Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

300-415Free trial

By cisco

Verified

25Q per page

Question 1

Which component of the Cisco SD-WAN architecture oversees the control plane of overlay network to establish, adjust, and maintain the connections between the
WAN Edge devices that form the Cisco SD-WAN fabric?

A: APIC-EM
B: vSmart
C: vManage
D: vBond

—

Question 2

Which port is used for vBond under controller certificates if no alternate port is configured?

A: 12344
B: 12345
C: 12347
D: 12346

—

Question 3

When the VPN membership policy is being controlled at the vSmart controller, which policy disallows VPN 1 at sites 20 and 30?
A.

—

Question 4

Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?

A: localized data policy
B: centralized control policy
C: localized control policy
D: centralized data policy

—

Question 5

DRAG DROP -
Drag and drop the functions from the left onto the correct templates on the right.
Select and Place:

—

Question 6

When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?

A: two
B: four
C: one
D: three

—

Question 7

An engineer wants to track tunnel characteristics within a SLA-based policy for convergence. Which policy configuration will achieve this goal?

A: app-route policy
B: VPN membership policy
C: control policy
D: data policy

—

Question 8

An administrator needs to configure Cisco SD-WAN to divert traffic from the company's private network to an ISP network. Which action should be taken to accomplish this goal?

A: configure the security policy
B: configure the control policy
C: configure the data policy
D: configure the application aware policy

—

Question 9

DRAG DROP -
Drag and drop the definitions from the left to the configuration on the right.
Select and Place:

—

Question 10

An engineer is configuring a centralized policy to influence network route advertisement. Which controller delivers this policy to the fabric?

A: vSmart
B: vBond
C: vManage
D: WAN Edge

—

Question 11

Which VPN connects the transport-side WAN Edge interface to the underlay/WAN network?

A: VPN 1
B: VPN 0
C: VPN 512
D: VPN 511

—

Question 12

An engineer is configuring a list that matches all IP prefixes with lengths from /1 to /16 in a centralized control policy. Which list accomplishes this task?

A: 0.0.0.0/0 le 16
B: 0.0.0.0/1 le 16
C: 0.0.0.0/0 ge 1
D: 0.0.0.0/16 ge 1

—

Question 13

In the Cisco SD-WAN solution, vSmart controller is responsible for which two actions? (Choose two.)

A: Authenticate and authorize WAN Edge routers.
B: Configure and monitor WAN Edge routers.
C: Distribute route and policy information via OMP.
D: Distribute the IP address from DHCP server to WAN Edge routers.
E: Distribute crypto key information among WAN Edge routers.

—

Question 14

Refer to the exhibit. An engineer is configuring service chaining. Which set of configurations is required for all traffic from Site ID 1 going toward Site ID 2 to get filtered through the firewall on the hub site?

—

Question 15

An engineer is configuring a data policy for packets that must be captured through the policy. Which command accomplishes this task?

A: policy > data-policy > vpn-list > sequence > default-action > accept
B: policy > data-policy > vpn-list > sequence > match
C: policy > data-policy > vpn-list > sequence > action
D: policy > data-policy > vpn-list > sequence > default-action > drop

—

Question 16

An administrator must configure an ACL for traffic coming in from the service-side VPN on a specific WAN Edge device with circuit ID 123456789. Which policy must be used to configure this ACL?

A: local data policy
B: central data policy
C: app-aware policy
D: central control policy

—

Question 17

Refer to the exhibit. The tunnel interface configuration on both WAN Edge routers is:

Which configuration for WAN Edge routers will connect to the Internet?
A.

—

Question 18

Refer to the exhibit. Which configuration routes Site 2 through the firewall in Site 1?
A.

—

Question 19

A customer is receiving routes via OMP from vSmart controller for a specific VPN. The customer must provide access to the W2 loopback received via OMP to the
OSPF neighbor on the service-side VPN. Which configuration fulfills these requirements?
A.

—

Question 20

Refer to the exhibit. An administrator is configuring a policy in addition to an existing hub-and-spoke policy for two sites that should directly communicate with each other. How is this policy configured?

A: mesh
B: custom control (route and TLOC)
C: hub-and-spoke
D: import existing topology

—

Question 21

Which feature allows reachability to an organization's internally hosted applications for an active DNS security policy on a device?

A: data policy with redirect
B: local domain bypass
C: DNSCrypt configuration
D: DHCP option 6

—

Question 22

A network administrator is configuring a centralized control policy based on match action pairs for multiple conditions. Which order must be configured to prefer
Prefix List over TLOC and TLOC over Origin?

A: deterministic order
B: lowest to highest sequence number
C: highest to lowest sequence number
D: nonsequential order

—

Question 23

Refer to the exhibit. The network administrator has configured a centralized topology policy that results in the displayed routing table at a branch office. Which two configurations are verified by the output? (Choose two.)

A: The default route is configured locally.
B: This routing table is from a cEdge router.
C: The configured policy is adding a route tag of 300 to learned routes.
D: The default route is learned via OMP.
E: The routing table is for the transport VPN.

—

Question 24

When a WAN Edge device joins the Cisco SD-WAN overlay, which Cisco SD-WAN component orchestrates the connection between the WAN Edge device and a vSmart controller?

A: vManage
B: vBond
C: OMP
D: APIC-EM

—

Question 25

An engineer must configure a centralized policy on a site in which all HTTP traffic should use the Public Internet circuit if the loss on this circuit is below 10%, otherwise MPLS should be used. Which configuration wizard fulfills this requirement?

A: Create Applications or Groups of Interest > Configure Traffic Data > Apply Policies to Sites and VPNs.
B: Configure VPN Membership > Apply Policies to Sites and VPNs.
C: Create Applications or Groups of Interest > Configure Traffic Rules > Apply Policies to Sites and VPNs.
D: Configure Topology > Apply Policies to Sites and VPNs.

—

Page 1 of 18 • Questions 1-25 of 435

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!