350-401: Implementing Cisco Enterprise Network Core Technologies (ENCOR) Part 7
Question #: 421
Topic #: 1
What is a TLOC in a Cisco SD-WAN deployment?
A. value that identifies a specific tunnel within the Cisco SD-WAN overlay
B. identifier that represents a specific service offered by nodes within the Cisco SD-WAN overlay
C. attribute that acts as a next hop for network prefixes
D. component set by the administrator to differentiate similar nodes that offer a common service
Selected Answer: C
Question #: 422
Topic #: 1
Refer to the exhibit. An engineer configures the BGP adjacency between R1 and R2; however, it fails to establish. Which action resolves the issue?
A. Change the network statement on R1 to 172.16.10.0.
B. Change the remote-as number on R1 to 6500.
C. Change the remote-as number for 192.168.100.11.
D. Enable synchronization on R1 and R2.
Selected Answer: B
Question #: 423
Topic #: 1
Refer to the exhibit. The trunk does not work over the back-to-back link between Switch1 interface Gig1/0/20 and Switch2 interface Gig1/0/20. Which configuration fixes the problem?
A. Switch 1(config)#interface gig1/0/20 Switch1(config-if)#switchport mode dynamic auto
B. Switch2(config)#interface gig1/0/20 Switch2(config-if)#switchport mode dynamic desirable
C. Switch2(config)#interface gig1/0/20 Switch2(config-if)#switchport mode dynamic auto
D. Switch1(config)#interface gig1/0/20 Switch1(config-if)#switchport trunk native vlan 1 Switch2(config)#interface gig1/0/20 Switch2(config-if)#switchport trunk native vlan 1
Selected Answer: B
Question #: 424
Topic #: 1
Refer to the exhibit. An engineer must configure an ERSPAN session with the remote end of the session 10.10.0.1. Which commands must be added to complete the configuration?
A. Device(config)#monitor session 1 type erspan-source Device(config-mon-erspan-src)#destination Device(config-mon-erspan-src-dst)#no origin ip address 10.10.0.1 Device(config-mon-erspan-src-dst)#ip address 10.10.0.1
B. Device(config)#monitor session 1 type erspan-source Device(config-mon-erspan-src)#destination Device(config-mon-erspan-src-dst)#no vrf 1
C. Device(config)#monitor session 1 type erspan-source Device(config-mon-erspan-src)#destination Device(config-mon-erspan-src-dst)#no origin ip address 10.10.0.1 Device(config-mon-erspan-src-dst)#ip destination address 10.10.0.1
D. Device(config)#monitor session 1 type erspan-destination Device(config-mon-erspan-src)#source Device(config-mon-erspan-src-dst)#origin ip address 10.1.0.1
Selected Answer: A
Question #: 425
Topic #: 1
Refer to the exhibit. What does the output confirm about the switch’s spanning tree configuration?
A. The spanning-tree operation mode for this switch is PVST.
B. The spanning-tree operation mode for this switch is PVST+.
C. The spanning-tree mode stp ieee command was entered on this switch.
D. The spanning-tree operation mode for this switch is IEEE.
Selected Answer: B
Question #: 426
Topic #: 1
DRAG DROP –
Drag and drop the snippets onto the blanks within the code to construct a script that advertises the network prefix 192.168.5.0/24 into a BGP session. Not all options are used.
Select and Place:
Suggestion Answer:
Question #: 427
Topic #: 1
Based on the router’s API output in JSON format below, which Python code will display the value of the `hostname` key?
A. json_data = response,json() print(json_data[‘response’][0][‘hostname’])
B. json_data = json.loads(response.text) print(json_data[‘response’][‘family’][‘hostname’])
C. json_data = json.loads(response.text) print(json_data[response][0][hostname])
D. json_data = response.json() print(json_data[‘response’][family][hostname’])
Selected Answer: A
Question #: 428
Topic #: 1
Which function is performed by vSmart in the Cisco SD-WAN architecture’?
A. distribution of IPsec keys
B. execution of localized policies
C. redistribution between OMP and other routing protocols
D. facilitation of NAT detection and traversal
Selected Answer: A
Question #: 429
Topic #: 1
Refer to the exhibit. The administrator troubleshoots an EtherChannel that keeps moving to err-disabled. Which two actions must be taken to resolve the issue?
(Choose two.)
A. Ensure that the corresponding port channel interface on the neighbor switch is named Port-channel1.
B. Ensure that the switchport parameters of Port-channel1 match the parameters of the port channel on the neighbor switch.
C. Ensure that interfaces Gi1/0/2 and Gi1/0/3 connect to the same neighboring switch.
D. Reload the switch to force EtherChannel renegotiation.
E. Ensure that the neighbor interfaces of Gi1/0/2 and Gi1/0/3 are configured as members of the same EtherChannel.
Selected Answer: BC
Question #: 430
Topic #: 1
Refer to the exhibit. A network engineer must configure NETCONF. After creating the configuration, the engineer gets output from the command show line, but not from show running-config. Which command completes the configuration?
A. Device(config)# netconf max-sessions 100
B. Device(config)# no netconf ssh acl 1
C. Device(config)# netconf lock-time 500
D. Device(config)# netconf max-message 1000
Selected Answer: D
Question #: 431
Topic #: 1
Which protocol is implemented to establish secure control plane adjacencies between Cisco SD-WAN nodes?
A. IKE
B. TLS
C. IPsec
D. ESP
Selected Answer: B
Question #: 432
Topic #: 1
Refer to the exhibit. What are two reasons for IP SLA tracking failure? (Choose two.)
A. The threshold value is wrong.
B. The destination must be 172.30.30.2 for icmp-echo.
C. The default route has the wrong next hop IP address.
D. A route back to the R1 LAN network is missing in R2.
E. The source-interface is configured incorrectly.
Selected Answer: AE
Question #: 433
Topic #: 1
Refer to the exhibit. Which command set must be added to the configuration to analyze 50 packets out of every 100?
A. sampler SAMPLER-1 mode random 1-out-of 2 flow FLOW-MONITOR-1 interface GigabitEthernet 0/0/0 ip flow monitor SAMPLER-1 input
B. flow monitor FLOW-MONITOR-1 record v4_r1 sampler SAMPLER-1 interface GigabitEthernet 0/0/0 ip flow monitor FLOW-MONITOR-1 sampler SAMPLER-1 input
C. sampler SAMPLER-1 no mode random 1-out-of 2 mode percent 50 interface GigabitEthernet 0/0/0 ip flow monitor FLOW-MONITOR-1 sampler SAMPLER-1 input
D. interface GigabitEthernet 0/0/0 ip flow monitor FLOW-MONITOR-1 sampler SAMPLER-1 input
Selected Answer: D
Question #: 434
Topic #: 1
Why would an engineer use YANG?
A. to transport data between a controller and a network device
B. to model data for NETCONF
C. to access data using SNMP
D. to translate JSON into an equivalent XML syntax
Selected Answer: B
Question #: 435
Topic #: 1
A network monitoring system uses SNMP polling to record the statistics of router interfaces. The SNMP queries work as expected until an engineer installs a new interface and reloads the router. After this action, all SNMP queries for the router fail. What is the cause of this issue?
A. The SNMP interface index changed after reboot.
B. The SNMP server traps are disabled for the link state.
C. The SNMP server traps are disabled for the interface index.
D. The SNMP community is configured incorrectly.
Selected Answer: A
Question #: 436
Topic #: 1
Which character formatting is required for DHCP Option 43 to function with current AP models?
A. MD5
B. Base64
C. ASCII
D. Hex
Selected Answer: D
Question #: 437
Topic #: 1
Which benefit is realized by implementing SSO?
A. IP first-hop redundancy
B. communication between different nodes for cluster setup
C. physical link redundancy
D. minimal network downtime following an RP switchover
Selected Answer: D
Question #: 438
Topic #: 1
Refer to the exhibit. After configuring HSRP an engineer enters the show standby command. Which two facts are derived from the output? (Choose two.)
A. R2 becomes the active router after the hold time expires.
B. If Fa0/0 is shut down, the HSRP priority on R2 becomes 80.
C. R2 Fa1/0 regains the primary role when the link comes back up.
D. The router with IP 10.10.1.3 is active because it has a higher IP address.
E. R2 is using the default HSRP hello and hold timers.
Selected Answer: BE
Question #: 439
Topic #: 1
Which two parameters are examples of a QoS traffic descriptor? (Choose two.)
A. DSCP
B. MPLS EXP bits
C. packet size
D. bandwidth
E. ToS
Selected Answer: AB
Question #: 440
Topic #: 1
Refer to the exhibit. An engineer attempts to create a configuration to allow the Blue VRF to leak into the global routing table, but the configuration does not function as expected. Which action resolves this issue?
A. Change the source network that is specified in access-list 101.
B. Change the access-list destination mask to a wildcard.
C. Change the access-list number in the route map.
D. Change the route-map configuration to VRF_BLUE.
Selected Answer: B
Question #: 441
Topic #: 1
An engineer must configure a multicast UDP jitter operation. Which configuration should be applied?
A. Router(config)#ip sla 1 Router(config)#udp-jitter 192.0.2.115 65051
B. Router(config)#ip sla 1 Router(config)#udp jitter 239.1.1.1 65051 end-point list List source-ip 192.168.1.1
C. Router(config)#ip sla 1 Router(config)#udp-jitter 192.0.2.115 65051 num-packets 20
D. Router(config)#ip sla 1 Router(config)#udp jitter 10.0.0.1 source-ip 192.168.1.1
Selected Answer: B
Question #: 442
Topic #: 1
Refer to the exhibit. The network administrator must be able to perform configuration changes when all the RADIUS servers are unreachable. Which configuration allows all commands to be authorized if the user has successfully authenticated?
A. aaa authentication login default group radius local none
B. aaa authorization exec default group radius
C. aaa authorization exec default group radius if-authenticated
D. aaa authorization exec default group radius none
Selected Answer: C
Question #: 443
Topic #: 1
In a Cisco SD-WAN solution, which two functions are performed by OMP? (Choose two.)
A. advertisement of network prefixes and their attributes
B. configuration of control and data policies
C. gathering of underlay infrastructure data
D. delivery of crypto keys
E. segmentation and differentiation of traffic
Selected Answer: AD
Question #: 444
Topic #: 1
How can an engineer prevent basic replay attacks from people who try to brute force a system via REST API?
A. Add a timestamp to the request in the API header.
B. Use a password hash.
C. Add OAuth to the request in the API header.
D. Use HTTPS.
Selected Answer: A
Question #: 445
Topic #: 1
What are the main components of Cisco TrustSec?
A. Cisco ISE and Enterprise Directory Services
B. Cisco ISE, network switches, firewalls, and routers
C. Cisco ISE and TACACS+
D. Cisco ASA and Cisco Firepower Threat Defense
Selected Answer: B
Question #: 446
Topic #: 1
What is a characteristic of a WLC that is in master controller mode?
A. Configuration on the master controller is executed on all wireless LAN controllers.
B. The master controller is responsible for load balancing all connecting clients to other controllers.
C. All new APs that join the WLAN are assigned to the master controller.
D. All wireless LAN controllers are managed by the master controller.
Selected Answer: C
Question #: 447
Topic #: 1
Which Cisco FlexConnect state allows wireless users that are connected to the network to continue working after the connection to the WLC has been lost?
A. Authentication Down/Switching Down
B. Authentication-Central/Switch-Local
C. Authentication-Central/Switch-Central
D. Authentication-Down/Switch-Local
Selected Answer: D
Question #: 448
Topic #: 1
Refer to the exhibit. Object tracking has been configured for VRRP-enabled routers Edge-01 and Edge-02. Which commands cause Edge-02 to preempt Edge-01 in the event that interface G0/0 goes down on Edge-01?
A. Edge-01(config)#interface G0/1 Edge-01(config-if)#vrrp 10 track 10 decrement 30
B. Edge-02(config)#interface G0/1 Edge-02(config-if)#vrrp 10 track 10 decrement 30
C. Edge-02(config)#interface G0/1 Edge-02(config-if)#vrrp 10 track 10 decrement 10
D. Edge-01(config)#interface G0/1 Edge-01(config-if)#vrrp 10 track 10 decrement 10
Selected Answer: A
Question #: 449
Topic #: 1
Refer to the exhibit. An engineer must prevent the R6 loopback from getting into Area 2 and Area 3 from Area 0. Which action must the engineer take?
A. Apply a filter list outbound on R3 and R7.
B. Apply a filter list inbound on R2 and R9.
C. Apply a filter list inbound on R3 and R7.
D. Apply a filter list outbound on R7 only.
Selected Answer: A
Question #: 450
Topic #: 1
An engineer must configure and validate a CoPP policy that allows the network management server to monitor router R1 via SNMP while protecting the control plane. Which two commands or command sets must be used? (Choose two.)
A. access-list 150 permit udp 10.0.1.4 0.0.0.0 host 10.0.1.2 eq snmp access-list 150 permit udp 10.0.1.4 0.0.0.0 eq snmp host 10.0.1.2 class-map match-all CoPP-management match access-group 150 policy-map CoPP-policy class CoPP-management police 8000 conform-action transmit exceed-action transmit violate-action drop control-plane Service-policy input CoPP-policy
B. show ip interface brief
C. show quality-of-service-profile
D. access-list 150 permit udp 10.0.1.4 0.0.0.0 host 10.0.1.2 eq snmp class-map match-all CoPP-management match access-group 150 policy-map CoPP-policy class CoPP-management police 8000 conform-action transmit exceed-action transmit violate-action transmit control-plane Service-policy input CoPP-policy
E. show policy-map control-plane
Selected Answer: AE
Question #: 451
Topic #: 1
A vulnerability assessment highlighted that remote access to the switches is permitted using unsecure and unencrypted protocols. Which configuration must be applied to allow only secure and reliable remote access for device administration?
A. line vty 0 15 login local transport input all
B. line vty 0 15 login local transport input ssh
C. line vty 0 15 login local transport input telnet ssh
D. line vty 0 15 login local transport input none
Selected Answer: B
Question #: 452
Topic #: 1
Which feature is used to propagate ARP, broadcast, and link-local frames across a Cisco SD-Access fabric to address connectivity needs for silent hosts that require reception of traffic to start communicating?
A. Multisite Fabric
B. Native Fabric Multicast
C. SDA Transit
D. Layer 2 Flooding
Selected Answer: D
Question #: 453
Topic #: 1
Which function does a fabric wireless LAN controller perform in a Cisco SD-Access deployment?
A. manages fabric-enabled APs and forwards client registration and roaming information to the Control Plane Node
B. coordinates configuration of autonomous nonfabric access points within the fabric
C. performs the assurance engine role for both wired and wireless clients
D. is dedicated to onboard clients in fabric-enabled and nonfabric-enabled APs within the fabric
Selected Answer: A
Question #: 454
Topic #: 1
Refer to the exhibit. An engineer must permit traffic from these networks and block all other traffic. An informational log message should be triggered when traffic enters from these prefixes. Which access list must be used?
A. access-list acl_subnets permit ip 10.0.32.0 0.0.7.255 access-list acl_subnets deny ip any log
B. access-list acl_subnets permit ip 10.0.32.0 255.255.248.0 log
C. access-list acl_subnets permit ip 10.0.32.0 0.0.7.255 log
D. access-list acl_subnets permit ip 10.0.32.0 0.0.0.255 log
Selected Answer: C
Question #: 455
Topic #: 1
Which measure is used by an NTP server to indicate its closeness to the authoritative time source?
A. stratum
B. time zone
C. latency
D. hop count
Selected Answer: A
Question #: 456
Topic #: 1
When is the Design workflow used in Cisco DNA Center?
A. in a greenfield deployment, with no existing infrastructure
B. in a greenfield or brownfield deployment, to wipe out existing data
C. in a brownfield deployment, to modify configuration of existing devices in the network
D. in a brownfield deployment, to provision and onboard new network devices
Selected Answer: A
Question #: 457
Topic #: 1
What are two characteristics of VXLAN? (Choose two)
A. It lacks support for host mobility.
B. It uses VTEPs to encapsulate and decapsulate frames.
C. It allows for up to 16 million VXLAN segments.
D. It extends Layer 2 and Layer 3 overlay networks over a Layer 2 underlay.
E. It has a 12-bit network identifier.
Selected Answer: BC
Question #: 458
Topic #: 1
Refer to the exhibit. An engineer configures OSPF and wants to verify the configuration. Which configuration is applied to this device?
A. R1(config)#interface Gi0/1 R1(config-if)#ip ospf enable R1(contig-if)#ip ospf network broadcast R1(config-if)#no shutdown
B. R1(config)#router ospf 1 R1(config-router)#network 0.0.0.0 0.0.0.0 area 0 R1(config-router)#no passive-interface Gi0/1
C. R1(config)#interface Gi0/1 R1(config-if)#ip ospf 1 area 0 R1(config-if)#no shutdown
D. R1(config)#router ospf 1 R1(config-router)#network 192.168.50.0 0.0.0.255 area 0
Selected Answer: C
Question #: 459
Topic #: 1
What is the function of a control-plane node in a Cisco SD-Access solution?
A. to run a mapping system that manages endpoint to network device relationships
B. to implement policies and communicate with networks outside the fabric
C. to connect external Layer 3 networks to the SD-Access fabric
D. to connect APs and wireless endpoints to the SD-Access fabric
Selected Answer: A
Question #: 460
Topic #: 1
What is a characteristic of a Type 2 hypervisor?
A. It eliminates the need for an underlying operating system.
B. Problems in the base operating system can affect the entire system.
C. Its main task is to manage hardware resources between different operating systems.
D. It is completely independent of the operating system.
Selected Answer: B
Question #: 461
Topic #: 1
What is the purpose of a data modeling language?
A. to describe the structure and meaning of exchanged data
B. to standardize the procedures that are executed when parsing sent and received data
C. to establish a framework to process data by using an object-oriented programming approach
D. to specify the rules for transcoding between text and binary data encodings
Selected Answer: A
Question #: 462
Topic #: 1
Which IPv4 packet field carries the QoS IP classification marking?
A. ID
B. TTL
C. FCS
D. ToS
Selected Answer: D
Question #: 463
Topic #: 1
Which two solutions are used for backing up a Cisco DNA Center Assurance database? (Choose two.)
A. bare metal server
B. remote server
C. NFS share
D. local server
E. non-linux server
Selected Answer: E
Question #: 464
Topic #: 1
Refer to the exhibit. Communication between R2 and R3 over FastEthenet1/1 falls. What is the root cause of the failure?
A. The subnet mask is different between the two interfaces.
B. The interface of R3 is not operational.
C. The wrong type of cable is connected between the two interfaces.
D. IP CEF is disabled on R3.
Selected Answer: A
Question #: 465
Topic #: 1
What is one characteristic of the Cisco SD-Access control plane?
A. It allows host mobility only in the wireless network.
B. It is based on VXLAN technology.
C. Each router processes every possible destination and route.
D. It stores remote routes in a centralized database server.
Selected Answer: D
Question #: 466
Topic #: 1
A customer transitions a wired environment to a Cisco SD-Access solution. The customer does not want to integrate the wireless network with the fabric. Which wireless deployment approach enables the two systems to coexist and meets the customer requirement?
A. Deploy the wireless network over the top of the fabric.
B. Implement a Cisco DNA Center to manage the two networks.
C. Deploy a separate network for the wireless environment.
D. Deploy the APs in autonomous mode.
Selected Answer: A
Question #: 467
Topic #: 1
By default, which virtual MAC address does HSRP group 14 use?
A. 04:17:01:05:7c:0e
B. 00:05:0c:07:ac:14
C. 00:00:0c:07:ac:0e
D. 00:05:5e:19:0c:14
Selected Answer: C
Question #: 468
Topic #: 1
Which LISP component decapsulates messages and forwards them to the map server responsible for the egress tunnel routers?
A. Router Locator
B. Map Resolver
C. Proxy ETR
D. Ingress Tunnel Router
Selected Answer: D
Question #: 469
Topic #: 1
An engineer must design a wireless network for a school system based on these requirements:
✑ The network must be able to triangulate client location based on RSSI.
✑ Each client must be able to sustain 5 Mbps of throughput at all times.
✑ Each classroom has up to 30 clients.
✑ Primary coverage is 5 GHz.
Which design should be used?
A. Place APs in a grid orientation throughout the building, located as close as possible to the center of each classroom.
B. Mount one AP in the center of each classroom.
C. Space APs evenly on both sides of the hallways.
D. Place APs near exterior walls and corners of the building, and fill in the center area with a staggered pattern.
Selected Answer: D
Question #: 470
Topic #: 1
Refer to the exhibit. Which command must be applied to R2 for an OSPF neighborship to form?
A. network 20.1.1.0 0.0.0.0 area 0
B. network 20.1.1.2 0.0.0.0 area 0
C. network 20.0.0.2 0.0.0.3 area 0
D. network 20.0.0.2 0.0.0.0 area 0
Selected Answer: B
Question #: 471
Topic #: 1
What is one characteristic of VXLAN?
A. It supports a maximum of 4096 VLANs
B. It supports multitenant segments
C. It uses STP to prevent loops in the underlay network
D. It uses the Layer 2 header to transfer packets through the network underlay
Selected Answer: B
Question #: 472
Topic #: 1
What is the function of vBond in a Cisco SD-WAN deployment?
A. initiating connections with SD-WAN routers automatically
B. pushing of configuration toward SD-WAN routers
C. onboarding of SD-WAN routers into the SD-WAN overlay
D. gathering telemetry data from SD-WAN routers
Selected Answer: C
Question #: 473
Topic #: 1
Refer to the exhibit. A network administrator configured RSPAN to troubleshoot an issue between switch 1 and switch2. The switches are connected using interface GigabitEthernet 1/1. An external packet capture device is connected to swich2 interface GigabitEthernet 1/2. Which two commands must be added to complete this configuration? (Choose two.)
A. switch2(config-if)# switchport trunk allowed vlan 10,20,30,40,50,60,70-80
B. switch2(config)# monitor session 1 source remote vlan 70 switch2(config)# monitor session 1 destination interface GigabitEthernet1/2
C. switch1(config)# interface GigabitEthernet 1/1 switch1 (config-if)# switchport mode access switch1 (config-if)# switchport access vlan 10 switch2(config)# interface GigabitEthernet 1/1 switch2(config-if)# switchport mode access switch2(config-if)# switchport access vlan 10
D. switch2(config)# monitor session 2 destination vlan 10
E. switch2(config)# monitor session 1 source remote vlan 70 switch2(config)# monitor session 1 destination interface GigabitEthernet1/1
Selected Answer: AB
Question #: 474
Topic #: 1
Which function does a Cisco SD-Access extended node perform?
A. provides fabric extension to nonfabric devices through remote registration and configuration
B. performs tunneling between fabric and nonfabric devices to route traffic over unknown networks
C. used to extend the fabric connecting to downstream nonfabric enabled Layer 2 switches
D. in charge of establishing Layer 3 adjacencies with nonfabric unmanaged node
Selected Answer: C
Question #: 475
Topic #: 1
Which router is elected the IGMP Querier when more than one router is in the same LAN segment?
A. The router with the shortest uptime.
B. The router with the longest uptime.
C. The router with the highest IP address.
D. The router with the lowest IP address.
Selected Answer: D
Question #: 476
Topic #: 1
DRAG DROP –
Drag and drop the characteristics from the left onto the switching mechanisms they describe on the right.
Select and Place:
Suggestion Answer:
Question #: 477
Topic #: 1
In which two ways does the routing protocol OSPF differ from EIGRP? (Choose two.)
A. OSPF provides shorter convergence time than EIGRP.
B. OSPF supports only equal-cost load balancing EIGRP supports unequal-cost load balancing.
C. OSPF is distance vector protocol. EIGRP is a link-state protocol.
D. OSPF supports an unlimited number of hops EIGRP supports a maximum of 255 hops.
E. OSPF supports unequal-cost load balancing EIGRP supports only equal-cost load balancing.
Selected Answer: BD
Question #: 478
Topic #: 1
Refer to the exhibit. A network engineer must configure the router to use the ISE-Servers group for authentication. If both ISE servers are unavailable, the local username database must be used. If no usernames are defined in the configuration, then the enable password must be the last resort to log in. Which configuration must be applied to achieve this result?
A. aaa authorization exec default group ISE-Servers local enable
B. aaa authentication login error-enable aaa authentication login default group enable local ISE-Servers
C. aaa authentication login default group ISE-Servers local enable
D. aaa authentication login default group enable local ISE-Servers
Selected Answer: C
Question #: 479
Topic #: 1
When using BFD in a network design, which consideration must be made?
A. BFD is used with dynamic routing protocols to provide subsecond convergence.
B. BFD is used with first hop routing protocols to provide subsecond convergence.
C. BFD is used with NSF and graceful to provide subsecond convergence.
D. BFD is more CPU-intensive than using reduced hold timers with routing protocols.
Selected Answer: A
Question #: 480
Topic #: 1
Refer to the exhibit. Which command filters the ERSPAN session packets only to interface GigabitEthernet1?
A. source ip 10.10.10.1
B. filter access-group 10
C. destination ip 10.10.10.1
D. source interface gigabitethernet1 ip 10.10.10.1
Selected Answer: B
Question #: 481
Topic #: 1
Refer to the exhibit. Traffic is not passing between SW1 and SW2. Which action fixes the issue?
A. Configure switch port mode to ISL on S2
B. Configure LACP mode on S1 to active
C. Configure PAgP mode on S1 to desirable
D. Configure LACP mode on S1 to passive
Selected Answer: C
Question #: 482
Topic #: 1
Refer to the exhibit. An engineer configures a new HSRP group. While reviewing the HSRP status, the engineer sees the logging message generated on R2.
What is the cause of the message?
A. The HSRP configuration has caused a routing loop
B. The same virtual IP address has been configured for two HSRP groups
C. A PC is on the network using the IP address 10.10.1.1
D. The HSRP configuration has caused a spanning-tree loop
Selected Answer: B
Question #: 483
Topic #: 1
DRAG DROP –
Drag and drop the characteristics from the left onto the switching architectures on the right.
Select and Place:
Suggestion Answer:
Question #: 484
Topic #: 1
A server running Linux is providing support for virtual machines along with DNS and DHCP services for a small business. Which technology does this represent?
A. container
B. Type 1 hypervisor
C. Type 2 hypervisor
D. hardware pass-thru
Selected Answer: C
Question #: 485
Topic #: 1
DRAG DROP –
Drag and drop the characteristics from the left onto the deployment types on the right.
Select and Place:
Suggestion Answer:
Question #: 486
Topic #: 1
DRAG DROP –
Drag and drop the characteristics from the left onto the routing protocols they describe on the right.
Select and Place:
Suggestion Answer:
Question #: 487
Topic #: 1
Which features does Cisco EDR use to provide threat detection and response protection?
A. containment, threat intelligence, and machine learning
B. firewalling and intrusion prevention
C. container-based agents
D. cloud analysis and endpoint firewall controls
Selected Answer: A
Question #: 488
Topic #: 1
An engineer is configuring Local WebAuth on a Cisco Wireless LAN Controller. According to RFC 5737, which virtual IP address must be used in this configuration?
A. 172.20.10.1
B. 192.168.0.1
C. 1.1.1.1
D. 192.0.2.1
Selected Answer: D
Question #: 489
Topic #: 1
Refer to the exhibit. The OSPF neighborship fails between two routers. What is the cause of this issue?
A. The OSPF process is stopped on the neighbor router.
B. The OSPF router ID is missing on this router.
C. The OSPF router ID is missing on the neighbor router.
D. There is an MTU mismatch between the two routers.
Selected Answer: D
Question #: 490
Topic #: 1
What is one benefit of adopting a data modeling language?
A. augmenting the use of management protocols like SNMP for status subscriptions
B. refactoring vendor and platform specific configurations with widely compatible configurations
C. augmenting management process using vendor centric actions around models
D. deploying machine-friendly codes to manage a high number of devices
Selected Answer: B
