Summer Certification Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

400-007 Cisco Certified Design Expert (CCDE v3.1) Questions and Answers

Questions 4

Which two design solutions ensure sub-50 msec of the convergence time after a link failure in the network? (Choose two)

Options:

A.

BFD

B.

Ti-LFA

C.

Minimal BGP scan time

D.

MPLS-FRR

E.

IGP fast hello

Buy Now
Questions 5

Which solution component helps to achieve comprehensive threat protection and compliance for migration to multicloud SDX architectures?

Options:

A.

System-oriented architecture

B.

OSASE architecture

C.

Platform-oriented architecture

D.

SASE architecture

Buy Now
Questions 6

A network architect is designing a policy where database applications access the internet directly, while other traffic routes through the data center, with dynamic path switching based on performance. Which solution meets these requirements?

Options:

A.

MPLS L3VPN with QoS

B.

Cloud OnRamp for IaaS

C.

Cloud OnRamp for SaaS

D.

MPLS Direct Connect

Buy Now
Questions 7

: 491

Budget is one of the important factors when you design a network Regardless of who controls the budget, one common network design goal is to contain costs Reduced budgets or limited resources often force network designers to select the most affordable solution instead of the best solution Which two elements must be considered when you do ROI analysis for the network design that explains how quickly the new network w ill pay for itself’ (Choose two. )

Options:

A.

improved employee productivity

B.

market segmentation

C.

reduced operational costs

D.

limiting higher revenue potential

E.

state-of-the art technologies

Buy Now
Questions 8

Company XYZ wants to improve the security design of their network to include protection from reconnaissance and DoS attacks on their sub-interfaces destined toward next hop routers. Which technology can be used to prevent these types of attacks?

Options:

A.

MPP

B.

CPPr

C.

CoPP

D.

DPP

Buy Now
Questions 9

Which design solution reduces the amount of IGMP state in the network?

Options:

A.

IGMP filtering

B.

IGMPv3 with PIM-SSM

C.

Multiple multicast domains

D.

One multicast group address throughout network regardless of IGMP version

Buy Now
Questions 10

An enterprise that runs numerous proprietary applications has major issues with its on-premises server estate hardware, to the point where business-critical functions are compromised. The enterprise accelerates plans to migrate services to the cloud. Which cloud service should be used if the enterprise wants to avoid hardware issues yet have control of its applications and operating system?

Options:

A.

SaaS

B.

PaaS

C.

IaaS

D.

hybrid cloud

Buy Now
Questions 11

Security experts promote the security defense-m-depth principle which states that network security should be multilayered and modular and multiple methods should be designed and applied to different parts of the network Drag and drop the characteristics on the left to the matching enterprise network components on the right.

Options:

Buy Now
Questions 12

When an SDN-based model is used to transmit multimedia traffic, which aspect should an architect consider while designing the network?

Options:

A.

QoE estimation

B.

Security

C.

Traffic patterns

D.

Flow forwarding

Buy Now
Questions 13

Which optimal use of interface dampening on a fast convergence network design is true?

Options:

A.

When occasional flaps of long duration occur

B.

When numerous adjacent flaps of very short duration occur

C.

When the router hardware is slower than the carrier delay down detection

D.

When the switch hardware is faster than the debounce timer down detection

Buy Now
Questions 14

An MPLS service provider is offering a standard EoMPLS-based VPLS service to Customer A, providing Layer 2 connectivity between a central site and approximately 100 remote sites. Customer A wants to use the VPLS network to carry its internal multicast video feeds which are sourced at the central site and consist of 20 groups at Mbps each. Which service provider recommendation offers the most scalability?

Options:

A.

EoMPLS-based VPLS can carry multicast traffic in a scalable manner

B.

Use a mesh of GRE tunnels to carry the streams between sites

C.

Enable snooping mechanisms on the provider PE routers

D.

Replace VPLS with a Layer 3 MVPN solution to carry the streams between sites

Buy Now
Questions 15

Which feature must be part of the network design to wait a predetermined amount of time before notifying the routing protocol of a change in the path in the network?

Options:

A.

Transmit delay

B.

Throttle timer

C.

SPF hold time

D.

Interface dampening

Buy Now
Questions 16

Hybrid cloud computing allows organizations to take advantage of public and private cloud models. Which best practice should organizations follow to ensure data security in the private cloud?

Options:

A.

Use standard protocols for data transmission over the network.

B.

Encrypt data when it is at rest and in motion.

C.

Communicate all data security risks to customers and end users.

D.

Use standard network protocols for data communication between unsecured network connections.

Buy Now
Questions 17

A lead network architect is tasked with designing the optimal cloud-based solution for a rapidty growing e-commerce company that heavily relies on its online platform for sales and customer interactions The company’s business critical operations induce real time inventory management, order processing, and payment processing The executive team has decided to migrate their infrastructure to the cloud to improve scalability and recoce operational costs Which cloud service model(s) needs to considered?

Options:

A.

SaaS and PaaS

B.

SaaS

C.

laaS and PaaS

D.

laaS

Buy Now
Questions 18

Company XYZ has a multicast domain that spans across multiple autonomous systems. The company wants a simplified and controlled approach to interconnecting multicast domains. Which technology is the best fit?

Options:

A.

MSDP

B.

PIM SSM

C.

MPLS

D.

PIM sparse mode

Buy Now
Questions 19

Which two advantages of using DWDM over traditional optical networks are true? (Choose two.)

Options:

A.

inherent topology flexibility and service protection provided without penalty through intelligent oversubscription of bandwidth reservation

B.

ability to expand bandwidth over existing optical infrastructure

C.

inherent topology flexibility with built-in service protection

D.

inherent topology flexibility with intelligent chromatic dispersion

E.

inherent topology flexibility with service protection provided through a direct integration with an upper layer protocol

Buy Now
Questions 20

Which tool automates network implementation activities and shortens the implementation lifecycle?

Options:

A.

LISP

B.

Java

C.

Conclusion

D.

Python

Buy Now
Questions 21

An engineer is designing a DMVPN network where OSPF has been chosen as the routing protocol. A spoke-to-spoke data propagation model must be set up. Which two design considerations must be taken into account? (Choose two)

Options:

A.

Configure all the sites as network type broadcast.

B.

The network type on all sites should be point-to-multipoint.

C.

The network type should be point-to-multipoint for the hub and point-to-point for the spokes.

D.

The hub should be set as the DR by specifying the priority to 255.

E.

The hub should be the DR by changing the priority of the spokes to 0.

Buy Now
Questions 22

Setting a specific goal for throughput based on per-second data rates between end hosts does not identify the requirements for specific applications When specifying throughput goals for applications, it is important to understand the throughput requirements for each application Which two factors that can constrain application layer throughput? (Choose two.)

Options:

A.

protocol parameters, such as frame size and retransmission timers

B.

sent packets or cells at networking devices

C.

the pps or cps rate of networking devices

D.

workstation and server availability

E.

end-to-end throughput rates

Buy Now
Questions 23

A company plans to use BFD between its routers to detect a connectivity problem inside the switched network. An IPS is transparently installed between the switches. Which packets should the IPS forward for BFD to work under all circumstances?

Options:

A.

Fragmented packet with the do-not-fragment bit set

B.

IP packets with broadcast IP source addresses

C.

IP packets with the multicast IP source address

D.

IP packet with the multicast IP destination address

E.

IP packets with identical source and destination IP addresses

F.

IP packets with the destination IP address 0.0.0.0.

Buy Now
Questions 24

: 504

To facilitate true end-to-end QoS on an IP-network, the IETF has defined two models: IntServ and DiffServ Which protocol is used by both models?

Options:

A.

Common Open Policy Service

B.

Resource Quality Service Planning

C.

Service Code Point Policy

D.

Resource Reservation and Distribution

Buy Now
Questions 25

Which management category is not part of FCAPS framework?

Options:

A.

Configuration

B.

Security

C.

Performance

D.

Authentication

E.

Fault-management

Buy Now
Questions 26

Company XYZ is designing the network for IPv6 security and they have these design requirements:

A switch or router must deny access to traffic from sources with addresses that are correct but topologically incorrect.

Devices must block Neighbor Discovery Protocol resolution for destination addresses not found in the binding table.

Which two IPv4 security features are recommended for this company? (Choose two)

Options:

A.

IPv6 DHCP Guard

B.

IPv6 Source Guard

C.

IPv6 Destination Guard

D.

IPv6 Prefix Guard

E.

IPv6 RA Guard

Buy Now
Questions 27

Which mechanism provides Layer 2 fault isolation between data centers?

Options:

A.

FabricPath

B.

OTV

C.

Advanced VPLS

D.

LISP

E.

TRILL

Buy Now
Questions 28

Which development model is closely associated with Agile project management?

Options:

A.

static model

B.

evolutionary delivery model

C.

lifecycle model

D.

starfish model

Buy Now
Questions 29

You are designing a network running both IPv4 and IPv6 to deploy QoS. Which consideration is correct about the QoS for IPv4 and IPv6?

Options:

A.

IPv4 and IPv6 traffic types can use queuing mechanisms such as LLQ, PQ, and CQ.

B.

IPv6 packet classification is only available with process switching, whereas IPv4 packet classification is available with both process switching and CEF.

C.

IPv6 and IPv4 traffic types can use a single QoS policy to match both protocols.

D.

Different congestion management mechanisms need to be used for IPv4 and IPv6 traffic types.

Buy Now
Questions 30

Network orchestration enables network administrators to focus on strategic initiatives, innovation, and value-added tasks rather than spending time on manual and repetitive network management activities. Drag and drop the orchestration types from the left onto the corresponding functions on the right. Not all options are used.

Options:

Buy Now
Questions 31

Drag and drop the end-to-end network virtualization elements from the left onto the correct network areas on the right.

Options:

Buy Now
Questions 32

You want to mitigate failures that are caused by STP loops that occur before UDLD detects the failure or that are caused by a device that is no longer sending BPDUs. Which mechanism do you use along with UDLD?

Options:

A.

Root guard

B.

BPDU guard

C.

Loop guard

D.

BPDU filtering

Buy Now
Questions 33

: 479

A comprehensive business continuity plan creates a clear recovery pathway for your systems and acts as an operational blueprint Which two elements are crucial to know before creating a business continuity plan? (Choose two.)

Options:

A.

recovery blueprint

B.

notification matrix

C.

critical activities

D.

communication plan

E.

threat scenarios

Buy Now
Questions 34

A network designer should follow a methodology that must guide the entire lifecycle of the design process In the early phases of the process, technology requirements are evaluated and validated, which allows for proper planning in response to changes in the infrastructure and requirements for resources Which two elements help make a company more agile by adjusting them on a regular basis? (Choose two.)

Options:

A.

application and services access

B.

throughput per application

C.

establishing business requirements

D.

technology strategies

E.

configuration management

Buy Now
Questions 35

Company XYZ has two routing domains (EIGRP and OSPF). They want full reachability and need OSPF to see link costs added to external routes. How must redistribution be designed?

Options:

A.

Redistribute using metric type 2 into OSPF.

B.

Redistribute using metric type 1 into OSPF.

C.

Redistribute using metric type 1 into EIGRP.

D.

Redistribute using metric type 2 into EIGRP.

Buy Now
Questions 36

Refer to the exhibit.

Company XYZ’s BGP topology is as shown in the diagram. The interface on the LA router connected toward the 10.1.5.0/24 network is faulty and is going up and down, which affects the entire routing domain. Which routing technique can be used in the routing policy design so that the rest of the network is not affected by the flapping issue?

Options:

A.

Use route dampening on LA router for the 10.1.5.0/24 network so that it does not get propagated when it flaps up and down

B.

Use route filtering on Chicago router to block the 10.1.5.0/24 network from coming in from the LA router

C.

Use route filtering on LA router to block the 10.1.5.0/24 network from getting propagated toward Chicago and New York

D.

Use route aggregation on LA router to summarize the 10.1.4.0/24, 10.1.5.0/24, 10.1.6.0/24, and 10.1.7.0/24 networks toward Chicago

Buy Now
Questions 37

SDN emerged as a technology trend that attracted many industries to move from traditional networks to SDN. Which challenge is solved by SDN for cloud service providers?

Options:

A.

Need for intelligent traffic monitoring

B.

Exponential growth of resource-intensive applications

C.

Complex and distributed management flow

D.

Higher operating expense and capital expenditure

Buy Now
Questions 38

You are designing a large-scale DMVPN network with more than 500 spokes using EIGRP as the IGP protocol. Which design option eliminates potential tunnel down events on the spoke routers due to the holding time expiration?

Options:

A.

Increase the hold queue on the physical interface of the hub router

B.

Increase the hold queue on the tunnel interface of the spoke routers

C.

Increase the hold queue on the tunnel interface of the hub router

D.

Apply QoS for pak_priority class

E.

Increase the hold queue on the physical interface of the spoke routers

Buy Now
Questions 39

Implementing a network automation architecture usually follows a phased approach that increases automation as the new technology and processes in the preceding phases are integrated and adopted. What provides a model that greatly simplifies the interaction with network devices?

Options:

A.

vendor specific configuration

B.

network device migration

C.

abstraction layer

D.

CI/CD framework

Buy Now
Questions 40

A product manufacturing organization is integrating cloud services into their IT solution. The IT team is working on the preparation phase of the implementation approach, which includes the Define Strategy step. This step defines the scope of IT, the application, and the service. What is one topic that should be considered in the Define Strategy step?

Options:

A.

Financial and governance models

B.

Innovate and align with business according to volume

C.

Due diligence and financial scenarios

D.

Contingency exit strategy steps

Buy Now
Questions 41

Company XYZ plans to run OSPF on a DMVPN network. They want to use spoke-to-spoke tunnels in the design. What is a drawback or concern in this type of design?

Options:

A.

Additional host routes will be inserted into the routing tables

B.

Manual configuration of the spokes with the appropriate priority will be needed

C.

There will be split-horizon issue at the hub

D.

Manual configuration of the spoke IP address on the hub will be needed

Buy Now
Questions 42

In search of a system capable of hosting, monitoring, compiling, and testing code in an automated way, what can be recommended to the organization?

Options:

A.

Jenkins

B.

Ansible

C.

Perl

D.

Chef

Buy Now
Questions 43

: 495

An organization has two branches connected over the Internet circuit using IPsec tunnels established on their edge routers belonging to different vendors Recently these branches were the victims of a DoS attack resulting in failure to establish the tunnels They are now looking for a better tunneling solution allowing full interoperability between vendors and allowing a standardized set of authentication methods Furthermore the solution must support detection of the peer’s state as well as having support for next-gen encryption algorithms. Which protocol meets these requirements and is known to be resistant to DoS attacks?

Options:

A.

L2TP/IPsec

B.

OpenVPN/Blowfish

C.

IPsec BFD

D.

IKEv2

Buy Now
Questions 44

Which two benefits can software defined networks provide to businesses? (Choose two.)

Options:

A.

Provides additional redundancy

B.

Decentralized management

C.

Reduced latency

D.

Enables innovation

E.

Reduction of OpEx/CapEx

F.

Meets high traffic demands

Buy Now
Questions 45

A business wants to centralize services via VDI technology and to replace remote WAN desktop PCs with thin client-type machines to reduce operating costs. Which consideration supports the new business requirement?

Options:

A.

VDI servers should be contained centrally within a DMZ

B.

The thin client traffic should be placed in a WAN QoS priority queue

C.

VDI servers should be contained within dedicated VLANs in each branch location

D.

The WAN should offer low latency and be resized

Buy Now
Questions 46

You want to split an Ethernet domain in two.

Which parameter must be unique in this design to keep the two domains separated?

Options:

A.

VTP domain

B.

VTP password

C.

STP type

D.

VLAN ID

Buy Now
Questions 47

Virtualization pose a special challenges for NAC because virtual servers can move around a data center, and the VLAN can change as the servers move. What is an option that can be used to improve security in this condition?

Options:

A.

role-based control

B.

in-band traffic control

C.

application-based security

D.

application-based security

Buy Now
Questions 48

A customer migrates from a traditional Layer 2 data center network into a new SDN-based spine-and-leaf VXLAN EVPN data center within the same location. The networks are joined to enable host migration at Layer 2. What is the final migration step after hosts have physically migrated to have traffic flowing through the new network without changing any host configuration?

Options:

A.

Shut down legacy Layer 3 SVIs, clear ARP caches on all hosts being migrated, and then configure the legacy VRRP address onto new VXLAN core switches

B.

Increase VRRP priorities on new infrastructure over legacy VRRP values, then shut down legacy SVIs

C.

Shut down legacy infrastructure to allow VXLAN gateways to become active

D.

Shut down legacy Layer 3 SVIs and activate new preconfigured Layer 3 SVIs on VXLAN

Buy Now
Questions 49

Refer to the exhibit.

Company XYZ must design a DMVPN tunnel between the three sites. Chicago is going to act as the NHS, and the company wants DMVPN to detect peer endpoint failures. Which technology should be used in the design?

Options:

A.

VPLS

B.

IP SLA

C.

GRE

D.

L2TPv3

Buy Now
Questions 50

A business wants to refresh its legacy Frame Relay WAN and consolidate product specialists via video in 200 branches. Which technology should be used?

Options:

A.

DMVPN phase 1 network over the Internet

B.

Layer 3 MPLS VPN hub and spoke

C.

Layer 2 VPLS

D.

Layer 3 MPLS VPN full mesh

Buy Now
Questions 51

monitoring solution, an organization wants to ensure they can collect feedback from network devices, particularly with a focus on being able to perform anomaly detection and automatically react to these events as they come m A key requirement is that the resources required to collect the data must be distributed Which data reporting approach is good fit for this use case?

Options:

A.

model-driven monitoring

B.

pull-based methodology

C.

data-flow monitoring

D.

streaming telemetry

Buy Now
Questions 52

Refer to the diagram.

Which solution must be used to send traffic from the foreign wireless LAN controller to the anchor wireless LAN controller?

Options:

A.

Send packets from the foreign controller to the anchor controller via Layer 3 MPLS VPN or VRF-Lite

B.

Send packets without encapsulation to the anchor controller over the routed network.

C.

Encapsulate packets into an EoIP tunnel and send them to the anchor controller.

D.

Send packets from the foreign controller to the anchor controller via IPinIP or IPsec tunnel.

Buy Now
Questions 53

Which function is performed at the access layer of the three-layer hierarchical network design model?

Options:

A.

Fault isolation

B.

QoS classification and marking boundary

C.

Reliability

D.

Fast transport

E.

Redundancy and load balancing

Buy Now
Questions 54

: 503

As organizations rush to implement AI, many fail to address its ethical considerations Not examining those issues puts an organization at risk of legal violations, loss of customer trust and long-term reputational damage. Which two ethical standards are required in preven ting such pitfalls? (Choose two. )

Options:

A.

data privacy

B.

algorithmic transparency

C.

Al maturity

D.

data silos process automation

Buy Now
Questions 55

As part of a new network design documentation, you are required to explain the reason for choosing Cisco FabricPath for Layer 2 loop avoidance.

Which two elements help Cisco FabricPath mitigate Layer 2 loops if they happen in the Layer 2 MP network? (Choose two)

Options:

A.

MAC tunneling

B.

IS-IS multipath

C.

RPF check

D.

TTL header

Buy Now
Questions 56

SDN is still maturing Throughout the evolution of SDN which two things will play a key role in enabling a successful deployment and avoiding performance visibility gaps in the infrastructure’ (Choose two.)

Options:

A.

peer-to-peer controller infrastructure

B.

failing back to old behaviours

C.

dynamic real-time change

D.

rapid on-demand growth

E.

integration of device context

Buy Now
Questions 57

The API of an SDN controller named CTL-A uses the HTTP POST method and the same URL for all resources The JSON body of each message is used to get information for specific resources and operations The API of a SDN controller named CTL-B uses HTTP CRUD methods and a uniform interface with different URLs for each resource Which API type is used by each SDN controller?

Options:

A.

CTL-A uses a RESTful API and CTL-B has an HTTP-based API

B.

CTL-B uses a RESTful API and CTL-A has an HTTP-based API

C.

CTL-A and CTL-B have a non-RESTful API

D.

CTL-A and CTL-B have a RESTful API

Buy Now
Questions 58

An architect prepares a network design for a startup company. The design must meet business requirements while the business grows and divests due to rapidly changing markets. What is the highest priority in this design?

Options:

A.

The network should be hierarchical.

B.

The network should be modular.

C.

The network should be scalable.

D.

The network should have a dedicated core.

Buy Now
Questions 59

Company ABC uses IPv4-only. Recently they started deploying new endpoint devices. For operational reasons, IPv6 cannot be disabled on these new endpoint devices. Which security measure prevents the new endpoint from learning an IPv6 prefix from an attacker?

Options:

A.

Source Guard and Prefix Guard

B.

Router Advertisement Guard

C.

Prefix Guard

D.

Secure Neighbor Discovery

Buy Now
Questions 60

When designing a WAN that will be carrying real-time traffic, what are two important reasons to consider serialization delay? (Choose two.)

Options:

A.

Serialization delays are invariable because they depend only on the line rate of the interface.

B.

Serialization delays are variable because they depend on the line rate of the interface and on the type of the packet being serialized.

C.

Serialization delay is the time required to transmit the packet on the physical media.

D.

Serialization delays are variable because they depend only on the size of the packet being serialized.

E.

Serialization delay depends not only on the line rate of the interface but also on the size of the packet.

Buy Now
Questions 61

Over the years, many solutions have been developed to limit control plane state which reduces the scope or the speed of control plane information propagation. Which solution removes more specific information about a particular destination as topological distance is covered in the network?

Options:

A.

Aggregation

B.

Summarization

C.

Back-off timers

D.

Layering

Buy Now
Questions 62

A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. Recently, they added a new branch to their network. Due to physical security concerns, they want to extend their existing IP CCTV network of the head office to the new branch, without any routing changes in the network. They are also under some time constraints. What is the best approach to extend the existing IP CCTV network to the new branch, without incurring any IP address changes?

Options:

A.

GRE

B.

EoMPLS

C.

VXLAN

D.

L2TPv3

Buy Now
Questions 63

Which two pain points are the most common for container technology adoption? (Choose two)

Options:

A.

Performance

B.

Security

C.

Cost

D.

Container deployment

E.

Skilled staff

F.

Compliance

Buy Now
Questions 64

Company XYZ has a hub-and-spoke topology over an SP-managed infrastructure. To measure traffic performance metrics, they implemented IP SLA senders on all spoke CE routers and an IP SLA responder on the hub CE router. What must they monitor to have visibility on the potential performance impact due to the constantly increasing number of spoke sites?

Options:

A.

CPU and memory usage on the spoke routers

B.

Memory usage on the hub router

C.

CPU usage on the hub router

D.

Interface buffers on the hub and spoke routers

Buy Now
Questions 65

Which service abstracts away the management of the operating system, middleware, and runtime?

Options:

A.

IaaS

B.

PaaS

C.

SaaS

D.

BMaaS

Buy Now
Questions 66

: 497 DRAG DROP

Data residency and sovereignty requirements are based on regional and industry-specific regulations, and different organizations have different data sovereignty requirements. Implementation of a mechanism that provides control over all access to data by cloud providers and the ability to inspect changes to cloud infrastructure and services is required. Drag and drop the descriptions from the left onto the corresponding categories on the right in no particular order. Not all options are used.

Options:

Buy Now
Questions 67

Which effect of using ingress filtering to prevent spoofed addresses on a network design is true?

Options:

A.

It reduces the effectiveness of DDoS attacks when associated with DSCP remarking to Scavenger.

B.

It protects the network infrastructure against spoofed DDoS attacks.

C.

It classifies bogon traffic and remarks it with DSCP bulk.

D.

It filters RFC 1918 IP addresses.

Buy Now
Questions 68

Which two features control multicast traffic in a VLAN environment? (Choose two)

Options:

A.

IGMP snooping

B.

MLD snooping

C.

RGMP

D.

PIM snooping

E.

pruning

Buy Now
Questions 69

Which parameter is the most important factor to consider when deciding service placement in a cloud solution?

Options:

A.

Data replication cost

B.

Application structure

C.

Security framework implementation time

D.

Data confidentiality rules

Buy Now
Questions 70

In a redundant hub-and-spoke design with inter-spoke links, load oscillation and routing instability occur due to overload conditions. Which two design changes improve resiliency? (Choose two)

Options:

A.

Increase the number of redundant paths considered during the routing convergence calculation

B.

Eliminate links between every spoke

C.

Increase routing protocol convergence timers

D.

Increase unequal-cost parallel paths

E.

Use two links to each remote site instead of one

Buy Now
Questions 71

Drag and drop the FCAPS network management reference models from the left onto the correct definitions on the right.

Options:

Buy Now
Questions 72

Refer to the exhibit.

This network is running OSPF as the routing protocol. The internal networks are being advertised in OSPF. London and Rome are using the direct link to reach each other although the transfer rates are better via Barcelona. Which OSPF design change allows OSPF to calculate the proper costs?

Options:

A.

Change the OSPF reference bandwidth to accommodate faster links.

B.

Filter the routes on the link between London and Rome.

C.

Change the interface bandwidth on all the links.

D.

Implement OSPF summarization to fix the issue.

Buy Now
Questions 73

Drag and drop the multicast protocols from the left onto the current design situation on the right.

Options:

Buy Now
Questions 74

Refer to the exhibit.

Traffic was equally balanced between Layer 3 links on core switches SW1 and SW2 before an introduction of the new video server in the network. This video server uses multicast to send video streams to hosts and now one of the links between core switches is overutilized. Which design solution solves this issue?

Options:

A.

Add more links between core switches.

B.

Aggregate links Layer 2 link aggregation.

C.

Apply a more granular load-balancing method on SW1.

D.

Apply a more granular load-balancing method on SW2.

E.

Filter IGMP joins on an overutilized link.

Buy Now
Questions 75

Flexibility, scalability, resiliency, and security are all chrematistics of a services-ready network An architecture featuring a modular design enables technologies and services to be added when the organization is ready to deploy. Drag and drop the design considerations on the left to the to type of service on the right Not all options are used

Options:

Buy Now
Questions 76

You are designing the routing design for two merging companies that have overlapping IP address space. Which of these must you consider when developing the routing and NAT design?

Options:

A.

Local to global NAT translation is done after routing

B.

Global to local NAT translation is done before routing

C.

Local to global NAT translation is done before policy-based routing

D.

Global to local NAT translation is done after policy-based routing

Buy Now
Questions 77

Refer to the exhibit.

A customer has two eBGP internet links: one primary high-speed (10 Mbps) and one backup low-speed (1 Mbps). The requirement is to use the 10M link (ISP 1) for all inbound/outbound traffic and only use the 1M link (ISP 2) during failure.

What is the correct BGP-based design solution?

Options:

A.

Advertise a higher local preference to ISP 2. Increase the AS PATH inbound from ISP 1

B.

Advertise a longer AS PATH to ISP 2. Increase the MED to ISP 2

C.

Advertise more specific routes to ISP 1. Increase the local preference attribute of inbound BGP from ISP1

D.

Advertise less specific routes to ISP 2. Increase the AS PATH inbound from ISP 1

Buy Now
Questions 78

You are using iSCSI to transfer files between a 10 Gigabit Ethernet storage system and a 1 Gigabit Ethernet server. The performance is only approximately 700 Mbps and output drops are occurring on the server switch port. Which action will improve performance in a cost-effective manner?

Options:

A.

Change the protocol to CIFS.

B.

Increase the queue to at least 1 GB

C.

Use a WRED random drop policy

D.

Enable the TCP Nagle algorithm on the receiver

Buy Now
Questions 79

: 474

The development of a connected ecosystem of devices reflects manufacturers ' heightened focus on internal needs and issues as they work to increase product resiliency and improve customer experience In which two ways can network visibility contribute to resilient software defined networking? (Choose two.)

Options:

A.

by prioritizing critical applications

B.

by detecting and preventing network issues early

C.

by ensuring reliability by static architecture

D.

by abstracting traffic patterns from operators

E.

by reducing costs by removing low-priority traffic

Buy Now
Questions 80

You are tasked to design a QoS policy for a service provider so they can include it in the design of their MPLS core network. If the design must support an MPLS network with six classes, and CEs will be managed by the service provider, which QoS policy should be recommended?

Options:

A.

map IP CoS bits into the IP Precedence field

B.

map flow-label bits into the Exp field

C.

map IP precedence bits into the DSCP field

D.

map DSCP bits into the Exp field

Buy Now
Questions 81

Which Interconnectivity method offers the fastest convergence in the event of a unidirectional issue between three Layer 3 switches connected together with routed links in the same rack in a data center?

Options:

A.

Copper Ethernet connectivity with BFD enabled

B.

Copper Ethernet connectivity with UDLD enabled

C.

Fiber Ethernet connectivity with BFD enabled

D.

Fiber Ethernet connectivity with UDLD enabled

Buy Now
Questions 82

A network architect is working on a large project involving migration to a software-defined networking platform, and is currently working on writing an executive summary for final approval by the management board. When writing the executive summary, What is a limitation of or challenges with software-defined networks that must be listed?

Options:

A.

Provides better flexibility but decreases the speed of service delivery.

B.

Difficulties in making significant improvements to service request response times.

C.

Virtualization inherently adds overhead and network latency.

D.

Often comes with a high CAPEX due to use of automation tools.

Buy Now
Questions 83

A network architect is working on the baseline policies dealing with the use of Infrastructure-as-Code within an IT department, and has been requested to present the plan at the monthly management board meeting. What are two examples of operational aspects of Infrastructure-as-Code that can be highlighted during the presentation? (Choose two.)

Options:

A.

API for programmatic control

B.

automatic trouble ticketing

C.

automated workflows

D.

source code management repository

E.

telemetry and monitoring

Buy Now
Questions 84

A mega store plans to expand its business into the online world, and wants to operate using the highest possible security standards to prove to their customers that they take handling of their payment information seriously. Only TLS v1.3 will be allowed on their websites. Which type of SSL certificate will emphasize their commitment to enforcing high security standards and minimize risk of spoofing?

Options:

A.

DV SSL certificate

B.

PV SSL certificate

C.

OV SSL certificate

D.

EV SSL certificate

Buy Now
Questions 85

Which two protocols are used by SDN controllers to communicate with switches and routers? (Choose two.)

Options:

A.

OpenFlash

B.

OpenFlow

C.

NetFlash

D.

Open vSwitch Database

E.

NetFlow

Buy Now
Questions 86

Company XYZ was not satisfied with the reconvergence time OSPF is taking. BFD was implemented to try to reduce the reconvergence time, but the network is still experiencing delays when having to reconverge. Which technology will improve the design?

Options:

A.

OSPF fast hellos

B.

BFD echo

C.

Change the protocol to BGP

D.

Change the OSPF hello and dead intervals

Buy Now
Questions 87

SDN is still maturing. Throughout the evolution of SDN, which two things will play a key role in enabling a successful deployment and avoiding performance visibility gaps in the infrastructure? (Choose two.)

Options:

A.

Rapid on-demand growth

B.

Dynamic real-time change

C.

Falling back to old behaviors

D.

Peer-to-peer controller infrastructure

E.

Integration of device context

Buy Now
Questions 88

You are designing the QoS policy for a company that is running many TCP-based applications. The company is experiencing tail drops for these applications. The company wants to use a congestion avoidance technique for these applications. Which QoS strategy can be used?

Options:

A.

Weighted fair queuing

B.

Weighted random early detection

C.

Low-latency queuing

D.

First-in first-out

Buy Now
Questions 89

Refer to the exhibit.

For Company XYZ, Bangkok is using ECMP to reach the 172.20.2.0/24 network. The company wants a design that would allow them to forward traffic from 172.16.2.0/24 toward 172.20.2.0/24 via the Singapore router as the preferred route. The rest of the traffic should continue to use ECMP. Which technology fulfills this design requirement?

Options:

A.

policy-based routing

B.

route summarization

C.

unequal-cost load balancing using variance

D.

LFA

Buy Now
Questions 90

As technologies such as big data, cloud, and loT continue to grow, so will the demand for network bandwidth Business strategies must be flexible to accommodate these changes when it comes to priorities and direction and the network design strategy also must be agile and adaptable Drag and drop the benefits from the left onto the corresponding strategic approaches on the right as they relate to network design and management.

Options:

Buy Now
Questions 91

Which action must be taken before new VoIP systems are implemented on a network to ensure that the network is ready to handle the traffic?

Options:

A.

Evaluate bandwidth utilization and connection quality

B.

Enable special requirements such as direct DID lines on pickup

C.

Make recommendations to limit the size of the half-open session table on routers

D.

Check if anomaly detection is enabled for SIP and H.323 on Layer 3 devices

Buy Now
Questions 92

As a network designer, you need to support an enterprise with hundreds of remote sites connected over a single WAN network that carries different types of traffic, including VoIP, video, and data applications. Which of the following design considerations will not impact design decision?

Options:

A.

Focus on the solution instead of the problem, which helps to reduce downtime duration

B.

The location of the data collection

C.

What direction the data or flows should be metered

D.

Identify traffic types and top talkers over this link

Buy Now
Questions 93

: 500

Scrum is a subset of Agile and is a lightweight process framework for Agile development. Which role becomes the interface between the business, the customers, and their product-related needs on one side, and the Team on the other?

Options:

A.

Scrum Master

B.

Program Manager

C.

Product Manager

D.

Product Owner

Buy Now
Questions 94

Company XYZ has 30 sites using MPLS L3 VPN and is concerned about data integrity. They want a centralized configuration model and minimal overhead. Which technology can be used?

Options:

A.

S-VTI

B.

DMVPN

C.

MGRE

D.

GET VPN

Buy Now
Questions 95

Identity and access management between multiple users and multiple applications has become a mandatory requirement for Company XYZ to fight against ever-increasing cybersecurity threats. To achieve this, federated identity services have been deployed to provide Single Sign-On and Multi-Factor Authentication. Which protocol can be used by Company XYZ to provide authentication and authorization services?

Options:

A.

OAuth2

B.

OpenID Connect

C.

OpenID

D.

SAML2.0

Buy Now
Questions 96

What are the two benefits of using northbound APIs in SDN architecture? (Choose two.)

Options:

A.

They provide a way to manage the SDN and configure network policies

B.

They connect the SDN controller to the underlying network devices.

C.

They provide a way for the SDN controller to communicate with network devices

D.

They provide, a way for the SDN to control change management

E.

They connective SDN controller to higher-level management, systems

Buy Now
Questions 97

A bank recently had their security compromised during an initial key exchange between devices using a symmetric cryptography algorithm, and as a result the key was revealed/leaked. Going forward, they want to ensure that key exchanges are performed using asymmetric cryptography algorithms. Which algorithm offers the desired functionality?

Options:

A.

AES

B.

RSA

C.

RC4

D.

Diffie-Hellman

Buy Now
Questions 98

Drag and drop the multicast protocols from the left onto the current design situation on the right.

Options:

Buy Now
Questions 99

Two routers R1 and R2 are directly connected through an Ethernet link Both routers are running OSPF. OSPF has been registered with BFD and BFD is running in asynchronous mode with the echo function enabled Which two actions occur that are related to the echo function? (Choose two)

Options:

A.

DFD sent at a slower pace because the echo function is enabled

B.

BFD echo packets are sent from forwarding engines along the Layer 2 path to perform detection

C.

BFD control packets are sent at a higher pace because the echo function is enabled

D.

Only BFD control packets are sent from forwarding engines along the Layer 2 path to perform detection

E.

DUMPS BFD sessions at either end actively participate in the forwarding of echo packets

Buy Now
Questions 100

Company XYZ wants to prevent switch loops caused by unidirectional point-to-point link conditions on Rapid PVST+ and MST. Which technology can be used in the design to meet this requirement?

Options:

A.

STP BPDU Guard

B.

STP Bridge Assurance

C.

MSTP

D.

TRILL

Buy Now
Questions 101

Which actions are performed at the distribution layer of the three-layer hierarchical network design model? (Choose two)

Options:

A.

Fast transport

B.

Reliability

C.

QoS classification and marking boundary

D.

Fault isolation

E.

Redundancy and load balancing

Buy Now
Questions 102

What is a description of a control plane action?

Options:

A.

De-encapsulating and re-encapsulating a packet in a data-link frame

B.

Matching the destination MAC address of an Ethernet frame to the MAC address table

C.

Matching the destination IP address of an IP packet to the IP routing table

D.

Hosts locating routers that reside on attached links using the IPv6 Neighbor Discovery Protocol

Buy Now
Questions 103

A networking team needs to prevent spoofing attacks They are describing the different uRPF design use cases so they can identify and deploy the optimal mode in various parts of their network

Drag and drop the use cases from the left onto the corresponding uRPF technique on the right Not all options are used

Options:

Buy Now
Questions 104

Which redundancy element plays a crucial role in ensuring business continuity even in challenging situations?

Options:

A.

adapting and expanding the network

B.

network boot performance

C.

disaster recovery planning

D.

minimizing the downtime

Buy Now
Questions 105

In the case of outsourced IT services, the RTO is defined within the SLA Which two support terms are often included in the SLA by IT and other service providers’ (Choose two)

Options:

A.

Network size and cost

B.

Support availability

C.

Network sustainability

D.

Network reliability

E.

Resolution time

Buy Now
Questions 106

Which three Cisco products are used in conjunction with Red Hat to provide an NFVi solution? (Choose three.)

Options:

A.

Cisco Prime Service Catalog

B.

Cisco Open Virtual Switch

C.

Cisco Nexus switches

D.

Cisco UCS

E.

Cisco Open Container Platform

F.

Cisco Virtual Network Function

Buy Now
Questions 107

Two routers R1 and R2 are directly connected through an Ethernet link. Both routers are running OSPF over the Ethernet link and OSPF has been registered with BFD. R1 has been set up to transmit BFD at a 50 ms interval, but R2 can receive only at a 100 ms rate due to platform limitations. What does this mean?

Options:

A.

After the initial timer exchange, R2 sets its transmission rate to the R1 Desired Min TX interval

B.

After the initial timer exchange, R1 sets its transmission rate to the R2 Required Min RX interval

C.

Timers renegotiate indefinitely, so the timer exchange phase never converges

D.

R2 sets the P-bit on all BFD control packets until R2 sends a packet with the F-bit set

Buy Now
Questions 108

Which methodology is the leading lifecycle approach to network design and implementation?

Options:

A.

PPDIOO

B.

Waterfall model

C.

Spiral model

D.

V model

Buy Now
Questions 109

Which two statements about MLD snooping are true? (Choose two)

Options:

A.

When MLD snooping is enabled, QoS is automatically enabled

B.

A VLAN can support multiple active MLD snooping queriers, as long as each one is associated to a different multicast group

C.

An MLD snooping querier election occurs when any MLD snooping querier goes down or if there is an IP address change on the active querier

D.

When multiple MLD snooping queriers are enabled in a VLAN, the querier with the lowest IP address in the VLAN is elected as the active MLD snooping querier

Buy Now
Questions 110

Which issue poses a challenge for security architects who want end-to-end visibility of their networks?

Options:

A.

Too many overlapping controls

B.

Too many disparate solutions and technology silos

C.

An overabundance of manual processes

D.

A network security skills shortage

Buy Now
Questions 111

A healthcare customer requested that SNMP traps must be sent over the MPLS Layer 3 VPN service. Which protocol must be enabled?

Options:

A.

SNMPv3

B.

Syslog

C.

Syslog TLS

D.

SNMPv2

E.

SSH

Buy Now
Questions 112

A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different systems using different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling?

Options:

A.

Enforce risk-based and adaptive access policies.

B.

Assess real-time security health of devices.

C.

Apply a context-based network access control policy for users.

D.

Ensure trustworthiness of devices.

Buy Now
Questions 113

Refer to the exhibit.

Your company designed a network to allow server VLANs to span all access switches in a data center. In the design, Layer 3 VLAN interfaces and HSRP are configured on the aggregation switches. Which two features improve STP stability within the network design? (Choose two.)

Options:

A.

BPDU guard on access ports

B.

BPDU guard on the aggregation switch downlinks toward access switches

C.

root guard on the aggregation switch downlinks toward access switches

D.

root guard on access ports

E.

edge port on access ports

F.

access switch pairs explicitly determined to be root and backup root bridges

Buy Now
Questions 114

Cost is often one of the motivators for a business to migrate from a traditional network to a software-defined network. Which design decision is directly influenced by CAPEX drivers?

Options:

A.

Scalability

B.

Stability

C.

Complexity

D.

Manageability

Buy Now
Questions 115

During a pre-sales meeting with a potential customer, the customer CTO asks a question about advantages of controller-based networks versus a traditional network. What are two advantages to mention? (Choose two)

Options:

A.

Per device forwarding tables

B.

Programmatic APIs available per device

C.

Abstraction of individual network devices

D.

Distributed control plane

E.

Consistent device configuration

Buy Now
Questions 116

What are two advantages of the Agile project management methodology? (Choose two)

Options:

A.

brief but detailed feedback loops

B.

extensive documentation

C.

well-detailed and reliable budget estimates

D.

creation of shippable enhancements

E.

tight and rigid model

Buy Now
Questions 117

Compared to data plane traffic, control plane traffic is relatively small in volume, but these flows are critical to the overall functioning of the network infrastructure and to voice and video endpoint well. When designing a QoS policy for a network, which two actions for the network control service-class is recommended? (Choose two)

Options:

A.

A moderately provisioned guaranteed-bandwidth queue can be assigned

B.

Traffic in this class needs to carry a CS6 DSCP marking.

C.

Place the traffic in the same queue as other signalling traffic.

D.

Network control traffic may be assigned a moderately provisioned shared queue

E.

WRED must be enabled on the class to avoid traffic being dropped

Buy Now
Questions 118

A network security team uses a purpose-built tool to actively monitor the campus network, applications, and user activity. The team also analyzes enterprise telemetry data from IPFIX data records that are received from devices in the campus network. Which action can be taken based on the augmented data?

Options:

A.

Reduction in time to detect and respond to threats

B.

Integration with an incident response plan

C.

Adoption and improvement of threat-detection response

D.

Asset identification and grouping decisions

Buy Now
Questions 119

A company with an existing multivendor network is moving from 1 G dark fiber to an ISP virtual leased-line solution The company ' s internal security policy states that any traffic traversing a network that is not owned by the company must be encrypted What must be used to meet the requirements?

Options:

A.

IPsec AH

B.

Dynamic Multipoint VPN tunnel

C.

IPsec ESP

D.

GETVPN tunnel

Buy Now
Questions 120

Your network operations team is deploying Access Control Lists (ACLs) across your Internet gateways. They wish to place an ACL inbound on the Internet gateway interface facing the core network (the " trusted " interface). Which IP address would the ACL need for traffic sourced from the inside interface, to match the source address of the traffic?

Options:

A.

inside global

B.

outside global

C.

inside local

D.

outside local

Buy Now
Questions 121

An organization is looking to perform a major overhaul on their data center storage infrastructure with a focus on high availability and fault tolerance Which approach will accomplish this?

Options:

A.

Implementing a single storage array with RAID 0 configuration for maximum storage capacity.

B.

Using a clustered storage setup with active-active controllers for load balancing.

C.

Utilizing a distributed storage system with multiple geographically dispersed nodes

D.

Deploying a storage virtualization solution to aggregate multiple storage devices

Buy Now
Questions 122

Two enterprise networks must be connected together. Both networks are using the same private IP addresses. The client requests from both sides should be translated using hide NAT (dynamic NAT) with the overload feature to save IP addresses from the NAT pools. Which design addresses this requirement using only one Cisco IOS NAT router for both directions?

Options:

A.

This is not possible, because two Cisco IOS NAT routers are required to do dynamic NAT with overload in both directions

B.

The ip nat inside and ip nat outside commands must be configured at the interfaces with the overload option in both directions

C.

The overload feature is the default and does not have to be configured

D.

Two different NAT pools must be used for the ip nat inside source and the ip nat outside source commands for the overload feature in both directions

E.

The NAT Virtual Interface must be used to achieve this requirement

Buy Now
Questions 123

The administrator of a small branch office wants to implement the Layer 2 network without running STP. The office has some redundant paths. Which mechanism can the administrator use to allow redundancy without creating Layer 2 loops?

Options:

A.

Use double-sided VPC on both switches

B.

Use two port channels as Flex links

C.

Use FabricPath with ECMP

D.

Use 802.3ad link bundling

Buy Now
Questions 124

An IT service provider is upgrading network infrastructure to comply with PCI security standards. The network team finds that 802.1X and VPN authentication based on locally-significant certificates are not available on some legacy phones. Which workaround solution meets the requirement?

Options:

A.

Replace legacy phones with new phones because the legacy phones will lose trust if the certificate is renewed.

B.

Enable phone VPN authentication based on end-user username and password.

C.

Temporarily allow fallback to TLS 1.0 when using certificates and then upgrade the software on legacy phones.

D.

Use authentication-based clear text password with no EAP-MD5 on the legacy phones.

Buy Now
Questions 125

Which aspect of BGP-LS makes it scalable in large network when multiarea topology information must be gathered?

Options:

A.

transmit flow control

B.

TCP-based flow control

C.

open-loop flow control

D.

hardware flow control

Buy Now
Questions 126

Drag and drop the right functional descriptions from the left onto the corresponding protocols on the right.

Options:

Buy Now
Questions 127

What is the best approach in a large legacy application migration scenario when the goal is to complete the migration in the shortest possible time?

Options:

A.

refactoring

B.

replatfoming

C.

rearchitecting

D.

rehosting

Buy Now
Questions 128

: 485

Traditionally, infrastructure is not managed using code but instead it is managed and provisioned manually which can cause potential issues On the other side, infrastructure as code brings several advantages What is a benefit of infrastructure as code?

Options:

A.

declarative ptpeimes

B.

repeatable deployments

C.

configuration drift

D.

agent monitoring

Buy Now
Questions 129

Refer to the exhibit After a network audit a network engineer must optimize the current network convergence time The proposed solution must consider link layer and control plane failures Which solution meets the requirements?

Options:

A.

Configure denounce timers

B.

Increase fast hello timers.

C.

Implement BFD

D.

Enable LSP fast flood

Buy Now
Questions 130

Refer to the exhibit.

The network 10.10.0.0/16 has been redistributed to OSPF processes and the best path to the destination from R1 has been chosen as R1–R2–R3. A failure occurred on the link between R2 and R3 and the path was changed to R1–R4–R5–R3. What happens when the link between R2 and R3 is restored?

Options:

A.

The path R1–R4–R5–R3 continues to be the best path because the metric is better

B.

The path reverts back to R1–R2–R3 because the route type is E1

C.

The path R1–R4–R5–R3 continues to be the best path because OSPF does not compare the metrics between two domains

D.

The path reverts to R1–R2–R3 because this was the previous best path

Buy Now
Questions 131

Which two statements describe the usage of the IS-IS overload bit technique? (Choose two.)

Options:

A.

If overload-bit is set on a Level 2 intermediate system, the other Level 2 intermediate systems in the topology will stop using the overloaded IS to forward Level 2 traffic. However, the intermediate system can still forward Level 1 traffic.

B.

It can be set in intermediate systems (IS-IS routers) to prioritize control plane CSNP packets.

C.

It can be used to automatically synchronize the link-state database between Level 1 intermediate systems.

D.

It can be set in intermediate systems (IS-IS routers) to avoid traffic black holes until routing protocols are fully converged after a reload operation.

E.

It can be set in intermediate systems (IS-IS routers) to attract transit traffic from other intermediate systems.

Buy Now
Questions 132

Drag and drop the high-level descriptions of network automation and network orchestration on the left to the corresponding category on the right in no particular order.

Options:

Buy Now
Questions 133

Which three elements help network designers to construct secure systems that protect information and resources (such as devices, communication, and data) from unauthorized access, modification, inspection, or destruction? (Choose three.)

Options:

A.

confidential

B.

serviceability

C.

reliability

D.

availability

E.

integrity

F.

scalability

Buy Now
Questions 134

A financial company requires that a custom TCP-based stock-trading application be prioritized over all other traffic for the business due to the associated revenue. The company also requires that VoIP be prioritized for manual trades. Which directive should be followed when a QoS strategy is developed for the business?

Options:

A.

Allow VoIP and the custom application to share the same priority queue.

B.

The custom application and VoIP must be assigned their own separate priority queue.

C.

Interleave the custom application with other TCP applications in the same CBWFQ.

D.

Avoid placing the custom application in a CBWFQ queue that contains other traffic.

Buy Now
Questions 135

Which two actions must merchants do to be compliant with the Payment Card Industry Data Security Standard (PCI DSS)? (Choose two.)

Options:

A.

Conduct risk analyses

B.

Install firewalls

C.

Use antivirus software

D.

Establish monitoring policies

E.

Establish risk management policies

Buy Now
Questions 136

What are three examples of solution components of the network infrastructure that help enforce security policy compliance on all devices as they seek to access the network and computing resources, thereby limiting damage from emerging security threats such as viruses, worms, and spyware? (Choose three)

Options:

A.

posture agent

B.

network access devices

C.

endpoint security application

D.

management and reporting tools

E.

web filtering devices

F.

audit and decision point servers

Buy Now
Questions 137

A consultant needs to evaluate project management methodologies for a new service deployment on the existing network of a customer. The customer wants to be involved in the end-to-end project progress and be provided with frequent updates. The customer also wants the ability to change the requirements if needed, as the project progresses. Which project management methodology should be used?

Options:

A.

Three principles

B.

Phased

C.

Agile

D.

Waterfall

Buy Now
Questions 138

multinational corporation with offices in various regions worldwide are looking for a network architecture that provides a balance between low- latency and cost-effectiveness for connecting their offices to the cloud. Which cloud connectivity option is the best fit for this corporation?

Options:

A.

DMVPN

B.

SDWAN SDCI

C.

MPLS direct connect

D.

cloud on-ramp

Buy Now
Questions 139

When a traditional network is transformed to a hierarchical network, the state information in the control plane is reduced so that changes in one area of the network do not result in changes in the routing table on devices half-way around the globe What is a potential trade off in these cases?

Options:

A.

suboptimal use of available resources

B.

vertical split of failure domains

C.

horizontal split of failure domains

D.

increased routing table size

Buy Now
Questions 140

What is a disadvantage of the traditional three-tier architecture model when east-west traffic between different pods must go through the distribution and core layers?

Options:

A.

Low bandwidth

B.

Security

C.

Scalability

D.

High latency

Buy Now
Questions 141

Company XYZ is running SNMPv1 in their network and understands that it has some flaws. They want to change the security design to implement SNMPv3 in the network. Which network threat is SNMPv3 effective against?

Options:

A.

Man-in-the-middle attack

B.

Masquerade threats

C.

DDoS attack

D.

Brute force dictionary attack

Buy Now
Questions 142

Network operators have many options available from fully centralized to fully distributed control planes and each approach has its own set of characteristics Drag and drop the characteristics from the left onto the corresponding approach on the right

Options:

Buy Now
Questions 143

An enterprise campus is adopting a network virtualization design solution with these requirements:

• It must include the ability to virtualize the data plane and control plane by using VLANs and VRFs

• It must maintain end-to-end logical path transport separation across the network

• Resources available grouped at the access edge

Which two primary models can this network virtualization design be categorized? (Choose two)

Options:

A.

Path isolation

B.

Session isolation

C.

Group virtualization

D.

Services virtualization

E.

Edge isolation

Buy Now
Questions 144

How must the queue sizes be designed to ensure that an application functions correctly?

Options:

A.

Each individual device queuing delay in the chain must be less than or equal to the application required delay.

B.

The queuing delay on every device in the chain must be exactly the same to the application required delay.

C.

The default queue sizes are good for any deployment as it compensates the serialization delay.

D.

The sum of the queuing delay of all devices plus serialization delay in the chain must be less than or equal to the application required delay.

Buy Now
Questions 145

What is the key strategy to address scalability challenges In the rapidly evolving digital landscape with resilient designs?

Options:

A.

Mitigate the impact of power outages.

B.

Minimize the distance.

C.

Identify potential bottlenecks.

D.

Optimize resource utilization.

Buy Now
Questions 146

A large enterprise is planning a new WAN connection to headquarters. The current dual-homed setup with static routing is not providing consistent resiliency. Users complain when one specific link fails, while failure of the other causes no issues. The organization wants to improve resiliency and ROI.

Which solution should be recommended?

Options:

A.

Implement granular quality of service on the links

B.

Procure additional bandwidth

C.

Use dynamic routing toward the WAN

D.

Add an additional link to the WAN

Buy Now
Questions 147

: 475

Company XYZ is a large US-based online retailer that is preparing for a major sale scheduled for the holiday season. Large volumes of dynamic workloads are expected, which are time sensitive and seasonal. In anticipation of the surge in data, they are re-architecting their workload management. Which two technical considerations for service placement of workloads should be considered? (Choose two.)

Options:

A.

service level agreement

B.

performance

C.

time to market

D.

workload elasticity

E.

business asset control

Buy Now
Questions 148

: 476

While designing a robust network architecture for a large e-commerce dient that has recently decided to make a global expansion of their cloud-based applications and services a network architect is evaluating cloud connectivity options The top priorities are low-latency and high- throughput connectivity between their on-premises data centers and the cloud providers Which cloud connectivity solution fits in this specific use case?

Options:

A.

cloud On-Ramp

B.

WAN integration

C.

MPLS direct connect

D.

direct connect

Buy Now
Questions 149

A multinational corporation intends to deploy Al/ML-driven analytics for consumer data The company operates in multiple locations, including the EU, where data protection regulations are rigorous The organization must guarantee that its Al/ML solution adheres to local regulations, especially with data storage and processing

Which cloud environment will most effectively meet the company’s data sovereignty needs while assuring adherence to regional data protection regulations?

Options:

A.

storing client data in a public cloud environment situated outside the EU and processing it via a centralized AI/ML system in the United States

B.

employing a hybrid cloud infrastructure, wherein customer data from the EU is retained in local data centers and processed within a centralized AI/ML system situated in a separate jurisdiction

C.

storing client data in a private cloud situated within the EU region to adhere to local data protection regulations

D.

using a public cloud infrastructure that permits the storage and processing of customer data in any worldwide region, devoid of specific local limitations

Buy Now
Exam Code: 400-007
Exam Name: Cisco Certified Design Expert (CCDE v3.1)
Last Update: Jul 6, 2026
Questions: 206
400-007 pdf

400-007 PDF

$119.7  $399
400-007 Engine

400-007 Testing Engine

$134.7  $449
400-007 PDF + Engine

400-007 PDF + Testing Engine

$179.7  $599