Summer Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

400-007 Questions and Answers

Question # 6

You are designing a network running both IPv4 and IPv6 to deploy QoS. Which consideration is correct about the QoS for IPv4 and IPv6?

A.

IPv4 and IPv6 traffic types can use queuing mechanisms such as LLQ, PQ, and CQ.

B.

IPv6 packet classification is only available with process switching, whereas IPv4 packet classification is available with both process switching and CEF.

C.

IPv6 and IPv4 traffic types can use a single QoS policy to match both protocols.

D.

Different congestion management mechanisms need to be used for IPv4 and IPv6 traffic types.

Full Access
Question # 7

You are designing the QoS policy for a company that is running many TCP-based applications. The company is experiencing tail drops for these applications. The company wants to use a congestion avoidance technique for these applications. Which QoS strategy can be used?

A.

Weighted fair queuing

B.

Weighted random early detection

C.

Low-latency queuing

D.

First-in first-out

Full Access
Question # 8

A healthcare provider discovers that protected health information of patients was altered without patient consent. The healthcare provider is subject to HIPAA compliance and is required to protect PHI data. Which type of security safeguard should be implemented to resolve this issue?

A.

technical and physical access control

B.

administrative security management processes

C.

physical device and media control

D.

technical integrity and transmission security

Full Access
Question # 9

Sometimes SDN leverages various overlay networking technologies to create layer(s) of network abstraction. What describes an overlay network?

A.

It transmits packets that traverse over network devices like switches and routers

B.

It encapsulates packets at source and destination, which incurs additional overhead

C.

Packet delivery and reliability occurs at Layer 3 and Layer 4

D.

It is responsible for the delivery of packets; NAT- or VRF-based segregation is required

Full Access
Question # 10

Which two descriptions of CWDM are true? (Choose two)

A.

Typically used over long distances, but requires optical amplification

B.

Uses the 850nm band

C.

Allows up to 32 optical carriers to be multiplexed onto a single fiber

D.

Shares the same transmission window as DWDM

E.

Passive CWDM devices require no electrical power

Full Access
Question # 11

Company XYZ has two routing domains (EIGRP and OSPF). They want full reachability and need OSPF to see link costs added to external routes. How must redistribution be designed?

A.

Redistribute using metric type 2 into OSPF.

B.

Redistribute using metric type 1 into OSPF.

C.

Redistribute using metric type 1 into EIGRP.

D.

Redistribute using metric type 2 into EIGRP.

Full Access
Question # 12

How can EIGRP topologies be designed to converge as fast as possible in the event of a point-to-point link failure?

A.

Limit the query domain by use of distribute lists.

B.

Build neighbor adjacencies in a triangulated fashion.

C.

Build neighbor adjacencies in squared fashion.

D.

Limit the query domain by use of summarization.

E.

Limit the query domain by use of default routes.

Full Access
Question # 13

Refer to the exhibit.

A customer runs OSPF with Area 5 between its aggregation router and an internal router. When a network change occurs in the backbone, Area 5 starts having connectivity issues due to the SPF algorithm recalculating an abnormal number of times in Area 5. You are tasked to redesign this network to increase resiliency on the customer network with the caveat that Router B does not support the stub area. How can you accomplish this task?

A.

Increase the bandwidth on the connection between Router A and Router B

B.

Implement LSA filtering on the ABR, allowing summary routes and preventing more specific routes into Area 5

C.

Create a virtual link to Area 0 from Router B to the ABR

D.

Turn on LSA throttling on all devices in Area 5

E.

Set Area 5 to stubby at the ABR anyway

Full Access
Question # 14

Router R1 is a BGP speaker with one peering neighbor over link "A". When link "A" fails, routing announcements are terminated, which results in the tearing down of the state for all BGP routes at each end of the link. What is this a good example of?

A.

Fault isolation

B.

Resiliency

C.

Redundancy

D.

Fate sharing

Full Access
Question # 15

Which solution component helps to achieve rapid migration to the cloud for SaaS and public cloud leveraging SD-WAN capabilities?

A.

Service-oriented cloud architecture

B.

Cloud OnRamp

C.

Cloud registry

D.

Microservices in the cloud

Full Access
Question # 16

You have been tasked with designing a data center interconnect as part of business continuity. You want to use FCoE over this DCI to support synchronous replication. Which two technologies allow for FCoE via lossless Ethernet or data center bridging? (Choose two.)

A.

DWDM

B.

EoMPLS

C.

SONET/SDH

D.

Multichassis EtherChannel over Pseudowire

E.

VPLS

Full Access
Question # 17

Hybrid cloud computing allows organizations to take advantage of public and private cloud models. Which best practice should organizations follow to ensure data security in the private cloud?

A.

Use standard protocols for data transmission over the network.

B.

Encrypt data when it is at rest and in motion.

C.

Communicate all data security risks to customers and end users.

D.

Use standard network protocols for data communication between unsecured network connections.

Full Access
Question # 18

A customer asks you to perform a high-level review of their upcoming WAN refresh for remote sites. The review is specially focused on their retail store operations consisting of 500+ locations connected via multipoint IPsec VPN solution. Which routing protocol would be valid but would also be the most restrictive for the expansion of this deployment model?

A.

EIGRP

B.

IS-IS

C.

OSPF

D.

BGP

Full Access
Question # 19

IPFIX data collection via standalone IPFIX probes is an alternative to flow collection from routers and switches. Which use case is suitable for using IPFIX probes?

A.

performance monitoring

B.

security

C.

observation of critical links

D.

capacity planning

Full Access
Question # 20

While reviewing an existing network design, you are discussing the characteristics of different STP versions. Which protocol minimizes unicast flooding during a Topology Change Notification in a Layer 2 switched network with many VLANs?

A.

PVRSTP

B.

MST

C.

STP

D.

PVSTP+

Full Access
Question # 21

Refer to the exhibit.

The enterprise customer wants to stream one-way video from their head office to eight branch offices using multicast. Their current service provider provides a Layer 3 VPN solution and manages the CE routers, but they do not currently support multicast. Which solution quickly allows this multicast traffic to go through while allowing for future scalability?

A.

Enable a GRE tunnel between nodes CE1 and CE2

B.

Enable a GRE tunnel between nodes C2 and C4

C.

Enable a GRE tunnel between nodes C1 and C4

D.

Implement hub and spoke MPLS VPN over DMVPN (also known as 2547o DMVPN) between CE1 and CE2

E.

The service provider must provide a Draft Rosen solution to enable a GRE tunnel between nodes PE1 and PE2

Full Access
Question # 22

Drag and drop the end-to-end network virtualization elements from the left onto the correct network areas on the right.

Full Access
Question # 23

Two enterprise networks must be connected together. Both networks are using the same private IP addresses. The client requests from both sides should be translated using hide NAT (dynamic NAT) with the overload feature to save IP addresses from the NAT pools. Which design addresses this requirement using only one Cisco IOS NAT router for both directions?

A.

This is not possible, because two Cisco IOS NAT routers are required to do dynamic NAT with overload in both directions

B.

The ip nat inside and ip nat outside commands must be configured at the interfaces with the overload option in both directions

C.

The overload feature is the default and does not have to be configured

D.

Two different NAT pools must be used for the ip nat inside source and the ip nat outside source commands for the overload feature in both directions

E.

The NAT Virtual Interface must be used to achieve this requirement

Full Access
Question # 24

Company XYZ is in the process of identifying which transport mechanism(s) to use as their WAN technology. Their main two requirements are:

    A technology that could offer DPI, SLA, secure tunnels, privacy, QoS, scalability, reliability, and ease of management.

    A technology that is cost-effective.

Which WAN technology(ies) should be included in the design of company XYZ?

A.

Software-defined WAN should be the preferred choice because it complements both technologies, covers all the required features, and it is the most cost-effective solution.

B.

Internet should be the preferred option because it is cost-effective and supports BFD, IP SLA, and IPsec for secure transport over the public Internet.

C.

Both technologies should be used. Each should be used to back up the other one; where the primary links are MPLS, the Internet should be used as a backup link with IPsec (and vice versa).

D.

MPLS meets all these requirements and it is more reliable than using the Internet. It is widely used with defined best practices and an industry standard.

Full Access
Question # 25

In an OSPF network with routers connected together with Ethernet cabling, which topology typically takes the longest to converge?

A.

Partial mesh

B.

Full mesh

C.

Ring

D.

Squared

E.

Triangulated

Full Access
Question # 26

Company XYZ asks for design recommendations for Layer 2 redundancy. The company wants to prioritize fast convergence and resiliency elements. In the design, which two technologies are recommended? (Choose two.)

A.

Design MLAG/MC-LAG into the network wherever possible.

B.

Configure DHCP snooping on the switches.

C.

Use root guard.

D.

Use BPDU guard.

E.

Use UniDirectional Link Detection.

Full Access
Question # 27

Refer to the exhibit.

This network is running legacy STP 802.1d. Assuming "hello_timer" is fixed to 2 seconds, which parameters can be modified to speed up convergence times after single link/node failure?

A.

The transit_delay=5 and bpdu_delay=20 are recommended values, considering hello_timer=2 and specified.

B.

Only the maximum_transmission_halt_delay and diameter parameters are configurable parameters in 802.1d to speed up STP convergence process.

C.

The max_age and forward delay parameters can be adjusted to speed up STP convergence process.

D.

Only the transit_delay and bpdu_delay timers are configurable parameters in 802.1d to speed up STP convergence process.

Full Access
Question # 28

Which two features control multicast traffic in a VLAN environment? (Choose two)

A.

IGMP snooping

B.

MLD snooping

C.

RGMP

D.

PIM snooping

E.

pruning

Full Access
Question # 29

A customer migrates from a traditional Layer 2 data center network into a new SDN-based spine-and-leaf VXLAN EVPN data center within the same location. The networks are joined to enable host migration at Layer 2. What is the final migration step after hosts have physically migrated to have traffic flowing through the new network without changing any host configuration?

A.

Shut down legacy Layer 3 SVIs, clear ARP caches on all hosts being migrated, and then configure the legacy VRRP address onto new VXLAN core switches

B.

Increase VRRP priorities on new infrastructure over legacy VRRP values, then shut down legacy SVIs

C.

Shut down legacy infrastructure to allow VXLAN gateways to become active

D.

Shut down legacy Layer 3 SVIs and activate new preconfigured Layer 3 SVIs on VXLAN

Full Access
Question # 30

An attacker exploits application flaws to obtain data and credentials. What is the next step after application discovery in Zero Trust networking?

A.

Establish visibility and behavior modeling

B.

Enforce policies and microsegmentation

C.

Assess real-time security health

D.

Ensure trustworthiness of systems

Full Access
Question # 31

Refer to the exhibit.

For Company XYZ, Bangkok is using ECMP to reach the 172.20.2.0/24 network. The company wants a design that would allow them to forward traffic from 172.16.2.0/24 toward 172.20.2.0/24 via the Singapore router as the preferred route. The rest of the traffic should continue to use ECMP. Which technology fulfills this design requirement?

A.

policy-based routing

B.

route summarization

C.

unequal-cost load balancing using variance

D.

LFA

Full Access
Question # 32

Two routers R1 and R2 are directly connected through an Ethernet link. Both routers are running OSPF over the Ethernet link and OSPF has been registered with BFD. R1 has been set up to transmit BFD at a 50 ms interval, but R2 can receive only at a 100 ms rate due to platform limitations. What does this mean?

A.

After the initial timer exchange, R2 sets its transmission rate to the R1 Desired Min TX interval

B.

After the initial timer exchange, R1 sets its transmission rate to the R2 Required Min RX interval

C.

Timers renegotiate indefinitely, so the timer exchange phase never converges

D.

R2 sets the P-bit on all BFD control packets until R2 sends a packet with the F-bit set

Full Access
Question # 33

A company uses equipment from multiple vendors in a data center fabric to deliver SDN, enable maximum flexibility, and provide the best return on investment. Which YANG data model should be adopted for comprehensive features to simplify and streamline automation for the SDN fabric?

A.

Proprietary

B.

OpenConfig

C.

Native

D.

IETF

Full Access
Question # 34

What is the most important operational driver in building a resilient and secure modular network design?

A.

Dependencies on hardware or software that is difficult to scale

B.

Minimize app downtime

C.

Reduce the frequency of failures requiring human intervention

D.

Increase time spent on developing new features

Full Access
Question # 35

An enterprise solution team is analyzing multilayer architecture and multicontroller SDN solutions for multisite deployments. The analysis focuses on the ability to run tasks on any controller via a standardized interface. Which requirement addresses this ability on a multicontroller platform?

A.

Deploy a root controller to gather a complete network-level view.

B.

Use the East-West API to facilitate replication between controllers within a cluster.

C.

Build direct physical connectivity between different controllers.

D.

Use OpenFlow to implement and adapt new protocols.

Full Access
Question # 36

A key to maintaining a highly available network is building in the appropriate redundancy to protect against failure. This redundancy is carefully balanced with the inherent complexity of redundant systems. Which design consideration is relevant for enterprise WAN use cases when it comes to resiliency?

A.

Design in a way that expects outages and attacks on the network and its protected resources

B.

The design approach should consider simple and centralized management aspect

C.

Design in a way that it simplifies and improves ease of deployment

D.

Design automation tools wherever it is appropriate for greater visibility

Full Access
Question # 37

Refer to the exhibit.

ACME Mining has four data centers in Santiago. Cape Town. Mumbai, and Beijing, full-mesh connected via a 400 Mb/s EVP-LAN They want to deploy a new mission-critical application with these

requirements:

    clusterheartbeat2Mb/s continuous (250 KB/s)

    cluster heartbeat one-way maximum latency 100 ms

These are the current ping tests results between the four data centers:

Which hosting data center pair can host the new application?

A.

Mumbai and Beijing

B.

Santiago and Cape Town

C.

Santiago and Mumbai

D.

Cape Town and Mumbai

E.

Cape Town and Beijing

F.

Santiago and Beijing

Full Access
Question # 38

Which two possible drawbacks should you consider when introducing Network Functions Virtualization in a network design? (Choose two.)

A.

Bandwidth utilization increases

B.

Traffic flows are suboptimal

C.

High-end routers are required to support NFV

D.

OpenFlow must be supported in the network

E.

An SDN orchestration layer is required to support NFV

Full Access
Question # 39

When an SDN-based model is used to transmit multimedia traffic, which aspect should an architect consider while designing the network?

A.

QoE estimation

B.

Security

C.

Traffic patterns

D.

Flow forwarding

Full Access
Question # 40

Which two foundational aspects of IoT are still evolving and being worked on by the industry at large? (Choose two)

A.

WiFi protocols

B.

Regulatory domains

C.

Low energy Bluetooth sensors

D.

IoT consortia

E.

Standards

Full Access
Question # 41

A business invests in SDN and develops its own SDN controller that, due to budget constraints, runs on a single controller. The controller actively places an exclusive lock on the configuration of the devices to ensure it is the only source of changes to the environment. What is the result if the controller fails?

A.

All device configurations are in read-only mode until the controller is restored.

B.

The control plane is unavailable until the controller is restored.

C.

If a device fails, the configuration backup is unavailable.

D.

Manual changes are only possible until the controller is restored.

Full Access
Question # 42

The CIA triad is foundational to information security, and one can be certain that one or more of the principles within the CIA triad has been violated when data is leaked or a system is attacked Drag and drop the countermeasures on the left to the appropriate principle section on the right in any order

Full Access
Question # 43

Organizations that embrace Zero Trust initiatives ranging from business policies to technology infrastructure can reap business and security benefits. Which two domains should be covered under Zero Trust initiatives? (Choose two)

A.

workload

B.

work domain

C.

workplace

D.

workgroup

E.

workspace

Full Access
Question # 44

Which optimal use of interface dampening on a fast convergence network design is true?

A.

When occasional flaps of long duration occur

B.

When numerous adjacent flaps of very short duration occur

C.

When the router hardware is slower than the carrier delay down detection

D.

When the switch hardware is faster than the debounce timer down detection

Full Access
Question # 45

Which design consideration is valid when you contrast FabricPath and TRILL?

A.

FabricPath uses IS-IS, but TRILL uses VXLAN

B.

FabricPath permits active-active FHRP and TRILL supports anycast gateway

C.

FabricPath permits ECMP, but TRILL does not

D.

FabricPath permits active-active mode, but TRILL supports only active-standby mode

Full Access
Question # 46

Which design solution reduces the amount of IGMP state in the network?

A.

IGMP filtering

B.

IGMPv3 with PIM-SSM

C.

Multiple multicast domains

D.

One multicast group address throughout network regardless of IGMP version

Full Access
Question # 47

A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different systems using different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling?

A.

Enforce risk-based and adaptive access policies.

B.

Assess real-time security health of devices.

C.

Apply a context-based network access control policy for users.

D.

Ensure trustworthiness of devices.

Full Access
Question # 48

Company XYZ is planning to deploy primary and secondary (disaster recovery) data center sites. Each of these sites will have redundant SAN fabrics and data protection is expected between the data center sites. The sites are 100 miles (160 km) apart and target RPO/RTO are 3 hrs and 24 hrs, respectively. Which two considerations must Company XYZ bear in mind when deploying replication in their scenario? (Choose two.)

A.

Target RPO/RTO requirements cannot be met due to the one-way delay introduced by the distance between sites.

B.

VSANs must be routed between sites to isolate fault domains and increase overall availability.

C.

Synchronous data replication must be used to meet the business requirements.

D.

Asynchronous data replication should be used in this scenario to avoid performance impact in the primary site.

E.

VSANs must be extended from the primary to the secondary site to improve performance and availability.

Full Access
Question # 49

Which MPLS TE design consideration is true?

A.

MPLS TE replaces LDP and the dependency of the IGP to identify the best path

B.

MPLS TE provides link and node protection

C.

MPLS TE optimizes the routing of IP traffic, given the constraints imposed by backbone capacity and application requirements

D.

MPLS TE requires Layer 3 VPN full-mesh topology deployment

Full Access
Question # 50

Which two characteristics apply to firewall transparent mode operations in a firewall solution design? (Choose two.)

A.

Changes in the existing IP addressing and subnets are required

B.

The firewall can participate actively on spanning tree.

C.

Multicast traffic can traverse the firewall.

D.

OSPF adjacencies can be established through the firewall

E.

The firewall acts like a router hop in the network.

Full Access
Question # 51

Identity and access management between multiple users and multiple applications has become a mandatory requirement for Company XYZ to fight against ever-increasing cybersecurity threats. To achieve this, federated identity services have been deployed to provide Single Sign-On and Multi-Factor Authentication. Which protocol can be used by Company XYZ to provide authentication and authorization services?

A.

OAuth2

B.

OpenID Connect

C.

OpenID

D.

SAML2.0

Full Access
Question # 52

Company XYZ has implemented policy-based routing in their network. Which potential problem must be kept in mind about network reconvergence and PBR?

A.

It can limit network scalability

B.

It can create microloops during reconvergence

C.

It increases convergence time.

D.

It reduces convergence time.

Full Access
Question # 53

Company XYZ must design a strategy to protect their routers from DoS attacks, such as traffic destined to the router's own route processor, using separate control plane categories. Which two capabilities can be used to achieve this requirement? (Choose two.)

A.

Control Plane Protection using queue thresholding on the transit subinterface

B.

Control Plane Protection using port filtering on the transit subinterface

C.

Control Plane Protection using port filtering on the main interface

D.

Control Plane Protection using queue thresholding on the host subinterface

E.

Control Plane Protection using port filtering on the host subinterface

Full Access
Question # 54

Refer to the exhibit.

This network is running OSPF as the routing protocol. The internal networks are being advertised in OSPF. London and Rome are using the direct link to reach each other although the transfer rates are better via Barcelona. Which OSPF design change allows OSPF to calculate the proper costs?

A.

Change the OSPF reference bandwidth to accommodate faster links.

B.

Filter the routes on the link between London and Rome.

C.

Change the interface bandwidth on all the links.

D.

Implement OSPF summarization to fix the issue.

Full Access
Question # 55

An enterprise campus is adopting a network virtualization design solution with these requirements:

• It must include the ability to virtualize the data plane and control plane by using VLANs and VRFs

• It must maintain end-to-end logical path transport separation across the network

• Resources available grouped at the access edge

Which two primary models can this network virtualization design be categorized? (Choose two)

A.

Path isolation

B.

Session isolation

C.

Group virtualization

D.

Services virtualization

E.

Edge isolation

Full Access
Question # 56

A customer migrates from a traditional Layer 2 data center network into a new SDN-based spine-and-leaf VXLAN EVPN data center within the same location. The networks are joined to enable host migration at Layer 2. Which activity should be completed each time a legacy network is migrated?

A.

The migrated VLAN should be pruned from the Layer 2 interconnects.

B.

The migrated network should have a VXLAN VNID configured within the new network.

C.

The migrated network should be advertised to the EVPN network as a Type 2 network.

D.

The migrated network should be added to the EVPN BGP routing.

Full Access
Question # 57

Enterprise XYZ wants to implement fast convergence on their network and optimize timers for OSPF. However, they also want to prevent excess flooding of LSAs if there is a constantly flapping link on the network. Which timers can help prevent excess flooding of LSAs for OSPF?

A.

OSPF propagation timers

B.

OSPF throttling timers

C.

OSPF delay timers

D.

OSPF flooding timers

Full Access
Question # 58

Drag and drop the design use cases from the left onto the correct uRPF techniques used to prevent spoofing attacks Not all options are used.

Full Access
Question # 59

Company XYZ has 30 sites using MPLS L3 VPN and is concerned about data integrity. They want a centralized configuration model and minimal overhead. Which technology can be used?

A.

S-VTI

B.

DMVPN

C.

MGRE

D.

GET VPN

Full Access
Question # 60

What are two design constraints in a standard spine and leaf architecture? (Choose two.)

A.

Spine switches can connect to each other.

B.

Each spine switch must connect to every leaf switch.

C.

Leaf switches must connect to each other.

D.

Endpoints connect only to the spine switches.

E.

Each leaf switch must connect to every spine switch.

Full Access
Question # 61

Your network operations team is deploying Access Control Lists (ACLs) across your Internet gateways. They wish to place an ACL inbound on the Internet gateway interface facing the core network (the "trusted" interface). Which IP address would the ACL need for traffic sourced from the inside interface, to match the source address of the traffic?

A.

inside global

B.

outside global

C.

inside local

D.

outside local

Full Access
Question # 62

Refer to the exhibit.

An engineer is designing the network for a multihomed customer running in AS 111. The AS does not have any other ASs connected to it. Which technology is more comprehensive to use in the design to make sure that the AS is not being used as a transit AS?

A.

Configure the AS-set attribute to allow only routes from AS 111 to be propagated to the neighbor ASs.

B.

Use the local preference attribute to configure your AS as a non-transit AS.

C.

Include an AS path access list to send routes to the neighboring ASs that only have AS 111 in the AS path field.

D.

Include a prefix list to only receive routes from neighboring ASs.

Full Access
Question # 63

VPLS is implemented in a Layer 2 network with 2000 VLANs. What is the primary concern to ensure successful deployment of VPLS?

A.

Flooding is necessary to propagate MAC address reachability information

B.

PE scalability

C.

The underlying transport mechanism

D.

VLAN scalability

Full Access
Question # 64

Drag and drop the FCAPS network management reference models from the left onto the correct definitions on the right.

Full Access
Question # 65

The SD-WAN architecture is composed of separate orchestration, management, control, and data planes. Which activity happens at the orchestration plane?

A.

Automatic onboarding of the SD-WAN routers into the SD-WAN overlay

B.

Decision-making process on where traffic flows

C.

Packet forwarding

D.

Central configuration and monitoring

Full Access
Question # 66

The network team in XYZ Corp wants to modernize their infrastructure and is evaluating an implementation and migration plan to allow integration MPLS-based, Layer 2 Ethernet services managed by a service provider to connect branches and remote offices. To decrease OpEx and improve

response times when network components fail, XYZ Corp decided to acquire and deploy new routers. The network currently is operated over E1 leased lines (2 Mbps) with a managed CE service provided by the telco.

Drag and drop the implementation steps from the left onto the corresponding targets on the right in the correct order.

Full Access
Question # 67

Company XYZ, a global content provider, owns data centers on different continents. Their data center design involves a standard three-layer design with a Layer 3-only core. HSRP is used as the FHRP. They require VLAN extension across access switches in all data centers, and they plan to purchase a Layer 2 interconnection between two of their data centers in Europe. In the absence of other business or technical constraints, which termination point is optimal for the Layer 2 interconnection?

A.

at the core layer, to offer the possibility to isolate STP domains

B.

at the aggregation layer because it is the Layer 2 to Layer 3 demarcation point

C.

at the access layer because the STP root bridge does not need to align with the HSRP active node

D.

at the core layer because all external connections must terminate there for security reasons

Full Access
Question # 68

Company XYZ is running BGP as their routing protocol. An external design consultant recommends that TCP Path MTU Discovery be enabled. Which effect will this have on the network?

A.

It will enhance the performance of TCP-based applications.

B.

It will increase the convergence time.

C.

It will improve the convergence time.

D.

It will create a loop free path.

Full Access
Question # 69

Which three tools are used for ongoing monitoring and maintenance of a voice and video environment? (Choose three.)

A.

Flow-based analysis to measure bandwidth mix of applications and their flows

B.

Call management analysis to identify network convergence-related failures

C.

Call management analysis to identify CAC failures and call quality issues

D.

Active monitoring via synthetic probes to measure loss, latency, and jitter

E.

Passive monitoring via synthetic probes to measure loss, latency, and jitter

F.

Flow-based analysis with PTP time-stamping to measure loss, latency, and jitter

Full Access
Question # 70

Company XYZ wants to use the FCAPS ISO standard for network management design, focusing on minimizing outages through detection, isolation, and corrective actions. Which layer accomplishes this design requirement?

A.

Fault management

B.

Performance management

C.

Security management

D.

Accounting management

Full Access
Question # 71

Which management category is not part of FCAPS framework?

A.

Configuration

B.

Security

C.

Performance

D.

Authentication

E.

Fault-management

Full Access
Question # 72

Refer to the table.

A customer investigates connectivity options for a DCI between two production data centers. The solution must provide dual 10G connections between locations with no single points of failure for Day 1 operations. It must also include an option to scale for up to 20 resilient connections in the second year to accommodate isolated SAN over IP and isolated, dedicated replication IP circuits. All connectivity methods are duplex 10 Gbps. Which transport technology costs the least over two years, in the scenario?

A.

Metro Ethernet

B.

DWDM

C.

CWDM

D.

MPLS

Full Access
Question # 73

Which two advantages of using DWDM over traditional optical networks are true? (Choose two.)

A.

inherent topology flexibility and service protection provided without penalty through intelligent oversubscription of bandwidth reservation

B.

ability to expand bandwidth over existing optical infrastructure

C.

inherent topology flexibility with built-in service protection

D.

inherent topology flexibility with intelligent chromatic dispersion

E.

inherent topology flexibility with service protection provided through a direct integration with an upper layer protocol

Full Access
Question # 74

An architect designs a multi-controller network architecture with these requirements:

    Achieve fast failover to control traffic when controllers fail.

    Yield a short distance and high resiliency in the connection between the switches and the controller.

    Reduce connectivity loss and enable smart recovery to improve the SDN survivability.

    Improve connectivity by adding path diversity and capacity awareness for controllers.

Which control plane component of the multi-controller must be built to meet the requirements?

A.

control node reliability

B.

controller stale consistency

C.

control path reliability

D.

controller clustering

Full Access
Question # 75

A business customer deploys workloads in the public cloud but now faces governance issues related to IT traffic flow and data security. Which action helps identify the issue for further resolution?

A.

Set up a secure tunnel from customer routers to protect traffic to cloud providers.

B.

Send IPFIX telemetry data from customer routers to a centralized collector to identify traffic to cloud providers.

C.

Build a zone-based firewall policy on Internet edge firewalls that collects statistics on traffic to cloud providers.

D.

Apply workload policies that dictate security requirements for cloud workloads.

Full Access
Question # 76

Company XYZ has a new network based on IPv6. Some of the subnets that they are planning to use will be confidential and need an addressing scheme that confines them to the local campus network. Which type of IPv6 addresses can be used for these networks in the IPv6 addressing design?

A.

local addresses

B.

private addresses

C.

link-local addresses

D.

unique local addresses

Full Access
Question # 77

Which two conditions must be met for EIGRP to maintain an alternate loop-free path to a remote network? (Choose two.)

A.

The Reported Distance from a successor is lower than the local Feasible Distance.

B.

The Reported Distance from a successor is higher than the local Feasible Distance.

C.

The feasibility condition does not need to be met.

D.

The Feasible Distance from a successor is lower than the local Reported Distance.

E.

A feasible successor must be present.

Full Access
Question # 78

Company XYZ is migrating their existing network to IPv6. Some access layer switches do not support IPv6, while core and distribution switches fully support unicast and multicast routing. The company wants to minimize cost of the migration. Which migration strategy should be used?

A.

The access layer switches must support IGMP snooping at a minimum. Any switches that do not support IGMP snooping must be replaced.

B.

Upgrade the non-supporting switches. Otherwise, it will cause an issue with the migration.

C.

Layer 2 switches will not affect the implementation of IPv6. They can be included in the design in their current state.

D.

The access layer switches must support DHCPv6. Any switches that do not support DHCPv6 must be replaced.

Full Access
Question # 79

The controller has a global view of the network, and it can easily ensure that the network is in a consistent and optimal configuration. Which two statements describe a centralized SDN control path? (Choose two.)

A.

Scaling of the centralized controller cluster is challenging for services like DHCP and load-balancing.

B.

It is highly-available by design with no single-point-of-failure risks present.

C.

Integrating smart NIC capabilities on the local host level is made easier through REST APIs.

D.

It significantly improves the latency when performing reactive handling of PACKET_IN events.

E.

The centralized controller can support all southbound APIs, which allows for easy integration with legacy equipment.

Full Access
Question # 80

Which design benefit of PortFast is true?

A.

PortFast does not generate a spanning tree topology change when a station on a port is connected or disconnected

B.

PortFast disables spanning tree on the port, which puts the port into the forwarding state immediately after it is connected

C.

PortFast allows small, unmanaged switches to be plugged into ports of access switches without risking switch loops

D.

PortFast detects one-way communications on the physical port, which prevents switch loops

E.

PortFast prevents switch loops that are caused by a unidirectional point-to-point link condition on Rapid PVST+ and MST

F.

PortFast prevents switched traffic from traversing suboptimal paths on the network

Full Access
Question # 81

A network hacker introduces a packet with duplicate sequence numbers to disrupt an IPsec session. During this, high-priority traffic is transmitted. What design parameter helps mitigate this?

A.

Classify and mark duplicate sequence packets

B.

Apply anti-replay window 4096

C.

Restrict keyword in IPsec tunnel

D.

Increase QoS shape policy

Full Access
Question # 82

With virtualization applied throughout the network, every physical link may carry one or more virtual links. What is a key drawback of this?

A.

Unneeded tunneling

B.

Fate sharing

C.

Bandwidth utilization

D.

Serialization delay

Full Access
Question # 83

Which undesired effect of increasing the jitter compensation buffer is true?

A.

The overall transport jitter decreases and quality improves.

B.

The overall transport jitter increases and quality issues can occur.

C.

The overall transport delay increases and quality issues can occur.

D.

The overall transport delay decreases and quality improves.

Full Access
Question # 84

A company requires an RPO of less than 10 seconds to ensure business continuity. Which technology should be deployed?

A.

Geographically dispersed data centers with asynchronous replication

B.

A single data center with duplicated infrastructure, dual PSUs, and a UPS

C.

Geographically dispersed data centers with synchronous replication

D.

A single data center with duplicated infrastructure and dual PSUs

Full Access
Question # 85

An engineer is designing the QoS strategy for Company XYZ. A lot of scavenger traffic is traversing the 20Mb Internet link. The new design must limit scavenger traffic to 2 Mbps to avoid oversubscription during congestion. Which QoS technique can be used?

A.

Class-based traffic policing

B.

LLQ

C.

CBWFQ

D.

Class-based traffic shaping

Full Access
Question # 86

Refer to the exhibit.

Company XYZ is currently running IPv4 but has decided to start the transition into IPv6. The initial objective is to allow communication based on IPv6 wherever possible, and there should still be support in place for devices that only support IPv4. These devices must be able to communicate to IPv6 devices as well. Which solution must be part of the design?

A.

Address family translation

B.

Dual stack

C.

Host-to-host tunneling

D.

6rd tunneling

Full Access
Question # 87

What advantage of placing the IS-IS Layer 2 flooding domain boundary at the core layer in a three-layer hierarchical network is true?

A.

The Layer 1 and Layer 2 domains can easily overlap

B.

It reduces the complexity of the Layer 1 domains

C.

It can be applied to any kind of topology

D.

The Layer 2 domain is contained and more stable

Full Access
Question # 88

While computer networks and sophisticated applications have allowed individuals to be more productive the need to prepare for security threats has increased dramatically A six-step methodology on security incident handling has been adopted by many organizations including service providers enterprises, and government organizations to ensure that organizations are aware of significant security incidents and act quickly to stop the attacker, minimize damage caused, and prevent follow on attacks or similar incidents in the future Drag and drop the actions on the left to the targets on the right in the correct order.

Full Access
Question # 89

You are tasked with the design of a high available network. Which two features provide fail closed environments? (Choose two.)

A.

EIGRP

B.

RPVST+

C.

MST

D.

L2MP

Full Access
Question # 90

Which feature must be part of the network design to wait a predetermined amount of time before notifying the routing protocol of a change in the path in the network?

A.

Transmit delay

B.

Throttle timer

C.

SPF hold time

D.

Interface dampening

Full Access
Question # 91

Company XYZ is running a redundant private WAN network using OSPF as the underlay protocol. The current design accommodates for redundancy in the network, but it is taking over 30 seconds for the network to reconverge upon failure. Which technique can be implemented in the design to detect such a failure in a subsecond?

A.

STP

B.

fate sharing

C.

OSPF LFA

D.

BFD

E.

flex links

Full Access
Question # 92

A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. They want to extend the existing IP CCTV network to a new branch without routing changes or IP address changes. What is the best approach?

A.

GRE

B.

L2TPv3

C.

VXLAN

D.

EoMPLS

Full Access
Question # 93

Which parameter is the most important factor to consider when deciding service placement in a cloud solution?

A.

Data replication cost

B.

Application structure

C.

Security framework implementation time

D.

Data confidentiality rules

Full Access
Question # 94

Which two application requirements are mandatory for traffic to receive proper treatment when placed in the priority queue? (Choose two.)

A.

Small transactions (HTTP-like behavior)

B.

WRED drop treatment

C.

Tolerance to packet loss

D.

Intolerance to jitter

E.

TCP-based application

Full Access
Question # 95

Refer to the exhibit.

Company XYZ’s BGP topology is as shown in the diagram. The interface on the LA router connected toward the 10.1.5.0/24 network is faulty and is going up and down, which affects the entire routing domain. Which routing technique can be used in the routing policy design so that the rest of the network is not affected by the flapping issue?

A.

Use route dampening on LA router for the 10.1.5.0/24 network so that it does not get propagated when it flaps up and down

B.

Use route filtering on Chicago router to block the 10.1.5.0/24 network from coming in from the LA router

C.

Use route filtering on LA router to block the 10.1.5.0/24 network from getting propagated toward Chicago and New York

D.

Use route aggregation on LA router to summarize the 10.1.4.0/24, 10.1.5.0/24, 10.1.6.0/24, and 10.1.7.0/24 networks toward Chicago

Full Access
Question # 96

A Service Provider is designing a solution for a managed CE service to a number of local customers using a single CE platform and wants to have logical separation on the CE platform using Virtual Routing and Forwarding (VRF) based on IP address ranges or packet length. Which is the most scalable solution to provide this type of VRF Selection process on the CE edge device?

A.

Static Routes for Route Leaking

B.

Policy Based Routing

C.

OSPF per VRF Instance

D.

Multi-Protocol BGP

Full Access
Question # 97

A network engineering team is in the process of designing a lab network for a customer demonstration. The design engineer wants to show that the resiliency of the MPLS Traffic Engineering Fast Reroute solution has the same failover/failback times as a traditional SONET/SDH network (around 50 msec). In order to address both link failure and node failure within the lab topology network, which type of the MPLS TE tunnels must be considered for this demonstration?

A.

TE backup tunnel

B.

Next-hop (NHop) tunnel

C.

FRR Backup tunnel

D.

Next-next-hop (NNHop) tunnel

Full Access
Question # 98

An enterprise organization currently provides WAN connectivity to their branch sites using MPLS technology, and the enterprise network team is considering rolling out SD-WAN services for all sites.

With regards to the deployment planning, drag and drop the actions from the left onto the corresponding steps on the right.

Full Access
Question # 99

The Company XYZ network is experiencing attacks against their router. Which type of Control Plane Protection must be used on the router to protect all control plane IP traffic that is destined directly for one of the router interfaces?

A.

Control Plane Protection host subinterface

B.

Control Plane Protection main interface

C.

Control Plane Protection transit subinterface

D.

Control Plane Protection CEF-exception subinterface

Full Access
Question # 100

Which methodology is the leading lifecycle approach to network design and implementation?

A.

PPDIOO

B.

Waterfall model

C.

Spiral model

D.

V model

Full Access
Question # 101

Refer to the diagram.

Which solution must be used to send traffic from the foreign wireless LAN controller to the anchor wireless LAN controller?

A.

Send packets from the foreign controller to the anchor controller via Layer 3 MPLS VPN or VRF-Lite

B.

Send packets without encapsulation to the anchor controller over the routed network.

C.

Encapsulate packets into an EoIP tunnel and send them to the anchor controller.

D.

Send packets from the foreign controller to the anchor controller via IPinIP or IPsec tunnel.

Full Access
Question # 102

Which component of the SDN architecture automatically ensures that application traffic is routed according to policies established by network administrators?

A.

Packet forwarding engine

B.

Northbound API

C.

Southbound API

D.

SDN controller

Full Access
Question # 103

You are tasked to design a QoS policy for a service provider so they can include it in the design of their MPLS core network. If the design must support an MPLS network with six classes, and CEs will be managed by the service provider, which QoS policy should be recommended?

A.

map IP CoS bits into the IP Precedence field

B.

map flow-label bits into the Exp field

C.

map IP precedence bits into the DSCP field

D.

map DSCP bits into the Exp field

Full Access
Question # 104

What are two examples of components that are part of an SDN architecture? (Choose two.)

A.

Software plane

B.

Control plane

C.

Application plane

D.

Management plane

E.

Network plane

Full Access