300-420 Online Practice Questions and Answers

DRAG DROP

Drag and drop the descriptions from the left onto the corresponding VPN types on the right.

Select and Place:

An engineer must design a VPN solution for a company that has multiple branches connecting to a main office. What are two advantages of using DMVPN instead of IPsec tunnels to accomplish this task? (Choose two.)

A. support for AES 256-bit encryption

B. greater scalability

C. support for anycast gateway

D. lower traffic overhead

E. dynamic spoke-to-spoke tunnels

What is an advantage of designing an out-of-band network management solution?

A. In the event of a production network outage, network devices can still be managed.

B. There is no separation between the production network and the management network.

C. In the event of a production network outage, it can be used as a backup network path.

D. It is less expensive than an in-band management solution

Which common issue causes intermittent DMVPN tunnel flaps?

A. a routing neighbor reachability issue

B. a suboptimal routing table

C. interface bandwidth congestion

D. that the GRE tunnel to hub router is not encrypted

Which solution allows overlay VNs to communicate with each other in an SD-WAN Architecture?

A. External fusion routers can be used to map VNs to VRFs and selectively route traffic between VRFs.

B. GRE tunneling can be configured between fabric edges to connect one VN to another.

C. SGTs can be used to permit traffic from one VN to another.

D. Route leaking can be used on the fabric border nodes to inject routes from one VN to another.

An engineer must design a VPN solution for a company that has multiple branches connecting to a main office. What are two advantages of using DMVPN instead of IPsec tunnels to accomplish this task? (Choose two.)

A. support for AES 256-bit encryption

B. greater scalability

C. support for anycast gateway

D. lower traffic overhead

E. dynamic spoke-to-spoke tunnels

When a first hop redundancy solution is designed, which protocol ensures that load balancing occurs over multiple routers using a single virtual IP address and multiple virtual MAC addresses?

A. GLBP

B. IRDP

C. VRRP

D. HSRP

How is end-to-end microsegmentation enforced in a Cisco SD-Access architecture?

A. VLANs are used to segment traffic at Layer 2.

B. 5-tuples and ACLs are used to permit or deny traffic.

C. SGTs and SGTACLs are used to control access to various resources.

D. VRFs are used to segment traffic at Layer 3.

An architect is designing a network that will utilize the spanning tree protocol to ensure a loop-free topology. The network will support an engineering environment where it is necessary for end users to connect their own network switches for testing purposes. Which feature should the architect include in the design to ensure the spanning tree topology is not affected by these rogue switches?

A. BPDU Skew Detection

B. BPDU guard

C. loop guard

D. root guard

An engineer must design a scalable QoS architecture that allows the separation of the traffic into classes on predefined business requirements. The design must also utilize the differentiated services code points as the QoS priority descriptor value and support at least 10 levels of classification. Which QoS technology should the engineer include in the design?

A. RSVP

B. Diffserv

C. Best effort

D. Interserv

An engineer is designing an EIGRP network for a small branch site where there is only one Layer 3 router. The engineer wants the router to advertise the local LAN network to remote EIGRP neighbors without sending any unnecessary multicast messages on the local LAN. Which action should the engineer take?

A. Use a static default route for this site instead of EIGRP

B. Advertise the local LAN using the network command and the passive-interface feature

C. Redistribute the local LAN network using the redistribute connected command

D. Advertise the local LAN subnet as a stub network

How are wireless endpoints registered in the HTDB in a Cisco SD-Access architecture?

A. Fabric edge nodes update the HTDB based on CAPPWAP messaging from the AP

B. Fabric WLCs update the HTDB as new clients connect to the wireless network

C. Border nodes first register endpoints and then update the HTDB

D. Fabric APs update the HTDB with the clients' ElD and RLOC

Refer to the exhibit. An architect must design a solution to connect the two ASs. To optimize bandwidth, the design will implement load sharing between router R6 and router R1. Which solution should the design include?

A. Use update-source to specify the Loopback interface.

B. Use next-hop-self attributes only for routes that are learned from eBGP peers.

C. Configure the eBGP TTL to support eBGP multihop.

D. Use maximum-paths to install multiple paths in the routing table.

Which topology within a network underlay eliminates the need for first hop redundancy protocols while improving fault tolerance, increasing resiliency, and simplifying the network?

A. virtualized topology

B. routed access topology

C. Layer 2 topology

D. logical fabric topology

Refer to the exhibit.

An architect must design a solution to connect bank site A with bank site B and support: network operation center monitoring end-to-end L3VPN and L2VPN traffic company adding thousands of routes in the next two years

Which two BGP solutions must the design include? (Choose two.)

A. Establish full mesh IBGP peering with ail routers in different IGP domains.

B. Redistribute different IGP domain routes in a BGP IPv4 routing instance.

C. Transport site routes using a BGP VPNv4 address family on the PE routers.

D. Apply BGP policies on all routers to filter out ABR and PE loopback IP addresses.

E. Connect multiple IGP'LDP domains using a BGP IPv4 unicast family on the ABR.