SD-WAN secure extensible network provides a single pane of glass approach to network monitoring and configuration?

Which value is verified in the certificates to confirm the identity of the physical WAN Edge device?

What is the advantage of instating the controller on-premises?

An administrator must deploy the controllers using the On-Prem method while vManage can access the PnP portal from inside How are the two WAN Edge authorized allowed lists to be made available to vManage? (Choose two)

What is the order of operations for software upgrades of Cisco SD-WAN nodes'?

What is the purpose of ‘’vpn 0’’ in the configuration template when onboarding a WAN edge node?

A network administrator configures SNMFV3 on a Cisco WAN Edge router from CL I for monitoring purposes How many characters are supported by the snmp user username command?

What is the default value for the number of paths advertised per prefix in the OMP feature template?

How is multicast routing enabled on devices in the Cisco SD-WAN overlay network?

Refer to the exhibit. An engineer configures a hub-and-spoke SD-WAN topology with the requirement that traffic from router A branch to router B branch is guaranteed to flow through the network hub, router C. Which configuration meets the requirement for router A?

Exhibit.

The SD-WAN network is configured with a default full-mash topology. An engineer wants Barcelona and Paris to communicate to each other through the London site using a control Which control policy configuration accomplishes the task?

A)

B)

C)

D)

Which two mechanisms are used to guarantee the integrity of data packets in the Cisco SD-WAN architecture data plane? {Choose two)

What are two attributes of vRoute? (Choose two)

Which policy allows communication between TLOCs of data centers and spokes and blocks communication between spokes?

How is vBond reachability resolved by vManage?

An engineer configures policing with a rate of 125 Bps and a burst rate of 8000 bits, as shown here:

Which configuration completes this task?

Refer to the exhibit. A Cisco SD-WAN network carries traffic for several departments and over 1200 users with several applications at site A and site B branches over the MPLS1 circuit. An engineer is provisioning a higher bandwidth on-demand metro circuit as a backup connection. Which two configurations must the engineer apply to implement the on-demand tunnels? (Choose two.)

Which configuration step is taken on vManage after WAN Edge list is uploaded?

Which protocol is used by the REST API to communicate with network devices in the Cisco SD-WAN network?

Which component of the Cisco SD-WAN network assures that only valid customer nodes are participating in the overlay network?

What are the default username and password for vSmart Controller when it is installed on a VMware ESXi hypervisor'?

Which table is used by the vSmart controller to maintain service routes of the WAN Edge routers in the hub and local branches?

Refer to the exhibit.

What does the BFD value of 8 represent?

Refer to the exhibit An engineer is configuring a QoS policy to shape traffic for VLAN 100 on a subinterface Which policy configuration accomplishes the task?

A)

B)

C)

D)

An engineer must configure local redundancy on a site. Which configuration accomplish this task?

Which policy tracks path characteristics such as loss, latency, and jitter in vManage?

Refer to the exhibit. The ge0/0 interface connects to a 30-MB link. A network administrator wants to always have 10 MB available for high priority traffic. When lower-priority traffic busts exceed 20 MB. Traffic should be redirected to the second WAN interface ge0/1. Which set of configurations accomplishes this task?

A)

B)

C)

D)

Refer to the exhibit. An administrator is configuring a policy in addition to an existing hub-and-spoke policy for two sites that should directly communicate with each other. How is this policy configured?

Which component of the Cisco SD-WAN control plane architecture should be located in a public Internet address space and facilitates NAT-traversal?

An engineer wants to track tunnel characteristics within an SLA-based policy for convergence. Which policy configuration will achieve this goal?

Refer to the exhibit. An engineer must configure the Overlay Management Protocol route preference so that when B2 tries to reach host routes advertised by B1 it always chooses the MPLS circuit. Which two match conditions must be configured to accomplish this task? (Choose two.)

Drag and drop the REST API calls from the left onto the functions on the right.

A customer has 1 to 100 service VPNs and wants to restrict outbound updates for VPN1 Which control policy configuration restricts these updates?

A)

B)

C)

D)

An engineer wants to automate the onboarding process for a WAN Edge router with vManage. Which command will accomplish this?

Refer to the exhibit.

An organization is testing a Cisco SD-WAN solution and decided to have the control plane established first and not the data plane at the time of migration. Which configuration achieves this goal?

Which template configures the out-of-band management VPN?

A)

B)

C)

D)

Which OMP route is selected for equal OMP route preference values on WAN Edge routers?

Refer to the exhibit.

An engineer is troubleshooting an issue where vManage and vSmart have a problem establishing a connection to vBond. Which action fixes the issue?

An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?

Which VPN must be present on at least one interface to install Cisco vManage and integrate it with WAN Edge devices in an overlay network site ID:S4307T7E78F29?

Which scheduling method is configured by default for the eight queues in the cloud vEdge router1?

Which type of lists are used to group related items via an application-aware routing policy under the policy lists command hierarchy on vSmart controllers?

Refer to the exhibit vManage and vBond have an issue establishing a connection with each other Which action resolves the issue?

When the VPN membership policy is being controlled at the vSmart controller, which policy disallows VPN 1 at sites 20 and 30?

A)

B)

C)

D)

Which on-the-box security feature supported by the Cisco ISR 4451 SD-WAN device and not on vEdge?

Which storage format Is used when vManage Is deployed as a virtual machine on a KVM hypervisor?

Refer to the exhibit.

Which QoS treatment results from this configuration after the access list acl-guest is applied inbound on the vpn1 interface?

Which set of elements are verified by the controller to confirm the identity of edge devices?

Drag and drop the BFD parameters from the left onto the BFD configurations on the right.

Which policy configuration must be used to classify traffic as it enters the branch WAN Edge router to be put into the desired output queue?

A)

B)

C)

D)

Drag and drop the vManage policy configuration procedures from the left onto the correct definitions on the right.

An engineer is troubleshooting a vEdge router and identifies a “DCONFAIL – DTLS connection failure” message. What is the problem?

What is the maximum number of IPsec that are temporarily created and converged on a new set if IPsec Sas in the pairwise keys process during a simultaneous rekey?

An engineer must use data prefixes to configure centralized data policies using the vManage policy configuration wizard. What is the first step to accomplish this task?

Drag and drop the devices from the left into order on the right to upgrade the software from version 19 to version 20.