Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!

300-415Free trial

By cisco

Verified

25Q per page

Question 26

An engineer must use data prefixes to configure centralized data policies using the vManage policy configuration wizard. What is the first step to accomplish this task?

A: Configure network topology.
B: Apply policies to sites and VPNs.
C: Configure traffic rules.
D: Create groups of interest.

—

Question 27

Refer to the exhibit. The Cisco SD-WAN network is configured with a default full-mesh topology. Islamabad HQ and Islamabad WAN Edges must be used as the hub sites. Hub sites MPLS TLOC must be preferred when forwarding FTP traffic based on a configured SLA class list. Which policy configuration does the network engineer use to call the SLA class and set the preferred color to MPLS?

A: Centralized Policy, Traffic Policy
B: Centralized Policy, Topology
C: Localized Policy, Forwarding Class
D: Localized Policy, Route Policy

—

Question 28

Refer to the exhibit. Which command allows traffic through the IPsec tunnel configured in VPN 0?

A: service netsvc1 vpn1
B: service netsvc1 address 1.1.1.1
C: service FW address 1.1.1.1
D: service local

—

Question 29

Refer to the exhibit. Which configuration sets up direct Internet access for VPN 1?
A.

—

Question 30

An enterprise has several sites with multiple VPNs that are isolated from each other. A new requirement came where users in VPN 73 must be able to talk to users in VPN 50. Which configuration meets this requirement?
A.

—

Question 31

An engineer is configuring a data policy for IPv4 prefixes for a single WAN Edge device on a site with multiple WAN Edge devices. How is this policy added using the policy configuration wizard?

A: In vBond orchestrator, select the configure --> policies screen, select the localized policy tab, and click add policy.
B: In vManage NMS, select the configure --> policies screen, select the localized policy tab, and click add policy.
C: In vSmart controller, select the configure --> policies screen, select the localized policy tab, and click add policy.
D: In vManage NMS, select the configure --> policies screen, select the centralized policy tab, and click add policy.

—

Question 32

An engineering team must prepare a traffic engineering policy where an MPLS circuit is preferred for traffic coming from the Admin VLAN. Internet should be used as a backup only. Which configuration fulfills this requirement?
A.

—

Question 33

In a customer retail network with multiple data centers, what does the network administrator use to create a regional hub topology?

A: app route policy on vSmart
B: data policy on vSmart
C: control policy on vSmart
D: control policy on vManage

—

Question 34

Which scheduling method is configured by default for the eight queues in the cloud vEdge router?

A: weighted round robin
B: priority queue
C: low latency queue
D: weighted random early detection

—

Question 35

In an AWS cloud, which feature provisions WAN Edge routers automatically in Cisco SD-WAN?

A: Cloud OnRamp
B: Cloud app
C: vAnalytics
D: Network Designer

—

Question 36

At which layer does the application-aware firewall block applications on a WAN Edge?

A: 3
B: 5
C: 2
D: 7

—

Question 37

What is a benefit of the application-aware firewall?

A: It blocks traffic by MTU of the packet
B: It blocks encrypted traffic
C: It blocks traffic by application
D: It blocks traffic by MAC address

—

Question 38

Refer to the exhibit. Which QoS treatment results from this configuration after the access list acl-guest is applied inbound on the vpn1 interface?

A: A TCP packet sourcing from 172.16.10.1 and destined to 172.16.20.1 is dropped
B: A UDP packet sourcing from 172.16.20.1 and destined to 172.16.10.1 is accepted
C: A UDP packet sourcing from 172.16.10.1 and destined to 172.16.20.1 is dropped
D: A TCP packet sourcing from 172.16.20.1 and destined to 172.16.10.1 is accepted

—

Question 39

Which configuration changes the packet loss priority from low to high?
A.

—

Question 40

Which on-the-box security feature is supported by the Cisco ISR 4451 SD-WAN device and not on vEdge?

A: IPsec/GRE cloud proxy
B: reverse proxy
C: Enterprise Firewall with Application Awareness
D: Cloud Express service

—

Question 41

Which two mechanisms are used to guarantee the integrity of data packets in the Cisco SD-WAN architecture data plane? (Choose two.)

A: certificates
B: transport locations
C: authentication headers
D: encapsulation security payload
E: TPM chip

—

Question 42

Which value is verified in the certificates to confirm the identity of the physical WAN Edge device?

A: Serial Number
B: OTP
C: System-IP
D: Chassis-ID

—

Question 43

Which hardware component is involved in the Cisco SD-WAN authentication process for ISR platforms?

A: ZTP
B: OTPC
C: SUDI
D: TPMD

—

Question 44

A network administrator is configuring QoS on a WAN Edge 5000 router and needs to enable it on the transport side interface. Which policy setting must be selected to accomplish this goal?

A: Cloud QoS
B: Netflow
C: Application
D: Cloud QoS Service side

—

Question 45

What is a benefit of the application-aware firewall feature in the Cisco SD-WAN solution?

A: application visibility
B: control policy enforcement
C: application monitoring
D: application malware protection

—

Question 46

A large retail organization decided to move some of the branch applications to the AWS cloud. How does the network architect extend the in-house Cisco SD-
WAN branch to cloud network into AWS?

A: Create virtual instances of vSmart Cloud through the AWS online software store
B: Create GRE tunnels to AWS from each branch over the Internet
C: Install the AWS Cloud Router in the main data center and provide the connectivity from each branch
D: Create virtual WAN Edge devices Cloud through the AWS online software store

—

Question 47

An engineer is tasked to improve throughput for connection-oriented traffic by decreasing round-trip latency. Which configuration will achieve this goal?

A: turn off ג€Enable TCP Optimizationג€
B: turn on ג€Enhance ECMP Keyingג€
C: turn on ג€Enable TCP Optimizationג€
D: turn off ג€Enhance ECMP Keyingג€

—

Question 48

An engineer is configuring a WAN Edge router for DIA based on matching QoS parameters. Which two actions accomplish this task? (Choose two.)

A: Apply a data policy on WAN interface
B: Configure a control policy
C: Apply a QoS map policy
D: Configure NAT on the transport interface
E: Configure a centralized data policy

—

Question 49

Refer to the exhibit. The ge0/0 interface connects to a 30-MB link. A network administrator wants to always have 10 MB available for high priority traffic. When lower-priority traffic bursts exceed 20 MB, traffic should be redirected to the second WAN interface ge0/1. Which set of configurations accomplishes this task?
A.

—

Question 50

Refer to the exhibit. Which shaping-rate does the engineer use to shape traffic at 9 Mbps?

A: 9
B: 9000
C: 90000
D: 9000000

—

Page 2 of 18 • Questions 26-50 of 435

←

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!