As technologies such as big data, cloud, and loT continue to grow, so will the demand for network bandwidth Business strategies must be flexible to accommodate these changes when it comes to priorities and direction and the network design strategy also must be agile and adaptable Drag and drop the benefits from the left onto the corresponding strategic approaches on the right as they relate to network design and management.

Network operators have many options available, from fully centralized to fully distributed control planes, and each approach has its own set of characteristics. Drag and drop the characteristics from the left onto the corresponding approach on the right.

: 490
In order to achieve key business objectives, the design team of a hosting provider has identified a series of objectives in their cloud computing environments
•Customer data privacy and protection against external vulnerabilities must be improved.
•Access to sensitive data must be monitored and relevant regulations must be adhered to.
•Use data analyzing to optimize operations and business decision-making
Which step must be take to meet these requirements?
: 500
Scrum is a subset of Agile and is a lightweight process framework for Agile development. Which role becomes the interface between the business, the customers, and their product-related needs on one side, and the Team on the other?
An architect receives a functional requirement for a NAC system from a customer security policy stating that if a corporate Wi-Fi device does not meet current AV definitions, it cannot access the network until updated. Which component should be built into the NAC design?

Reter to the exhibit This network is running OSPF and EIGRP as the routing protocols Mutual redistribution of the routing protocols has been contoured on the appropriate ASBRs The OSPF network must be designed so that flapping routes m EIGRP domains do not affect the SPF runs within OSPF The design solution must not affect the way EIGRP routes are propagated into the EIGRP domains Which technique accomplishes the requirement?
In the wake of a security compromise incident where the internal networks were breached by an outside attacker at the perimeter of the infrastructure, an enterprise is now evaluating potential measures that can help protect against the same type of incident in the future. What are two design options that can be employed? (Choose two)
In outsourced IT services, the RTO is defined within the SLA. Which two support terms are often included in the SLA by IT and other service providers? (Choose two.)
Which extensions to GRE tunneling provide session tracking and in-order packet delivery in exchange for additional state stored in tunnel endpoints?
Refer to the exhibit.

The WAN network of the General Bank of Greece has experienced several outages. It takes too long to activate a new branch site. The networking department of the bank plans to upgrade the legacy end-of-life WAN network with a new flexible, manageable, and scalable in-house solution. The number of branches will increase exponentially in the next fiscal year. The CTO states that the bank’s main goal is OPEX reduction. The network engineering team prepares a table to evaluate the available options. Which WAN technology can be used for the solution?
Which two factors must be considered for high availability in campus LAN designs to mitigate concerns about unavailability of network resources? (Choose two.)
Company XYZ, a global content provider, owns data centers on different continents. Their data center design involves a standard three-layer design with a Layer 3-only core. VRRP is used as the FHRP. They require VLAN extension across access switches in all data centers and plan to purchase a Layer 2 interconnection between two of their data centers in Europe. In the absence of other business or technical constraints, which termination point is optimal for the Layer 2 interconnection?
A network architect must redesign a service provider edge, where multiservice and multitenant PEs are currently present. Which design feature should be minimized in the new design to achieve reliability?
Drag and drop the characteristics from the left onto the corresponding network management options on the right.

What is a disadvantage of the traditional three-tier architecture model when east-west traffic between different pods must go through the distribution and core layers?
An enterprise plans to evolve from a traditional WAN network to a software-defined WAN network. The existing devices have limited capability when it comes to virtualization. As the migration is carried out, enterprise applications and services must not experience any traffic impact. Which implementation plan can be used to accommodate this during the migration phase?
What are the two benefits of using northbound APIs in SDN architecture? (Choose two.)
As part of workspace digitization, a large enterprise has migrated all their users to Desktop as a Service (DaaS), by hosting the backend system in their on-premises data center. Some of the branches have started to experience disconnections to the DaaS at periodic intervals, however, local users in the data center and head office do not experience this behavior. Which technology can be used to mitigate this issue?
A network design includes a long signaling delay in notifying the Layer 3 control plane that an interface has failed. Which two of these actions would reduce that delay? (Choose two.)
The goal for any network designer is to strive to build a resilient network that adapts to changing conditions rapidly with minimal impact on the services running over the network. A resilient network can adapt to failures, but which soft failure can be harder to define and detect?
An architect receives a business requirement from a CTO that states the RTO and RPO for a new system should be as close as possible to zero. Which replication method and data center technology should be used?
There are varying requirements and motivations for improving the scalability and resilience of an enterprise application. The relative importance of these requirements and constraints varies depending on the type of app. the profile of the users, and the scale and maturity of the organization in which it is deployed. What are two common business drivers that deals with these aspects? (Choose two.)
As part of a design solution a consultant needs to describe the trade-offs between different SDN models Drag the characteristics on the left to the correct controller-based network designs on the right in no particular order.

Which two statements explain the operation of BFD asynchronous mode? (Choose two.)
Company XYZ is designing their network using the three-layer hierarchical model. At which layer must the QoS design classify or mark the traffic?
Which two features describe controller-based networking solutions compared to traditional networking solutions? (Choose two.)
An organization is looking to perform a major overhaul on their data center storage infrastructure with a focus on high availability and fault tolerance Which approach will accomplish this?
As a service provider is implementing Strong Access Control Measures, which two of the following PCI Data Security Standard requirements must be met? (Choose two . )
The Company XYZ network is experiencing attacks against their router. Which type of Control Plane Protection must be used on the router to protect all control plane IP traffic that is destined directly for one of the router interfaces?
Which two actions must be taken when assessing an existing wireless network implementation for its readiness to support voice traffic? (Choose two.)
An Agile for Infrastructure transition often means dismantling traditional IT hierarchies and rebuilding it to align with business objectives and workflows. Organizations are seeing the benefits of using automation tools in the network such as faster, more efficient, and more effective delivery of products and services. Which two components help increase overall productivity and improve company culture? (Choose two.)
Which two statements describe the functionality of OSPF packet-pacing timers? (Choose two.)
A banking customer determines that it is operating POS and POI terminals that are noncompliant with PCI DSS requirements, as it is running TLSv1.0. The customer plans to migrate the terminals to TLSv1.2. What are two requirements to complete the migration? (Choose two.)
Which two benefits can software-defined networks provide to businesses? (Choose two.)
Company XYZ plans to run OSPF on a DMVPN network. They want to use spoke-to-spoke tunnels in the design. What is a drawback or concern in this type of design?
Which three tools are used for ongoing monitoring and maintenance of a voice and video environment? (Choose three.)
Which actions are performed at the distribution layer of the three-layer hierarchical network design model? (Choose two)
A business customer deploys workloads in the public cloud but now faces governance issues related to IT traffic flow and data security. Which action helps identify the issue for further resolution?
What is the most important operational driver when building a resilient and secure modular network design?
Backups and mirror copies of data are part of RPO (Recovery Point Objective) strategies. If a business wants to reduce their CAPEX for disaster recovery, which solution is most applicable?
In a distributed cloud-native environment, calls to services and cloud resources can fail caused by unanticipated events that will require longer periods of time to resolve. These faults can range in severity from a partial loss of connectivity to the complete failure of a service. In these situations, it ' s pointless for an application to continually retry an operation that is unlikely to succeed. Which pattern can prevent an application from repeatedly trying to execute an operation that ' s likely to fail?
An enterprise SDWAN customer based in the US has several branches in Europe Currently branches use the HQ in the US to access both internal and external services over an MPLS arcuit The design team has been tasked to suggest a solution allowing branches to access their cloud-based office productivity tools and services directly Since all their applications and services are hosted in the cloud, the design team has also been asked to come up with a solution, so branches can connect to the cloud directly from the branch as well Which two cost-effective and optimized solutions can be suggested? (Choose two)
cloud onRamp (SaaS)
Drag and drop the end-to-end network virtualization elements from the left onto the correct network areas on the right.

A consultant needs to explain different project management methodologies to a customer.
Drag and drop the characteristics from the left onto the corresponding methodologies on the right in no particular order.

Company XYZ is designing the network for IPv6 security and they have these design requirements:
A switch or router must deny access to traffic from sources with addresses that are correct but topologically incorrect.
Devices must block Neighbor Discovery Protocol resolution for destination addresses not found in the binding table.
Which two IPv4 security features are recommended for this company? (Choose two)
Which hybrid cloud environment enables businesses to more readily stage data-intensive and time-sensitive tasks closer to the source, which reduces latency, eases networking requirements, and improves data protection?
Company XYZ is designing the IS-IS deployment strategy for their multiarea IS-IS domain. They want IS-IS neighbor relationships minimized on each segment and the LSDB size optimized. Which design can be used?
Setting a specific goal for throughput based on per-second data rates between end hosts does not identify the requirements for specific applications When specifying throughput goals for applications, it is important to understand the throughput requirements for each application Which two factors that can constrain application layer throughput? (Choose two.)
If the desire is to connect virtual network functions together to accommodate different types of network service connectivity, what must be deployed?
A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. Recently, they added a new branch to their network. Due to physical security concerns, they want to extend their existing IP CCTV network of the head office to the new branch, without any routing changes in the network. They are also under some time constraints. What is the best approach to extend the existing IP CCTV network to the new branch, without incurring any IP address changes?
Which two design options are available to dynamically discover the RP in an IPv6 multicast network? (Choose two)
The Layer 3 control plane is the intelligence over the network that steers traffic toward its intended destination Which two techniques can be used in service provider-style networks to offer a more dynamic, flexible, controlled, and secure control plane design? (Choose two.)
A company with an existing multivendor network is moving from 1 G dark fiber to an ISP virtual leased-line solution The company ' s internal security policy states that any traffic traversing a network that is not owned by the company must be encrypted What must be used to meet the requirements?
Refer to the exhibit.

This network is running legacy STP 802.1d. Assuming " hello_timer " is fixed to 2 seconds, which parameters can be modified to speed up convergence times after single link/node failure?
A centralized control plane generally means one or more controllers gather the reachability and topology information from each switching device and calculate some part of the forwarding information at some place. How can a centralized control plane be defined or described?
A network engineering team is in the process of designing a lab network for a customer demonstration. The design engineer wants to show that the resiliency of the MPLS Traffic Engineering Fast Reroute solution has the same failover/failback times as a traditional SONET/SDH network (around 50 msec). In order to address both link failure and node failure within the lab topology network, which type of the MPLS TE tunnels must be considered for this demonstration?
A network hacker is trying to interrupt the transport packet on IPsec. A packet with duplicate sequence numbers is introduced. The customer sends high-priority traffic during this window. Which design parameter should be considered to mitigate this issue?
: 482
Even with two different device platforms that support NETCONF or any other common transport method it does not mean they are compatible from a tooling and/or a developer’s perspective What is required to get the compatibility?
You are designing a network for a branch office. In order to improve convergence time, you are required to use the BFD feature. Which four routing protocols can you use to facilitate this? (Choose four.)
Company XYZ has 30 sites using MPLS L3 VPN and is concerned about data integrity. They want a centralized configuration model and minimal overhead. Which technology can be used?
Which technology supports antispoofing and does not have any impact on encryption performance regardless of packet size?
QUESTION 69 Refer to the exhibit. AJI links are P2P Layer 3. A high availability application is synchronizing data between host A and host B. To increase chance of delivery the same data is sent twice from host A on two different NICs toward the two NICs on host B.

Refer to the exhibit. All links are P2P Layer 3. A high availability application is synchronizing data between Host A and Host B. To increase the chance of delivery, the same data is sent twice from Host A on two different NICs toward the two NICs on Host B.
Which solution must be deployed in the network to ensure that any failure in the network does not trigger data loss on Host B?
Which two design solutions ensure sub-50 msec of the convergence time after a link failure in the network? (Choose two)
What are two primary design constraints when a robust infrastructure solution is created? (Choose two.)
Drag and drop the design use cases from the left onto the correct uRPF techniques used to prevent spoofing attacks Not all options are used.

A customer asks you to perform a high-level review of their upcoming WAN refresh for remote sites. The review is specially focused on their retail store operations consisting of 500+ locations connected via multipoint IPsec VPN solution. Which routing protocol would be valid but would also be the most restrictive for the expansion of this deployment model?
With virtualization being applied in many parts of the network, every physical link is likely to carry one or more virtual links, but what is a drawback in cases like this?
An enterprise network has two core routers that connect to 200 distribution routers and uses full-mesh IBGP peering between these routers as its routing method. The distribution routers are experiencing high CPU utilization due to the BGP process. Which design solution is the most cost effective?
In search of a system capable of hosting, monitoring, compiling, and testing code in an automated way, what can be recommended to the organization?
In a controller-based network architecture, between which of the two elements the southbound interface does the communication happen with a goal to program the data plane forwarding tables? (Choose two)
You are designing the QoS policy for a company that is running many TCP-based applications. The company is experiencing tail drops for these applications. The company wants to use a congestion avoidance technique for these applications. Which QoS strategy can be used?
A software-defined network can be defined as a network with an API that allows applications to understand and react to the state of the network in near real time A vendor is building an SDN solution that exposes an API to the RIB and potentially the forwarding engine directly The solution provides off-box processes with the capability to interact with the routing table in the same way as a distributed routing process Which SDN framework model does the solution use?
You are tasked to design a QoS policy for a service provider so they can include it in the design of their MPLS core network. If the design must support an MPLS network with six classes, and CEs will be managed by the service provider, which QoS policy should be recommended?
A business wants to refresh its legacy Frame Relay WAN and consolidate product specialists via video in 200 branches. Which technology should be used?
When a detection system for protecting a network from threats sourced from the Internet is designed there are two common deployment methods, where the system is placed differently relative to the perimeter firewall
•An unfiltered detection system examines the raw Internet data streams before it reaches the firewall
•A screened detection solution which monitors traffic that is allowed through the firewall Both have its advantages and disadvantages drag and drop the characteristics on the left to the corresponding category on the right in no particular order.

Company XYZ has a new network based on IPv6. Some of the subnets that they are planning to use will be confidential and need an addressing scheme that confines them to the local campus network. Which type of IPv6 addresses can be used for these networks in the IPv6 addressing design?
When planning their cloud migration journey, what is crucial for virtually all organizations to perform?
: 476
While designing a robust network architecture for a large e-commerce dient that has recently decided to make a global expansion of their cloud-based applications and services a network architect is evaluating cloud connectivity options The top priorities are low-latency and high- throughput connectivity between their on-premises data centers and the cloud providers Which cloud connectivity solution fits in this specific use case?
: 495
An organization has two branches connected over the Internet circuit using IPsec tunnels established on their edge routers belonging to different vendors Recently these branches were the victims of a DoS attack resulting in failure to establish the tunnels They are now looking for a better tunneling solution allowing full interoperability between vendors and allowing a standardized set of authentication methods Furthermore the solution must support detection of the peer’s state as well as having support for next-gen encryption algorithms. Which protocol meets these requirements and is known to be resistant to DoS attacks?
Which three elements help network designers to construct secure systems that protect information and resources (such as devices, communication, and data) from unauthorized access, modification, inspection, or destruction? (Choose three.)
: 488
The modularity built into the architecture allows flexibility in network design and facilitates implementation and troubleshooting Which solution is difficult to implement manage and troubleshoot especially for large networks?
Which two control plane policer designs must be considered to achieve high availability? (Choose two.)
A multinational organization has decided to migrate its business-critical operations to a hybrid cloud solution They are concerned about data governance, particularly regarding data sovereignty, ownership, and locale The company operates in multiple countries with strict data privacy regulations Which solution best ensures compliance with data governance regulations ' ?
Drag and drop the multicast protocols from the left onto the current design situation on the right.

Following a series of security incidents, where hackers have been able to successfully gain access to the network with varying levels of access, the CTO of a large corporation has launched an initiative to ensure that there is end-to-end visibility inside the corporate network Which two technologies are relevant to include in the analysis that is started as part of the initiative? (Choose two.)
A BGP route reflector in the network is taking longer than expected to converge during large network changes. Troubleshooting shows that the router cannot handle all the TCP acknowledgements during route updates. Which action can be performed to tune the device performance?
Refer to the exhibit.

Which impact of using three or more ABRs between the backbone area and area 1 is true?
Which two characteristics apply to firewall transparent mode operations in a firewall solution design? (Choose two.)
A company uses equipment from multiple vendors in a data center fabric to deliver SDN, enable maximum flexibility, and provide the best return on investment. Which YANG data model should be adopted for comprehensive features to simplify and streamline automation for the SDN fabric?
While designing a switched topology, in which two options is UplinkFast recommended? (Choose two.)
A business wants to refresh its legacy Frame Relay WAN It currently has product specialists in each of its 200 branches but plans to reduce and consolidate resources. The goal is to have product specialists available via video link when customers visit the nationwide branch offices Which technology should be used to meet this objective?
The controller has a global view of the network, and it can easily ensure that the network is in a consistent and optimal configuration. Which two statements describe a centralized SDN control path? (Choose two.)
A large enterprise customer is planning a new WAN connection to its headquarters The current architecture is dual homed with static routing but users complain when a specific link fails Failure of the other link does not affect any services or applications The new WAN connection must provide the headquarters with a resilient network design and increase the return on investment Which solution should be recommended to the customer?
When designing a WAN that will be carrying real-time traffic, what are two important reasons to consider serialization delay? (Choose two.)

Refer to the exhibit A solution architect is tasked with designing a quick fault detection and convergence solution based on a set of requirements
•Due to the use of voice applications, users must ideally not experience traffic disruption in excess of 100 milliseconds in case of link or node failures in OSPF area 100. •The enterprise requires the network to be highly available
•Traffic must quickly switch to another path without waiting for the OSPF dead interval to kick in What can be included in the design in order to meet these requirements?
You were tasked to enhance the security of a network with these characteristics:
A pool of servers is accessed by numerous data centers and remote sites
The servers are accessed via a cluster of firewalls
The firewalls are configured properly and are not dropping traffic
The firewalls occasionally cause asymmetric routing of traffic within the server data center.
Which technology should you recommend to enhance security by limiting traffic that could originate from a hacker compromising a workstation and redirecting flows at the servers?
You want to mitigate failures that are caused by STP loops that occur before UDLD detects the failure or that are caused by a device that is no longer sending BPDUs. Which mechanism do you use along with UDLD?
Drag and drop the QoS technologies from the left onto the correct capabilities on the right

Company XYZ has two routing domains in their network, EIGRP and OSPF. The company wants to provide full reachability between the two domains by implementing redistribution on a router running both protocols They need to design the redistribution in a way that the OSPF routers will see link costs added to external routes. How must the redistribution strategy be designed for this network?
Which two benefits can software defined networks provide to businesses? (Choose two.)
A multinational enterprise integrates a cloud solution with these objectives:
• Achieve seamless connectivity across different countries and regions
• Extend data center and private clouds into public clouds and provider-hosted clouds
What are two outcomes of deploying data centers and fabrics that interconnect different cloud networks? (Choose two.)
Company XYZ is redesigning their QoS policy. Some of the applications used by the company are real-time applications. The QoS design must give these applications preference in terms of transmission. Which QoS strategy can be used to fulfill the requirement?
SDN is still maturing Throughout the evolution of SDN which two things will play a key role in enabling a successful deployment and avoiding performance visibility gaps in the infrastructure’ (Choose two.)
During a pre-sales meeting with a potential customer, the customer CTO asks a question about advantages of controller-based networks versus a traditional network. What are two advantages to mention? (Choose two)
A rapidly growing e-commerce business with a global customer base needs a robust network design that can support their business-critical operations and ensure low-latency access for their customers around the globe. The IT team is considering different solutions to meet their requirements. Which network design is suitable for these needs?
You are designing the routing design for two merging companies that have overlapping IP address space. Which of these must you consider when developing the routing and NAT design?
Which component of the SDN architecture automatically ensures that application traffic is routed according to policies established by network administrators?
What is an advantage of using Agile over Waterfall methodology in the network design lifecycle?
: 487
Which layer of the SDN architecture orchestrates how the applications are given the resources available in the network?
Which development model is closely associated with traditional project management?
What are two design constraints in a standard spine and leaf architecture? (Choose two.)
: 494 DRAG DROP
The customer ' s network manager asked for some key points to use m a presentation on overlay/underlay features and responsibilities. Drag and drop the features or responsibilities from the left onto the corresponding groups on the right in no particular order.

A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. They want to extend the existing IP CCTV network to a new branch without routing changes or IP address changes. What is the best approach?
A business wants to centralize services via VDI technology and to replace remote WAN desktop PCs with thin client-type machines to reduce operating costs. Which consideration supports the new business requirement?
Which option is a fate-sharing characteristic in regards to network design?
An engineer must redesign the QoS strategy for Company XYZ The current network is experiencing many dropped packets due to oversubscription of the guaranteed bandwidth allocated by the service provider Company XYZ wants a design with a QoS strategy that controls the traffic flow leaving the Edge router to minimize packet drops Which QoS technique can be recommended as a solution?
A networking team needs to prevent spoofing attacks They are describing the different uRPF design use cases so they can identify and deploy the optimal mode in various parts of their network
Drag and drop the use cases from the left onto the corresponding uRPF technique on the right Not all options are used

A network architect is designing a policy where database applications access the internet directly, while other traffic routes through the data center, with dynamic path switching based on performance. Which solution meets these requirements?
Company XYZ allows employees to use any open desk and plug their laptops in. They want authentication using domain credentials and future capability for segmentation within the same subnet. Which protocol can be recommended?
Software-defined networking architecture is used for cost-effective, adaptable, and easily manageable applications. In which two software-defined networks is SDN commonly used? (Choose two.)
A European national bank considers migrating its on-premises systems to a private cloud offering in a non-European location to significantly reduce IT costs. What is a primary factor prior to migration?
Which relationship between IBGP and the underlying physical topology is true?
As a network designer, you need to support an enterprise with hundreds of remote sites connected over a single WAN network that carries different types of traffic, including VoIP, video, and data applications. Which of the following design considerations will not impact design decision?
Various teams in different organizations within an enterprise are preparing low-level design documents using a Waterfall project model. Input from relevant stakeholders was captured at the start of the project, and the scope has been defined. What impact will it have if stakeholders ask for changes before documentation is complete?
Which two advantages of using DWDM over traditional optical networks are true? (Choose two.)
Which optimal use of interface dampening on a fast convergence network design is true?
A network security team uses a purpose-built tool to actively monitor the campus network, applications, and user activity. The team also analyzes enterprise telemetry data from IPFIX data records that are received from devices in the campus network. Which action can be taken based on the augmented data?
Sometimes SDN leverages various overlay networking technologies to create layer(s) of network abstraction. What describes an overlay network?
SDN controllers need to sustain healthy operation under the pressure of different objectives from the applications they host. High availability can be achieved through improved southbound APIs and controller placement heuristics and formal models. Which two implementation strategy help to maximize resilience and scalability? (Choose two.)
: 483
Direct cloud connectivity provides secure high-performance and end-to-end connectivity needed to run critical applications that have requirements that cannot be met when using the Internet What is the primary benefit gained from direct cloud connectivity?
Which aspect of BGP-LS makes it scalable in large network when multiarea topology information must be gathered?
Which main IoT migration aspect should be reviewed for a manufacturing plant?
Two companies need to implement an extranet overlay network solution by using a VPN tunnel over the internet to use each other ' s HTTP REST APIs. The solution must only provide data integrity because data confidentiality will be covered at the application layer The existing firewall devices will be used as VPN endpoints for the tunnel but they have limited available resources Which type of VPN tunnel must be deployed for the extranet service?
What is the best approach in a large legacy application migration scenario when the goal is to complete the migration in the shortest possible time?
Which architecture does not require an explicit multicast signaling protocol, such as PIM or P2MP, to signal the multicast state hop-by-hop, but instead uses a link state protocol to advertise the multicast forwarding state?
Which two features control multicast traffic in a VLAN environment? (Choose two)
An architect prepares a network design for a startup company. The design must meet business requirements while the business grows and divests due to rapidly changing markets. What is the highest priority in this design?
Which solution component helps to achieve comprehensive threat protection and compliance for migration to multicloud SDX architectures?
Which DCI technology utilizes a “flood and learn†technique to populate the Layer 2 forwarding table?
An enterprise service provider is planning to migrate the customer network to MPLS to connect cloud applications The customer network team and service provider team are analyzing all process (tows before live migration and implementation Before planning the migration, what is a crucial task that must be executed?