Summer Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

400-007 Questions and Answers

Question # 6

: 495

An organization has two branches connected over the Internet circuit using IPsec tunnels established on their edge routers belonging to different vendors Recently these branches were the victims of a DoS attack resulting in failure to establish the tunnels They are now looking for a better tunneling solution allowing full interoperability between vendors and allowing a standardized set of authentication methods Furthermore the solution must support detection of the peer’s state as well as having support for next-gen encryption algorithms. Which protocol meets these requirements and is known to be resistant to DoS attacks?

A.

L2TP/IPsec

B.

OpenVPN/Blowfish

C.

IPsec BFD

D.

IKEv2

Full Access
Question # 7

In search of a system capable of hosting, monitoring, compiling, and testing code in an automated way, what can be recommended to the organization?

A.

Jenkins

B.

Ansible

C.

Perl

D.

Chef

Full Access
Question # 8

Refer to the exhibit.

Question # 8

This network is running OSPF as the routing protocol. The internal networks are being advertised in OSPF. London and Rome are using the direct link to reach each other although the transfer rates are better via Barcelona. Which OSPF design change allows OSPF to calculate the proper costs?

A.

Change the OSPF reference bandwidth to accommodate faster links.

B.

Filter the routes on the link between London and Rome.

C.

Change the interface bandwidth on all the links.

D.

Implement OSPF summarization to fix the issue.

Full Access
Question # 9

When a detection system for protecting a network from threats sourced from the Internet is designed there are two common deployment methods, where the system is placed differently relative to the perimeter firewall

•An unfiltered detection system examines the raw Internet data streams before it reaches the firewall

•A screened detection solution which monitors traffic that is allowed through the firewall Both have its advantages and disadvantages drag and drop the characteristics on the left to the corresponding category on the right in no particular order.

Question # 9

Full Access
Question # 10

Customer XYZ network consists of an MPLS core, IS-IS running as IGP, a pair of BGP route reflectors for route propagation, and a few dozen MPLS-TE tunnels for specific tactical traffic engineering requirements. The customer ' s engineering department has some questions about the use of the Overload Bit in the IS-IS networks and how it could be used to improve their current network design. Which two concepts about the Overload Bit are true? (Choose two.)

A.

It can be set on a router during the startup process for a fixed period of time

B.

Networks advertised within the LSPs of the respective node will become unreachable

C.

It forces the midpoint MPLS-TE node to reoptimize the primary tunnels going through the OL node.

D.

It can be set on a router until other interacting protocols have signaled convergence.

E.

It is not recommended on BGP Route Reflectors

Full Access
Question # 11

Which solution component helps to achieve comprehensive threat protection and compliance for migration to multicloud SDX architectures?

A.

System-oriented architecture

B.

OSASE architecture

C.

Platform-oriented architecture

D.

SASE architecture

Full Access
Question # 12

Company XYZ has a multicast domain that spans across multiple autonomous systems. The company wants a simplified and controlled approach to interconnecting multicast domains. Which technology is the best fit?

A.

MSDP

B.

PIM SSM

C.

MPLS

D.

PIM sparse mode

Full Access
Question # 13

While positive feedback loops generally don ' t last long enough to bring down a network completely, they can still last long enough to disrupt traffic flows or to cause the network to converge more slowly than it should.

What are two examples of cases where a positive feedback loop can be long-lived and devastating to the network ' s control plane? (Choose two)

A.

During redistribution of reachability information between multiple control planes

B.

Modifying the flow of traffic through the network by steering traffic based on QoS attributes

C.

When input traffic volumes on an interfaces causes the interface queue to overflow.

D.

The rate at which the information earned in the various control plane protocols changes

E.

When more paths available in any given routing process than are installed in the routing table

Full Access
Question # 14

In a distributed cloud-native environment, calls to services and cloud resources can fail caused by unanticipated events that will require longer periods of time to resolve. These faults can range in severity from a partial loss of connectivity to the complete failure of a service. In these situations, it ' s pointless for an application to continually retry an operation that is unlikely to succeed. Which pattern can prevent an application from repeatedly trying to execute an operation that ' s likely to fail?

A.

circuit breaker

B.

bulkhead

C.

fallback

D.

timeout

Full Access
Question # 15

An enterprise that runs numerous proprietary applications has major issues with its on-premises server estate hardware, to the point where business-critical functions are compromised. The enterprise accelerates plans to migrate services to the cloud. Which cloud service should be used if the enterprise wants to avoid hardware issues yet have control of its applications and operating system?

A.

SaaS

B.

PaaS

C.

IaaS

D.

hybrid cloud

Full Access
Question # 16

Which two elements are key in strategic network design and planning?

A.

customer requirements

B.

network distribution

C.

business strategy

D.

production delivery

E.

demand and supply ratio

Full Access
Question # 17

You have been tasked with designing a data center interconnect as part of business continuity. You want to use FCoE over this DCI to support synchronous replication. Which two technologies allow for FCoE via lossless Ethernet or data center bridging? (Choose two.)

A.

DWDM

B.

EoMPLS

C.

SONET/SDH

D.

Multichassis EtherChannel over Pseudowire

E.

VPLS

Full Access
Question # 18

Which technique facilitates analytics and knowledge discovery in big data systems to recognize hidden and complex patterns?

A.

predictive monitoring

B.

deep learning

C.

traffic classification

D.

network mobility

Full Access
Question # 19

Which development model is closely associated with Agile project management?

A.

static model

B.

evolutionary delivery model

C.

lifecycle model

D.

starfish model

Full Access
Question # 20

SDN emerged as a technology trend that attracted many industries to move from traditional networks to SDN. Which challenge is solved by SDN for cloud service providers?

A.

Need for intelligent traffic monitoring

B.

Exponential growth of resource-intensive applications

C.

Complex and distributed management flow

D.

Higher operating expense and capital expenditure

Full Access
Question # 21

Company XYZ has a new network based on IPv6. Some of the subnets that they are planning to use will be confidential and need an addressing scheme that confines them to the local campus network. Which type of IPv6 addresses can be used for these networks in the IPv6 addressing design?

A.

local addresses

B.

private addresses

C.

link-local addresses

D.

unique local addresses

Full Access
Question # 22

The CIA triad is foundational to information security, and one can be certain that one or more of the principles within the CIA triad has been violated when data is leaked or a system is attacked Drag and drop the countermeasures on the left to the appropriate principle section on the right in any order

Question # 22

Full Access
Question # 23

What is a web-based model in which a third-party provider hosts applications that are available to customers over the Internet?

A.

PaaS

B.

SaaS

C.

IaaS

D.

WaaS

Full Access
Question # 24

A business requirement is supplied to an architect from a car manufacturer stating their business model is changing to just-in-time manufacturing and a new network is required. The manufacturer does not produce all of the specific components in-house. Which area should the architect focus on initially?

A.

Automation

B.

Zero Trust Networking

C.

Low Latency Infrastructure

D.

Modularity

Full Access
Question # 25

Company XYZ connects its sites over a private WAN. Their overlay network is running a DMVPN setup where the headquarters site is the hub. The company is planning on implementing multicast routing on the network. What should be used in the multicast routing design?

A.

PIM dense mode with RP located at the hub

B.

PIM sparse mode with RP located at each remote site

C.

PIM sparse mode with RP located at the hub

D.

PIM dense mode with RP located at each remote site

Full Access
Question # 26

Network changes due to mergers, acquisitions, and divestitures can be highly disruptive if not carefully planned. When an organization sells part of its business, it must detach those parts of the network with minimal risk and downtime.

Which network design approach is appropriate to minimize the impact and risks as the divested parts of the network are detached?

A.

Redundant design

B.

Modular design

C.

Less complex design

D.

Routed access design

Full Access
Question # 27

Which methodology is the leading lifecycle approach to network design and implementation?

A.

PPDIOO

B.

Waterfall model

C.

Spiral model

D.

V model

Full Access
Question # 28

You are designing a network running both IPv4 and IPv6 to deploy QoS. Which consideration is correct about the QoS for IPv4 and IPv6?

A.

IPv4 and IPv6 traffic types can use queuing mechanisms such as LLQ, PQ, and CQ.

B.

IPv6 packet classification is only available with process switching, whereas IPv4 packet classification is available with both process switching and CEF.

C.

IPv6 and IPv4 traffic types can use a single QoS policy to match both protocols.

D.

Different congestion management mechanisms need to be used for IPv4 and IPv6 traffic types.

Full Access
Question # 29

What are two advantages of controller-based networks versus traditional networks? (Choose two.)

A.

The ability to have forwarding tables at each device

B.

More flexible configuration per device

C.

More consistent device configuration

D.

Programmatic APIs that are available per device

E.

The ability to configure the features for the network rather than per device

Full Access
Question # 30

A business customer deploys workloads in the public cloud but now faces governance issues related to IT traffic flow and data security. Which action helps identify the issue for further resolution?

A.

Set up a secure tunnel from customer routers to protect traffic to cloud providers.

B.

Send IPFIX telemetry data from customer routers to a centralized collector to identify traffic to cloud providers.

C.

Build a zone-based firewall policy on Internet edge firewalls that collects statistics on traffic to cloud providers.

D.

Apply workload policies that dictate security requirements for cloud workloads.

Full Access
Question # 31

In a controller-based network architecture, between which of the two elements the southbound interface does the communication happen with a goal to program the data plane forwarding tables? (Choose two)

A.

core components

B.

forwarding lane

C.

layer interface

D.

networking device

E.

controller

Full Access
Question # 32

Refer to the exhibit.

Question # 32

The enterprise customer wants to stream one-way video from their head office to eight branch offices using multicast. Their current service provider provides a Layer 3 VPN solution and manages the CE routers, but they do not currently support multicast. Which solution quickly allows this multicast traffic to go through while allowing for future scalability?

A.

Enable a GRE tunnel between nodes CE1 and CE2

B.

Enable a GRE tunnel between nodes C2 and C4

C.

Enable a GRE tunnel between nodes C1 and C4

D.

Implement hub and spoke MPLS VPN over DMVPN (also known as 2547o DMVPN) between CE1 and CE2

E.

The service provider must provide a Draft Rosen solution to enable a GRE tunnel between nodes PE1 and PE2

Full Access
Question # 33

Flow is a set of IP packets passing an observation point in the network during a certain time interval. A flow could consist of ail packets in a specific transport connection or a media stream. Packet flow temporal efficiency can be affected by one-way delay Drag and drop the delay types from the left onto the corresponding definitions on the right Not all are used

Question # 33

Full Access
Question # 34

Refer to the exhibit.

Question # 34

This network is running OSPF and EIGRP as the routing protocols. Mutual redistribution of the routing protocols has been configured on the appropriate ASBRs. The OSPF network must be designed so that flapping routes in EIGRP domains do not affect the SPF runs within OSPF. The design solution must not affect the way EIGRP routes are propagated into the EIGRP domains. Which technique accomplishes the requirement?

A.

route summarization at the ASBR interfaces facing the OSPF domain

B.

route summarization on the appropriate ASBRs

C.

route summarization on the appropriate ABRs

D.

route summarization on EIGRP routers connecting toward the ASBR

Full Access
Question # 35

monitoring solution, an organization wants to ensure they can collect feedback from network devices, particularly with a focus on being able to perform anomaly detection and automatically react to these events as they come m A key requirement is that the resources required to collect the data must be distributed Which data reporting approach is good fit for this use case?

A.

model-driven monitoring

B.

pull-based methodology

C.

data-flow monitoring

D.

streaming telemetry

Full Access
Question # 36

What are the two benefits of using northbound APIs in SDN architecture? (Choose two.)

A.

They provide a way to manage the SDN and configure network policies

B.

They connect the SDN controller to the underlying network devices.

C.

They provide a way for the SDN controller to communicate with network devices

D.

They provide, a way for the SDN to control change management

E.

They connective SDN controller to higher-level management, systems

Full Access
Question # 37

Sometimes SDN leverages various overlay networking technologies to create layer(s) of network abstraction. What describes an overlay network?

A.

It transmits packets that traverse over network devices like switches and routers

B.

It encapsulates packets at source and destination, which incurs additional overhead

C.

Packet delivery and reliability occurs at Layer 3 and Layer 4

D.

It is responsible for the delivery of packets; NAT- or VRF-based segregation is required

Full Access
Question # 38

A financial company requires that a custom TCP-based stock-trading application be prioritized over all other traffic for the business due to the associated revenue. The company also requires that VoIP be prioritized for manual trades. Which directive should be followed when a QoS strategy is developed for the business?

A.

Allow VoIP and the custom application to share the same priority queue.

B.

The custom application and VoIP must be assigned their own separate priority queue.

C.

Interleave the custom application with other TCP applications in the same CBWFQ.

D.

Avoid placing the custom application in a CBWFQ queue that contains other traffic.

Full Access
Question # 39

A banking customer determines that it is operating POS and POI terminals that are noncompliant with PCI DSS requirements, as it is running TLSv1.0. The customer plans to migrate the terminals to TLSv1.2. What are two requirements to complete the migration? (Choose two.)

A.

Ensure that strong cryptography is applied for users who have administrative access through networks

B.

Apply strong cryptography and security protocols to safeguard sensitive cardholder data.

C.

Apply strong encryption for transmission of cardholder data across public networks.

D.

Protect all user systems against malware and frequently update antivirus software

E.

Maintain a policy that addresses information security for employees and third parties.

Full Access
Question # 40

A healthcare provider discovers that protected health information of patients was altered without patient consent. The healthcare provider is subject to HIPAA compliance and is required to protect PHI data. Which type of security safeguard should be implemented to resolve this issue?

A.

technical and physical access control

B.

administrative security management processes

C.

physical device and media control

D.

technical integrity and transmission security

Full Access
Question # 41

The PaaS model provides customers with a virtualized application development platform without the need for them to furnish hardware or system administration using in-house resources All necessary infrastructure components and application development services are provided and managed by the cloud service provider. Which limitation should be considered when selecting PaaS model?

A.

loss of customer control

B.

limited customization options

C.

potential network latency

D.

compatibility with existing development environments

Full Access
Question # 42

Company XYZ wants to redesign the Layer 2 part of their network and wants to use all available uplinks for increased performance They also want to have end host reachability supporting conversational learning However, due to design constraints, they cannot implement port-channel on the uplinks Which other technique can be used to make sure the uplinks are in active/active state?

A.

switch stack

B.

LISP

C.

MSTP

D.

TRILL

Full Access
Question # 43

risk is a major determining factor in whether a company chooses to go with a public cloud, a private, or a hybrid of both. what are two factors that impact the decision on which cloud service placement model to use? (choose two)

A.

cross zone redundancy

B.

regulation

C.

organization skills

D.

legacy architectures

E.

data ownership

Full Access
Question # 44

A business invests in SDN and develops its own SDN controller that, due to budget constraints, runs on a single controller. The controller actively places an exclusive lock on the configuration of the devices to ensure it is the only source of changes to the environment. What is the result if the controller fails?

A.

All device configurations are in read-only mode until the controller is restored.

B.

The control plane is unavailable until the controller is restored.

C.

If a device fails, the configuration backup is unavailable.

D.

Manual changes are only possible until the controller is restored.

Full Access
Question # 45

A network designer should follow a methodology that must guide the entire lifecycle of the design process In the early phases of the process, technology requirements are evaluated and validated, which allows for proper planning in response to changes in the infrastructure and requirements for resources Which two elements help make a company more agile by adjusting them on a regular basis? (Choose two.)

A.

application and services access

B.

throughput per application

C.

establishing business requirements

D.

technology strategies

E.

configuration management

Full Access
Question # 46

: 479

A comprehensive business continuity plan creates a clear recovery pathway for your systems and acts as an operational blueprint Which two elements are crucial to know before creating a business continuity plan? (Choose two.)

A.

recovery blueprint

B.

notification matrix

C.

critical activities

D.

communication plan

E.

threat scenarios

Full Access
Question # 47

Company XYZ plans to run OSPF on a DMVPN network. They want to use spoke-to-spoke tunnels in the design. What is a drawback or concern in this type of design?

A.

Additional host routes will be inserted into the routing tables

B.

Manual configuration of the spokes with the appropriate priority will be needed

C.

There will be split-horizon issue at the hub

D.

Manual configuration of the spoke IP address on the hub will be needed

Full Access
Question # 48

: 497 DRAG DROP

Data residency and sovereignty requirements are based on regional and industry-specific regulations, and different organizations have different data sovereignty requirements. Implementation of a mechanism that provides control over all access to data by cloud providers and the ability to inspect changes to cloud infrastructure and services is required. Drag and drop the descriptions from the left onto the corresponding categories on the right in no particular order. Not all options are used.

Question # 48

Full Access
Question # 49

Company XYZ has 30 sites using MPLS L3 VPN and is concerned about data integrity. They want a centralized configuration model and minimal overhead. Which technology can be used?

A.

S-VTI

B.

DMVPN

C.

MGRE

D.

GET VPN

Full Access
Question # 50

The major business applications of an enterprise are largely monolithic and hard-coded. As part of a major modernization and overhaul of the applications, the goal is to move to a modular and containerized application architecture model. At the same time, decoupling from the hardware is desired to move to an on-demand provisioning. However, the CyberOps team mandated that the final architecture must provide the same security levels as an air-gapped data center. Which cloud architecture meets these requirements?

A.

IaaS

B.

Private cloud

C.

PaaS

D.

Hybrid cloud

E.

Public cloud

Full Access
Question # 51

Refer to the exhibit.

Question # 51

A customer runs OSPF with Area 5 between its aggregation router and an internal router. When a network change occurs in the backbone, Area 5 starts having connectivity issues due to the SPF algorithm recalculating an abnormal number of times in Area 5. You are tasked to redesign this network to increase resiliency on the customer network with the caveat that Router B does not support the stub area. How can you accomplish this task?

A.

Increase the bandwidth on the connection between Router A and Router B

B.

Implement LSA filtering on the ABR, allowing summary routes and preventing more specific routes into Area 5

C.

Create a virtual link to Area 0 from Router B to the ABR

D.

Turn on LSA throttling on all devices in Area 5

E.

Set Area 5 to stubby at the ABR anyway

Full Access
Question # 52

multinational corporation with offices in various regions worldwide are looking for a network architecture that provides a balance between low- latency and cost-effectiveness for connecting their offices to the cloud. Which cloud connectivity option is the best fit for this corporation?

A.

DMVPN

B.

SDWAN SDCI

C.

MPLS direct connect

D.

cloud on-ramp

Full Access
Question # 53

SDN is still maturing Throughout the evolution of SDN which two things will play a key role in enabling a successful deployment and avoiding performance visibility gaps in the infrastructure’ (Choose two.)

A.

peer-to-peer controller infrastructure

B.

failing back to old behaviours

C.

dynamic real-time change

D.

rapid on-demand growth

E.

integration of device context

Full Access
Question # 54

If the desire is to connect virtual network functions together to accommodate different types of network service connectivity, what must be deployed?

A.

Bridging

B.

Service Chaining

C.

Linking

D.

Daisy Chaining

E.

Switching

Full Access
Question # 55

An architect receives a functional requirement for a NAC system from a customer security policy stating that if a corporate Wi-Fi device does not meet current AV definitions, it cannot access the network until updated. Which component should be built into the NAC design?

A.

Posture assessment with remediation VLAN

B.

Quarantine SGTs

C.

dACLs with SGTs

D.

Quarantine VLAN

Full Access
Question # 56

Scalability is a desirable attribute of a network, system, or process Poor scalability can result in poor system performance, necessitating the reengineering or duplication of systems Load scalability is the ability of a system to perform gracefully as traffic increases Which two problems can occur due to poor load scalability design? (Choose two.)

A.

cannot fully take advantage of parallelism

B.

algorithmically intolerable

C.

limited size of a data structure

D.

repeatedly engaging in wasteful activity

E.

redundant message logging

Full Access
Question # 57

Which two control plane policer designs must be considered to achieve high availability? (Choose two.)

A.

Control plane policers are enforced in hardware to protect the software path, but they are hardware platform dependent in terms of classification ability.

B.

Control plane policers are really needed only on externally facing devices.

C.

Control plane policers can cause the network management systems to create false alarms.

D.

Control plane policers must be processed before a forwarding decision is made.

E.

Control plane policers require that adequate protocol overheads are factored in to allow protocol convergence.

Full Access
Question # 58

Company XYZ has two routing domains (EIGRP and OSPF). They want full reachability and need OSPF to see link costs added to external routes. How must redistribution be designed?

A.

Redistribute using metric type 2 into OSPF.

B.

Redistribute using metric type 1 into OSPF.

C.

Redistribute using metric type 1 into EIGRP.

D.

Redistribute using metric type 2 into EIGRP.

Full Access
Question # 59

Your company wants to deploy a new data center infrastructure. Based on the requirements you have chosen VXLAN as encapsulation technology. The customer is concerned about misconfiguration of Layer 2 devices and DC-wide outages caused by Layer 2 loops. What do you answer?

A.

VXLAN offers native loop avoidance mechanism

B.

Storm Control should be enabled on all ports

C.

VPC+ could prevent L2 loop on access ports

D.

BPDU Guard should be enabled on all VTEP access ports

Full Access
Question # 60

Refer to the exhibit.

Question # 60

The network 10.10.0.0/16 has been redistributed to OSPF processes and the best path to the destination from R1 has been chosen as R1–R2–R3. A failure occurred on the link between R2 and R3 and the path was changed to R1–R4–R5–R3. What happens when the link between R2 and R3 is restored?

A.

The path R1–R4–R5–R3 continues to be the best path because the metric is better

B.

The path reverts back to R1–R2–R3 because the route type is E1

C.

The path R1–R4–R5–R3 continues to be the best path because OSPF does not compare the metrics between two domains

D.

The path reverts to R1–R2–R3 because this was the previous best path

Full Access
Question # 61

SDN is still maturing. Throughout the evolution of SDN, which two things will play a key role in enabling a successful deployment and avoiding performance visibility gaps in the infrastructure? (Choose two.)

A.

Rapid on-demand growth

B.

Dynamic real-time change

C.

Falling back to old behaviors

D.

Peer-to-peer controller infrastructure

E.

Integration of device context

Full Access
Question # 62

When a company network architect is working on a new network design, they are expected to ensure that business requirements and technical aspects are factored in, but often there are other factors that come into play as well. Which non-business constraint must also be considered throughout the design phase?

A.

Location

B.

Cost

C.

Time

D.

Compliance

Full Access
Question # 63

As a service provider is implementing Strong Access Control Measures, which two of the following PCI Data Security Standard requirements must be met? (Choose two . )

A.

Assign a unique ID to each person with computer access.

B.

Restrict access to cardholder data to on a need-to-know basis.

C.

Encrypt transmission of cardholder data across open or public networks.

D.

Each location must require validating PCI compliance if business has multiple locations.

E.

Protect stored cardholder data.

Full Access
Question # 64

Which three items do you recommend for control plane hardening of an infrastructure device? (Choose three.)

A.

redundant AAA servers

B.

Control Plane Policing

C.

warning banners

D.

to enable unused services

E.

SNMPv3

F.

routing protocol authentication

Full Access
Question # 65

Question # 65

Refer to the exhibit: A customer is migrating from a TDM-based Layer 2 VPN (L2VPN) to an MPLS Layer 3 VPN (L3VPN) in phases. The backbone OSPF connection between HUB A and HUB B will be replaced by eBGP. During the migration, some spokes (A2 and B1) are already moved to the L3VPN. The goal is to avoid routing loops during this hybrid transition.

Which design choice helps prevent routing loops during the backbone link migration?

A.

Enable route filtering on OSPF backbone routers for spoke traffic

B.

Advertise low AD value for transit traffic on hub sites

C.

OSPF backbone area advertises summarized routes to hub

D.

Redistribute EIGRP 200 and 300 with low cost into BGP

Full Access
Question # 66

A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different systems using different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling?

A.

Enforce risk-based and adaptive access policies.

B.

Assess real-time security health of devices.

C.

Apply a context-based network access control policy for users.

D.

Ensure trustworthiness of devices.

Full Access
Question # 67

Company XYZ is redesigning their QoS policy. Some of the applications used by the company are real-time applications. The QoS design must give these applications preference in terms of transmission. Which QoS strategy can be used to fulfill the requirement?

A.

weighted fair queuing

B.

weighted random early detection

C.

low-latency queuing

D.

first-in first-out

Full Access
Question # 68

Which feature must be part of the network design to wait a predetermined amount of time before notifying the routing protocol of a change in the path in the network?

A.

Transmit delay

B.

Throttle timer

C.

SPF hold time

D.

Interface dampening

Full Access
Question # 69

A multinational corporation intends to deploy Al/ML-driven analytics for consumer data The company operates in multiple locations, including the EU, where data protection regulations are rigorous The organization must guarantee that its Al/ML solution adheres to local regulations, especially with data storage and processing

Which cloud environment will most effectively meet the company’s data sovereignty needs while assuring adherence to regional data protection regulations?

A.

storing client data in a public cloud environment situated outside the EU and processing it via a centralized AI/ML system in the United States

B.

employing a hybrid cloud infrastructure, wherein customer data from the EU is retained in local data centers and processed within a centralized AI/ML system situated in a separate jurisdiction

C.

storing client data in a private cloud situated within the EU region to adhere to local data protection regulations

D.

using a public cloud infrastructure that permits the storage and processing of customer data in any worldwide region, devoid of specific local limitations

Full Access
Question # 70

An enterprise solution team is analyzing multilayer architecture and multicontroller SDN solutions for multisite deployments. The analysis focuses on the ability to run tasks on any controller via a standardized interface. Which requirement addresses this ability on a multicontroller platform?

A.

Deploy a root controller to gather a complete network-level view.

B.

Use the East-West API to facilitate replication between controllers within a cluster.

C.

Build direct physical connectivity between different controllers.

D.

Use OpenFlow to implement and adapt new protocols.

Full Access
Question # 71

Which three items do you recommend for control plane hardening of an infrastructure device? (Choose three.)

A.

Routing protocol authentication

B.

SNMPv3

C.

Control Plane Policing

D.

Redundant AAA servers

E.

Warning banners

F.

To enable unused services

Full Access
Question # 72

Which two data plane hardening techniques are true? (Choose two)

A.

warning banners

B.

redundant AAA servers

C.

Control Plane Policing

D.

SNMPv3

E.

infrastructure ACLs

F.

disable unused services

G.

routing protocol authentication

Full Access
Question # 73

Company XYZ is running SNMPv1 in their network and understands that it has some flaws. They want to change the security design to implement SNMPv3 in the network. Which network threat is SNMPv3 effective against?

A.

Man-in-the-middle attack

B.

Masquerade threats

C.

DDoS attack

D.

Brute force dictionary attack

Full Access
Question # 74

As technologies such as big data, cloud, and loT continue to grow, so will the demand for network bandwidth Business strategies must be flexible to accommodate these changes when it comes to priorities and direction and the network design strategy also must be agile and adaptable Drag and drop the benefits from the left onto the corresponding strategic approaches on the right as they relate to network design and management.

Question # 74

Full Access
Question # 75

By monitoring the effects of the design variations, you can characterize the relative resilience of the design. Which method involves disturbing the network by removing an active interface and monitoring how the change is handled by the network?

A.

randomized configuration

B.

nondeterministic analysis

C.

failover testing

D.

passive monitoring

Full Access
Question # 76

Which two actions must be taken when assessing an existing wireless network implementation for its readiness to support voice traffic? (Choose two.)

A.

Check for high roaming delay.

B.

Check for uniform radio coverage across the floors.

C.

Check for high channel utilization.

D.

Check for latency over wireless.

E.

Identify frequent TX power changes.

Full Access
Question # 77

: 487

Which layer of the SDN architecture orchestrates how the applications are given the resources available in the network?

A.

orchestration layer

B.

northbound API

C.

control layer

D.

southbound API

Full Access
Question # 78

What are two advantages of the Agile project management methodology? (Choose two)

A.

brief but detailed feedback loops

B.

extensive documentation

C.

well-detailed and reliable budget estimates

D.

creation of shippable enhancements

E.

tight and rigid model

Full Access
Question # 79

The administrator of a small branch office wants to implement the Layer 2 network without running STP. The office has some redundant paths. Which mechanism can the administrator use to allow redundancy without creating Layer 2 loops?

A.

Use double-sided VPC on both switches

B.

Use two port channels as Flex links

C.

Use FabricPath with ECMP

D.

Use 802.3ad link bundling

Full Access
Question # 80

You are designing the routing design for two merging companies that have overlapping IP address space. Which of these must you consider when developing the routing and NAT design?

A.

Local to global NAT translation is done after routing

B.

Global to local NAT translation is done before routing

C.

Local to global NAT translation is done before policy-based routing

D.

Global to local NAT translation is done after policy-based routing

Full Access
Question # 81

It is often seen that companies pick a cloud vendor solely based on technical preferences without putting enough weight on the business strategies that are driving the cloud initiatives Which strategic requirement may come into play where it is more likely that the decision makers will look to leverage laaS over SaaS or PaaS?

A.

selling products and services globally 24/7

B.

integration with partner or vendor supply chains

C.

control over the underlying infrastructure

D.

speed-to-market is more important for an initiative

Full Access
Question # 82

Which two benefits can software defined networks provide to businesses? (Choose two.)

A.

Provides additional redundancy

B.

Decentralized management

C.

Reduced latency

D.

Enables innovation

E.

Reduction of OpEx/CapEx

F.

Meets high traffic demands

Full Access
Question # 83

When consumers that leverage IaaS reach 100% resource capacity, what can be used to redirect the overflow of traffic to the public cloud so there is no disruption to service?

A.

Cloud policing

B.

Cloud spill

C.

Cloud bursting

D.

Cloud shaping

Full Access
Question # 84

Refer to the exhibit.

Question # 84

Company XYZ BGP topology is as shown in the diagram. The interface on the LA router connected toward the 10.1.5.0/24 network is faulty and is going up and down, which affects the entire routing domain. Which routing technique can the network administrator use so that the rest of the network is not affected by the flapping issue?

A.

The LA administrator should use route aggregation to summarize the 10.1.4.0/24, 10.1.5.0/24, 10.1.6.0/24, and 10.1.7.0/24 networks toward Chicago

B.

The LA administrator should use route dampening for the 10.1.5.0/24 network so that it does not get propagated when it flaps up and down.

C.

The LA administrator should use route filtering to block the 10.1.5.0/24 network from getting propagated toward Chicago and New York.

D.

The Chicago administrator should use route filtering to block the 10.1.5.0/24 network from coming in from the LA router.

Full Access
Question # 85

What is a country-specific requirement that data is subject to the laws of the country in which it is collected or processed and must remain within its borders?

A.

Data sovereignty

B.

Data rationality

C.

Data inheritance

D.

Data replication

Full Access
Question # 86

Agile and Waterfall are two popular methods for organizing projects. What describes any Agile network design development process?

A.

Working design over comprehensive documentation

B.

Contract negotiation over customer collaboration

C.

Following a plan over responding to change

D.

Processes and tools over individuals and interactions over time

Full Access
Question # 87

Drag and drop the characteristics from the left onto the corresponding network management options on the right.

Question # 87

Full Access
Question # 88

A customer with two 10 Mbps Internet links (active-active) experiences degraded performance when one fails. Static routing is used, and bandwidth upgrades aren ' t possible. The design must be failure-resistant without increasing CAPEX.

Which solution should be proposed?

A.

Implement quality of service on the current links

B.

Add a third link to the current router

C.

Add an additional edge router connected to a second ISP

D.

Use dynamic routing for equal-cost multipath

Full Access
Question # 89

According to the CIA triad principles for network security design, which principle should be priority for a Zero Trust network?

A.

requirement for data-in-motion encryption and 2FA authentication

B.

requirement for data-at-rest encryption for user identification within the VPN termination hardware

C.

categorization of systems, data, and enterprise BYOD assets that are connected to network zones based on individual privacy needs

D.

ensuring that authorized users have high-availability system access from defined zones to defined systems or zones

Full Access
Question # 90

Which extensions to GRE tunneling provide session tracking and in-order packet delivery in exchange for additional state stored in tunnel endpoints?

A.

GRE Protocol Type and Checksum extension fields.

B.

GRE Version and Reserved0 extension fields.

C.

No extension fields are available in the GRE header to track session data and packet sequences.

D.

GRE Key and Sequence number extensions.

Full Access
Question # 91

What is an advantage of using Agile over Waterfall methodology in the network design lifecycle?

A.

dosed loop operation

B.

lower total cost

C.

ideal for large projects

D.

reduced risk in the design process

Full Access
Question # 92

Which two statements describe network automation and network orchestration? (Choose two.)

A.

Network automation does not provide governance or policy management.

B.

Network automation spans multiple network services, vendors, and environments.

C.

Network orchestration is done through programmatic REST APIs enabling automation across devices and management platforms.

D.

Provisioning network services is an example of network automation.

E.

Network orchestration is used to run single, low-level tasks without human intervention.

Full Access
Question # 93

A network design includes a long signaling delay in notifying the Layer 3 control plane that an interface has failed. Which two of these actions would reduce that delay? (Choose two.)

A.

Increase network stability.

B.

Reduce the time for the network to reconverge.

C.

Increase the notification of interface flaps.

D.

Enable lower data link layer recovery systems to have an opportunity to restore the interface.

Full Access
Question # 94

A bank has two data centers (Primary and DR), and compliance policies mandate that services or servers can be moved seamlessly between the two data centers. Additionally, the technology cannot be locked to a specific vendor and must offer good scalability with broad support of layer 2 protocols. Which protocol meets these requirements?

A.

H-VPLS

B.

VPLS

C.

VXLAN

D.

Q-in-Q

E.

EVPN

Full Access
Question # 95

What are two examples of business goals to be considered when a network design is built? (Choose two.)

A.

standardize resiliency

B.

minimize operational costs

C.

integrate endpoint posture

D.

ensure faster obsolescence

E.

reduce complexity

Full Access
Question # 96

Which technology supports antispoofing and does not have any impact on encryption performance regardless of packet size?

A.

MACsec

B.

IP source guard

C.

DHCP snooping with DAI

D.

IPsec

Full Access
Question # 97

: 498

When organizations initially start consuming public cloud services, they often use VPNs over the internet to connect their on-premises applications to the public cloud infrastructure. In which two cases are other connectivity methods a better fit? (Choose two.)

A.

latency sensitive multimedia streaming

B.

high availability

C.

migration to transit gateway

D.

cost sensitive business applications

E.

desktop-as-a-service using VDI

Full Access
Question # 98

A key to maintaining a highly available network is building in the appropriate redundancy to protect against failure. This redundancy is carefully balanced with the inherent complexity of redundant systems. Which design consideration is relevant for enterprise WAN use cases when it comes to resiliency?

A.

Design in a way that expects outages and attacks on the network and its protected resources

B.

The design approach should consider simple and centralized management aspect

C.

Design in a way that it simplifies and improves ease of deployment

D.

Design automation tools wherever it is appropriate for greater visibility

Full Access
Question # 99

Drag and drop the right functional descriptions from the left onto the corresponding protocols on the right.

Question # 99

Full Access
Question # 100

: 478

The growing adoption of software-defined networking has begun the trend toward modernizing the IP infrastructure that runs today s networks Which popular fundamental function of IP Infrastructure deployed currently?

A.

controller appliances

B.

service orchestration

C.

network virtualization

D.

network services

Full Access
Question # 101

When designing a WAN that will be carrying real-time traffic, what are two important reasons to consider serialization delay? (Choose two.)

A.

Serialization delays are invariable because they depend only on the line rate of the interface.

B.

Serialization delays are variable because they depend on the line rate of the interface and on the type of the packet being serialized.

C.

Serialization delay is the time required to transmit the packet on the physical media.

D.

Serialization delays are variable because they depend only on the size of the packet being serialized.

E.

Serialization delay depends not only on the line rate of the interface but also on the size of the packet.

Full Access
Question # 102

A networking team needs to prevent spoofing attacks They are describing the different uRPF design use cases so they can identify and deploy the optimal mode in various parts of their network

Drag and drop the use cases from the left onto the corresponding uRPF technique on the right Not all options are used

Question # 102

Full Access
Question # 103

Which regulatory compliance element ensures adherence to regulations and improves speed to market, which gives businesses a competitive advantage?

A.

compliance change management

B.

quality management system

C.

regulatory enhancement process

D.

robust document control

Full Access
Question # 104

What are two design constraints in a standard spine and leaf architecture? (Choose two.)

A.

Spine switches can connect to each other.

B.

Each spine switch must connect to every leaf switch.

C.

Leaf switches must connect to each other.

D.

Endpoints connect only to the spine switches.

E.

Each leaf switch must connect to every spine switch.

Full Access
Question # 105

A healthcare customer requested that SNMP traps must be sent over the MPLS Layer 3 VPN service. Which protocol must be enabled?

A.

SNMPv3

B.

Syslog

C.

Syslog TLS

D.

SNMPv2

E.

SSH

Full Access
Question # 106

Company XYZ is designing their network using the three-layer hierarchical model. At which layer must the QoS design classify or mark the traffic?

A.

Access

B.

Core

C.

Collapsed core

D.

Distribution

Full Access
Question # 107

An enterprise plans to evolve from a traditional WAN network to a software-defined WAN network. The existing devices have limited capability when it comes to virtualization. As the migration is carried out, enterprise applications and services must not experience any traffic impact. Which implementation plan can be used to accommodate this during the migration phase?

A.

Deploy controllers, deploy SD-WAN edge routers in the data center, and migrate branch sites.

B.

Migrate data center WAN routers, migrate branch sites, and deploy SD-WAN edge routers.

C.

Migrate branch sites, migrate data center WAN routers, and deploy controllers.

D.

Deploy SD-WAN edge routers in the data center, deploy controllers, and migrate branch sites.

Full Access
Question # 108

Which effect of using ingress filtering to prevent spoofed addresses on a network design is true?

A.

It reduces the effectiveness of DDoS attacks when associated with DSCP remarking to Scavenger.

B.

It protects the network infrastructure against spoofed DDoS attacks.

C.

It classifies bogon traffic and remarks it with DSCP bulk.

D.

It filters RFC 1918 IP addresses.

Full Access
Question # 109

The goal for any network designer is to strive to build a resilient network that adapts to changing conditions rapidly with minimal impact on the services running over the network. A resilient network can adapt to failures, but which soft failure can be harder to define and detect?

A.

A network with operational challenges due to lack of skills

B.

A network that is not running in an optimal way

C.

A network which does not solve complexity issues

D.

A network or service that experiences outages

Full Access
Question # 110

Refer to the exhibit.

Question # 110

An engineer is designing the network for a multihomed customer running in AS 111. The AS does not have any other ASs connected to it. Which technology is more comprehensive to use in the design to make sure that the AS is not being used as a transit AS?

A.

Configure the AS-set attribute to allow only routes from AS 111 to be propagated to the neighbor ASs.

B.

Use the local preference attribute to configure your AS as a non-transit AS.

C.

Include an AS path access list to send routes to the neighboring ASs that only have AS 111 in the AS path field.

D.

Include a prefix list to only receive routes from neighboring ASs.

Full Access
Question # 111

Which optimal use of interface dampening on a fast convergence network design is true?

A.

When occasional flaps of long duration occur

B.

When numerous adjacent flaps of very short duration occur

C.

When the router hardware is slower than the carrier delay down detection

D.

When the switch hardware is faster than the debounce timer down detection

Full Access
Question # 112

An enterprise campus is adopting a network virtualization design solution with these requirements:

• It must include the ability to virtualize the data plane and control plane by using VLANs and VRFs

• It must maintain end-to-end logical path transport separation across the network

• Resources available grouped at the access edge

Which two primary models can this network virtualization design be categorized? (Choose two)

A.

Path isolation

B.

Session isolation

C.

Group virtualization

D.

Services virtualization

E.

Edge isolation

Full Access
Question # 113

A consultant needs to evaluate project management methodologies for a new service deployment on the existing network of a customer. The customer wants to be involved in the end-to-end project progress and be provided with frequent updates. The customer also wants the ability to change the requirements if needed, as the project progresses. Which project management methodology should be used?

A.

Three principles

B.

Phased

C.

Agile

D.

Waterfall

Full Access
Question # 114

A global e-commerce company is expanding its operations and planning to migrate its entire infrastructure to a hybrid cloud solution. They are concerned about data governance and want to ensure that their customers ' data is treated with utmost respect to sovereignty and privacy. What is an appropriate approach?

A.

Replicate customer data across all data centers globally to ensure data redundancy and compliance with local data regulations.

B.

Utilize a cloud provider that offers region-specific data centers to store customer data within the same geographic region.

C.

Encrypt all customer data and store it in a public cloud environment to benefit from advanced security measures.

D.

Implement strict access controls for customer data and store it in a single central data center to maintain data sovereignty.

Full Access
Question # 115

Security experts promote the security defense-m-depth principle which states that network security should be multilayered and modular and multiple methods should be designed and applied to different parts of the network Drag and drop the characteristics on the left to the matching enterprise network components on the right.

Question # 115

Full Access
Question # 116

A network architect is working on the baseline policies dealing with the use of Infrastructure-as-Code within an IT department, and has been requested to present the plan at the monthly management board meeting. What are two examples of operational aspects of Infrastructure-as-Code that can be highlighted during the presentation? (Choose two.)

A.

API for programmatic control

B.

automatic trouble ticketing

C.

automated workflows

D.

source code management repository

E.

telemetry and monitoring

Full Access
Question # 117

Which mechanism provides Layer 2 fault isolation between data centers?

A.

FabricPath

B.

OTV

C.

Advanced VPLS

D.

LISP

E.

TRILL

Full Access
Question # 118

What is the most important operational driver in building a resilient and secure modular network design?

A.

Dependencies on hardware or software that is difficult to scale

B.

Minimize app downtime

C.

Reduce the frequency of failures requiring human intervention

D.

Increase time spent on developing new features

Full Access
Question # 119

As network designer, which option is your main concern with regards to virtualizing multiple network zones into a single hardware device?

A.

Fate sharing

B.

CPU resource allocation

C.

Congestion control

D.

Security

E.

Bandwidth allocation

Full Access
Question # 120

Refer to the exhibit.

Question # 120

An engineer is designing the traffic flow for AS 111. Traffic from AS 111 should be preferred via AS 100 for all external routes. A method must be used that only affects AS 111. Which BGP attributes are best suited to control outbound traffic?

A.

community

B.

MED

C.

local preference

D.

AS path

Full Access
Question # 121

A business wants to refresh its legacy Frame Relay WAN It currently has product specialists in each of its 200 branches but plans to reduce and consolidate resources. The goal is to have product specialists available via video link when customers visit the nationwide branch offices Which technology should be used to meet this objective?

A.

Layer 2 VPLS

B.

Layer 3 MPLS VPN hub and spoke

C.

Layer 3 MPLS VPN full mesh

D.

DMVPN phase 1 network over the internet

Full Access
Question # 122

: 494 DRAG DROP

The customer ' s network manager asked for some key points to use m a presentation on overlay/underlay features and responsibilities. Drag and drop the features or responsibilities from the left onto the corresponding groups on the right in no particular order.

Question # 122

Full Access
Question # 123

Modem IT departments are more service oriented than they used to be To meet the needs oí their customers. IT departments are spending more time analyzing and documenting their processes for delivering services A focus on processes helps to ensure effective service delivery and to avoid wasted expenditures on technology that doesn ' t provide a needed service What defines frameworks and processes that can help an organization match the delivery of IT services with the business needs of the organization?

A.

IT Service Management

B.

remedy management

C.

IT helpdesk

D.

service desk monitoring

Full Access
Question # 124

Which function is performed at the access layer of the three-layer hierarchical network design model?

A.

Fault isolation

B.

QoS classification and marking boundary

C.

Reliability

D.

Fast transport

E.

Redundancy and load balancing

Full Access
Question # 125

A network uses an SDN architecture with switches and a centralized controller What should be on the switches but not on the controller?

A.

control plane functions

B.

data plane functions

C.

northbound interface

D.

a southbound interface

Full Access
Question # 126

SD-WAN can be used to provide secure connectivity to remote offices, branch offices, campus networks, data centers, and the cloud over any type of IP-based underlay transport network. Which two statements describe SD-WAN solutions? (Choose two.)

A.

SD-WAN networks are inherently protected against slow performance.

B.

Control and data forwarding planes are kept separate.

C.

Improved operational efficiencies result in cost savings.

D.

Solutions include centralized orchestration, control, and zero-touch provisioning.

E.

Solutions allow for variations of commodity and specialized switching hardware.

Full Access
Question # 127

Which parameter is the most important factor to consider when deciding service placement in a cloud solution?

A.

Data replication cost

B.

Application structure

C.

Security framework implementation time

D.

Data confidentiality rules

Full Access
Question # 128

: 486

An aerospace firm is considering implementing AI and ML systems to boost output while decreasing line downtime Optimal maintenance schedules and failure prediction of equipment are the end goals

To meet this business demand, which AI/ML solution would be the most effective in boosting productivity and decreasing downtime?

A.

lessening the need for human workers by automating production with Al

B.

optimizing maintenance schedules and predicting equipment failures with the use of predictive maintenance algorithms

C.

automating production-related employee training with chatbots driven by artificial intelligence

D.

using ML models to improve logistics in the company supply chain

Full Access
Question # 129

You have been asked to design a remote access VPN solution to support up to 2000 devices. You must ensure that only corporate assets are allowed to connect to the VPN, and users must authenticate to gain access based on their user role. Users must use a password that they are already using to access existing applications. A user may not always use the same device to access the VPN. Which two options combined meet the requirements? (Choose two)

A.

Use local usernames and passwords on the VPN device

B.

Deploy a central authentication directory that users can be authenticated and authorized against

C.

Deploy certificates that are unique to each user

D.

Deploy an IPsec VPN solution

E.

Deploy certificates that are unique to each device

F.

Deploy a SSL VPN solution

Full Access
Question # 130

Which CIA triad principle is used by social media platforms to constitute a standard procedure of user IDs and passwords requirements?

A.

integrity

B.

confidentiality

C.

availability

D.

compliance

Full Access
Question # 131

SDN controllers need to sustain healthy operation under the pressure of different objectives from the applications they host. High availability can be achieved through improved southbound APIs and controller placement heuristics and formal models. Which two implementation strategy help to maximize resilience and scalability? (Choose two.)

A.

Efficient implementation by connecting forwarding devices to multiple controller.

B.

Cost-effective implementation by connecting forwarding devices to single controller.

C.

Controller deployment planning is more dependent on network size than on the topology.

D.

Controller deployment planning is more dependent on network type than application need

E.

Controller deployment planning is more dependent on the topology than on network size.

Full Access
Question # 132

Over the years, many solutions have been developed to limit control plane state which reduces the scope or the speed of control plane information propagation. Which solution removes more specific information about a particular destination as topological distance is covered in the network?

A.

Aggregation

B.

Summarization

C.

Back-off timers

D.

Layering

Full Access
Question # 133

Your network operations team is deploying Access Control Lists (ACLs) across your Internet gateways. They wish to place an ACL inbound on the Internet gateway interface facing the core network (the " trusted " interface). Which IP address would the ACL need for traffic sourced from the inside interface, to match the source address of the traffic?

A.

inside global

B.

outside global

C.

inside local

D.

outside local

Full Access
Question # 134

During initial preparations to deploy 802 1x for wired access to their network, a company must ensure that the solution complies with existing internal security policies These policies mandate that every Auth C/Auth Z request must be protected by a tunnel which authenticates both server and clients using their PKI AI the same time, the user authentication phase must be independent of the tunnel Which scheme meets the requirements?

A.

EAP-MDS

B.

EAP-Fast

C.

EAP-MSCHAPv2

D.

PEAP

Full Access
Question # 135

Which MPLS TE design consideration is true?

A.

MPLS TE replaces LDP and the dependency of the IGP to identify the best path

B.

MPLS TE provides link and node protection

C.

MPLS TE optimizes the routing of IP traffic, given the constraints imposed by backbone capacity and application requirements

D.

MPLS TE requires Layer 3 VPN full-mesh topology deployment

Full Access
Question # 136

What are two primary design constraints when a robust infrastructure solution is created? (Choose two.)

A.

Monitoring capabilities

B.

Project time frame

C.

Staff experience

D.

Component availability

E.

Total cost

Full Access
Question # 137

What are two top cloud-native security challenges faced by today ' s cloud-oriented organizations? (Choose two.)

A.

Establishing user roles

B.

Polymorphism

C.

Lack of visibility and tracking

D.

Increased attack surface

E.

User credential validation

Full Access
Question # 138

As part of a design solution a consultant needs to describe the trade-offs between different SDN models Drag the characteristics on the left to the correct controller-based network designs on the right in no particular order.

Question # 138

Full Access
Question # 139

In implementing the CIA triad, an organization must follow a general set of best practices. Which best practice is applicable for availability?

A.

Ensure systems and applications stay updated

B.

Follow an organization ' s data-handling security policies.

C.

Use backup and recovery software and services.

D.

Keep access control lists and other file permissions up to date

Full Access
Question # 140

In outsourced IT services, the RTO is defined within the SLA. Which two support terms are often included in the SLA by IT and other service providers? (Choose two.)

A.

Network size and cost

B.

Support availability

C.

Network sustainability

D.

Network reliability

E.

Resolution time

Full Access
Question # 141

An architect prepares a network design for a startup company. The design must meet business requirements while the business grows and divests due to rapidly changing markets. What is the highest priority in this design?

A.

The network should be hierarchical.

B.

The network should be modular.

C.

The network should be scalable.

D.

The network should have a dedicated core.

Full Access
Question # 142

Which component of the SDN architecture automatically ensures that application traffic is routed according to policies established by network administrators?

A.

Packet forwarding engine

B.

Northbound API

C.

Southbound API

D.

SDN controller

Full Access
Question # 143

With virtualization being applied in many parts of the network, every physical link is likely to carry one or more virtual links, but what is a drawback in cases like this?

A.

unneeded tunneling

B.

fate sharing

C.

serialization delay

D.

bandwidth utilization

Full Access
Question # 144

: 503

As organizations rush to implement AI, many fail to address its ethical considerations Not examining those issues puts an organization at risk of legal violations, loss of customer trust and long-term reputational damage. Which two ethical standards are required in preven ting such pitfalls? (Choose two. )

A.

data privacy

B.

algorithmic transparency

C.

Al maturity

D.

data silos process automation

Full Access
Question # 145

In traditional network design, the network and data center are confined within a single building In this configuration, a router connects the internal and external networks Basic configuration of an access control list within the router controls the traffic that can pass through Which security technique defines the boundary between an internal/trusted network and an external/untrusted network?

A.

network segmentation

B.

security certifications

C.

encryption

D.

perimeter security

Full Access
Question # 146

Software-defined network and traditional networks might appear the same to the end-user, but behind the scenes, each has unique sets of characteristics. Drag and drop these characteristic found on the left to the corresponding category on the right in no particular order?

Question # 146

Full Access
Question # 147

An enterprise wants to migrate an on-premises network to a cloud network, and the design team is finalizing the overall migration process. Drag and drop the options from the left into the correct order on the right.

Question # 147

Full Access
Question # 148

A network hacker introduces a packet with duplicate sequence numbers to disrupt an IPsec session. During this, high-priority traffic is transmitted. What design parameter helps mitigate this?

A.

Classify and mark duplicate sequence packets

B.

Apply anti-replay window 4096

C.

Restrict keyword in IPsec tunnel

D.

Increase QoS shape policy

Full Access
Question # 149

What is the best approach to ensure both scalability and high availability for a cloud-based storage solution over the IP network?

A.

Using a RAID (Redundant Array of Independent Disks) setup to provide data redundancy and improve performance.

B.

Deploying a Content Delivery Network (CDN) to cache and serve frequently accessed storage content.

C.

Implementing Network Attached Storage (NAS) devices in a clustered configuration for load balancing.

D.

Utilizing a Storage Area Network (SAN) with redundant controllers and paths for storage access.

Full Access