Which two design solutions ensure sub-50 msec of the convergence time after a link failure in the network? (Choose two)
Which solution component helps to achieve comprehensive threat protection and compliance for migration to multicloud SDX architectures?
A network architect is designing a policy where database applications access the internet directly, while other traffic routes through the data center, with dynamic path switching based on performance. Which solution meets these requirements?
: 491
Budget is one of the important factors when you design a network Regardless of who controls the budget, one common network design goal is to contain costs Reduced budgets or limited resources often force network designers to select the most affordable solution instead of the best solution Which two elements must be considered when you do ROI analysis for the network design that explains how quickly the new network w ill pay for itself’ (Choose two. )
Company XYZ wants to improve the security design of their network to include protection from reconnaissance and DoS attacks on their sub-interfaces destined toward next hop routers. Which technology can be used to prevent these types of attacks?
An enterprise that runs numerous proprietary applications has major issues with its on-premises server estate hardware, to the point where business-critical functions are compromised. The enterprise accelerates plans to migrate services to the cloud. Which cloud service should be used if the enterprise wants to avoid hardware issues yet have control of its applications and operating system?
Security experts promote the security defense-m-depth principle which states that network security should be multilayered and modular and multiple methods should be designed and applied to different parts of the network Drag and drop the characteristics on the left to the matching enterprise network components on the right.

When an SDN-based model is used to transmit multimedia traffic, which aspect should an architect consider while designing the network?
Which optimal use of interface dampening on a fast convergence network design is true?
An MPLS service provider is offering a standard EoMPLS-based VPLS service to Customer A, providing Layer 2 connectivity between a central site and approximately 100 remote sites. Customer A wants to use the VPLS network to carry its internal multicast video feeds which are sourced at the central site and consist of 20 groups at Mbps each. Which service provider recommendation offers the most scalability?
Which feature must be part of the network design to wait a predetermined amount of time before notifying the routing protocol of a change in the path in the network?
Hybrid cloud computing allows organizations to take advantage of public and private cloud models. Which best practice should organizations follow to ensure data security in the private cloud?
A lead network architect is tasked with designing the optimal cloud-based solution for a rapidty growing e-commerce company that heavily relies on its online platform for sales and customer interactions The company’s business critical operations induce real time inventory management, order processing, and payment processing The executive team has decided to migrate their infrastructure to the cloud to improve scalability and recoce operational costs Which cloud service model(s) needs to considered?
Company XYZ has a multicast domain that spans across multiple autonomous systems. The company wants a simplified and controlled approach to interconnecting multicast domains. Which technology is the best fit?
Which two advantages of using DWDM over traditional optical networks are true? (Choose two.)
Which tool automates network implementation activities and shortens the implementation lifecycle?
An engineer is designing a DMVPN network where OSPF has been chosen as the routing protocol. A spoke-to-spoke data propagation model must be set up. Which two design considerations must be taken into account? (Choose two)
Setting a specific goal for throughput based on per-second data rates between end hosts does not identify the requirements for specific applications When specifying throughput goals for applications, it is important to understand the throughput requirements for each application Which two factors that can constrain application layer throughput? (Choose two.)
A company plans to use BFD between its routers to detect a connectivity problem inside the switched network. An IPS is transparently installed between the switches. Which packets should the IPS forward for BFD to work under all circumstances?
: 504
To facilitate true end-to-end QoS on an IP-network, the IETF has defined two models: IntServ and DiffServ Which protocol is used by both models?
Company XYZ is designing the network for IPv6 security and they have these design requirements:
A switch or router must deny access to traffic from sources with addresses that are correct but topologically incorrect.
Devices must block Neighbor Discovery Protocol resolution for destination addresses not found in the binding table.
Which two IPv4 security features are recommended for this company? (Choose two)
You are designing a network running both IPv4 and IPv6 to deploy QoS. Which consideration is correct about the QoS for IPv4 and IPv6?
Network orchestration enables network administrators to focus on strategic initiatives, innovation, and value-added tasks rather than spending time on manual and repetitive network management activities. Drag and drop the orchestration types from the left onto the corresponding functions on the right. Not all options are used.

Drag and drop the end-to-end network virtualization elements from the left onto the correct network areas on the right.

You want to mitigate failures that are caused by STP loops that occur before UDLD detects the failure or that are caused by a device that is no longer sending BPDUs. Which mechanism do you use along with UDLD?
: 479
A comprehensive business continuity plan creates a clear recovery pathway for your systems and acts as an operational blueprint Which two elements are crucial to know before creating a business continuity plan? (Choose two.)
A network designer should follow a methodology that must guide the entire lifecycle of the design process In the early phases of the process, technology requirements are evaluated and validated, which allows for proper planning in response to changes in the infrastructure and requirements for resources Which two elements help make a company more agile by adjusting them on a regular basis? (Choose two.)
Company XYZ has two routing domains (EIGRP and OSPF). They want full reachability and need OSPF to see link costs added to external routes. How must redistribution be designed?
Refer to the exhibit.

Company XYZ’s BGP topology is as shown in the diagram. The interface on the LA router connected toward the 10.1.5.0/24 network is faulty and is going up and down, which affects the entire routing domain. Which routing technique can be used in the routing policy design so that the rest of the network is not affected by the flapping issue?
SDN emerged as a technology trend that attracted many industries to move from traditional networks to SDN. Which challenge is solved by SDN for cloud service providers?
You are designing a large-scale DMVPN network with more than 500 spokes using EIGRP as the IGP protocol. Which design option eliminates potential tunnel down events on the spoke routers due to the holding time expiration?
Implementing a network automation architecture usually follows a phased approach that increases automation as the new technology and processes in the preceding phases are integrated and adopted. What provides a model that greatly simplifies the interaction with network devices?
A product manufacturing organization is integrating cloud services into their IT solution. The IT team is working on the preparation phase of the implementation approach, which includes the Define Strategy step. This step defines the scope of IT, the application, and the service. What is one topic that should be considered in the Define Strategy step?
Company XYZ plans to run OSPF on a DMVPN network. They want to use spoke-to-spoke tunnels in the design. What is a drawback or concern in this type of design?
In search of a system capable of hosting, monitoring, compiling, and testing code in an automated way, what can be recommended to the organization?
: 495
An organization has two branches connected over the Internet circuit using IPsec tunnels established on their edge routers belonging to different vendors Recently these branches were the victims of a DoS attack resulting in failure to establish the tunnels They are now looking for a better tunneling solution allowing full interoperability between vendors and allowing a standardized set of authentication methods Furthermore the solution must support detection of the peer’s state as well as having support for next-gen encryption algorithms. Which protocol meets these requirements and is known to be resistant to DoS attacks?
Which two benefits can software defined networks provide to businesses? (Choose two.)
A business wants to centralize services via VDI technology and to replace remote WAN desktop PCs with thin client-type machines to reduce operating costs. Which consideration supports the new business requirement?
You want to split an Ethernet domain in two.
Which parameter must be unique in this design to keep the two domains separated?
Virtualization pose a special challenges for NAC because virtual servers can move around a data center, and the VLAN can change as the servers move. What is an option that can be used to improve security in this condition?
A customer migrates from a traditional Layer 2 data center network into a new SDN-based spine-and-leaf VXLAN EVPN data center within the same location. The networks are joined to enable host migration at Layer 2. What is the final migration step after hosts have physically migrated to have traffic flowing through the new network without changing any host configuration?
Refer to the exhibit.

Company XYZ must design a DMVPN tunnel between the three sites. Chicago is going to act as the NHS, and the company wants DMVPN to detect peer endpoint failures. Which technology should be used in the design?
A business wants to refresh its legacy Frame Relay WAN and consolidate product specialists via video in 200 branches. Which technology should be used?
monitoring solution, an organization wants to ensure they can collect feedback from network devices, particularly with a focus on being able to perform anomaly detection and automatically react to these events as they come m A key requirement is that the resources required to collect the data must be distributed Which data reporting approach is good fit for this use case?
Refer to the diagram.

Which solution must be used to send traffic from the foreign wireless LAN controller to the anchor wireless LAN controller?
Which function is performed at the access layer of the three-layer hierarchical network design model?
: 503
As organizations rush to implement AI, many fail to address its ethical considerations Not examining those issues puts an organization at risk of legal violations, loss of customer trust and long-term reputational damage. Which two ethical standards are required in preven ting such pitfalls? (Choose two. )
As part of a new network design documentation, you are required to explain the reason for choosing Cisco FabricPath for Layer 2 loop avoidance.
Which two elements help Cisco FabricPath mitigate Layer 2 loops if they happen in the Layer 2 MP network? (Choose two)
SDN is still maturing Throughout the evolution of SDN which two things will play a key role in enabling a successful deployment and avoiding performance visibility gaps in the infrastructure’ (Choose two.)
The API of an SDN controller named CTL-A uses the HTTP POST method and the same URL for all resources The JSON body of each message is used to get information for specific resources and operations The API of a SDN controller named CTL-B uses HTTP CRUD methods and a uniform interface with different URLs for each resource Which API type is used by each SDN controller?
An architect prepares a network design for a startup company. The design must meet business requirements while the business grows and divests due to rapidly changing markets. What is the highest priority in this design?
Company ABC uses IPv4-only. Recently they started deploying new endpoint devices. For operational reasons, IPv6 cannot be disabled on these new endpoint devices. Which security measure prevents the new endpoint from learning an IPv6 prefix from an attacker?
When designing a WAN that will be carrying real-time traffic, what are two important reasons to consider serialization delay? (Choose two.)
Over the years, many solutions have been developed to limit control plane state which reduces the scope or the speed of control plane information propagation. Which solution removes more specific information about a particular destination as topological distance is covered in the network?
A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. Recently, they added a new branch to their network. Due to physical security concerns, they want to extend their existing IP CCTV network of the head office to the new branch, without any routing changes in the network. They are also under some time constraints. What is the best approach to extend the existing IP CCTV network to the new branch, without incurring any IP address changes?
Which two pain points are the most common for container technology adoption? (Choose two)
Company XYZ has a hub-and-spoke topology over an SP-managed infrastructure. To measure traffic performance metrics, they implemented IP SLA senders on all spoke CE routers and an IP SLA responder on the hub CE router. What must they monitor to have visibility on the potential performance impact due to the constantly increasing number of spoke sites?
Which service abstracts away the management of the operating system, middleware, and runtime?
: 497 DRAG DROP
Data residency and sovereignty requirements are based on regional and industry-specific regulations, and different organizations have different data sovereignty requirements. Implementation of a mechanism that provides control over all access to data by cloud providers and the ability to inspect changes to cloud infrastructure and services is required. Drag and drop the descriptions from the left onto the corresponding categories on the right in no particular order. Not all options are used.

Which effect of using ingress filtering to prevent spoofed addresses on a network design is true?
Which two features control multicast traffic in a VLAN environment? (Choose two)
Which parameter is the most important factor to consider when deciding service placement in a cloud solution?
In a redundant hub-and-spoke design with inter-spoke links, load oscillation and routing instability occur due to overload conditions. Which two design changes improve resiliency? (Choose two)
Drag and drop the FCAPS network management reference models from the left onto the correct definitions on the right.

Refer to the exhibit.

This network is running OSPF as the routing protocol. The internal networks are being advertised in OSPF. London and Rome are using the direct link to reach each other although the transfer rates are better via Barcelona. Which OSPF design change allows OSPF to calculate the proper costs?
Drag and drop the multicast protocols from the left onto the current design situation on the right.

Refer to the exhibit.

Traffic was equally balanced between Layer 3 links on core switches SW1 and SW2 before an introduction of the new video server in the network. This video server uses multicast to send video streams to hosts and now one of the links between core switches is overutilized. Which design solution solves this issue?
Flexibility, scalability, resiliency, and security are all chrematistics of a services-ready network An architecture featuring a modular design enables technologies and services to be added when the organization is ready to deploy. Drag and drop the design considerations on the left to the to type of service on the right Not all options are used

You are designing the routing design for two merging companies that have overlapping IP address space. Which of these must you consider when developing the routing and NAT design?
Refer to the exhibit.

A customer has two eBGP internet links: one primary high-speed (10 Mbps) and one backup low-speed (1 Mbps). The requirement is to use the 10M link (ISP 1) for all inbound/outbound traffic and only use the 1M link (ISP 2) during failure.
What is the correct BGP-based design solution?
You are using iSCSI to transfer files between a 10 Gigabit Ethernet storage system and a 1 Gigabit Ethernet server. The performance is only approximately 700 Mbps and output drops are occurring on the server switch port. Which action will improve performance in a cost-effective manner?
: 474
The development of a connected ecosystem of devices reflects manufacturers ' heightened focus on internal needs and issues as they work to increase product resiliency and improve customer experience In which two ways can network visibility contribute to resilient software defined networking? (Choose two.)
You are tasked to design a QoS policy for a service provider so they can include it in the design of their MPLS core network. If the design must support an MPLS network with six classes, and CEs will be managed by the service provider, which QoS policy should be recommended?
Which Interconnectivity method offers the fastest convergence in the event of a unidirectional issue between three Layer 3 switches connected together with routed links in the same rack in a data center?
A network architect is working on a large project involving migration to a software-defined networking platform, and is currently working on writing an executive summary for final approval by the management board. When writing the executive summary, What is a limitation of or challenges with software-defined networks that must be listed?
A network architect is working on the baseline policies dealing with the use of Infrastructure-as-Code within an IT department, and has been requested to present the plan at the monthly management board meeting. What are two examples of operational aspects of Infrastructure-as-Code that can be highlighted during the presentation? (Choose two.)
A mega store plans to expand its business into the online world, and wants to operate using the highest possible security standards to prove to their customers that they take handling of their payment information seriously. Only TLS v1.3 will be allowed on their websites. Which type of SSL certificate will emphasize their commitment to enforcing high security standards and minimize risk of spoofing?
Which two protocols are used by SDN controllers to communicate with switches and routers? (Choose two.)
Company XYZ was not satisfied with the reconvergence time OSPF is taking. BFD was implemented to try to reduce the reconvergence time, but the network is still experiencing delays when having to reconverge. Which technology will improve the design?
SDN is still maturing. Throughout the evolution of SDN, which two things will play a key role in enabling a successful deployment and avoiding performance visibility gaps in the infrastructure? (Choose two.)
You are designing the QoS policy for a company that is running many TCP-based applications. The company is experiencing tail drops for these applications. The company wants to use a congestion avoidance technique for these applications. Which QoS strategy can be used?
Refer to the exhibit.

For Company XYZ, Bangkok is using ECMP to reach the 172.20.2.0/24 network. The company wants a design that would allow them to forward traffic from 172.16.2.0/24 toward 172.20.2.0/24 via the Singapore router as the preferred route. The rest of the traffic should continue to use ECMP. Which technology fulfills this design requirement?
As technologies such as big data, cloud, and loT continue to grow, so will the demand for network bandwidth Business strategies must be flexible to accommodate these changes when it comes to priorities and direction and the network design strategy also must be agile and adaptable Drag and drop the benefits from the left onto the corresponding strategic approaches on the right as they relate to network design and management.

Which action must be taken before new VoIP systems are implemented on a network to ensure that the network is ready to handle the traffic?
As a network designer, you need to support an enterprise with hundreds of remote sites connected over a single WAN network that carries different types of traffic, including VoIP, video, and data applications. Which of the following design considerations will not impact design decision?
: 500
Scrum is a subset of Agile and is a lightweight process framework for Agile development. Which role becomes the interface between the business, the customers, and their product-related needs on one side, and the Team on the other?
Company XYZ has 30 sites using MPLS L3 VPN and is concerned about data integrity. They want a centralized configuration model and minimal overhead. Which technology can be used?
Identity and access management between multiple users and multiple applications has become a mandatory requirement for Company XYZ to fight against ever-increasing cybersecurity threats. To achieve this, federated identity services have been deployed to provide Single Sign-On and Multi-Factor Authentication. Which protocol can be used by Company XYZ to provide authentication and authorization services?
What are the two benefits of using northbound APIs in SDN architecture? (Choose two.)
A bank recently had their security compromised during an initial key exchange between devices using a symmetric cryptography algorithm, and as a result the key was revealed/leaked. Going forward, they want to ensure that key exchanges are performed using asymmetric cryptography algorithms. Which algorithm offers the desired functionality?
Drag and drop the multicast protocols from the left onto the current design situation on the right.

Two routers R1 and R2 are directly connected through an Ethernet link Both routers are running OSPF. OSPF has been registered with BFD and BFD is running in asynchronous mode with the echo function enabled Which two actions occur that are related to the echo function? (Choose two)
Company XYZ wants to prevent switch loops caused by unidirectional point-to-point link conditions on Rapid PVST+ and MST. Which technology can be used in the design to meet this requirement?
Which actions are performed at the distribution layer of the three-layer hierarchical network design model? (Choose two)
A networking team needs to prevent spoofing attacks They are describing the different uRPF design use cases so they can identify and deploy the optimal mode in various parts of their network
Drag and drop the use cases from the left onto the corresponding uRPF technique on the right Not all options are used

Which redundancy element plays a crucial role in ensuring business continuity even in challenging situations?
In the case of outsourced IT services, the RTO is defined within the SLA Which two support terms are often included in the SLA by IT and other service providers’ (Choose two)
Which three Cisco products are used in conjunction with Red Hat to provide an NFVi solution? (Choose three.)
Two routers R1 and R2 are directly connected through an Ethernet link. Both routers are running OSPF over the Ethernet link and OSPF has been registered with BFD. R1 has been set up to transmit BFD at a 50 ms interval, but R2 can receive only at a 100 ms rate due to platform limitations. What does this mean?
Which methodology is the leading lifecycle approach to network design and implementation?
Which issue poses a challenge for security architects who want end-to-end visibility of their networks?
A healthcare customer requested that SNMP traps must be sent over the MPLS Layer 3 VPN service. Which protocol must be enabled?
A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different systems using different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling?
Refer to the exhibit.

Your company designed a network to allow server VLANs to span all access switches in a data center. In the design, Layer 3 VLAN interfaces and HSRP are configured on the aggregation switches. Which two features improve STP stability within the network design? (Choose two.)
Cost is often one of the motivators for a business to migrate from a traditional network to a software-defined network. Which design decision is directly influenced by CAPEX drivers?
During a pre-sales meeting with a potential customer, the customer CTO asks a question about advantages of controller-based networks versus a traditional network. What are two advantages to mention? (Choose two)
What are two advantages of the Agile project management methodology? (Choose two)
Compared to data plane traffic, control plane traffic is relatively small in volume, but these flows are critical to the overall functioning of the network infrastructure and to voice and video endpoint well. When designing a QoS policy for a network, which two actions for the network control service-class is recommended? (Choose two)
A network security team uses a purpose-built tool to actively monitor the campus network, applications, and user activity. The team also analyzes enterprise telemetry data from IPFIX data records that are received from devices in the campus network. Which action can be taken based on the augmented data?
A company with an existing multivendor network is moving from 1 G dark fiber to an ISP virtual leased-line solution The company ' s internal security policy states that any traffic traversing a network that is not owned by the company must be encrypted What must be used to meet the requirements?
Your network operations team is deploying Access Control Lists (ACLs) across your Internet gateways. They wish to place an ACL inbound on the Internet gateway interface facing the core network (the " trusted " interface). Which IP address would the ACL need for traffic sourced from the inside interface, to match the source address of the traffic?
An organization is looking to perform a major overhaul on their data center storage infrastructure with a focus on high availability and fault tolerance Which approach will accomplish this?
Two enterprise networks must be connected together. Both networks are using the same private IP addresses. The client requests from both sides should be translated using hide NAT (dynamic NAT) with the overload feature to save IP addresses from the NAT pools. Which design addresses this requirement using only one Cisco IOS NAT router for both directions?
The administrator of a small branch office wants to implement the Layer 2 network without running STP. The office has some redundant paths. Which mechanism can the administrator use to allow redundancy without creating Layer 2 loops?
An IT service provider is upgrading network infrastructure to comply with PCI security standards. The network team finds that 802.1X and VPN authentication based on locally-significant certificates are not available on some legacy phones. Which workaround solution meets the requirement?
Which aspect of BGP-LS makes it scalable in large network when multiarea topology information must be gathered?
Drag and drop the right functional descriptions from the left onto the corresponding protocols on the right.

What is the best approach in a large legacy application migration scenario when the goal is to complete the migration in the shortest possible time?
: 485
Traditionally, infrastructure is not managed using code but instead it is managed and provisioned manually which can cause potential issues On the other side, infrastructure as code brings several advantages What is a benefit of infrastructure as code?

Refer to the exhibit After a network audit a network engineer must optimize the current network convergence time The proposed solution must consider link layer and control plane failures Which solution meets the requirements?
Refer to the exhibit.

The network 10.10.0.0/16 has been redistributed to OSPF processes and the best path to the destination from R1 has been chosen as R1–R2–R3. A failure occurred on the link between R2 and R3 and the path was changed to R1–R4–R5–R3. What happens when the link between R2 and R3 is restored?
Which two statements describe the usage of the IS-IS overload bit technique? (Choose two.)
Drag and drop the high-level descriptions of network automation and network orchestration on the left to the corresponding category on the right in no particular order.

Which three elements help network designers to construct secure systems that protect information and resources (such as devices, communication, and data) from unauthorized access, modification, inspection, or destruction? (Choose three.)
A financial company requires that a custom TCP-based stock-trading application be prioritized over all other traffic for the business due to the associated revenue. The company also requires that VoIP be prioritized for manual trades. Which directive should be followed when a QoS strategy is developed for the business?
Which two actions must merchants do to be compliant with the Payment Card Industry Data Security Standard (PCI DSS)? (Choose two.)
What are three examples of solution components of the network infrastructure that help enforce security policy compliance on all devices as they seek to access the network and computing resources, thereby limiting damage from emerging security threats such as viruses, worms, and spyware? (Choose three)
A consultant needs to evaluate project management methodologies for a new service deployment on the existing network of a customer. The customer wants to be involved in the end-to-end project progress and be provided with frequent updates. The customer also wants the ability to change the requirements if needed, as the project progresses. Which project management methodology should be used?
multinational corporation with offices in various regions worldwide are looking for a network architecture that provides a balance between low- latency and cost-effectiveness for connecting their offices to the cloud. Which cloud connectivity option is the best fit for this corporation?
When a traditional network is transformed to a hierarchical network, the state information in the control plane is reduced so that changes in one area of the network do not result in changes in the routing table on devices half-way around the globe What is a potential trade off in these cases?
What is a disadvantage of the traditional three-tier architecture model when east-west traffic between different pods must go through the distribution and core layers?
Company XYZ is running SNMPv1 in their network and understands that it has some flaws. They want to change the security design to implement SNMPv3 in the network. Which network threat is SNMPv3 effective against?
Network operators have many options available from fully centralized to fully distributed control planes and each approach has its own set of characteristics Drag and drop the characteristics from the left onto the corresponding approach on the right

An enterprise campus is adopting a network virtualization design solution with these requirements:
• It must include the ability to virtualize the data plane and control plane by using VLANs and VRFs
• It must maintain end-to-end logical path transport separation across the network
• Resources available grouped at the access edge
Which two primary models can this network virtualization design be categorized? (Choose two)
How must the queue sizes be designed to ensure that an application functions correctly?
What is the key strategy to address scalability challenges In the rapidly evolving digital landscape with resilient designs?
A large enterprise is planning a new WAN connection to headquarters. The current dual-homed setup with static routing is not providing consistent resiliency. Users complain when one specific link fails, while failure of the other causes no issues. The organization wants to improve resiliency and ROI.
Which solution should be recommended?
: 475
Company XYZ is a large US-based online retailer that is preparing for a major sale scheduled for the holiday season. Large volumes of dynamic workloads are expected, which are time sensitive and seasonal. In anticipation of the surge in data, they are re-architecting their workload management. Which two technical considerations for service placement of workloads should be considered? (Choose two.)
: 476
While designing a robust network architecture for a large e-commerce dient that has recently decided to make a global expansion of their cloud-based applications and services a network architect is evaluating cloud connectivity options The top priorities are low-latency and high- throughput connectivity between their on-premises data centers and the cloud providers Which cloud connectivity solution fits in this specific use case?
A multinational corporation intends to deploy Al/ML-driven analytics for consumer data The company operates in multiple locations, including the EU, where data protection regulations are rigorous The organization must guarantee that its Al/ML solution adheres to local regulations, especially with data storage and processing
Which cloud environment will most effectively meet the company’s data sovereignty needs while assuring adherence to regional data protection regulations?