6-Automation, Virtualization, Cloud, SDN, DNA_14548715_2023_01_05_20_24

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Question 96 Which SDN plane forwards user-generated traffic? A. policy plane B. management plane C. data plane D. control plane

C

Question 32 Which resource is able to be shared among virtual machines deployed on the same physical server? A. applications B. operating system C. VM configuration file D. disk

D

Question 15 What is the purpose of the Cisco DNA Center controller? A. to securely manage and deploy network devices B. to scan a network and generate a layer 2 network diagram C. to provide Layer 3 services to autonomous access points D. to secure physical access to a data center

A

Question 29 In software-defined architecture, which plane handles switching for traffic through a Cisco router? A. Data B. Control C. Management D. Application

A

Question 3 How does Cisco DNA Center gather data from the network? A. Network devices use different services like SNMP, syslog, and streaming telemetry to send data to the controller B. Devices establish an iPsec tunnel to exchange data with the controller C. Devices use the call-home protocol to periodically send data to the controller D. The Cisco CU Analyzer tool gathers data from each licensed network device and streams it to the controller

A

Question 4 How do traditional campus device management and Cisco DNA Center device management differ in regards to deployment? A. Cisco DNA Center device management can deploy a network more quickly than traditional campus device management B. Traditional campus device management allows a network to scale more quickly than with Cisco DNA Center device management C. Cisco DNA Center device management can be implemented at a lower cost than most traditional campus device management options D. Traditional campus device management schemes can typically deploy patches and updates more quickly than Cisco DNA Center device management

A

Question 4 Which of the following is the JSON encoding of a dictionary or hash? A. {"key": "value"} B. ["key", "value"] C. {"key", "value"} D. ("key": "value")

A

Question 5 What is an advantage of Cisco DNA Center versus traditional campus device management? A. It supports numerous extensibility options including cross-domain adapters and third-party SDKs B. It supports high availability for management functions when operating in cluster mode C. It enables easy autodiscovery of network elements m a brownfield deployment D. It is designed primarily to provide network assurance

A

Question 8 Which WAN access technology is preferred for a small office / home office architecture? A. broadband cable access B. frame-relay packet switching C. dedicated point-to-point leased line D. Integrated Services Digital Network switching

A

Question 9 Refer to the exhibit. Which type of configuration is represented in the output? A. Puppet B. JSON C. Chef D. Ansible

A

Question 73 What is a reason why an administrator would choose to implement an automated network management approach? A. Reduce inconsistencies in the network configuration. B. Increase recurrent management costs. C. Enable "box by box" configuration and deployment. D. Decipher simple password policies.

A DNA Center Questions

Question 5 What role does a hypervisor provide for each virtual machine in server virtualization? A. control and distribution of physical resources B. software-as-a-service C. services as a hardware controller D. infrastructure-as-a-service

A Explanation Each virtual machine has its own set of virtual hardware (RAM, CPU, NIC) upon which an operating system and fully configured applications are loaded. The operating system sees a consistent, normalized set of hardware regardless of the actual physical hardware components.

Question 9 Which CRUD operation corresponds to the HTTP GET method? A. read B. update C. create D. delete

A Explanation CRUD is short for CREATE, READ, UPDATE and DELETE operations. "GET" request is used to get a resource from a server. If you perform a "GET" request, the server looks for the data you requested and sends it back to you. In other words, a "GET" request performs a "READ" operation.

Question 73 What is the function of "off-the-shelf" switches in a controller-based network? A. Forwarding packets B. Making routing decision C. Providing a central view of the deployed network D. Setting packet-handling policies

A Explanation In SDN's purest form, the controller has all the intelligence: Switches are dumb, commercial off- the-shelf (COTS) devices that are managed by the controllers. Therefore we can deduce "off-the-shelf" switches are only used to forward packets.

Question 45 In a cloud-computing environment, what is rapid elasticity? A. automatic adjustment of capacity based on need B. control and monitoring of resource consumption by the tenant C. pooling resources in a multitenant model based on need D. self-service of computing resources by the tenant

A Explanation Rapid elasticity allows users to automatically request additional space in the cloud or other types of services. Because of the setup of cloud computing services, provisioning can be seamless for the client or user. The fact that providers still need to allocate and de-allocate resources is often irrelevant on the client or user's side. This is a very essential aspect of cloud technology. In a sense, cloud computing resources appear to be infinite or automatically available. That's much different from older systems, where the limits of storage or memory were immediately visible to a user. Reference: https://www.techopedia.com/definition/29526/rapid-elasticity

Question 1 What is a characteristic of spine-and-leaf architecture? A. Each device is separated by the same number of hops B. It provides variable latency C. It provides greater predictability on STP blocked ports D. Each link between leaf switches allows for higher bandwidth

A Explanation Spine-leaf architecture is typically deployed as two layers: spines (such as an aggregation layer), and leaves (such as an access layer). Spine-leaf topologies provide high-bandwidth, low- latency (-> Answer B is not correct), nonblocking server-to-server connectivity. With a spine-and-leaf architecture, no matter which leaf switch to which a server is connected, its traffic always has to cross the same number of devices to get to another server (unless the other server is located on the same leaf) (-> Answer A is correct) . This approach keeps latency at a predictable level because a payload only has to hop to a spine switch and another leaf switch to reach its destination. Reference: https://www.cisco.com/c/en/us/products/collateral/switches/nexus-7000-series- switches/white-paper-c11-737022.html With Leaf-Spine, the network uses Layer 3 routing so STP is no longer required. (-> Answer C is not correct). Spine-leaf architectures rely on protocols such as Equal-Cost Multipath (ECPM) routing to load balance traffic across all available paths while still preventing network loops. This allows all connections to be utilized at the same time while still remaining stable and avoiding loops within the network.

Question 11 Which configuration management mechanism uses TCP port 22 by default when communicating with managed nodes? A. Ansible B. Python C. Puppet D. Chef

A Explanation TCP port 22 is SSH, which is used by Ansible when communicating with the managed nodes.

Question 68 What is the role of disaggregation in controller-based networking? A. It divides the control-plane and data-plane functions. B. It summarizes the routes between the core and distribution layers of the network topology. C. It enables a network topology to quickly adjust from a ring network to a star network D. It streamlines traffic handling by assigning individual devices to perform either Layer 2 or Layer 3 functions.

A Explanation Taken literally, "network disaggregation" means to separate the network into its component parts.

Question 8 What is a characteristics of a collapsed-core network topology? A. It allows the core and distribution layers to run as a single combined layer. B. It enables the core and access layers to connect to one logical distribution device over an EtherChannel. C. It enables all workstations in a SOHO environment to connect on a single switch with internet access. D. It allows wireless devices to connect directly to the core layer, which enables faster data transmission.

A Explanation The three-tier hierarchical design maximizes performance, network availability, and the ability to scale the network design. Most small enterprise campus' do not grow significantly larger over time, and most small enterprise campus are small enough to be well served by a two-tier hierarchical design, where the core and distribution layers are collapsed into one layer. The primary motivation for the collapsed core design is reducing network cost, while maintaining most of the benefits of the three-tier hierarchical model. Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Small_Enterprise_Design_ Profile/SEDP/chap2.html Cloud & Virtualization Questions Premium Member: You can test your knowledge with these questions first via this link (via HTML). Cloud Summary Three cloud supporting services cloud providers0 provide to customer: + SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the clients' side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. + PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a third-party provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications. PaaS provides everything except applications. + IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing. Virtualization Summary A major advantage of virtualization is overall reduced cost (less equipment is required, less energy is consumed, less space is required). There are two types of hypervisors: type 1 and type 2. In type 1 hypervisor (or native hypervisor), the hypervisor is installed directly on the physical server (so it is called "bare metal" approach). Then instances of an operating system (OS) are installed on the hypervisor. Type 1 hypervisor has direct access to the hardware resources. Therefore it is more efficient than hosted architectures. Some examples of type 1 hypervisor are VMware vSphere/ESXi, Oracle VM Server, KVM and Microsoft Hyper-V. Type 1 hypervior is usually used on enterprise servers and data center networking devices. In contrast to type 1 hypervisor, a type 2 hypervisor (or hosted hypervisor) runs on top of an operating system and not the physical hardware directly. A big advantage of Type 2

Question 6 What are two benefits of network automation? (Choose two) A. reduced operational costs B. reduced hardware footprint C. faster changes with more reliable results D. fewer network failures E. increased network security

A C

Question 33 What are two characteristics of the distribution layer in a three-tier network architecture? (Choose two) A. provides a boundary between Layer 2 and Layer 3 communications B. designed to meet continuous, redundant uptime requirements (Core) C. serves as the network aggregation point D. physical connection point for a LAN printer (Access) E. is the backbone for the network topology (Core)

A C Explanation A typical enterprise hierarchical LAN campus network design includes the following three layers: + Access layer: Provides workgroup/user access to the network + Distribution layer: Provides policy-based connectivity and controls the boundary between the access and core layers + Core layer: Provides fast transport between distribution switches within the enterprise campus Reference: https://www.ciscopress.com/articles/article.asp?p=2202410&seqNum=4 The Distribution layer acts as an aggregation point for all the Access layer devices.

Question 7 Which two WAN architecture options help a business scalability and reliability for the network? (Choose two) A. dynamic routing B. static routing C. dual-homed branches D. single-homed branches E. asychronous routing

A C Explanation Dual-homed branches (branches connects to two ISPs or one ISP with two connections) increases reliability for the network. Dynamic routing automatically use backup routes in the case of main routes fail which increases reliability. The configuration is remain unchanged or change a little when we expand the network thus increasing the scalability. Note: A scalable network can expand quickly to support new users and applications without impacting the performance of the service being delivered to existing users

Question 15 What are two characteristics of a public cloud implementation? (Choose two) A. It is owned and maintained by one party, but it is shared among multiple organizations B. It enables an organization to fully customize how it deploys network resources C. It provides services that are accessed over the Internet D. It is a data center on the public Internet that maintains cloud services for only one company E. It supports network resources from a centralized third-party provider and privately-owned virtual resources

A C Explanation Public clouds are managed by a third-party cloud provider. Public cloud computing resources are shared among multiple customers, unlike private clouds.

Question 46 Which two events occur automatically when a device is added to Cisco DNA Center? (Choose two) A. The device is assigned to the Global site. B. The device is placed into the Unmanaged state. C. The device is placed into the Provisioned state. D. The device is placed into the Managed state. E. The device is assigned to the Local site.

A D Explanation Device in Global Site: When you successfully add, import, or discover a device, Cisco DNA Center places the device in the Managed state and assigns it to the Global site by default. Even if you have defined SNMP server, Syslog server, and NetFlow collector settings for the Global site, Cisco DNA Center does not change these settings on the device. Reference: https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network- automation-and-management/dna-center/2-1- 2/admin_guide/b_cisco_dna_center_admin_guide_2_1_2/b_cisco_dna_center_admin_guide_2_1_ 1_chapter_010.html =======================

Question 35 What are two functions of an SDN controller? (Choose two) A. coordinating VTNs B. Layer 2 forwarding C. tracking hosts D. managing the topology E. protecting against DDoS attacks

A D Explanation Software-defined networking (SDN) and network function virtualization (NFV) have emerged as the most promising candidates for improving network function and protocol programmability and dynamic adjustment of network resources. On the one hand, SDN is responsible for providing an abstraction of network resources through well-defined application programming interfaces. This abstraction enables SDN to perform network virtualization, that is, to slice the physical infrastructure and create multiple coexisting application-specific virtual tenant networks (VTNs) with specific quality-of-service and service-levelagreement requirements, independent of the underlying optical transport technology and network protocols. Reference: https://ieeexplore.ieee.org/abstract/document/7331131

Question 102 Which two network actions occur within the data plane? (Choose two) A. Add or remove an 802.1Q trunking header. B. Make a configuration change from an incoming NETCONF RPC. C. Run routing protocols. D. Reply to an incoming ICMP echo request. E. Match the destination MAC address to the MAC address table.

A E Explanation For perspective, the following list details some of the more common actions that a networking device does that fit into the data plane: + De-encapsulating and re-encapsulating a packet in a data-link frame (routers, Layer 3 switches) + Adding or removing an 802.1Q trunking header (routers and switches) + Matching an Ethernet frame's destination Media Access Control (MAC) address to the MAC address table (Layer 2 switches) + Matching an IP packet's destination IP address to the IP routing table (routers, Layer 3 switches) + Encrypting the data and adding a new IP header (for virtual private network [VPN] processing) + Changing the source or destination IP address (for Network Address Translation [NAT] processing) + Discarding a message due to a filter (access control lists [ACLs], port security) Reference: https://www.ciscopress.com/articles/article.asp?p=2995354&seqNum=2

Question 28 How are the switches in a spine-and-leaf topology interconnected? A. Each leaf switch is connected to two spine switches, making a loop. B. Each leaf switch is connected to a central leaf switch, then uplinked to a core spine switch. C. Each leaf switch is connected to each spine switch. D. Each leaf switch is connected to one of the spine switches.

A chọn lại là C Explanation With Leaf-Spine, the network uses Layer 3 routing so STP is no longer required. Spine-leaf architectures rely on protocols such as Equal-Cost Multipath (ECPM) routing to load balance traffic across all available paths while still preventing network loops. This allows all connections to be utilized at the same time while still remaining stable and avoiding loops within the network.

Question 1 Which communication interaction takes place when a southbound API is used? A. between the SDN controller and PCs on the network B. between the SDN controller and switches and routers on the network C. between the SDN controller and services and applications on the network D. between network applications and switches and routers on the network

B

Question 1 Which statement identifies the functionality of virtual machines? A. Virtualized servers run most efficiently when they are physically connected to a switch that is separate from the hypervisor B. The hypervisor can virtualize physical components including CPU, memory, and storage C. Each hypervisor can support a single virtual machine and a single software switch D. The hypervisor communicates on Layer 3 without the need for additional resources

B

Question 135 What is an expected outcome when network management automation is deployed? A. A distributed management plane must be used. B. Software upgrades are performed from a central controller C. Complexity increases when new device configurations are added D. Custom applications are needed to configure network devices

B

Question 16 What describes the operation of virtual machines? A. Virtual machines are responsible for managing and allocating host hardware resources B. Virtual machines are operating system instances that are decoupled from server hardware C. Virtual machines are the physical hardware that support a virtual environment D. In a virtual machine environment, physical servers must run one operating system at a time

B

Question 2 What mechanism carries multicast traffic between remote sites and supports encryption? A. ISATAP B. GRE over IPsec C. IPsec over ISATAP D. GRE

B

Question 20 Which network plane is centralized and manages routing decisions? A. policy plane B. control plane C. management plane D. data plane

B

Question 28 What differentiates device management enabled by Cisco DNA Center from traditional campus device management? A. CLI-oriented device B. centralized C. per-device D. device-by-device hands-on

B

Question 3 Anycompany has decided to reduce its environmental footprint by reducing energy costs, moving to a smaller facility, and promoting telecommuting. What service or technology would support this requirement? A. Cisco ACI B. cloud services C. APIC-EM D. data center

B

Question 3 What is a function of a remote access VPN? A. used cryptographic tunneling to protect the privacy of data for multiple users simultaneously B. allows the users to access company internal network resources through a secure tunnel C. used exclusively when a user is connected to a company's internal network D. establishes a secure tunnel between two branch sites

B

Question 32 Which type of API allows SDN controllers to dynamically make changes to the network? A. northbound API B. southbound API C. SOAP API D. REST API

B

Question 55 Why would a network administrator choose to implement automation in a network environment? A. to centralize device information storage B. to simplify the process of maintaining a consistent configuration state across all devices C. to deploy the management plane separately from the rest of the network D. to implement centralized user account management

B

Question 63 What is the function of the controller in a software-defined network? A. forwarding packets B. making routing decisions C. multicast replication at the hardware level D. fragmenting and reassembling packets

B

Question 6 What software defined architecture plane assists network devices with making packet forwarding decisions by providing Layer 2 reachability and Layer 3 routing information? A. data plane B. control plane C. policy plane D. management plane

B Explanation Control Plane Function In its simplest form, the control plane provides layer-2 MAC reachability and layer-3 routing information to network devices that require this information to make packet forwarding decisions. In the case of firewalls, the control plane would include stateful flow information for inspection. Control plane functionality can implemented as follows: + Distributed - Conventional routers and switches operate using distributed protocols for control, i.e. where each device makes its own decisions about what to do, and communicate relevant information to other devices for input into their decision making process. For example, the Spanning Tree Protocol (STP), Fabric Path, and routing protocols such as IS-IS and BGP provide distributed control of packet forwarding functionality to networking devices. + Centralized - In this case, a centralized controller provides the necessary information for a network element to make a decision. For example, these controller(s) instruct networking devices on where to forward packets by explicitly programming their MAC and FIBs. Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/VMDC/SDN/ SDN.html

Question 80 A network architect is considering whether to implement Cisco DNA Center to deploy devices on a new network. The organization is focused on reducing the time it currently takes to deploy devices in a traditional campus design. For which reason would Cisco DNA Center be more appropriate than traditional management options? A. Cisco DNA Center provides zero-touch provisioning to third-party devices. B. Cisco DNA Center supports deployment with a single pane of glass. C. Cisco DNA Center minimizes the level of syslog output when reporting on Cisco devices. D. Cisco DNA Center reduces the need for analytics on third-party access points and devices.

B Explanation DNA Center can be the "controller" or single pane of glass for deploying and managing on- premises Cisco networks including routing, switching, Software Defined Wireless Area Network (SD-WAN), and security devices like Cisco Identity Services Engine (ISE) and Firepower. VPN Questions Premium Member: You can test your knowledge with these questions first via this link (via HTML).

Question 1 Which type of VPN uses a hub-and-spoke configuration to establish a full mesh topology? A. GRE over IPsec B. dynamic multipoint VPN C. MPLS VPN D. IPsec virtual tunnel interface

B Explanation Dynamic Multipoint VPN (DMVPN) is a solution of Cisco. DMVPN provides the following advantages: + Provides full meshed connectivity with simple Hub-and-Spoke topology. The spokes can communicate between each other without going through Hub + Only one static public IP address is required on Hub. Spokes can use dynamic (unknown) public IP addresses + The configuration is simple even in large network. No additional configuration is required on Hub when new Spokes are added.

Question 2 What is a characteristic of cloud-based network topology? A. physical workstations are configured to share resources B. services are provided by a public, private, or hybrid deployment C. onsite network services are provided with physical Layer 2 and Layer 3 components D. wireless connections provide the sole access method to services

B Explanation In private cloud, the resources are dedicated to an organization without sharing with anyone else - > Answer A is not correct. Nowadays, onsite network services (network devices in a cloud) can be run in a virtualization environment -> Answer C is not correct. We can access the services via both cable or wireless connections -> Answer D is not correct. Cloud computing can be categorized into three general types: + Public cloud is cloud computing that's delivered via the internet and shared across organizations. + Private cloud is cloud computing that is dedicated solely to your organization. + Hybrid cloud is any environment that uses both public and private clouds.

Question 3 Which option about JSON is true? A. uses predefined tags or angle brackets (<>) to delimit markup text B. used to describe structured data that includes arrays C. used for storing information D. similar to HTML, it is more verbose than XML

B Explanation JSON data is written as name/value pairs. A name/value pair consists of a field name (in double quotes), followed by a colon, followed by a value: "name":"Mark" JSON can use arrays. Array values must be of type string, number, object, array, boolean or null.. For example: { "name":"John", "age":30, "cars":[ "Ford", "BMW", "Fiat" ] }

Question 7 What are two benefits of controller-based networking compared to traditional networking? (Choose two) A. controller-based increases network bandwidth usage, while traditional lightens the load on the network. B. controller-based reduces network configuration complexity, while traditional increases the potential for errors C. controller-based inflates software costs, while traditional decreases individual licensing costs D. controller-based allows for fewer network failure, while traditional increases failure rates E. controller-based provides centralization of key IT functions. While traditional requires distributes management function

B E

Question 5 Which networking function occurs on the data plane? A. facilitates spanning-tree elections B. processing inbound SSH management traffic C. forwarding remote client/server traffic D. sending and receiving OSPF Hello packets

C

Question 31 What is a characteristic of a SOHO network? A. connects each switch to every other switch in the network B. enables multiple users to share a single broadband connection C. provides high throughput access for 1000 or more users D. includes at least three tiers of devices to provide load balancing and redundancy

B Explanation SOHO is the abbreviation for Small Office/Home Office network. These days, many budding entrepreneurs and small business owners prefer to work from home or to maintain only a small office. Budding entrepreneurs and small business owners need small network and access to the Internet for their daily work. SOHO network is a solution for this type of network requirement. SOHO network is meant for use in small businesses. Most cases, SOHO networks are configured for privately owned business or individuals who are self-employed. SOHO networks are small LANs (Local Area Networks). Typically, SOHO networks consists of less than 10 computers. Network service servers like DNS server, email server, web server etc., are typically configured outside SOHO network.

Question 20 Which type of organization should use a collapsed-core architecture? A. large and requires a flexible, scalable network design B. small and needs to reduce networking costs currently C. large and must minimize downtime when hardware fails D. small but is expected to grow dramatically in the near future

B Explanation The three-tier hierarchical design maximizes performance, network availability, and the ability to scale the network design. Most small enterprise campus' do not grow significantly larger over time, and most small enterprise campus are small enough to be well served by a two-tier hierarchical design, where the core and distribution layers are collapsed into one layer. The primary motivation for the collapsed core design is reducing network cost, while maintaining most of the benefits of the three-tier hierarchical model. Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Small_Enterprise_Design_ Profile/SEDP/chap2.html

Question 7 A manager asks a network engineer to advise which cloud service models are used so employees do not have to waste their time installing, managing, and updating software which is only used occasionally. Which cloud service model does the engineer recommend? A. infrastructure-as-a-service B. software-as-a-service C. platform-as-a-service D. business process as service to support different types of service

B Explanation Three cloud supporting services cloud providers provide to customer: + SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the clients' side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. + PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a third-party provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications. PaaS provides everything except applications. + IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing.

Question 3 What are two characteristics of a controller-based network? (Choose two) A. The administrator can make configuration updates from the CLI B. It uses northbound and southbound APIs to communicate between architectural layers C. It moves the control plane to a central point D. It decentralizes the control plane, which allows each device to make its own forwarding decisions E. It uses Telnet to report system issues.

B C

Question 4 What are two fundamentals of virtualization? (Choose two) A. The environment must be configured with one hypervisor that serves solely as a network manager to monitor SNMP traffic B. It allows logical network devices to move traffic between virtual machines and the rest of the physical network C. It allows multiple operating systems and applications to run independently on one physical server D. It allows a physical router to directly connect NICs from each virtual machine into the network E. It requires that some servers, virtual machines and network gear reside on the Internet

B C

Question 4 What are two southbound APIs? (Choose two) A. Thrift B. NETCONF C. Open Flow D. DSC E. CORBA

B C Explanation OpenFlow is a well-known southbound API. OpenFlow defines the way the SDN Controller should interact with the forwarding plane to make adjustments to the network, so it can better adapt to changing business requirements. The Network Configuration Protocol (NetConf) uses Extensible Markup Language (XML) to install, manipulate and delete configuration to network devices. Other southbound APIs are: + onePK: a Cisco proprietary SBI to inspect or modify the network element configuration without hardware upgrades. + OpFlex: an open-standard, distributed control system. It send "summary policy" to network elements.

Question 1 Which two capacities of Cisco DNA Center make it more extensible? (Choose two) A. adapters that support all families of Cisco IOS software B. SDKs that support interaction with third-party network equipment C. customized versions for small, medium, and large enterprises D. REST APIs that allow for external applications to interact natively with Cisco DNA Center E. modular design that is upgradable as needed

B D Explanation Cisco DNA Center offers 360-degree extensibility through four distinct types of platform capabilities: + Intent-based APIs leverage the controller and enable business and IT applications to deliver intent to the network and to reap network analytics and insights for IT and business innovation. + Process adapters, built on integration APIs, allow integration with other IT and network systems to streamline IT operations and processes. + Domain adapters, built on integration APIs, allow integration with other infrastructure domains such as data center, WAN, and security to deliver a consistent intent-based infrastructure across the entire IT environment. + SDKs allow management to be extended to third-party vendor's network devices to offer support for diverse environments. Reference: https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/dna- center/nb-06-dna-cent-platf-aag-cte-en.html

Question 32 An implementer is preparing hardware for virtualization to create virtual machines on a host. What is needed to provide communication between hardware and virtual machines? A. straight cable B. router C. hypervisor D. switch

C

Question 50 Which plane is centralized by an SDN controller? A. data plane B. management plane C. control plane D. services plane

C

Question 5 Which two encoding methods are supported by REST APIs? (Choose two) A. YAML B. JSON C. EBCDIC D. SGML E. XML

B E Explanation The Application Policy Infrastructure Controller (APIC) REST API is a programmatic interface that uses REST architecture. The API accepts and returns HTTP (not enabled by default) or HTTPS messages that contain JavaScript Object Notation (JSON) or Extensible Markup Language (XML) documents. Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2- x/rest_cfg/2_1_x/b_Cisco_APIC_REST_API_Configuration_Guide/b_Cisco_APIC_REST_API_Configu ration_Guide_chapter_01.html

Question 1 Which statement about the Cisco ACI fabric is most accurate? A. The APIC is able to enforce security by inserting itself into the data path. B. The fabric header carries the EPG from the egress to the ingress leaf switch. C. An APIC is a cluster of at least three APIC controllers, providing a single point of management without a single point of failure. D. The spine switch rewrites the EPG from ingress to egress when it performs the forwarding proxy function

C

Question 2 What makes Cisco DNA Center different from traditional network management applications and their management of networks? A. It only supports auto-discovery of network elements in a green field deployment. B. It modular design allows someone to implement different versions to meet the specific needs of an organization C. It abstracts policy from the actual device configuration D. It does not support high availability of management functions when operating in cluster mode

C

Question 2 Which option best describes an API? A. communication often uses either Java scripting, Python, XML, or simple HTTP B. an architectural style (versus a protocol) for designing applications C. a stateless client-server model D. request a certain type of data by specifying the URL path that models the data

C

Question 27 What is a function of spine-and-leaf architecture? A. mitigates oversubscription by adding a layer of leaf switches B. limits payload size of traffic within the leaf layer C. offers predictable latency of the traffic path between end devices D. exclusively sends multicast traffic between servers that are directly connected to the spine

C Explanation A spine-leaf architecture aids this by ensuring traffic is always the same number of hops from its next destination, so latency is lower and predictable. Reference: https://www.arubanetworks.com/faq/what-is-spine-leaf-architecture/

Question 37 Which WAN topology provides a combination of simplicity quality, and availability? A. partial mesh B. full mesh C. point-to-point D. hub-and-spoke

C Explanation Advantages/Disadvantages of Leased Lines Advantages Simplicity: Point-to-point communication links require minimal expertise to install and maintain. Quality: Point-to-point communication links usually offer high service quality, if they have adequate bandwidth. The dedicated capacity removes latency or jitter between the endpoints. Availability: Constant availability is essential for some applications, such as e-commerce. Point-to- point communication links provide permanent, dedicated capacity, which is required for VoIP or Video over IP. Disadvantages Cost: Point-to-point links are generally the most expensive type of WAN access. The cost of leased-line solutions can become significant when they are used to connect many sites over increasing distances. In addition, each endpoint requires an interface on the router, which increases equipment costs. Limited flexibility: WAN traffic is often variable, and leased lines have a fixed capacity, so the bandwidth of the line seldom matches the need exactly. Any change to the leased line generally requires a site visit by ISP personnel to adjust capacity. Reference: https://www.ciscopress.com/articles/article.asp?p=2832405&seqNum=5

Question 25 Which JSON data type is an unordered set of attribute-value pairs? A. array B. string C. object D. Boolean

C Explanation An object is an unordered collection of zero or more name/value pairs. For example {"name":"John"}. Objects are denoted by curly brackets, which means that the order is not guaranteed. For example, if you send a request {"name":"9tut","preferredColor":"Blue"}, it is not always guaranteed that the receiver receives them in the same order. Note: In contrast to object, an array is an ordered sequence of zero or more values. For example ["a","b","c"]. Arrays use square brackets to denote arrays. Order is guaranteed in JSON arrays.

Question 20 When a site-to-site VPN is configured, which IPsec mode provides encapsulation and encryption of the entire original IP packet? A. IPsec tunnel mode with AH B. IPsec transport mode with AH C. IPsec tunnel mode with ESP D. IPsec transport mode with ESP

C Explanation IPSec can be configured to operate in two different modes, Tunnel (default) and Transport mode. Transport mode encapsulation retains the original IP header. With tunnel mode, the entire original IP packet is protected by IPSec -> In this question we must choose tunnel mode. The AH protocol provides a mechanism for authentication only. The ESP protocol provides data confidentiality (encryption) and authentication (data integrity, data origin authentication, and replay protection) -> We must use ESP. Reference: https://www.ibm.com/docs/en/zos/2.4.0?topic=ipsec-ah-esp-protocols

Question 8 In software defined architectures, which plane is distributed and responsible for traffic forwarding? A. management plane B. control plane C. data plane D. policy plane

C Explanation The Open Networking Foundation identifies three main parts of the Software-defined networking (SDN): Application layer; Control layer and Infrastructure layer. SDN separates a router's control plane from the data (forwarding) plane. The control plane makes routing decisions. The data plane forwards data (packets) through the router. With SDN routing, decisions are made remotely instead of on each individual router.

Question 5 What is the name of the layer in the Cisco borderless switched network design that is considered to be the backbone used for high-speed connectivity and fault isolation? A. data link B. access C. core D. network E. network access

C Explanation The key layers are access, distribution, and core. The core layer is the network backbone that hierarchically connects several layers of the network design, providing for connectivity between end devices, computing and data storage services located within the data center and other areas, and services within the network.

Question 10 Which function is performed by the collapsed core layer in a two-tier architecture? A. applying security policies` B. marking interesting traffic for data polices (qoS) C. enforcing routing policies D. attaching users to the edge of the network

C Explanation The three-tier hierarchical design maximizes performance, network availability, and the ability to scale the network design. However, many small enterprise networks do not grow significantly larger over time. Therefore, a two-tier hierarchical design where the core and distribution layers are collapsed into one layer is often more practical. A "collapsed core" is when the distribution layer and core layer functions are implemented by a single device. The primary motivation for the collapsed core design is reducing network cost, while maintaining most of the benefits of the three-tier hierarchical model. Reference: https://www.ciscopress.com/articles/article.asp?p=2202410&seqNum=4 A collapsed core network is shown below. The collapsed core network may be deployed with redundant core/distribution router, or consolidated core/distribution router. Deploying a collapsed core network results in the distribution layer and core layer functions being implemented in a single device. The collapsed core/distribution device must provide the following: + High speed physical and logical paths connecting to the network + Layer-2 aggregation and demarcation point + Define routing and network access policies -> Answer C is correct + Intelligent network services—QoS, Network virtualization, etc. Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Small_Enterprise_Design_ Profile/SEDP/chap2.html

Question 10 Which interface enables communication between a program on the controller and a program on the networking devices? A. northbound interface B. software virtual interface C. southbound interface D. tunnel interface

C Explanation We use Southbound API to communicate between the Controllers and Network Elements.

Question 2 What are two descriptions of three-tier network topologies? (Choose two) A. The core and distribution layers perform the same functions B. The access layer manages routing between devices in different domains C. The network core is designed to maintain continuous connectivity when devices fail D. The core layer maintains wired connections for each host E. The distribution layer runs Layer 2 and Layer 3 technologies

C E

Question 9 Which two functions are performed by the core layer in a three-tier architecture? (Choose two) A. Provide direct connectivity for end user devices B. Police traffic that is sent to the edge of the network C. Provide uninterrupted forwarding service D. Inspect packets for malicious activity E. Ensure timely data transfer between layers (Highspeed switching)

C E Explanation Considerations at the core layer include + Providing high-speed switching (i.e., fast transport) + Providing reliability and fault tolerance + Scaling by using faster, and not more, equipment + Avoiding CPU-intensive packet manipulation caused by security, inspection, quality of service (QoS) classification, or other processes Reference: https://www.ciscopress.com/articles/article.asp?p=2202410&seqNum=4

Question 10 With REST API, which standard HTTP header tells a server which media type is expected by the client? A. Accept-Encoding: gzip, deflate B. Accept-Patch: text/example; charset=utf-8 C. Content-Type: application/json; charset=utf-8 D. Accept: application/json

D

Question 21 Which technology allows for multiple operating systems to be run on a single host computer? A. virtual device contexts B. network port ID visualization C. virtual routing and forwarding D. server virtualization

D

Question 32 What is the function of a hub-and-spoke WAN topology? A. supports application optimization B. provides direct connections between subscribers C. supports Layer 2 VPNs D. allows access restrictions to be implemented between subscriber sites

D

Question 45 What is the purpose of a southbound API in a control based networking architecture? A. facilities communication between the controller and the applications B. integrates a controller with other automation and orchestration tools C. allows application developers to interact with the network D. facilities communication between the controller and the networking hardware

D

Question 51 Which network action occurs within the data plane? A. compare the destination IP address to the IP routing table B. make a configuration change from an incoming NETCONF RPC C. run routing protocols (OSPF, EIGRP, RIP, BGP) D. reply to an incoming ICMP echo request

D

Question 7 What is the path for traffic sent from one user workstation to another workstation on a separate switch block in a three-layer architecture model? A. access - core - distribution - access B. access - distribution - distribution - access C. access - core - access D. access -distribution - core - distribution - access

D

Question 8 How do servers connect to the network in a virtual environment? A. wireless to an access point that is physically connected to the network B. a cable connected to a physical switch on the network C. a virtual switch that links to an access point that is physically connected to the network D. a software switch on a hypervisor that is physically connected to the network

D

Question 91 Which action is taken by the data plane within a network device? A. looks up an egress interface in the forwarding information base B. constructs a routing table based on a routing protocol C. provides CLI access to the network device D. forwards traffic to the next hop

D

Question 93 What is a benefit for external users who consume public cloud resources? A. implemented over a dedicated WAN B. located in the same data center as the users C. all hosted on physical servers D. accessed over the Internet

D

Question 2 An organization has decided to start using cloud-provided services. Which cloud service allows the organization to install its own operating system on a virtual machine? A. platform-as-a-service B. software-as-a-service C. network-as-a-service D. infrastructure-as-a-service

D Explanation Below are the 3 cloud supporting services cloud providers provide to customer: + SaaS (Software as a Service): SaaS uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the clients' side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. + PaaS (Platform as a Service): are used for applications, and other development, while providing cloud components to software. What developers gain with PaaS is a framework they can build upon to develop or customize applications. PaaS makes the development, testing, and deployment of applications quick, simple, and cost-effective. With this technology, enterprise operations, or a third-party provider, can manage OSes, virtualization, servers, storage, networking, and the PaaS software itself. Developers, however, manage the applications. + IaaS (Infrastructure as a Service): self-service models for accessing, monitoring, and managing remote datacenter infrastructures, such as compute (virtualized or bare metal), storage, networking, and networking services (e.g. firewalls). Instead of having to purchase hardware outright, users can purchase IaaS based on consumption, similar to electricity or other utility billing. In general, IaaS provides hardware so that an organization can install their own operating system.

Question 10 Which CRUD operation modifies an existing table or view? A. read B. replace C. create D. update

D Explanation CRUD is short for CREATE, READ, UPDATE and DELETE operations. Only UPDATE operation modifies an existing table or view.

Question 6 A company needs to interconnect several branch offices across a metropolitan area. The network engineer is seeking a solution that provides high-speed converged traffic, including voice, video, and data on the same network infrastructure. The company also wants easy integration to their existing LAN infrastructure in their office locations. Which technology should be recommended? A. VSAT B. ISDN C. Frame Relay D. Ethernet WAN

D Explanation Ethernet WAN offer the ability of using Ethernet over long-distance links.

Question 77 Which WAN topology has the highest degree of reliability? A. router-on-a-stick B. Point-to-point C. hub-and-spoke D. full mesh

D Explanation Full-mesh is a network topology in which there is a direct link between all pairs of nodes. Below is an example of full-mesh topology.

Question 8 What is the function of a controller in controller-based networking? A. It is a pair of core routers that maintain all routing decisions for a campus B. It centralizes the data plane for the network C. It is the card on a core router that maintains all routing decisions for a campus D. It serves as the centralized management point of an SDN architecture

D Explanation In constrast to distributed architecture, centralized (or controller-based) architectures centralizes the control of networking devices into one device, called SDN controller.

Question 1 Which output displays a JSON data representation? A. { "response",{ "taskId",{}; "url","string" }; "version", "string" } B. { "response":{ "taskId",{}; "url","string" }; "version"; "string" } C. { "response"- { "taskId"- {}; "url"-"string" }, "version"-"string" } D. { "response":{ "taskId":{}, "url":"string" }, "version": "string" }

D Explanation JSON data is written as name/value pairs. A name/value pair consists of a field name (in double quotes), followed by a colon, followed by a value: "name":"Mark" JSON can use arrays. Array values must be of type string, number, object, array, boolean or null. For example: { "name":"John", "age":30, "cars":[ "Ford", "BMW", "Fiat" ] } JSON can have empty object like "taskId":{}

Question 6 Which cloud service model does the engineer recommend? A. infrastructure-as-a-service B. platform-as-a-service C. business process as service to support different types of service D. software-as-a-service

D Explanation Maybe this question is missing some information but software-as-a-service (SaaS) helps save a lot of time to install OS, softwares for running a business.

Question 16 What is a function of the Cisco DNA Center Overall Health Dashboard? A. It summarizes daily and weekly CPU usage for servers and workstations in the network. B. It provides detailed activity logging for the 10 devices and users on the network. C. It summarizes the operational status of each wireless device on the network. D. It provides a summary of the top 10 global issues.

D Explanation The bottom of Cisco DNA Center Overall Health Dashboard displays the top 10 issues, if any, that must be addressed.

Question 18 Where is the interface between the control plane and data plane within the software-defined architecture? A. application layer and the management layer B. application layer and the infrastructure layer C. control layer and the application layer D. control layer and the infrastructure layer

D Explanation Maybe we should understand this question "What are the layers inside control plane and data plane within the software-defined architecture?" However, this question is still not clear. The Open Networking Foundation identifies three main parts of the Software-defined networking (SDN): Application layer; Control layer and Infrastructure layer. SDN separates a router's control plane from the data (forwarding) plane. The control plane makes routing decisions. The data plane forwards data (packets) through the router. With SDN routing, decisions are made remotely instead of on each individual router.

Question 5 Which statement correctly compares traditional networks and controller-based networks? A. Only traditional networks offer a centralized control plane B. Only traditional networks natively support centralized management C. Traditional and controller-based networks abstract policies from device configurations D. Only controller-based networks decouple the control plane and the data plane

D Explanation Most traditional devices use a distributed architecture, in which each control plane is resided in a networking device. Therefore they need to communicate with each other via messages to work correctly. In contrast to distributed architecture, centralized (or controller-based) architectures centralizes the control of networking devices into one device, called SDN controller -> Answer D is correct.

Question 1 What is the function of northbound API? A. It upgrades software and restores files. B. It relies on global provisioning and configuration. C. It supports distributed processing for configuration. D. It provides a path between an SDN controller and network applications.

D Explanation Now, in turn, the networking administrators and SDN applications want to control the controller! So the controller need a northbound interface (NBI) to communicate with us. The NBI applications included various network services, including network virtualization, dynamic virtual network provisioning, firewall monitoring, user identity management and access policy control.

Question 6 What does an SDN controller use as a communication protocol to relay forwarding changes to a southbound API? A. XML B. Java C. REST D. OpenFlow

D Explanation OpenFlow and NETCONF are Southbound APIs used for most SDN implementations. Note: SDN northbound APIs are usually RESTful APIs used to communicate between the SDN Controller and the services and applications running over the network.

Question 16 Which type of traffic is sent with pure IPsec? A. broadcast packets from a switch that is attempting to locate a MAC address at one of several remote sites B. multicast traffic from a server at one site to hosts at another location C. spanning-tree updates between switches that are at two different sites D. unicast messages from a host at a remote site to a server at headquarters

D Explanation Pure IPSec configuration (no GRE tunnel) does not support multicast or broadcast traffic. Spanning-tree updates use multicast too. -> Answer A, answer B and answer C are not correct.

Question 8 What is a characteristic of the REST API? A. evolved into what became SOAP B. used for exchanging XML structured information over HTTP or SMTP C. considered slow, complex, and rigid D. most widely used API for web services

D Explanation REST API is an API that works on top of the HTTP protocol. It defines a set of functions developers can use to perform requests and receive responses via HTTP protocol such as GET and POST. REST APIs are the most popular API used for web services nowadays.

Question 48 Which technology is appropriate for communication between an SDN controller and applications running over the network? A. OpenFlow B. Southbound API C. NETCONF D. REST API

D Explanation Software-defined northbound application program interfaces (SDN northbound APIs) are usually SDN RESTful APIs used to communicate between the SDN Controller and the services and applications running over the network. Note: OpenFlow and NETCONF are Southbound APIs used for most SDN implementations.

Question 5 In which way does a spine and-leaf architecture allow for scalability in a network when additional access ports are required? A. A spine switch and a leaf switch can be added with redundant connections between them B. A spine switch can be added with at least 40 GB uplinks C. A leaf switch can be added with a single connection to a core spine switch D. A leaf switch can be added with connections to every spine switch

D Explanation Spine-leaf architecture is typically deployed as two layers: spines (such as an aggregation layer), and leaves (such as an access layer). Spine-leaf topologies provide high-bandwidth, low-latency, nonblocking server-to-server connectivity. Leaf (aggregation) switches are what provide devices access to the fabric (the network of spine and leaf switches) and are typically deployed at the top of the rack. Generally, devices connect to the leaf switches. Devices can include servers, Layer 4-7 services (firewalls and load balancers), and WAN or Internet routers. Leaf switches do not connect to other leaf switches. In spine-and- leaf architecture, every leaf should connect to every spine in a full mesh. Spine (aggregation) switches are used to connect to all leaf switches and are typically deployed at the end or middle of the row. Spine switches do not connect to other spine switches. Reference: https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series- switches/guide-c07-733228.html

Question 94 In an SDN architecture, which function of a network node is centralized on a controller? A. provides protocol access for remote access devices B. discards a message due filtering C. creates the IP routing table D. makes a routing decision

D Explanation The Open Networking Foundation identifies three main parts of the Software-defined networking (SDN): Application layer; Control layer and Infrastructure layer. SDN separates a router's control plane from the data (forwarding) plane. The control plane makes routing decisions. The data plane forwards data (packets) through the router. With SDN routing, decisions are made remotely instead of on each individual router.

Question 2 Which API is used in controller-based architectures to interact with edge devices? A. overlay B. northbound C. underlay D. southbound

D Explanation The Southbound API is used to communicate with network devices.

Question 97 When should an engineer implement a collapsed-core architecture? A. for large networks that are connected to multiple remote sites B. the access and distribution layers must be on the same device C. only when using VSS technology D. for small networks with minimal need for growth

D Explanation The three-tier hierarchical design maximizes performance, network availability, and the ability to scale the network design. Most small enterprise campus' do not grow significantly larger over time, and most small enterprise campus are small enough to be well served by a two-tier hierarchical design, where the core and distribution layers are collapsed into one layer. The primary motivation for the collapsed core design is reducing network cost, while maintaining most of the benefits of the three-tier hierarchical model. Reference: https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Small_Enterprise_Design_ Profile/SEDP/chap2.html

Question 7 Which type of API would be used to allow authorized salespeople of an organization access to internal sales data from their mobile devices? A. partner B. open C. public D. private

D Explanation There are three types of API: + Open APIs (Public APIs) - These APIs are publicly available and can be used with no restrictions. Because these APIs are public, many API providers require the user to get a free key, or token, prior to using the API. This is to help control the number of API requests they receive and process. + Internal (Private APIs) - These are APIs that are used by an organization or company to access data and services for internal use only. An example of an internal API is allowing authorized salespeople access to internal sales data on their mobile devices. + Partner APIs - These are APIs that are used between a company and its business partners or contractors to facilitate business between them. The business partner must have a license or other form of permission to use the API. A travel service using an airline's API is an example of a partner API.

Question 75 Which two characteristics are representative of virtual machines (VMs)? (Choose two) A. A VM on a hypervisor is automatically interconnected to other VMs. B. A VM on an individual hypervisor shares resources equally. C. Each VMs operating system depends on its hypervisor. D. Each VM runs independently of any other VM in the same hypervisor. E. multiple VMs operate on the same underlying hardware.

D E SDN Questions Premium Member: You can test your knowledge with these questions first via this link (via HTML). Now, in turn, the networking administrators and SDN applications want to control the controller! So the controller need a northbound interface (NBI) to communicate with us. The NBI applications included various network services, including network virtualization, dynamic virtual network provisioning, firewall monitoring, user identity management and access policy control. - REST (Representational State Transfer) describes a type of API that allows applications to sit on different hosts, using HTTP messages to transfer data over the API. Three SDN controllers which are mentioned in CCNA: + OpenDaylight Controller: an OpenFlow-based SDN + Cisco Application Centric Infrastructure (ACI) + Cisco APIC Enterprise Module (APIC-EM)

Question 65 Which two VPN technologies are recommended by Cisco for multiple branch offices and large-scale deployments? (Choose two) A. IPsec remote access B. site-to-site VPN C. clientless VPN D. GETVPN E. DMVPN

D E Explanation Cisco DMVPN can be deployed in conjunction with Cisco IOS Firewall and Cisco IOS IPS, as well as quality of service (QoS), IP Multicast, split tunneling, and routing-based failover mechanisms. Large-scale, highly available Cisco DMVPN deployments are made possible by load balancing multiple Cisco DMVPN hubs. Reference: https://www.cisco.com/c/en/us/products/collateral/security/dynamic-multipoint-vpn- dmvpn/data_sheet_c78-468520.html Get VPNs provide large scale, connectionless, tunnel free transmission protection taking advantage of existing routing infrastructure and can be used with MPLS, IP, Frame relay and ATM networks. Reference: https://ipwithease.com/flexvpn-vs-getvpn/ Note: Site-to-Site VPN is a simple VPN that connects a central site and a remote site, or a hub and spoke VPN that connects a central site with multiple remote sites -> It is not suitable for large- scale deployments. With clientless VPN, a tunnel is established from a web browser on the remote user's device to the outside interface of the VPN gateway's SSL component -> It is not suitable for large-scale deployments. IPSec remote access is used to connect remote-access clients, such as a PC or small office, home office (SOHO) device. Automation Questions


Set pelajaran terkait

Chapter 21: The Musculoskeletal System Practice Questions

View Set