350-401 Online Practice Questions and Answers
Which description of an SD-Access wireless network infrastructure deployment is true?
A. The access point is part of the fabric underlay.
B. The WLC is part of the fabric underaly.
C. The access point is part the fabirc overlay.
D. The wireless client is part of the fabirc overlay.
Refer to the exhibit.
Link1 is a copper connection and Link2 is a fiber connection. The fiber port must be the primary port for all forwarding. The output of the show spanning-tree command on SW2 shows that the fiber port is blocked by spanning tree. An engineer enters the spanning-tree port-priority 32 command on G0/1 on SW2, but the port remains blocked.
Which command should be entered on the ports that are connected to Link2 to resolve the issue?
A. Enter spanning-tree port-priority 32 on SW1.
B. Enter spanning-tree port-priority 224 on SW1.
C. Enter spanning-tree port-priority 4 on SW2.
D. Enter spanning-tree port-priority 64 on SW2.
High bandwidth utilization is occurring on interface Gig0/1 of a router. An engineer must identify the flows that are consuming the most bandwidth. Cisco DNA Center is used as a flow exporter and is configured with the IP address
192.168.23.1 and UDP port 23000. Which configuration must be applied to set NetFlow data export and capture on the router?
A. Option A
B. Option B
C. Option C
D. Option D
Which configuration feature should be used to block rogue router advertisements instead of using the IPv6 Router Advertisement Guard feature?
A. VACL blocking broadcast frames from nonauthorized hosts
B. IPv4 ACL blocking route advertisements from nonauthorized hosts
C. PVLANs with promiscuous ports associated to route advertisements and isolated ports for nodes
D. PVLANs with community ports associated to route advertisements and isolated ports for nodes
Which function does a Cisco SD-Access extended node perform?
A. provides fabric extension to nonfabric devices through remote registration and configuration
B. performs tunneling between fabric and nonfabric devices to route traffic over unknown networks
C. used to extend the fabric connecting to downstream nonfabric enabled Layer 2 switches
D. in charge of establishing Layer 3 adjacencies with nonfabric unmanaged node
A customer has a wireless network deployed within a multi-tenant building. The network provides client access, location-based services, and is monitored using Cisco DNA Center. The security department wants to locate and track malicious devices based on threat signatures.
Which feature is required for this solution?
A. Cisco aWIPS policies on the WLC
B. Cisco aWIPS policies on Cisco DNA Center
C. malicious rogue rules on the WLC
D. malicious rogue rules on Cisco DNA Center
Refer to the exhibit.
A network engineer must simplify the IPsec configuration by enabling IPsec over GRE using IPsec profiles. Which two configuration changes accomplish this? (Choose two).
A. Create an IPsec profile, associate the transform-set ACL, and apply the profile to the tunnel interface.
B. Apply the crypto map to the tunnel interface and change the tunnel mode to tunnel mode ipsec ipv4.
C. Remove all configuration related to crypto map from R1 and R2 and eliminate the ACL.
D. Create an IPsec profile, associate the transform-set, and apply the profile to the tunnel interface.
E. Remove the crypto map and modify the ACL to allow traffic between 10.10.0.0/24 to 10.20.0.0/24.
What is an advantage of utilizing data models in a multivendor environment?
A. lowering CPU load incurred to managed devices
B. improving communication security with binary encoded protocols
C. facilitating a unified approach to configuration and management
D. removing the distinction between configuration and runtime state data
Refer to the exhibit. Which command set must be applied on R1 to establish a BGP neighborship with R2 and to allow communication from R1 to reach the networks?
A. router bgp 1200 network 209.165.200.224 mask 255.255.255.224 neighbor 209.165.202.130 remote-as 1201
B. router bgp 1200 network 209.165.201.0 mask 255.255.255.224 neighbor 209.165.202.130 remote-as 1201
C. router bgp 1200 network 209.165.200.224 mask 255.255.255.224 neighbor 209.165.202.130 remote-as 1200
D. router bgp 1200 network 209.165.200.224 mask 255.255.255.224 neighbor 209.165.201.2 remote-as 1200
Which two actions are recommended as security best practice to protect REST API (Choose two)
A. Use TACACACS+ authentication
B. Enable dual authentication of the session
C. Enable out-of band authentication
D. Use SSL for encryption
E. Use a password hash
Refer to the exhibit. An engineer must ensure that all traffic entering AS 200 from AS 100 chooses Link 2 as an entry point. Assume tliat all BGP neighbor relationships have been formed and that the attributes have not been changed on any of the routers. Which configuration accomplishes this task?
A. R4(config)#route-map PREPEND permit 10 R4(config-route-map)#set as-path prepend 200 200 200 R4(config)#router bgp 200 R4(conflg-router)#neighbor 10.2.2.2 route-map PREPEND out
B. R3(config)#route-map PREPEND permit 10 R3(config-route-map)#set as-path prepend 200 200 200 R3(config)#router bgp 200 R3(conflg-router)#neighbor 10.1.1.1 route-map PREPEND out
C. R4(config)#route-map PREPEND permit 10 R4(config-route-map)#set as-path prepend 100 100 100 R4(config)#router bgp 200 R4(config-router)#neighbor 10.2.2.2 route-map PREPEND in
D. R3(config)#route-map PREPEND permit 10 R3(config-route-map)#set as-path prepend 100 100 100 R3(config)#router bgp 200 R3(config-router)#neighbor 10.2.2.2 route-map PREPEND in
An engineer must configure HSRP group 300 on a Cisco IOS router. When the router is functional, it must be the active HSRP router
The peer router has been configured using the default priority value.
Which three commands are required? (Choose three.)
A. standby 300 timers 1 110
B. standby 300 priority 90
C. standby 300 priority 110
D. standby version 2
E. standby 300 preempt
F. standby version 1
Which two components are supported by LISP? (choose two )
A. proxy ETR
B. egress tunnel router
C. route reflector
D. HMAC algorithm
E. spoke
Based on the output below, which Python code shows the value of the "upTime" key?
A. json_data = response.json() print(json_data['response'][0]['upTime'])
B. json_data = response.json()
print(json_data[response][0][upTime])
C. json_data = json.loads(response.text) print(json_data['response']['family']['upTime'])
D. json_data = response.json() print(json_data['response'][family]['upTime'])
DRAG DROP
Drag and drop the DHCP messages that are exchanged between a client and an AP into the order they are exchanged on the right.
Select and Place:
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
• 6000+ PDF and VCE exam dumps
• 6000+ Free demo downloads available
• 50+ Preparation Labs
• 20+ Representatives Providing 24/7 Support
Copyright © 2004-2024 certbus.com, All Rights Reserved.