Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

300-420 by Cisco - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

An engineer is upgrading a company's main site to include a connection to a second ISP. The company will receive full Internet routing tables from both ISPs via
BGP. The engineer must ensure that the company does not become a transit autonomous system. Which solution should be included in this design?

A Tag incoming routes from both ISPs with BGP community no-export.
B Lower the MED for updates sent to the secondary ISP.
C Use a route-map to prevent all prefixes from being advertised to either ISP.
D Modify the local-preference for routes incoming from the primary ISP.

Question 4

An architect is working on a design to connect a company's main site to several small to medium-sized remote branches. The solution must include redundant
WAN links, but the customer has a limited budget and wants the ability to increase the link speed easily in the future. QoS will run on the branch routers, so there is no need for consistent end-to-end QoS. Which solution does the architect propose?

A dual-homed WAN MPLS with single-edge router
B dual-homed Internet with a single-edge router running a site-to-site VPN topology
C dual-homed WAN MPLS and Internet links via dual-edge routers
D dual-homed Internet with dual-edge routers running a hub-and-spoke VPN topology

Question 5

An engineer must design a solution to connect a customer to the Internet. The solution will include a Layer 3 circuit with a CIR of 50 Mbps from the service provider. The hand-off from the provider's switch to the customer's router is 1Gbps. Which solution should the engineer include to prevent potential issues with choppy voice traffic?

A Reduce the bandwidth of the connection to the router.
B Implement hierarchical QoS with a parent policing policy.
C Implement hierarchical QoS with a parent shaping policy.
D Add a bandwidth statement to the router interface.

Question 6

Question 7

Question 8

An engineer must propose a solution for a campus network that includes the capability to create multiple Layer 3 virtual networks. Each network must have its own addressing structure and routing table for data forwarding. The solution must be scalable to support hundreds of virtual networks and allow simple configuration and management with minimal administrative overhead. Which solution does the engineer recommend?

A hop-by-hop EVN
B multihop MPLS core
C multihop IPsec tunneling
D hop-by-hop VRF-Lite

Question 9

An engineer must design a VPN solution for a company that has multiple branches connecting to a main office. What are two advantages of using DMVPN instead of IPsec tunnels to accomplish this task? (Choose two.)

A support for AES 256-bit encryption
B greater scalability
C support for anycast gateway
D lower traffic overhead
E dynamic spoke-to-spoke tunnels

Question 10

How is Internet access provided to a WAN Edge router that is connected to a MPLS transport link?

A OMP advertises a default route from a WAN Edge router that is connected to the MPLS and Internet transport networks.
B Internet access must be provided at the WAN Edge router through either a 4G/5G link or local Internet circuit.
C An extranet must be provided in the MPLS transport network to allow private traffic to reach the public Internet.
D TLOC extensions are used to route traffic to a WAN Edge router that is connected to the Internet transport network.

Question 11

DRAG DROP -
Drag and drop the elements from the left onto the functions they perform in the Cisco SD-WAN architecture on the right.
Select and Place:

Question 12

Which method does Cisco SD-WAN use to avoid fragmentation issues?

A PMTUD is used.
B Access circuits are configured with 1600 byte MTU settings.
C Jumbo frames are enabled.
D Traffic is marked with the DF bit set.

Question 13

A company is using OSPF between its HQ location and a branch office. HQ is assigned area 0 and the branch office is assigned area 1. The company purchases a second branch office, but due to circuit delays to HQ, it decides to connect the new branch office to the existing branch office as a temporary measure. The new branch office is assigned to area 2. Which OSPF configuration enables all three locations to exchange routes?

A The existing branch office must be configured as a stub area
B A virtual link must be configured between the new branch office and HQ
C A sham link must be configured between the new branch office and HQ
D The new branch office must be configured as a stub area

Question 14

DRAG DROP -
Drag and drop the descriptions from the left onto the corresponding WAN connectivity types and categories on the right.
Select and Place:

Question 15

A global organization with several branches hired a network architect to design an overlay VPN solution. The branches communicate with each other frequently.
The customer expects to add more branches in the future. To meet the customer's security requirements, the architect plans to provide traffic protection using dynamic IPsec tunnels. Which solution should the architect choose?

A DMVPN
B EasyVPN
C L2TP
D GETVPN

Question 16

DRAG DROP -
Drag and drop the descriptions from the left onto the corresponding VPN types on the right.
Select and Place:

Question 17

A customer requests a VPN solution to connect multiple sites with the company headquarters. All the sites use the same IP subnet. The engineer plans to use
VPLS. Which solution must the engineer include in the design?

A different VLANs on each site
B address translation to hide overlapping subnets
C 802.1Q connectivity on the LAN side of the CE
D route exchange with the service provider

Question 18

An ISP provides Layer 3 VPN service over MPLS to a customer with four branches and multiple CE routers at each branch. To exchange the routes that are learned from the CE routers, which BGP address family should the ISP activate among the PE routers?

A address-family multicast
B L2VPN EVPN
C VPNv4 unicast
D IPv4 unicast

Question 19

In the SD-WAN underlay network, which WAN Edge VPN ID is defined as the transport VPN and is used to carry control traffic?

A VPN 0
B VPN 512
C VPN 128
D VPN 256

Question 20

A company's security policy requires that all connections between sites be encrypted in a manner that does not require maintenance of permanent tunnels. The sites are connected through a private MPLS-based service that uses a dynamically changing key and spoke-to-spoke communication. Which type of transport encryption must be used in this environment?

A GETVPN
B DMVPN
C GRE VPN
D standard IPsec VPN

Question 21

Which PIM mode uses a shared tree only?

A bidirectional
B sparse
C dense
D source-specific

Question 22

Which two statements describe source trees in a multicast environment? (Choose two.)

A Source trees guarantee the minimum amount of network latency for forwarding multicast traffic
B Source trees create an optimal path between the source and the receivers
C Source trees use a single common root placed at some chosen point in the network
D Source trees can introduce latency in packet delivery
E Source trees can create suboptimal paths between the source and the receivers

Question 23

Which two best practices must be followed when designing an out-of-band management network? (Choose two.)

A Enforce access control
B Facilitate network integration
C Back up data using the management network
D Ensure that the management network is a backup to the data network
E Ensure network isolation

Question 24

Which method will filter routes between EIGRP neighbors within the same autonomous system?

A distribute-list
B policy-based routing
C leak-map
D route tagging

Question 25

What is a benefit of using VRRPv3 as compared to VRRPv2?

A VRRPv3 supports IPv4 and IPv6
B VRRPv3 supports authentication
C VRRPv3 supports preemption
D VRRPv3 supports stateful switchover

Page 1 of 13 • Questions 1-25 of 301

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

Which two BGP features will result in successful route exchanges between eBGP neighbors sharing the same AS number? (Choose two.)

A advertise-best-external
B bestpath as-path ignore
C client-to-client reflection
D as-override
E allow-as-in

Refer to the exhibit. EIGRP has been configured on all links. The spoke nodes have been configured as EIGRP stubs, and the WAN links to R3 have higher bandwidth and lower delay than the WAN links to R4. When a link failure occurs at the R1-R2 link, what happens to traffic on R1 that is destined for a subnet attached to R2?

A R1 has no route to R2 and drops the traffic
B R1 load-balances across the paths through R3 and R4 to reach R2
C R1 forwards the traffic to R3, but R3 drops the traffic
D R1 forwards the traffic to R3 in order to reach R2

Refer to the exhibit. Customers report low video quality and delays when having point-to-point telepresence video calls between the two locations. An architect must optimize a design so that traffic follows the same path for egress and ingress traffic flows. Which technique optimizes the design?

A Configure route leaking on the router in area 2.
B Configure route leaking on the router in area 1.
C Configure the high metric on the router in area 4.
D Configure route filter on the router in area 4.

Refer to the exhibit. An engineer is designing a BGP solution for a client that peers with ISP1 for full Internet connectivity and with ISP2 for direct exchange of routes for several third parties. Which action, when implemented on the edge routers, enables the client network to reach the Internet through ISP1?

A Run an eBGP session within different VRFs for each ISP.
B Advertise a default route for downstream routers within the client network.
C Apply the AS-path prepend feature for ISP2.
D Apply route filtering such that the client advertises only routes originated from its own AS.

300-420Preview