Add to collection(s) Add to saved
  1. No category
Uploaded by neverreplynever

350-401 sample

advertisement 
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
NO.1 What does the number in an NTP stratum level represent?
A. The amount of drift between the device clock and true time.
B. The amount of offset between the device clock and true time.
C. The number of hops it takes to reach the master time server.
D. The number of hops it takes to reach the authoritative time source.
Answer: D
NO.2 Drag and drop the characteristics from the left onto the infrastructure deployment models on
the right.
Answer:
NO.3 An engineer must protect their company against ransom ware attacks. Which solution allows
the engineer to block the execution stage and prevent file encryption?
A. Use Cisco Firepower and block traffic to TOR networks.
B. Use Cisco AMP deployment with the Exploit Prevention engine enabled.
C. Use Cisco Firepower with Intrusion Policy and snort rules blocking SMB exploitation.
D. Use Cisco AMP deployment with the Malicious Activity Protection engineer enabled.
Answer: D
Explanation:
Ransomware are malicious software that locks up critical resources of the users.
Ransomware uses well-established public/private key cryptography which leaves the only way of
2 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
1
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
recovering the files being the payment of the ransom, or restoring files from backups.
Cisco Advanced Malware Protection (AMP) for Endpoints Malicious Activity Protection (MAP) engine
defends your endpoints by monitoring the system and identifying processes that exhibit malicious
activities when they execute and stops them from running. Because the MAP engine detects threats
by observing the behavior of the process at run time, it can generically determine if a system is under
attack by a new variant of ransomware or malware that may have eluded other security products and
detection technology, such as legacy signature-based malware detection. The first release of the MAP
engine targets identification, blocking, and quarantine of ransomware attacks on the endpoint.
Reference:
endpoints/white-paper-c11-740980.pdf
NO.4 When configuration WPA2 Enterprise on a WLAN, which additional security component
configuration is required?
A. RADIUS server
B. PKI server
C. TACACS server
D. NTP server
Answer: A
NO.5 Refer to the exhibit.
An engineer configures the BGP adjacency between R1 and R2, however, it fails to establish Which
action resolves the issue?
A. Enable synchronization on R1 and R2
B. Change the network statement on R1 to 172.16 10.0
C. Change the remote-as number for 192 168.100.11.
D. Change the remote-as number on R1 to 6500.
Answer: D
NO.6 Reter to the exhibit.
3 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
2
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
What is the JSON syntax that is formed the data?
A. {'Name'':''Bob johnon':''Age': 75 ''Alive'': true,''Favorite Foods';[''Cereal';''Mustard';''Onions'}}
B. {'Name'':''Bob johnon':''Age: 75,''Alive: true, FavoriteFoods;[Cereal, Mustard';''Onions}}
C. {'Name'': 'Bob johnon','Age': 75,'Alive': true,''FavoriteFoods': 'Cereal';'Mustard','Onions'}}
D. {'Name'';''Bob johnon';''Age': Sevenfive,''Alive'':
true,''FavoriteFoods';[''Cereal';''Mustard';''Onions'}}
Answer: A
NO.7 A customer requests a design that includes GLBP as the FHRP The network architect discovers
that the members of the GLBP group have different throughput capabilities Which GLBP load
balancing method supports this environment?
A. least connection
B. weighted
C. host dependent
D. round robin
Answer: B
Explanation:
Weighted: Defines weights to each device in the GLBP group to define the ratio of load balancing
between the devices. This allows for a larger weight to be assigned to bigger routers that can handle
more traffic. protocol is used by an extended
NO.8 Which new enhancement was implemented in Wi-Fi 6?
A. Wi-Fi Protected Access 3
B. 4096 Quadrature Amplitude Modulation Mode
C. Channel bonding
D. Uplink and Downlink Orthogonal Frequency Division Multiple Access
Answer: D
NO.9 Refer to the exhibit.
4 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
3
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
An engineer must add the SNMP interface table to the NetFlow protocol flow records. Where should
the SNMP table option be added?
A. under the interface
B. under the flow record
C. under the flow exporter
D. under the flow monitor
Answer: C
Explanation:
option interface-table
This command causes the periodic sending of an options table, which will allow the collector to map
the interface SNMP indexes provided in the flow records to interface names. The optional timeout
can alter the frequency at which the reports are sent.
Router(config)# flow exporter FLOW-EXPORTER-1
Router(config-flow-exporter)# option interface-table
https://www.cisco.com/c/en/us/td/docs/ios/fnetflow/command/reference/fnf_book/fnf_02.html
NO.10 Which function does a fabric AP perform in a cisco SD-access deployment?
A. It connects wireless clients to the fabric.
B. It manages wireless clients' membership information in the fabric
5 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
4
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
C. It configures security policies down to wireless clients in the fabric.
D. It updates wireless clients' locations in the fabric
Answer: A
NO.11 Drag and drop the characteristics from the left onto the switching mechanisms they describe
on the right.
Answer:
NO.12 Refer to the exhibit.
6 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
5
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
A network engineer must simplify the IPsec configuration by enabling IPsec over GRE using IPsec
profiles. Which two configuration changes accomplish this? (Choose two).
A. Create an IPsec profile, associate the transform-set, and apply the profile to the tunnel interface.
B. Remove the crypto map and modify the ACL to allow traffic between 10.10.0.0/24 to 10.20.0.0/24.
C. Remove all configuration related to crypto map from R1 and R2 and eliminate the ACL.
D. Create an IPsec profile, associate the transform-set ACL, and apply the profile to the tunnel
interface.
E. Apply the crypto map to the tunnel interface and change the tunnel mode to tunnel mode ipsec
ipv4.
Answer: A,C
NO.13 Which outbound access list, applied to the WAN interface of a router, permits all traffic
except for http traffic sourced from the workstation with IP address 10.10.10.1?
A)
B)
7 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
6
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
C)
D)
A. Option A
B. Option B
C. Option D
D. Option C
Answer: A
NO.14 What Is the difference between the MAC address table and TCAM?
A. Router prefix lookups happen in TCAM. MAC address table lookups happen In CAM.
B. The MAC address table supports partial matches. TCAM requires an exact match.
C. The MAC address table is contained in TCAM ACL and QoS information is stored in CAM.
D. TCAM is used to make L2 forwarding decisions. CAM is used to build routing tables
Answer: C
Explanation:
When using Ternary Content Addressable Memory (TCAM) inside routers it's used for faster address
lookup that enables fast routing.
In switches Content Addressable Memory (CAM) is used for building and lookup of mac address table
that enables L2 forwarding decisions.
Besides Longest-Prefix Matching, TCAM in today's routers and multilayer Switch devices are used to
store ACL, QoS and other things from upper-layer processing.
NO.15 What is one benefit of implementing a VSS architecture?
A. It provides a single point of management for improved efficiency.
B. It uses GLBP to balance traffic between gateways.
C. It uses a single database to manage configuration for multiple switches
D. It provides multiple points of management for redundancy and improved support
Answer: A
Explanation:
Support Virtual Switching System (VSS) to provide resiliency, and increased operational efficiency
with a single point of management; VSS increases operational efficiency by simplifying the network,
reducing switch management overhead by at least 50 percent. - Single configuration file and node to
manage. Removes the need to configure redundant switches twice with identical policies.
NO.16 Reter to the exhibit.
8 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
7
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
An administrator troubleshoots intermittent connectivity from internal hosts to an external public
server. Some internal hosts can connect to the server while others receive an ICMP Host Unreachable
message and these hosts change over time. What is the cause of this issue?
A. The NAT ACL and NAT pool share the same name
B. The NAT pool netmask rs excessively wide
C. The NAT ACL does not match alt internal hosts
D. The translator does not use aOdress overloading
Answer: C
NO.17 What is the process for moving a virtual machine from one host machine to another with no
downtime?
A. live migration
B. disaster recovery
C. multisite replication
D. high availability
Answer: A
NO.18 Reter to the exhibit.
Refer to the exhibit. What is achieved by this code?
9 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
8
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
A. It renames the loopback interface
B. It unshuts the loopback interface
C. It displays the loopback interface
D. It deletes the loopback interface
Answer: C
NO.19 Refer to the exhibit.
Which IP address becomes the active next hop for 192.168.102 0/24 when 192.168.101.2 fails?
A. 192.168.101.14
B. 192.168.101.10
C. 192.168.101.18
D. 192.168.101.6
Answer: C
Explanation:
The '>' shown in the output above indicates that the path with a next hop of 192.168.101.2 is the
current best path.
Path Selection Attributes: Weight > Local Preference > Originate > AS Path > Origin > MED > External
> IGP Cost > eBGP Peering > Router ID BGP prefers the path with highest weight but the weights here
are all 0 (which indicate all routes that are not originated by the local router) so we need to check the
Local Preference. Answer
'192.168.101.18' path without LOCAL_PREF (LocPrf column) means it has the default value of 100.
Therefore we can find the two next best paths with the next hop of 192.168.101.18 and
192.168.101.10.
We have to move to the next path selection attribute: Originate. BGP prefers the path that the local
router originated (which is indicated with the "next hop 0.0.0.0"). But none of the two best paths is
self-originated.
The AS Path of the next hop 192.168.101.18 is shorter than the AS Path of the next hop
192.168.101.10 then the next hop 192.168.101.18 will be chosen as the next best path.
NO.20 By default, which virtual MAC address does HSRP group 32 use?
A. 00:5e:0c:07:ac:20
B. 00:00:0c:07:ac:20
C. 04:18:20:83:2e:32
10 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
9
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
D. 05:5e:5c:ac:0c:32
Answer: B
NO.21 Refer to the exhibit.
A network architect has partially configured static NAT. which commands should be asked to
complete the configuration?
A. R1(config)#interface GigabitEthernet0/0 R1(config)#ip nat inside
R1(config)#interface GigabitEthernet0/1 R1(config)#ip nat outside
B. R1(config)#interface GigabitEthernet0/0 R1(config)#ip nat outside
R1(config)#interface GigabitEthernet0/1 R1(config)#ip nat inside
C. R1(config)#interface GigabitEthernet0/0 R1(config)#ip pat outside
R1(config)#interface GigabitEthernet0/1 R1(config)#ip pat inside
D. R1(config)#interface GigabitEthernet0/0 R1(config)#ip pat inside
R1(config)#interface GigabitEthernet0/1 R1(config)#ip pat outside
Answer: B
NO.22 Refer to the exhibit. Router BRDR-1 is configured to receive the 0.0.0.0/0 and 172.17.1.0/24
network via BGP and advertise them into OSPF are 0. An engineer has noticed that the OSPF domain
is receiving only the 172.17.1.0/24 route and default route 0.0.0.0/0 is still missing. Which
configurating must engineer apply to resolve the problem?
11 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
10
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
A. Option A
B. Option B
C. Option C
D. Option D
Answer: D
NO.23 Which cisco DNA center application is responsible for group-based accesss control
permissions?
A. Design
B. Provision
C. Assurance
D. Policy
Answer: D
NO.24 Drag and drop the virtual components from the left onto their deceptions on the right.
Answer:
12 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
11
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
NO.25 Refer to the exhibit. Which configuration must be applied to R to enable R to reach the server
at 172.16.0.1?
A)
B)
C)
D)
13 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
12
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!
A. Option C
B. Option D
C. Option B
D. Option A
Answer: B
NO.26 How does EIGRP differ from OSPF?
A. EIGRP has a full map of the topology, and OSPF only knows directly connected neighbors
B. EIGRP is more prone to routing loops than OSPF
C. EIGRP supports equal or unequal path cost, and OSPF supports only equal path cost.
D. EIGRP uses more CPU and memory than OSPF
Answer: C
14 from Freecram.net.
Get Latest & Valid 350-401 Exam's Question and Answers
13
https://www.freecram.net/exam/350-401-implementing-cisco-enterprise-network-core-technologies-350-401-encore10941.html
Related documents
The benefits of exercise and The dangers of lack of exercise
The benefits of exercise and The dangers of lack of exercise
Activity 2
Activity 2
Untitled document
Untitled document
Cylo
Cylo
isitvivid
isitvivid
HL
HL
Download
advertisement