Is this exam completely free?

ExamCademy offers a free preview for every exam, covering around 20% of the total questions. Full access to all questions is available for free by signing up for an account. Optional supporters unlock AstroTutor (AI tutor) and advanced study modes.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! ExamCademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our practice questions are community-created and moderator-reviewed to align with realistic exam objectives, style, and difficulty.

400-007 by Cisco - Page 1 | ExamCademy

Mode Selection

Question 1

Question 2

Question 3

DRAG DROP -
Drag and drop the design use cases from the left onto the correct uRPF techniques used to prevent spoofing attacks. Not all options are used.
Select and Place:

Question 4

What is a disadvantage of the traditional three-tier architecture model when east west traffic between different pods must go through the distribution and core layers?

A low bandwidth
B security
C scalability
D high latency

Question 5

Which two actions must merchants do to be compliant with the Payment Card Industry Data Security Standard? (Choose two.)

A conduct risk analyses
B install firewalls
C use antivirus software
D establish monitoring policies
E establish risk management policies

Question 6

What are two descriptions of network optimization? (Choose two.)

A identify network requirements
B network redesign
C proactive network management
D network health maintenance
E maintain high availability

Question 7

An engineer is designing the QoS strategy for Company XYZ. Based on initial analysis, a lot of scavenger type of traffic is traversing the network’s 20Mb Internet link toward the service provider. The new design must use a QoS technique that limits scavenger traffic to 2 Mbps, which helps avoid oversubscription of the link during times of congestion. Which QoS technique can be used to facilitate this requirement?

A class-based traffic policing
B class-based traffic shaping
C CBWFQ
D LLQ

Question 8

A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. Recently, they added a new branch to their network. Due to physical security concerns, they want to extend their existing IP CCTV network of the head office to the new branch, without any routing changes in the network. They are also under some time constraints. What is the best approach to extend the existing IP CCTV network to the new branch, without incurring any IP address changes?

A GRE
B L2TPv3
C VXLAN
D EoMPLS

Question 9

Identity and access management between multiple users and multiple applications has become a mandatory requirement for Company XYZ to fight against ever increasing cybersecurity threats. To achieve this, federated identity services have been deployed in the Company XYZ network to provide single sign-on and Multi-Factor Authentication for the applications and services. Which protocol can be used by Company XYZ to provide authentication and authorization services?

A OAuth2
B OpenID Connect
C OpenID
D SAML 2.0

Question 10

A network security team uses a purpose-built tool to actively monitor the campus network, applications, and user activity. The team also analyzes enterprise telemetry data from IPFIX data records that are received from devices in the campus network. Which action can be taken based on the augmented data?

A reduction in time to detect and respond to threats
B integration with an incident response plan
C adoption and improvement of threat-detection response
D asset identification and grouping decisions

Question 11

SDWAN networks capitalize the usage of broadband Internet links over traditional MPLS links to offer more cost benefits to enterprise customers. However, due to the insecure nature of the public Internet, it is mandatory to use encryption of traffic between any two SDWAN edge devices installed behind NAT gateways.
Which overlay method can provide optimal transport over unreliable underlay networks that are behind NAT gateways?

A DTLS
B TLS
C IPsec
D GRE

Question 12

Which design solution reduces the amount of IGMP state in the network?

A one multicast group address thorough network regardless of IGMP version
B multiple multicast domains
C IGMP filtering
D IGMPv3 with PIM-SSM

Question 13

Company XYZ wants design recommendations for Layer 2 redundancy (using Layer 2 technologies). The company wants to prioritize flexibility and scalability elements in the new design. Which two technologies help meet these requirements? (Choose two.)

A Configure DHCP snooping on the switches
B Use switch clustering at the distribution layer where possible
C Use Unidirectional Link Detection
D Avoid stretching VLANs across switches
E Use root guard

Question 14

Which action must be taken before new VoIP systems are implemented on a network to ensure that the network is ready to handle the traffic?

A Evaluate bandwidth utilization and connection quality
B Enable special requirements such as direct DID lines on pickup
C Make recommendations to limit the size of the half-open session table on routers
D Check if anomaly detection is enabled for SIP and H.323 on Layer 3 devices

Question 15

DRAG DROP

Drag and drop the characteristics from the left onto the corresponding network management options on the right.

Question 16

Question 17

What are two top cloud-native security challenges faced by today’s cloud-oriented organizations? (Choose two.)

A polymorphism
B lack of visibility and tracking
C establishing user roles
D increased attack surface
E user credential validation

Question 18

In the case of outsourced IT services, the RTO is defined within the SLA. Which two support terms are often included in the SLA by IT and other service providers? (Choose two.)

A resolution time
B network reliability
C network size and cost
D network sustainability
E support availability

Question 19

Which two statements explain the operation of BFD asynchronous mode? (Choose two.)

A BFD asynchronous mode with echo packets uses separate control packets and echo packets
B BFD asynchronous mode with and without echo packets use control packets
C BFD asynchronous mode with echo packets combines the control packets and echo packets into a single packet
D BFD asynchronous without echo packets has control packets sent back to the originating router, which echoes the control packet to detect failures
E BFD asynchronous mode without echo packets uses control packets, and BFD asynchronous mode with echo packets does not

Question 20

Various teams in different organizations within an enterprise are preparing low-level design documents to capture network parameters using a Waterfall project model:
• hardware sizing and power consumption
• Layer 2 and layer 3 services parameters
• configuration of all control plane protocols

Input from relevant stakeholders was captured at the start of the project, and the project scope has been defined based on the parameters above. What impact will it have on documentation and project deliverables if the stakeholders ask to have changes earned out in the network before the information has been captured?

A Significant effort and time are required
B Rework is expected before the delivery
C This provides more opportunity to think outside the box
D This provides a flexible approach to incorporate changes

Question 21

Which two benefits can software defined networks provide to businesses? (Choose two.)

A provides additional redundancy
B decentralized management
C reduced latency
D enables innovation
E reduction of OpEx/CapEx
F meets high traffic demands

Question 22

Company XYZ wants to use the FCAPS ISO standard for network management design. The focus of the design should be to monitor and keep track of any performance issues by continuously collecting and analyzing statistical information to monitor, correct, and optimize any reduced responsiveness across the network. Which layer accomplishes this design requirement?

A security management
B performance management
C accounting management
D fault management

Question 23

Company XYZ is migrating their existing network to IPv6 and they must plan for Layer 2 and Layer 3 devices. Some of the access layer switches do not support IPv6, however, core and distribution switches fully support unicast and multicast routing. The company wants to minimize cost of the migration. Which migration strategy should be used in the design?

A The access layer switches must support IGMP snooping at a minimum. Any switches that do not support IGM snooping must be replaced.
B The access layer switches must support DHCPv6. Any switches that do not support DHCPv6 must be replaced.
C Upgrade the nonsupporting switches. Otherwise, it will cause an issue with the migration.
D Layer 2 switches will not affect the implementation of IPv6. They can be included in the design in their current state.

Question 24

Which two features describe controller-based networking solutions compared to traditional networking solutions? (Choose two.)

A inflate licensing costs
B reduce network configuration complexity
C provide centralization of primary IT functions
D allow for fewer network failures
E increase network bandwidth usage

Question 25

Which two characteristics are associated with 802.1s? (Choose two.)

A 802.1s provides for faster convergence over 802.1D and PVST+
B 802.1s is a Cisco enhancement to 802.1w
C 802.1s supports up to 1024 instances of 802.1w
D 802.1s maps multiple VLANs to the same spanning-tree instance
E CPU and memory requirements are the highest of all spanning-tree STP implementations

Page 1 of 11 • Questions 1-25 of 263

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

Company XYZ is planning to deploy primary and secondary (disaster recovery) data center sites. Each of these sites will have redundant SAN fabrics and data protection is expected between the data center sites. The sites are 100 miles (160 km) apart and target RPO/RTO are 3 hrs and 24 hrs, respectively. Which two considerations must Company XYZ bear in mind when deploying replication in their scenario? (Choose two.)

A Target RPO/RTO requirements cannot be met due to the one-way delay introduced by the distance between sites.
B VSANs must be extended from the primary to the secondary site to improve performance and availability.
C VSANs must be routed between sites to isolate fault domains and increase overall availability.
D Synchronous data replication must be used to meet the business requirements.
E Asynchronous data replication should be used in this scenario to avoid performance impact in the primary site.

Refer to the table. A customer investigates connectivity options for a DCI between two production data centers to aid a large-scale migration project. The migration is estimated to take 20 months to complete but might extend an additional 10 months if issues arise. All connectivity options meet the requirements to migrate workloads. Which transport technology provides the best ROI based on cost and flexibility?

A DWDM over dark fiber
B MPLS
C CWDM over dark fiber
D Metro Ethernet

Refer to the exhibit. This network is running EIGRP as the routing protocol and the internal networks are being advertised in EIGRP. Based on the link speeds, all traffic between London and Rome is getting propagated via Barcelona and the direct link between London and Rome is not being utilized under normal working circumstances. The EIGRP design should allow for efficiency in the routing table by minimizing the routes being exchanged. The link between London and Rome should be utilized for specific routes. Which two steps accomplish this task? (Choose two.)

A Configure EIGRP route summarization on all the interfaces to summarize the internal LAN routes
B Filter the routes on the link between London and Barcelona
C Filter the routes on the link between London and Rome
D Configure route leaking of summary routes on the link between London and Rome

400-007Preview