Pre-Summer Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > Cisco > CCDE v3.0 > 400-007

400-007 Cisco Certified Design Expert (CCDE v3.1) Question and Answers

Question # 4

Which two technologies enable multilayer segmentation? (Choose two.)

A.

policy-based routing

B.

segment routing

C.

data plane markings

D.

firewalls

E.

filter lists

Full Access
Question # 5

As technologies such as big data, cloud, and loT continue to grow, so will the demand for network bandwidth Business strategies must be flexible to accommodate these changes when it comes to priorities and direction and the network design strategy also must be agile and adaptable Drag and drop the benefits from the left onto the corresponding strategic approaches on the right as they relate to network design and management.

Full Access
Question # 6

Network operators have many options available, from fully centralized to fully distributed control planes, and each approach has its own set of characteristics. Drag and drop the characteristics from the left onto the corresponding approach on the right.

Full Access
Question # 7

: 490

In order to achieve key business objectives, the design team of a hosting provider has identified a series of objectives in their cloud computing environments

•Customer data privacy and protection against external vulnerabilities must be improved.

•Access to sensitive data must be monitored and relevant regulations must be adhered to.

•Use data analyzing to optimize operations and business decision-making

Which step must be take to meet these requirements?

A.

Reducing rework and empowering data engineers to apply data governance policies more consistently throughout the IT infrastructure.

B.

Expand the ability to capture and store data with manual and well-defined methods of governing data.

C.

Apply data governance policies that depend on role-based access controls

D.

Enhance auditing and reporting capabilities of the design team to reveal authentication and authorization of data access.

Full Access
Question # 8

: 500

Scrum is a subset of Agile and is a lightweight process framework for Agile development. Which role becomes the interface between the business, the customers, and their product-related needs on one side, and the Team on the other?

A.

Scrum Master

B.

Program Manager

C.

Product Manager

D.

Product Owner

Full Access
Question # 9

An architect receives a functional requirement for a NAC system from a customer security policy stating that if a corporate Wi-Fi device does not meet current AV definitions, it cannot access the network until updated. Which component should be built into the NAC design?

A.

Posture assessment with remediation VLAN

B.

Quarantine SGTs

C.

dACLs with SGTs

D.

Quarantine VLAN

Full Access
Question # 10

Reter to the exhibit This network is running OSPF and EIGRP as the routing protocols Mutual redistribution of the routing protocols has been contoured on the appropriate ASBRs The OSPF network must be designed so that flapping routes m EIGRP domains do not affect the SPF runs within OSPF The design solution must not affect the way EIGRP routes are propagated into the EIGRP domains Which technique accomplishes the requirement?

A.

route summarization on the ASBR interfaces facing the OSPF domain

B.

route summarization on the appropriate ASBRs

C.

route summarization on the appropriate ABRs

D.

route summarization on EIGRP routers connecting toward the ASBR

Full Access
Question # 11

In the wake of a security compromise incident where the internal networks were breached by an outside attacker at the perimeter of the infrastructure, an enterprise is now evaluating potential measures that can help protect against the same type of incident in the future. What are two design options that can be employed? (Choose two)

A.

microzoning

B.

segmentation

C.

domain fencing

D.

virtualization

E.

microperimeters

Full Access
Question # 12

In outsourced IT services, the RTO is defined within the SLA. Which two support terms are often included in the SLA by IT and other service providers? (Choose two.)

A.

Network size and cost

B.

Support availability

C.

Network sustainability

D.

Network reliability

E.

Resolution time

Full Access
Question # 13

Which extensions to GRE tunneling provide session tracking and in-order packet delivery in exchange for additional state stored in tunnel endpoints?

A.

GRE Protocol Type and Checksum extension fields.

B.

GRE Version and Reserved0 extension fields.

C.

No extension fields are available in the GRE header to track session data and packet sequences.

D.

GRE Key and Sequence number extensions.

Full Access
Question # 14

Refer to the exhibit.

The WAN network of the General Bank of Greece has experienced several outages. It takes too long to activate a new branch site. The networking department of the bank plans to upgrade the legacy end-of-life WAN network with a new flexible, manageable, and scalable in-house solution. The number of branches will increase exponentially in the next fiscal year. The CTO states that the bank’s main goal is OPEX reduction. The network engineering team prepares a table to evaluate the available options. Which WAN technology can be used for the solution?

A.

DMVPN over L3VPN

B.

Managed SD-WAN

C.

SD-WAN over L3VPN

D.

SD-WAN over L2VPN

Full Access
Question # 15

Which two factors must be considered for high availability in campus LAN designs to mitigate concerns about unavailability of network resources? (Choose two.)

A.

Device resiliency

B.

Device type

C.

Network type

D.

Network resiliency

E.

Network size

Full Access
Question # 16

Which design principle improves network resiliency?

A.

Added load-balancing

B.

Added redundancy

C.

Added confidentiality

D.

Added reliability

Full Access
Question # 17

Company XYZ, a global content provider, owns data centers on different continents. Their data center design involves a standard three-layer design with a Layer 3-only core. VRRP is used as the FHRP. They require VLAN extension across access switches in all data centers and plan to purchase a Layer 2 interconnection between two of their data centers in Europe. In the absence of other business or technical constraints, which termination point is optimal for the Layer 2 interconnection?

A.

At the core layer, to offer the possibility to isolate STP domains

B.

At the access layer because the STP root bridge does not need to align with the VRRP active node

C.

At the core layer because all external connections must terminate there for security reasons

D.

At the aggregation layer because it is the Layer 2 to Layer 3 demarcation point

Full Access
Question # 18

A network architect must redesign a service provider edge, where multiservice and multitenant PEs are currently present. Which design feature should be minimized in the new design to achieve reliability?

A.

bridging

B.

fate sharing

C.

redundancy

D.

unicast overlay routing

Full Access
Question # 19

Drag and drop the characteristics from the left onto the corresponding network management options on the right.

Full Access
Question # 20

What is a disadvantage of the traditional three-tier architecture model when east-west traffic between different pods must go through the distribution and core layers?

A.

Low bandwidth

B.

Security

C.

Scalability

D.

High latency

Full Access
Question # 21

An enterprise plans to evolve from a traditional WAN network to a software-defined WAN network. The existing devices have limited capability when it comes to virtualization. As the migration is carried out, enterprise applications and services must not experience any traffic impact. Which implementation plan can be used to accommodate this during the migration phase?

A.

Deploy controllers, deploy SD-WAN edge routers in the data center, and migrate branch sites.

B.

Migrate data center WAN routers, migrate branch sites, and deploy SD-WAN edge routers.

C.

Migrate branch sites, migrate data center WAN routers, and deploy controllers.

D.

Deploy SD-WAN edge routers in the data center, deploy controllers, and migrate branch sites.

Full Access
Question # 22

What are the two benefits of using northbound APIs in SDN architecture? (Choose two.)

A.

They provide a way to manage the SDN and configure network policies

B.

They connect the SDN controller to the underlying network devices.

C.

They provide a way for the SDN controller to communicate with network devices

D.

They provide, a way for the SDN to control change management

E.

They connective SDN controller to higher-level management, systems

Full Access
Question # 23

As part of workspace digitization, a large enterprise has migrated all their users to Desktop as a Service (DaaS), by hosting the backend system in their on-premises data center. Some of the branches have started to experience disconnections to the DaaS at periodic intervals, however, local users in the data center and head office do not experience this behavior. Which technology can be used to mitigate this issue?

A.

tail drop

B.

traffic shaping

C.

WRED

D.

traffic policing

Full Access
Question # 24

A network design includes a long signaling delay in notifying the Layer 3 control plane that an interface has failed. Which two of these actions would reduce that delay? (Choose two.)

A.

Increase network stability.

B.

Reduce the time for the network to reconverge.

C.

Increase the notification of interface flaps.

D.

Enable lower data link layer recovery systems to have an opportunity to restore the interface.

Full Access
Question # 25

The goal for any network designer is to strive to build a resilient network that adapts to changing conditions rapidly with minimal impact on the services running over the network. A resilient network can adapt to failures, but which soft failure can be harder to define and detect?

A.

A network with operational challenges due to lack of skills

B.

A network that is not running in an optimal way

C.

A network which does not solve complexity issues

D.

A network or service that experiences outages

Full Access
Question # 26

An architect receives a business requirement from a CTO that states the RTO and RPO for a new system should be as close as possible to zero. Which replication method and data center technology should be used?

A.

asynchronous replication over dual data centers via DWDM

B.

synchronous replication over geographically dispersed dual data centers via MPLS

C.

synchronous replication over dual data centers via Metro Ethernet

D.

asynchronous replication over geographically dispersed dual data centers via CWDM

Full Access
Question # 27

There are varying requirements and motivations for improving the scalability and resilience of an enterprise application. The relative importance of these requirements and constraints varies depending on the type of app. the profile of the users, and the scale and maturity of the organization in which it is deployed. What are two common business drivers that deals with these aspects? (Choose two.)

A.

Minimize time spent investigating failures.

B.

Build apps using the latest industry patterns and practices.

C.

Ensure that user demand can be met during periods of high usage.

D.

Reduce the frequency of failures requiring human intervention.

E.

Increase flexibility and agility to handle changing market demands.

Full Access
Question # 28

As part of a design solution a consultant needs to describe the trade-offs between different SDN models Drag the characteristics on the left to the correct controller-based network designs on the right in no particular order.

Full Access
Question # 29

Which two statements explain the operation of BFD asynchronous mode? (Choose two.)

A.

BFD asynchronous mode with echo packets combines the control packets and echo packets into a single packet.

B.

BFD asynchronous mode without echo packets uses control packets, and BFD asynchronous mode with echo packets does not.

C.

BFD asynchronous mode with and without echo packets use control packets.

D.

BFD asynchronous without echo packets has control packets sent back to the originating router, which echoes the control packet to detect failures.

E.

BFD asynchronous mode with echo packets uses separate control packets and echo packets.

Full Access
Question # 30

Company XYZ is designing their network using the three-layer hierarchical model. At which layer must the QoS design classify or mark the traffic?

A.

Access

B.

Core

C.

Collapsed core

D.

Distribution

Full Access
Question # 31

Which two features describe controller-based networking solutions compared to traditional networking solutions? (Choose two.)

A.

Inflate licensing costs

B.

Reduce network configuration complexity

C.

Provide centralization of primary IT functions

D.

Allow for fewer network failures

E.

Increase network bandwidth usage

Full Access
Question # 32

An organization is looking to perform a major overhaul on their data center storage infrastructure with a focus on high availability and fault tolerance Which approach will accomplish this?

A.

Implementing a single storage array with RAID 0 configuration for maximum storage capacity.

B.

Using a clustered storage setup with active-active controllers for load balancing.

C.

Utilizing a distributed storage system with multiple geographically dispersed nodes

D.

Deploying a storage virtualization solution to aggregate multiple storage devices

Full Access
Question # 33

As a service provider is implementing Strong Access Control Measures, which two of the following PCI Data Security Standard requirements must be met? (Choose two . )

A.

Assign a unique ID to each person with computer access.

B.

Restrict access to cardholder data to on a need-to-know basis.

C.

Encrypt transmission of cardholder data across open or public networks.

D.

Each location must require validating PCI compliance if business has multiple locations.

E.

Protect stored cardholder data.

Full Access
Question # 34

The Company XYZ network is experiencing attacks against their router. Which type of Control Plane Protection must be used on the router to protect all control plane IP traffic that is destined directly for one of the router interfaces?

A.

Control Plane Protection host subinterface

B.

Control Plane Protection main interface

C.

Control Plane Protection transit subinterface

D.

Control Plane Protection CEF-exception subinterface

Full Access
Question # 35

Which two actions must be taken when assessing an existing wireless network implementation for its readiness to support voice traffic? (Choose two.)

A.

Check for high roaming delay.

B.

Check for uniform radio coverage across the floors.

C.

Check for high channel utilization.

D.

Check for latency over wireless.

E.

Identify frequent TX power changes.

Full Access
Question # 36

An Agile for Infrastructure transition often means dismantling traditional IT hierarchies and rebuilding it to align with business objectives and workflows. Organizations are seeing the benefits of using automation tools in the network such as faster, more efficient, and more effective delivery of products and services. Which two components help increase overall productivity and improve company culture? (Choose two.)

A.

Agile code practices

B.

Infrastructure-as-code

C.

Controlled infrastructure

D.

DevOps practices

E.

Dedicated infrastructure

Full Access
Question # 37

Which two statements describe the functionality of OSPF packet-pacing timers? (Choose two.)

A.

The group-pacing timer controls the interval that is used for group and individual LSA refreshment

B.

OSPF flood-pacing timers allow dynamic control of the OSPF transmission queue size

C.

OSPF retransmission-pacing timers allow control of interpacket spacing between consecutive link-state update packets in the OSPF retransmission queue

D.

OSPF retransmission-pacing timers allow control of packet interleaving between nonconsecutive link-state update packets in the OSPF retransmission queue

E.

OSPF flood-pacing timers allow control of interpacket spacing between consecutive link-state update packets in the OSPF transmission queue

Full Access
Question # 38

A banking customer determines that it is operating POS and POI terminals that are noncompliant with PCI DSS requirements, as it is running TLSv1.0. The customer plans to migrate the terminals to TLSv1.2. What are two requirements to complete the migration? (Choose two.)

A.

Ensure that strong cryptography is applied for users who have administrative access through networks

B.

Apply strong cryptography and security protocols to safeguard sensitive cardholder data.

C.

Apply strong encryption for transmission of cardholder data across public networks.

D.

Protect all user systems against malware and frequently update antivirus software

E.

Maintain a policy that addresses information security for employees and third parties.

Full Access
Question # 39

Which two benefits can software-defined networks provide to businesses? (Choose two.)

A.

Provides additional redundancy

B.

Decentralized management

C.

Reduced latency

D.

Enables innovation

E.

Reduction of OpEx/CapEx

F.

Meets high traffic demands

Full Access
Question # 40

Company XYZ plans to run OSPF on a DMVPN network. They want to use spoke-to-spoke tunnels in the design. What is a drawback or concern in this type of design?

A.

Additional host routes will be inserted into the routing tables

B.

Manual configuration of the spokes with the appropriate priority will be needed

C.

There will be split-horizon issue at the hub

D.

Manual configuration of the spoke IP address on the hub will be needed

Full Access
Question # 41

Which three tools are used for ongoing monitoring and maintenance of a voice and video environment? (Choose three.)

A.

Flow-based analysis to measure bandwidth mix of applications and their flows

B.

Call management analysis to identify network convergence-related failures

C.

Call management analysis to identify CAC failures and call quality issues

D.

Active monitoring via synthetic probes to measure loss, latency, and jitter

E.

Passive monitoring via synthetic probes to measure loss, latency, and jitter

F.

Flow-based analysis with PTP time-stamping to measure loss, latency, and jitter

Full Access
Question # 42

Which actions are performed at the distribution layer of the three-layer hierarchical network design model? (Choose two)

A.

Fast transport

B.

Reliability

C.

QoS classification and marking boundary

D.

Fault isolation

E.

Redundancy and load balancing

Full Access
Question # 43

A business customer deploys workloads in the public cloud but now faces governance issues related to IT traffic flow and data security. Which action helps identify the issue for further resolution?

A.

Set up a secure tunnel from customer routers to protect traffic to cloud providers.

B.

Send IPFIX telemetry data from customer routers to a centralized collector to identify traffic to cloud providers.

C.

Build a zone-based firewall policy on Internet edge firewalls that collects statistics on traffic to cloud providers.

D.

Apply workload policies that dictate security requirements for cloud workloads.

Full Access
Question # 44

What is the most important operational driver when building a resilient and secure modular network design?

A.

Reduce the frequency of failures requiring human intervention

B.

Minimize app downtime

C.

Increase time spent on developing new features

D.

Dependencies on hardware or software that is difficult to scale

Full Access
Question # 45

Backups and mirror copies of data are part of RPO (Recovery Point Objective) strategies. If a business wants to reduce their CAPEX for disaster recovery, which solution is most applicable?

A.

Perform an annual cybersecurity assessment or penetration test

B.

Renew backup software annually to get the newest version

C.

Migrate parts of or all the infrastructure to the cloud

D.

Build a redundant infrastructure at another location

Full Access
Question # 46

In a distributed cloud-native environment, calls to services and cloud resources can fail caused by unanticipated events that will require longer periods of time to resolve. These faults can range in severity from a partial loss of connectivity to the complete failure of a service. In these situations, it ' s pointless for an application to continually retry an operation that is unlikely to succeed. Which pattern can prevent an application from repeatedly trying to execute an operation that ' s likely to fail?

A.

circuit breaker

B.

bulkhead

C.

fallback

D.

timeout

Full Access
Question # 47

An enterprise SDWAN customer based in the US has several branches in Europe Currently branches use the HQ in the US to access both internal and external services over an MPLS arcuit The design team has been tasked to suggest a solution allowing branches to access their cloud-based office productivity tools and services directly Since all their applications and services are hosted in the cloud, the design team has also been asked to come up with a solution, so branches can connect to the cloud directly from the branch as well Which two cost-effective and optimized solutions can be suggested? (Choose two)

cloud onRamp (SaaS)

A.

DIA

B.

software-defined cloud interconnects

C.

cloud SSO broker

D.

cloud hubs

Full Access
Question # 48

Drag and drop the end-to-end network virtualization elements from the left onto the correct network areas on the right.

Full Access
Question # 49

A consultant needs to explain different project management methodologies to a customer.

Drag and drop the characteristics from the left onto the corresponding methodologies on the right in no particular order.

Full Access
Question # 50

Company XYZ is designing the network for IPv6 security and they have these design requirements:

A switch or router must deny access to traffic from sources with addresses that are correct but topologically incorrect.

Devices must block Neighbor Discovery Protocol resolution for destination addresses not found in the binding table.

Which two IPv4 security features are recommended for this company? (Choose two)

A.

IPv6 DHCP Guard

B.

IPv6 Source Guard

C.

IPv6 Destination Guard

D.

IPv6 Prefix Guard

E.

IPv6 RA Guard

Full Access
Question # 51

Which hybrid cloud environment enables businesses to more readily stage data-intensive and time-sensitive tasks closer to the source, which reduces latency, eases networking requirements, and improves data protection?

A.

edge computing

B.

application migration

C.

digital transformation

D.

distributed data processing

Full Access
Question # 52

What is a characteristic of a secure cloud architecture model?

A.

limited access to job function

B.

dedicated and restricted workstations

C.

multi-factor authentication

D.

software-defined network segmentation

Full Access
Question # 53

Company XYZ is designing the IS-IS deployment strategy for their multiarea IS-IS domain. They want IS-IS neighbor relationships minimized on each segment and the LSDB size optimized. Which design can be used?

A.

Design all routers as Level 2 routers. Set the links between the routers as Level 1 with the area

B.

Design the network so that the routers connecting to other areas are Level 2 routers and internal routers are Level 1

C.

Design the network so that all routers are Level 1 routers

D.

Design the network so that the routers connecting to other areas are Level 1/Level 2 routers and internal routers are Level 1

Full Access
Question # 54

Setting a specific goal for throughput based on per-second data rates between end hosts does not identify the requirements for specific applications When specifying throughput goals for applications, it is important to understand the throughput requirements for each application Which two factors that can constrain application layer throughput? (Choose two.)

A.

protocol parameters, such as frame size and retransmission timers

B.

sent packets or cells at networking devices

C.

the pps or cps rate of networking devices

D.

workstation and server availability

E.

end-to-end throughput rates

Full Access
Question # 55

If the desire is to connect virtual network functions together to accommodate different types of network service connectivity, what must be deployed?

A.

Bridging

B.

Service Chaining

C.

Linking

D.

Daisy Chaining

E.

Switching

Full Access
Question # 56

A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. Recently, they added a new branch to their network. Due to physical security concerns, they want to extend their existing IP CCTV network of the head office to the new branch, without any routing changes in the network. They are also under some time constraints. What is the best approach to extend the existing IP CCTV network to the new branch, without incurring any IP address changes?

A.

GRE

B.

EoMPLS

C.

VXLAN

D.

L2TPv3

Full Access
Question # 57

Which two design options are available to dynamically discover the RP in an IPv6 multicast network? (Choose two)

A.

Embedded RP

B.

MSDP

C.

BSR

D.

Auto-RP

E.

MLD

Full Access
Question # 58

The Layer 3 control plane is the intelligence over the network that steers traffic toward its intended destination Which two techniques can be used in service provider-style networks to offer a more dynamic, flexible, controlled, and secure control plane design? (Choose two.)

A.

remote black-holing trigger

B.

prefix lists

C.

firewalls

D.

access control lists

E.

QoS policy propagation with BGP

Full Access
Question # 59

A company with an existing multivendor network is moving from 1 G dark fiber to an ISP virtual leased-line solution The company ' s internal security policy states that any traffic traversing a network that is not owned by the company must be encrypted What must be used to meet the requirements?

A.

IPsec AH

B.

Dynamic Multipoint VPN tunnel

C.

IPsec ESP

D.

GETVPN tunnel

Full Access
Question # 60

Refer to the exhibit.

This network is running legacy STP 802.1d. Assuming " hello_timer " is fixed to 2 seconds, which parameters can be modified to speed up convergence times after single link/node failure?

A.

The transit_delay=5 and bpdu_delay=20 are recommended values, considering hello_timer=2 and specified.

B.

Only the maximum_transmission_halt_delay and diameter parameters are configurable parameters in 802.1d to speed up STP convergence process.

C.

The max_age and forward delay parameters can be adjusted to speed up STP convergence process.

D.

Only the transit_delay and bpdu_delay timers are configurable parameters in 802.1d to speed up STP convergence process.

Full Access
Question # 61

Which two characteristics are associated with 802.1s? (Choose two)

A.

802.1s supports up to 1024 instances of 802.1

B.

802.1s is a Cisco enhancement to 802.1w.

C.

802.1s provides for faster convergence over 802.1D and PVST+.

D.

CPU and memory requirements are the highest of all spanning-tree STP implementations.

E.

802.1s maps multiple VLANs to the same spanning-tree instance.

Full Access
Question # 62

A centralized control plane generally means one or more controllers gather the reachability and topology information from each switching device and calculate some part of the forwarding information at some place. How can a centralized control plane be defined or described?

A.

ability to detect and react to changes remotely at each device

B.

set of processes running in a virtual or physical machine

C.

protocol running on each device

D.

set of algorithms implemented on all devices

Full Access
Question # 63

A network engineering team is in the process of designing a lab network for a customer demonstration. The design engineer wants to show that the resiliency of the MPLS Traffic Engineering Fast Reroute solution has the same failover/failback times as a traditional SONET/SDH network (around 50 msec). In order to address both link failure and node failure within the lab topology network, which type of the MPLS TE tunnels must be considered for this demonstration?

A.

TE backup tunnel

B.

Next-hop (NHop) tunnel

C.

FRR Backup tunnel

D.

Next-next-hop (NNHop) tunnel

Full Access
Question # 64

A network hacker is trying to interrupt the transport packet on IPsec. A packet with duplicate sequence numbers is introduced. The customer sends high-priority traffic during this window. Which design parameter should be considered to mitigate this issue?

A.

Classify and mark duplicate sequence packets.

B.

Enable anti-replay window.

C.

Increase QoS shape policy.

D.

Restrict key operations in the IPsec tunnel.

Full Access
Question # 65

: 482

Even with two different device platforms that support NETCONF or any other common transport method it does not mean they are compatible from a tooling and/or a developer’s perspective What is required to get the compatibility?

A.

Both devices must use a common data modeling language

B.

Both devices should have vendor-specific interoperability

C.

Both devices must use the same versions of NETCONF

D.

Both devices must support the same NETCONF features

Full Access
Question # 66

You are designing a network for a branch office. In order to improve convergence time, you are required to use the BFD feature. Which four routing protocols can you use to facilitate this? (Choose four.)

A.

IS-IS

B.

static

C.

RIP

D.

EIGRP

E.

BGP

Full Access
Question # 67

Company XYZ has 30 sites using MPLS L3 VPN and is concerned about data integrity. They want a centralized configuration model and minimal overhead. Which technology can be used?

A.

S-VTI

B.

DMVPN

C.

MGRE

D.

GET VPN

Full Access
Question # 68

Which technology supports antispoofing and does not have any impact on encryption performance regardless of packet size?

A.

MACsec

B.

IP source guard

C.

DHCP snooping with DAI

D.

IPsec

Full Access
Question # 69

QUESTION 69 Refer to the exhibit. AJI links are P2P Layer 3. A high availability application is synchronizing data between host A and host B. To increase chance of delivery the same data is sent twice from host A on two different NICs toward the two NICs on host B.

Refer to the exhibit. All links are P2P Layer 3. A high availability application is synchronizing data between Host A and Host B. To increase the chance of delivery, the same data is sent twice from Host A on two different NICs toward the two NICs on Host B.

Which solution must be deployed in the network to ensure that any failure in the network does not trigger data loss on Host B?

A.

EIGRP with feasible successors

B.

BFD

C.

IP Fast Reroute

D.

Static routes

Full Access
Question # 70

Which two design solutions ensure sub-50 msec of the convergence time after a link failure in the network? (Choose two)

A.

BFD

B.

Ti-LFA

C.

Minimal BGP scan time

D.

MPLS-FRR

E.

IGP fast hello

Full Access
Question # 71

What are two primary design constraints when a robust infrastructure solution is created? (Choose two.)

A.

Monitoring capabilities

B.

Project time frame

C.

Staff experience

D.

Component availability

E.

Total cost

Full Access
Question # 72

Drag and drop the design use cases from the left onto the correct uRPF techniques used to prevent spoofing attacks Not all options are used.

Full Access
Question # 73

A customer asks you to perform a high-level review of their upcoming WAN refresh for remote sites. The review is specially focused on their retail store operations consisting of 500+ locations connected via multipoint IPsec VPN solution. Which routing protocol would be valid but would also be the most restrictive for the expansion of this deployment model?

A.

EIGRP

B.

IS-IS

C.

OSPF

D.

BGP

Full Access
Question # 74

With virtualization being applied in many parts of the network, every physical link is likely to carry one or more virtual links, but what is a drawback in cases like this?

A.

unneeded tunneling

B.

fate sharing

C.

serialization delay

D.

bandwidth utilization

Full Access
Question # 75

An enterprise network has two core routers that connect to 200 distribution routers and uses full-mesh IBGP peering between these routers as its routing method. The distribution routers are experiencing high CPU utilization due to the BGP process. Which design solution is the most cost effective?

A.

Implement route reflectors on the two core routers

B.

Increase the memory on the core routers

C.

Implement eBGP between the core and distribution routers

D.

Increase the memory on the distribution routers

E.

Increase bandwidth between the core routers

Full Access
Question # 76

In search of a system capable of hosting, monitoring, compiling, and testing code in an automated way, what can be recommended to the organization?

A.

Jenkins

B.

Ansible

C.

Perl

D.

Chef

Full Access
Question # 77

In a controller-based network architecture, between which of the two elements the southbound interface does the communication happen with a goal to program the data plane forwarding tables? (Choose two)

A.

core components

B.

forwarding lane

C.

layer interface

D.

networking device

E.

controller

Full Access
Question # 78

You are designing the QoS policy for a company that is running many TCP-based applications. The company is experiencing tail drops for these applications. The company wants to use a congestion avoidance technique for these applications. Which QoS strategy can be used?

A.

Weighted fair queuing

B.

Weighted random early detection

C.

Low-latency queuing

D.

First-in first-out

Full Access
Question # 79

A software-defined network can be defined as a network with an API that allows applications to understand and react to the state of the network in near real time A vendor is building an SDN solution that exposes an API to the RIB and potentially the forwarding engine directly The solution provides off-box processes with the capability to interact with the routing table in the same way as a distributed routing process Which SDN framework model does the solution use?

A.

replace

B.

augmented

C.

hybrid

D.

distributed

Full Access
Question # 80

You are tasked to design a QoS policy for a service provider so they can include it in the design of their MPLS core network. If the design must support an MPLS network with six classes, and CEs will be managed by the service provider, which QoS policy should be recommended?

A.

map IP CoS bits into the IP Precedence field

B.

map flow-label bits into the Exp field

C.

map IP precedence bits into the DSCP field

D.

map DSCP bits into the Exp field

Full Access
Question # 81

A business wants to refresh its legacy Frame Relay WAN and consolidate product specialists via video in 200 branches. Which technology should be used?

A.

DMVPN phase 1 network over the Internet

B.

Layer 3 MPLS VPN hub and spoke

C.

Layer 2 VPLS

D.

Layer 3 MPLS VPN full mesh

Full Access
Question # 82

When a detection system for protecting a network from threats sourced from the Internet is designed there are two common deployment methods, where the system is placed differently relative to the perimeter firewall

•An unfiltered detection system examines the raw Internet data streams before it reaches the firewall

•A screened detection solution which monitors traffic that is allowed through the firewall Both have its advantages and disadvantages drag and drop the characteristics on the left to the corresponding category on the right in no particular order.

Full Access
Question # 83

Company XYZ has a new network based on IPv6. Some of the subnets that they are planning to use will be confidential and need an addressing scheme that confines them to the local campus network. Which type of IPv6 addresses can be used for these networks in the IPv6 addressing design?

A.

local addresses

B.

private addresses

C.

link-local addresses

D.

unique local addresses

Full Access
Question # 84

When planning their cloud migration journey, what is crucial for virtually all organizations to perform?

A.

SASE framework deployment

B.

Optimizing the WAN environment

C.

Assessment of current infrastructure

D.

RPO and RTO calculations duration planning

Full Access
Question # 85

: 476

While designing a robust network architecture for a large e-commerce dient that has recently decided to make a global expansion of their cloud-based applications and services a network architect is evaluating cloud connectivity options The top priorities are low-latency and high- throughput connectivity between their on-premises data centers and the cloud providers Which cloud connectivity solution fits in this specific use case?

A.

cloud On-Ramp

B.

WAN integration

C.

MPLS direct connect

D.

direct connect

Full Access
Question # 86

: 495

An organization has two branches connected over the Internet circuit using IPsec tunnels established on their edge routers belonging to different vendors Recently these branches were the victims of a DoS attack resulting in failure to establish the tunnels They are now looking for a better tunneling solution allowing full interoperability between vendors and allowing a standardized set of authentication methods Furthermore the solution must support detection of the peer’s state as well as having support for next-gen encryption algorithms. Which protocol meets these requirements and is known to be resistant to DoS attacks?

A.

L2TP/IPsec

B.

OpenVPN/Blowfish

C.

IPsec BFD

D.

IKEv2

Full Access
Question # 87

Which three elements help network designers to construct secure systems that protect information and resources (such as devices, communication, and data) from unauthorized access, modification, inspection, or destruction? (Choose three.)

A.

confidential

B.

serviceability

C.

reliability

D.

availability

E.

integrity

F.

scalability

Full Access
Question # 88

Which design solution reduces the amount of IGMP state in the network?

A.

IGMP filtering

B.

IGMPv3 with PIM-SSM

C.

Multiple multicast domains

D.

One multicast group address throughout network regardless of IGMP version

Full Access
Question # 89

: 488

The modularity built into the architecture allows flexibility in network design and facilitates implementation and troubleshooting Which solution is difficult to implement manage and troubleshoot especially for large networks?

A.

functional boundaries

B.

logical core layers

C.

distribution network

D.

hierarchical model

Full Access
Question # 90

Which two control plane policer designs must be considered to achieve high availability? (Choose two.)

A.

Control plane policers are enforced in hardware to protect the software path, but they are hardware platform dependent in terms of classification ability.

B.

Control plane policers are really needed only on externally facing devices.

C.

Control plane policers can cause the network management systems to create false alarms.

D.

Control plane policers must be processed before a forwarding decision is made.

E.

Control plane policers require that adequate protocol overheads are factored in to allow protocol convergence.

Full Access
Question # 91

A multinational organization has decided to migrate its business-critical operations to a hybrid cloud solution They are concerned about data governance, particularly regarding data sovereignty, ownership, and locale The company operates in multiple countries with strict data privacy regulations Which solution best ensures compliance with data governance regulations ' ?

A.

Implement a private cloud solution with data centers within the company ' s own premises.

B.

Utilize a public cloud provider with data centers located in different countries around the world.

C.

Store all data in a single data center located in the country where the company is headquartered

D.

Distribute data across multiple data centers located in different countries based on user location

Full Access
Question # 92

Drag and drop the multicast protocols from the left onto the current design situation on the right.

Full Access
Question # 93

Following a series of security incidents, where hackers have been able to successfully gain access to the network with varying levels of access, the CTO of a large corporation has launched an initiative to ensure that there is end-to-end visibility inside the corporate network Which two technologies are relevant to include in the analysis that is started as part of the initiative? (Choose two.)

A.

NETCONF

B.

Openflow

C.

RSPAN

D.

Floodlight

E.

IPFIX

Full Access
Question # 94

A BGP route reflector in the network is taking longer than expected to converge during large network changes. Troubleshooting shows that the router cannot handle all the TCP acknowledgements during route updates. Which action can be performed to tune the device performance?

A.

Increase the size of the hold queue.

B.

Increase the size of the large buffers.

C.

Decrease the size of the small buffers.

D.

Increase the keepalive timers for each BGP neighbor.

Full Access
Question # 95

Refer to the exhibit.

Which impact of using three or more ABRs between the backbone area and area 1 is true?

A.

In a large-scale network LSA replication by all ABRs can cause serious scalability issues

B.

Multiple ABRs reduce the CPU processing on each ABR due to splitting prefix advertisement

C.

In a large-scale network multiple ABRs can create microloops

D.

Prefixes from the non-backbone area are advertised by one ABR to the backbone

Full Access
Question # 96

Which two characteristics apply to firewall transparent mode operations in a firewall solution design? (Choose two.)

A.

Changes in the existing IP addressing and subnets are required

B.

The firewall can participate actively on spanning tree.

C.

Multicast traffic can traverse the firewall.

D.

OSPF adjacencies can be established through the firewall

E.

The firewall acts like a router hop in the network.

Full Access
Question # 97

A company uses equipment from multiple vendors in a data center fabric to deliver SDN, enable maximum flexibility, and provide the best return on investment. Which YANG data model should be adopted for comprehensive features to simplify and streamline automation for the SDN fabric?

A.

Proprietary

B.

OpenConfig

C.

Native

D.

IETF

Full Access
Question # 98

While designing a switched topology, in which two options is UplinkFast recommended? (Choose two.)

A.

when switches of different spanning-tree types are connected (for example. 802.1d connecting to 802.1w)

B.

on distribution layer switches

C.

when hello timers are changed to more aggressive values

D.

on access layer switches

E.

on the core switches

Full Access
Question # 99

A business wants to refresh its legacy Frame Relay WAN It currently has product specialists in each of its 200 branches but plans to reduce and consolidate resources. The goal is to have product specialists available via video link when customers visit the nationwide branch offices Which technology should be used to meet this objective?

A.

Layer 2 VPLS

B.

Layer 3 MPLS VPN hub and spoke

C.

Layer 3 MPLS VPN full mesh

D.

DMVPN phase 1 network over the internet

Full Access
Question # 100

The controller has a global view of the network, and it can easily ensure that the network is in a consistent and optimal configuration. Which two statements describe a centralized SDN control path? (Choose two.)

A.

Scaling of the centralized controller cluster is challenging for services like DHCP and load-balancing.

B.

It is highly-available by design with no single-point-of-failure risks present.

C.

Integrating smart NIC capabilities on the local host level is made easier through REST APIs.

D.

It significantly improves the latency when performing reactive handling of PACKET_IN events.

E.

The centralized controller can support all southbound APIs, which allows for easy integration with legacy equipment.

Full Access
Question # 101

A large enterprise customer is planning a new WAN connection to its headquarters The current architecture is dual homed with static routing but users complain when a specific link fails Failure of the other link does not affect any services or applications The new WAN connection must provide the headquarters with a resilient network design and increase the return on investment Which solution should be recommended to the customer?

A.

Implement granular quality of service on the links.

B.

Procure additional bandwidth.

C.

Use dynamic routing toward the WAN.

D.

Add an additional link to the WAN.

Full Access
Question # 102

When designing a WAN that will be carrying real-time traffic, what are two important reasons to consider serialization delay? (Choose two.)

A.

Serialization delays are invariable because they depend only on the line rate of the interface.

B.

Serialization delays are variable because they depend on the line rate of the interface and on the type of the packet being serialized.

C.

Serialization delay is the time required to transmit the packet on the physical media.

D.

Serialization delays are variable because they depend only on the size of the packet being serialized.

E.

Serialization delay depends not only on the line rate of the interface but also on the size of the packet.

Full Access
Question # 103

Refer to the exhibit A solution architect is tasked with designing a quick fault detection and convergence solution based on a set of requirements

•Due to the use of voice applications, users must ideally not experience traffic disruption in excess of 100 milliseconds in case of link or node failures in OSPF area 100. •The enterprise requires the network to be highly available

•Traffic must quickly switch to another path without waiting for the OSPF dead interval to kick in What can be included in the design in order to meet these requirements?

A.

Make OSPF peers use BFD and set the BFD timers to an appropriate value.

B.

Enable IP SLA tracking with next hop to OSPF peer

C.

Use fault propagation timers specified in milliseconds for the OSPF SPF algorithm.

D.

Adjust SPF delay and LSA interval timers in OSPF protocol.

Full Access
Question # 104

You were tasked to enhance the security of a network with these characteristics:

A pool of servers is accessed by numerous data centers and remote sites

The servers are accessed via a cluster of firewalls

The firewalls are configured properly and are not dropping traffic

The firewalls occasionally cause asymmetric routing of traffic within the server data center.

Which technology should you recommend to enhance security by limiting traffic that could originate from a hacker compromising a workstation and redirecting flows at the servers?

A.

Poison certain subnets by adding static routes to Null0 on the core switches connected to the pool of servers.

B.

Deploy uRPF strict mode.

C.

Limit sources of traffic that exit the server-facing interface of the firewall cluster with ACLs.

D.

Deploy uRPF loose mode.

Full Access
Question # 105

You want to mitigate failures that are caused by STP loops that occur before UDLD detects the failure or that are caused by a device that is no longer sending BPDUs. Which mechanism do you use along with UDLD?

A.

Root guard

B.

BPDU guard

C.

Loop guard

D.

BPDU filtering

Full Access
Question # 106

Drag and drop the QoS technologies from the left onto the correct capabilities on the right

Full Access
Question # 107

Company XYZ has two routing domains in their network, EIGRP and OSPF. The company wants to provide full reachability between the two domains by implementing redistribution on a router running both protocols They need to design the redistribution in a way that the OSPF routers will see link costs added to external routes. How must the redistribution strategy be designed for this network?

A.

Redistributed using metric type 2 into OSPF

B.

Redistribute using metric type 1 into EIGRP

C.

Redistribute using metric type 1 into OSPF

D.

Redistribute using metric type 2 into EIGRP

Full Access
Question # 108

Which two benefits can software defined networks provide to businesses? (Choose two.)

A.

Provides additional redundancy

B.

Decentralized management

C.

Reduced latency

D.

Enables innovation

E.

Reduction of OpEx/CapEx

F.

Meets high traffic demands

Full Access
Question # 109

A multinational enterprise integrates a cloud solution with these objectives:

• Achieve seamless connectivity across different countries and regions

• Extend data center and private clouds into public clouds and provider-hosted clouds

What are two outcomes of deploying data centers and fabrics that interconnect different cloud networks? (Choose two.)

A.

Enhanced security

B.

Data and network ownership

C.

Ability to place workloads across clouds

D.

Centralized visibility

E.

Unidirectional workload mobility across the cloud

Full Access
Question # 110

Company XYZ is redesigning their QoS policy. Some of the applications used by the company are real-time applications. The QoS design must give these applications preference in terms of transmission. Which QoS strategy can be used to fulfill the requirement?

A.

weighted fair queuing

B.

weighted random early detection

C.

low-latency queuing

D.

first-in first-out

Full Access
Question # 111

SDN is still maturing Throughout the evolution of SDN which two things will play a key role in enabling a successful deployment and avoiding performance visibility gaps in the infrastructure’ (Choose two.)

A.

peer-to-peer controller infrastructure

B.

failing back to old behaviours

C.

dynamic real-time change

D.

rapid on-demand growth

E.

integration of device context

Full Access
Question # 112

During a pre-sales meeting with a potential customer, the customer CTO asks a question about advantages of controller-based networks versus a traditional network. What are two advantages to mention? (Choose two)

A.

Per device forwarding tables

B.

Programmatic APIs available per device

C.

Abstraction of individual network devices

D.

Distributed control plane

E.

Consistent device configuration

Full Access
Question # 113

A rapidly growing e-commerce business with a global customer base needs a robust network design that can support their business-critical operations and ensure low-latency access for their customers around the globe. The IT team is considering different solutions to meet their requirements. Which network design is suitable for these needs?

A.

Rely on a peer-to-peer network architecture to distribute the workload among customer devices.

B.

Implement a fully on-premises network infrastructure with dedicated servers in different geographic locations.

C.

Utilize a public cloud provider to provide hosting for web servers and databases.

D.

Adopt a hybrid cloud approach, using a mix of public cloud services and private on-premises servers.

Full Access
Question # 114

You are designing the routing design for two merging companies that have overlapping IP address space. Which of these must you consider when developing the routing and NAT design?

A.

Local to global NAT translation is done after routing

B.

Global to local NAT translation is done before routing

C.

Local to global NAT translation is done before policy-based routing

D.

Global to local NAT translation is done after policy-based routing

Full Access
Question # 115

Which component of the SDN architecture automatically ensures that application traffic is routed according to policies established by network administrators?

A.

Packet forwarding engine

B.

Northbound API

C.

Southbound API

D.

SDN controller

Full Access
Question # 116

What is an advantage of using Agile over Waterfall methodology in the network design lifecycle?

A.

dosed loop operation

B.

lower total cost

C.

ideal for large projects

D.

reduced risk in the design process

Full Access
Question # 117

: 487

Which layer of the SDN architecture orchestrates how the applications are given the resources available in the network?

A.

orchestration layer

B.

northbound API

C.

control layer

D.

southbound API

Full Access
Question # 118

Which development model is closely associated with traditional project management?

A.

Static model

B.

Agile model

C.

Evolutionary delivery model

D.

Lifecycle model

Full Access
Question # 119

What are two design constraints in a standard spine and leaf architecture? (Choose two.)

A.

Spine switches can connect to each other.

B.

Each spine switch must connect to every leaf switch.

C.

Leaf switches must connect to each other.

D.

Endpoints connect only to the spine switches.

E.

Each leaf switch must connect to every spine switch.

Full Access
Question # 120

: 494 DRAG DROP

The customer ' s network manager asked for some key points to use m a presentation on overlay/underlay features and responsibilities. Drag and drop the features or responsibilities from the left onto the corresponding groups on the right in no particular order.

Full Access
Question # 121

A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. They want to extend the existing IP CCTV network to a new branch without routing changes or IP address changes. What is the best approach?

A.

GRE

B.

L2TPv3

C.

VXLAN

D.

EoMPLS

Full Access
Question # 122

A business wants to centralize services via VDI technology and to replace remote WAN desktop PCs with thin client-type machines to reduce operating costs. Which consideration supports the new business requirement?

A.

VDI servers should be contained centrally within a DMZ

B.

The thin client traffic should be placed in a WAN QoS priority queue

C.

VDI servers should be contained within dedicated VLANs in each branch location

D.

The WAN should offer low latency and be resized

Full Access
Question # 123

Which option is a fate-sharing characteristic in regards to network design?

A.

A failure of a single element causes the entire service to fail

B.

It protects the network against failures in the distribution layer

C.

It acts as a stateful forwarding device

D.

It provides data sequencing and acknowledgment mechanisms

Full Access
Question # 124

An engineer must redesign the QoS strategy for Company XYZ The current network is experiencing many dropped packets due to oversubscription of the guaranteed bandwidth allocated by the service provider Company XYZ wants a design with a QoS strategy that controls the traffic flow leaving the Edge router to minimize packet drops Which QoS technique can be recommended as a solution?

A.

LLQ

B.

rate-Limiting

C.

policing

D.

traffic shaping

Full Access
Question # 125

A networking team needs to prevent spoofing attacks They are describing the different uRPF design use cases so they can identify and deploy the optimal mode in various parts of their network

Drag and drop the use cases from the left onto the corresponding uRPF technique on the right Not all options are used

Full Access
Question # 126

A network architect is designing a policy where database applications access the internet directly, while other traffic routes through the data center, with dynamic path switching based on performance. Which solution meets these requirements?

A.

MPLS L3VPN with QoS

B.

Cloud OnRamp for IaaS

C.

Cloud OnRamp for SaaS

D.

MPLS Direct Connect

Full Access
Question # 127

Company XYZ allows employees to use any open desk and plug their laptops in. They want authentication using domain credentials and future capability for segmentation within the same subnet. Which protocol can be recommended?

A.

LDAP

B.

EAP

C.

TACACS+

D.

RADIUS

Full Access
Question # 128

Software-defined networking architecture is used for cost-effective, adaptable, and easily manageable applications. In which two software-defined networks is SDN commonly used? (Choose two.)

A.

Wide area network

B.

Mobile network

C.

Metro network

D.

Application network

E.

Control network

Full Access
Question # 129

A European national bank considers migrating its on-premises systems to a private cloud offering in a non-European location to significantly reduce IT costs. What is a primary factor prior to migration?

A.

data governance

B.

additional latency

C.

security

D.

cloud connectivity

Full Access
Question # 130

Which two elements are key in strategic network design and planning?

A.

customer requirements

B.

network distribution

C.

business strategy

D.

production delivery

E.

demand and supply ratio

Full Access
Question # 131

Which relationship between IBGP and the underlying physical topology is true?

A.

iBGP full mesh requirement does not dictate any specific network topology.

B.

iBGP can work only on a ring network topology with a link-state protocol like OSPF or IS-IS.

C.

iBGP full mesh requires an underlying fully meshed network topology.

D.

iBGP does not work on a ring network topology even with an underlying IGP.

Full Access
Question # 132

Which design benefit of bridge assurance is true?

A.

It supposes a spanning-tree topology change upon connecting and disconnecting a station on a port

B.

It prevents switched traffic from traversing suboptimal paths on the network.

C.

It allows small, unmanaged switches to be plugged into ports of access switches without the risk of switch loops.

D.

It prevents switch loops caused by unidirectional point-to-point link condition on Rapid PVST+ and MST

Full Access
Question # 133

As a network designer, you need to support an enterprise with hundreds of remote sites connected over a single WAN network that carries different types of traffic, including VoIP, video, and data applications. Which of the following design considerations will not impact design decision?

A.

Focus on the solution instead of the problem, which helps to reduce downtime duration

B.

The location of the data collection

C.

What direction the data or flows should be metered

D.

Identify traffic types and top talkers over this link

Full Access
Question # 134

Various teams in different organizations within an enterprise are preparing low-level design documents using a Waterfall project model. Input from relevant stakeholders was captured at the start of the project, and the scope has been defined. What impact will it have if stakeholders ask for changes before documentation is complete?

A.

This provides more opportunity to think outside the box.

B.

Rework is expected before the delivery.

C.

Significant effort and time are required.

D.

This provides a flexible approach to incorporate changes.

Full Access
Question # 135

Which two advantages of using DWDM over traditional optical networks are true? (Choose two.)

A.

inherent topology flexibility and service protection provided without penalty through intelligent oversubscription of bandwidth reservation

B.

ability to expand bandwidth over existing optical infrastructure

C.

inherent topology flexibility with built-in service protection

D.

inherent topology flexibility with intelligent chromatic dispersion

E.

inherent topology flexibility with service protection provided through a direct integration with an upper layer protocol

Full Access
Question # 136

Which optimal use of interface dampening on a fast convergence network design is true?

A.

When occasional flaps of long duration occur

B.

When numerous adjacent flaps of very short duration occur

C.

When the router hardware is slower than the carrier delay down detection

D.

When the switch hardware is faster than the debounce timer down detection

Full Access
Question # 137

A network security team uses a purpose-built tool to actively monitor the campus network, applications, and user activity. The team also analyzes enterprise telemetry data from IPFIX data records that are received from devices in the campus network. Which action can be taken based on the augmented data?

A.

Reduction in time to detect and respond to threats

B.

Integration with an incident response plan

C.

Adoption and improvement of threat-detection response

D.

Asset identification and grouping decisions

Full Access
Question # 138

Sometimes SDN leverages various overlay networking technologies to create layer(s) of network abstraction. What describes an overlay network?

A.

It transmits packets that traverse over network devices like switches and routers

B.

It encapsulates packets at source and destination, which incurs additional overhead

C.

Packet delivery and reliability occurs at Layer 3 and Layer 4

D.

It is responsible for the delivery of packets; NAT- or VRF-based segregation is required

Full Access
Question # 139

SDN controllers need to sustain healthy operation under the pressure of different objectives from the applications they host. High availability can be achieved through improved southbound APIs and controller placement heuristics and formal models. Which two implementation strategy help to maximize resilience and scalability? (Choose two.)

A.

Efficient implementation by connecting forwarding devices to multiple controller.

B.

Cost-effective implementation by connecting forwarding devices to single controller.

C.

Controller deployment planning is more dependent on network size than on the topology.

D.

Controller deployment planning is more dependent on network type than application need

E.

Controller deployment planning is more dependent on the topology than on network size.

Full Access
Question # 140

: 483

Direct cloud connectivity provides secure high-performance and end-to-end connectivity needed to run critical applications that have requirements that cannot be met when using the Internet What is the primary benefit gained from direct cloud connectivity?

A.

End-to-end visibility and management of the entire enterprise network

B.

Avoids network contention and unpredictable routing changes

C.

End to end connectivity SLA with deterministic latency and performance

D.

Consistent and guaranteed SLA backend performance to the closest peering point

Full Access
Question # 141

Which aspect of BGP-LS makes it scalable in large network when multiarea topology information must be gathered?

A.

transmit flow control

B.

TCP-based flow control

C.

open-loop flow control

D.

hardware flow control

Full Access
Question # 142

Which main IoT migration aspect should be reviewed for a manufacturing plant?

A.

Sensors

B.

Security

C.

Applications

D.

Wi-Fi Infrastructure

E.

Ethernet Switches

Full Access
Question # 143

Two companies need to implement an extranet overlay network solution by using a VPN tunnel over the internet to use each other ' s HTTP REST APIs. The solution must only provide data integrity because data confidentiality will be covered at the application layer The existing firewall devices will be used as VPN endpoints for the tunnel but they have limited available resources Which type of VPN tunnel must be deployed for the extranet service?

A.

GRE olPsec

B.

GRE tunnel

C.

IPsec ESP

D.

IPsec AH

Full Access
Question # 144

What is the best approach in a large legacy application migration scenario when the goal is to complete the migration in the shortest possible time?

A.

refactoring

B.

replatfoming

C.

rearchitecting

D.

rehosting

Full Access
Question # 145

Which architecture does not require an explicit multicast signaling protocol, such as PIM or P2MP, to signal the multicast state hop-by-hop, but instead uses a link state protocol to advertise the multicast forwarding state?

A.

Binary indexed explicit routing

B.

Binary intermediate enhanced routing

C.

Bit indexed explicit replication

D.

Bi-directional implicit replication

Full Access
Question # 146

Which two features control multicast traffic in a VLAN environment? (Choose two)

A.

IGMP snooping

B.

MLD snooping

C.

RGMP

D.

PIM snooping

E.

pruning

Full Access
Question # 147

An architect prepares a network design for a startup company. The design must meet business requirements while the business grows and divests due to rapidly changing markets. What is the highest priority in this design?

A.

The network should be hierarchical.

B.

The network should be modular.

C.

The network should be scalable.

D.

The network should have a dedicated core.

Full Access
Question # 148

Which solution component helps to achieve comprehensive threat protection and compliance for migration to multicloud SDX architectures?

A.

System-oriented architecture

B.

OSASE architecture

C.

Platform-oriented architecture

D.

SASE architecture

Full Access
Question # 149

Which DCI technology utilizes a “flood and learn” technique to populate the Layer 2 forwarding table?

A.

LISP

B.

OTV

C.

VPLS

D.

EVPN

Full Access
Question # 150

An enterprise service provider is planning to migrate the customer network to MPLS to connect cloud applications The customer network team and service provider team are analyzing all process (tows before live migration and implementation Before planning the migration, what is a crucial task that must be executed?

A.

real-time process monitoring and maintenance

B.

impact forecasts and risk analysis

C.

application packaging and deployment

D.

impact analysis and application refactoring

Full Access