SD WAN

Question 1

Legacy networks run on expensive hardware such as routers and switches, which require time-consuming configuration and maintenance. In addition, these networks require expensive transport connections or carrier circuits to secure and segment the network. These carrier circuits might also not offer the bandwidth that is now required by users and modern applications hosted in private or public data centers.

Answer 1

Cost

Question 2

Legacy networks operate on the old model of a distributed control plane, which means that every node in the network must be configured with routing and security rules. Remote site management, change control, and network maintenance represent major logistical challenges.

Answer 2

Complexity

Question 3

Legacy networks that run on dedicated carrier circuits depend on the carrier to install new circuits, which can take several months. This process can dramatically delay the launch of new branch locations.

Answer 3

Lengthy installation times

Question 4

Legacy networks that run on carrier circuits sacrifice control to the ISP, from network design to configuration to monitoring. Requesting changes from the ISP also requires extra time and is prone to communication errors.

Answer 4

Control

Question 5

Legacy networks typically backhaul all branch traffic to the main data center for inspection and filtering. However, with advancements in cloud technologies, and wider adoption of cloud-delivered services, traffic flows have changed, with more traffic now being destined to the internet. This means that backhauling all traffic through a centralized security stack is no longer efficient. Backhauling traffic in this way increases latency and can decrease the user’s overall quality of experience.

Answer 5

Security

Question 6

Legacy networks require complex end-to-end quality of service (QoS) configurations to ensure business-critical applications are prioritized. Manually updating or modifying these configurations is a lengthy process that can be error-prone.

Answer 6

Application Awareness

Question 7

Every router at the edge of a network has two sides for routing

Answer 7

WAN and LAN

Question 8

One to the transport network

Answer 8

WAN

Question 9

Service side of the network

Answer 9

LAN

Question 10

The Cisco SD-WAN network fabric, also called an ______ network, forms a software overlay that runs over standard network transport services, including the public Internet, MPLS, 5G/LTE, and satellite.

Answer 10

Overlay

Question 11

______ and ______ advertisements to establish and maintain the flow of traffic throughout the network.

Answer 11

Routing, Routing

Question 12

______ segmentation using virtual routing and forwarding (VRF), to isolate various flows of traffic

Answer 12

Layer 3

Question 13

______ to ______concepts for setting up and maintaining bidirectional connections between pairs of protocol entities.

Answer 13

Peer, Peer

Question 14

On-premises and cloud security options, as well as ______ plane and _______ plane authentication and encryption.

Answer 14

Data, Control

Question 15

_______ for routing and data traffic.

Answer 15

Policies

Question 16

______ connectivity options supporting a range of transports.

Answer 16

Flexible

Question 17

Simplified management via a single pane of ______ platform.

Answer 17

Glass

Question 18

Cisco SD-WAN network separates the data plane from the control plane and _______ much of the routing that used to require dedicated hardware.

Answer 18

Virtualizes

Question 19

Centralized controllers, called ______ controllers, oversee the control plane of the Cisco SD-WAN fabric, efficiently managing provisioning, maintenance, and security for the entire Cisco SD-WAN overlay network.

Answer 19

vSmart

Question 20

______ orchestrator, automatically authenticates all other Cisco SD-WAN devices when they join the Cisco SD-WAN overlay network.

Answer 20

vBond

Question 21

The ______ plane manages the rules for routing traffic through the overlay network, and the data plane passes the actual data packets among the WAN Edge devices.

Answer 21

Control

Question 22

Cisco _______ provides a simple, yet powerful, set of graphical dashboards for monitoring network performance on all devices in the overlay network, from a centralized monitoring station.

Answer 22

vManage

Question 23

The ______ network carries packets from one WAN Edge device to another.

Answer 23

Transport

Question 24

The ______ protocol is enabled by default and runs over each of these tunnels, detecting loss, latency, jitter, and path failures.

Answer 24

Bidirectional Forwarding Detection (BFD)

Question 24

The WAN Edge routers securely communicate to other WAN Edge routers using ______ tunnels over each transport.

Answer 24

IPsec

Question 24

_______ runs between vSmart controllers and between vSmart controllers and WAN Edge routers where control plane information, such as route prefixes, next-hop routes, crypto keys, and policy information, is exchanged over a secure DTLS or TLS connection.

Answer 24

Overlay Management Protocol (OMP)

Question 25

______ is the transport VPN.

Answer 25

VPN 0

Question 26

______ is the management VPN.

Answer 26

VPN 512

Question 27

_______ contains the interfaces that connect to the WAN transports.

Answer 27

VPN 0

Question 28

_______ carries the out-of-band management traffic to and from the Cisco SD-WAN devices.

Answer 28

VPN 512

Question 29

Secure sessions with the controller are set up automatically, using ______ and certificate infrastructure.

Answer 29

RSA

Question 30

The _______ centrally influences access control; that is, it determines which prefixes are allowed to talk to each other inside a VPN.

Answer 30

Controller

Question 31

The _______ optimizes user experience by influencing transport link choice based on _______ or other attributes

Answer 31

Controller, service-level agreement (SLA)

Question 31

The ______ can centralize services such as firewalls, identity provider (IdPs), and intrusion detection systems (IDSs).

Answer 31

Network

Question 32

_______ facilitates the mutual discovery of the control and management elements of the fabric by using a zero-trust certificate-based allowed list model.

Answer 32

Cisco vBond orchestrator

Question 33

For situations in which Cisco vSmart controllers, the Cisco vManage system, or the WAN Edge routers themselves are behind the ______, the Cisco vBond orchestrator facilitates the function of ______ traversal, by allowing the learning of public (post-___) and private (pre-___) IP addresses.

Answer 33

Network Address Translator (NAT)

Question 34

Cisco vSmart controllers facilitate fabric discovery by running ___ among themselves, and between themselves and the WAN Edge routers.

Answer 34

OMP

Question 35

Cisco vSmart controllers facilitate fabric discovery by running ______ among themselves, and between themselves and the WAN Edge routers.

Answer 35

Overlay Management Protocol

Question 36

Control _______ acting on the control plane information are locally enforced on the Cisco vSmart controllers.

Answer 36

Policies

Question 37

The use of a centralized control plane dramatically reduces the control plane load traditionally associated with building large-scale IPsec networks, solving the _______complexity problem.

Answer 37

n^2

Question 38

When delivered as a cloud service, Cisco vSmart controllers are ______ hosted in the Cisco cloud.

Answer 38

Redundantly

Question 39

Cisco vManage provides the single pane of _______ for day-0, day-1, and day-2 operations.

Answer 39

Glass

Question 40

The Cisco vManage GUI allows segregated administrative access by implementing ______ for proper roles and responsibilities.

Answer 40

Role-based access control (RBAC)

Question 41

Performance statistics can be exported into external systems or to Cisco ______ tool for further processing and closer examination.

Answer 41

vAnalytics

Question 42

______ is a TCP-based, highly scalable control plane protocol that unifies all control plane functions under the single protocol umbrella.

Answer 42

Overlay Management Protocol

Question 43

OMP operates inside bidirectionally certificate-authenticated _____ or Datagram Transport Layer Security (DTLS) connections established among the Cisco vSmart controllers and between the Cisco vSmart controllers and the WAN Edge routers.

Answer 43

Transport Layer Security (TLS)

Question 44

By using the concepts of ______ families and route attributes, OMP advertises all pertinent control plane information between the WAN Edge routers to establish direct IPsec communication between the WAN Edge routers without relying on Internet Key Exchange (IKE) protocol.

Answer 44

Address

Question 45

The use of OMP and Cisco vSmart controllers creates a ________ control plane in which WAN Edge routers establish control plane connectivity only to a handful of Cisco vSmart controllers and not to every other WAN Edge router in the topology.

Answer 45

linear-complexity

Question 46

Data plane and application-aware routing policies are implemented on the ______ routers.

Answer 46

Wan Edge

Question 47

WAN Edge routers export performance statistics, and alerts and events to a centralized Cisco ______ system for a single point of management.

Answer 47

vManage

Question 48

WAN Edge routers use OSPF, EIGRP and BGP routing protocols for learning ______ information from service (LAN)–side interfaces and for pre-existing network integration with non-SD-WAN sites.

Answer 48

Reachability

Question 49

For _______ redundant service (LAN)–side interfaces, WAN Edge routers implement Virtual Router Redundancy Protocol (VRRP) first-hop redundancy protocol, which can operate on a per-VLAN basis.

Answer 49

Layer 2

Question 50

_______ deployment relies on the use of signed certificates installed in the onboard Trusted Platform Module (TPM) to establish a unique router identity

Answer 50

Zero-touch

Question 51

The ______ l form factor can be deployed in public clouds, such as AWS and Microsoft Azure, or as an Cisco Enterprise Network Virtualization (Enterprise NFV) on the vCPE/uCPE platforms using Kernel-based virtual machine (KVM) or ESXi hypervisors.

Answer 51

Virtual

Question 52

The Cisco vEdge Cloud is a ______ version of the WAN Edge router, inheriting all the capabilities offered on the Cisco physical branch routers

Answer 52

virtualized

Question 53

The Cisco vEdge Cloud can be used as a virtual network function (VNF) for a virtual customer-premises equipment (vCPE) _______ at the branch.

Answer 53

deployment

Question 54

The controllers can be deployed ______ or in a hosted environment

Answer 54

on-premises

Question 55

The centralized Cisco ______ controllers oversee the control plane of the Cisco SD-WAN fabric…

Answer 55

vSmart

Question 56

_______ orchestrator automatically authenticates all other Cisco SD-WAN devices in the overlay network.

Answer 56

vBond

Question 57

_______ is a centralized network management system for all overlay network components.

Answer 57

vMnanage

Question 58

The ______ pane, which runs across the top of the Monitor Overview screen, displays the number of Cisco vBond, Cisco vSmart, and Cisco vManage controllers.

Answer 58

Device

Question 58

_______ displays the number of WAN Edges in the overlay network.

Answer 58

Device

Question 59

______ pane displays the total number of reboots in the last 24 hours for all devices in the network, including soft and cold reboots and reboots that occurred as a result of power-cycling a device.

Answer 59

Reboot

Question 60

_______ tab to list all the system IP and hostname of the device on which the _______ occurred, the ______ index, and the core time and filename.

Answer 60

Crash

Question 61

______displays the hostname and system IP of the device on which the ______ is installed, the ______ serial number, and its expiration date and status.

Answer 61

Certificate

Question 62

The WAN Edge ______ pane indicates whether WAN Edge devices are connected to the required number of Cisco vSmart controllers.

Answer 62

Health

Question 63

When a site has multiple WAN Edge routers, ______ pane displays the state for the entire site, not for individual devices

Answer 63

BFD Connectivity

Question 64

Monitor > Devices > Device 360 screen or the Tools > ______ l screen.

Answer 64

SSH Terminal

Question 65

The WAN Edge ______ pane provides four counts.

Answer 65

Inventory

Question 66

Total number of WAN Edge routers whose authorized serial number has been uploaded on the Cisco vManage server.

Answer 66

Configuration > Devices

Question 67

Total number of authorized WAN Edge routers in the overlay network.

Answer 67

Configuration > Certificates > WAN Edge List

Question 68

These routers are marked as Valid and are now operational in the network.

Answer 68

Deployed

Question 69

You can configure these routers at a staging site before shipping them to the actual branch and making them a part of the overlay network.

Answer 69

Staging

Question 70

The _______ Health pane displays the aggregated average loss, latency, and jitter for all links and all combinations of colors (for example, all LTE-to-LTE links and all LTE-to-3G links).

Answer 70

Transport

Question 71

_______ pane shows the 10 tunnels with the greatest average loss over the last 24 hours.

Answer 71

Application-Aware Routing

Question 72

In the WAN Edge list, click on the More options icon to access ______ device information

Answer 72

Real Time

Question 73

Use the _______ Terminal screen to establish an ______ session to a Cisco SD-WAN device.

Answer 73

SSH

Question 74

These are routers marked as Valid in the Configuration > Certificates > ______ page

Answer 74

WAN Edge List

Question 75

The Monitor > Devices > ______ window for the vSmart controller is displayed and shows the vSmart Control Connections by default.

Answer 75

Device 360

Question 76

From the left side menu select ________ to view interface statistics.

Answer 76

Interface

Question 77

By default, the Device Options search field displays System Information, which includes the device’s hostname, site ID, and other information.

Answer 77

Real Time

Question 78

In the Device Options search field, select ______.

Answer 78

Interface Detail

Question 79

Select ________ in the Select Filter popup window.

Answer 79

Do Not Filter

Question 80

Click on ______ in the top-left corner of the page to return to the main Monitor > Overview dashboard.

Answer 80

Cisco SD-WAN

Question 81

At the vSmart command prompt, issue the ______ command.

Answer 81

Show System Status

Question 82

The output of the ______ command displays interface configuration and statistics.

Answer 82

Show Interface

Question 83

At the Monitor > Devices dashboard, click on the ______ Hostname to open the Monitor > Devices > Device 360 dashboard.

Answer 83

DC-Edge2

Question 84

The Monitor > Device > Device 360 > _______ window for the vBond is displayed by default.

Answer 84

Control Connections

Question 85

From the menu on the left, choose Troubleshooting. The Connectivity and Traffic panes will be displayed. Click _______ to choose that connectivity tool.

Answer 85

Ping

Question 86

Destination IP Address: _______

Answer 86

172.16.0.101

Question 87

VPN: ______

Answer 87

VPN–0

Question 88

Source/Interface for VPN - 0: _______

Answer 88

ge0/0 – ipv4–192.168.66.3

Question 89

Click Advanced Options. Enter ___ for the Count

Answer 89

10

Question 90

To provide the highest level of security, only authenticated and authorized devices are allowed access to and participation in the _______ overlay network

Answer 90

Cisco SD-WAN

Question 91

The ______ controller performs automatic authentication on all WAN Edge routers before they can send any data traffic over the network.

Answer 91

vBond

Question 92

For vBond orchestrators and vSmart controllers, a network administrator must download the necessary authentication-related files from Cisco _______, and then these devices automatically receive their configurations from Cisco _______.

Answer 92

vManage

Question 93

For WAN Edge hardware routers, after they boot up, they are authenticated on the network and receive their configurations automatically from the Cisco vManage through a process called _______ or Cisco Plug-n-Play (PnP).

Answer 93

Zero-touch provisioning (ZTP

Question 94

Plug-n-Play automatic process is led by the vBond _______

Answer 94

Orchestrator

Question 95

The automatic validation and authentication of Cisco SD-WAN devices during the bring-up process occur only if the vSmart controllers and the vBond orchestrators know the serial and ______ numbers of the devices that are permitted in the network.

Answer 95

Chassis

Question 96

To initiate a session between the vSmart controller and the vBond orchestrator, the vSmart controller initiates an encrypted Datagram _____ connection to the vBond orchestrator.

Answer 96

Transport Layer Security (DTLS)

Question 97

After the bidirectional authentication is complete between the two devices, the DTLS connection between the vBond orchestrator and the vSmart controller transitions from being a temporary connection to being a ______ connection.

Answer 97

permanent

Question 98

Each device automatically generates an ______ private key–public key pair when it boots.

Answer 98

RSA

Question 99

After all the vSmart controllers have registered themselves with the vBond orchestrator, the vBond orchestrator and the vSmart controllers are ready to validate and authenticate the WAN Edge ________ in the Cisco network.

Answer 99

Routers

Question 100

If the authentication handshaking succeeds, a permanent ______ communication channel is established between the vSmart and vBond devices.

Answer 100

DTLS

Question 101

The vBond orchestrator sends its trusted root CA signed certificate to the vSmart ______.

Answer 101

Controller

Question 102

The vBond orchestrator sends the WAN Edge authorized _______ number file to the vSmart controller

Answer 102

Serial

Question 103

The vSmart controller uses its chain of trust to _______ the organization name from the certificate and compares it to the organization name that is configured on the vSmart controller.

Answer 103

Extract

Question 104

The vSmart controller uses the root CA chain to verify that the certificate has indeed been signed by the root CA (either _______ or the enterprise CA).

Answer 104

DigiCert

Question 105

In the other direction, The _______ controller sends its trusted root CA signed certificate to the vBond orchestrator.

Answer 105

vSmart

Question 106

In the other direction, the ______ orchestrator uses its chain of trust to extract the vSmart controller’s serial number from the certificate.

Answer 106

vBond

Question 107

In the other direction, the vBond orchestrator uses its _______ of trust to extract the organization name from the certificate and compares it to the organization name that is configured on the vBond orchestrator.

Answer 107

Chain

Question 108

In the other direction, the vBond ______ uses the root CA chain to verify that the certificate has indeed been signed by the root CA (either DigiCert or the enterprise CA)

Answer 108

Orchestrator

Question 109

In vSmart to vSmart, vSmart1 ______ an encrypted DTLS connection to vSmart2 and sends its trusted root CA signed certificate to vSmart2.

Answer 109

Initiates

Question 110

In vSmart to vSmart, vSmart2 uses its chain of _______ to extract vSmart1’s serial number.

Answer 110

Trust

Question 111

This category includes all physical Cisco platforms except for the ASR1002-X, ENCS, and CSR1000v

Answer 111

Cisco IOS XE WAN Edge Router

Question 112

This category includes the vEdge 2000 and vEdge 5000 routers.

Answer 112

Physical Viptela vEdge Router

Question 113

Physical Viptela vEdge Router

Answer 113

Physical Viptela vEdge Router

Question 114

For Cisco IOS XE WAN Edge routers, each router is uniquely identified by the ______ and certificate serial number (SUDI certificate).

Answer 114

Chassis ID

Question 115

For physical Viptela OS vEdge routers, the certificate is stored in an on-board ______, which is installed during manufacturing.

Answer 115

Trusted Platform Module (TPM)

Question 116

For virtual WAN Edge Routers, an ______ is first generated by Cisco vManage for each device listed in the uploaded WAN Edge list.

Answer 116

OTP/token

Question 117

Deploy WAN Edge Router, establish a secure connection with the ______ so that it can receive its full configuration

Answer 117

Cisco vManage

Question 118

Deploy WAN Edge Router, establish a secure connection with the ______ so that it can begin participating in the Cisco overlay network

Answer 118

vSmart controller

Question 119

WAN Edge router authenticates the vBond orchestrator, The vBond orchestrator sends its trusted root _______ signed certificate to the WAN Edge router.​

Answer 119

CA

Question 120

WAN Edge router authenticates the vBond orchestrator, the vBond orchestrator sends its trusted root CA signed certificate to the _______.​

Answer 120

WAN Edge Router

Question 121

WAN Edge router authenticates the vBond orchestrator, the _______ uses its chain of trust to extract the organization name from the certificate and compares it to the organization name that is configured on the router itself.

Answer 121

WAN Edge router

Question 122

WAN Edge router authenticates the vBond orchestrator, the WAN Edge router uses the root CA chain to verify that the certificate has indeed been signed by the root CA (either DigiCert or the ______).

Answer 122

Enterprise CA

Question 123

In the opposite direction, the vBond orchestrator sends a ______ to the WAN Edge router.

Answer 123

Challenge

Question 124

What are the four challenges?

Answer 124

Chassis, Serial, Board ID, and 256-Bit

Question 125

The ______ compares the serial and chassis numbers to the list in its WAN Edge authorized device list file.

Answer 125

vBond orchestrator

Question 126

Check _______ of the 256-bit random value is proper by using the WAN Edge router’s public key.

Answer 126

Signing

Question 127

The ________ uses the root CA chain from the WAN Edge routers board ID certificate to verify that the board ID certificate is itself valid.

Answer 127

vBond Orchestrator

Question 128

Between WAN Edge and vBond, certificates are exchanged and _______ authentication occurs between vBond and WAN Edge over the encrypted tunnel

Answer 128

Mutual

Question 129

Between WAN Edge and vBond, vBond validates WAN Edge router serial number and chassis ID against authorized WAN Edge allowed ______.

Answer 129

List

Question 130

Between WAN Edge and vBond, WAN Edge router validates _______ certificate organization name against locally configured one.

Answer 130

vBond

Question 131

Between WAN Edge and vBond, vBond returns a ______ of vSmart and Cisco vManage controllers to WAN Edge.

Answer 131

List

Question 132

Between WAN Edge and vBond, notifies _______ and Cisco vManage of WAN Edge router public IP address.

Answer 132

vSmart

Question 133

Between WAN Edge and vManage, certificates are exchanged and mutual authentication occurs between _______, Cisco vManage, and WAN Edge.

Answer 133

vSmart

Question 134

Between WAN Edge and vManage, vSmart and Cisco vManage validate WAN Edge router______ number and chassis ID against the authorized WAN Edge allowed list.

Answer 134

Serial

Question 135

Between WAN Edge and vManage, WAN Edge router validates vSmart and Cisco vManage certificate ________ name against locally configured one.

Answer 135

Organization

Question 136

Between WAN Edge and vManage, permanent DTLS/TLS _______ between vSmart, Cisco vManage, and WAN Edge is established.

Answer 136

Tunnel

Question 137

WAN Edge Router authenticates vManage, the Cisco vManage sends its trusted root ______ signed certificate to the WAN Edge router.

Answer 137

CA

Question 138

WAN Edge Router authenticates vManage, the WAN Edge router uses its ______ to extract the organization name from the certificate and compares it to the organization name that is configured on the router itself.

Answer 138

Chain of Trust

Question 139

WAN Edge Router authenticates vManage, the WAN Edge router uses the root ______ chain to verify that the certificate has indeed been signed by the root CA (either DigiCert or the enterprise CA).

Answer 139

CA

Question 140

WAN Edge Router authenticates vManage, the Cisco vManage compares the serial and chassis numbers to the list in its _______ authorized device list file.

Answer 140

WAN Edge

Question 141

The vSmart controller sends a ______ challenge to the WAN Edge router.

Answer 141

256 Bit

Question 142

When multiple SD-WAN devices are installed behind a single NAT device, you can configure different port numbers for each device so that the NAT can properly identify each individual device.

Answer 142

Port Offset

Question 143

Configuring a port offset from the base port ______.

Answer 143

12346

Question 144

In the context of a Cisco SD-WAN overlay network, ________ is the process by which devices try different ports when attempting to establish connections with each other, if a connection attempt on the first port fails.

Answer 144

Port Hopping

Question 145

In port hopping, how many hops?

Answer 145

5

Question 146

Does vSmart and vManage need port hopping?

Answer 146

No.

Question 147

vBond orchestrators always connect to other Cisco SD-WAN devices using port ___.

Answer 147

12346

Question 148

For WAN Edge routers configured to use TLS tunnels, which use TCP, the routers select a random TCP port, so you must configure proper _____ entries for the Cisco vManage and vSmart controllers to be able to communicate with WAN Edge routers.

Answer 148

NAT

Question 149

For WAN Edge routers configured to use DTLS tunnels, which use UDP, at a minimum you must open the _____ base ports that are used by a WAN Edge router with a default port offset of 0.

Answer 149

5

Question 150

The _____ controller, which is the centralized brain of the Cisco SD-WAN solution, establishes and maintains DTLS or TLS connections to all Cisco SD-WAN devices in the overlay network

Answer 150

vSmart

Question 151

Cisco SD-WAN provides an automatic provisioning software as a service (SaaS) called ______, which allows hardware WAN Edge routers to join the overlay network automatically.

Answer 151

ZTP

Question 152

ZTP step, the hardware WAN Edge router powers up.

Answer 152

Step 1

Question 153

ZTP step, the router contacts a DHCP server and receives its IP address from the server.

Answer 153

Step 2

Question 153

ZTP step, the router contacts a DNS server to resolve the hostname ztp.viptela.com and receives the IP address of the Cisco ZTP server. A similar process occurs with an IOS XE SD-WAN device with Cisco plug-and-play, except that the address resolved is devicehelper.cisco.com.

Answer 153

Step 3

Question 154

ZTP step, the router contacts a DNS server to resolve the hostname ztp.viptela.com and receives the IP address of the Cisco ZTP server. A similar process occurs with an IOS XE SD-WAN device with Cisco plug-and-play, except that the address resolved is devicehelper.cisco.com.

Answer 154

Step 4

Question 155

ZTP step, the router establishes a transient connection to the vBond orchestrator and sends its chassis ID and serial number. (At this point in the ZTP process, the router does not have a system IP address, so the connection is established with a null system IP address.)

Answer 155

Step 5

Question 156

ZTP step, the router establishes a connection to Cisco vManage and is verified by it. Cisco vManage sends the router its system IP address.

Answer 156

Step 6

Question 157

The router re-establishes a connection to the vBond orchestrator, using its system IP address.

Answer 157

Step 7

Question 158

The router re-establishes a connection to Cisco vManage using its system IP address.

Answer 158

Step 8

Question 159

After the reboot, the router re-establishes a connection to the vBond orchestrator, which again verifies the router

Answer 159

Step 9

Question 160

The router establishes a connection to Cisco vManage, which pushes the full configuration to the router.

Answer 160

Step 10

Question 161

The router joins the organization’s overlay network.

Answer 161

Step 11

Question 162

1. Catalyst8000v# config-______

Answer 162

Transaction

Question 163

2. Catalyst8000v(config)# hostname ______

Answer 163

Branch1

Question 164

3. Catalyst8000v(config)# _______

Answer 164

System

Question 165

4. Catalyst8000v(config-system)# system-______ 172.27.0.12

Answer 165

IP

Question 166

5. Catalyst8000v(config-system)# _____-id 20

Answer 166

Site

Question 167

6. Catalyst8000v(config-system)# organization-_____ “Cisco-LearningAtCisco - 20998”

Answer 167

Name

Question 168

7. Catalyst8000v(config-system)# ______10.2.6.2

Answer 168

vBond

Question 169

8. Catalyst8000v(config-system)# ______

Answer 169

Commit

Question 170

1. Branch1(config)# ______ GigabitEthernet 1

Answer 170

Interface

Question 171

2. Branch1(config-int)# ______10.2.8.2/24

Answer 171

IP Address

Question 172

3. Branch1(config-int)# no _______

Answer 172

Shutdown

Question 173

4. Branch1(config-int)# ______

Answer 173

Exit

Question 174

6. Branch1(config)# _______ Tunnel1

Answer 174

Interface

Question 175

7. Branch1(config-int)# ip ______ GigabitEthernet 1

Answer 175

Umnumbered

Question 176

8. Branch1(config-int)# tunnel ______ GigabitEthernet 1

Answer 176

Source

Question 177

9. Branch1(config-int)# tunnel ______ sdwan

Answer 177

Mode

Question 178

10 Branch1(config-int)# no ______

Answer 178

Shut

Question 179

11. Branch1(config-int)# ______

Answer 179

Exit

Question 180

12. Branch1(config)# ______

Answer 180

sdwan

Question 181

13. Branch1(config-sdwan)# _______ GigabitEthernet 1

Answer 181

interface

Question 182

14. Branch1(config-interface-GigabitEthernet1)# tunnel-interface allow-service ______

Answer 182

all

Question 183

15. Branch1(config-tunnel-interface)# encapsulation ______

Answer 183

ipsec

Question 184

16. Branch1(config-tunnel-interface)# color ______

Answer 184

mpls

Question 185

17. Branch1(config-tunnel-interface)# _____

Answer 185

exit

Question 186

18. Branch1(config)# ip _______ 0.0.0.0 0.0.0.0 10.2.8.1

Answer 186

route

Question 187

19. Branch1(config)# ______

Answer 187

commit

Question 188

How to change to config mode: Catalyst8000v#

Answer 188

config-transaction

Question 189

Catalyst8000v(config)#

Answer 189

config mode

Question 190

How to config hostname: Catalyst8000v(config)#

Answer 190

host-name hostname

Question 191

How to config Sys IP Address Catalyst8000v(config)#

Answer 191

system-ip ip-address

Question 192

Catalyst8000v(config-system)# site-id site-id

Answer 192

Numeric Identifier

Question 193

The vBond orchestrator’s IP address must be a public IP address: Catalyst8000v(config-system)# vbond _______

Answer 193

(dns-name | ip-address)

Question 194

The WAN Edge authorized _______ number file lists the serial and chassis numbers for all the WAN Edge routers allowed in the network.

Answer 194

Serial

Question 195

The automatic validation and authentication of Cisco SD-WAN devices that occurs during the bring up process can happen only if the vSmart controllers and the vBond orchestrators know the serial and _______ numbers of the devices that are permitted in the network.

Answer 195

Chassis

Question 196

Each Cisco SD-WAN device has a serial number, which is a 40-byte number that is included in the device’s certificate.

Answer 196

Serial Number

Question 197

In addition to a serial number, each WAN Edge router is identified by a _______.

Answer 197

Chassis Number

Question 198

1. Cisco vManage learns the serial numbers for all the vSmart controllers that are allowed to be in the network while it is creating a CSR and installing the signed certificate.

Answer 198

vSmart authorized serial numbers

Question 199

2. This file contains the serial and chassis numbers of all the WAN Edge routers that are allowed to be in the network

Answer 199

WAN Edge authorized serial number file

Question 200

3. Upload the WAN Edge Serial Number File to Cisco vManage: In Cisco vManage, select the Configuration > ______ screen.

Answer 200

Devices

Question 201

4. From the Upload WAN Edge dialog ______, choose the file that you want to upload.

Answer 201

Box

Question 202

5. To upload the WAN Edge serial number file to Cisco vManage only, click ______.

Answer 202

Upload

Question 203

Manually, in Cisco vManage, select the Configuration > Certificates _______.

Answer 203

Screen

Question 204

Manually, from the ______ title bar, click WAN Edge List.

Answer 204

Certificates

Question 205

Manually, click _______ to Controller.

Answer 205

Send

Question 206

The ______ state is useful when you are preparing WAN Edge routers at one location and then sending them to different sites for installation.

Answer 206

Staging

Question 207

The _____ state is useful when the WAN Edge routers are being installed at their final destination.

Answer 207

Valid

Question 208

Display information about active control plane connections (on WAN Edge routers)

Answer 208

show sdwan control connections

Question 209

Display information about control plane connection attempts initiated by the local device.

Answer 209

show sdwan control connections-history

Question 210

Display the basic configuration parameters and local properties related to the control plane (on WAN Edge routers)

Answer 210

show sdwan control local-properties

Question 211

Display statistics about the packets that a WAN Edge router or vSmart controller has transmitted and received in the process of establishing and maintaining secure DTLS connections to Cisco SD-WAN devices in the overlay network (on WAN Edge routers).

Answer 211

show sdwan control statistics

Question 212

List a count of Cisco SD-WAN devices that the local device is aware of. For devices running on virtual machines that have more than one core, this command shows the number of devices that each vdaemon process instance is handling.

Answer 212

show sdwan control summary

Question 213

List the chassis numbers of the valid WAN Edge routers in the overlay network (on vSmart controllers only).

Answer 213

show control valid-vedges

Question 214

List the serial numbers of the valid vSmart controllers in the overlay network (on WAN Edge routers).

Answer 214

show sdwan control valid-vsmarts

Question 215

List the serial numbers of the valid vSmart controllers in the overlay network (on vSmart controllers)

Answer 215

show control valid-vsmarts