350-401 Questions and Answers

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

programmatic control of abstracted network resources through a centralized controller

access to controlled network resources from a centralized node

communication between SDN controllers and physical switches

controlled access to switches from automated security applications

provide QoS prioritization services such as marking, queueing, and classification for critical network traffic

provide redundant Layer 3 point-to-point links between the core devices for more predictable and faster convergence

provide advanced network security features such as 802. IX, DHCP snooping, VACLs, and port security

provide redundant aggregation for access layer devices and first-hop redundancy protocols such as VRRP

advertisement of network prefixes and their attributes

configuration of control and data policies

gathering of underlay infrastructure data

delivery of crypto keys

segmentation and differentiation of traffic

RF

Policy

WLAN

Flex

Connects the SD-Access fabric to another fabric or external Layer 3 networks

Connects endpoints to the fabric and forwards their traffic

Provides reachability border nodes in the fabric underlay

Encapsulates end-user data traffic into LISP.

Mobility groups are established between wireless controllers.

The management VLAN is present as a dynamic VLAN on the second WLC.

WLCs use separate DHCP servers.

WLCs have the same IP addresses configured on their interfaces.

threat defense

security services

security intelligence

segmentation

HTTP Status Code 200

HTTP Status Code 302

HTTP Status Code 401

HTTP Status Code: 504

management and data

control and management

control, and forwarding

control and data

AP(config-if-ssid)# authentication open wep wep_methods

AP(config-if-ssid)# authentication dynamic wep wep_methods

AP(config-if-ssid)# authentication dynamic open wep_dynamic

AP(config-if-ssid)# authentication open eap eap_methods

print(response['resut'][0||'simple_time']}

print(response[result']['body']['simple_time']}

print(response['body']['simple_time']}

print(response[jresult']['body']['simple_time']}

IKF

TLS

IPsec

ESP

Stratum 1 devices are connected directly to an authoritative time source.

Stratum 15 devices are connected directly to an authoritative time source

Stratum 0 devices are connected directly to an authoritative time source.

Stratum 15 devices are an authoritative time source.

The OSPF router ID is missing on this router.

The OSPF process is stopped on the neighbor router.

There is an MTU mismatch between the two routers.

The OSPF router ID is missing on the neighbor router.

The ping command must be executed in the global routing table.

Interface FastEthernet0/0 Is configured in VRF CUST-A, so the ARP entry is also in that VRF.

When VRFs are used. ARP protocol must be enabled In each VRF.

When VRFs are used. ARP protocol is disabled in the global routing table.

signal strength -67 dBm, noise 91 dBm

signal strength -69 dBm, noise 94 dBm

signal strength -68 dBm, noise 89 dBm

signal strength -66 dBm, noise 90 dBm

PETR

PITR

map resolver

map server

ISE server

local WLC

RADIUS server

anchor WLC

1

7

13

15

m.lock(config=’running’)

m.lock(target=’running’)

m.freeze(target=’running’)

m.freeze(config=’running’)

inter-controller

inter-subnet

intra-VLAN

intra-controller

The value given to the strength of the wireless signal received compared to the noise level

The value of how strong the wireless signal Is leaving the antenna using transmit power, cable loss, and antenna gain

The value of how much wireless signal is lost over a defined amount of distance

The value of how strong a tireless signal is receded, measured in dBm

both supervisors must be configured separately

the multicast state is preserved during switchover

must be combined with NSF to support uninterrupted Layer 2 operations

must be combined with NSF to support uninterrupted Layer 3 operations

requires synchronization between supervisors in order to guarantee continuous connectivity

15

20

25

10

Option 42

Option 15

Option 125

Option 43

Indirect

Layer 3 intercontroller

Layer 2 intercontroller

Intracontroller

Option A

Option B

Option C

Option D

Container

Mainframe

Host

virtual machine

detect and black ransomware in email attachments

outbound URL analysis and data transfer controls

user context analysis

blocking of fileless malware in real time

cloud-based analysis of threats

Option

Option

Option

Option

The MAC address table supports partial matches. TCAM requires an exact match.

The MAC address table is contained in TCAM ACL and QoS information is stored in CAM.

Router prefix lookups happen in TCAM. MAC address table lookups happen In CAM.

TCAM is used to make L2 forwarding decisions. CAM is used to build routing tables

It updates wireless clients' locations in the fabric

It connects wireless clients to the fabric.

It manages wireless clients' membership information in the fabric

It configures security policies down to wireless clients in the fabric.

c0:42:01:67:05:16

c0:07:0c:ac:00:22

00:00:0c:07:ac:16

00:00:0c:07:ac:22

Option A

Option B

Option C

Option D

Because dynamic routing is not enabled

Because the tunnel cannot reach its tunnel destination

Because the best path to the tunnel destination is through the tunnel itself

Because the router cannot recursively identify its egress forwarding interface

Packets with a destination of 200.1.1.1 are translated to 10.1.1.1 or .2. respectively.

A packet that is sent to 200.1.1.1 from 10.1.1.1 is translated to 209.165.201.1 on R1.

R1 looks at the destination IP address of packets entering S0/0 and destined for inside hosts.

R1 processes packets entering E0/0 and S0/0 by examining the source IP address.

R1 is performing NAT for inside addresses and outside address.

SSH

HTTPS

JWT

TLS

It supports a maximum of 4096 VLANs.

It supports multitenant segments.

It uses STP to prevent loops in the underlay network.

It uses the Layer 2 header to transfer packets through the network underlay.

155.1.1.1

randorm addresses in the 155.1.1.0/24 range

their own address in the 10.10.10.0/24 rance

155.1.1.5

POST

GET

PUT

CREATE

supports advanced Layer 3 routing protocols that are not offered by a hardware switch

enables VMs to communicate with each other within a virtualized server

has higher performance than a hardware switch

operates as a hub and broadcasts the traffic toward all the vPorts

API Explorer

REST Explorer

Postman

Mozilla

Option A

Option B

Option C

Option D

provides fabric extension to nonfabric devices through remote registration and configuration

performs tunneling between fabric and nonfabric devices to route traffic over unknown networks

used to extend the fabric connecting to downstream nonfabric enabled Layer 2 switches

in charge of establishing Layer 3 adjacencies with nonfabric unmanaged node

{'Name'';''Bob johnon';''Age': Sevenfive,''Alive'': true,''FavoriteFoods';[''Cereal';''Mustard';''Onions'}}

{'Name'':''Bob johnon':''Age': 75 ''Alive'': true,''Favorite Foods';[''Cereal';''Mustard';''Onions'}}

{'Name'':''Bob johnon':''Age: 75,''Alive: true, FavoriteFoods;[Cereal, Mustard';''Onions}}

{'Name'': 'Bob johnon','Age': 75,'Alive': true,''FavoriteFoods': 'Cereal';'Mustard','Onions'}}

The RIB is used to create network topologies and routing tables. The FIB is a list of routes to particular network destinations.

The FIB includes many routes a single destination. The RIB is the best route to a single destination.

The RIB includes many routes to the same destination prefix. The FIB contains only the best route

The FIB maintains network topologies and routing tables. The RIB is a Iist of routes to particular network destinations.

Reduce channel width from 40 MHz to 20 MHz

Disable 2.4 GHz and use only 5 GHz.

Reduce AP transmit power.

Increase minimum mandatory data rate

Enable Fastlane

Remove UNII-2 and Extended UNII-2 channels from the 5 Ghz channel list

Restore the DCA default settings because this automatically avoids channel interference.

Configure channels on the UNIk2 and the Extended UNII-2 sub-bands of the 5 Ghz band only

Enable DFS channels because they are immune to radar interference.

Disable DFS channels to prevent interference with Doppler radar

Option A

Option B

Option C

Option D

Option E

Option A

Option B

Option C

Option D

centrally switched back to WLC where the user traffic is mapped to a VXLAN on the WLC

converted by the AP into 802.3 and encapsulated into VXLAN

centrally switched back to WLC where the user traffic is mapped to a VLAN on the WLC

converted by the AP into 802.3 and encapsulated into a VLAN

All traffic will be policed based on access-list 120.

If traffic exceeds the specified rate, it will be transmitted and remarked.

Class-default traffic will be dropped.

ICMP will be denied based on this configuration.

R1(config-router)#neighbor 10.10.10.1 peer-group CORP R1(config-router)#neighbor CORP password Cisco

R2(config-router)#neighbor 10.120.10.1 peer-group CORP R2(config-router)#neighbor CORP password Cisco

R2(config-router)#neighbor 10.10.10.1 peer-group CORP R2(config-router)#neighbor PEER password Cisco

R1(config-router)#neighbor 10.120.10.1 peer-group CORP R1(config-router)#neighbor CORP password Cisco

R2(config-router)#neighbor 10.10.10.1 peer-group CORP R2(config-router)#neighbor CORP password Cisco

under interface saturation condition

under network convergence condition

under all network condition

under traffic classification and marking conditions.

The packet reaches R3, and the TTL expires

R2 replies with a TTL exceeded message

R3 replies with a TTL exceeded message.

The packet reaches R2 and the TTL expires

R1 replies with a TTL exceeded message

The packet reaches R1 and the TTL expires.

action 4.0 syslog command “show process cpu sorted | append flash:high-cpu-file”

action 4.0 publish-event “show process cpu sorted | append flash:high-cpu-file”

action 4.0 ens-event “show process cpu sorted | append flash:high-cpu-file”

action 4.0 cli command “show process cpu sorted | append flash:high-cpu-file”

Priority

custom

weighted fair

low latency

Create an IPsec profile, associate the transform-set ACL, and apply the profile to the tunnel interface.

Apply the crypto map to the tunnel interface and change the tunnel mode to tunnel mode ipsec ipv4.

Remove all configuration related to crypto map from R1 and R2 and eliminate the ACL.

Create an IPsec profile, associate the transform-set, and apply the profile to the tunnel interface.

Remove the crypto map and modify the ACL to allow traffic between 10.10.0.0/24 to 10.20.0.0/24.

End user subnets and endpoints are part of the underlay network.

The underlay switches provide endpoint physical connectivity for users.

Static routing is a requirement,

It must support IPv4 and IPv6 underlay networks

Option A

Option B

Option C

Option D

from ncclient import

import manager

from ncclient import*

import ncclient manager

username/role combination

access tokens

cookie authentication

basic signature workflow

The signal strength at location C is too weak to support web surfing

Location D has the strongest RF signal strength

The RF signal strength at location B is 50% weaker than location A

The signal strength at location B is 10 dB better than location C

The RF signal strength at location C is 10 times stronger than location B

logging host 10.2.3.4 vrf mgmt transport tcp port 6514

logging host 10.2.3.4 vrf mgmt transport udp port 6514

logging host 10.2.3.4 vrf mgmt transport tcp port 514

logging host 10.2.3.4 vrf mgmt transport udp port 514

efficient scalability

virtualization

storage capacity

supported systems

Option A

Option B

Option C

Option D

They enable programmers to change or write their own application within the device operating system.

They create more secure and efficient SNMP OIDs.

They make the CLI simpler and more efficient.

They provide a standardized data structure, which results in configuration scalability and consistency.

NameError: name 'json' is not defined

KeyError 'kickstart_ver_str'

7.61

7.0(3)I7(4)

Option A

Option B

Option C

Option D

Option A

Option B

Option C

Option D

Dipole

Yagi

Patch

Omnidirectional

SIP flow information

Wi-Fi multimedia

traffic specification

VoIP media session awareness

Cisco DNA Center has the Incorrect credentials for cat3850-1

Cisco DNA Center is unable to communicate with cat9000-1

Cisco DNA Center has the incorrect credentials for cat9000-1

Cisco DNA Center has the Incorrect credentials for RouterASR-1

broadcast to nonbroadcast

point-to-multipoint to nonbroadcast

broadcast to point-to-point

point-to-multipoint to broadcast

under the interface

under the flow record

under the flow monitor

under the flow exporter

The tunnel line protocol goes down when the keepalive counter reaches 6

The keepalives are sent every 5 seconds and 3 retries

The keepalives are sent every 3 seconds and 5 retries

The tunnel line protocol goes down when the keepalive counter reaches 5

Option A

Option B

Option C

Option D

It is in local mode and must be connected directly to the fabric border node

It is in FlexConnect mode and must be connected directly to the fabric edge switch.

It is in FlexConnect mode and must be connected directly to the fabric border node

It is in local mode and must be connected directly to the fabric edge switch.