Special Summer Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Cisco 300-415 Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Exam Practice Test

Page: 1 / 39
Total 394 questions

Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Questions and Answers

Question 1

An engineering team must prepare a traffic engineering policy where an MPLS circuit is preferred for traffic coming from the Admin VLAN Internet should be used as a backup only. Which configuration fulfill this requirement?

A)

Question # 1

B)

Question # 1

C)

Question # 1

D)

Question # 1

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 2

Which device information is requited on PNP/ZTP to support the zero-touch onboarding process?

Options:

A.

serial and chassis numbers

B.

interface IP address

C.

public DNS entry

D.

system IP address

Question 3

After deploying Cisco SD-WAN the company realized that by default, all sites built direct IPsec VPN tunnels to each other In their previous topology all spoke sites used the head office as their next hop for the LAN segment that belongs to network 40.0.0.0/16 The company wants to deploy its previous policy, which allows the 40.0.0.0/16 network that originates at the hub to advertise to the spokes. Which configuration meets the requirement'?

A)

Question # 3

B)

Question # 3

C)

Question # 3

D)

Question # 3

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 4

Question # 4

Refer to the exhibit. An enterprise decides to use the Cisco SD-WAN Cloud onRamp for SaaS feature and utilize H.Q site Biz iNET to reach SaaS Cloud for branch C. currently reaching SaaS Cloud directly. Which role must be assigned to devices at both sites in vManage Cloud Express for this solution to work?

Options:

A.

H.Q to be added as Gateway and Branch as DIA.

B.

Branch to be added as Client Sites and H.Q as DIA.

C.

Branch to be added as DIA and H.Q as Client Site.

D.

H.Q to be added as Gateway and Branch as Client Site.

Question 5

Which policy configures an application-aware routing policy under Configuration > Policies?

Options:

A.

Localized policy

B.

Centralized policy

C.

Data policy

D.

Control policy

Question 6

A company must avoid downtime at the remote sites and data plane to continue forwarding traffic between WAN Edge devices if the branch router loses connectivity to its OMP peers Which configuration meets the requirement?

A)

Question # 6

B)

Question # 6

C)

Question # 6

D)

Question # 6

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 7

Which plane builds and maintains the network topology and makes decisions on traffic flows?

Options:

A.

orchestration

B.

management

C.

control

D.

data

Question 8

An engineer must use data prefixes to configure centralized data policies using the vManage policy configuration wizard. What is the first step to accomplish this task?

Options:

A.

Create groups of interest

B.

Configure network topology.

C.

Configure traffic rules.

D.

Apply policies to sites and VPNs.

Question 9

An administrator is configuring the severity level on the vManage NMS for events that indicate that an action must be taken immediately. Which severity level must be configured?

Options:

A.

warning

B.

error

C.

critical

D.

alert

Question 10

An engineer is tasked to improve throughput for connection-oriented traffic by decreasing round-trip latency. Which configuration will achieve this goal?

Options:

A.

turn on "Enable TCP Optimization"

B.

turn off "Enhance ECMP Keying"

C.

turn off "Enable TCP Optimization"

D.

turn on "Enhance ECMP Keying"

Question 11

On which device is a service FW address configured to Insert firewall service at the hub?

Options:

A.

vEdge at the branch

B.

vSmart at the hub

C.

vEdge at the hub

D.

vSmart at the branch

Question 12

Which platform is a Cisco SD-WAN virtual platform?

Options:

A.

Cisco ISR 4000

B.

Cisco Nexus 1000V

C.

Cisco CSR 1000V

D.

Cisco ASR 1000

Question 13

An engineer is configuring the branch office with a 172.16.0.0/16 subnet to use DIA for Internet traffic. All other traffic must flow to the central site or branches using the MPLS circuit Which configuration meets the requirement?

A)

Question # 13

B)

Question # 13

C)

Question # 13

D)

Question # 13

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 14

How many vCPUs and how much RAM are recommended to run the vSmart controller on the KVM server for 251 to 1000 devices in software version 20.4.x?

Options:

A.

4vCPUs. 16 GB

B.

4 vCPUs. 8 GB

C.

8vCPUs. 16 GB

D.

2vCPUs.4GB

Question 15

What is a requirement for deployment of on-premises vBond controllers through the Cisco Plug and Play Connect process?

Options:

A.

a DNS name that identifies vBond

B.

a defined controller profile

C.

Internet connectivity from vManage

D.

a CSV The that contains ail controllers

Question 16

Drag and drop the steps from the left Into the order on the right to delete a software image for a WAN Edge router starting with Maintenance > Software Upgrade > Device list on vManage.

Question # 16

Options:

Question 17

When software is upgraded on a vManage NMS, which two image-adding options store images in a local vManage software repository? (Choose two.)

Options:

A.

To be downloaded over a SMTP connection

B.

To be downloaded over a SNMP connection

C.

To be downloaded over an out-of-band connection

D.

To be downloaded over a control plane connection

E.

To be downloaded over an ICMP connection

Question 18

Which combination of platforms are managed by vManage?

Options:

A.

ISR4321, ASR1001, ENCS, lSRv

B.

ISR4351, ASR1002HX, vEdge2000, vEdge Cloud

C.

ISR4321, ASR1001, Nexus, ENCS

D.

lSR435l, ASRl009, vEdge2000, CSR1000v

Question 19

Question # 19

Refer to the exhibit. An enterprise network is connected with an ISP network on an 80 Mbps bandwidth link. The network operation team observes 100 Mbps traffic on the 1Gig-ISP link during peak hours Which configuration provides bandwidth control to avoid traffic congestion during peak hours?

A)

Question # 19

B)

Question # 19

C)

Question # 19

D)

Question # 19

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 20

An engineer is configuring a data policy for packets that must be captured through the policy. Which command accomplishes this task?

Options:

A.

policy > data-policy > vpn-list > sequence > default-action > drop

B.

policy > data-policy > vpn-list > sequence > action

C.

policy > data-policy > vpn-list > sequence > default-action > accept

D.

policy > data-policy > vpn-list > sequence > match

Question 21

What are the two protocols redistributed into OMP? (Choose two.)

Options:

A.

OSPF

B.

RIP

C.

LDP

D.

RSVP

E.

EIGRP

Question 22

A company deploys a Cisco SD-WAN solution but has an unstable Internet connection. When the link to vSmart comes back up, the WAN Edge router routing table is not refreshed, and some traffic to the destination network is dropped. The headquarters is the hub site, and it continuously adds new sites to the SD-WAN network. An engineer must configure route refresh between WAN Edge and vSmart within 2 minutes. Which configuration meets this requirement?

Question # 22

Options:

A.

Option A

B.

B

C.

Option B

D.

E.

Option C

F.

Option D

Question 23

Which type of certificate is installed on vManage for a user to access vManage via a web browser?

Options:

A.

SD-AVC Certificate

B.

WAN Edge Certificate

C.

Controller Certificate

D.

Web Server Certificate

Question 24

Question # 24

Refer to the exhibit Which configuration must the engineer use to form underlay connectivity for the Cisco SD-WAN network?

A)

Question # 24

B)

Question # 24

C)

Question # 24

D)

Question # 24

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 25

Which protocol Is used by the REST API to communicate with network services in the Cisco SO-WAN network?

Options:

A.

SSL

B.

HTTP

C.

iPsec

D.

SSM

Question 26

A network administrator is configuring an application-aware firewall between inside zones to an outside zone on a WAN edge router using vManage GUI. What kind of Inspection is performed when the ‘’inspect’’ action is used?

Options:

A.

stateful inspection for TCP and UDP

B.

stateful inspection for TCP and stateless inspection of UDP

C.

IPS inspection for TCP and-Layer 4 inspection for UDP

D.

Layer 7 inspection for TCP and Layer 4 inspection for UDP

Question 27

An engineer configures an application-aware routing policy for a group of sites The locations depend on public and private transports The policy does not work as expected when one of the transports does not perform properly This policy is configured:

Question # 27

which configuration completes the policy so that it works for all locations?

A)

Question # 27

B)

Question # 27

C)

Question # 27

D)

Question # 27

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 28

Which destination UDP port is used by WAN Edge router to make a DTLS connection with vBond Orchestrator?

Options:

A.

12343

B.

12345

C.

12346

D.

12347

Question 29

How many concurrent sessions does a vManage REST API have before it invalidates the least recently used session if the maximum concurrent session number is reached?

Options:

A.

150

B.

200

C.

250

D.

300

Question 30

Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?

Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?

Options:

A.

A domain is nonexistent.

B.

A domain is block-listed.

C.

A domain is locally reachable.

D.

A domain is grey-listed.

Question 31

Which data policy configuration influences BGP routing traffic flow from LAN to WAN?

A)

Question # 31

B)

Question # 31

C)

Question # 31

D)

Question # 31

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 32

Which two advanced security features are available on the Cisco SD-WAN WAN Edge (vEdge) device? (Choose two.)

Options:

A.

URL filtering

B.

snort intrusion prevention system

C.

Cisco Umbrella DNS Security

D.

Cisco AMP and AMP Threat Grid

E.

Enterprise Firewall

Question 33

What is the order of operations for software upgrades of Cisco SD-WAN nodes'?

Options:

A.

vBond vManage vSmart WAN Edge

B.

vManage vBond WAN Edge. vSmart

C.

vManage vSmart, vBond, WAN Edge

D.

vManage vBond vSraart WAN Edge

Question 34

Question # 34

Refer to the exhibit. An engineer is troubleshooting a control connection issue on a WAN Edge device that shows socket errors. The packet capture shows some ICMP packets dropped between the two devices. Which action resolves the issue?

Options:

A.

Recover the vManage controller that is down m a high availability cluster

B.

Change the system IP or restart the VWN Edge 4 the system IP is changed

C.

Remove IP duplication in the network and configure a unique IP address

D.

Recover vBond or wart for the controller to reload which could be caused by a reset

Question 35

What is the result during a WAN Edge software upgrade process if the version of the WAN Edge software is higher than the one running on a controller device?

Options:

A.

The upgrade button is greyed out

B.

The upgrade proceeds with no warning message.

C.

The upgrade fails with a warning message

D.

The upgrade proceeds with a warning message

Question 36

What is a benefit of the application-aware firewall?

Options:

A.

It blocks traffic by MAC address

B.

It blocks traffic by MTU of the packet.

C.

It blocks traffic by application.

D.

It blocks encrypted traffic

Question 37

WAN Edge routers are configured manually to use UDP port offset to use nondefault offset values when IPsec tunnels are created. What is the offse range?

Options:

A.

1-19

B.

0-18

C.

0-19

D.

1-18

Question 38

Which encryption algorithm is used for encrypting SD-WAN data plane traffic?

Options:

A.

Triple DES

B.

IPsec

C.

AES-128

D.

AES-256 GCM

Question 39

An organization wants to discover monitor and track the applications running on the WAN Edge device on the LAN Which configuration achieves this goal?

Question # 39

Question # 39

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 40

An engineer must avoid routing loops on the SD-WAN fabric for routes advertised between data center sites Which BGP loop prevention attribute must be configured on the routers to meet this requirement?

Options:

A.

same OMP overlay-as on WAN Edge routers of all data centers

B.

static routing on al WAN Edge routers instead of BGP

C.

same BGP AS between all WAN Edge routers and CE routers

D.

same BGP AS between all CE and PE routers

Question 41

A network administrator is configuring a centralized control policy based on match action pairs for multiple conditions, which order must be configured to prefer Prefix List over TLOC and TLOC over Origin?

Options:

A.

highest to lowest sequence number

B.

nonsequential order

C.

deterministic order

D.

lowest to highest sequence number

Question 42

Question # 42

Refer to the exhibit. An ongineer configured OMP with an ovorlay-as of 10666. What is tho AS-PATH for prefix 104.104.104.104/32 on R1007?

Options:

A.

100 10666 104

B.

100 10666

C.

100 10666 20 104

D.

100 20 104

Question 43

Question # 43

An engineer is creating a policy for VPN1 users. Their scavenger traffic at site 101 must pass through a firewall. Which two match conditions must be selected to enable this policy? (Choose two.)

Options:

A.

destination port

B.

source data prefix

C.

packet length

D.

protocol

E.

application/application family list

Question 44

What is the size of SGT data in the metadata header?

Options:

A.

8 bits

B.

16 bits

C.

24 bits

D.

32 bits

Question 45

Which component of the Cisco SD-WAN secure extensible network provides a single pane of glass approach to network monitoring and configuration?

Options:

A.

APIC-EM

B.

vSmart

C.

vManage

D.

vBond

Question 46

Refer to the exhibit.

Question # 46

A network administrator is configuring OMP in vManage to advertise all the paths for the same prefix from a site that has two WAN Edge devices Each WAN Edge device is connected to three ISPs and two private MPLS transports. What is the minimum value for 'Number of Paths advertised per Prefix" that should be configured?

Options:

A.

2

B.

3

C.

5

D.

10

Question 47

Refer to the exhibit.

Question # 47

The SD-WAN network is configured with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use MPLS TLOC as the preferred TLOC when communicating with Rome site. Which configuration must the engineer use to create a list to select MPLS color toward the Rome TLOC?

A)

Question # 47

B)

Question # 47

C)

Question # 47

D)

Question # 47

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 48

Which protocol is configured on tunnels by default to detect loss, latency, jitter, and path failures in Cisco SD-WAN?

Options:

A.

TLS

B.

BFD

C.

OMP

D.

BGP

Question 49

Drag and drop the definitions from the left to the configuration on the right.

Question # 49

Options:

Question 50

Question # 50

Refer to the exhibit. Which configuration ensures that OSPP routes learned from Site2 are reachable at Stein and vice-versa?

Options:

A.

Option A50

B.

Option B50

C.

Option C50

Question 51

Which port is used for vBond under controller certificates if no alternate port is configured?

Options:

A.

12345

B.

12347

C.

12346

D.

12344

Question 52

Which routes are similar to the IP route advertisements when the routing information of WAN Edge routers is learned from the local site and local routing protocols?

Options:

A.

service

B.

BGP

C.

TLOC

D.

OMP

Question 53

Which SD-WAN component allows an administrator to manage and store software images for SD-WAN network elements?

Options:

A.

vGond controllers

B.

WAN Edge routers

C.

vSman controllers

D.

vManage NMS

Question 54

Question # 54

Refer to the exhibit An engineer must configure a QoS policy between me hub and site A (spoke) over a standard internet circuit where traffic shaping is adjusted automatically based on evaiiabk» bandwidth Which configuration meets the requirement?

Question # 54

Question # 54

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 55

Which device should be configured with the service chain IP address to route intersite traffic through a firewall?

Options:

A.

vSmart

B.

firewall

C.

spoke WAN Edge

D.

hub WAREdge

Question 56

An engineer must configure VRRP for redundancy on WAN Edge router1 running an earlier version than 20.6, considering WAN Edge router2 is configured correctly. Which configuration meets the requirement?

Options:

A.

Option A56

B.

Option B56

C.

Option C56

D.

Option D56

Question 57

What is the minimum Red Hat Enterprise Linux operating system requirement for a Cisco SD-WAN controller deployment via KVM?

Options:

A.

RHEL7.5

B.

RHEL 6.5

C.

RHEL4.4

D.

RHEL 6.7

Question 58

Which configuration step is taken on vManage after WAN Edge list is uploaded?

Options:

A.

Send the list to controllers

B.

Enable the ZTP process

C.

Verify the device certificate

D.

Set the device as valid

Question 59

Refer to the exhibit.

Question # 59

An engineer is troubleshooting a control connection Issue. What does "connect" mean in this how control connections output?

Options:

A.

Control connection is down

B.

Control connection is connected

C.

Control connection attempt is in progress

D.

Control connection is up

Question 60

Which on-the-box security feature supported by the Cisco ISR 4451 SD-WAN device and not on vEdge?

Options:

A.

Cloud Express service

B.

Enterprise Firewall with Application Awareness

C.

reverse proxy

D.

IPsec/GRE cloud proxy

Question 61

Drag and drop the alarm slates from the left onto the corresponding alarm descriptions on the right.

Question # 61

Options:

Question 62

What must an engineer conewef when decoying an SD-WAN on-pfemlses architecture based on ESXi hypervisor?

Options:

A.

Cisco must provision the backup and snapshots platform lor ihe SD-WAN arctoecture

B.

The managed service provider must provision controllars with their appropriate cerHwcatsi

C.

The IT team a required to provision the SO-WAN controllers and Is responsAte lor backups and disaster recovery implementation

D.

The IT team will be given access by Cisco to a vManage for configuration If templates and policies coeigmalim

Question 63

Which two vRoute attributes should be matched or set in vSmart policies and modified by data policies? (Choose two.)

Options:

A.

site ID

B.

preference

C.

VPN

D.

TLOC

E.

origin

Question 64

An engineer modifies a data policy for DIA in VPN 200 to meet the requirements for traffic destined to these locations:

* external networks; must be translated

* external networks; must use a public TLOC color

* syslog servers, must use a private TLOC color

Here is the existing data policy configuration:

Question # 64

Which policy configuration sequence set meets the requirements?

Options:

A.

Option A64

B.

Option B64

C.

Option C64

Question 65

Question # 65

Refer to the exhibit Which command allows traffic through the IPsec tunnel configured in VPN 0?

Options:

A.

service local

B.

service FW address 1.1.1.1

C.

service netsvc1 vpn 1

D.

service netsvc1 address 1.1.1.1

Question 66

An enterprise has these three WAN connections:

    public Internet

    business internet

    MPLS

An engineer must configure two available links to route traffic via both links. Which configuration achieves this objective?

Question # 66

Options:

A.

Option

B.

Option

C.

Option

D.

Option

Question 67

Which two features does the application firewall provide? (Choose two.)

Options:

A.

classification of 1400+ layer 7 applications

B.

blocks traffic by application or application-family

C.

numbered sequences of match-action pairs

D.

classification of 1000+ layer 4 applications

E.

application match parameters

Question 68

An engineer is adding a tenant with location ID 399533345 in vManage. What is the maximum number of alphanumeric characters that is accepted in the tenant name filed?

Options:

A.

64

B.

128

C.

256

D.

8

Question 69

Which configuration defines the groups of interest before creation of the access list or route map?

A)

Question # 69

B)

Question # 69

C)

Question # 69

D.

Question # 69

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 70

Refer to exhibit.

Question # 70

An engineer is troubleshooting tear down of control connections even though a valid Certificate Serial Number is entered Which two actions resolve the Issue? (Choose two)

Options:

A.

Enter a valid serial number on the controllers for a given device

B.

Remove the duplicate IP in the network.

C.

Enter a valid product ID (model) on the PNP portal

D.

Match the serial number file between the controllers

E.

Restore network reachability for the controller

Question 71

Drag and drop the steps from the left into the sequence on the right for a WAN Edge router after powering on for zero touch provisioning.

Question # 71

Options:

Question 72

Which value is verified in the certificates to confirm the identity of the physical WAN Edge device?

Options:

A.

Serial Number

B.

OTP

C.

System-IP

D.

Chassis-ID

Question 73

Which type of route advertisement of OMP can be verified?

Options:

A.

OMP, VPN. and origin

B.

Origin, TLOC, and VPN

C.

Origin, TLOC, and service

D.

OMP, TLOC and service

Question 74

Which command displays BFD session summary information per TLOC on vEdge routers?

Options:

A.

show bfd history

B.

show bfd summary

C.

show bfd sessions

D.

show bfd tloc-summary-list

Question 75

If Smart Account Sync is not used, which Cisco SD-WAN component is used to upload an authorized serial number file?

Options:

A.

WAN Edge

B.

vManage

C.

vSmart

D.

vBond

Question 76

What is an attribute of TLOC’?

Options:

A.

encryption

B.

local preference

C.

tag

D.

service

Question 77

Which logs verify when a device was upgraded?

Options:

A.

Audit

B.

Email

C.

ACL

D.

SNMP

Question 78

In a Cisco SD-WAN architecture, what is the role of the WAN Edge?

Options:

A.

It provides orchestration to assist in automatic provisioning of WAN Edge routers and overlay

B.

It is the management plane responsible for centralized configuration and monitoring

C.

It is the control plane that builds and maintains network topology

D.

It is the data plane that is responsible for forwarding traffic

Question 79

Which service VPN must be reachable from all WAN Edge devices and the controllers?

Options:

A.

VPN0

B.

VPN10

C.

VPN215

D.

VPN512

Question 80

Which two resource data types are used to collect information for monitoring using REST API in Cisco SD-WAN? (Choose two.)

Options:

A.

POST

B.

DELETE

C.

scalar

D.

array

E.

PUT

Question 81

Which routing protocol has the highest default administrative distance?

Options:

A.

OMP

B.

external EIGRP

C.

IS-IS

D.

IBGP

Question 82

Which vBond system configuration under VPN 0 allows for a routable public IP address even if the DNS name, hostname, or IP address of the vBond orchestrator are omitted?

Options:

A.

local

B.

vbond-only

C.

dns-name

D.

WAN

Question 83

Which SD-WAN component detects path performance information in the organization to report the issue to the service provider at site ID:S4288T5E44F04?

Options:

A.

vAnalytics

B.

vManage NMS

C.

vBond Orchestrator

D.

Cisco DNA

Question 84

Question # 84

Refer to the exhibit. A customer wants to deploy service insertion at site1. Which traffic from VPN 10 must route to this site through a firewall. A policy must be in place to route VPN 10 traffic from all sites toward this firewall. Which configuration must be on the vSmart controller to meet this requirement?

Options:

A.

Option A84

B.

Option B84

C.

Option C84

D.

Option D84

Question 85

A voice packet requires a latency of 50 msec. Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?

Options:

A.

centralized control

B.

localized data

C.

localized control

D.

centralized data

Question 86

Which routing protocol is used to exchange control plane information between vSmart controllers and WAN Edge routers in the Cisco SD-WAN secure extensible network?

Options:

A.

BGP

B.

OSPF

C.

BFD

D.

OMP

Question 87

Question # 87

Refer to the exhibit. A network administrator is setting the queueing value for voice traffic for one of the WAN Edge routers using vManager GUI. Which queue value must be set to accomplish this task?

Options:

A.

0

B.

1

C.

2

D.

3

Question 88

Which SD-WAN component is configured to enforce a policy to redirect branch-to-branch traffic toward a network service such as a firewall or IPS?

Options:

A.

vBond

B.

WAN Edge

C.

vSmart

D.

Firewall

Question 89

An engineer is troubleshooting a certificate issue on vEdge. Which command is used to verify the validity of the certificates?

Options:

A.

show control local-properties

B.

show control summary

C.

show certificate installed

D.

show certificate status

Question 90

What happens if the intelligent proxy is unreachable in the Cisco SD-WAN network?

Options:

A.

The grey-listed domains are unresolved

B.

The Cisco Umbrella Connector locally resolves the DNS request

C.

The block-listed domains are unresolved

D.

The Cisco Umbrella Connector temporarily redirects HTTPS traffic

Question 91

Question # 91

Refer to the exhibit An engineer is configuring a QoS policy to shape traffic for VLAN 100 on a subinterface Which policy configuration accomplishes the task?

A)

Question # 91

B)

Question # 91

C)

Question # 91

D)

Question # 91

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 92

An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?

Question # 92

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 93

An administrator must deploy the controllers using the On-Prem method while vManage can access the PnP portal from inside How are the two WAN Edge authorized allowed lists to be made available to vManage? (Choose two)

Question # 93

Question # 93

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 94

Which type of lists are used to group related items via an application-aware routing policy under the policy lists command hierarchy on vSmart controllers?

Options:

A.

data prefix, she. and VPN

B.

OSCP value, application, and VPN

C.

data prefix, application, and SLA class

D.

DSCP value, site, and VPN

Question 95

Which two prerequisites must be met before the Cloud onRamp for laaS is initiated on vManage to expand to the AWS cloud? (Choose two)

Options:

A.

Attach the *AmazonCreateVPC* and "Amazon Provision EC2" permission policy to the IAM account

B.

Subscribe to the SD-WAN Edge router AMI in the AWS account

C.

Attach an OSPF feature template to the AWS cloud Edge router template

D.

Attach a device template to the cloud WAN Edge router to be deployed in the AWS

E.

Preprovision the transit VPC in the AWS region

Question 96

Which protocol advertises WAN edge routes on the service side?

Options:

A.

EIGRP

B.

OSPF

C.

BGP

D.

ISIS

Question 97

Question # 97

Refer to the exhibit vManage and vBond have an issue establishing a connection to vSmart Which two actions does the administrator take to fix the issue? (Choose two)

Install the certificate received from the certificate server.

Options:

A.

Manually resync vManage and vBond

B.

Reconfigure the vSmart from CLI with the proper Hostname & System IP

C.

Delete and re-add vSmart Click Generate and validate CSR

D.

Request a certificate from the certificate server based on the CSR for the vSmart

Question 98

An engineer creates this data policy for DIA for VPN 10:

Question # 98

Which policy sequence enables DIA for external networks?

Question # 98

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 99

In an AWS cloud, which feature provision WAN Edge routers automatically in Cisco SD-WAN?

Options:

A.

Cloud app

B.

Cloud OnRamp

C.

vAnalytics

D.

Network Designer

Question 100

What is the behaviour of vBond orchestrator?

Options:

A.

It maintains vSmart and WAN Edge routers secure connectivity state

B.

it builds permanent connections with vSmart controllers

C.

it updates vSmart of WAN Edge routers behind NAT devices using OMP.

D.

It builds permanent connections with WAN Edge routers

Question 101

What are two attributes of vRoute? (Choose two)

Options:

A.

originator

B.

service

C.

encapsulation

D.

carrier

E.

domain ID

Question 102

How is a TLOC uniquely identified from a WAN Edge router to the SD-WAN transport network?

Options:

A.

system IP address

B.

VPN ID

C.

OMP

D.

SD-WAN site ID

Question 103

Which VPN must be present on at least one interface to install Cisco vManage and integrate it with WAN Edge devices in an overlay network site ID:S4307T7E78F29?

Options:

A.

VPN 512

B.

any VPN number selected

C.

services VPN range 0-511

D.

VPNO

Question 104

Drag and drop the BFD parameters from the left onto the BFD configurations on the right.

Question # 104

Options:

Question 105

Which VManage dashboard is used to monitor the next-hop reachability between two devices traversing through OMP for a service VPN’

Options:

A.

Troubleshooting > App Route Visualization

B.

Troubleshooting > Tunnel Health

C.

Troubleshooting > Simulate Flows

D.

Troubleshooting > Packet Capture

Question 106

A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the master device. What must be configured to get the fastest failover to standby?

Options:

A.

lower timer interval

B.

prefix-list tracking

C.

higher group ID number

D.

OMP tracking

Question 107

What is the default value for the number of paths advertised per prefix in the OMP feature template?

Options:

A.

4

B.

8

C.

12

D.

16

Question 108

An enterprise deployed a Cisco SD-WAN solution with hub-and-spoke topology using MPLS as the preferred network over the Internet. A network engineer must implement an application-aware routing policy to allow ICMP traffic to be load-balanced over both the available links. Which configuration meets the requirement?

A)

Question # 108

B)

Question # 108

C)

Question # 108

D)

Question # 108

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 109

A customer must upgrade the cisco SD-WAN devices and controllers from version 19.2 to version 20.3. The devices include WAN Edge cloud, vManage, vSmart, and vBond. Which types of image types of image files are needed for this upgrade?

Options:

A.

one file for vManage and one file for all other devices with extension tar.gz

B.

one file for vManage, one for vSmart and one for vBond + WAN Edge Cloud with extension.bin

C.

one file for vManaga, one for vSmart and one for vBond + WAN Edge Cloud with extension tar.gz

D.

one file for vManaga and one file for all other devices with extension .bin

Question 110

How is the scalability of the vManage increased in Cisco SD-WAN Fabric?

Options:

A.

Increase licensing on the vManage

B.

Deploy multiple vManage controllers in a cluster

C.

Deploy more than one vManage controllers on different physical server.

D.

Increase the bandwidth of the WAN link connected to the vManage

Question 111

Which device information is required on PNP/ZTP to support the zero-touch onboarding process?

Options:

A.

interface IP address

B.

system IP address

C.

public DNS entry

D.

serial and chassis numbers

Question 112

Refer to the exhibit.

Question # 112

The Cisco SD-WAN network is configured with a default full-mesh topology. An engineer wants Paris WAN Edge to use the Internet HOC as the preferred TLOC for MSN Messenger and AOL Messenger traffic. Which policy achieves this goal?

A)

Question # 112

B)

Question # 112

C)

Question # 112

D)

Question # 112

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 113

An engineer is configuring a WAN Edge router for DIA based on matching QoS parameters. Which two actions accomplish this task? (Choose two.)

Options:

A.

Apply a QoS map policy.

B.

Configure a control policy.

C.

Configure a centralized data policy.

D.

Configure NAT on the transport interface.

E.

Apply a data policy on WAN interface.

Question 114

Which platforms are managed by a single vManage dashboard?

Options:

A.

ISR4351, ASR1002HX, vEdge2000, vEdge Cloud

B.

ISR4321, ASR1001, Nexus, ENCS

C.

ISR4321, ASR1001, ENCS, ISRv

D.

ISR4351, ASR1009, vEdge2000, CSR1000v

Question 115

Question # 115

Refer to the exhibit. An engineer must block FTP traffic coming in from a particular Service VPN on a WAN Edge device Which set of steps achieves this goal?

Options:

A.

Create a localized policy and add it to (he interface feature template

B.

Create a localized policy add it to the device template and add an ACL to the interface feature template

C.

Create a prefix tat, add it to the localized policy and add it to the interface feature template

D.

Create a localized policy add it to VPN template and add an ACL to the interface feature template

Question 116

Which plane assists in the automatic onboarding of the SD-WAN routers into the SD-WAN overlay?

Options:

A.

Data

B.

Orchestration

C.

Management

D.

Control

Question 117

Which policy configuration must be used to classify traffic as it enters the branch WAN Edge router to be put into the desired output queue?

A)

Question # 117

B)

Question # 117

C)

Question # 117

D)

Question # 117

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 118

Which actions must be taken to allow certain departments to require firewall protection when interacting with data center network without including other departments? (Choose two.)

Options:

A.

Use classification policing and marking

B.

Apply data policies at vEdge.

C.

Deploy a service-chained firewall service per VPN

D.

The regional hub advertises the availability of the firewall service

E.

Advertise lo vSmart controllers

Page: 1 / 39
Total 394 questions