350-401 VOL2 Question

1

• 350-401 Implementing Cisco Enterprise Network
  Core Technologies (ENCOR) VOL2
• QUESTION NO 1
• Which of the following IP SLA functions do not
  require a responder to be configured?
• TCP Jitter
• UDP Jitter
• ICMP Jitter
• ICMP Echo
• Answer D

• QUESTION NO 2
• A new syslog server with an IP address of
  10.1.1.100 has been installed in the network. You
  want router R1 to send secure, encrypted
  messages to this server to track network events.
  What configuration command should you use?
• R1(config) logging host 10.1.1.100 vrf mgmt
  transport tcp port 6514
• R1(config) logging host 10.1.1.100 vrf mgmt
  transport tcp port 514
• R1(config) logging host 10.1.1.100 vrf mgmt
  transport tcp port 514
• R1(config) logging host 10.1.1.100 vrf mgmt
  transport UDP port 6514
• Answer A

• QUESTION NO 3
• You want to create a policy that allows all TCP
  traffic in the port range of 20 to 110, except
  for telnet traffic, which should be dropped.
  Which of the following access control lists will
  accomplish this?
• deny tcp any any eq 22
• permit tcp any any gt 20 lt 110
• permit tcp any any range 22 443 deny tcp any any
  eq 23
• deny tcp any any eq 23 permit tcp any any
• deny tcp any any eq 23
• permit tcp any any range 20 110
• Answer D

2

• QUESTION NO 4
• In a Cisco SD-Access network architecture, what
  is the role of the Fabric Edge Node?
• It manages endpoint to device relationships
• It connects external layer 3 networks to the SDA
  fabric
• It connects wired endpoints to the SDA fabric
• It connects wireless endpoints to the SDA fabric
• Answer C

• QUESTION NO 5
• Which of the following are features typically
  only found in a Next Generation (NextGen)
  firewall? (Select two)
• Network Address Translation (NAT)
• Secure remote access VPN (RA VPN)
• Deep packet inspection
• reputation based malware detection
• IPSec site-to-site VPN
• Answer C, D

• QUESTION NO 6
• JSON web tokens (JWT) are used to secure JSON
  based communications. Which of the following
  fields make up a JWT? (Select three)
• Header
• Trailer
• Payload
• Sequence number
• Signature
• Answer A, C, E

QUESTION NO 7 Ansible is being used in a network
for configuration and management automation.
Which of the following are true statements
regarding Ansible? (Choose two)
3

• Requires an agent on the end device.
• Utilizes the concept of playbooks to execute the
  configuration.
• Uses a pull model, where the end devices pull
  configuration files from the Ansible server.
• Utilizes SSH.
• Answer B, D

• QUESTION NO 8
• In a Cisco Software Defined Networking (SDN)
  architecture, what is used to describe the API
  communication between the SDN controller and the
  network elements (routers and switches) that it
  manages?
• Southbound API
• Northbound API
• Westbound API
• Eastbound API.
• Answer A

• QUESTION NO 9
• In a Cisco VXLAN based network, which of the
  following best describes the main function of a
  VXLAN Tunnel Endpoint (VTEP)?
• A device that performs VXLAN encapsulation and
  decapsulation.
• It is a 24 bit segment ID that defines the
  broadcast domain.
• It is the Logical interface where the
  encapsulation and de-encapsulation occurs.
• It is a device that performs tunneling using GRE.
• Answer A

• QUESTION NO 10
• Two Cisco switches are logically configured as a
  single switch using Cisco Stackwise technology.
  This will result in virtually combining which two
  planes? (Select two)
• Data Plane
• Control Plane
• Forwarding Plane
• Management Plane
• Bearer Plane

4
Answer B, D
QUESTION NO 11 DRAG DROP Please drag drop
the options provided in the left to configure NTP
in client mode.
Answer

• QUESTION NO 12
• Please select the correct option that shows the
  correct combination for the Type 1 Hypervisor.
• Hardware Hypervisor Guest OS
• Hardware Host OS Hypervisor Guest OS
• Host OS Hypervisor Guest OS
• Hardware Host OS Guest OS
• Answer A

5
QUESTION NO 13 DRAG DROP the definitions on the
left to their respective technological names on
the right.
Answer

• QUESTION NO 14
• Select the prerequisites for configuring LISP
  from the below options. (Choose 2)
• determine the type of LISP deployment you intend
  to deploy
• One can directly deploy LISP without determining
  the type.
• LISP configuration requires the datak9 license.
• LISP configuration requires the advanced ip
  services license.
• Answer A, C

6

• QUESTION NO 15
• Select the benefits of implementing Cisco DNA
  Center. (Choose all that apply).
• Simplified management
• Automatic VPN tunnelling
• One click Configuration
• Policy Driven Provisioning
• Ensure Network Appliance performance
• Answer A, D, E

• QUESTION NO 16
• A network administrator need to configure Netflow
  on the devices in his network. He has Source IP
  Address, Destination IP Address, Source Port
  number Destination port number. What
  additional information do he need to configure
  Netflow.
• Layer 3 Protocol type
• Encryption type
• ToS (Type of Service) byte
• Input Logical Interface
• Hashing Algorithm
• Transform-set details
• Answer A, C, D

• QUESTION NO 17
• A network administrator is configuring a
  configuration management tool for some network
  devices that does not support agent. Select what
  option will you pick from the below options to
  successfully configure configuration management
  tool for that device.
• Agent based Configuration
• Agent Less Configuration
• Proxy-agent Configuration
• None of the anove
• Answer C

QUESTION NO18 DRAG DROP the definitions in the
left to their respective Terminology in the right
7
Answer

• QUESTION NO 19
• A network administrator has recently added a new
  internet line for redundancy on their ASA
  firewall running FTD image. He configured a new
  backup interface and from the interface, he is
  able to ping the default gateway provided to him
  by the ISP. The network admin is configuring SLA
  Monitoring and has configured following tasks
• IP SLA configuration as shown below
• route outside 0.0.0.0 0.0.0.0 3.4.5.6 1 track 1
• route backup 0.0.0.0 0.0.0.0 192.168.1.1 254
• sla monitor 123
• type echo protocol ipIcmpEcho 4.2.2.2 interface
  outside num-packets 3
• frequency 10
• sla monitor schedule 123 life forever start-time
  now track 1 rtr 123 reachability
• NAT for the backup interface is correctly
  configured.
• Static Routes are getting installed on the ASA at
  the time of failover

8

• Despite configuring these commands, the users are
  reporting issues with internet connectivity.
  What would be the next step they you will take to
  resolve this issue.
• Reload the device to apply changes
• Add rule on the FMC for the backup interface and
  deploy the policy on concerned firewall
• Permit ip any any on the firewall for
  unrestricted flow of traffic
• Check for issues on the core switch.

• QUESTION NO 20
• Select the devices from the below options that
  can be fart of Cisco SDWAN Solution. (Choose
  two)
• ISR 2900
• ASR 1000
• IR8300
• FTD 1120
• ASR 9000
• Answer B, C