1.0 Architecture 15%

Question 1

What are the components of the Cisco Enterprise 3-tier architecture?

Answer 1

Core Layer
Distribution Layer
Access Layer

Question 2

layer that provides network connectivity for end-user devices such as computers, printers, and IP phones

Answer 2

Access Layer

Question 3

Ideal layer to perform user authentication, port security, Network Admission Control (NAC), Quality of Service (Qos) classification and marking, and Power over Ethernet (PoE).

Answer 3

Access Layer

Question 4

What is the purpose of classification and marking?

Answer 4

ensure that different categories of traffic, such as voice, video, and data, receive enough bandwidth to ensures acceptable levels of service through the network

Question 5

Layer that is traditionally implemented with multilayer switches, performs QoS resource reservation, interVLAN routing, packet manipulation, route filtering, and summarization

Answer 5

Distribution Layer

Question 6

typically provides the fastest switching path in the network, and is primarily associated with low latency and high reliability

Answer 6

Core Layer

Question 7

Cisco two-tier architecture where the functionality of the core layer is provided by the distribution layer?

Answer 7

Collapsed Core

Question 8

What is a drawback of using a collapsed core design?

Answer 8

the topology does not scale well beyond a small number of swithces so it is only recommended for small campuses

Question 9

What modules make up the Cisco Enterprise Architecture model?

Answer 9

• Enterprise Campus
• Enterprise Edge
• Service Provider Edge
• Remote Locations

Question 10

What network services are provided by the data center submodule in the Cisco Enterprise Architecture Model?

Answer 10

• Applications
• Email
• DHCP
• DNS
• File Services

Question 11

provides connectivity to the service provider infrastructure and the internal network

Answer 11

Enterprise Edge

Question 12

module that contains teleworkers, branch offices, and any other enterprise network components that are geographically distant from the main headquarters

Answer 12

Remote Locations

Question 13

Internet, MPLS, Metro Ethernet and other WAN service providers are contained within what module?

Answer 13

Service Provider Edge

Question 14

Describe the attributes of the Hot Standby Routing Protocol (HSRP)

Answer 14

• Cisco Proprietary
• HSRP gateways share a virtual IP and a Virtual MAC
• Each HSRP group contains one active router and one standby router
• Only the active router responds to ARP requests and forwards traffic

Question 15

Describe the attributes of the Virtual Router Redundancy Protocol (VRRP)

Answer 15

• IETF Standard
• VRRP gateways share a virtual IP and a Virtual MAC
• Each VRRP group contains one master virtual router and one or more backup virtual routers
• Only the master virtual router responds to ARP requests and forwards traffic

Question 16

Describe the attributes of the Gateway Load Balancing Protocol (GLBP)

Answer 16

• Cisco Proprietary
• Share a virtual IP address but have individual virtual MAC addresses
• Each GLBP group contains an Active Virtual Gateway (AVG), up to four Active Virtual Forwarders (AVFs), and several Secondary Virtual Forwarders (SVFs)
• The AVG and AVFs can all forward traffic thereby providing redundancy and load balancing

Question 17

What modes can a redundant supervisor module be configured in?

Answer 17

• Route-processor redundancy (RPR)
• RPR Plus (RPR+)
• Stateful Switchover (SSO)
• SSO with Nonstop Forwarding (NSF)

Question 18

What are the features of the Route-processor redundany (RPR) mode?

Answer 18

• standby supervisor module partially boots and intializes
• Failover time is greater than 2 minutes
• Traffic is disrupted

Question 19

What are the features of (RPR+) mode

Answer 19

• The standby supervisor fully boots and intialized without Layer 2 and Layer 3 functionality
• Failover time greater than 30 seconds
• Traffic is disrupted

Question 20

What are the features of SSO mode

Answer 20

• the standby supervisor fully boots, intializes, and synchronizes
• Failover time is greater than 1 second
• Layer 2 port states are maintained
• Layer 3 forwarding is disrupted

Question 21

What are features of SSO with NSF

Answer 21

• Failover time is reduced to milliseconds
• NSF-enabled devices prevent Layer 2 and Layer 3 disruptions

Question 22

Which deployment solution gives organizations more control and customization, is easier to secure, and has lower latency?

Answer 22

On-premises

Question 23

Which deployment model has lower-up front cost, does not require hiring of staff, and is easier to scale?

Answer 23

Cloud Deployment

Question 24

Which deployment model has higher up-front costs, requires hiring staff, and is harder to scale?

Answer 24

On-premises

Question 25

Which deployment model gives the service provider full control, is harder to secure, and has higher latency and service interuptions?

Answer 25

**Cloud Deployment**

Question 26

What are the four primary workflows of the DNA Center Applications?

Answer 26

* **DNA Design** * **DNA Policy** * **DNA Provision** * **DNA Assurance**

Question 27

What subsystems of Cisco DNA Center operate at the controller layer?

Answer 27

* **Network Control Platform (NCP)** * **Network Data Platform (NDP)**

Question 28

Provides the underlay and fabric automation for the network layer and physical layer

Answer 28

**Network Control Platform (NCP)**

Question 29

What facilitates the automation of the management tasks by enabling the controller to communicate with applications rather than relying on an administrator to manually intervene?

Answer 29

**Application Programming Interfaces (APIs)**

Question 30

NCP can configure network devices by using NETCONF which is what type of API?

Answer 30

**Southbound**

Question 31

What northbound API is used by NCP to communicate status information to the management plane?

Answer 31

**Representational State Transfer (REST)**

Question 32

What are some sources of information from which NDP can collect and analyze data and present it in a contextualized format to NCP and ISE?

Answer 32

* **Netflow** * **Switchport Analyzer (SPAN)**

Question 33

Which Cisco DNA Center subsystem provides status messages to the management layer?

Answer 33

**Network Data Platform (NDP)**

Question 34

What access layer mechanisms can Cisco ISE use to provide Network Access Control (NAC) and identy services?

Answer 34

* **802.1x** * **MAC Authentication Bypass (MAB)** * **Web Authentication (WebAuth)**

Question 35

What function of ISE translates administrator-created group-based policies into configuration changes that are automatically applied to network devices within the fabric?

Answer 35

**Policy Services**

Question 36

Which portion of the SDN fabric is the collection of devices, interfaces, and media that comprises the IP netowrk that connects each fabric node?

Answer 36

**Underlay Network**

Question 37

What are some routing protocols that are typically included in the underlay network?

Answer 37

* **IS-IS** * **OSPF** * **EIGRP**

Question 38

Why is IS-IS the Cisco recommended routing protocol for SDN networks, as opposed to OSPF or EIGRP?

Answer 38

**Because it typically performs better and is able to form neighbor relationships without a dependance on IP protocol configuration or operation**

Question 39

Which planes of the SDN fabric operate with the overlay network?

Answer 39

* **Data Plane** * **Control Plane**

Question 40

# True or False Only one overlay network can be implemented on top of a single underlay network?

Answer 40

**False. Multiple overlay networks can be implemented on a single underlay network.**

Question 41

What are some common overlay network protocols?

Answer 41

* **VXLAN** * **VRF** * **Network Virtualization using GRE (NVGRE)** * **GRE** * **Overlay Transport Virtualization (OTV)** * **Multicast VPN (mVPN)**

Question 42

What are the primary components of the Cisco SD-WAN solution and where dooes each reside?

Answer 42

* **vManage Network Management System (NMS) in the Management Plane** * **vEdge and cEdge Routers in the Data Plane** * **vBond Orchestrator in the Orchestration Plane** * **vSmart Controller in the Control Plane**

Question 43

Which SD-WAN component provides a single GUI to configure and manage the components of the SD-WAN architecture and can include enhanced monitoring and analysis capabilities?

Answer 43

**vManage NMS**

Question 44

What components manage the data plane, form the IP fabric, and handle all routing decisions of SD-WAN overlay network?

Answer 44

**vEdge and cEdge Routers**

Question 45

What are the features of the vBond component of the Cisco SD-WAN solution?

Answer 45

* **Manages the orchestration plane** * **Authenticates Edger routers and vSmart Controllers** * **Has a publicaly routable IP address** * **Uses load-balancing mechanisms to ensure efficient distribution of controllers**

Question 46

Which SD-WAN component manages the control plane and ensures that only authenticated devices can access the SD-WAN?

Answer 46

**vSmart Controller**

Question 47

What protocol is used by the vSmart Controller to distribute routing information, security keys, and policy configurations to Edge routers?

Answer 47

**Overlay Management Protocol**

Question 48

What type of tunnel is used by the vSmart controller to communicate with Edge routers and the vBond orchestrator?

Answer 48

**Datagram Transport Layer Security (DTLS) tunnels**

Question 49

What type of wireless deployment has the WLC in a data center or near the network core in order to maximize the number of number of APs joined to it based on the concept that most of the resources users need to reach are located together?

Answer 49

**Centralized Deployment**

Question 50

How does a centralized wireless deployment affect security?

Answer 50

**A centralized WLC enables security policies for wireless clients to be centralized as well.**

Question 51

How many APs and wireless clients can one large enterprise WLC support?

Answer 51

**6000 APs and 64,000 clients**

Question 52

What type of wireless deployment uses fully functional, stand-alone access points that do not need a WLC?

Answer 52

**Autonomous Deployment**

Question 53

Distributed wireless deployments that use APs with embedded wireless controllers (EWCs) are considered what category of wireless deployments?

Answer 53

**Controller-less deployment**

Question 54

What are the two categories of wireless deployments?

Answer 54

**Controller-based and Controller-less**

Question 55

How does an autonomous deployment affect the data path compared to a centralized deployment?

Answer 55

**An autonomous deployment allows clients to send traffic to each other directly through the autonomous access point, whereas the centralized deployment requires clients to send traffic though the access point, over a CAPWAP tunnel to the WLC, then information is dencapsulated, inspected, reencapsulated, then sent back down to the intended recipient wireless client**