Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

300-415 by Cisco - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

When the VPN membership policy is being controlled at the vSmart controller, which policy disallows VPN 1 at sites 20 and 30?
A.

Question 4

Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?

A localized data policy
B centralized control policy
C localized control policy
D centralized data policy

Question 5

DRAG DROP -
Drag and drop the functions from the left onto the correct templates on the right.
Select and Place:

Question 6

When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?

A two
B four
C one
D three

Question 7

An engineer wants to track tunnel characteristics within a SLA-based policy for convergence. Which policy configuration will achieve this goal?

A app-route policy
B VPN membership policy
C control policy
D data policy

Question 8

An administrator needs to configure Cisco SD-WAN to divert traffic from the company's private network to an ISP network. Which action should be taken to accomplish this goal?

A configure the security policy
B configure the control policy
C configure the data policy
D configure the application aware policy

Question 9

DRAG DROP -
Drag and drop the definitions from the left to the configuration on the right.
Select and Place:

Question 10

An engineer is configuring a centralized policy to influence network route advertisement. Which controller delivers this policy to the fabric?

A vSmart
B vBond
C vManage
D WAN Edge

Question 11

Which VPN connects the transport-side WAN Edge interface to the underlay/WAN network?

A VPN 1
B VPN 0
C VPN 512
D VPN 511

Question 12

An engineer is configuring a list that matches all IP prefixes with lengths from /1 to /16 in a centralized control policy. Which list accomplishes this task?

A 0.0.0.0/0 le 16
B 0.0.0.0/1 le 16
C 0.0.0.0/0 ge 1
D 0.0.0.0/16 ge 1

Question 13

In the Cisco SD-WAN solution, vSmart controller is responsible for which two actions? (Choose two.)

A Authenticate and authorize WAN Edge routers.
B Configure and monitor WAN Edge routers.
C Distribute route and policy information via OMP.
D Distribute the IP address from DHCP server to WAN Edge routers.
E Distribute crypto key information among WAN Edge routers.

Question 14

Refer to the exhibit. An engineer is configuring service chaining. Which set of configurations is required for all traffic from Site ID 1 going toward Site ID 2 to get filtered through the firewall on the hub site?

Question 15

An engineer is configuring a data policy for packets that must be captured through the policy. Which command accomplishes this task?

A policy > data-policy > vpn-list > sequence > default-action > accept
B policy > data-policy > vpn-list > sequence > match
C policy > data-policy > vpn-list > sequence > action
D policy > data-policy > vpn-list > sequence > default-action > drop

Question 16

An administrator must configure an ACL for traffic coming in from the service-side VPN on a specific WAN Edge device with circuit ID 123456789. Which policy must be used to configure this ACL?

A local data policy
B central data policy
C app-aware policy
D central control policy

Question 17

Question 18

Question 19

A customer is receiving routes via OMP from vSmart controller for a specific VPN. The customer must provide access to the W2 loopback received via OMP to the
OSPF neighbor on the service-side VPN. Which configuration fulfills these requirements?
A.

Question 20

Question 21

Which feature allows reachability to an organization's internally hosted applications for an active DNS security policy on a device?

A data policy with redirect
B local domain bypass
C DNSCrypt configuration
D DHCP option 6

Question 22

A network administrator is configuring a centralized control policy based on match action pairs for multiple conditions. Which order must be configured to prefer
Prefix List over TLOC and TLOC over Origin?

A deterministic order
B lowest to highest sequence number
C highest to lowest sequence number
D nonsequential order

Question 23

Question 24

When a WAN Edge device joins the Cisco SD-WAN overlay, which Cisco SD-WAN component orchestrates the connection between the WAN Edge device and a vSmart controller?

A vManage
B vBond
C OMP
D APIC-EM

Question 25

An engineer must configure a centralized policy on a site in which all HTTP traffic should use the Public Internet circuit if the loss on this circuit is below 10%, otherwise MPLS should be used. Which configuration wizard fulfills this requirement?

A Create Applications or Groups of Interest > Configure Traffic Data > Apply Policies to Sites and VPNs.
B Configure VPN Membership > Apply Policies to Sites and VPNs.
C Create Applications or Groups of Interest > Configure Traffic Rules > Apply Policies to Sites and VPNs.
D Configure Topology > Apply Policies to Sites and VPNs.

Page 1 of 18 • Questions 1-25 of 435

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

Which component of the Cisco SD-WAN architecture oversees the control plane of overlay network to establish, adjust, and maintain the connections between the
WAN Edge devices that form the Cisco SD-WAN fabric?

A APIC-EM
B vSmart
C vManage
D vBond

Which port is used for vBond under controller certificates if no alternate port is configured?

A 12344
B 12345
C 12347
D 12346

B.

C.

D.

A.

B.

C.

D.

Refer to the exhibit. The tunnel interface configuration on both WAN Edge routers is:

Which configuration for WAN Edge routers will connect to the Internet?
A.

B.

C.

D.

Refer to the exhibit. Which configuration routes Site 2 through the firewall in Site 1?
A.

B.

C.

D.

B.

C.

D.

Refer to the exhibit. An administrator is configuring a policy in addition to an existing hub-and-spoke policy for two sites that should directly communicate with each other. How is this policy configured?

A mesh
B custom control (route and TLOC)
C hub-and-spoke
D import existing topology

Refer to the exhibit. The network administrator has configured a centralized topology policy that results in the displayed routing table at a branch office. Which two configurations are verified by the output? (Choose two.)

A The default route is configured locally.
B This routing table is from a cEdge router.
C The configured policy is adding a route tag of 300 to learned routes.
D The default route is learned via OMP.
E The routing table is for the transport VPN.

300-415Preview