Multi_Hard Flashcards

Question 1

Q

Question 1
A company plans to implement intent-based networking in its campus infrastructure. Which design facilities a migrate from a traditional campus design to a programmer fabric designer?

A. Layer 2 access
 B. three-tier
 C. two-tier
 D. routed access

Answer

A

Answer:D

Explanation

For campus designs requiring simplified configuration, common end-to-end troubleshooting tools, and the fastest convergence, a design using Layer 3 switches in the access layer (routed access) in combination with Layer 3 switching at the distribution layer and core layers provides the most rapid convergence of data and control plane traffic flows.

Reference:https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html#Layer_3_Routed_Access_Introduction
Campus fabric runs over arbitrary topologies: + Traditional 3-tier hierarchical network + Collapsed core/aggregation designs + Routed access + U-topology
Ideal design is routed access –allows fabric to extend to very edge of campus network
Reference:https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2017/pdf/BRKCRS-2812.pdf
From above references, we see that campus infrastructure does not include two-tier topology.

Question 2

Q

Question 2
Which benefit is offered by a cloud infrastructure deployment but is lacking in an on-premises deployment?

A. efficient scalability

B. virtualization
 C. storage capacity
 D. supported systems

Question 3

Q

Question 3
What is a benefit of deploying an on-premises infrastructure versus a cloud infrastructure deployment?

A. faster deployment times because additional infrastructure does not need to be purchased
 B. lower latency between systems that are physically located near each other
 C. less power and cooling resources needed to run infrastructure on-premises
 D. ability to quickly increase compute power without the need to install additional hardware

Answer

A

Answer:B

Explanation

The difference between on-premise and cloud is essentially where this hardware and software resides. On-premise means that a company keeps all of this IT environment onsite either managed by themselves or a third-party. Cloud means that it is housed offsite with someone else responsible for monitoring and maintaining it.

Question 4

Q

Question 4
What are two reasons a company would choose a cloud deployment over an on-prem deployment? (Choose two)

A. Cloud deployments require long implementation times due to capital expenditure processes. OnPrem deployments can be accomplished quickly using operational expenditure processes
 B. Cloud costs adjust up or down depending on the amount of resources consumed. On- Prem costs for hardware, power, and space are ongoing regardless of usage
 C. In a cloud environment, the company controls technical issues. On-prem environments rely on the service provider to resolve technical issue
 D. Cloud resources scale automatically to an increase in demand. On-prem requires additional capital expenditure
 E. In a cloud environment, the company is in full control of access to their data. On-prem risks access to data due to service provider outages

Answer

A

Answer:B D

Question 5

Q

Question 5
In a Cisco Catalyst switch equipped with two supervisor modules an administrator must temporally remove the active supervisor from the chassis to perform hardware maintenance on it. Which mechanism ensure that the active supervisor removal is not disruptive to the network operation?

A. NSF/NSR
 B. SSO
 C. HSRP
 D. VRRP

Answer

A

Answer:B

Explanation

Stateful Switchover (SSO) provides protection for network edge devices with dual Route Processors (RPs) that represent a single point of failure in the network design, and where an outage might result in loss of service for customers.
Reference:https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/configuration/guide/sy_swcg/stateful_switchover.html

Question 6

Q

Question 6
Which function does a fabric edge node perform in an SD-Access deployment?

A. Connects the SD-Access fabric to another fabric or external Layer 3 networks
 B. Connects endpoints to the fabric and forwards their traffic
 C. Provides reachability border nodes in the fabric underlay
 D. Encapsulates end-user data traffic into LISP.

Answer

A

Answer:B

Explanation

There are five basic device roles in the fabric overlay: + Control plane node: This node contains the settings, protocols, and mapping tables to provide the endpoint-to-location (EID-to-RLOC) mapping system for the fabric overlay. + Fabric border node: This fabric device (for example, core layer device) connects external Layer 3 networks to the SDA fabric. + Fabric edge node: This fabric device (for example, access or distribution layer device) connects wired endpoints to the SDA fabric. + Fabric WLAN controller (WLC): This fabric device connects APs and wireless endpoints to the SDA fabric. + Intermediate nodes: These are intermediate routers or extended switches that do not provide any sort of SD-Access fabric role other than underlay services.

Reference: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide

Question 7

Q

Question 7
Which action is the vSmart controller responsible for in an SD-WAN deployment?

A. onboard vEdge nodes into the SD-WAN fabric
 B. distribute security information for tunnel establishment between vEdge routers
 C. manage, maintain, and gather configuration and status for nodes within the SD-WAN fabric
 D. gather telemetry data from vEdge routers

Answer

A

Answer:B

Explanation

+Orchestration plane (vBond)assists in securelyonboarding the SD-WAN WAN Edge routers into the SD-WAN overlay(-> Therefore answer A mentioned about vBond). The vBond controller, or orchestrator, authenticates and authorizes the SD-WAN components onto the network. The vBond orchestrator takes an added responsibility to distribute the list of vSmart and vManage controller information to the WAN Edge routers. vBond is the only device in SD-WAN that requires a public IP address as it is the first point of contact and authentication for all SD-WAN components to join the SD-WAN fabric. All other components need to know the vBond IP or DNS information.
+Management plane (vManage)is responsible for central configuration and monitoring. The vManage controller is the centralized network management system that provides a single pane of glass GUI interface to easily deploy, configure, monitor and troubleshoot all Cisco SD-WAN components in the network. (-> Answer C and answer D are about vManage)
+Control plane(vSmart)builds and maintains the network topology and make decisions on the traffic flows. The vSmart controller disseminates control plane information between WAN Edge devices, implements control plane policies and distributes data plane policies to network devices for enforcement (-> Answer B is about vSmart)

Question 8

Q

Question 8
Which statement about a Cisco APIC controller versus a more traditional SDN controller is true?

A. APIC uses a policy agent to translate policies into instructions
 B. APIC supports OpFlex as a Northbound protocol
 C. APIC does support a Southbound REST API
 D. APIC uses an imperative model

Answer

A

Answer:A

Explanation

The southbound protocol used by APIC is OpFlex that is pushed by Cisco as the protocol for policy enablement across physical and virtual switches.
Southbound interfaces are implemented with some called Service Abstraction Layer (SAL), which talks to the network elements via SNMP and CLI.
Note: Cisco OpFlex is a southbound protocol in a software-defined network (SDN).

Question 9

Q

Question 9
What is the role of a fusion router in an SD-Access solution?

A. provides connectivity to external networks
 B. acts as a DNS server
 C. performs route leaking between user-defined virtual networks and shared services
 D. provides additional forwarding capacity to the fabric

Answer

A

Answer:C

Explanation

Today the Dynamic Network Architecture Software Defined Access (DNA-SDA) solution requires a fusion router to perform VRF route leaking between user VRFs and Shared-Services, which may be in the Global routing table (GRT) or another VRF. Shared Services may consist of DHCP, Domain Name System (DNS), Network Time Protocol (NTP), Wireless LAN Controller (WLC), Identity Services Engine (ISE), DNAC components which must be made available to other virtual networks (VN’s) in the Campus.
Reference:https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/dna-center/213525-sda-steps-to-configure-fusion-router.html

Question 10

Q

Question 10
How does a fabric AP fit in the network?

A. It is in local mode and must be connected directly to the fabric border node
 B. It is in FlexConnect mode and must be connected directly to the fabric border node
 C. It is in local mode an must connected directly to the fabric edge switch
 D. It is in FlexConnect mode and must be connected directly to the fabric edge switch

Answer

A

Answer:C

Explanation

Fabric mode APs continue to support the same wireless media services that traditional APs support; apply AVC, quality of service (QoS), and other wireless policies; and establish the CAPWAP control plane to the fabric WLC.Fabric APs join as local-mode APs and must be directly connected to the fabric edge node switchto enable fabric registration events, including RLOC assignment via the fabric WLC. The fabric edge nodes use CDP to recognize APs as special wired hosts, applying special port configurations and assigning the APs to a unique overlay network within a common EID space across a fabric. The assignment allows management simplification by using a single subnet to cover the AP infrastructure at a fabric site.
Reference:https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/sda-sdg-2019oct.html

Question 11

Q

Question 11
On which protocol or technology is the fabric data plane based in Cisco SD-Access fabric?

A. LISP
 B. IS-IS
 C. Cisco TrustSec
 D. VXLAN

Answer

A

Answer:D

Explanation

The tunneling technology used for the fabric data plane is based on Virtual Extensible LAN (VXLAN). VXLAN encapsulation is UDP based, meaning that it can be forwarded by any IP-based network (legacy or third party) and creates the overlay network for the SD-Access fabric. Although LISP is the control plane for the SD-Access fabric, it does not use LISP data encapsulation for the data plane; instead, it uses VXLAN encapsulation because it is capable of encapsulating the original Ethernet header to perform MAC-in-IP encapsulation, while LISP does not. Using VXLAN allows the SD-Access fabric to support Layer 2 and Layer 3 virtual topologies (overlays) and the ability to operate over any IP-based network with built-in network segmentation (VRF instance/VN) and built-in group-based policy.
Reference: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide

Question 12

Q

Question 12
Which description of an SD-Access wireless network infrastructure deployment is true?

A. The access point is part of the fabric underlay
 B. The WLC is part of the fabric underlay
 C. The access point is part the fabric overlay
 D. The wireless client is part of the fabric overlay

Answer

A

Answer:C

Explanation

Access Points + AP is directly connected to FE (or to an extended node switch) + AP is part of Fabric overlay
Reference:https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2018/pdf/BRKEWN-2020.pdf

Question 13

Q

Question 13
Which controller is the single plane of management for Cisco SD-WAN?

A. vBond
 B. vEdge
 C. vSmart
 D. vManage

Answer

A

Answer:D

Explanation

The primary components for the Cisco SD-WAN solution consist of thevManage network management system (management plane), the vSmart controller (control plane), the vBond orchestrator (orchestration plane), and the vEdge router (data plane).
+ vManage – This centralized network management system provides a GUI interface to easily monitor, configure, and maintain all Cisco SD-WAN devices and links in the underlay and overlay network.
+ vSmart controller – This software-based component is responsible for the centralized control plane of the SD-WAN network. It establishes a secure connection to each vEdge router and distributes routes and policy information via the Overlay Management Protocol (OMP), acting as a route reflector. It also orchestrates the secure data plane connectivity between the vEdge routers by distributing crypto key information, allowing for a very scalable, IKE-less architecture.
+ vBond orchestrator – This software-based component performs the initial authentication of vEdge devices and orchestrates vSmart and vEdge connectivity. It also has an important role in enabling the communication of devices that sit behind Network Address Translation (NAT).
+ vEdge router – This device, available as either a hardware appliance or software-based router, sits at a physical site or in the cloud and provides secure data plane connectivity among the sites over one or more WAN transports. It is responsible for traffic forwarding, security, encryption, Quality of Service (QoS), routing protocols such as Border Gateway Protocol (BGP) and Open Shortest Path First (OSPF), and more.
Reference:https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/SDWAN/CVD-SD-WAN-Design-2018OCT.pdf

Question 14

Q

Question 14
When a wired client connects to an edge switch in an SDA fabric, which component decides whether the client has access to the network?

A. control-plane node
 B. Identity Service Engine
 C. RADIUS server
 D. edge node

Question 15

Q

Question 15
What are two device roles in Cisco SD-Access fabric? (Choose two)

A. core switch
 B. vBond controller
 C. edge node
 D. access switch
 E. border node

Answer

A

Answer:C E

Explanation

There are five basic device roles in the fabric overlay: + Control plane node: This node contains the settings, protocols, and mapping tables to provide the endpoint-to-location (EID-to-RLOC) mapping system for the fabric overlay. +Fabric border node: This fabric device (for example, core layer device) connects external Layer 3 networks to the SDA fabric. +Fabric edge node: This fabric device (for example, access or distribution layer device) connects wired endpoints to the SDA fabric. + Fabric WLAN controller (WLC): This fabric device connects APs and wireless endpoints to the SDA fabric. + Intermediate nodes: These are intermediate routers or extended switches that do not provide any sort of SD-Access fabric role other than underlay services.

Question 16

Q

Question 16
Which requirement for an Ansible-managed node is true?

A. It must be a Linux server or a Cisco device
 B. It must have an SSH server running
 C. It must support ad hoc commands
 D. It must have an Ansible Tower installed

Answer

A

Answer:B

Explanation

Ansible-managed node can be a Juniper device or other vendors’ device as well so answer A is not correct.
Ansible communicates with managed node via SSH -> Answer B is correct.
An Ansible ad-hoc command uses the /usr/bin/ansible command-line tool to automate a single task on one or more managed nodes. Ad-hoc commands are quick and easy, but they are not reusable -> It is not a requirement either -> Answer C is not correct.
Ansible Tower is a web-based solution that makes Ansible even more easy to use for IT teams of all kinds. But it is not a requirement to run Ansible -> Answer D is not correct.

Note: Managed Nodes are the network devices (and/or servers) you manage with Ansible. Managed nodes are also sometimes called “hosts”. Ansible is not installed on managed nodes.

Question 17

Q

Question 17
Which statement about TLS is true when using RESTCONF to write configurations on network devices?

A. It is provided using NGINX acting as a proxy web server
 B. It is no supported on Cisco devices
 C. It required certificates for authentication
 D. It is used for HTTP and HTTPs requests

Answer

A

Answer:A

Explanation

When a device boots up with the startup configuration, thenginxprocess will be running.NGINX is an internal webserver that acts as a proxy webserver. It provides Transport Layer Security (TLS)-based HTTPS. RESTCONF request sent via HTTPS is first received by the NGINX proxy web server, and the request is transferred to the confd web server for further syntax/semantics check.
Reference:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/168/b_168_programmability_cg/RESTCONF.html
The https-based protocol-RESTCONF (RFC 8040), which is a stateless protocol, uses secure HTTP methods to provide CREATE, READ, UPDATE and DELETE (CRUD) operations on a conceptual datastore containing YANG-defined data -> RESTCONF only uses HTTPs.
Note: In fact answer C is also correct:
RESTCONF servers MUST present an X.509v3-based certificate when establishing a TLS connection with a RESTCONF client. The use of X.509v3-based certificates is consistent with NETCONF over TLS.
Reference:https://tools.ietf.org/html/rfc8040
But answer A is still a better choice.

Question 18

Q

Question 18
Which two operations are valid for RESTCONF? (Choose two)

A. HEAD
 B. REMOVE
 C. PULL
 D. PATCH
 E. ADD
 F. PUSH

Answer

A

Answer:A D

Explanation

RESTCONF operations include OPTIONS, HEAD, GET, POST, PUT, PATCH, DELETE.
RESTCONF
Description
OPTIONS
Determine which methods are supported by the server.
GET
Retrieve data and metadata about a resource.
HEAD
The same as GET, but only the response headers are returned.
POST
Create a resource or invoke an RPC operation.
PUT
Create or replace a resource.
PATCH
Create or update (but not delete) various resources.
DELETE
Sent by a client to delete a target resource.

Question 19

Q

Question 19
Which method creates an EEM applet policy that is registered with EEM and runs on demand or manually?

A. event manager applet ondemand event register action 1.0 syslog priority critical msg ‘This is a message from ondemand’

B. event manager applet ondemand event manual action 1.0 syslog priority critical msg ‘This is a message from ondemand’

C. event manager applet ondemand event none action 1.0 syslog priority critical msg ‘This is a message from ondemand’

D. event manager applet ondemand action 1.0 syslog priority critical msg ‘This is a message from ondemand’

Answer

A

Answer:C

Explanation

An EEM policy is an entity that defines an event and the actions to be taken when that event occurs. There are two types of EEM policies: an applet or a script. An applet is a simple form of policy that is defined within the CLI configuration. A script is a form of policy that is written in Tool Command Language (Tcl).
There are two ways to manually run an EEM policy. EEM usually schedules and runs policies on the basis of an event specification that is contained within the policy itself. Theevent nonecommand allows EEM to identify an EEM policy that can be manually triggered. To run the policy, use either theaction policycommand in applet configuration mode or theevent manager runcommand in privileged EXEC mode.
Reference:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/configuration/xe-3s/eem-xe-3s-book/eem-policy-cli.html

Question 20

Q

Question 20
What does this EEM applet event accomplish?

“event snmp oid 1.3.6.1.3.7.1.5.1.2.4.2.9 get-type next entry-op ge entry-val 75 poll-interval 5”

A. It issues email when the value is greater than 75% for five polling cycles
 B. It reads an SNMP variable, and when the value exceeds 75%, it triggers an action
 C. It presents a SNMP variable that can be interrogated
 D. Upon the value reaching 75%, a SNMP event is generated and sent to the trap server

Answer

A

Answer:B

Explanation

EEM offers the ability to monitor events and take informational or corrective action when the monitored events occur or reach a threshold. An EEM policy is an entity that defines an event and the actions to be taken when that event occurs. There are two types of EEM policies: an applet or a script. An applet is a simple form of policy that is defined within the CLI configuration.
To specify the event criteria for an Embedded Event Manager (EEM) applet that is run by sampling Simple Network Management Protocol (SNMP) object identifier values, use the event snmp command in applet configuration mode. event snmp oidoid-valueget-type {exact | next} entry-opoperatorentry-valentry-value[exit-comb {or | and}] [exit-opoperator] [exit-valexit-value] [exit-timeexit-time-value]poll-intervalpoll-int-value
+ oid: Specifies the SNMP object identifier (object ID) + get-type: Specifies the type of SNMP get operation to be applied to the object ID specified by the oid-value argument. — next – Retrieves the object ID that is the alphanumeric successor to the object ID specified by the oid-value argument. + entry-op: Compares the contents of the current object ID with the entry value using the specified operator.If there is a match, an event is triggeredand event monitoring is disabled until the exit criteria are met. + entry-val: Specifies the value with which the contents of the current object ID are compared to decide if an SNMP event should be raised. + exit-op: Compares the contents of the current object ID with the exit value using the specified operator. If there is a match, an event is triggered and event monitoring is reenabled. + poll-interval: Specifies the time interval between consecutive polls (in seconds)
Reference:https://www.cisco.com/en/US/docs/ios/12_3t/12_3t4/feature/guide/gtioseem.html
In particular, this EEM will read the next value of above OID every 5 second and will trigger an action if the value is greater or equal (ge) 75%.

Question 21

Q

Question 21
What is the structure of a JSON web token?

A. three parts separated by dots header payload, and signature
 B. header and payload
 C. three parts separated by dots version header and signature
 D. payload and signature

Answer

A

Answer:A

Explanation

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.
JSON Web Tokens are composed of three parts, separated by a dot (.): Header, Payload, Signature. Therefore, a JWT typically looks like the following:
xxxxx.yyyyy.zzzzz
The header typically consists of two parts: the type of the token, which is JWT, and the signing algorithm being used, such as HMAC SHA256 or RSA. The second part of the token is the payload, which contains the claims. Claims are statements about an entity (typically, the user) and additional data. To create the signature part you have to take the encoded header, the encoded payload, a secret, the algorithm specified in the header, and sign that.
Reference:https://jwt.io/introduction/

Question 22

Q

Question 22
Refer to the exhibit. Which network script automation option or tool is used in the exhibit?

https://mydevice.mycompany.com/getstuff?queryName=errors&queryResults=yes

A. EEM
 B. Python
 C. Bash script
 D. NETCONF
 E. REST

Question 23

Q

Question 23
Which two protocols are used with YANG data models? (Choose two)

A. HTTPS
 B. SSH
 C. RESTCONF
 D. TLS
 E. NETCONF

Answer

A

Answer:C E

Explanation

YANG (Yet Another Next Generation) is a data modeling language for the definition of data sent over network management protocols such as the NETCONF and RESTCONF.

Question 24

Q

Question 24
Which protocol does REST API rely on to secure the communication channel?

A. TCP
 B. HTTPS
 C. SSH
 D. HTTP

Answer

A

Answer:B

Explanation

The REST API accepts and returns HTTP (not enabled by default) or HTTPS messages that contain JavaScript Object Notation (JSON) or Extensible Markup Language (XML) documents. You can use any programming language to generate the messages and the JSON or XML documents that contain the API methods or Managed Object (MO) descriptions.
Reference:https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide/b_Cisco_APIC_REST_API_Configuration_Guide_chapter_01.html

Question 25

Q

Question 25
Which data modeling language is commonly used by NETCONF?

A. HTML
 B. XML
 C. YANG
 D. REST

Answer

A

Answer:C

Explanation

Cisco IOS XE supports the Yet Another Next Generation (YANG) data modeling language. YANG can be used with the Network Configuration Protocol (NETCONF) to provide the desired solution of automated and programmable network operations. NETCONF(RFC6241) is an XML-based protocol that client applications use to request information from and make configuration changes to the device. YANG is primarily used to model the configuration and state data used by NETCONF operations.
Reference:https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/16-5/configuration_guide/prog/b_165_prog_9500_cg/data_models.pdf
Note: Although NETCONF also uses XML but XML is not a data modeling language.

Question 26

Q

Question 26
A response code of 404 is received while using the REST API on Cisco DNA Center to POST to this URL

/dna/intent/api/v1 /template-programmer/project

What does the code mean?

A. The client made a request a resource that does not exist
 B. The server has not implemented the functionality that is needed to fulfill the request
 C. The request accepted for processing, but the processing was not completed
 D. The POST/PUT request was fulfilled and a new resource was created, information about the resource is in the response body

Answer

A

Answer:A

Explanation

The 404 (Not Found) error status code indicates that the REST API can’t map the client’s URI to a resource but may be available in the future. Subsequent requests by the client are permissible.
Reference:https://restfulapi.net/http-status-codes/

Question 27

Q

Question 27
Which HTTP status code is the correct response for a request with an incorrect password applied to a REST API session?

A. HTTP Status Code 200
 B. HTTP Status Code 302
 C. HTTP Status Code 401
 D. HTTP Status Code 504

Answer

A

Answer:C

Explanation

A 401 error response indicates that the client tried to operate on a protected resource without providing the proper authorization. It may have provided the wrong credentials or none at all.
Note: A 4xx code indicates a “client error” while a 5xx code indicates a “server error”.
Reference:https://restfulapi.net/http-status-codes/

Question 28

Q

Question 28
In which part of the HTTP message is the content type specified?

A. HTTP method
 B. URI
 C. header
 D. body

Question 29

Q

Question 29
What do Cisco DNA southbound APIs provide?

A. Interface between the controller and the network devices
 B. NETCONF API interface for orchestration communication
 C. RESTful API interface for orchestrator communication
 D. Interface between the controller and the consumer

Answer

A

Answer:A

Explanation

The Southbound API is used to communicate with network devices.

Question 30

Q

Question 30
Which method displays text directly into the active console with a synchronous EEM applet policy?

A. event manager applet boom event syslog pattern ‘UP’ action 1.0 gets ‘logging directly to console’

B. event manager applet boom event syslog pattern ‘UP’ action 1.0 syslog priority direct msg ‘log directly to console’

C. event manager applet boom event syslog pattern ‘UP’ action 1.0 puts ‘logging directly to console’

D. event manager applet boom event syslog pattern ‘UP’ action 1.0 string ‘logging directly to console’

Answer

A

Answer:C

Explanation

To enable the action of printing data directly to the local tty when an Embedded Event Manager (EEM) applet is triggered, use theaction putscommand in applet configuration mode.
The following example shows how to print data directly to the local tty:
Router(config-applet)#event manager applet puts
Router(config-applet)#event none
Router(config-applet)#action 1 regexp “(.) (.) (.*)” “one two three” _match _sub1
Router(config-applet)#action 2 puts “match is $_match”
Router(config-applet)#action 3 puts “submatch 1 is $_sub1”
Router#event manager run puts
match is one two three
submatch 1 is one
Router#
Theaction putscommand applies to synchronous events. The output of this command for a synchronous applet is directly displayed to the tty, bypassing the syslog.
Reference:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/command/eem-cr-book/eem-cr-a1.html

Question 31

Q

Question 31
Which statement about agent-based versus agentless configuration management tools is true?

A. Agentless tools require no messaging systems between master and slaves.
 B. Agentless tools use proxy nodes to interface with slave nodes.
 C. Agent-based tools do not require a high-level language interpreter such as Python or Ruby on slave nodes.
 D. Agent-based tools do not require installation of additional software packages on the slave nodes.

Answer

A

Answer:A
Explanation
Agentless tool means that no software or agent needs to be installed on the client machines that are to be managed. Ansible is such an agentless tool. In contrast to agentless tool, agent-based tool requires software or agent to be installed on the client (-> Answer D is not correct).
In agentless tool, the master and slave nodes can communicate directly without the need of high-level language interpreter but agent-based tool requires interpreter to be installed on both master and slave nodes -> Answer C is not correct.
An agentless tool uses standard protocols, such as SSH, to push configurations down to a device (and it can be considered a “messaging system”).
Agentless tools like Ansible can directly communicate to slave nodes via SSH -> Answer B is not correct.
Therefore only answer A left. In this answer, “Messaging systems” should be understood as “additional software packages installed on slave nodes” to control nodes. Agentless tools do not require them.

Question 32

Q

Question 32
Which variable in an EEM applet is set when you use the sync yes option?

A. $_cli_result
 B. $_result
 C. $_string_result
 D. $_exit_status

Answer

A

Answer:D

Explanation

With Synchronous ( sync yes), the CLI command in question is not executed until the policy exits. Whether or not the command runs depends on the value for the variable _exit_status. If _exit_status is 1, the command runs, if it is 0, the command is skipped.

Question 33

Q

Question 33
Which protocol infers that a YANG data model is being used?

A. SNMP
 B. REST
 C. RESTCONF
 D. NX-API

Answer

A

Answer:C

Explanation

YANG (Yet Another Next Generation) is a data modeling language for the definition of data sent over network management protocols such as the NETCONF and RESTCONF.

Question 34

Q

Question 34
Which algorithms are used to secure REST API from brute attacks and minimize the impact?

A. SHA-512 and SHA-384
 B. MD5 algorithm-128 and SHA-384
 C. SHA-1, SHA-256, and SHA-512
 D. PBKDF2, BCrypt, and SCrypt

Answer

A

Answer:D

Explanation

One of the best practices to secure REST APIs is using password hash. Passwords must always be hashed to protect the system (or minimize the damage) even if it is compromised in some hacking attempts. There are many such hashing algorithms which can prove really effective for password security e.g. PBKDF2, bcrypt and scrypt algorithms.
Other ways to secure REST APIs are: Always use HTTPS, Never expose information on URLs (Usernames, passwords, session tokens, and API keys should not appear in the URL), Adding Timestamp in Request, Using OAuth, Input Parameter Validation.
Reference:https://restfulapi.net/security-essentials/
We should not use MD5 or any SHA (SHA-1, SHA-256, SHA-512…) algorithm to hash password as they are not totally secure.
Note: A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works.

Question 35

Q

Question 35
A network administrator is preparing a Python script to configure a Cisco IOS XE-based device on the network. The administrator is worried that colleagues will make changes to the device while the script is running. Which operation of the client manager in prevent colleague making changes to the device while the script is running?

A. m.lock(config=’running’)
 B. m.lock(target=’running’)
 C. m.freeze(target=’running’)
 D. m.freeze(config=’running’)

Answer

A

Answer:B

Explanation

The example below shows the usage of lock command:
def demo(host, user, names):
with manager.connect(host=host, port=22, username=user) as m:
with m.locked(target=’running’):
for n in names:
m.edit_config(target=’running’, config=template % n)
the command “m.locked(target=’running’)” causes a lock to be acquired on the running datastore.

Question 36

Q

Question 36
Which method of account authentication does OAuth 2.0 use within REST APIs?

A. username/role combination
 B. access tokens
 C. cookie authentication
 D. basic signature workflow

Answer

A

Answer:B

Explanation

The most common implementations of OAuth (OAuth 2.0) use one or both of these tokens: + access token: sent like an API key, it allows the application to access a user’s data; optionally, access tokens can expire. + refresh token: optionally part of an OAuth flow, refresh tokens retrieve a new access token if they have expired. OAuth2 combines Authentication and Authorization to allow more sophisticated scope and validity control.

Question 37

Q

Question 37
Which characteristic distinguishes Ansible from Chef?

A. Ansible lacks redundancy support for the master server. Chef runs two masters in an active/active mode
 B. Ansible uses Ruby to manage configurations. Chef uses YAML to manage configurations
 C. Ansible pushes the configuration to the client. Chef client pulls the configuration from the server
 D. The Ansible server can run on Linux, Unix or Windows. The Chef server must run on Linux or Unix

Answer

A

Answer:C

Explanation

Ansible works by connecting to your nodes and pushing out small programs, called “Ansible modules” to them. These programs are written to be resource models of the desired state of the system. Ansible then executes these modules (over SSH by default), and removes them when finished.
Chef is a much older, mature solution to configure management. Unlike Ansible, it does require an installation of an agent on each server, named chef-client. Also, unlike Ansible, it has a Chef server that each client pulls configuration from

Question 38

Q

Question 38
How is a data modeling language used?

A. To enable data to be easily structured, grouped validated, and replicated
 B. To represent finite and well-defined network elements that cannot be changed
 C. To model the flows of unstructured data within the infrastructure
 D. To provide human readability to scripting languages

Answer

A

Answer:A

Explanation

Customer needs are fast evolving. Typically, a network center is a heterogenous mix of various devices at multiple layers of the network. Bulk and automatic configurations need to be accomplished. CLI scraping is not flexible and optimal. Re-writing scripts many times, even for small configuration changes is cumbersome. Bulk configuration changes through CLIs are error-prone and may cause system issues. The solution lies in using data models-a programmatic and standards-based way of writing configurations to any network device, replacing the process of manual configuration. Data models are written in a standard, industry-defined language. Although configurations using CLIs are easier (more human-friendly), automating the configuration using data models results in scalability.

Question 39

Q

Question 39
What is used to validate the authenticity of the client and is sent in HTTP requests as a JSON object?

A. SSH
 B. HTTPS
 C. JWT
 D. TLS

Question 40

Q

Question 40
At which layer does Cisco DNA Center support REST controls?

A. EEM applets or scripts
 B. Session layer
 C. YMAL output from responses to API calls
 D. Northbound APIs

Question 41

Q

Question 41
Which two steps are required for a complete Cisco DNA Center upgrade? (Choose two)

A. golden image selection
 B. automation backup
 C. proxy configuration
 D. application updates
 E. system update

Answer

A

Answer:D E

Explanation

A complete Cisco DNA Center upgrade includes “System Update” and “Appplication Updates”

Question 42

Q

Question 42
Which tool is used in Cisco DNA Center to build generic configurations that are able to be applied on device with similar network settings?

A. Command Runner

B. Template Editor

C. Application Policies

D. Authentication Template

Answer

A

Answer:B

Explanation

Cisco DNA Center provides an interactive editor called Template Editor to author CLI templates. Template Editor is a centralized CLI management tool to help design a set of device configurations that you need to build devices in a branch. When you have a site, office, or branch that uses a similar set of devices and configurations, you can use Template Editor to build generic configurations and apply the configurations to one or more devices in the branch.
Reference:https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/1-3/user_guide/b_cisco_dna_center_ug_1_3/b_cisco_dna_center_ug_1_3_chapter_0111.html

Question 43

Q

Question 43
Which devices does Cisco DNA Center configure when deploying an IP-based access control policy?

A. All devices integrating with ISE

B. selected individual devices

C. all devices in selected sites

D. all wired devices

Question 44

Q

Question 44
What does the Cisco DNA Center use to enable the delivery of applications through a network and to yield analytics for innovation?

A. process adapters

B. Command Runner

C. intent-based APIs

D. domain adapters

Answer

A

Answer:C

Explanation

The Cisco DNA Center open platform for intent-based networking provides 360-degree extensibility across multiple components, including: +Intent-based APIsleverage the controller to enable business and IT applications to deliver intent to the network and to reap network analytics and insights for IT and business innovation. These enable APIs that allow Cisco DNA Center to receive input from a variety of sources, both internal to IT and from line-of-business applications, related to application policy, provisioning, software image management, and assurance. …
Reference:https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna-center/nb-06-dna-cent-plat-sol-over-cte-en.html

Question 45

Q

Question 45
An engineer uses the Design workflow to create a new network infrastructure in Cisco DNA Center. How is the physical network device hierarchy structured?

A. by location

B. by role

C. by organization

D. by hostname naming convention

Answer

A

Answer:A

Explanation

You can create a network hierarchy that represents your network’s geographical locations. Your network hierarchy can contain sites, which in turn contain buildings and areas. You can create site and building IDs to easily identify where to apply design settings or configurations later.
Reference:https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/1-2-5/user_guide/b_dnac_ug_1_2_5/b_dnac_ug_1_2_4_chapter_0110.html

Question 46

Q

Question 46
Which three methods does Cisco DNA Center use to discover devices? (Choose three)

A. CDP
 B. LLDP
 C. SNMP
 D. ping
 E. NETCONF
 F. a specified range of IP addresses

Answer

A

Answer:A B F

Question 47

Q

Question 47
Which two characteristics define the Intent API provided by Cisco DNA Center? (Choose two)

A. northbound API
 B. southbound API
 C. device-oriented
 D. business outcome oriented
 E. procedural

Answer

A

Answer:A D

Explanation

The Intent API is aNorthbound REST APIthat exposes specific capabilities of the Cisco DNA Center platform. The Intent API provides policy-based abstraction ofbusiness intent, allowing focus on an outcomerather than struggling with individual mechanisms steps.
Reference:https://developer.cisco.com/docs/dna-center/#!cisco-dna-center-platform-overview/intent-api-northbound

Question 48

Q

Question 48
Which method does Cisco DNA Center use to allow management of non-Cisco devices through southbound protocols?

A. It creates device packs through the use of an SDK
 B. It obtains MIBs from each vendor that details the APIs available.
 C. It uses an API call to interrogate the devices and register the returned data.
 D. It imports available APIs for the non-Cisco device in a CSV format.

Answer

A

Answer:A

Explanation

Cisco DNA Center allows customers to manage their non-Cisco devices through the use of a Software Development Kit (SDK) that can be used to create Device Packages for third-party devices.
Reference:https://developer.cisco.com/docs/dna-center/#!cisco-dna-center-platform-overview/multivendor-support-southbound

Question 49

Q

Question 49
When are multicast RPs required?

A. RPs are required only when using protocol independent multicast dense mode
 B. RPs are required for protocol independent multicast sparse mode and dense mode
 C. By default, the RP is needed periodically to maintain sessions with sources and receivers
 D. By default, the RP is needed only to start new sessions with sources and receivers

Answer

A

Answer:D

Explanation

A rendezvous point (RP) is required only in networks running Protocol Independent Multicast sparse mode (PIM-SM).
By default, the RP is needed only to start new sessions with sources and receivers.
Reference:https://www.cisco.com/c/en/us/td/docs/ios/solutions_docs/ip_multicast/White_papers/rps.html
For your information, in PIM-SM, only network segments with active receivers that have explicitly requested multicast data will be forwarded the traffic. This method of delivering multicast data is in contrast to the PIM dense mode (PIM-DM) model. In PIM-DM, multicast traffic is initially flooded to all segments of the network. Routers that have no downstream neighbors or directly connected receivers prune back the unwanted traffic.

Question 50

Q

Question 50
What mechanism does PIM use to forward multicast traffic?

A. PIM sparse mode uses a pull model to deliver multicast traffic

B. PIM dense mode uses a pull model to deliver multicast traffic

C. PIM sparse mode uses receivers to register with the RP

D. PIM sparse mode uses a flood and prune model to deliver multicast traffic

Answer

A

Answer:A

Explanation

PIM dense mode (PIM-DM) uses a push model to flood multicast traffic to every corner of the network. This push model is a brute-force method of delivering data to the receivers. This method would be efficient in certain deployments in which there are active receivers on every subnet in the network. PIM-DM initially floods multicast traffic throughout the network. Routers that have no downstream neighbors prune the unwanted traffic. This process repeats every 3 minutes.
PIM Sparse Mode (PIM-SM) uses a pull model to deliver multicast traffic. Only network segments with active receivers that have explicitly requested the data receive the traffic. PIM-SM distributes information about active sources by forwarding data packets on the shared tree. Because PIM-SM uses shared trees (at least initially), it requires the use of an RP. The RP must be administratively configured in the network.
Answer C seems to be correct but it is not, PIM spare mode uses sources (not receivers) to register with the RP. Sources register with the RP, and then data is forwarded down the shared tree to the receivers.
Reference: Selecting MPLS VPN Services Book, page 193

Question 51

Q

Question 51
What is the role of the RP in PIM sparse mode?

A. The RP responds to the PIM join messages with the source of requested multicast group

B. The RP maintains default aging timeouts for all multicast streams requested by the receivers

C. The RP acts as a control-plane node and does not receive or forward multicast packets

D. The RP is the multicast router that is the root of the PIM-SM shared multicast distribution tree

Answer

A

Answer:D

Explanation

The concept of joining the rendezvous point (RP) is called the RPT (Root Path Tree) or shared distribution tree. The RP is the root of our tree which decides where to forward multicast traffic to. Each multicast group might have different sources and receivers so we might have different RPTs in our network.

Question 52

Q

Question 52
What is the purpose of an RP in PIM?

A. secure the communication channel between the multicast sender and receiver.

B. ensure the shortest path from the multicast source to the receiver.

C. receive IGMP joins from multicast receivers.

D. send join messages toward a multicast source SPT

Answer

A

Answer:D

Explanation

In the figure below, we can see RP sent “join 234.1.1.1” message toward Source.

Reference:https://www.ciscolive.com/c/dam/r/ciscolive/apjc/docs/2018/pdf/BRKIPM-1261.pdf

Question 53

Q

Question 53
Which router is elected the IGMP Querier when more than one router is in the same LAN segment?

A. The router with the shortest uptime

B. The router with the lowest IP address

C. The router with the highest IP address

D. The router with the longest uptime

Answer

A

Answer:B

Explanation

Query messages are used to elect the IGMP querier as follows: 1. When IGMPv2 devices start, they each multicast a general query message to the all-systems group address of 224.0.0.1 with their interface address in the source IP address field of the message. 2. When an IGMPv2 device receives a general query message, the device compares the source IP address in the message with its own interface address.The device with the lowest IP address on the subnet is elected the IGMP querier. 3. All devices (excluding the querier) start the query timer, which is reset whenever a general query message is received from the IGMP querier. If the query timer expires, it is assumed that the IGMP querier has gone down, and the election process is performed again to elect a new IGMP querier.
Reference:https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/15-2_2_e/multicast/configuration_guide/b_mc_1522e_3750x_3560x_cg/b_ipmc_3750x_3560x_chapter_01000.html

Question 54

Q

Question 54
Refer to this output What is the logging severity level?

R1#Feb 14 37:15:12:429: %LINEPROTO-5-UPDOWN Line protocol on interface GigabitEthernet0/1. Change state to up

A. Notification
 B. Alert
 C. Critical
 D. Emergency

Answer

A

Answer:A

Explanation

Syslog levels are listed below:
Level
Keyword
Description
0
emergencies
System is unusable
1
alerts
Immediate action is needed
2
critical
Critical conditions exist
3
errors
Error conditions exist
4
warnings
Warning conditions exist
5
notification
Normal, but significant, conditions exist
6
informational
Informational messages
7
debugging
Debugging messages
Number “5” in “%LINEPROTO-5- UPDOWN” is the severity level of this message so in this case it is “notification”.

Question 55

Q

Question 55
When using TLS for syslog, which configuration allows for secure and reliable transportation of messages to its default port?

A. logging host 10.2.3.4 vrf mgmt transport tcp port 6514
 B. logging host 10.2.3.4 vrf mgmt transport udp port 6514
 C. logging host 10.2.3.4 vrf mgmt transport tcp port 514
 D. logging host 10.2.3.4 vrf mgmt transport udp port 514

Answer

A

Answer:A

Explanation

The TCP port 6514 has been allocated as the default port for syslog over Transport Layer Security (TLS).
Reference:https://tools.ietf.org/html/rfc5425

Question 56

Q

Question 56
Which component of the Cisco Cyber Threat Defense solution provides user and flow context analysis?

A. Cisco Firepower and FireSIGHT

B. Cisco Stealthwatch system

C. Advanced Malware Protection

D. Cisco Web Security Appliance

Answer

A

Answer:B

Explanation

The goal of the Cyber Threat Defense solution is to introduce a design and architecture that can help facilitate the discovery, containment, and remediation of threats once they have penetrated into the network interior.
Cisco Cyber Threat Defense version 2.0 makes use of several solutions to accomplish its objectives:
* NetFlow and the Lancope StealthWatch System – Broad visibility –User and flow context analysis – Network behavior and anomaly detection – Incident response and network forensics
* Cisco FirePOWER and FireSIGHT – Real-time threat management – Deeper contextual visibility for threats bypassing the perimeters – URL control
* Advanced Malware Protection (AMP) – Endpoint control with AMP for Endpoints – Malware control with AMP for networks and content
* Content Security Appliances and Services – Cisco Web Security Appliance (WSA) and Cloud Web Security (CWS) – Dynamic threat control for web traffic – Outbound URL analysis and data transfer controls – Detection of suspicious web activity – Cisco Email Security Appliance (ESA) – Dynamic threat control for email traffic – Detection of suspicious email activity
* Cisco Identity Services Engine (ISE) – User and device identity integration with Lancope StealthWatch – Remediation policy actions using pxGrid
Reference:https://www.cisco.com/c/dam/en/us/td/docs/security/network_security/ctd/ctd2-0/design_guides/ctd_2-0_cvd_guide_jul15.pdf

Question 57

Q

Question 57
Which statement about the default QoS configuration on a Cisco switch is true?

A. All traffic is sent through four egress queues

B. Port trust is enabled

C. The Port Cos value is 0

D. The Cos value of each tagged packet is modified

Question 58

Q

Question 58
Which QoS mechanism will prevent a decrease in TCP performance?

A. Shaper

B. Policer

C. WRED

D. Rate-Limit

E. LLQ

F. Fair-Queue

Answer

A

Answer:C

Explanation

Weighted Random Early Detection (WRED) is just a congestion avoidance mechanism. WRED drops packets selectively based on IP precedence. Edge routers assign IP precedences to packets as they enter the network. When a packet arrives, the following events occur:
1. The average queue size is calculated. 2. If the average is less than the minimum queue threshold, the arriving packet is queued. 3. If the average is between the minimum queue threshold for that type of traffic and the maximum threshold for the interface, the packet is either dropped or queued, depending on the packet drop probability for that type of traffic. 4. If the average queue size is greater than the maximum threshold, the packet is dropped.
WRED reduces the chances of tail drop (when the queue is full, the packet is dropped) by selectively dropping packets when the output interface begins to show signs of congestion (thus it can mitigate congestion by preventing the queue from filling up). By dropping some packets early rather than waiting until the queue is full, WRED avoids dropping large numbers of packets at once and minimizes the chances of global synchronization. Thus, WRED allows the transmission line to be used fully at all times.
WRED generally drops packets selectively based on IP precedence. Packets with a higher IP precedence are less likely to be dropped than packets with a lower precedence. Thus, the higher the priority of a packet, the higher the probability that the packet will be delivered.
Reference:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conavd/configuration/15-mt/qos-conavd-15-mt-book/qos-conavd-cfg-wred.html
WRED is only useful when the bulk of the traffic is TCP/IP traffic. With TCP, dropped packets indicate congestion, so the packet source will reduce its transmission rate. With other protocols, packet sources may not respond or may resend dropped packets at the same rate. Thus, dropping packets does not decrease congestion.
Reference:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conavd/configuration/xe-16/qos-conavd-xe-16-book/qos-conavd-oview.html
Note: Global synchronization occurs when multiple TCP hosts reduce their transmission rates in response to congestion. But when congestion is reduced, TCP hosts try to increase their transmission rates again simultaneously (known as slow-start algorithm), which causes another congestion. Global synchronization produces this graph:

Question 59

Q

Question 59

Which QoS component alters a packet to change the way that traffic is treated in the network?

A. Marking
 B. Classification
 C. Shaping
 D. Policing

Answer

A

Answer:A

Explanation

QoS Packet Marking refers to changing a field within a packet either at Layer 2 (802.1Q/p CoS, MPLS EXP) or Layer 3 (IP Precedence, DSCP and/or IP ECN).
Reference:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_mqc/configuration/xe-16/qos-mqc-xe-16-book/qos-mrkg.html

Question 60

Q

Question 60
Which marking field is used only as an internal marking within a router?

A. QOS Group

B. Discard Eligiblity

C. IP Precedence

D. MPLS Experimental

Answer

A

Answer:A

Explanation

Cisco routers allow you to mark two internal values (qos-group and discard-class) that travel with the packet within the router but do not modify the packet’s contents.
Reference:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_mqc/configuration/xe-16-6/qos-mqc-xe-16-6-book/qos-mrkg.html

Question 61

Q

Question 61
How does QoS traffic shaping alleviate network congestion?

A. It drops packets when traffic exceeds a certain bitrate.
 B. It buffers and queue packets above the committed rate.
 C. It fragments large packets and queues them for delivery.
 D. It drops packets randomly from lower priority queues.

Answer

A

Answer:B

Explanation

Traffic shaping retains excess packets in a queue and then schedules the excess for later transmissionover increments of time. The result of traffic shaping is a smoothed packet output rate.

Question 62

Q

Question 62
An engineer is describing QoS to a client. Which two facts apply to traffic policing? (Choose two)

A. Policing adapts to network congestion by queuing excess traffic
 B. Policing should be performed as close to the destination as possible
 C. Policing drops traffic that exceeds the defined rate
 D. Policing typically delays the traffic, rather than drops it
 E. Policing should be performed as close to the source as possible

Answer

A

Answer:C E

Explanation

Traffic policing propagates bursts. When the traffic rate reaches the configured maximum rate (or committed information rate), excess traffic is dropped (or remarked). The result is an output rate that appears as a saw-tooth with crests and troughs.
Unlike traffic shaping, traffic policing does not cause delay.
Classification (which includes traffic policing, traffic shaping and queuing techniques) should take place at the network edge. It is recommended that classification occur as close to the source of the traffic as possible.
Also according to thisCisco link, “policing traffic as close to the source as possible”.

Question 63

Q

Question 63
During deployment, a network engineer notices that voice traffic is not being tagged correctly as it traverses the network. Which COS to DSCP map must be modified to ensure that voice traffic is treated properly?

A. COS of 5 to DSCP 46
 B. COS of 7 to DSCP 48
 C. COS of 6 to DSCP 46
 D. COS of 3 to DSCP of 26

Answer

A

Answer:A

Explanation

CoS value 5 is commonly used for VOIP and CoS value 5 should be mapped to DSCP 46. DSCP 46 is defined as being for EF (Expedited Forwarding) traffic flows and is the value usually assigned to all interactive voice and video traffic. This is to keep the uniformity from end-to-end that DSCP EF (mostly for VOICE RTP) is mapped to COS 5.
Note:
+ CoS is a L2 marking contained within an 802.1q tag,. The values for CoS are 0 – 7 + DSCP is a L3 marking and has values 0 – 63 + The default DSCP-to-CoS mapping for CoS 5 is DSCP 40

Question 64

Q

Question 64
Which QoS queuing method transmits packets out of the interface in the order the packets arrive?

A. custom
 B. weighted- fair
 C. FIFO
 D. priority

Answer

A

Answer:C

Explanation

First-in, first-out(FIFO): FIFO entails no concept of priority or classes of traffic. With FIFO, transmission of packets out the interface occurs in the order the packets arrive, which means no QoS.

Answer 57

A

Answer:B

Explanation

There are five basic device roles in the fabric overlay: + Control plane node: This node contains the settings, protocols, and mapping tables to provide the endpoint-to-location (EID-to-RLOC) mapping system for the fabric overlay. + Fabric border node: This fabric device (for example, core layer device) connects external Layer 3 networks to the SDA fabric. + Fabric edge node: This fabric device (for example, access or distribution layer device) connects wired endpoints to the SDA fabric. + Fabric WLAN controller (WLC): This fabric device connects APs and wireless endpoints to the SDA fabric. + Intermediate nodes: These are intermediate routers or extended switches that do not provide any sort of SD-Access fabric role other than underlay services.

Reference: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide

Answer 58

A

Answer:B

Explanation

+Orchestration plane (vBond)assists in securelyonboarding the SD-WAN WAN Edge routers into the SD-WAN overlay(-> Therefore answer A mentioned about vBond). The vBond controller, or orchestrator, authenticates and authorizes the SD-WAN components onto the network. The vBond orchestrator takes an added responsibility to distribute the list of vSmart and vManage controller information to the WAN Edge routers. vBond is the only device in SD-WAN that requires a public IP address as it is the first point of contact and authentication for all SD-WAN components to join the SD-WAN fabric. All other components need to know the vBond IP or DNS information.
+Management plane (vManage)is responsible for central configuration and monitoring. The vManage controller is the centralized network management system that provides a single pane of glass GUI interface to easily deploy, configure, monitor and troubleshoot all Cisco SD-WAN components in the network. (-> Answer C and answer D are about vManage)
+Control plane(vSmart)builds and maintains the network topology and make decisions on the traffic flows. The vSmart controller disseminates control plane information between WAN Edge devices, implements control plane policies and distributes data plane policies to network devices for enforcement (-> Answer B is about vSmart)

Answer 59

A

Answer:A

Explanation

The southbound protocol used by APIC is OpFlex that is pushed by Cisco as the protocol for policy enablement across physical and virtual switches.
Southbound interfaces are implemented with some called Service Abstraction Layer (SAL), which talks to the network elements via SNMP and CLI.
Note: Cisco OpFlex is a southbound protocol in a software-defined network (SDN).

Answer 60

A

Answer:C

Explanation

Today the Dynamic Network Architecture Software Defined Access (DNA-SDA) solution requires a fusion router to perform VRF route leaking between user VRFs and Shared-Services, which may be in the Global routing table (GRT) or another VRF. Shared Services may consist of DHCP, Domain Name System (DNS), Network Time Protocol (NTP), Wireless LAN Controller (WLC), Identity Services Engine (ISE), DNAC components which must be made available to other virtual networks (VN’s) in the Campus.
Reference:https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/dna-center/213525-sda-steps-to-configure-fusion-router.html

Answer 61

A

Answer:C

Explanation

Fabric mode APs continue to support the same wireless media services that traditional APs support; apply AVC, quality of service (QoS), and other wireless policies; and establish the CAPWAP control plane to the fabric WLC.Fabric APs join as local-mode APs and must be directly connected to the fabric edge node switchto enable fabric registration events, including RLOC assignment via the fabric WLC. The fabric edge nodes use CDP to recognize APs as special wired hosts, applying special port configurations and assigning the APs to a unique overlay network within a common EID space across a fabric. The assignment allows management simplification by using a single subnet to cover the AP infrastructure at a fabric site.
Reference:https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/sda-sdg-2019oct.html

Answer 62

A

Answer:D

Explanation

The tunneling technology used for the fabric data plane is based on Virtual Extensible LAN (VXLAN). VXLAN encapsulation is UDP based, meaning that it can be forwarded by any IP-based network (legacy or third party) and creates the overlay network for the SD-Access fabric. Although LISP is the control plane for the SD-Access fabric, it does not use LISP data encapsulation for the data plane; instead, it uses VXLAN encapsulation because it is capable of encapsulating the original Ethernet header to perform MAC-in-IP encapsulation, while LISP does not. Using VXLAN allows the SD-Access fabric to support Layer 2 and Layer 3 virtual topologies (overlays) and the ability to operate over any IP-based network with built-in network segmentation (VRF instance/VN) and built-in group-based policy.
Reference: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide

Answer 63

A

Answer:C

Explanation

Access Points + AP is directly connected to FE (or to an extended node switch) + AP is part of Fabric overlay
Reference:https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2018/pdf/BRKEWN-2020.pdf

Answer 64

A

Answer:D

Explanation

The primary components for the Cisco SD-WAN solution consist of thevManage network management system (management plane), the vSmart controller (control plane), the vBond orchestrator (orchestration plane), and the vEdge router (data plane).
+ vManage – This centralized network management system provides a GUI interface to easily monitor, configure, and maintain all Cisco SD-WAN devices and links in the underlay and overlay network.
+ vSmart controller – This software-based component is responsible for the centralized control plane of the SD-WAN network. It establishes a secure connection to each vEdge router and distributes routes and policy information via the Overlay Management Protocol (OMP), acting as a route reflector. It also orchestrates the secure data plane connectivity between the vEdge routers by distributing crypto key information, allowing for a very scalable, IKE-less architecture.
+ vBond orchestrator – This software-based component performs the initial authentication of vEdge devices and orchestrates vSmart and vEdge connectivity. It also has an important role in enabling the communication of devices that sit behind Network Address Translation (NAT).
+ vEdge router – This device, available as either a hardware appliance or software-based router, sits at a physical site or in the cloud and provides secure data plane connectivity among the sites over one or more WAN transports. It is responsible for traffic forwarding, security, encryption, Quality of Service (QoS), routing protocols such as Border Gateway Protocol (BGP) and Open Shortest Path First (OSPF), and more.
Reference:https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/SDWAN/CVD-SD-WAN-Design-2018OCT.pdf

Answer 65

A

Answer:C E

Explanation

There are five basic device roles in the fabric overlay: + Control plane node: This node contains the settings, protocols, and mapping tables to provide the endpoint-to-location (EID-to-RLOC) mapping system for the fabric overlay. +Fabric border node: This fabric device (for example, core layer device) connects external Layer 3 networks to the SDA fabric. +Fabric edge node: This fabric device (for example, access or distribution layer device) connects wired endpoints to the SDA fabric. + Fabric WLAN controller (WLC): This fabric device connects APs and wireless endpoints to the SDA fabric. + Intermediate nodes: These are intermediate routers or extended switches that do not provide any sort of SD-Access fabric role other than underlay services.

Reference: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide

Answer 66

A

Answer:A

Explanation

+Orchestration plane (vBond)assists in securely onboarding the SD-WAN WAN Edge routers into the SD-WAN overlay. The vBond controller, or orchestrator, authenticates and authorizes the SD-WAN components onto the network. The vBond orchestrator takes an added responsibility to distribute the list of vSmart and vManage controller information to the WAN Edge routers. vBond is the only device in SD-WAN that requires a public IP address as it is the first point of contact and authentication for all SD-WAN components to join the SD-WAN fabric. All other components need to know the vBond IP or DNS information.

Answer 67

A

Answer:B

Explanation

+Fabric edge node: This fabric device (for example, access or distribution layer device) connects wired endpoints to the SDA fabric.

Answer 68

A

Answer:B

Explanation

+Control plane(vSmart)builds and maintains the network topology and make decisions on the traffic flows. The vSmart controller disseminates control plane information between WAN Edge devices, implements control plane policies and distributes data plane policies to network devices for enforcement.

Answer 69

A

Answer:C

Explanation

The BFD (Bidirectional Forwarding Detection) is a protocol that detects link failures as part of the Cisco SD-WAN (Viptela) high availability solution, is enabled by default on all vEdge routers, and you cannot disable it.

Answer 70

A

Answer:B

Explanation

An overlay network creates a logical topology used to virtually connect devices that are built over an arbitrary physical underlay topology.
An overlay network is created on top of the underlay network through virtualization (virtual networks). The data plane traffic and control plane signaling are contained within each virtualized network, maintaining isolation among the networks and an independence from the underlay network.
SD-Access allows for the extension of Layer 2 and Layer 3 connectivity across the overlay through the services provided by through LISP.
Reference:https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html

Answer 71

A

Answer:D

Explanation

Control plane(vSmart)builds and maintains the network topology and make decisions on the traffic flows. The vSmart controller disseminates control plane information between WAN Edge devices, implements control plane policies and distributes data plane policies to network devices for enforcement.

Answer 72

A

Answer:C

Explanation

Access Points + AP is directly connected to FE (or to an extended node switch) + AP is part of Fabric overlay
Reference:https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2018/pdf/BRKEWN-2020.pdf

Answer 73

A

Answer:C

Explanation

Fabric control plane node (C): One or more network elements that implement the LISP Map-Server (MS) and Map-Resolver (MR) functionality. The control plane node’s host tracking database keep track of all endpoints in a fabric site and associates the endpoints to fabric nodes in what is known as an EID-to-RLOC binding in LISP.
Reference:https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-macro-segmentation-deploy-guide.html

Answer 74

A

Answer:A

Explanation

SD-Access Wireless Architecture Control Plane Node –A Closer Look
Fabric Control-Plane Node is based on a LISP Map Server / Resolver
Runs the LISP Endpoint ID Database to provide overlay reachability information + A simple Host Database, that tracks Endpoint ID to Edge Node bindings (RLOCs) + Host Database supports multiple types of Endpoint ID (EID), such as IPv4 /32, IPv6 /128* or MAC/48 + Receives prefix registrations from Edge Nodes for wired clients, and from Fabric mode WLCs for wireless clients + Resolves lookup requests from FE to locate Endpoints + Updates Fabric Edge nodes, Border nodes with wireless client mobility and RLOC information
Reference:https://www.ciscolive.com/c/dam/r/ciscolive/latam/docs/2018/pdf/BRKEWN-2020.pdf

Answer 75

A

Answer:B

Explanation

Cisco SD-WAN uses Overlay Management Protocol (OMP) which manages the overlay network. OMP runs between the vSmart controllers and WAN Edge routers (and among vSmarts themselves) where control plane information, such as the routing, policy, and management information, is exchanged over a secure connection.

Answer 76

A

Answer:B

Explanation

SDA supports two additional types of roaming, which are Intra-xTR and Inter-xTR. In SDA, xTR stands for an access-switch that is a fabric edge node. It serves both as an ingress tunnel router as well as an egress tunnel router.
When a client on a fabric enabled WLAN, roams from an access point to another access point on the same access-switch, it is called Intra-xTR. Here, the local client database and client history table are updated with the information of the newly associated access point.
When a client on a fabric enabled WLAN,roams from an access point to another access point on a different access-switch, it is called Inter-xTR. Here, the map server is also updated with the client location (RLOC) information. Also, the local client database is updated with the information of the newly associated access point.
Reference:https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/mobility.html

Answer 77

A

Answer:A

Explanation

The tunneling technology used for the fabric data plane is based on Virtual Extensible LAN (VXLAN). VXLAN encapsulation is UDP based, meaning that it can be forwarded by any IP-based network (legacy or third party) and creates the overlay network for the SD-Access fabric. Although LISP is the control plane for the SD-Access fabric, it does not use LISP data encapsulation for the data plane; instead, it uses VXLAN encapsulation because it is capable of encapsulating the original Ethernet header to perform MAC-in-IP encapsulation, while LISP does not. Using VXLAN allows the SD-Access fabric to support Layer 2 and Layer 3 virtual topologies (overlays) and the ability to operate over any IP-based network with built-in network segmentation (VRF instance/VN) and built-in group-based policy.
Reference: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide

Answer 78

A

Answer:B

Explanation

Cisco Express Forwarding (CEF) provides the ability to switch packets through a device in a very quick and efficient way while also keeping the load on the router’s processor low. CEF is made up of two different main components: theForwarding Information Base(FIB) and theAdjacencyTable. These are automatically updated at the same time as the routing table.
The Forwarding Information Base (FIB) contains destination reachability information as well as next hop information. This information is then used by the router to make forwarding decisions. The FIB allows for very efficient and easy lookups. Below is an example of the FIB table:

The adjacency table is tasked with maintaining the layer 2 next-hop information for the FIB. An example of the adjacency table is shown below:

Note: A fast cache is only used when fast switching is enabled while CEF is disabled.

Answer 79

A

Answer:D E

Explanation

Cisco IOS software basically supports two modes of CEF load balancing: On per-destination or per-packet
basis.
For per destination load balancing a hash is computed out of the source and destination IP address(-> Answer E is correct).This hash points to exactly one of the adjacency entries in the adjacency table(-> Answer D is correct), providing that the same path is used for all packets with this source/destination address pair. If per packet load balancing is used the packets are distributed round robin over the available paths. In either case the information in the FIB and adjacency tables provide all the necessary forwarding information, just like for non-load balancing operation.
The number of paths used is limited by the number of entries the routing protocol puts in the routing table, the default in IOS is 4 entries for most IP routing protocols with the exception of BGP, where it is one entry.The maximum number that can be configured is 6 different paths-> Answer A is not correct.
Reference:https://www.cisco.com/en/US/products/hw/modules/ps2033/prod_technical_reference09186a00800afeb7.html

Answer 80

A

Answer:D

Explanation

The Forwarding Information Base (FIB) table – CEF uses a FIB to make IP destination prefix-based switching decisions. The FIB is conceptually similar to a routing table or information base. It maintains a mirror image of the forwarding information contained in the IP routing table. When routing or topology changes occur in the network, the IP routing table is updated, and these changes are reflected in the FIB. The FIB maintains next-hop address information based on the information in the IP routing table.
Reference:https://www.cisco.com/c/en/us/support/docs/routers/12000-series-routers/47321-ciscoef.html

Answer 81

A

Answer:D

Explanation

CEF uses a Forwarding Information Base (FIB) to make IP destination prefix-based switching decisions. The
FIB is conceptually similar to a routing table or information base. It maintains a mirror image of the forwarding information contained in the IP routing table. When routing or topology changes occur in the network, the IP routing table is updated, and those changes are reflected in the FIB. The FIB maintains next-hop address information based on the information in the IP routing table. Because there is a one-to-one correlation between FIB entries and routing table entries, the FIB contains all known routes and eliminates the need for route cache maintenance that is associated with earlier switching paths such as fast switching and optimum switching.
Note: In order to view the Routing information base (RIB) table, use the “show ip route” command. To view the Forwarding Information Base (FIB), use the “show ip cef” command. RIB is in Control plane while FIB is in Data plane.

Answer 82

A

Answer:A

Explanation

Both answer A and answer C in this question are correct. It is hard to say which correct answer is better.

Answer 83

A

Answer:C

Explanation

“Punt” is often used to describe the action of moving a packet from the fast path (CEF) to the route processor for handling.
Cisco Express Forwarding (CEF) provides the ability to switch packets through a device in a very quick and efficient way while also keeping the load on the router’s processor low. CEF is made up of two different main components: theForwarding Information Base(FIB) and theAdjacencyTable.
Process switching is the slowest switching methods (compared to fast switching and Cisco Express Forwarding) because it must find a destination in the routing table. Process switching must also construct a new Layer 2 frame header for every packet. With process switching, when a packet comes in, the scheduler calls a process that examines the routing table, determines which interface the packet should be switched to and then switches the packet. The problem is, this happens for the every packet.
Reference:http://www.cisco.com/web/about/security/intelligence/acl-logging.html

Answer 84

A

Answer:B E

Explanation
The Forwarding Information Base (FIB) contains destination reachability information as well as next hop information. This information is then used by the router to make forwarding decisions. The FIB allows for very efficient and easy lookups. Below is an example of the FIB table:

The FIB maintains next-hop address information based on the information in the IP routing table (RIB).
Note: In order to view the Routing information base (RIB) table, use the “show ip route” command. To view the Forwarding Information Base (FIB), use the “show ip cef” command. RIB is in Control plane while FIB is in Data plane.

Answer 85

A

Answer:B

Explanation

Answer C and answer D are not correct as only route distinguisher (RD) identifies the customer routing table and “allows customers to be assigned overlapping addresses”.
Answer A is not correct as “When BGP is configured, route targets are transmitted as BGPextendedcommunities”

Answer 86

A

Answer:D E

Explanation

In VRF-Lite, Route distinguisher (RD) identifies the customer routing table and allows customers to be assigned overlapping addresses. Therefore it can support multiple customers with overlapping addresses -> Answer E is correct.
VRFs are commonly used for MPLS deployments, when we use VRFs without MPLS then we call it VRF lite -> Answer C is not correct.
– VRF-lite does not support IGRP and ISIS. ( -> Answer B is not correct) – The capability vrf-lite subcommand under router ospf should be used when configuring OSPF as the routing protocol between the PE and the CE. – VRF-lite does not affect the packet switching rate. (-> Answer A is not correct)
Reference:https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/vrf.html#wp1045190

Answer 87

A

Answer:A

Explanation

There are two types of hypervisors: type 1 and type 2 hypervisor.
In type 1 hypervisor (or native hypervisor), the hypervisor is installed directly on the physical server. Then instances of an operating system (OS) are installed on the hypervisor. Type 1 hypervisor has direct access to the hardware resources. Therefore they are more efficient than hosted architectures. Some examples of type 1 hypervisor are VMware vSphere/ESXi, Oracle VM Server, KVM and Microsoft Hyper-V.
In contrast to type 1 hypervisor, a type 2 hypervisor (or hosted hypervisor) runs on top of an operating system and not the physical hardware directly. A big advantage of Type 2 hypervisors is that management console software is not required. Examples of type 2 hypervisor are VMware Workstation (which can run on Windows, Mac and Linux) or Microsoft Virtual PC (only runs on Windows).

Answer 88

A

Answer:B D

Explanation

Server virtualization and the use of virtual machines is profoundly changing data center dynamics. Most organizations are struggling with the cost and complexity of hosting multiple physical servers in their data centers. The expansion of the data center, a result of both scale-out server architectures and traditional “one application, one server” sprawl, has created problems in housing, powering, and cooling large numbers of underutilized servers. In addition, IT organizations continue to deal with the traditional cost and operational challenges of matching server resources to organizational needs that seem fickle and ever changing.
Virtual machines can significantly mitigate many of these challenges by enabling multiple application and operating system environments to be hosted on a single physical server while maintaining complete isolation between the guest operating systems and their respective applications. Hence, server virtualization facilitates server consolidation by enabling organizations to exchange a number of underutilized servers for a single highly utilized server running multiple virtual machines.
By consolidating multiple physical servers, organizations can gain several benefits: + Underutilized servers can be retired or redeployed. + Rack space can be reclaimed. + Power and cooling loads can be reduced. + New virtual servers can be rapidly deployed. + CapEx (higher utilization means fewer servers need to be purchased) and OpEx (few servers means a simpler environment and lower maintenance costs) can be reduced.
Reference:https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/net_implementation_white_paper0900aecd806a9c05.html

Answer 89

A

Answer:A

Explanation

A virtual machine (VM) is a software emulation of a physical server with an operating system. From an application’s point of view, the VM provides the look and feel of a real physical server, including all its components, such as CPU, memory, and network interface cards (NICs).
The virtualization software that creates VMs and performs the hardware abstraction that allows multiple VMs to run concurrently is known as a hypervisor.
There are two types of hypervisors: type 1 and type 2 hypervisor.
In type 1 hypervisor (or native hypervisor), the hypervisor is installed directly on the physical server. Then instances of an operating system (OS) are installed on the hypervisor. Type 1 hypervisor has direct access to the hardware resources. Therefore they are more efficient than hosted architectures. Some examples of type 1 hypervisor are VMware vSphere/ESXi, Oracle VM Server, KVM and Microsoft Hyper-V.
In contrast to type 1 hypervisor, a type 2 hypervisor (or hosted hypervisor) runs on top of an operating system and not the physical hardware directly. A big advantage of Type 2 hypervisors is that management console software is not required. Examples of type 2 hypervisor are VMware Workstation (which can run on Windows, Mac and Linux) or Microsoft Virtual PC (only runs on Windows).

Answer 90

A

Answer:D E

Explanation

Because some PE routers might receive routing information they do not require, a basic requirement is to be able to filter the MP-iBGP updates at the ingress to the PE router so that the router does not need to keep this information in memory.
TheAutomatic Route Filteringfeature fulfills this filtering requirement. This feature is available by default on all PE routers, and no additional configuration is necessary to enable it. Its function is to filter automatically VPN-IPv4 routes that contain a route target extended community that does not match any of the PE’s configured VRFs. This effectively discards any unwanted VPN-IPv4 routes silently, thus reducing the amount of information that the PE has to store in memory -> Answer D is correct.
Reference: MPLS and VPN Architectures Book, Volume 1
The reason that PE1 dropped the route is there is no “route-target import 999:999” command on PE1 (so we see the “DENIED due to:extended community not supported” in the debug) so we need to type this command to accept this route -> Answer E is correct.

Answer 91

A

Answer:A B

Explanation

Broadcast radiation refers to the processing that is required every time a broadcast is received on a host. Although IP is very efficient from a broadcast perspective when compared to traditional protocols such as Novell Internetwork Packet Exchange (IPX) Service Advertising Protocol (SAP), virtual machines and the vswitch implementation require special consideration.Because the vswitch is software based, as broadcasts are received the vswitch must interrupt the server CPUto change contexts to enable the vswitch to process the packet. After the vswitch has determined that the packet is a broadcast, it copies the packet to all the VMNICs, which then pass the broadcast packet up the stack to process. This processing overhead can have a tangible effect on overall server performance if a single domain is hosting a large number of virtual machines.
Note: This overhead effect is not a limitation of the vswitch implementation. It is a result of the software-based nature of the vswitch embedded in the ESX hypervisor.
Reference:https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/net_implementation_white_paper0900aecd806a9c05.html
—————————————————————-
Note about the structure of virtualization in a hypervisor:
Hypervisors providevirtual switch(vSwitch) that Virtual Machines (VMs) use to communicate with other VMs on the same host. The vSwitch may also be connected to the host’s physical NIC to allow VMs to get layer 2 access to the outside world.
Each VM is provided with avirtual NIC (vNIC)that is connected to the virtual switch. Multiple vNICs can connect to a single vSwitch, allowing VMs on a physical host to communicate with one another at layer 2 without having to go out to a physical switch.

Although vSwitch does not run Spanning-tree protocol but vSwitch implements other loop prevention mechanisms. For example, a frame that enters from one VMNIC is not going to go out of the physical host from a different VMNIC card.

Answer 92

A

Answer:B D

Explanation

A bare-metal hypervisor (Type 1) is a layer of software we install directly on top of a physical server and its underlying hardware. There is no software or any operating system in between, hence the name bare-metal hypervisor. A Type 1 hypervisor is proven in providing excellent performance and stability since it does not run inside Windows or any other operating system. These are the most common type 1 hypervisors:
+ VMware vSphere with ESX/ESXi + KVM (Kernel-Based Virtual Machine) + Microsoft Hyper-V + Oracle VM + Citrix Hypervisor (formerly known as Xen Server)

Answer 93

A

Answer:D

Explanation
In contrast to type 1 hypervisor, a type 2 hypervisor (or hosted hypervisor) runs on top of an operating system and not the physical hardware directly. A big advantage of Type 2 hypervisors is that management console software is not required. Examples of type 2 hypervisor are VMware Workstation (which can run on Windows, Mac and Linux) or Microsoft Virtual PC (only runs on Windows).

Answer 94

A

Answer:A B

Explanation

Hypervisors providevirtual switch(vSwitch) that Virtual Machines (VMs) use to communicate with other VMs on the same host. The vSwitch may also be connected to the host’s physical NIC to allow VMs to get layer 2 access to the outside world.
Each VM is provided with avirtual NIC (vNIC)that is connected to the virtual switch. Multiple vNICs can connect to a single vSwitch, allowing VMs on a physical host to communicate with one another at layer 2 without having to go out to a physical switch.

-> Therefore answer B is correct.
Answer E is not correct as besides the virtual switch running as a separate virtual machine, we also need to set up a trunk link so that VMs can communicate.
Answer C is not correct as it is too complex when we want to connect two VMs on the same hypervisor. VXLAN should only be used between two VMs on different physical servers.
Answer D is not correct as it uses Layer 3 network (routed link).
Therefore only answer A is left. We can connect two VMs via a trunk link with an external Layer2 switch.

Answer 95

A

Answer:B

Explanation

There are two types of hypervisors: type 1 and type 2 hypervisor.
In type 1 hypervisor (or native hypervisor), the hypervisor is installed directly on the physical server. Then instances of an operating system (OS) are installed on the hypervisor. Type 1 hypervisor has direct access to the hardware resources. Therefore they are more efficient than hosted architectures. Some examples of type 1 hypervisor are VMware vSphere/ESXi, Oracle VM Server, KVM and Microsoft Hyper-V.
In contrast to type 1 hypervisor, a type 2 hypervisor (or hosted hypervisor) runs on top of an operating system and not the physical hardware directly. A big advantage of Type 2 hypervisors is that management console software is not required. Examples of type 2 hypervisor are VMware Workstation (which can run on Windows, Mac and Linux) or Microsoft Virtual PC (only runs on Windows).

Answer 96

A

Answer:A

Explanation

Each VM is provided with avirtual NIC (vNIC)that is connected to the virtual switch. Multiple vNICs can connect to a single vSwitch, allowing VMs on a physical host to communicate with one another at layer 2 without having to go out to a physical switch

Answer 97

A

Answer:A

Explanation

There are two types of hypervisors: type 1 and type 2 hypervisor.
In type 1 hypervisor (or native hypervisor), the hypervisor is installed directly on the physical server. Then instances of an operating system (OS) are installed on the hypervisor. Type 1 hypervisor has direct access to the hardware resources. Therefore they are more efficient than hosted architectures. Some examples of type 1 hypervisor are VMware vSphere/ESXi, Oracle VM Server, KVM and Microsoft Hyper-V.
In contrast to type 1 hypervisor, a type 2 hypervisor (or hosted hypervisor) runs on top of an operating system and not the physical hardware directly. A big advantage of Type 2 hypervisors is that management console software is not required. Examples of type 2 hypervisor are VMware Workstation (which can run on Windows, Mac and Linux) or Microsoft Virtual PC (only runs on Windows).
Type 1 is more efficient and well performing, it is also more secure than type 2 because the flaws and vulnerabilities that are endemic to Operating Systems are often absent from Type 1, bare metal hypervisors. Type 1 has better performance, scalability and stabilitybut supported by limited hardware.

Answer 98

A

Answer:B

Explanation

This question is a bit unclear but it mentioned about “dedicated operating systems that provide the virtualization platform” -> It means the Hypervisor so “Type 1 hypervisor” is the best choice here as type 1 hypervisor does not require to run any underlay Operating System.
Note: Hosted virtualization is type 2 hypervisor. In contrast to type 1 hypervisor, a type 2 hypervisor (or hosted hypervisor) runs on top of an operating system and not the physical hardware directly. A big advantage of Type 2 hypervisors is that management console software is not required. Examples of type 2 hypervisor are VMware Workstation (which can run on Windows, Mac and Linux) or Microsoft Virtual PC (only runs on Windows).

Answer 99

A

Answer:D

Explanation

The Lightweight AP (LAP) can discover controllers through your domain name server (DNS). For the access point (AP) to do so, you must configure your DNS to return controller IP addresses in response toCISCO-LWAPP-CONTROLLER.localdomain, where localdomain is the AP domain name. When an AP receives an IP address and DNS information from a DHCP server, it contacts the DNS to resolve CISCO-CAPWAP-CONTROLLER.localdomain. When the DNS sends a list of controller IP addresses, the AP sends discovery requests to the controllers.
The AP will attempt to resolve the DNS nameCISCO-CAPWAP-CONTROLLER.localdomain. When the AP is able to resolve this name to one or more IP addresses, the AP sends a unicast CAPWAP Discovery Message to the resolved IP address(es). Each WLC that receives the CAPWAP Discovery Request Message replies with a unicast CAPWAP Discovery Response to the AP.
Reference:https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/107606-dns-wlc-config.html

Answer 100

A

Answer:B D

Explanation

Signal to Noise Ratio (SNR) is defined as the ratio of the transmitted power from the AP to the ambient (noise floor) energy present. To calculate the SNR value, we add the Signal Value to the Noise Value to get the SNR ratio. A positive value of the SNR ratio is always better.
Here is an example to tie together this information to come up with a very simple RF plan calculator for a single AP and a single client. + Access Point Power = 20 dBm + 50 foot antenna cable = – 3.35 dB Loss + Signal attenuation due to glass wall with metal frame = -6 dB + External Access Point Antenna = + 5.5 dBi gain + RSSI at WLAN Client = -75 dBm at 100ft from the AP + Noise level detected by WLAN Client = -85 dBm at 100ft from the AP
Based on the above, we can calculate the following information. + EIRP of the AP at source = 20 – 3.35 + 5.5 = 22.15 dBm + Transmit power as signal passes through glass wall = 22.15 – 6 = 16.15 dBm +SNR at Client = -75 + -85 = 10 dBm(difference between Signal and Noise)
Reference:https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/CMX/CMX_RFFund.html
Receive Signal Strength Indicator (RSSI) is a measurement of how well your device can hear a signal from an access point or router. It’s a value that is useful for determining if you have enough signal to get a good wireless connection.
EIRP tells you what’s the actual transmit power of the antenna in milliwatts.
dBm is an abbreviation for “decibels relative to one milliwatt,” where one milliwatt (1 mW) equals 1/1000 of a watt. It follows the same scale as dB. Therefore 0 dBm = 1 mW, 30 dBm = 1 W, and -20 dBm = 0.01 mW

Answer 101

A

Answer:A

Explanation

The EAP-FAST protocol is a publicly accessible IEEE 802.1X EAP type that Cisco developed to support customers that cannot enforce a strong password policy and want to deploy an 802.1X EAP type that does not require digital certificates.
EAP-FAST is also designed for simplicity of deployment since it does not require a certificate on the wireless LAN client or on the RADIUS infrastructure yet incorporates a built-in provisioning mechanism.
Reference:https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-fixed/72788-CSSC-Deployment-Guide.html

Answer 102

A

Answer:A C

Explanation

According to theMeraki webpage, radar and rogue AP are two sources of Wireless Interference.
Interference between different WLANs occurs when the access points within range of each other are set to the same RF channel.
Note: Microwave ovens (not conventional oven) emit damaging interfering signals at up to 25 feet or so from an operating oven. Some microwave ovens emit radio signals that occupy only a third of the 2.4-GHz band, whereas others occupy the entire band.
Reference:https://www.ciscopress.com/articles/article.asp?p=2351131&seqNum=2
So answer D is not a correct answer.

Answer 103

A

Answer:B

Explanation

This paragraph was taken from the linkhttps://www.cisco.com/c/en/us/support/docs/wireless-mobility/
wlan-security/69340-web-auth-config.html#c5:
“The next step is to configure the WLC for the Internal web authentication.Internal web authentication is the default web authentication type on WLCs.”
In step 4 of the link above, we will configure Security as described in this question. Therefore we can deduce this configuration is for Internal web authentication.

Answer 104

A

Answer:D E

Explanation

FlexConnect is a wireless solution for branch office and remote office deployments. It enables customers to configure and control access points in a branch or remote office from the corporate office through a wide area network (WAN) link without deploying a controller in each office.
The FlexConnect access points can switch client data traffic locally and perform client authentication locally when their connection to the controller is lost. When they are connected to the controller, they can also send traffic back to the controller. In the connected mode, the FlexConnect access point can also perform local authentication.
Reference:https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-2/configuration/guide/cg/cg_flexconnect.html

Answer 105

A

Answer:C

Explanation

Deploying WPA2-Enterprise requires a RADIUS server, which handles the task of authenticating network users access. The actual authentication process is based on the 802.1X policy and comes in several different systems labelled EAP. Because each device is authenticated before it connects, a personal, encrypted tunnel is effectively created between the device and the network.
Reference:https://www.securew2.com/solutions/wpa2-enterprise-and-802-1x-simplified/

Answer 106

A

Answer:B

Explanation

802.11r Fast Transition (FT) Roaming is an amendment to the 802.11 IEEE standards. It is a new concept for roaming. The initial handshake with the new AP occurs before client roams to the target AP. Therefor it is called Fast Transition. 802.11r provides two methods of roaming:
+ Over-the-air: With this type of roaming, the client communicates directly with the target AP using IEEE 802.11 authentication with the Fast Transition (FT) authentication algorithm. +Over-the-DS(distribution system): With this type of roaming, the client communicates with the target AP through the current AP. The communication between the client and the target AP is carried in FT action frames between the client and the current AP and is then sent through the controller.
But both of these methods do not deal with legacy clients.
The802.11kallows 11k capable clients to request a neighbor report containing information about known neighbor APs that are candidates for roaming.
Reference:https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/80211r-ft/b-80211r-dg.html
IEEE802.11vis an amendment to the IEEE 802.11 standard which describes numerous enhancements to wireless network management. One such enhancement is Network assisted Power Savings which helps clients to improve the battery life by enabling them to sleep longer. Another enhancement is Network assisted Roaming which enables the WLAN to send requests to associated clients, advising the clients as to better APs to associate to. This is useful for both load balancing and in directing poorly connected clients.
Reference:https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/802-11v.pdf
Cisco 802.11r supports three modes: + Pure mode: only allows 802.11r client to connect + Mixed mode: allows both clients that do and do not support FT to connect + Adaptive mode: does not advertise the FT AKM at all, but will use FT when supported clients connect
Therefore “Adaptive mode” is the best answer here.

Answer 107

A

Answer:C

Explanation

Link aggregation (LAG) is a partial implementation of the 802.3ad port aggregation standard. It bundles all of the controller’s distribution system ports into a single 802.3ad port channel.
Restriction for Link aggregation:
+ LAG requires the EtherChannel to be configured for ‘mode on’ on both the controller and the Catalyst switch. …
Reference:https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-5/configuration-guide/b_cg75/b_cg75_chapter_0100010.html

Answer 108

A

Answer:B

Explanation

Mobility Express is the ability to use an access point (AP) as a controller instead of a real WLAN controller. But this solution is only suitable for small to midsize, or multi-site branch locations where you might not want to invest in a dedicated WLC. A Mobility Express WLC can support up to 100 APs. Mobility Express WLC also uses CAPWAP to communicate to other APs.
Note: Local mode is the most common mode that an AP operates in. This is also the default mode. In local mode, the LAP maintains a CAPWAP (or LWAPP) tunnel to its associated controller.

Answer 109

A

Answer:B D

Explanation

A Cisco lightweight wireless AP needs to be paired with a WLC to function.
An AP must be very diligent to discover any controllers that it can join—all without any preconfiguration on your part. To accomplish this feat, several methods of discovery are used. The goal of discovery is just to build a list of live candidate controllers that are available, using the following methods: + Prior knowledge of WLCs + DHCP and DNS information to suggest some controllers (DHCP Option 43) + Broadcast on the local subnet to solicit controllers
Reference: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert Guide
If you do not tell the LAP where the controller is via DHCP option 43, DNS resolution of “Cisco-capwap-controller.local_domain”, or statically configure it, the LAP does not know where in the network to find the management interface of the controller.
In addition to these methods, the LAP does automatically look on the local subnet for controllers with a 255.255.255.255 local broadcast.
Reference:https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/119286-lap-notjoin-wlc-tshoot.html

Answer 110

A

Answer:B

Explanation

A prerequisite for configuring Mobility Groups is “All controllers must be configured with the same
virtual interface IP address”. If all the controllers within a mobility group are not using the same virtual interface, inter-controller roaming may appear to work, but the handoff does not complete,and the client loses connectivity for a period of time. -> Answer B is correct.
Reference:https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/mobility_groups.html
Answer A is not correct because when the client moves to a different mobility group (with different mobility group name), that client would be connected (provided that the new connected controller had information about this client in its mobility list already) or drop (if the new connected controller have not had information about this client in its mobility list). For more information please read the note below.
Note:
A mobility group is a set of controllers, identified by the same mobility group name, that defines the realm of seamless roaming for wireless clients. By creating a mobility group, you can enable multiple controllers in a network to dynamically share information and forward data traffic when inter-controller or inter-subnet roaming occurs. Controllers in the same mobility group can share the context and state of client devices as well as their list of access points so that they do not consider each other’s access points as rogue devices.

Let’s take an example:
The controllers in the ABC mobility group share access point and client information with each other. The controllers in the ABC mobility group do not share the access point or client information with the XYZ controllers, which are in a different mobility group. Therefore if a client from ABC mobility group moves to XYZ mobility group,and the new connected controller does not have information about this client in its mobility list,that client will be dropped.
Note: Clients may roam between access points in different mobility groups if the controllers are included in each other’s mobility lists.

Answer 111

A

Answer:C

Explanation

As these wireless networks grow especially in remote facilities where IT professionals may not always be on site, it becomes even more important to be able to quickly identify and resolve potential connectivity issues ideally before the users complain or notice connectivity degradation. To address these issues we have created Cisco’s Wireless Service Assurance and a new AP mode called “sensor” mode. Cisco’s Wireless Service Assurance platform has three components, namely, Wireless Performance Analytics, Real-time Client Troubleshooting, and Proactive Health Assessment. Using a supported AP or dedicated sensorthe device can actually function much like a WLAN client would associating and identifying client connectivity issueswithin the network in real time without requiring an IT or technician to be on site.
Reference:https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/dam/en/us/td/docs/wireless/controller/technotes/8-5/b_Cisco_Aironet_Sensor_Deployment_Guide.html.xml

Answer 112

A

Answer:D

Explanation

Mobility, or roaming, is a wireless LAN client’s ability to maintain its association seamlessly from one access point to another securely and with as little latency as possible. Three popular types of client roaming are:
Intra-Controller Roaming: Each controller supports same-controller client roaming across access points managed by the same controller. This roaming is transparent to the client as the session is sustained, and the client continues using the same DHCP-assigned or client-assigned IP address.
Inter-Controller Roaming: Multiple-controller deployments support client roaming across access points managed by controllers in the same mobility group and on the same subnet. This roaming is also transparent to the client because the session is sustained and a tunnel between controllers allows the client to continue using the same DHCP- or client-assigned IP address as long as the session remains active.
Inter-Subnet Roaming: Multiple-controller deployments support client roaming across access points managed by controllers in the same mobility group on different subnets. This roaming is transparent to the client because the session is sustained and a tunnel between the controllers allows the client to continue using the same DHCP-assigned or client-assigned IP address as long as the session remains active.
Reference:https://www.cisco.com/c/en/us/td/docs/wireless/controller/7-4/configuration/guides/consolidated/b_cg74_CONSOLIDATED/b_cg74_CONSOLIDATED_chapter_01100.html

Answer 113

A

Answer:A

Explanation

These message logs inform that the radio channel has been reset (and the AP must be down briefly). With dynamic channel assignment (DCA), the radios can frequently switch from one channel to another but it also makes disruption. The default DCA interval is 10 minutes, which is matched with the time of the message logs. By increasing the DCA interval, we can reduce the number of times our users are disconnected for changing radio channels.

Answer 114

A

Answer:D

Explanation

Once you know the complete combination of transmitter power level, the length of cable, and the antenna gain, you can figure out the actual power level that will be radiated from the antenna. This is known as the effective isotropic radiated power (EIRP), measured in dBm.
EIRP is a very important parameter because it is regulated by governmental agencies in most countries. In those cases, a system cannot radiate signals higher than a maximum allowable EIRP. To find the EIRP of a system, simply add the transmitter power level to the antenna gain and subtract the cable loss.

EIRP = Tx Power – Tx Cable + Tx Antenna
Suppose a transmitter is configured for a power level of 10 dBm (10 mW). A cable with 5-dB loss connects the transmitter to an antenna with an 8-dBi gain. The resulting EIRP of the system is 10 dBm – 5 dB + 8 dBi, or 13 dBm.
You might notice that the EIRP is made up of decibel-milliwatt (dBm), dB relative to an isotropic antenna (dBi), and decibel (dB) values. Even though the units appear to be different, you can safely combine them because they are all in the dB “domain”.
Reference: CCNA Wireless 640-722 Official Cert Guide

Answer 115

A

Answer:C

Explanation

Output power is measured in mW (milliwatts). A milliwatt is equal to one thousandth (10−3) of a watt.

Answer 116

A

Answer:A B D

Answer 117

A

Answer:A

Explanation

Once you know the complete combination of transmitter power level, the length of cable, and the antenna gain, you can figure out the actual power level that will be radiated from the antenna. This is known as the effective isotropic radiated power (EIRP), measured in dBm.
EIRP is a very important parameter because it is regulated by governmental agencies in most countries. In those cases, a system cannot radiate signals higher than a maximum allowable EIRP. To find the EIRP of a system, simply add the transmitter power level to the antenna gain and subtract the cable loss.

EIRP = Tx Power – Tx Cable + Tx Antenna
Suppose a transmitter is configured for a power level of 10 dBm (10 mW). A cable with 5-dB loss connects the transmitter to an antenna with an 8-dBi gain. The resulting EIRP of the system is 10 dBm – 5 dB + 8 dBi, or 13 dBm.
You might notice that the EIRP is made up of decibel-milliwatt (dBm), dB relative to an isotropic antenna (dBi), and decibel (dB) values. Even though the units appear to be different, you can safely combine them because they are all in the dB “domain”.
Reference: CCNA Wireless 640-722 Official Cert Guide

Answer 118

A

Answer:A B

Explanation

Windows can actually block your WiFi signal. How? Because the signals will be reflected by the glass.
Some new windows have transparent films that can block certain wave types, and this can make it harder for your WiFi signal to pass through.
Tinted glass is another problem for the same reasons. They sometimes contain metallic films that can completely block out your signal. Mirrors, like windows, can reflect your signal. They’re also a source of electromagnetic interference because of their metal backings.
Reference:https://dis-dot-dat.net/what-materials-can-block-a-wifi-signal/
An incandescent light bulb, incandescent lamp or incandescent light globe is an electric light with a wire filament heated until it glows. WiFi operates in the gigahertz microwave band. The FCC has strict regulations on RFI (radio frequency interference) from all sorts of things, including light bulbs -> Incandesent lights do not interfere Wi-Fi networks.
Note:
+ Many baby monitors operate at 900MHz and won’t interfere with Wi-Fi, which uses the 2.4GHz band. + DECT cordless phone 6.0 is designed to eliminate wifi interference by operating on a different frequency. There is essentially no such thing as DECT wifi interference.

Answer 119

A

Answer:C

Explanation
When the primary controller (WLC-1) goes down, the APs automatically get registered with the secondary controller (WLC-2). The APs register back to the primary controller when the primary controller comes back on line.
Reference:https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/69639-wlc-failover.html

Answer 120

A

Answer:D

Explanation

Directional antennas Directional antennas come in many different styles and shapes. An antenna does not offer any added power to the signal; it simply redirects the energy it receives from the transmitter. By redirecting this energy, it has the effect of providing more energy in one direction and less energy in all other directions. As the gain of a directional antenna increases, the angle of radiation usually decreases, providing a greater coverage distance but with a reduced coverage angle. Directional antennas include patch antennas and parabolic dishes. Parabolic dishes have a very narrow RF energy path, and the installer must be accurate in aiming these types of antennas at each other.

Directional patch antenna
Reference:https://www.cisco.com/c/en/us/products/collateral/wireless/aironet-antennas-accessories/product_data_sheet09186a008008883b.html
Omnidirectional antennas
An omnidirectional antenna is designed to provide a 360-degree radiation pattern. This type of antenna is used when coverage in all directions from the antenna is required. The standard 2.14-dBi “rubber duck” is one style of omnidirectional antenna.

Omnidirectional antenna
-> Therefore Omnidirectional antenna is best suited for a high-density wireless network in a lecture hall.

Answer 121

A

Answer:A

Explanation

We will have the answer from this paragraph:
“TLV values for the Option 43 suboption: Type + Length + Value. Type is always the suboption code 0xf1. Length is the number of controller management IP addresses times 4 in hex. Value is the IP address of the controller listed sequentially in hex. For example, suppose there are two controllers with management interface IP addresses, 192.168.10.5 and 192.168.10.20. The type is 0xf1. The length is 2 * 4 = 8 = 0x08. The IP addresses translates to c0a80a05 (192.168.10.5) and c0a80a14 (192.168.10.20). Whenthe string is assembled, it yields f108c0a80a05c0a80a14. The Cisco IOS command that is added to the DHCP scope is option 43 hex f108c0a80a05c0a80a14.”
Reference:https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43-00.html
Therefore in this question the option 43 in hex should be “F104.AC10.3205 (the management IP address of 172.16.50.5 in hex is AC.10.32.05).

Answer 122

A

Answer:D

Explanation

Yet Another Next Generation (YANG) is a language which is only used to describe data models (structure). It is not XML or JSON.

Answer 123

A

Answer:C

Explanation

The AP will attempt to resolve the DNS name CISCO-CAPWAP-CONTROLLER.localdomain. When the AP is able to resolve this name to one or more IP addresses, the AP sends a unicast CAPWAP Discovery Message to the resolved IP address(es). Each WLC that receives the CAPWAP Discovery Request Message replies with a unicast CAPWAP Discovery Response to the AP.
Reference:https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/107606-dns-wlc-config.html

Brainscape's Knowledge GenomeTM

Multi_Hard Flashcards

Brainscape's Knowledge Genome^TM