350-401
Free trial
Verified
Question 1
What is the difference between a RIB and a FIB?
- A: The FIB is populated based on RIB content.
- B: The RIB maintains a mirror image of the FIB.
- C: The RIB is used to make IP source prefix-based switching decisions.
- D: The FIB is where all IP routing information is stored.
Question 2
What are two device roles in Cisco SD-Access fabric? (Choose two.)
- A: edge node
- B: vBond controller
- C: access switch
- D: core switch
- E: border node
Question 3
Refer to the exhibit. A network engineer configures a new GRE tunnel and enters the show run command. What does the output verify?
- A: The tunnel keepalive is configured incorrectly because they must match on both sites.
- B: The tunnel destination will be known via the tunnel interface.
- C: The tunnel will be established and work as expected.
- D: The default MTU of the tunnel interface is 1500 bytes.
Question 4
Which resource must the hypervisor make available to the virtual machines?
- A: bandwidth
- B: IP address
- C: processor
- D: secure access
Question 5
Which two items are found in YANG data models? (Choose two.)
- A: HTTP return codes
- B: rpc statements
- C: JSON schema
- D: container statements
- E: XML schema
Question 6
The Radio Resource Management software that is embedded in the Cisco WLC acts as a manager to constantly monitor over-the-air metrics. Which other factor does the Radio Resource Management software detect?
- A: presence of rogue APs or malicious SSIDs
- B: unauthorized wireless network access
- C: repeated attempts to authenticate to a wireless network
- D: end-node vulnerabilities
Question 7
An engineer must configure HSRP for VLAN 1200 on SW1. The second switch is configured by using the last usable IP address in the network as the virtual IP. Which command set accomplishes this task?
- A: SW1(config)# interface vlan 1200 SW1(config-if)# ip address 172.12.0.254 255.255.255.0 SW1(config-if)# standby version 2 SW1(config-if)# standby 1200 ip 172.12.0.2 SW1(conflg-it)# standby 1200 preempt
- B: SW1(config)# interface vlan 1200 SW1(config-if)# ip address 172.12.0.2 255.255.255.0 SW1(config-if)# standby version 2 SW1(config-if)# standby 1200 ip 172.12.0.254 SW1(conflg-it)# standby 1200 preempt
- C: SW1(config)# interface vlan 1200 SW1(config-if)# ip address 172.12.0.2 255.255.255.0 SW1(config-if)# standby 1200 ip 172.12.0.254 SW1(config-if)# standby 1200 timers 5 15 SW1(conflg-it)# standby 1200 preempt
- D: SW1(config)# interface vlan 1200 SW1(config-if)# ip address 172.12.0.1 255.255.255.0 SW1(config-if)# standby 1200 ip 172.12.0.254 SW1(config-if)# standby 1200 timers 5 15 SW1(conflg-it)# standby 1200 preempt
Question 8
Which action occurs during a Layer 3 roam?
- A: The client receives a new IP address after authentication occurs.
- B: The client is marked as "Foreign" on the original controller.
- C: The client database entry is moved from the old controller to the new controller.
- D: Client traffic is tunneled back to the original controller after a Layer 3 roam occurs.
Question 9
What are two benefits of using Cisco TrustSec? (Choose two.)
- A: consistent network segmentation
- B: end-to-end traffic encryption
- C: advanced endpoint protection against malware
- D: simplified management of network access
- E: unknown file analysis using sandboxing
Question 10
Refer to the exhibit. An administrator must enable RESTCONF access to a router. Which two commands or command sets must be added to the existing configuration? (Choose two.)
- A: aaa authentication login default local aaa authorization exec default local
- B: restconf
- C: line vty 0 15
- D: netconf-yang
- E: username restconf privilege 0
Question 11
Refer to the exhibit. What is achieved by this Python script?
- A: It reads access list statements into a dictionary list.
- B: It displays access list statements on a terminal screen.
- C: It configures access list statements.
- D: It converts access list statements to a human-readable format.
Question 12
What is used by vManage to interact with Cisco SD-WAN devices in the fabric?
- A: IPsec
- B: northbound API
- C: RESTCONF
- D: southbound API
Question 13
Which feature does Cisco DNA Center Assurance provide?
- A: application policy configuration
- B: device onboarding and configuration
- C: software upgrade and management
- D: data correlation and analysis
Question 14
DRAG DROP -
Drag and drop the virtual components from the left onto their descriptions on the right.
Select and Place:
Question 15
What is a common trait between Ansible and Chef?
- A: Both rely on a declarative approach.
- B: Both are used for mutable infrastructure.
- C: Both require a client to be installed on hosts.
- D: Both rely on NETCONF.
Question 16
An engineer must configure a router to allow users to run specific configuration commands by validating the user against the router database. Which configuration must be applied?
- A: aaa authentication network default local
- B: aaa authorization network default local
- C: aaa authentication exec default local
- D: aaa authorization exec default local
Question 17
What is a characteristic of traffic shaping?
- A: lacks support for marking or remarking
- B: must be applied only to outgoing traffic
- C: can be applied in both traffic directions
- D: queues out-of-profile packets until the buffer is full
Question 18
An engineer adds a new switch to a Cisco StackWise stack. The switch that was active before the switch was added is elected as the active switch again. Which action does the active switch take?
- A: It suspends traffic forwarding until the new switch is updated with the current running configuration of the stack.
- B: It checks the IOS and running configuration of the new switch and updates them if necessary to match the other switches in the stack.
- C: It removes any Layer 3 configuration on the new switch to maintain normal Layer 2 functionality on the stack.
- D: It clears the MAC table of the stack and relearns the attached devices.
Question 19
Refer to the exhibit. What is the result of the IP SLA configuration?
- A: The operation runs 5000 times.
- B: IP SLA is scheduled to run at 3 a.m.
- C: The operation runs 300 times a day.
- D: The rate is configured to repeat every 5 minutes.
Question 20
Refer to the exhibit. Which configuration enables password checking on the console line, using only a password?
- A: router(config)# line con 0 router(config-line)# login
- B: router(config)# line con 0 router(config-line)# exec-timeout 0 0
- C: router(config)# line vty 0 4 router(config-line)# login
- D: router(config)# line con 0 router(config-line)# login local
Question 21
When the “deny” statement is used within a route map that is used for policy-based routing, how is the traffic that matches the deny route-map line treated?
- A: Traffic is routed to the null 0 interface of the router and discarded.
- B: Traffic is returned to the normal forwarding behavior of the router.
- C: An additional sequential route-map line is needed to divert the traffic to the router's normal forwarding behavior.
- D: An additional sequential route-map line is needed to policy route this traffic.
Question 22
A wireless network engineer must configure a WPA2+WPA3 policy with the Personal security type. Which action meets this requirement?
- A: Configure the CCMP256 encryption cipher.
- B: Configure the CCMP128 encryption cipher.
- C: Configure the GCMP256 encryption cipher.
- D: Configure the GCMP128 encryption cipher.
Question 23
Which tunnel type allows clients to perform a seamless Layer 3 roam between a Cisco AireOS WLC and a Cisco IOS XE WLC?
- A: Mobility
- B: IPsec
- C: VPN
- D: Ethernet over IP
Question 24
Which element enables communication between guest VMs within a virtualized environment?
- A: hypervisor
- B: virtual router
- C: vSwitch
- D: pNIC
Question 25
Which Cisco WLC feature allows a wireless device to perform a Layer 3 roam between two separate controllers without changing the client IP address?
- A: mobility tunnel
- B: mobile IP
- C: LWAPP tunnel
- D: GRE tunnel
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!