350-401: Implementing Cisco Enterprise Network Core Technologies (ENCOR) Part 1
Question #: 1
Topic #: 1
What is the difference between a RIB and a FIB?
A. The FIB is populated based on RIB content.
B. The RIB maintains a mirror image of the FIB.
C. The RIB is used to make IP source prefix-based switching decisions.
D. The FIB is where all IP routing information is stored.
Selected Answer: A
Question #: 2
Topic #: 1
Which QoS component alters a packet to change the way that traffic is treated in the network?
A. policing
B. classification
C. marking
D. shaping
Selected Answer: C
Question #: 3
Topic #: 1
DRAG DROP –
Drag and drop the descriptions from the left onto the correct QoS components on the right.
Select and Place:
Suggestion Answer:
Question #: 4
Topic #: 1
Which statement about Cisco Express Forwarding is true?
A. The CPU of a router becomes directly involved with packet-switching decisions.
B. It uses a fast cache that is maintained in a router data plane.
C. It maintains two tables in the data plane: the FIB and adjacency table.
D. It makes forwarding decisions by a process that is scheduled through the IOS scheduler.
Selected Answer: C
Question #: 5
Topic #: 1
What is a benefit of deploying an on-premises infrastructure versus a cloud infrastructure deployment?
A. ability to quickly increase compute power without the need to install additional hardware
B. less power and cooling resources needed to run infrastructure on-premises
C. faster deployment times because additional infrastructure does not need to be purchased
D. lower latency between systems that are physically located near each other
Selected Answer: D
Question #: 6
Topic #: 1
DRAG DROP –
Drag and drop the characteristics from the left onto the appropriate infrastructure deployment types on the right.
Select and Place:
Suggestion Answer:
Question #: 7
Topic #: 1
How does QoS traffic shaping alleviate network congestion?
A. It drops packets when traffic exceeds a certain bitrate.
B. It buffers and queues packets above the committed rate.
C. It fragments large packets and queues them for delivery.
D. It drops packets randomly from lower priority queues.
Selected Answer: B
Question #: 8
Topic #: 1
An engineer is describing QoS to a client.
Which two facts apply to traffic policing? (Choose two.)
A. Policing should be performed as close to the source as possible.
B. Policing adapts to network congestion by queuing excess traffic.
C. Policing should be performed as close to the destination as possible.
D. Policing drops traffic that exceeds the defined rate.
E. Policing typically delays the traffic, rather than drops it.
Selected Answer: CD
Question #: 9
Topic #: 1
Which component handles the orchestration plane of the Cisco SD-WAN?
A. vBond
B. vSmart
C. vManage
D. WAN Edge
Selected Answer: A
Question #: 10
Topic #: 1
What are two device roles in Cisco SD-Access fabric? (Choose two.)
A. edge node
B. vBond controller
C. access switch
D. core switch
E. border node
Selected Answer: AE
Question #: 11
Topic #: 1
What is the role of the vSmart controller in a Cisco SD-WAN environment?
A. It performs authentication and authorization.
B. It manages the control plane.
C. It is the centralized network management system.
D. It manages the data plane.
Selected Answer: B
Question #: 12
Topic #: 1
When a wired client connects to an edge switch in a Cisco SD-Access fabric, which component decides whether the client has access to the network?
A. edge node
B. Identity Services Engine
C. RADIUS server
D. control-plane node
Selected Answer: B
Question #: 13
Topic #: 1
Which benefit is offered by a cloud infrastructure deployment but is lacking in an on-premises deployment?
A. virtualization
B. supported systems
C. storage capacity
D. efficient scalability
Selected Answer: D
Question #: 14
Topic #: 1
Which action is the vSmart controller responsible for in a Cisco SD-WAN deployment?
A. onboard WAN Edge nodes into the Cisco SD-WAN fabric
B. gather telemetry data from WAN Edge routers
C. distribute policies that govern data forwarding performed within the Cisco SD-WAN fabric
D. handle, maintain, and gather configuration and status for nodes within the Cisco SD-WAN fabric
Selected Answer: C
Question #: 15
Topic #: 1
Where is radio resource management performed in a Cisco SD-Access wireless solution?
A. DNA Center
B. control plane node
C. wireless controller
D. Cisco CMX
Selected Answer: C
Question #: 16
Topic #: 1
DRAG DROP –
Drag and drop the characteristics from the left onto the infrastructure types on the right.
Select and Place:
Suggestion Answer:
Question #: 17
Topic #: 1
How does the RIB differ from the FIB?
A. The FIB maintains network topologies and routing tables. The RIB is a list of routes to particular network destinations.
B. The FIB includes many routes to a single destination. The RIB is the best route to a single destination.
C. The RIB is used to create network topologies and routing tables. The FIB is a list of routes to particular network destinations.
D. The RIB includes many routes to the same destination prefix. The FIB contains only the best route.
Selected Answer: D
Question #: 18
Topic #: 1
Which technology is used to provide Layer 2 and Layer 3 logical networks in the Cisco SD-Access architecture?
A. underlay network
B. VPN routing/forwarding
C. easy virtual network
D. overlay network
Selected Answer: D
Question #: 19
Topic #: 1
What is the difference between CEF and process switching?
A. CEF processes packets that are too complex for process switching to manage.
B. Process switching is faster than CEF.
C. CEF uses the FIB and the adjacency table to make forwarding decisions, whereas process switching punts each packet.
D. CEF is more CPU-intensive than process switching.
Selected Answer: C
Question #: 20
Topic #: 1
What are two considerations when using SSO as a network redundancy feature? (Choose two.)
A. requires synchronization between supervisors in order to guarantee continuous connectivity
B. the multicast state is preserved during switchover
C. must be combined with NSF to support uninterrupted Layer 3 operations
D. both supervisors must be configured separately
E. must be combined with NSF to support uninterrupted Layer 2 operations
Selected Answer: AC
Question #: 21
Topic #: 1
DRAG DROP –
Drag and drop the characteristics from the left onto the correct infrastructure deployment type on the right.
Select and Place:
Suggestion Answer:
Question #: 22
Topic #: 1
In a Cisco SD-Access fabric, which control plane protocol is used for mapping and resolving endpoints?
A. DHCP
B. VXLAN
C. SXP
D. LISP
Selected Answer: D
Question #: 23
Topic #: 1
What are two differences between the RIB and the FIB? (Choose two.)
A. FIB is a database of routing prefixes, and the RIB is the information used to choose the egress interface for each packet.
B. The FIB is derived from the data plane, and the RIB is derived from the FIB.
C. The RIB is a database of routing prefixes, and the FIB is the information used to choose the egress interface for each packet.
D. The RIB is derived from the control plane, and the FIB is derived from the RIB.
E. The FIB is derived from the control plane, and the RIB is derived from the FIB.
Selected Answer: CD
Question #: 24
Topic #: 1
Which two network problems indicate a need to implement QoS in a campus network? (Choose two.)
A. port flapping
B. excess jitter
C. misrouted network packets
D. duplicate IP addresses
E. bandwidth-related packet loss
Selected Answer: BE
Question #: 25
Topic #: 1
In a Cisco SD-Access wireless architecture, which device manages endpoint ID to edge node bindings?
A. fabric control plane node
B. fabric wireless controller
C. fabric border node
D. fabric edge node
Selected Answer: A
Question #: 26
Topic #: 1
DRAG DROP –
Drag and drop the QoS mechanisms from the left onto their descriptions on the right.
Select and Place:
Suggestion Answer:
Question #: 27
Topic #: 1
Which control plane protocol is used between Cisco SD-WAN routers and vSmart controllers?
A. TCP
B. OMP
C. UDP
D. BGP
Selected Answer: B
Question #: 28
Topic #: 1
In a three-tier hierarchical campus network design, which action is a design best-practice for the core layer?
A. provide QoS prioritization services such as marking, queueing, and classification for critical network traffic
B. provide redundant Layer 3 point-to-point links between the core devices for more predictable and faster convergence
C. provide advanced network security features such as 802.1X, DHCP snooping, VACLs, and port security
D. provide redundant aggregation for access layer devices and first-hop redundancy protocols such as VRRP
Selected Answer: B
Question #: 29
Topic #: 1
What is a VPN in a Cisco SD-WAN deployment?
A. common exchange point between two different services
B. attribute to identify a set of services offered in specific places in the SD-WAN fabric
C. virtualized environment that provides traffic isolation and segmentation in the SD-WAN fabric
D. virtual channel used to carry control plane information
Selected Answer: C
Question #: 30
Topic #: 1
Which function does a fabric edge node perform in an SD-Access deployment?
A. Connects endpoints to the fabric and forwards their traffic.
B. Encapsulates end-user data traffic into LISP.
C. Connects the SD-Access fabric to another fabric or external Layer 3 networks.
D. Provides reachability between border nodes in the fabric underlay.
Selected Answer: A
Question #: 31
Topic #: 1
What is the role of a fusion router in an SD-Access solution?
A. acts as a DNS server
B. provides additional forwarding capacity to the fabric
C. performs route leaking between user-defined virtual networks and shared services
D. provides connectivity to external networks
Selected Answer: C
Question #: 32
Topic #: 1
Which action is the vSmart controller responsible for in an SD-WAN deployment?
A. onboard vEdge nodes into the SD-WAN fabric
B. gather telemetry data from vEdge routers
C. distribute security information for tunnel establishment between vEdge routers
D. manage, maintain, and gather configuration and status for nodes within the SD-WAN fabric
Selected Answer: C
Question #: 33
Topic #: 1
What is one fact about Cisco SD-Access wireless network deployments?
A. The access point is part of the fabric overlay.
B. The wireless client is part of the fabric overlay.
C. The access point is part of the fabric underlay.
D. The WLC is part of the fabric underlay.
Selected Answer: A
Question #: 34
Topic #: 1
In a Cisco SD-Access solution, what is the role of a fabric edge node?
A. to connect external Layer 3 networks to the SD-Access fabric
B. to connect wired endpoints to the SD-Access fabric
C. to advertise fabric IP address space to external networks
D. to connect the fusion router to the SD-Access fabric
Selected Answer: B
Question #: 35
Topic #: 1
What are two reasons a company would choose a cloud deployment over an on-prem deployment? (Choose two.)
A. Cloud costs adjust up or down depending on the amount of resources consumed. On-prem costs for hardware, power, and space are on-going regardless of usage.
B. Cloud resources scale automatically to an increase in demand. On-prem requires additional capital expenditure.
C. In a cloud environment, the company is in full control of access to their data. On-prem risks access to data due to service provider outages.
D. In a cloud environment, the company controls technical issues. On-prem environments rely on the service provider to resolve technical issues.
E. Cloud deployments require long implementation times due to capital expenditure processes. On-prem deployments can be accomplished quickly using operational expenditure processes.
Selected Answer: AB
Question #: 36
Topic #: 1
What is the difference between the MAC address table and TCAM?
A. TCAM is used to make L2 forwarding decisions. CAM is used to build routing tables.
B. Router prefix lookups happen in CAM. MAC address table lookups happen in TCAM.
C. The MAC address table supports partial matches. TCAM requires an exact match.
D. The MAC address table is contained in CAM. ACL and QoS information is stored in TCAM.
Selected Answer: D
Question #: 37
Topic #: 1
Which controller is the single plane of management for Cisco SD-WAN?
A. vBond
B. vSmart
C. vManage
D. vEdge
Selected Answer: C
Question #: 38
Topic #: 1
A company plans to implement intent-based networking in its campus infrastructure.
Which design facilitates a migration from a traditional campus design to a programmable fabric design?
A. two-tier
B. Layer 2 access
C. three-tier
D. routed access
Selected Answer: D
Question #: 39
Topic #: 1
Which statement about a fabric access point is true?
A. It is in local mode and must be connected directly to the fabric edge switch.
B. It is in local mode and must be connected directly to the fabric border node.
C. It is in FlexConnect mode and must be connected directly to the fabric border node.
D. It is in FlexConnect mode and must be connected directly to the fabric edge switch.
Selected Answer: A
Question #: 40
Topic #: 1
A customer requests a network design that supports these requirements:
✑ FHRP redundancy
✑ multivendor router environment
✑ IPv4 and IPv6 hosts
Which protocol does the design include?
A. VRRP version 2
B. VRRP version 3
C. GLBP
D. HSRP version 2
Selected Answer: B
Question #: 41
Topic #: 1
While configuring an IOS router for HSRP with a virtual IP of 10.1.1.1, an engineer sees this log message.
Jan 1 12:12:12.111 : %HSRP-4-DIFFVIP1: GigabitEthernet0/0 Grp 1 active routers virtual IP address 10.1.1.1 is different to the locally configured address 10.1.1.25
Which configuration change must the engineer make?
A. Change the HSRP group configuration on the local router to 1.
B. Change the HSRP virtual address on the local router to 10.1.1.1.
C. Change the HSRP virtual address on the remote router to 10.1.1.1.
D. Change the HSRP group configuration on the remote router to 1.
Selected Answer: B
Question #: 42
Topic #: 1
A network administrator has designed a network with two multilayer switches on the distribution layer, which act as default gateways for the end hosts. Which two technologies allow every end host in a VLAN to use both gateways? (Choose two.)
A. VRRP
B. GLBP
C. VSS
D. MHSRP
E. HSRP
Selected Answer: BC
Question #: 43
Topic #: 1
Refer to the exhibit. On which interfaces should VRRP commands be applied to provide first hop redundancy to PC-01 and PC-02?
A. G0/0 and G0/1 on Core
B. G0/0 on Edge-01 and G0/0 on Edge-02
C. G0/1 on Edge-01 and G0/1 on Edge-02
D. G0/0 and G0/1 on ASW-01
Selected Answer: C
Question #: 44
Topic #: 1
Under which network conditions is an outbound QoS policy that is applied on a router WAN interface most beneficial?
A. under traffic classification and marking conditions
B. under interface saturation conditions
C. under all network conditions
D. under network convergence conditions
Selected Answer: B
Question #: 45
Topic #: 1
An engineer must configure HSRP group 300 on a Cisco IOS router. When the router is functional, it must be the active HSRP router. The peer router has been configured using the default priority value. Which command set is required?
A. standby version 2 standby 300 priority 110 standby 300 preempt
B. standby 300 priority 110 standby 300 timers 1 110
C. standby version 2 standby 300 priority 90 standby 300 preempt
D. standby 300 priority 90 standby 300 preempt
Selected Answer: A
Question #: 46
Topic #: 1
What is the function of a fabric border node in a Cisco SD-Access environment?
A. To collect traffic flow information toward external networks.
B. To connect the Cisco SD-Access fabric to another fabric or external Layer 3 networks.
C. To attach and register clients to the fabric.
D. To handle an ordered list of IP addresses and locations for endpoints in the fabric.
Selected Answer: B
Question #: 47
Topic #: 1
In a wireless Cisco SD-Access deployment, which roaming method is used when a user moves from one AP to another on a different access switch using a single
WLC?
A. Layer 3
B. inter-xTR
C. auto anchor
D. fast roam
Selected Answer: B
Question #: 48
Topic #: 1
What is the recommended MTU size for a Cisco SD-Access Fabric?
A. 4464
B. 17914
C. 9100
D. 1500
Selected Answer: C
Question #: 49
Topic #: 1
What is the function of the fabric control plane node in a Cisco SD-Access deployment?
A. It is responsible for policy application and network segmentation in the fabric.
B. It performs traffic encapsulation and security profiles enforcement in the fabric.
C. It holds a comprehensive database that tracks endpoints and networks in the fabric.
D. It provides integration with legacy nonfabric-enabled environments.
Selected Answer: C
Question #: 50
Topic #: 1
What is the data policy in a Cisco SD-WAN deployment?
A. list of ordered statements that define node configurations and authentication used within the SD-WAN overlay
B. set of statements that defines how data is forwarded based on IP packet information and specific VPNs
C. detailed database mapping several kinds of addresses with their corresponding location
D. group of services tested to guarantee devices and links liveliness within the SD-WAN overlay
Selected Answer: B
Question #: 51
Topic #: 1
In Cisco SD-WAN, which protocol is used to measure link quality?
A. IPsec
B. OMP
C. RSVP
D. BFD
Selected Answer: D
Question #: 52
Topic #: 1
What is used to perform QoS packet classification?
A. the Type field in the Layer 2 frame
B. the Options field in the Layer 3 header
C. the TOS field in the Layer 3 header
D. the Flags field in the Layer 3 header
Selected Answer: C
Question #: 53
Topic #: 1
How do cloud deployments differ from on-premises deployments?
A. Cloud deployments require longer implementation times than on-premises deployments.
B. Cloud deployments are more customizable than on-premises deployments.
C. Cloud deployments have lower upfront costs than on-premises deployments.
D. Cloud deployments require less frequent upgrades than on-premises deployments.
Selected Answer: C
Question #: 54
Topic #: 1
Which controller is capable of acting as a STUN server during the onboarding process of Edge devices?
A. vBond
B. vSmart
C. vManage
D. PNP Server
Selected Answer: A
Question #: 55
Topic #: 1
How is 802.11 traffic handled in a fabric-enabled SSID?
A. centrally switched back to WLC where the user traffic is mapped to a VXLAN on the WLC
B. converted by the AP into 802.3 and encapsulated into VXLAN
C. centrally switched back to WLC where the user traffic is mapped to a VLAN on the WLC
D. converted by the AP into 802.3 and encapsulated into a VLAN
Selected Answer: B
Question #: 56
Topic #: 1
Refer to the exhibit.
An engineer is installing a new pair of routers in a redundant configuration. When checking on the standby status of each router, the engineer notices that the routers are not functioning as expected.
Which action will resolve the configuration error?
A. configure matching hold and delay timers
B. configure matching key-strings
C. configure matching priority values
D. configure unique virtual IP addresses
Selected Answer: D
Question #: 57
Topic #: 1
Refer to the exhibit.
Router1 is currently operating as the HSRP primary with a priority of 110. Router1 fails and Router2 takes over the forwarding role. Which command on Router1 causes it to take over the forwarding role when it returns to service?
A. standby 2 priority
B. standby 2 preempt
C. standby 2 track
D. standby 2 timers
Selected Answer: B
Question #: 58
Topic #: 1
An engineer has deployed a single Cisco 5520 WLC with a management IP address of 172 16.50.5/24. The engineer must register 50 new Cisco AIR-CAP2802I-
E-K9 access points to the WLC using DHCP option 43. The access points are connected to a switch in VLAN 100 that uses the 172.16.100.0/24 subnet. The engineer has configured the DHCP scope on the switch as follows:
Network 172.16.100.0 255.255.255.0
Default Router 172.16.100.1 –
Option 43 ASCII 172.16.50.5 –
The access points are failing to join the wireless LAN controller. Which action resolves the issue?
A. configure option 43 Hex F104.AC10.3205
B. configure option 43 Hex F104.CA10.3205
C. configure dns-server 172.16.50.5
D. configure dns-server 172. 16.100.1
Selected Answer: A
Question #: 59
Topic #: 1
What is the role of vSmart in a Cisco SD-WAN environment?
A. to establish secure control plane connections
B. to monitor, configure, and maintain SD-WAN devices
C. to provide secure data plane connectivity over WAN links
D. to perform initial authentication of devices
Selected Answer: A
Question #: 60
Topic #: 1
Which action is performed by Link Management Protocol in a Cisco StackWise Virtual domain?
A. It determines which switch becomes active or standby.
B. It determines if the hardware is compatible to form the StackWise Virtual domain.
C. It rejects any unidirectional link traffic forwarding.
D. It discovers the StackWise domain and brings up SVL interfaces.
Selected Answer: C
Question #: 61
Topic #: 1
What are two reasons why broadcast radiation is caused in the virtual machine environment? (Choose two.)
A. vSwitch must interrupt the server CPU to process the broadcast packet.
B. The Layer 2 domain can be large in virtual machine environments.
C. Virtual machines communicate primarily through broadcast mode.
D. Communication between vSwitch and network switch is broadcast based.
E. Communication between vSwitch and network switch is multicast based.
Selected Answer: AB
Question #: 62
Topic #: 1
Which two GRE features are configured to prevent fragmentation? (Choose two.)
A. TCP window size
B. IP MTU
C. TCP MSS
D. DF bit clear
E. MTU ignore
Selected Answer: BC
Question #: 63
Topic #: 1
Which LISP device is responsible for publishing EID-to-RLOC mappings for a site?
A. ETR
B. MR
C. ITR
D. MS
Selected Answer: A
Question #: 64
Topic #: 1
Refer to the exhibit.
Assuming that R1 is a CE router, which VRF is assigned to Gi0/0 on R1?
A. default VRF
B. VRF VPN_A
C. VRF VPN_B
D. management VRF
Selected Answer: A
Question #: 65
Topic #: 1
What are two benefits of virtualizing the server with the use of VMs in a data center environment? (Choose two.)
A. reduced rack space, power, and cooling requirements
B. smaller Layer 2 domain
C. increased security
D. speedy deployment
E. reduced IP and MAC address requirements
Selected Answer: AD
Question #: 66
Topic #: 1
Which statement about route targets is true when using VRF-Lite?
A. Route targets control the import and export of routes into a customer routing table.
B. When BGP is configured, route targets are transmitted as BGP standard communities.
C. Route targets allow customers to be assigned overlapping addresses.
D. Route targets uniquely identify the customer routing table.
Selected Answer: A
Question #: 67
Topic #: 1
Which LISP infrastructure device provides connectivity between non-LISP sites and LISP sites by receiving non-LISP traffic with a LISP site destination?
A. PITR
B. map resolver
C. map server
D. PETR
Selected Answer: A
Question #: 68
Topic #: 1
Which statement explains why Type 1 hypervisor is considered more efficient than Type2 hypervisor?
A. Type 1 hypervisor is the only type of hypervisor that supports hardware acceleration techniques.
B. Type 1 hypervisor relies on the existing OS of the host machine to access CPU, memory, storage, and network resources.
C. Type 1 hypervisor runs directly on the physical hardware of the host machine without relying on the underlying OS.
D. Type 1 hypervisor enables other operating systems to run on it.
Selected Answer: C
Question #: 69
Topic #: 1
Which statement about VXLAN is true?
A. VXLAN encapsulates a Layer 2 frame in an IP-UDP header, which allows Layer 2 adjacency across router boundaries.
B. VXLAN uses the Spanning Tree Protocol for loop prevention.
C. VXLAN extends the Layer 2 Segment ID field to 24-bits, which allows up to 4094 unique Layer 2 segments over the same network.
D. VXLAN uses TCP as the transport protocol over the physical data center network.
Selected Answer: A
Question #: 70
Topic #: 1
Which TCP setting is tuned to minimize the risk of fragmentation on a GRE/IP tunnel?
A. MSS
B. MTU
C. MRU
D. window size
Selected Answer: A
