option
Questions
ayuda
daypo
CREATE TEST
search.php

ERASED TEST, YOU MAY BE INTERESTED ON CCNP ENCOR 350-420 - part 15

COMMENTS STATISTICS RECORDS
TAKE THE TEST
Title of test:
CCNP ENCOR 350-420 - part 15

Description:
CCNP ENCOR 350-420 - part 15

Author:
AVATAR
ccnp
Other tests from this author

Creation Date: 27/11/2024

Category: Others

Number of questions: 46
Share the Test:
New CommentNuevo Comentario
No comments about this test.
Content:
Drag and drop the characteristics from the left onto the deployment models on the right. Remote access must be arranged via third-party solutions. Remote access requires an Internet connection only. This model is high-maintenance and has high operating costs. This model is cost-effective.
What is an OVF? A. a package that is similar to an IMG and that contains an OVA file used to build a virtual machine B. an alternative form of an ISO that is used to install the base operating system of a virtual machine C. the third step in a P2V migration D. a package of files that is used to describe a virtual machine or virtual appliance.
An engineer configures routing between all routers and must build a configuration to connect R1 to R3 via a GRE tunnel. Which configuration must be applied? A. R1 - interface Tunnel1 ip address 1.1.1.13 255.255.255.0 tunnel source Loopback0 tunnel destination x.y.z.110 R3 - interface Tunnel ip address 1.1.1.31 255.255.255.0 tunnel source Loopback0 tunnel destination x.y.z.160 B. R1 - interface Tunnel1 ip address 1.1.1.13 255.255.255.0 tunnel source Loopback0 tunnel destination x.y.z.160 R3 - interface Tunnel1 ip address 1.1.1.31 255.255.255.0 tunnel source Loopback0 tunnel destination x.y.z.110 C. R1 - interface Tunnel2 ip address 1.1.1.12 255.255.255.0 tunnel source Loopback0 tunnel destination x.y.z.125 R2 - interface Tunnel1 ip address 1.1.1.125 255.255.255.0 tunnel source Loopback0 tunnel destination x.y.z.110 interface Tunnel3 ip address 1.1.1.125 255.255.255.0 tunnel source Loopback0 tunnel destination x.y.z.160 R3 - interface Tunnel2 ip address 1.1.1.32 255.255.255.0 tunnel source Loopback0 tunnel destination x.y.z.125 D. R1 - interface Tunnel1 ip address 1.1.1.13 255.255.255.0 tunnel source Loopback0 tunnel destination x-y.z.110 R3 - interface Tunnel1 ip address 1.1.1.31 255.255.255.0 tunnel source Loopback0 tunnel destination x.y.z.125.
Which function does a virtual switch provide? A. RAID storage for virtual machines B. connectivity between virtual machines C. CPU context switching for multitasking between virtual machines D. emulation of power for virtual machines.
Which device is responsible for finding EID-to-RLOC mapping when traffic is sent to a LISP-capable site? A. map resolver B. egress tunnel router C. map server D. ingress tunnel router.
In which way are EIGRP and OSPF similar? A. They both support unequal-cost load balancing. B. They both support MD5 authentication for routing updates. C. They both support autosummarization. D. They have similar CPU usage, scalability, and network convergence times.
Which option works with a DHCP server to return at least one WLAN management interface IP address during the discovery phase and is dependent upon the VCI of the AP? A. Option 15 B. Option 43 C. Option 125 D. Option 42.
Refer to the exhibit. PC 2 cannot communicate with PC 4. Which configuration resolves this issue? A. SW1(config)# interface Gigabitethernet 2/1 SW1(config-if)# switchport mode trunk B. SW1(config)# interface Gigabitethernet 2/1 SW1(config-if)# switchport mode access SW1(config-if)# switchport access vlan 10 C. SW1(config)# interface Gigabitethernet 2/1 SW1(config-if)# switchport trunk allowed vlan add 10 D. SW1(config)# interface Gigabitethernet 2/1 SW1(config-if)# switchport vlan mapping 10 10.
A customer has 20 stores located throughout a city. Each store has a single Cisco AP managed by a central WLC. The customer wants to gather analytics for users in each store. Which technique supports these requirements? A. angle of arrival B. presence C. trilateration D. hyperlocation.
Refer to the exhibit. Two switches are interconnected using interface GigabitEthernet0/0 on both sides. While configuring one of the switches, a network engineer receives the logging message. Which action resolves this issue? A. Block VLAN1 on the trunk interface GigabitEthernet0/0. B. Configure interface GigabitEthernet0/0 as an access port. C. Configure interface GigabitEthernet0/0 as a trunk port. D. Shutdown interface GigabitEthemet0/0 and bring it back up.
By default, which virtual MAC address does HSRP group 12 use? A. 00:00:0c:07:ac:0c B. 00:05:5e:00:0c:12 C. 00:5e:0c:07:ac:12 D. 05:43:84:57:29:2c.
Refer to the exhibit. An engineer configures a new WLAN that will be used for secure communications; however, wireless clients report that they are able to communicate with each other. Which action resolves this issue? A. Enable Client Exclusions. B. Enable P2P Blocking. C. Disable Aironet IE. D. Enable Wi-Fi Direct Client Policy.
Refer to the exhibit. What happens to access interfaces where VLAN 222 is assigned? A. STP BPDU guard is enabled. B. A description "RSPAN" is added. C. They are placed into an inactive state. D. They cannot provide PoE.
Refer to the exhibit. Which command is required to validate that an IP SLA configuration matches the traffic between the branch office and the central site? A. R1# show ip sla group schedule B. R1# show ip route C. R1# show ip sla configuration D. R1# show ip sla statistics.
Refer to the exhibit. The administrator must extend the configuration of the switch to perform remote logging using syslog according to these requirements: • syslog server: 203.0.113.11 reachable through Gi0/0 • initial message severity: notifications • message transport: reliable Which two commands must be added to the configuration to accomplish this goal? (Choose two.) A. logging monitor notifications B. logging host 203.0.113.11 vrf Mgmt-vrf transport tcp C. logging source-Interface GigabitEthernet0/0 vrf Mgmt-vrf D. logging trap notifications E. logging host 203.0.113.11 vrf Mgmt-vrf.
Which two prerequisites must be met before Cisco DNA Center can provision device? (Choose two.) A. Cisco DNA Center must have the software image for he provisioned device in its image repository. B. The provisioned device must be put into bootloader mode. C. The provisioned device must be configured with CLI and SNMP credentials that are known to Cisco DNA Center. D. Cisco DNA Center must have IP connectivity to the provisioned device. E. The provisioned device must recognize Cisco DNA Center as its LLDP neighbor.
In Cisco DNA Center, what is used to publish events and notifications to a third-party product such as IPAM? A. intent API B. southbound SDK C. integration API D. RESTful API.
Router R1 must be configured as a UDP responder on port 6336. Which configuration accomplishes this task? A. (config)#ip sla responder udp-echo ipaddress 10.10.10.1 port 6336 B. (config)#ip sla responder udp-echo ipv4 10.10.10.1 port 6336 C. (config)#ip sla responder ipaddress 10.10.10.1 port 6336 D. (config-if)#ip sla responder udp-port ipaddress 10.10.10.1 port 6336.
Refer to the exhibit. An engineer must configure an ERSPAN tunnel that mirrors traffic from Linux1 on Switch1 to Linux2 on Switch2. Which command must be added to the destination configuration to enable the ERSPAN tunnel? A. (config-mon-erspan-src-dst)# no shut B. (config-mon-erspan-src-dst)# traffic bidirectional C. (config-mon-erspan-src-dst)# monitor session 1 activate D. (config-mon-erspan-src-dst)# ip address 10.10.10.10.
Refer to the exhibit. Which configuration enables fallback to local authentication and authorization when no TACACS+ server is available? A. Router(config)# aaa fallback local B. Router(config)# aaa authentication login FALLBACK local Router(config)# aaa authorization exec FALLBACK local C. Router(config)# aaa authentication login default local Router(config)# aaa authorization exec default local D. Router(config)# aaa authentication login default group tacacs+ local Router(config)# aaa authorization exec default group tacacs+ local.
Which configuration protects the password for the VTY lines against over-the-shoulder attacks? A. line vty 0 15 password $2$FpM7f82! B. username admin secret 7 6j809J23kpp438337113N7%e$ C. line vty 0 4 password $2$FpM7f82! D. service password-encryption.
Refer to the exhibit. Remote users cannot access the Internet but can upload files to the storage server. Which configuration must be applied to allow Internet access? A. ciscoasa(config)# access-list MAIL_AUTH extended permit udp any any eq http ciscoasa(config)# aaa authentication listener http outside redirect B. ciscoasa(config)# access-list MAIL_AUTH extended permit tcp any any eq www ciscoasa(config)# aaa authentication listener http inside redirect C. ciscoasa(config)# access-list MAIL_AUTH extended permit tcp any any eq http ciscoasa(config)# aaa authentication listener http inside port 43 D. ciscoasa(config)# access-list HTTP_AUTH extended permit udp any any eq http ciscoasa(config)# aaa authentication listener http outside port 43.
Refer to the exhibit. Extended access-list 100 is configured on interface GigabitEthernet 0/0 in an inbound direction, but it does not have the expected behavior of allowing only packets to or from 192.168.0.0/16. Which command set properly configures the access list? A. R1(config)#no access-list 100 deny ip any any B. R1(config)#no access-list 100 seq 10 R1(config)#access-list 100 seq 40 deny ip any any C. R1(config)#ip access-list extended 100 R1(config-ext-nacl)#5 permit ip any any D. R1(config)#ip access-list extended 100 R1(config-ext-nacl)#no 10.
Which security measure mitigates a man-in-the-middle attack of a REST API? A. password hash B. SSL certificates C. nonrepudiation feature D. biometric authentication.
A wireless administrator must create a new web authentication corporate SSID that will be using ISE as the external RADIUS server. The guest VLAN must be specified after the authentication completes. Which action must be performed to allow the ISE server to specify the guest VLAN? A. Enable AAA Override. B. Enable Network Access Control State. C. Set AAA Policy name. D. Set RADIUS Profiling.
An engineer must configure an EXEC authorization list that first checks a AAA server then a local username. If both methods fail, the user is denied. Which configuration should be applied? A. aaa authorization exec default local group radius none B. aaa authorization exec default group radius local none C. aaa authorization exec default group radius local D. aaa authorization exec default local group tacacs+.
Refer to the exhibit. A company requires that all wireless users authenticate using dynamic key generation. Which configuration must be applied? A. AP(config-if-ssid)# authentication open eap eap_methods B. AP(config-if-ssid)# authentication dynamic open wep_dynamic C. AP(config-if-ssid)# authentication dynamic wep wep_methods D. AP(config-if-ssid)# authentication open wep wep_methods.
Refer to the exhibit. An engineer must deny HTTP traffic from host A to host B while allowing all other communication between the hosts. Which command set accomplishes this task? A. SW1(config)# mac access-list extended HOST-A-B SW1(config-ext-macl)# permit host aaaa.bbbb.cccc aaaa.bbbb.dddd SW1(config)# ip access-list extended DENY-HTTP SW1(config-ext-nacl)# deny tcp host 10.1.1.10 host 10.1.1.20 eq www SW1(config)# vlan access-map DROP-MAC 10 SW1(config-access-map)# match mac address HOST-A-B SW1(config-access-map)# action drop SW1(config)# vlan access-map HOST-A-B 20 SW1(config-access-map)# match ip address DENY-HTTP SW1(config-access-map)# action drop SW1(config)# vlan filter HOST-A-B vlan 10 B. SW1(config)# ip access-list extended DENY-HTTP SW1(config-ext-nacl)# deny tcp host 10.1.1.10 host 10.1.1.20 eq www SW1(config)# ip access-list extended MATCH_ALL SW1(config-ext-nacl)# permit ip any any SW1(config)# vlan access-map HOST-A-B 10 SW1(config-access-map)# match ip address DENY-HTTP SW1(config-access-map)# action drop SW1(config)# vlan access-map HOST-A-B 20 SW1(config-access-map)# match ip address MATCH_ALL SW1(config-access-map)# action forward SW1(config)# vlan filter HOST-A-B vlan 10 C. SW1(config)# mac access-list extended HOST-A-B SW1(config-ext-macl)# permit host aaaa.bbbb.cccc aaaa.bbbb.dddd SW1(config)# ip access-list extended DENY-HTTP SW1(config-ext-nacl)# permit tcp host 10.1.1.10 host 10.1.1.20 eq www SW1(config)# vlan access-map DROP-MAC 10 SW1(config-access-map)# match mac address HOST-A-B SW1(config-access-map)# action forward SW1(config)# vlan access-map HOST-A-B 20 SW1(config-access-map)# match ip address DENY-HTTP SW1(config-access-map)# action drop SW1(config)# vlan filter HOST-A-B vlan 10.
A network engineer wants to configure console access to a router without using AAA so that the privileged exec mode is entered directly after a user provides the correct login credentials. Which action achieves this goal? A. Configure a RADIUS or TACACS+ server and use it to send the privilege level. B. Configure login authentication privileged on line con 0. C. Configure privilege level 15 on line con 0. D. Configure a local username with privilege level 15.
Refer to the exhibit. What is output by this code? A. 0 5 B. 0 1 2 3 4 5 C. 0 1 2 3 4 D. (0,5).
What is one benefit of implementing a data modeling language? A. use XML style of data formatting B. interoperability to allow unlimited implementations C. machine-oriented logic and language-facilitated processing D. conceptual representation makes interpretation simple.
Refer to the exhibit. What is generated by the script? A. the router processes B. the cdp neighbors C. the routing table D. the running configuration.
What is a benefit of YANG modules? A. tightly coupled models with encoding to improve performance B. easier multivendor interoperability provided by common or industry models C. avoidance of ecosystem fragmentation by having fixed modules that cannot be changed D. single protocol and model coupling to simplify maintenance and support.
Refer to the exhibit. An engineer must save the configuration of router R2 using the NETCONF protocol. Which script must be used? A. <?xml version="1.0" encoding="utf-8"?> <rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id=""> <cisco-ia:save-config xmlns:cisco-ia="http://cisco.com/yang/cisco-ia"/> </rpc> B. <?xml version="1.0" encoding="utf-8"?> <rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id=""> <get> <filter type="subtree"> <ncm:netconf-state xmlns:ncm="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"> <ncm:capabilities/> </ncm:netconf-state> </filter> </get> </rpc> C. <?xml version="1.0" encoding="utf-8"?> <rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id=""> <cisco-ia:sync-from xmlns:cisco-ia="http://cisco.com/yang/cisco-ia"></cisco-ia:sync-from> </rpc> D. <?xml version="1.0" encoding="utf-8"?> <rpc xmlns="urn:ietf:params:xml:ns:netconf:base: 1.0" message-id=""> <cisco-ia:reset xmlns:cisco-ia="http://cisco.com/yang/cisco-ia"> <cisco-ia:reinitialize>true</cisco-ia:reinitialize> </cisco-ia:reset> </rpc>.
Which language defines the structure or modeling of data for NETCONF and RESTCONF? A. YAML B. XML C. JSON D. YANG.
Refer to the exhibit. What is displayed when the code is run? A. The answer is 100 B. The answer is 5 C. The answer is 25 D. The answer is 70.
What is the purpose of an integration API in Cisco DNA Center? A. Obtain information about clients, sites, and topology from Cisco DNA Center. B. Enable external systems to take actions in response to an event. C. Allow the platform into approval chains in ITSM. D. Enable discovery and control of the network by using HTTPS verbs.
Refer to the exhibit. What is the value of the variable list after the code is run? A. [1, 2, 10] B. [1, 2, 3, 10] C. [1, 2, 10, 4] D. [1, 10,10,10].
What is one difference between SaltStack and Ansible? A. SaltStack uses the Ansible agent on the box, whereas Ansible uses a Telnet server on the box. B. SaltStack uses an API proxy agent to program Cisco boxes in agent mode, whereas Ansible uses a Telnet connection. C. SaltStack uses SSH to interact with Cisco devices, whereas Ansible uses an event bus. D. SaltStack is agent based, whereas Ansible is agentless.
Which signal strength and noise values meet the minimum SNR for voice networks? A. signal strength -66 dBm, noise 90 dBm B. signal strength -67 dBm, noise 91 dBm C. signal strength -68 dBm, noise 89 dBm D. signal strength -69 dBm, noise 94 dBm.
A customer requires their wireless network to be fully functional, even if the wireless controller fails. Which wireless design supports these requirements? A. FlexConnect B. mesh C. centralized D. embedded.
Which two conditions occur when the primary route processor fails on a switch that is using dual route processors with stateful switchover? (Choose two.) A. Data forwarding can continue along known paths until routing protocol information is restored. B. Data forwarding is stopped until the routing protocols reconverge after the switchover. C. The standby route processor is fully initialized and state information is maintained. D. User sessions are immediately recreated on the new active route processor. E. The standby route processor initialization is started when the primary router processor fails.
Refer to the exhibit. Which configuration must be added to R2 to enable PC3 to obtain a DHCP address and successfully ping PC1? A. Router(config)# vrf definition PRODUCTION Router(config-vrf)# address-family ipv4 Router(config)# interface GigabitEthernet 0/0 Router(config-if)# vrf forwarding PRODUCTION Router(config-if)# ip address 10.199.0.1 255.255.252.0 Router(config)# ip dhcp pool R&D Router(dhcp-config)# vrf PRODUCTION B. Router(config)# vrf definition PRODUCTION Router(config-vrf)# rd 1:100 - Router(config)# router eigrp 100 Router(config-rtr)# redistribute vrf PRODUCTION C. Router(config)# vrf definition PRODUCTION Router(config-vrf)# vnet tag 100 Router(config)# interface GigabitEthernet 0/0 Router(config-if)# vnet trunk - D. Router(config)# vrf definition PRODUCTION Router(config-vrf)# rd 1:100 - Router(config-vrf)# address-family ipv4 Router(config)# router eigrp 100 Router(config-rtr)# route-target export 1:100.
By default, which virtual MAC address does HSRP group 30 use? A. 05:0c:5e:ac:07:30 B. 00:00:0c:07:ac:1e C. 00:43:19:74:89:1e D. 00:05:0c:07:ac:30.
Which NTP mode must be activated when using a Cisco router as an NTP authoritative server? A. primary B. peer C. broadcast client D. server.
Refer to the exhibit. Which router is elected as the VRRP primary virtual router? A. Router A B. Router B C. Router C D. Router D.
Report abuse