New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

352-011 Cisco Certified Design Expert Practical Exam Questions and Answers

Questions 4

Which two are IoT sensor-specific constraints? (Choose two)

Options:

A.

Memory

B.

Processing power

C.

The amount of devices

D.

Cooling

E.

Standard transport protocols

Buy Now
Questions 5

Which two design aspects should a metro service provider consider when planning to deploy REP for his backbone? (Choose two.)

Options:

A.

Two REP segments can be connected redundantly at two points, one connection will be blocked as per the STP defined in IEEE 802.1d.

B.

UDLD can be enabled on REP interfaces to detect unidirectional failures.

C.

The guaranteed convergence recovery time is less than 50 ms for the local segment.

D.

A REP segment is limited to a maximum of seven devices.

E.

VLAN load balancing for optimal bandwidth usage is supported in any REP segment.

Buy Now
Questions 6

How can jitter be compensated on an IP network that carries real-time VoIP traffic with acceptable voice transmission quality?

Options:

A.

Set up VAD to replace gaps on speech with comfort noise

B.

Change CODEC from G.729 to G.711

C.

Deploy RSVP for dynamic VoIP packet classification

D.

Set up a playout buffer to play back the voice stream

Buy Now
Questions 7

Refer to the Exhibit.

In which three Layers should you use nonstop Forwarding to reduce service impact in case of failure? (Choose three)

Options:

A.

Enterprise Edge

B.

Enterprise Core

C.

Service provider Edge

D.

Dual-attached sever Layer

E.

Enterprise Non-Routed Access Layer

F.

Enterprise Non-Routed Distribution Layer.

Buy Now
Questions 8

Which two general SDN characteristics? (Choose two)

Options:

A.

Southbound interfaces are interfaces used between the control plane and the date plane

B.

OpenFlow is considered one of the first Northbound APIs used by SDN controllers

C.

Northbound interfaces are open interfaces used between the control plane and the data plane

D.

The separation of the control plane from the data plane

E.

OVSDB is an application database management protocol

Buy Now
Questions 9

Your customer asks you to assist with their traffic policy design. They want to guarantee a minimum amount of bandwidth to certain traffic classes. Which technique would you advise them to implement?

Options:

A.

Modular QoS CLI

B.

committed access Rate

C.

policy-based routing

D.

traffic shaping

Buy Now
Questions 10

Which mechanism provides fast path failure detection?

Options:

A.

Non-Stop Forwarding

B.

Carrier delay

C.

Graceful restart

D.

UDLD

E.

Fast hello packets

F.

iSPF

Buy Now
Questions 11

What is an implication of using route reflectors in an iBGP topology?

Options:

A.

Route reflection limits the total number of iBGP routers.

B.

Route reflection causes traffic to flow in a hub-and-spoke fashion.

C.

The manipulation of BGP attributes is not supported on the other routers than the route reflectors.

D.

Route reflectors can create routing loops when more than one router reflector is used in the same cluster.

E.

Multipath information is difficult to propagate in a route reflector topology.

Buy Now
Questions 12

Which two functions are performed at the core layer of the three-layer hierarchical network design model? (Choose two).

Options:

A.

Fault isolation

B.

Qos classification and marking boundary

C.

Fast transport

D.

Reliability

E.

Load balancing

Buy Now
Questions 13

What is a design application of control plane policing?

Options:

A.

CPP protects the control plane from reconnaissance and or denial-of-service attacks

B.

CPP protects the forwarding plane by rate –limiting excessive routing protocol traffic

C.

CPP protects the forwarding plane by allowing legitimate traffic and dropping excessive traffic

D.

CPP drop malformed packet that are sent to the CPU

Buy Now
Questions 14

ACME Agricultural requires that access to all network devices is granted based on identify validation, and an authentication server was installed for this purpose. Currently the network team uses a list of passwords based on regions to access the internal corporate network devices. Which protocol do you recommend to ensure identify validation from the authentication server to the corporate directory?

Options:

A.

HTTPS

B.

TACACS+

C.

SSH

D.

LDAP

Buy Now
Questions 15

A company would like to distribute a virtual machine (VM) hosting cluster between three data centers with the capability to move VMs between sites. The connectivity between data centers is IP only and the new design should use the existing WAN. Which Layer 2 tunneling technology do you recommend?

Options:

A.

AToM

B.

L2TPv3

C.

OTV

D.

VPLS

Buy Now
Questions 16

Which mechanism enables small, unmanaged switches to plug into ports of access switches without risking switch loops?

Options:

A.

PortFast

B.

UDLD

C.

Root guard

D.

BPDU guard

Buy Now
Questions 17

Which statement about TAP and TUN devices, which are used in a Linux/KVM cloud deployment model, is true?

Options:

A.

TUN is for handling IP packets, but TAP is for handling Ethernet frames

B.

TUN is for handling Ethernet frames, but TAP is for handling IP packets

C.

TUN is for tunneling IP packets, but TAP is for tapping IP packets

D.

TUN is for tunneling Ethernet frames, but TAP is for tapping Ethernet frames

Buy Now
Questions 18

What is an advantage of placing the IS-IS flooding domain boundary at the core Layer in a three-layer hierarchical network?

Options:

A.

The L1 and L2 domains can easily overlap

B.

The L2 domain is contained and more stable

C.

It can be applied to any kind of topology

D.

It reduces the complexity of the L1 domains

Buy Now
Questions 19

As part of network design, two geographically separated data centers must be interconnected using Ethernet-over-MPLS pseudowire. The link between the sites is stable, the topology has no apparent loops, and the root bridges for the respective VLANs are stable and unchanging. Which aspect must be the part of the design to mitigate the risk of connectivity issues between the data centers?

Options:

A.

Enable 802.1d on one data center, and 802.1w on the other.

B.

Ensure that the spanning tree diameter for one or more VLANs is not too large.

C.

Enable UDLD on the link between the data centers.

D.

Enable root guard on the link between the data centers.

Buy Now
Questions 20

You are designing a new multisite data center network within the same city. You are using the newest routers that run OSPF and DWDM point-to-point interfaces for site-to-site connectivity. Your primary objective is to use the fastest possible method for interface failure detection. Which method achieves this objective?

Options:

A.

UDLD

B.

Interface event dampening

C.

LoS/AIS event faults

D.

Fast-hello timers

Buy Now
Questions 21

Which load balancing option for IP-only traffic is the least efficient in terms of EtherChannel physical links utilization?

Options:

A.

On a per source IP address basis

B.

On a per destination MAC address basis

C.

On a per destination IP address basis

D.

On a per port number basis

Buy Now
Questions 22

When is it required to leak routes into an IS-IS level 1 area?

Options:

A.

When MPLS L3VPN PE devices are configured in the level 1 areas

B.

When unequal cost load balancing is required between the backbone and nonbackbone areas

C.

When a multicast RP is configured in the nonbackbone area

D.

When equal cost load balancing is required between the backbone and nonbackbone areas

Buy Now
Questions 23

What is an effect of using ingress filtering to prevent spoofed addresses on a network design?

Options:

A.

It reduces the effect of DDoS attacks when associated with DSCP remaking to Scavenger

B.

It protects the network infrastructure against spoofed DDoS attacks

C.

It filters RFC 1918 addresses

D.

It classifies bogon traffic and remarks it with DSCP bulk

Buy Now
Questions 24

The enterprise customer ABC Corp will deploy a centralized unified communications application to provide voice, and instant messaging to their branch offices. Some of the branch offices are located in remote locations and are connected via a 1.5 Mb/s Layer 3 VPN connection. Which two ways are the most cost-effective to ensure that this new application is implemented properly? (Choose two)

Options:

A.

Use a low bitrate codec such as G 711

B.

Set voice activity detection to avoid sending packets when the conversations is silent

C.

Enable VRF-Lite on the CE router to create a separate voice VRF

D.

Set LFI on the WAN connections to interleave the small voice packets with the large data packets

E.

Set WAN optimization on the CE router to compress the voice packets for improved bandwidth utilization and performance

F.

Use a low bitrate codec such as G 729

Buy Now
Questions 25

Which aspect is a significant disadvantage of containers?

Options:

A.

Security

B.

Time to deploy

C.

Inefficiency

D.

Reduced operational overhead

E.

Resource consumption

Buy Now
Questions 26

An enterprise network has two core routers that connect to 200 distribution routers and uses full-mesh iBGP peering between these routers as its routing method. The distribution routers are experiencing high CPU utilization due to the BGP process. Which design solution is the most effective?

Options:

A.

Increase the memory on the distribution routers

B.

Increase the memory on the core routers

C.

Implement route reflectors on the two core routers

D.

Increase bandwidth between the core routers

E.

Implement eBGP between the core and distribution routers

Buy Now
Questions 27

VPLS is implemented in a Layer 2 network with 2000 VLANs. Which must be the primary concern to ensure successful deployment of VPLS?

Options:

A.

The underlying transport mechanism

B.

PE scalability

C.

Flooding is necessary to propagate MAC address reachability information

D.

VLAN scalability

Buy Now
Questions 28

Why is a redundant PIM stub router topology a bad network design decision?

Options:

A.

Multicast convergence takes long

B.

Multicast traffic duplication will occur

C.

It interferes with IGMP snooping

D.

It interfaces with PIM snooping

Buy Now
Questions 29

You are consultant network designer for a large GET VPN deployment for a large bank with International coverage. Between 1800 and 2000 remote locations connect to the central location through four hubs using an MPLS backbone and using two keys servers. The bank is concerned with security and replay attacks. Which two actions should you use to tune the GET VPN to meet the bank requirements? (Choose two)

Options:

A.

Increase the cryptographic key size.

B.

Replace unicast rekey with multicast rekey.

C.

Reduce the SAR clock interval duration

D.

Increase the TEK and KEK lifetime.

E.

Reduce the Dead Peer Detection periodic timer.

Buy Now
Questions 30

Refer to the exhibit.

This layer 2 network is expected to add 150 VLANS over the next year, In addition to the existing 50 VLANs within the network which STP types will support this design requirement the least amount of CPU resource and achieving load balancing?

Options:

A.

PVST+

B.

CST

C.

MST

D.

RSTP

Buy Now
Questions 31

Drag and drop the design characteristics of GET VPN from the left to the right. Not all options are used.

Options:

Buy Now
Questions 32

A network has several routers running IS-IS L1L2 mode on the same Ethernet segment. Which action reduces to a minimum the number of IS-IS adjacencies in this segment?

Options:

A.

Define only the router on the segment to be DIS

B.

Change all routers connected to this segment to a single-level area

C.

Make the interface priority on the backup DIS lower than the primary DIS

D.

Change half the routers to be L1-only and other half to be L2-only on this segment

Buy Now
Questions 33

An ISP provides VoIP and internet services to its customers. For security reasons, these services must be transported in different MPLS Layer 3 VPNs over the ISP core network. The customer CEs do not have the ability to segment the services using different VLANs and have only one uplink interface that does not support VLAN tagging. How should you design the network to ensure that VoIP traffic that is received from the CE goes in the VoIP VPN, and that Internet traffic goes into the Internet VPN on the ISP PE devices?

Options:

A.

Use a secondary interface IP address to differentiate between VoIP and Internet traffic

B.

Extend the Layer 3 VPN toward the CE

C.

Enable NBAR on the PE to direct the traffic into the correct VRF

D.

Use a subinterface on the PE for each service, VoIP and Internet, with different subnets

E.

Use policy-based routing to direct traffic into the correct VRF

Buy Now
Questions 34

As part of network design, two geographically separated data centers must be interconnected using Ethernet-over-MPLS pseudowire. The link between the sites is stable, the topology has no apparent loops, and the root bridges for the respective VLANs are stable and unchanging. Which aspect must be the part of the design to mitigate the risk of connectivity issues between the data centers?

Options:

A.

Enable Spanning Tree on one data center, and Rapid Reconfiguration of Spanning tree on the other

B.

Ensure that the spanning tree diameter for one or more VLANs is not too large.

C.

Enable UDLD on the link between the data centers.

D.

Enable root guard on the link between the data centers.

Buy Now
Questions 35

A Company has these requirements for access to their wireless and wired corporate LANs using 802.1x

 Clients devices that corporate assets and have joined the active directory domain are allowed access

 Personal devices must be not allowed access

 Clients and access servers must be mutually authenticated.

Which solution meets these requirements?

Options:

A.

Protected EAP/Microsoft CHAP v2 with user authentication

B.

EAP-TLS with machine authentication

C.

EAP-TLS with user authentication

D.

Protected EAP/Microsoft CHAP v2 with Machine authentication

Buy Now
Questions 36

In a VPLS design solution, which situation indicates that BGP must be used instead of LDP in the control plane?

Options:

A.

MAC address learning scales better through BGP

B.

BGP supports VPLS interworking

C.

Pseudowire configuration overhead is reduced

D.

There are no full-mesh pseudowire due to the route reflection feature of BGP

Buy Now
Questions 37

Options:

Buy Now
Exam Code: 352-011
Exam Name: Cisco Certified Design Expert Practical Exam
Last Update: Dec 22, 2024
Questions: 249

PDF + Testing Engine

$144.99

Testing Engine

$109.99

PDF (Q&A)

$94.99