Summary challenges

Which three statements are true about firewalls? (Choose three.)

-If a system in a security zone is compromised, a firewall can help to contain the attack within that zone. -A firewall can prevent undesired access to a network security zone. -A firewall can introduce a performance bottleneck.

Which three options correctly defines the features of Cisco DNA Center? (Choose three.)

-User and device profiles that facilitate highly secure access and network segmentation based on business needs -An open and extensible platform allows third-party applications and processes to exchange data -Zero-touch device provisioning and software image management

Which three options describe methods of accommodating per-user or per-group network authorization? (Choose three)

-downloadable ACLs for switches -security group access -VLAN assignment

In a traditional network, what is the Industry average in days to detect a common threat?

100

Which server return code indicates that the server accepted your request, but it must perform other actions in order to complete the request?

202 accepted

How many layers are recommended in the hierarchical network design?

3

Which is the default aging time, in seconds, for entries in the MAC address-table on a Catalyst switch?

300

Which NETCONF operation loads all or part of a configuration to the specified datastore?

<edit-config>

Which statement about network core design is true?

A dedicated core layer allows the campus to more easily accommodate growth.

What makes a firewall a next-generation firewall?

Additional features such as Context Awareness and Advanced Malware Protection

Which type of AAA message does the TACACS+ shared secret key use for encryption between the client and server?

All messages (Authentication messages Authorization messages Accounting messages)

Which device typically serves as a network access server?

All the above (Router Switch Firewall Access point)

Which AAA function does not depend on the other two?

Authentication

If a user needs to be in privileged EXEC or enable mode, which part of AAA must succeed?

Authorization

Which two of the following routing protocols can the vEdge router use for learning reachability information from the service-side interfaces? (Choose two.)

BGP OSPF

Which of following options is the protocol that will prevent a bridging loop if BPDUs are received on an interface that has the STP calculation disabled?

BPDU gaurd

Which one of the following options is the default switching mode, and uses information from tables that are built by the CPU, such as the routing table and the Address Resolution Protocol (ARP) table, to build hardware-based tables that are known as the Forwarding Information Base (FIB) and adjacency tables.

CEF

Which two of the following options are tools that require a software agent to be installed on all devices you want to manage? (Choose two.)

Chef, Puppet

Which platform is a virtual version of IOS XE Software for cloud deployments that helps extend the enterprise network environment of the cloud?

Cisco CSR 1000v

Which of the following Yang model is used to ensure even features mapped to a given platform are still model driven, meaning APIs can still be used for those features?

Cisco Platform Specific

What are the three types of authentication options available in networks today? (Choose three.)

Credentials Certificates Biometrics

Which of the following is used to manage the automation of network device configuration?

DNA Center

Which three of the following options are characteristics of the vBond Orchestration Plane? (Choose three.)

Distributes a list of vSmart controllers to all vEdge routers First point of authentication Authorizes all control connections

Which node provides the endpoints a single anycast Layer 3 gateway?

Edge Node

Which node serve as the gateway between the fabric domain and the "known" network outside of the fabric?

Fabric border node

Which option is a limitation of TACACS+?

Has slower response time than RADIUS

Which is a centralized CLI management tool to help design and provision templates in the Cisco DNA Center?

Image Repository

Which two of the following options are the main data encoding formats that are commonly used in Application Programming Interfaces? (Choose two.)

JSON, XML

Which three are examples of an overlay network? (Choose three.)

MPLS CAPWAP LISP

On a Cisco router, which of the following two actions are functions of the control layer between the routing protocol and the firmware data plane microcode? (Choose two.)

Managing the internal data and control circuits for the packet-forwarding and control functions. Collecting the data plane information, such as traffic statistics, from the interface module to the route processor.

What is the role of the router or switch in the AAA architecture?

NAS

Which of the following Cisco DNA Center tools Provides programmatic access to the Discovery functionality of Cisco DNA Center?

Network Discovery API

Which of the following describes an industry-standard API that the ONF (Open Networking Foundation) defines?

OpenFlow

Which of the following actions used by the Cisco DNA Center Intent API writes new data at the path that the URL specifies?

POST

Which of the following HTTP verbs is normally used to update or replace an already existing resource?

PUT

Which two statements is correct concerning phishing?

Phishing is a common social engineering technique. The goal is to get the victim to enter personal information.

Which of the following Cisco Switching Mechanisms requires a Cisco router to processes all packets in CPU?

Process switching

Which of the following is a TACACS+ message sent from the AAA client to the AAA server?

START

Which two of the following options are IEEE variants of the Spanning Tree Protocol? (Choose two.) STP

STP, MSTP

From configuration mode, what command sequence would create VLAN 20 and name the VLAN Voice?

SW1(config)# vlan 20 SW1(config-vlan)# name Voice

Which command when issued on a trunking interface, would set a VLAN that is not to be given an 802.1q tag?

SW2(config-if)# switchport trunk native vlan 99

Which of the following is an open-source, Python-based software for event driven IT automation .

Saltstack

Which benefit of AAA is best described by the ability to track outdated user credentials across multiple network devices?

Scalability

Which Cisco DNA Center API retrieves site hierarchy with network health information?

Site hierarchy Intent API

Which of the following tables is used to make the decision on whether a frame should even be forwarded based on the frame being permitted in an ACL?

TCAM

Which is a centralized CLI management tool to help design and provision templates in the Cisco DNA Center?

Template Editor

Which of the following Cisco DNA Center tools enables you to perform CRUD (Create, Read, Update and Delete) operations on templates and projects that the template programmer uses to facilitate design and provisioning workflows in Cisco DNA Center?

Template Programmer API

Which best describes the SD-WAN solution?

The Cisco SD-WAN solution is a software-based, virtual IP fabric overlay network that builds a secure, unified connectivity over any transport network (the underlay).

Which is the calculation used to determine the root port in the Spanning Tree Calculation?

The port with the lowest cost to the root

In STP, what is the default factor that determines the cost of the path associated with a link?

The speed of the link

What happens when a user first connects to a network in a WebAuth scenario?

Their first HTTP or HTTPS request is redirected to a guest authentication portal

Which inter-VLAN routing option uses a router with individual physical interfaces connected to switchport configured as access ports in separate VLANs?

Traditional inter-VLAN routing

Which two of the following Boolean expressions results in a value of True? (Choose two.)

True and True, True or False

Which three are limiting factors of traditional networks in the new age of digitization? (Choose three.)

VXLANs IP subnets IP access lists

Which of the following is a language for data modeling and RPCs?

YANG

An end-user PC should be connected to which hierarchical layer?

access

Which layer supports convergence for voice, wireless, and data?

access

Which building block of the Intent Based Network (IBN) includes functions that ensure that the derived MBPs are disseminated throughout any of the relevant network domains?

activation

A RADIUS server is located at IP address 192.168.102.101. Which one of the following commands configures a Cisco router to find the server?

address ipv4 192.168.102.101

Which two of the following options are Logical operators used to evaluate whether a condition is True or False? (Choose two.)

and, or

In Cisco DNA Center, which key principle helps to lower IT costs and complexity while meeting business and user expectations?

automation and assurance

Which of the following options is not an RSTP port state?

blocking

Which layer should provide the highest switching speeds?

core

Which is a VLAN that exists in the VLAN database and cannot be deleted?

default VLAN 1

Which of the following RESTCONF parameters is used to specify the number of nest levels that are returned in a response for a GET method?

depth

Which data type requires you to supply a key to extract a value"?

dictionary

Which data type requires you to supply a key to extract a value?

dictionary

Which function can you use on an object to see its available built-in methods and attributes?

dir()

What layer provides routing and implements policies (filtering, security, and QoS)?

distribution

Which of the following options is not a property of YANG ?

does not provide semantics to better define data

Which are three key focus areas for Cisco DNA Center Assurance and Analytics? (Choose three.)

end-to-end visibility predict performance streaming telemetry (others are close loop automation, insights to drive proactive operations)

Which of the following functions could be used to add a value to the specified area indicated by {}

format

Which of the following is the correct URL format to issue a REST API call to vMange that retrieves a list of all devices in the network?

https://vmanage-ip-address/dataservice/device

Which node is part of the underlay network?

intermediate node

Which two devices are considered endpoints? (Choose two.)

laptops, mobile devices

Which AAA authentication method allows for the use of a username defined in the router's running-config?

local

Which one of the following commands should be used to configure a vty line to use the aaaservers authentication method list?

login authentication aaaservers

In MST, which of the following options is the first criteria used to choose the best path?

lowest root path cost

Which of the following commands can be used to set the aging time of entries in the MAC address-table?

mac address-table aging-time [time]

Which LISP infrastructure device stores registered EID prefixes in a mapping database where they are associated to RLOCs?

map server

Which best describes platforms or solutions that are driven by an object model, but do not use YANG ?

model driven programmability

Which type of RSTP link type is full duplex and assumes that the port is connected to a single device at the other end of the link?

point-to-point

Which command could you use to execute the python script named "sample.py"?

python sample.py

Which of the following Cisco IOS router commands would disable CEF on a specific interface?

router(config-if)# no ip route-cache cef

Which command would allow you to see all interface that are configured in trunk mode and the VLANs that are allowed on those trunk ports?

show interface trunk

Which of the following commands will allow you to verify that CEF is enabled on interface GigabitEthernet 0/0?

show ip interface GigabitEthernet 0/0

Which of the following commands will allow an administrator to view which MAC address are mapped to which ports on a Catalyst switch?

show mac address-table

Which command can you use to verify the MST port cost for instance 1?

show spanning-tree mst 1

What are two deployment modes for VPNs?

site-to-site, remote access

Which of the following options is not a requirement for next generation configuration management?

strong reliance on CLI

Which command would set and interfaces to trunk mode?

switchport mode trunk

Which two of the following options correctly describe Python? (Choose two.)

syntax is similar to the English language is an interpreted language

Which SD-WAN component displays application performance for the last 24 hours with the Quality of Experience (vQoE) of 0 - 10 , with 0 as the worst performance and 10 as the best?

vAnalytics

Which SD-WAN component has programmatic interfaces to enable DevOps operations and to also extract performance statistics collected from the entire fabric?

vManage

The Cisco SD-WAN solution is a software-based, virtual IP fabric overlay network that builds a secure, unified connectivity over any transport network (the underlay).

vManage, vAnalytics

Which Linux command could be used to verify which Python version would be used for a script if you did not include the shebang?

which python