Free preview mode
Enjoy the free questions and consider upgrading to gain full access!
400-007
Free trial
Verified
Question 26
What are two advantages of controller-based networks versus traditional networks? (Choose two.)
- A: more consistent device configuration
- B: the ability to have forwarding tables at each device
- C: programmatic APIs that are available per device
- D: the ability to configure the features for the network rather than per device
- E: more flexible configuration per device
Question 27
What are two design constraints in a standard spine and leaf architecture? (Choose two.)
- A: Spine switches can connect to each other
- B: Endpoints connect only to the spine switches
- C: Each spine switch must connect to every leaf switch
- D: Leaf switches must connect to each other
- E: Each leaf switch must connect to every spine switch
Question 28
What is a description of a control plane action?
- A: de-encapsulating and re-encapsulating a packet in a data-link frame
- B: matching the destination MAC address of an Ethernet frame to the MAC address table
- C: matching the destination IP address of an IP packet to the IP routing table
- D: hosts locating routers that reside on attached links using the IPv6 Neighbor Discover Protocol
Question 29
A network architect in an enterprise is designing a network policy for certain database applications. The goal of the policy is to allow these applications to access the internet directly, whereas other user and network applications that communicate with systems or users outside their own network must be routed through the data center. The focus is on achieving higher availability and a better user experience for the database applications, but switching between different network paths based on performance characteristics must be supported.
Which solution meets these requirements?
- A: MPLS direct connect
- B: Cloud onRamp for SaaS
- C: Cloud onRamp for IaaS
- D: MPLS L3VPN with QoS
Question 30
Which two statements describe network automation and network orchestration? (Choose two.)
- A: Provisioning network services is an example of network automation
- B: Network orchestration is used to run single, low-level tasks without human intervention
- C: Network automation does not provide governance or policy management
- D: Network automation spans multiple network services, vendors, and environments
- E: Network orchestration is done through programmatic REST APIs enabling automation across devices and management platforms
Question 31
When an SDN-based model is used to transmit multimedia traffic, which aspect should an architect consider while designing the network?
- A: security
- B: QoE estimation
- C: traffic patterns
- D: flow forwarding
Question 32
A customer has a functional requirement that states HR systems within a data center should be segmented from other systems that reside in the same data center and same VLAN. The systems run legacy applications by using hard-coded IP addresses with all HR systems dedicated to .129 to .254 of the 10.20.20.0/24 prefix. Which segmentation method is optimal for the customer?
- A: data center perimeter firewalling
- B: routed firewalls
- C: VACLs on data center switches
- D: ACLs on data center switches
Question 33
Company XYZ has implemented policy-based routing in their network. Which potential problem must be kept in mind about network reconvergence and PBR?
- A: It can limit network scalability.
- B: It can create microloops during reconvergence.
- C: It reduces convergence time.
- D: It increases convergence time.
Question 34
Refer to the exhibit. An architect must design an enterprise WAN that connects the headquarters with 22 branch offices. The number of remote sites is expected to triple in the next three years. The final solution must comply with these requirements:
• Only the loopback address of each of the enterprise CE X and Y routers must be advertised to the interconnecting service provider cloud network.
• The transport layer must carry the VPNv4 label and VPN payload over the MP-BGP control plane.
• The transport layer must not be under service provider control.
Which enterprise WAN transport virtualization technique meets the requirements?
- A: EIGRP Over the Top
- B: MPLS over BGP over multipoint GRE
- C: DMVPN per VRF
- D: point-to-point GRE per VRF
Question 35
Router R1 is a BGP speaker with one peering neighbor over link "A". When the R1 link/interface "A" fails, routing announcements are terminated, which results in the tearing down of the state for all BGP routes at each end of the link. What is this a good example of?
- A: fault isolation
- B: resiliency
- C: redundancy
- D: fate sharing
Question 36
An architect receives a functional requirement for a NAC system from a customer security policy stating that if a corporate Wi-Fi device does not meet current AV definitions, then it cannot access the corporate network until the definitions are updated. Which component should be built into the NAC design?
- A: posture assessment with remediation VLAN
- B: quarantine SGTs
- C: dACLs with SGTs
- D: quarantine VLAN
Question 37
Which solution component helps to achieve rapid migration to the cloud for SaaS and public cloud leveraging SD-WAN capabilities?
- A: service-oriented cloud architecture
- B: Cloud onramp
- C: cloud registry
- D: microservices in the cloud
Question 38
A company uses equipment from multiple vendors in a data center fabric to deliver SDN, enable maximum flexibility, and provide the best return on investment. Which YANG data model should be adopted for comprehensive features to simplify and streamline automation for the SDN fabric?
- A: proprietary
- B: OpenConfig
- C: native
- D: IETF
Question 39
Which development model is closely associated with Agile project management?
- A: lifecycle model
- B: starfish model
- C: static model
- D: evolutionary delivery model
Question 40
Company XYZ wants to use the FCAPS ISO standard for network management design. The focus of the design should be to minimize network outages by employing a set of procedures and activities to detect and isolate network issues and the appropriate corrective actions to overcome current issues and prevent them from occurring again. Which layer accomplishes this design requirement?
- A: fault management
- B: accounting management
- C: security management
- D: performance management
Question 41
A business wants to refresh its legacy Frame Relay WAN. It currently has product specialists in each of its 200 branches but plans to reduce and consolidate resources. The goal is to have product specialists available via video link when customers visit the nationwide branch offices. Which technology should be used to meet this objective?
- A: DMVPN phase 1 network over the Internet
- B: Layer 3 MPLS VPN hub and spoke
- C: Layer 2 VPLS
- D: Layer 3 MPLS VPN full mesh
Question 42
Which development model is closely associated with traditional project management?
- A: Agile model
- B: lifecycle model
- C: static model
- D: evolutionary delivery model
Question 43
You are designing the QoS policy for a company that is running many TCP-based applications. The company is experiencing tail drops for these applications. The company wants to use a congestion avoidance technique for these applications. Which QoS strategy can be used to fulfill the requirement?
- A: weighted fair queuing
- B: weighted random early detection
- C: first-in first-out
- D: low-latency queuing
Question 44
SD-WAN can be used to provide secure connectivity to remote offices, branch offices, campus networks, data centers, and the cloud over any type of IP-based underlay transport network. Which two statements describe SD-WAN solutions? (Choose two.)
- A: Control and data forwarding planes are kept separate.
- B: Solutions allow for variations of commodity and specialized switching hardware.
- C: SD-WAN networks are inherently protected against slow performance.
- D: Solutions include centralized orchestration, control, and zero-touch provisioning.
- E: Improved operational efficiencies result in cost savings.
Question 45
Which technology supports antispoofing and does not have any impact on encryption performance regardless of packet size?
- A: MACsec
- B: IP source guard
- C: DHCP snooping with DAI
- D: IPsec
Question 46
Which three components are part of the foundational information security principles of the CIA triad? (Choose three.)
- A: cryptography
- B: confidentiality
- C: authorization
- D: identification
- E: integrity
- F: availability
Question 47
What is an architectural framework created by ETSI that defines standards to decouple network functions from proprietary hardware-based appliances and have them run in software on standard x86 servers?
- A: NPIV
- B: NFVIS
- C: NFV
- D: VNF
Question 48
Which two features are advantages of SD-WAN compared to MPLS-based connectivity? (Choose two.)
- A: uses FEC constructs for traffic forwarding, thereby improving efficiency
- B: separates infrastructure and policy
- C: uses policy-based forwarding of real-time traffic with less complexity
- D: unifies the WAN backbone
- E: manages failures through backup links
Question 49
Which two factors must be considered for high availability in campus LAN designs to mitigate concerns about unavailability of network resources? (Choose two.)
- A: device resiliency
- B: device type
- C: network type
- D: network resiliency
- E: network size
Question 50
Company XYZ is designing the IS-IS deployment strategy for their multiarea IS-IS domain. They want IS-IS neighbor relationships to be minimized on each network segment and want to optimize the size of the IS-IS LSDB on each router. Which can design can be used to meet these requirements?
- A: Design all routers as Level 2 routers. Set the links between the routers as Level 1 with the area
- B: Design the network so that the routers connecting to other areas are Level 2 routers and internal routers are Level 1
- C: Design the network so that all routers are Level 1 routers
- D: Design the network so that the routers connecting to other areas are Level 1/Level 2 routers and internal routers are Level 1
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!