Part_7

Question 1

Question 2
What is the function of Cisco DNA Center in a Cisco SD-Access deployment?

A. It is responsible for routing decisions inside the fabric

B. It is responsible for the design, management, provisioning, and assurance of the fabric network devices

C. It possesses information about all endpoints, nodes, and external networks related to the fabric

D. It provides integration and automation for all nonfabric nodes and their fabric counterparts

Answer 1

Answer:B

Question 2

Question 6
What are two benefits of YANG? (Choose two)

A. It collects statistical constraint analysis information

B. It enforces the use of specific encoding format for NETCONF

C. In enforces configuration semantics

D. It enables multiple leaf statements to exist within a leaf list

E. It enforces configuration constraints

Answer 2

Answer:B E

Explanation
YANG (Yet Another Next Generation) is a data modeling language for the definition of data sent over network management protocols such as the NETCONF and RESTCONF.

Question 3

Question 10
In Cisco SD-WAN, which protocol is used to measure link quality?

A. OMP

B. BFD

C. RSVP

D. IPsec

Answer 3

Answer:B

Question 4

Question 11
What is used to perform QoS packet classification?

A. the Options field in the Layer 3 header

B. the Type field in the Layer 2 frame

C. the Flags field in the Layer 3 header

D. the ToS field in the Layer 3 header

Answer 4

Explanation

Layer-3 marking is accomplished using the 8-bit Type of Service (ToS) field, part of the IP header. A mark in this field will remain unchanged as it travels from hop-to-hop, unless a Layer-3 device is explicitly configured to overwrite this field. There are two marking methods that use the ToS field:
+ IP Precedence: uses the first three bits of the ToS field.
+ Differentiated Service Code Point (DSCP): uses the first six bits of the ToS field. When using DSCP, the ToS field is often referred to as the Differentiated Services (DS) field.

Question 5

Question 13
Which LISP component is required for a LISP site to communicate with a non-LISP site?

A. ETR

B. ITR

C. Proxy ETR

D. Proxy ITR

Answer 5

Answer:C

Explanation

The proxy egress tunnel router (PETR) allows the communication from the LISP sites to the non-LISP sites. The PETR receives LISP encapsulated traffic from ITR.

Question 6

Question 14
What is a characteristic of a next-generation firewall?

A. only required at the network perimeter

B. required in each layer of the network

C. filters traffic using Layer 3 and Layer 4 information only

D. provides intrusion prevention

Answer 6

Answer:D

Question 7

Question 15
Which technology is used as the basis for the Cisco SD-Access data plane?

A. IPsec

B. LISP

C. VXLAN

D. 802.1Q

Answer 7

Answer:C

Question 8

Question 16
“HTTP/1.1 204 content” is returned when cur -l -x DELETE command is issued. Which situation has occurred?

A. The object could not be located at the URI path

B. The command succeeded in deleting the object

C. The object was located at the URI, but it could not be deleted

D. The URI was invalid

Answer 8

Answer:B

Explanation

The HTTP 204 No Content success status response code indicates that a request has succeeded, but that the client doesn’t need to navigate away from its current page.

Question 9

Question 17
An engineer must provide wireless converge in a square office. The engineer has only one AP and believes that it should be placed it in the middle of the room. Which antenna type should the engineer use?

A. directional

B. polarized

C. Yagi

D. omnidirectional

Answer 9

Answer:D

Explanation

Types of external antennas:
+Omnidirectional: Provide 360-degree coverage. Ideal in houses and office areas
+Directional: Focus the radio signal in a specific direction. Examples are the Yagi and parabolic dish
+Multiple Input Multiple Output(MIMO) – Uses multiple antennas (up to eight) to increase bandwidth
An omnidirectional antenna is designed to provide a 360-degree radiation pattern. This type of antenna is used when coverage in all directions from the antenna is required.

Question 10

Question 18
While configuring an IOS router for HSRP with a virtual IP of 10.1.1.1, an engineer sees this log message:

Jan 1 12:12:14.122: %HSRP-4-DIFFVIP1: GigabitEthernet0/0 Grp 1 active routers virtual IP address 10.1.1.1 is different to the locally configured address 10.1.1.25

Which configuration change must the engineer make?

A. Change the HSRP group configuration on the remote router to 1

B. Change the HSRP virtual address on the local router to 10.1.1.1

C. Change the HSRP virtual address on the remote router to 10.1.1.1

D. Change the HSRP group configuration on the local router to 1

Answer 10

Answer:B

Explanation

The local router was configured with command “standby 1 ip 10.1.1.25” while the peer HSRP router was configured with command “standby 10 ip 10.1.1.1”

Question 11

Question 19
What is a characteristic of YANG?

A. It is a Cisco proprietary language that models NETCONF data
B. It allows model developers to create custom data types
C. It structures data in an object-oriented fashion to promote model reuse
D. It provides loops and conditionals to control now within models

Answer 11

Answer:C

Question 12

Question 20
What is the function of the LISP map resolver?

A. to send traffic to non-LISP sites when connected to a service provider that does not accept nonroutable EIDs as packet sources

B. to connect a site to the LISP-capable part of a core network, publish the EID-to-RLOC mappings for the site and respond to map-request messages

C. to decapsulate map-request messages from ITRs and forward the messages to the MS

D. to advertise routable non-USP traffic from one address family to LISP sites in a different address family

Answer 12

Answer:C

Explanation

Map Resolver(MR): a LISP component which accepts LISP Encapsulated Map Requests, typically from an ITR, quickly determines whether or not the destination IP address is part of the EID namespace

Question 13

Question 21
When is an external antenna used inside a building?

A. only when using 5 GHz

B. only when using 2.4 GHz

C. when it provides the required coverage

D. only when using Mobility Express

Answer 13

Answer:C

Question 14

Question 25
An engineer is troubleshooting the AP join process using DNS. Which FQDN must be resolvable on the network for the access points to successfully register to the WLC?

A. cisco-capwap-controller.domain.com

B. wlchostname.domain.com

C. ap-manager.domain.com

D. primary-wlc.domain.com

Answer 14

Answer:A

Explanation

The lightweight access points support the following controller discovery processes:
…
DNS discovery—The access point can discover controllers through your domain name server (DNS). You must configure your DNS to return controller IP addresses in response to CISCO-CAPWAP-CONTROLLER.localdomain, wherelocaldomainis the access point domain name. When an access point receives an IP address and DNS information from a DHCP server, it contacts the DNS to resolve CISCO-CAPWAP-CONTROLLER.localdomain. When the DNS sends a list of controller IP addresses, the access point sends discovery requests to the controllers.
Reference:https://www.cisco.com/c/en/us/td/docs/wireless/controller/5700/software/release/3e/consolidated/configuration-guide/b_multi_3e_5700_cg/b_multi_3e_5700_cg_chapter_01001011.pdf

Question 15

Question 26
How is Layer 3 roaming accomplished in a unified wireless deployment?

A. An EoIP tunnel is created between the client and the anchor controller to provide seamless connectivity as the client is associated with the new AP

B. The client entry on the original controller is passed to the database on the new controller

C. The new controller assigns an IP address from the new subnet to the client

D. The client database on the original controller is updated the anchor entry, and the new controller database is updated with the foreign entry.

Answer 15

Answer:D

Explanation

An EoIP tunnel is created between the anchor and foreign controller, not between the client and the anchor controller -> Answer A is not correct.
In instances where the client roams between APs that are connected to different WLCs and the WLC WLAN is connected to a different subnet, a Layer 3 roam is performed, and there is an update between the new WLC (foreign WLC) and the old WLC (anchor WLC) mobility databases.

The client begins with a connection to AP B on WLC 1. This creates an ANCHOR entry in the WLC client database (-> Answer D is correct as the client database is marked “ANCHOR”). As the client moves away from AP B and makes an association with AP C, WLC 2 sends a mobility announcement to peers in the mobility group looking for the WLC with the client MAC address. WLC 1 responds to the announcement, handshakes, and ACKs. Next the client database entry for the roaming client is copied to WLC 2, and marked as FOREIGN. Included PMK data (master key data from the RADIUS server) is also copied to WLC 2. This provides fast roam times for WPA2/802.11i clients because there is no need to re-authenticate to the RADIUS server.
After a simple key exchange between the client and AP, the client is added to the WLC 2 database and is similar, except that it is marked as FOREIGN.
Reference:https://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob30dg/TechArch.htmlandhttps://mrncciew.com/2013/03/17/l3-inter-controller-roaming/
In Layer 3 roaming, no IP address refresh needed (although client must be re-authenticated and new security session established) -> Answer C is not correct.
In summary, the “Mobility State” of a client is described below:
+ Before roaming: Mobility State = Local
+ After roaming: Mobility State on Old Database = Anchor; Mobility State on New Database = Foreign
Therefore the client entry on the original controller is not passed to the database totally. The client entry is still on the old controller but it is marked “Anchor” -> Answer B is not correct.

Question 16

Question 27
A network administrator has designed a network with two multilayer switches on the distribution layer, which act as default gateways for the end hosts. Which two technologies allow every end host in a VLAN to use both gateways? (Choose two)

A. HSRP

B. GLBP

C. MHSRP

D. VRRP

E. VSS

Answer 16

Answer:B C

Explanation

We can load share traffic in HSRP by using feature set called as Multiple HSRP wherein for a particular Group first path will be active and second as backup and for other group second path with be active and first the backup.

Question 17

Question 28
Which measurement is used from a post wireless survey to depict the cell edge of the access points?

A. CCI

B. Noise

C. SNR

D. RSSI

Answer 17

Answer:D

Explanation

The following are elements that you should consider when performing a post assessment of the environment.
Analyze and define the cell edge: This requires the use of AirMagnet Survey, although there are simple tools like Omnipeek or Wireshark that can be used to measure wireless traffic as a client roams from one AP to another. According to design best practices that revolve around the Cell Edge Design, a wireless handset should roam before the RSSI reaches -67 dBm. You can analyze signal strength and determine the approximate cell edge by measuring the signal strength in a beacon frame as you move from the center of one cell towards the edge of that cell.
Reference:https://www.cisco.com/c/en/us/td/docs/wireless/technology/vowlan/troubleshooting/vowlan_troubleshoot/8_Site_Survey_RF_Design_Valid.pdf

Question 18

Question 31
What is the function of a fabric border node in a Cisco SD-Access environment?

A. To connect the Cisco SD-Access fabric to another fabric or external Layer 3 networks

B. To collect traffic flow information toward external networks

C. To attach and register clients to the fabric

D. To handle an ordered list of IP addresses and locations for endpoints in the fabric.

Answer 18

Answer:A

Explanation

There are five basic device roles in the fabric overlay:
+ Control plane node: This node contains the settings, protocols, and mapping tables to provide the endpoint-to-location (EID-to-RLOC) mapping system for the fabric overlay.
+Fabric border node: This fabric device (for example, core layer device) connects external Layer 3 networks to the SDA fabric.
+ Fabric edge node: This fabric device (for example, access or distribution layer device) connects wired endpoints to the SDA fabric.
+ Fabric WLAN controller (WLC): This fabric device connects APs and wireless endpoints to the SDA fabric.
+ Intermediate nodes: These are intermediate routers or extended switches that do not provide any sort of SD-Access fabric role other than underlay services.

Question 19

Question 32
How are the different versions of IGMP compatible?

A. IGMPv2 is compatible only with IGMPv1

B. IGMPv2 is compatible only with IGMPv2

C. IGMPv3 is compatible only with IGMPv3

D. IGMPv3 is compatible only with IGMPv1

Answer 19

Answer:A

Explanation
IGMPv3 is backward compatible with previous versions of the IGMP protocol. In order to remain backward compatible with older IGMP
systems, IGMPv3 multicast routers MUST also implement versions 1 and 2 of the protocol.
Reference:https://datatracker.ietf.org/doc/html/rfc3376
IGMPv2 is only compatible with IGMPv1
Note: When saying “compatible”, we only mention about older version, not newer version. For example, we cannot say “IGMPv2 is compatible with IGMPv3” because IGMPv3 is newer. But we can say “IGMPv3 is compatible with IGMPv2”.

Question 20

Question 33
What is one benefit of implementing a VSS architecture?

A. It provides multiple points of management for redundancy and improved support.

B. It provides a single point of management for improved efficiency

C. It uses GLBP to balance traffic between gateways

D. It uses a single database to manage configuration for multiple switches

Answer 20

Answer:B

Explanation

VSS increases operational efficiency by reducing switch management overhead and simplifying the network. It provides a single point of management, IP address, and routing instance.
VSS can be managed with single management point from which you configure and manage the VSS. Neighbors see the VSS as a single Layer 2 switching or Layer 3 routing node, thus reducing the control protocol traffic. VSS provides a single VLAN gateway IP address, removing the need for the first-hop redundancy protocol (HSRP, VRRP, GLBP). Multichannel EtherChannel (MEC) allows you to bundle links to two physical switches in VSS, creating a loop-free redundant topology without the need for STP.
Reference: Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide Book

Question 21

Question 34
Which entity is a Type 1 hypervisor?

A. Oracle VM VirtualBox

B. VMware server

C. Citrix XenServer

D. Microsoft Virtual PC

Answer 21

Answer:C

Explanation

Type 1 hypervisor has direct access to the hardware resources. Therefore they are more efficient than hosted architectures. Some examples of type 1 hypervisor are VMware vSphere/ESXi, Oracle VM Server, KVM and Microsoft Hyper-V. Xen/Citrix XenServer is also a type 1 hypervisor.

Question 22

Question 36
What is a consideration when designing a Cisco SD-Access underlay network?

A. End user subnets and endpoints are part of the underlay network

B. The underlay switches provide endpoint physical connectivity for users

C. Static routing is a requirement

D. It must support IPv4 and IPv6 underlay networks

Answer 22

Answer:B

Explanation

In SD-Access, the underlay switches (edge nodes) support the physical connectivity for users and endpoints. However, end-user subnets and endpoints are not part of the underlay network—they are part of the automated overlay network.
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html

Question 23

Question 37
What is a characteristic of a virtual machine?

A. It relies on hypervisors to allocate computing resources for it

B. It is deployable without a hypervisor to host it

C. It must run the same operating system as its host

D. It must be aware of other virtual machines, in order to allocate physical resources for them

Answer 23

Answer:A

Question 24

Question 38
What is one difference between Saltstack and Ansible?

A. SaltStack uses an API proxy agent to program Cisco boxes on agent mode, whereas Ansible uses a Telnet connection

B. SaltStack uses the Ansible agent on the box, whereas Ansible uses a Telnet server on the box

C. SaltStack is constructed with minion, whereas Ansible is constructed with YAML

D. SaltStack uses SSH to interact with Cisco devices, whereas Ansible uses an event bus

Answer 24

Answer:C

Explanation

– Saltstack uses YAML (Python) same as Ansible.
– Saltstack uses the push model for executing commands via the SSH protocol
– Ansible only uses SSH, not Telnet.
In SaltStack architecture, there is a core component called Salt-minion, which is a system that is being controlled by a Salt master.

Question 25

Question 39
What is the centralized control policy in a Cisco SD-WAN deployment?

A. list of ordered statements that define user access policies

B. list of enabled services for all nodes within the cloud

C. set of rules that governs nodes authentication within the cloud

D. set of statements that defines how routing is performed

Answer 25

Answer:D

Explanation

In Cisco SD-WAN, there are two types of Centralized Control Policies that fulfill different objectives:
+Topology– Topology policies control the route information such as omp, tloc, and service routes that are being redistributed to a list of sites. As the name implies, they are typically used for limiting the number of overlay tunnels between sites and controlling the overlay topology.
+VPN Membership– VPN Membership policies are used to control the distribution of routing information for specific VPNs to a list of sites. A typical use-case is for creating guest networks that have Internet access but site-to-site communication is restricted.
Reference:https://www.networkacademy.io/ccie-enterprise/sdwan/what-is-a-centralized-control-policy

Question 26

Question 45
An engineer configures HSRP group 37. The configuration does not modify the default virtual MAC address. Which virtual MAC address does the group use?

A. 00:00:0c:07:ac:25

B. 00:00:0c:07:ac:37

C. C0:39:83:25:258:5

D. C0.00:00:25:00:00

Answer 26

Answer:A

Explanation

The last two-digit hex value in the MAC address presents the HSRP group number. In this case 37 in decimal is 25 in hexadecimal -> Answer A is correct.

Question 27

Question 46
Which Cisco DNA center application is responsible for group-based access control permissions?

A. Design

B. Provision

C. Assurance

D. Policy

Answer 27

Answer:D

Question 28

Question 49
A client device roams between wireless LAN controllers that are mobility peers. Both controllers have dynamic interface on the same client VLAN. Which type of roam is described?
A. intra-VLAN
B. intra-controller
C. inter-controller
D. inter-subnet

Answer 28

Answer:C

Explanation
Inter Controller-L2 Roaming: Inter-Controller (normally layer 2) roaming occurs when a client roam between two APs registered to two different controllers, where each controller has an interface in the client subnet.

Question 29

Question 51
Which two operational models enable an AP to scan one or more wireless channels for rouge access points and at the same time provide wireless services to clients? (Choose two)

A. Sniffer

B. Rouge detector

C. Local

D. FlexConnect

E. Monitor

Answer 29

Answer:C D

Explanation

An LAP operates in one of six different modes:
+ Local mode (default mode): measures noise floor and interference, and scans for intrusion detection (IDS) events every 180 seconds on unused channels
+ FlexConnect, formerly known as Hybrid Remote Edge AP (H-REAP), mode: allows data traffic to be switched locally and not go back to the controller. The FlexConnect AP can perform standalone client authentication and switch VLAN traffic locally even when it’s disconnected to the WLC (Local Switched). FlexConnect AP can also tunnel (via CAPWAP) both user wireless data and control traffic to a centralized WLC (Central Switched).
+ Monitor mode: does not handle data traffic between clients and the infrastructure. It acts like a sensor for location-based services (LBS), rogue AP detection, and IDS
+ Rogue detector mode: monitor for rogue APs. It does not handle data at all.
+ Sniffer mode: run as a sniffer and captures and forwards all the packets on a particular channel to a remote machine where you can use protocol analysis tool (Wireshark, Airopeek, etc) to review the packets and diagnose issues. Strictly used for troubleshooting purposes.
+ Bridge mode: bridge together the WLAN and the wired infrastructure together.
+ Sensor mode: this is a special mode which is not listed in the books but you need to know. In this mode, the device can actually function much like a WLAN client would associating and identifying client connectivity issues within the network in real time without requiring an IT or technician to be on site.
AlthoughMonitorandRogue detector modecan detect rough APs but they do not handle data so they are not correct.
Rogue Detection
A rogue is essentially any device that shares your spectrum, but is not in your control. This includes rogue Access Points, wireless router, rogue clients, and rogue ad-hoc networks. The Cisco UWN uses a number of methods to detect Wi-Fi-based rogue devices such as off-channel scanning and dedicated monitor mode capabilities. Cisco Spectrum Expert can also be used to identify rogue devices not based on the 802.11 protocol, such as Bluetooth bridges.
Off-Channel Scanning
This operation is performed by Local and Flex-Connect (in connected mode) mode APs and utilizes a time-slicing technique which allows client service and channel scanning with the usage of the same radio.
Reference:https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/112045-handling-rogue-cuwn-00.html

Question 30

Question 54
Which new enhancement was implemented in Wi-Fi 6?

A. Wi-Fi Protected Access 3

B. 4096 Quadrature Amplitude Modulation Mode

C. Uplink and Downlink Orthogonal Frequency Division Multiple Access

D. Channel bonding

Answer 30

Answer:C

Explanation

Wi-Fi 6 brings several crucial wireless enhancements for IT administrators when compared to Wi-Fi 5. The first significant change is using 2.4 GHz. Wi-Fi 5 was limited to only using 5 GHz. While 5 GHz is a ‘cleaner’ band of RF, it doesn’t penetrate walls and 2.4 GHz and requires more battery life. For Wi-Fi driven IoT devices, 2.4 GHz will likely continue to be the band of choice for the foreseeable future.
Another critical difference between the two standards isthe use of Orthogonal Frequency Division Multiple Access (OFDMA)and MU-MIMO. Wi-Fi 5 was limited to downlink only on MU-MIMO,where Wi-Fi 6 includes downlink and uplink. OFDMA, as referenced above, is also only available in Wi-Fi 6.
Reference:https://www.extremenetworks.com/wifi6/what-is-80211ax/

Question 31

Question 55
How is MSDP used to interconnect multiple PIM-SM domains?

A. MSDP depends on BGP or multiprotocol BGP for interdomain operation

B. MSDP allows a rendezvous point to dynamically discover active sources outside of its domain

C. MSDP SA request messages are used to request a list of active sources for a specific group

D. MSDP messages are used to advertise active sources in a domain

Answer 31

Answer:C

Explanation

SA request messages are used to request a list of active sources for a specific group. These messages are sent to an MSDP SA cache that maintains a list of active (S, G) pairs in its SA cache -> Answer C is correct.
SA response messages are sent by the MSDP peer in response to an SA request message. SA response messages contain the IP address of the originating RP and one or more (S, G) pairs of the active sources in the originating RP’s domain that are stored in the cache -> Answer D is not correct as it should be “SA response messages are used to advertise active sources in a domain” (not MSDP messages).
Reference:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/xe-16/imc-pim-xe-16-book/imc-msdp-im-pim-sim.html
In fact, answer A is also correct according to this link:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipmulti_pim/configuration/xe-16/imc-pim-xe-16-book/imc-msdp-im-pim-sim.html
“MSDP depends on BGP or multiprotocol BGP (MBGP) for interdomain operation. We recommended that you run MSDP on RPs sending to global multicast groups.”
But we think answer C is the better choice because it answers the question “How is MSDP used …”.
Note:
After a large PIM-SM network is divided into multiple PIM-SM domains, a mechanism is required to enable user hosts in a PIM-SM domain to receive multicast data from sources in another PIM-SM domain.
Multicast Source Discovery Protocol (MSDP) provides such a mechanism. It interconnects multiple PIM-SM domains to implement inter-domain multicast. RPs in PIM-SM domains set up MSDP peer relationships. By sending Source Active (SA) messages, the MSDP peers send the (S, G) information from the RP to which the source registers to the RPs in another PIM-SM domain.

Reference:https://support.huawei.com/enterprise/en/doc/EDOC1000027471?section=j009
Note: A benefit of using MSDP to interconnect multiple PIM-SM domains is to allow a rendezvous point (RP) to dynamically discover active sources outside of its domain.

Question 32

Question 58
How is 802.11 traffic handled in a fabric-enabled SSID?

A. converted by the AP into 802.3 and encapsulated into a VLAN

B. centrally switched back to WLC where the user traffic is mapped to a VXLAN on the WLC

C. centrally switched back to WLC where the user traffic is mapped to a VLAN on the WLC

D. converted by the AP into 802.3 and encapsulated into VXLAN

Answer 32

Answer:D

Explanation

For a fabric-enabled SSID, the AP converts 802.11 traffic to 802.3 and encapsulates it into VXLAN, encoding the VNI and SGT information of the client.
Reference:https://www.cisco.com/c/dam/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/deploy-guide/cisco-dna-center-sd-access-wl-dg.pdf

Question 33

Question 61
Which congestion queuing method on Cisco IOS based routers uses four static queues?

A. low latency

B. custom

C. weighted fair

D. Priority

Answer 33

Answer:D

Explanation

Priority Queuing(PQ): This type of queuing places traffic into one of four queues. Each queue has a different level of priority, and higher-priority queues must be emptied before packets are emptied from lower-priority queues. This behavior can “starve out” lower- priority traffic.

Question 34

Question 63
Which AP mode allows an engineer to scan configured channels for rogue access points?

A. local

B. sniffer

C. bridge

D. monitor

Answer 34

Answer:D

Question 35

Question 64
Where is radio resource management performed in a Cisco SD-access wireless solution?

A. control plane node

B. DNA Center

C. Cisco CMX

D. wireless controller

Answer 35

Answer:D

Explanation

WLC is still responsible for: AP image/config,RadioResource Management(RRM) and client session management and roaming.
Reference:https://www.ciscolive.com/c/dam/r/ciscolive/latam/docs/2018/pdf/BRKEWN-2020.pdf

Question 36

Question 68
Which device makes the decision for a wireless client to roam?

A. wireless client

B. access point

C. wireless LAN controller

D. WCS location server

Answer 36

Answer:A

Explanation

Roaming is a client side decision in 802.11 WiFi. Client devices listen for beacon frames or send probe requests to discover APs advertising the preferred SSID. The clients driver uses the received signal strength of beacons or probe responses to make decisions on whether to change APs or remain connected to the current AP.

Question 37

Question 70

Which three elements determine Air Time efficiency? (Choose three)

A. evert-driven RRM

B. data rate (modulation density) or QAM

C. channel bandwidth

D. number of spatial streams and spatial reuse

E. RF group leader

F. dynamic channel assignment

Answer 37

Answer:B C D

Explanation
Four things determine Air Time Efficiency
1.Data rate(Modulation density) orQAM -(how many Bit’s per Radio Symbol) 64 QAM is more robust but 1024 QAM is a lot faster
2.Number of spatial streams and spatial reuse(introduction of OFDMA and Resource Units) and UL/DL MU-MIMO
3.Channel bandwidth–How Many frequencies can we modulate at one time
4. Protocol overhead –Preamble/Ack/BA, Guard Interval “GI” etc.
Reference:https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2020/pdf/BRKEWN-3010.pdf

Question 38

Question 71
Which features does Cisco EDR use to provide threat detection and response protection?

A. containment, threat intelligence, and machine learning

B. firewalling and intrusion prevention

C. container-based agents

D. cloud analysis and endpoint firewall controls

Answer 38

Answer:A

Explanation

In addition to continuous file analysis, it is important to note that an EDR is only as
good at detecting files as the cyber threat intelligence that powers it. Cyber threat intelligence leverages large-scale data, machine learning capabilities, and advanced file analysis to help detect threats. The greater the cyber threat intelligence, the more likely it is your EDR solution will identify the threat. Without any cyber threat intelligence, an EDR solution is ineffective.
After detecting a malicious file, an EDR solution must be able to contain the threat. Malicious files aim to infect as many processes, applications, and users as possible. Segmentation can be a great defense within your data center to avoid lateral movement of advanced threats. Segmentation is helpful, but a proper EDR solution can help contain a malicious file before testing the edges of segmented areas of the network. Ransomware is a tremendous example of why you need to contain threats. Ransomware can be tricky to remove. Once it has encrypted information, your EDR needs to be able to fully contain ransomware to mitigate the damages.
Reference:https://www.cisco.com/c/en/us/products/security/endpoint-security/what-is-endpoint-detection-response-edr.html

Question 39

Question 73
Which two threats does AMP4E have the ability to block? (Choose two)

A. DDoS

B. ransomware

C. SQL injection

D. Microsoft Word macro attack

E. email phishing

Answer 39

Answer:B D

Explanation
+ Advanced Malware Protection for Endpoints (AMP4E): provides malware protection on endpoints

Question 40

Question 76
What are two benefits of virtual switching when compared to hardware switching? (Choose two)

A. increased MTU size

B. hardware independence

C. VM-level isolation

D. increased flexibility

E. extended 802.1Q VLAN range

Answer 40

nswer:C D

Explanation

Virtual switches have benefits as well as virtual machines attached to them. They boost security by leveraging isolation, control and content inspection methods between virtual machines, which helps deter inter-switch link attacks. Moreover, with virtual switches, network administrators can control them with a hypervisor. Additionally, virtual switches can help with the migration of virtual machines across physical hosts by eliminating the need to reconfigure each virtual machine. They can also enhance operational efficiency, improve communications and scale system bandwidth capacity.
Reference:https://www.rcrwireless.com/20180328/fundamentals/physical-switches-vs-virtual-switches

Question 41

uestion 77
What are two characteristics of VXLAN? (Choose two)

A. It uses VTEPs to encapsulate and decapsulate frames.

B. It has a 12-bit network identifier

C. It extends Layer 2 and Layer 3 overlay networks over a Layer 2 underlay.

D. It lacks support for host mobility

E. It allows for up to 16 million VXLAN segments

Answer 41

Answer:A E

Explanation

VXLAN has a 24-bit VXLAN network identifier (VNI), which allows for up to 16 million (= 224) VXLAN segments to coexist within the same infrastructure. This surely solve the small number of traditional VLANs -> The first problem of VLAN has been resolved.
VTEPs connect between Overlay and Underlay network and they are responsible for encapsulating frame into VXLAN packets to send across IP network (Underlay) then decapsulating when the packets leaves the VXLAN tunnel.

VXLAN is a virtualoverlay networkwhich runs on the top of a physicalunderlay network. The underlay network may use any Layer 3 routing protocol like OSPF, EIGRP, IS-IS… to route packets so no Spanning Tree Protocol is required -> One of the major benefits of VXLAN technology is that it allows creating virtual Layer 2 segments over Layer 3 routed networks. Therefore answer C is not correct because “It extends Layer 2 and Layer 3 overlay networks over a Layer 3 underlay” (not Layer 2 underlay).

Question 42

Question 81
What is the function of a VTEP in VXLAN?

A. provide the routing underlay and overlay for VXLAN headers

B. dynamically discover the location of end hosts in a VXLAN fabric

C. encapsulate and de-encapsulate traffic into and out of the VXLAN fabric

D. statically point to end host locations of the VXLAN fabric

Answer 42

Answer:C

Question 43

Question 82
If the noise floor is -90 dBm and the wireless client is receiving a signal of -75 dBm, what is the SNR?

A. -165

B. 83

C. 15

D. 1.2

Answer 43

Answer:C

Explanation

If your SNR measurements are already in decibel form, then you can subtract the noise quantity from the desired signal: SNR = S – N. This is because when you subtract logarithms, it is the equivalent of dividing normal numbers. Also, the difference in the numbers equals the SNR. In this question, SNR = -75 – (-90) = 15.

Question 44

Question 84
How does an on-premises infrastructure compare to a cloud infrastructure?

A. On-premises can increase compute power faster than cloud

B. On-premises offers faster deployment than cloud

C. On-premises offers lower latency for physically adjacent systems than cloud

D. On-premises requires less power and cooling resources than cloud

Answer 44

Answer:C

Question 45

Question 85
Which design principle states that a user has no access by default to any resource, and unless a resource is explicitly granted, it should be denied?

A. complete mediation

B. least privilege

C. economy of mechanism

D. fail-safe defaults

Answer 45

Answer:D

Explanation

The Principle of Fail-Safe Defaults states that, unless a subject is given explicit access to an object, it should be denied access to that object.
Note: By the principle of least privilege, that administrator should only be able to access the subjects and objects involved in mail queueing and delivery. As we saw, this minimizes the threats if that administrator’s account is compromised. The mail system can be damaged or destroyed, but nothing else can be.
Reference:https://us-cert.cisa.gov/bsi/articles/knowledge/principles/failing-securely

Question 46

Question 89
A network administrator applies the following configuration to an IOS device. What is the process of password checks when a login attempt is made to the device?

aaa new-model
aaa authentication login default local group tacacs+

A. A TACACS+server is checked first. If that check fail, a database is checked.

B. A TACACS+server is checked first. If that check fail, a RADIUS server is checked. If that check fail, a local database is checked.

C. A local database is checked first. If that fails, a TACACS+server is checked, if that check fails, a RADIUS server is checked.

D. A local database is checked first. If that check fails, a TACACS+server is checked.

Answer 46

Answer:D

Explanation

“aaa authentication login” specifies that you want to use authentication. You need to give the authentication parameters a list name, eitherdefaultor some other name you define:
aaa authentication login {default | list-name} group {group-name | radius | tacacs+} [method 2…3…4]
+ The ‘default’ means we want to apply for all login connections (such as tty, vty, console and aux). If we use this keyword, we don’t need to configure anything else under tty, vty and aux lines. If we don’t use this keyword then we have to specify which line(s) we want to apply the authentication feature.
+ The ‘localgroup tacacs+” means all users are authenticated using router’s local database first and then if required, TACACS server is tried.
Good reference:https://www.cisco.com/c/en/us/support/docs/security-vpn/terminal-access-controller-access-control-system-tacacs-/200606-aaa-authentication-login-default-local.html

Question 47

Question 93
What is the function of vBond in a Cisco SDWAN deployment?

A. onboarding of SDWAN routers into the SD-WAN overlay

B. pushing of configuration toward SD-WAN routers

C. initiating connections with SD-WAN routers automatically

D. gathering telemetry data from SD-WAN routers

Answer 47

Answer:A

Explanation

Orchestration plane (vBond)assists in securely onboarding the SD-WAN WAN Edge routers into the SD-WAN overlay. The vBond controller, or orchestrator, authenticates and authorizes the SD-WAN components onto the network. The vBond orchestrator takes an added responsibility to distribute the list of vSmart and vManage controller information to the WAN Edge routers. vBond is the only device in SD-WAN that requires a public IP address as it is the first point of contact and authentication for all SD-WAN components to join the SD-WAN fabric. All other components need to know the vBond IP or DNS information.

Question 48

Question 94

What is the difference in dBm when an AP power increases from 25 mW to 100mW?

A. 75dBm

B. 150dBm

C. 6dBm

D. 125dBm

Answer 48

Answer:C

Explanation

Formula to convert from mW to dBm:
P(dBm) = 10log10(mW)
Therefore:
+ 25mW converts to dBm: 10log10(25)= 13.98dBm
+ 100mW converts to dBm: 10log10(100) = 20dBm
The difference between them is about 6dBm.
Or a shorter way from the formula:
logAB – logAC = logA(B/C)
Then 10log10(100) – 10log10(25) = 10log10(100/25) = 10log10(4) = 6.02

Question 49

Question 95
Which free application make REST call against DNA center?

A. Postman

B. Ansible

C. Chef

D. Puppet

Answer 49

Answer:A

Question 50

Question 96
A network engineer must configure a router to send logging messages to a syslog server based on these requirements:

uses syslog IP address: 10.10.10.1
uses a reliable protocol
must not use any well-known TCP/UDP ports

Which configuration must be used?

A. logging host 10.10.10.1 transport udp port 1024

B. logging origin-id 10.10.10.1

C. logging host 10.10.10.1 transport udp port 1023

D. logging host 10.10.10.1 transport tcp port 1024

Answer 50

Answer:D

Question 51

Question 99
Refer to the exhibit. Which command is required to verify NETCONF capability reply messages?

A. show netconf | section rpc-reply

B. show netconf rpc-reply

C. show netconf xml rpc-reply

D. show netconf schema | section rpc-reply

Answer 51

Answer:D

Explanation

The output of theshow netconf schemacommand displays the element structure for a NETCONF request and the resulting reply. This schema can be used to construct proper NETCONF requests and parse the resulting replies.