Black Friday Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

400-007 Cisco Certified Design Expert (CCDE v3.0) Questions and Answers

Questions 4

An engineer must design a network for a company that uses OSPF LFA to reduce loops. Which type of loop would be reduced by using this design?

Options:

A.

DTP

B.

micro loops

C.

STP

D.

REP

Buy Now
Questions 5

Company XYZ has 30 sites using MPLS L3 VPN and the company is now concerned about data integrity. The company wants to redesign the security aspect of their network based on these requirements:

• Securely transfer the corporate data over the private WAN

• Use a centralized configuration model.

• Minimize overhead on the tunneled traffic.

Which technology can be used in the new design to meet the company's requirements?

Options:

A.

S-VTI

B.

DMVPN

C.

MGRE

D.

GET VPN

Buy Now
Questions 6

A network architect in an enterprise is designing a network policy for certain database applications. The goal of the policy is to allow these applications to access the internet directly, whereas other user and network applications that communicate with systems or users outside their own network must be routed through the data center. The focus is on achieving higher availability and a better user experience for the database applications, but switching between different network paths based on performance characteristics must be supported.

Which solution meets these requirements?

Options:

A.

MPLS L3VPN with QoS

B.

Cloud onRamp for laaS

C.

Cloud onRamp for SaaS

D.

MPLS direct connect

Questions 7

A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. Recently, they added a new branch to their network. Due to physical security concerns, they want to extend their existing IP CCTV network of the head office to the new branch, without any routing changes in the network. They are also under some time constraints. What is the best approach to extend the existing IP CCTV network to the new branch, without incurring any IP address changes?

Options:

A.

GRE

B.

L2TPv3

C.

VXLAN

D.

EoMPLS

Buy Now
Questions 8

Drag and drop the design characteristics from the left onto the correct network filter techniques on the right. Not all options are used.

Options:

Buy Now
Questions 9

Which two aspects are considered when designing a dual hub dual DMVPN cloud topology? (Choose two )

Options:

A.

will only work with single-tier headend architecture

B.

hub sites must connect to both DMVPN clouds

C.

recommended for high availability

D.

spoke-to-spoke traffic will transit the hub unless spokes exchange dynamic routing directly

E.

requires all sites to have dual Internet connections

Buy Now
Questions 10

Company XYZ has a hub-and-spoke topology over an SP-managed infrastructure. To measure traffic performance metrics, they implemented IP SLA senders on all spoke CE routers and an IP SLA responder on the hub CE router. What must they monitor to have visibility on the potential performance impact due to the constantly increasing number of spoke sites?

Options:

A.

CPU and memory usage on the spoke routers

B.

memory usage on the hub router

C.

CPU usage on the hub router

D.

interface buffers on the hub and spoke routers

Buy Now
Questions 11

An enterprise campus is adopting a network virtualization design solution with these requirements

  • It must include the ability to virtualize the data plane and control plane by using VLANs and VRFs
  • It must maintain end-to-end logical path transport separation across the network
  • resources available grouped at the access edge

Which two primary models can this network virtualization design be categorized? (Choose two)

Options:

A.

Path isolation

B.

Session isolation

C.

Group virtualization

D.

Services virtualization

E.

Edge isolation

Buy Now
Questions 12

You are designing the QoS policy for a company that is running many TCP-based applications. The company is experiencing tail drops for these applications. The company wants to use a congestion avoidance technique for these applications. Which QoS strategy can be used to fulfill the requirement?

Options:

A.

weighted fair queuing

B.

weighted random early detection

C.

low-latency queuing

D.

first-in first-out

Buy Now
Questions 13

Which two control plane policer designs must be considered to achieve high availability? (Choose two.)

Options:

A.

Control plane policers are enforced in hardware to protect the software path, but they are hardware platform dependent in terms of classification ability.

B.

Control plane policers are really needed only on externally facing devices.

C.

Control plane policers can cause the network management systems to create false alarms.

D.

Control plane policers must be processed before a forwarding decision is made.

E.

Control plane policers require that adequate protocols overhead are factored in to allow protocol convergence.

Buy Now
Questions 14

Enterprise XYZ wants to implement fast convergence on their network and optimize timers for OSPF However they also want to prevent excess flooding of LSAs if there is a constantly flapping link on the network Which timers can help prevent excess flooding of LSAs for OSPF?

Options:

A.

OSPF propagation timers

B.

OSPF throttling timers

C.

OSPF delay timers

D.

OSPF flooding timers

Buy Now
Questions 15

You are designing an Out of Band Cisco Network Admission Control. Layer 3 Real-IP Gateway deployment for a customer Which VLAN must be trunked back to the Clean Access Server from the access switch?

Options:

A.

authentication VLAN

B.

user VLAN

C.

untrusted VLAN

D.

management VLAN

Buy Now
Questions 16

The Layer 3 control plane is the intelligence over the network that steers traffic toward its intended destination. Which two techniques can be used in service provider-style networks to offer a more dynamic, flexible, controlled, and secure control plane design? (Choose two.)

Options:

A.

access control lists

B.

firewalls

C.

QoS policy propagation with BGP

D.

remote black-holing trigger

E.

prefix lists

Buy Now
Questions 17

Which BGP feature provides fast convergence?

Options:

A.

BGP PIC |

B.

BGP-EVPN

C.

BGP FlowSpec

D.

BGP-LS

Buy Now
Questions 18

Refer to the exhibit.

This network is running OSPF as the routing protocol. The internal networks are being advertised in OSPF London and Rome are using the direct link to reach each other although the transfer rates are better via Barcelona Which OSPF design change allows OSPF to calculate the proper costs?

Options:

A.

Change the OSPF reference bandwidth to accommodate faster links.

B.

Filter the routes on the link between London and Rome

C.

Change the interface bandwidth on all the links.

D.

Implement OSPF summarisation to fix the issue

Buy Now
Questions 19

Company XYZ is in the process of identifying which transport mechanism(s) to use as their WAN technology. Their main two requirements are.

• a technology that could offer DPI, SLA, secure tunnels, privacy, QoS, scalability, reliability, and ease of management

• a technology that is cost-effective

Which WAN technology(ies) should be included in the design of company XYZ?

Options:

A.

Software-defined WAN should be the preferred choice because it complements both technologies, covers all the required features, and it is the most cost-effective solution.

B.

Internet should be the preferred option because it is cost effective and supports BFD, IP SLA. and IPsec for secure transport over the public Internet.

C.

Both technologies should be used. Each should be used to back up the other one; where the primary links are MPLS, the internet should be used as a backup link with IPsec (and vice versa).

D.

MPLS meets all these requirements and it is more reliable than using the Internet. It is widely used with defined best practices and an industry standard.

Buy Now
Questions 20

A business wants to refresh its legacy Frame Relay WAN. It currently has product specialists in each of its 200 branches but plans to reduce and consolidate resources. The goal is to have product specialists available via video link when customers visit the nationwide branch offices. Which technology should be used to meet this objective?

Options:

A.

DMVPN phase 1 network over the Internet

B.

Layer 3 MPLS VPN hub and spoke

C.

Layer2VPLS

D.

Layer 3 MPLS VPN full mesh

Buy Now
Questions 21

Which two impacts of adding the IP event dampening feature to a network design are true? (Choose two.)

Options:

A.

It protects against routing loops.

B.

It switches traffic immediately after a link failure.

C.

lt speeds up link failure detection.

D.

It reduces the utilization of system processing resources.

E.

It improves overall network stability.

Buy Now
Questions 22

Which two descriptions of CWDM are true? (Choose two)

Options:

A.

typically used over long distances, but requires optical amplification

B.

uses the 850nm band

C.

allows up to 32 optical earners to be multiplexed onto a single fiber

D.

shares the same transmission window as DWDM

E.

Passive CWDM devices require no electrical power

Buy Now
Questions 23

Refer to the exhibit.

This network is running EIGRP as the routing protocol and the internal networks are being advertised in EIGRP. Based on the link speeds, all traffic between London and Rome is getting propagated via Barcelona and the direct link between London and Rome is not being utilized under normal working circumstances. The EIGRP design should allow for efficiency in the routing table by minimizing the routes being exchanged. The link between London and Rome should be utilized for specific routes. Which two steps accomplish this task? (Choose two.)

Options:

A.

Configure EIGRP route summarization on all the interfaces to summarize the internal LAN routes

B.

Filter the routes on the link between London and Barcelona

C.

Filter the routes on the link between London and Rome

D.

Configure route leaking of summary routes on the link between London and Rome

Buy Now
Questions 24

Which SDN architecture component is used by the application layer to communicate with the control plane layer to provide instructions about the resources required by applications?

Options:

A.

southbound APIs

B.

northbound APIs

C.

orchestration layer

D.

SDN controller

Buy Now
Questions 25

Which development model is closely associated with traditional project management?

Options:

A.

static model

B.

Agile model

C.

evolutionary delivery model

D.

lifecycle model

Buy Now
Questions 26

What is a description of a control plane action?

Options:

A.

de-encapsulating and re-encapsulating a packet in a data-link frame

B.

matching the destination MAC address of an Ethernet frame to the MAC address table

C.

matching the destination IP address of an IP packet to the IP routing table

D.

hosts locating routers that reside on attached links using the IPv6 Neighbor Discover Protocol

Buy Now
Questions 27

Company XYZ is designing the network for IPv6 security and they have these design requirements:

  • A switch or router must deny access to traffic from sources with addresses that are correct, but are topologically incorrect
  • Devices must block Neighbor Discovery Protocol resolution for destination addresses that are not found in the binding table.

Which two IPv4 security features are recommended for this company? (Choose two)

Options:

A.

IPv6 DHCP Guard

B.

IPv6 Source Guard

C.

IPv6 Destination Guard

D.

IPv6 Prefix Guard

E.

IPv6 RA Guard

Questions 28

Company XYZ is running BGP as their routing protocol. An external design consultant recommends that TCP path MTU discovery be enabled. Which effect will this have on the network?

Options:

A.

It will enhance the performance of TCP-based applications.

B.

It will increase the convergence time.

C.

It will improve the convergence time.

D.

It will create a loop free path.

Buy Now
Questions 29

Refer to the table.

A customer investigates connectivity options for a DCI between two production data centers to aid a large-scale migration project. The solution must provide a single 10G connection between locations and be able to run its own varying QoS profiles without service provider interaction based on the migration stages. All connectivity methods are at 10 Gbps. Which transport technology costs the least if the connectivity is required for just one year?

Options:

A.

MPLS wires only

B.

CWDM over dark fiber

C.

DWDM over dark fiber

D.

Metro Ethernet

Buy Now
Questions 30

Company XYZ wants to deploy OSPF. The design plan requires that two OSPF networks be mutually redistributed at multiple locations and ensure end-to-end connectivity to all of the company's networks Which technology can be used to fulfill the requirements while avoiding the creation of routing loops?

Options:

A.

Create a virtual link between ASBRs.

B.

Change the router ID for both ASBRs.

C.

Redistribute routes as external type 2 routes.

D.

Use route maps on ASBRs to filter routes with tags so they are not redistributed.

Questions 31

A healthcare customer requested that SNMP traps must be sent over the MPLS Layer 3 VPN service. Which protocol must be enabled?

Options:

A.

SNMPv3

B.

Syslog

C.

Syslog TLS

D.

SNMPv2

E.

SSH

Buy Now
Questions 32

According to the CIA triad principles for network security design, which principle should be priority for a Zero Trust network?

Options:

A.

requirement for data-in-motion encryption and 2FA authentication

B.

requirement for data-at-rest encryption foe user identification within the VPN termination hardware

C.

categorization of systems, data, and enterprise BYOD assets that are connected to network zones based on individual privacy needs

D.

ensuring that authorized users have high-availability system access from defined zones to defined systems or zones

Buy Now
Questions 33

The Agile Manifesto is a document that defines the key values and principles behind the Agile philosophy and helps development teams work more efficiently and sustainably Each of the four key values is split into two sections a left-hand side and a right-hand side In other words, though there is value in the items on the right we value the items on the left more What is one of the key values of the Agile Manifesto?

Options:

A.

comprehensive documentation over working software

B.

contract negotiation over customer collaboration

C.

individuals and interactions over processes and tools

D.

following a plan over responding to change

Buy Now
Questions 34

Retef to the exhibit.

This network is running OSPF and EIGRP as the routing protocols Mutual redistribution of the routing protocols has been contoured on the appropriate ASBRs The OSPF network must be designed so that flapping routes m EIGRP domains do not affect the SPF runs within OSPF The design solution must not affect the way EIGRP routes are propagated into the EIGRP domains Which technique accomplishes the requirement?

Options:

A.

route summarization the ASBR interfaces facing the OSPF domain

B.

route summarization on the appropriate ASBRS.

C.

route summarization on the appropriate ABRS.

D.

route summarization on EIDRP routers connecting toward the ASBR

Buy Now
Questions 35

What are two advantages of controller-based networks versus traditional networks? (Choose two.)

Options:

A.

the ability to have forwarding tables at each device

B.

more flexible configuration per device

C.

more consistent device configuration

D.

programmatic APIs that are available per device

E.

the ability to configure the features for the network rather than per device

Buy Now
Questions 36

A large enterprise cloud design team is evaluating different cloud consumption models. What is an example of typical PaaS limitations or concerns that should be considered during service design?

Options:

A.

vendor lock-in

B.

runtime issues

C.

lack of control

D.

multi-tenant security

Buy Now
Questions 37

Which two factors must be considered for high availability in campus LAN designs to mitigate concerns about unavailability of network resources? (Choose two.)

Options:

A.

device resiliency

B.

device type

C.

network type

D.

network resiliency

E.

network size

Buy Now
Questions 38

Company XYZ must design a strategy to protect their routers from DoS attacks, such as traffic destined to the router's own route processor, using separate control plane categories. Which two capabilities can be used to achieve this requirement? (Choose two.)

Options:

A.

Control Plane Protection using queue thresholding on the transit subinterface

B.

Control Plane Protection using port filtering on the transit subinterface

C.

Control Plane Protection using port filtering on the main interface

D.

Control Plane Protection using queue thresholding on the host subinterface

E.

Control Plane Protection using port filtering on the host subinterface

Buy Now
Questions 39

Cost is often one of the motivators for a business to migrate from a traditional network to a software- defined network. Which design decision is directly influenced by CAPEX drivers?

Options:

A.

scalability

B.

stability

C.

complexity

D.

manageability

Buy Now
Questions 40

Organizations that embrace Zero Trust initiatives ranging from business policies to technology infrastructure can reap business and security benefits. Which two domains should be covered under Zero Trust initiatives? (Choose two)

Options:

A.

workload

B.

work domain

C.

workplace

D.

workgroup

E.

workspace

Buy Now
Questions 41

Which two mechanisms avoid suboptimal routing in a network with dynamic mutual redistribution between multiple OSPFv2 and EIGRP boundaries? (Choose two.)

Options:

A.

AD manipulation

B.

matching OSPF external routes

C.

route tagging

D.

route tagging

E.

route filtering

F.

matching EIGRP process ID

Questions 42

As part of a new network design documentation, you are required to explain the reason for choosing cisco FabricPath for Layer 2 loop avoidance.

Which two elements help Cisco FabricPath mitigate Layer 2 loops if they happen in the Layer 2 MP network?

(Choose two)

Options:

A.

MAC tunneling

B.

IS-IS multipath

C.

RPF check

D.

TTL header

Buy Now
Questions 43

A healthcare provider discovers that protected health information of patients was altered without patient consent. The healthcare provider is subject to HIPAA compliance and is required to protect PHI data. Which type of security safeguard should be implemented to resolve this issue?

Options:

A.

technical and physical access control

B.

administrative security management processes

C.

physical device and media control

D.

technical integrity and transmission security

Questions 44

Which statement about hot-potato routing architecture design is true?

Options:

A.

Hot-potato routing is the preferred architecture when connecting to content providers

B.

Hop-potato keeps traffic under the control of the network administrator for longer

C.

OSPF uses hot-potato routing if all ASBRs use the same value for the external metric

D.

Hot-potato routing is prone to misconfiguration as well as poor coordination between two networks

Buy Now
Questions 45

Which two statements describe the functionality of OSPF packet-pacing timers? (Choose two )

The group-pacing timer controls the interval that is used for group and individual LSA refreshment

Options:

A.

OSPF flood-pacing timers allow dynamic control of the OSPF transmission queue size

B.

OSPF retransmission-pacing timers allow control of interpacket spaang between consecutive link-state update packets in the OSPF retransmission queue.

C.

OSPF retransmission-pacing timers allow control of packet interleaving between nonconsecutive link-state update packets in the OSPF retransmission queue.

D.

OSPF flood-pacing timers allow control of interpacket spacing between consecutive link-state update packets in the OSPF transmission queue

Buy Now
Questions 46

Which option is a fate-sharing characteristic in regards to network design?

Options:

A.

A failure of a single element causes the entire service to fail

B.

It protects the network against failures in the distribution layer

C.

It acts as a stateful forwarding device

D.

It provides data sequencing and acknowledgment mechanisms

Buy Now
Questions 47

Which three items do you recommend for control plane hardening of an infrastructure device? (Choose three.)

Options:

A.

redundant AAA servers

B.

Control Plane Policing

C.

warning banners

D.

to enable unused .services

E.

SNMPv3

F.

routing protocol authentication

Buy Now
Questions 48

Which effect of using ingress filtering to prevent spoofed addresses on a network design is true?

Options:

A.

It reduces the effectiveness of DDoS attacks when associated with DSCP remarking to Scavenger.

B.

It protects the network Infrastructure against spoofed DDoS attacks.

C.

It Classifies bogon traffic and remarks it with DSCP bulk.

D.

It filters RFC 1918 IP addresses.

Buy Now
Questions 49

Which two actions must be taken when assessing an existing wireless network implementation for its readiness to support voice traffic? (Choose two.)

Options:

A.

Check for high roaming delay.

B.

Check for uniform radio coverage across the floors.

C.

Check for high channel utilization.

D.

Check for latency over wireless.

E.

Identify frequent TX power changes.

Buy Now
Questions 50

Which two benefits can software defined networks provide to businesses? (Choose two.)

Options:

A.

provides additional redundancy

B.

decentralized management

C.

reduced latency

D.

enables innovation

E.

reduction of OpEx/CapEx

F.

meets high traffic demands

Buy Now
Questions 51

How must the queue sizes be designed to ensure that an application functions correctly?

Options:

A.

Each individual device queuing delay in the chain must be less than or equal to the application required delay.

B.

The queuing delay on every device in the chain must be exactly the same to the application required delay.

C.

The default queue sizes are good for any deployment as it compensates the serialization delay.

D.

The sum of the queuing delay of all devices plus serialization delay in the chain must be less than or equal to the application required delay.

Buy Now
Questions 52

In search of a system capable of hosting, monitoring compiling. and testing code in an automated way, what can be recommended to the organization?

Options:

A.

Jenkins

B.

Ansible

C.

Perl

D.

Chef

Buy Now
Questions 53

A product manufacturing organization is integrating cloud services into their IT solution The IT team is working on the preparation phase of the implementation approach, which includes the Define Strategy step. This step defines the scope of IT, the application, and the service What is one topic that should be considered in the Define Strategy step?

Options:

A.

financial and governance models

B.

innovate and align with business according to volume

C.

due diligence and financial scenarios

D.

contingency exit strategy steps

Buy Now
Questions 54

Refer to the exhibit.

Which impact of using three or more ABRs between the backbone area and area 1 is true?

Options:

A.

In a large-scale network LSA replication by all ABRs can cause serious scalability issues

B.

Multiple ABRs reduce the CPU processing on each A6R due to splitting prefix advertisement

C.

In a large-scale network multiple ABRs can create microloops.

D.

Prefixes from the non-backbone area are advertised by one ABR to the backbone

Buy Now
Questions 55

Company XYZ is planning to deploy primary and secondary (disaster recovery) data center sites. Each of these sites will have redundant SAN fabrics and data protection is expected between the data center sites. The sites are 100 miles (160 km) apart and target RPO/RTO are 3 hrs and 24 hrs, respectively. Which two considerations must Company XYZ bear in mind when deploying replication in their scenario? (Choose two.)

Options:

A.

Target RPO/RTO requirements cannot be met due to the one-way delay introduced by the distance between sites.

B.

VSANs must be routed between sites to isolate fault domains and increase overall availability.

C.

Synchronous data replication must be used to meet the business requirements

D.

Asynchronous data replication should be used in this scenario to avoid performance impact in the primary site.

E.

VSANs must be extended from the primary to the secondary site to improve performance and availability.

Buy Now
Questions 56

Company XYZ wants to prevent switch loops caused by unidirectional point-point-link condition on Rapid FVST + and MST. Which technology can be used in the design to meet this requirement?

Options:

A.

STPBPDU guard

B.

STP bridge assurance

C.

MSTP

D.

TRILL

Buy Now
Questions 57

Software-defined networking architecture is used for cost-effective, adaptable, and easily manageable applications. In which two software-defined networks is SDN commonly used? (Choose two.)

Options:

A.

wide area network

B.

mobile network

C.

metro network

D.

application network

E.

control network

Buy Now
Questions 58

A multicast network is sing Bidirectional PIM. Which two combined actions achieve high availability so that two RPs within the same network can act in a redundant manner? (Choose two)

Options:

A.

Use two phantom RP addresses

B.

Manipulate the administration distance of the unicast routes to the two RPs

C.

Manipulate the multicast routing table by creating static mroutes to the two RPs

D.

Advertise the two RP addresses in the routing protocol

E.

Use anycast RP based on MSDP peering between the two RPs

F.

Control routing to the two RPs through a longest match prefix

Questions 59

Which two design solutions ensure sub 50 msec of the convergence time after a link failure in the network?

(Choose two)

Options:

A.

BFD

B.

Ti-LFA

C.

minimal BGP scan time

D.

MPLS-FRR

E.

IGP fast hello

Buy Now
Questions 60

A service provider hires you to design its new managed CE offering to meet these requirements

• The CEs cannot run a routing protocol with the PE

• Provide the ability for equal or unequal ingress load balancing in dual-homed CE scenarios.

• Provide support for IPv6 customer routes

• Scale up to 250.000 CE devices per customer.

• Provide low operational management to scale customer growth.

• Utilize low-end (inexpensive) routing platforms for CE functionality.

Which tunneling technology do you recommend?

Options:

A.

FlexVPN

B.

point-to-point GRE

C.

DMVPN

D.

LISP

Buy Now
Questions 61

What is an architectural framework created by ETSI that defines standards to decouple network functions from proprietary hardware-based appliances and have them run in software on standard x86 servers?

Options:

A.

NPIV

B.

NFVIS

C.

NFV

D.

VNF

Buy Now
Questions 62

Company XYZ plans to run OSPF on a DMVPN network. They want to use spoke-to-spoke tunnels in the design What is a drawback or concern in this type of design?

Options:

A.

Additional host routes will be inserted into the routing tables

B.

Manual configuration of the spokes with the appropriate priority will be needed

C.

There will be split-horizon issue at the hub

D.

Manual configuration of the spoke IP address on the hub will be needed

Buy Now
Questions 63

Network changes because of mergers, acquisitions, and divestment can be very disruptive to the network if not carried out carefully. When an organization sells parts of its business, it must detach the affected parts of the network from the rest of the network. Which network design approach is appropriate to minimize the impact and risks as the divested parts of the network are detached?

Options:

A.

redundant design

B.

modular design

C.

less complex design

D.

routed access design

Buy Now
Questions 64

The controller has a global view of the network, and it can easily ensure that the network is in a consistent and optimal configuration. Which two statements describe a centralized SDN control path? (Choose two.)

Options:

A.

Scaling of the centralized controller cluster is challenging for services like DHCP and load-balancing.

B.

It is highly-available by design with no single-point-of-failure risks present.

C.

Integrating smart NIC capabilities on the local host level is made easier through rest APIs.

D.

It significantly improves the latency when performing reactive handling of PACKET_IN events.

E.

It centralized controller can support all southbound APIs, which allows for easy integration with legacy equipment.

Buy Now
Questions 65

An MPLS service provider is offering a standard EoMPLS-based VPLS service to Customer A. providing Layer 2 connectivity between a central site and approximately 100 remote sites. Customer A wants to use the VPLS network to carry its internal multicast video feeds which are sourced at the central site and consist of 20 groups at Mbps each. Which service provider recommendation offers the most scalability?

Options:

A.

EoMPLS-based VPLS can carry multicast traffic in a scalable manner

B.

Use a mesh of GRE tunnels to carry the streams between sites

C.

Enable snooping mechanisms on the provider PE routers.

D.

Replace VPLS with a Layer 3 MVPN solution to carry the streams between sites

Buy Now
Questions 66

Company XYZ has a new network based on IPv6. Some of the subnets that they are planning to use will be confidential and need an addressing scheme that confines them to the local campus network. Which type of IPv6 addresses can be used for these networks in the IPv6 addressing design?

Options:

A.

local addresses

B.

private addresses

C.

link-local addresses

D.

unique local addresses

Buy Now
Questions 67

Company XYZ has two routing domains in their network, EIGRP and OSPF. The company wants to provide full reachability between the two domains by implementing redistribution on a router running both protocols. They need to design the redistribution in a way that the OSPF routers will see link costs added to external routes. How must the redistribution strategy be designed for this network?

Options:

A.

Redistribute using metric type 2 into OSPF.

B.

Redistribute using metric type 1 into OSPF.

C.

Redistribute using metric type 1 into EIGRP.

D.

Redistribute using metric type 2 into EIGRP.

Buy Now
Questions 68

The network team in XYZ Corp wants to modernize their infrastructure and is evaluating an implementation and migration plan to allow integration MPLS-based, Layer 2 Ethernet services managed by a service provider to connect branches and remote offices. To decrease OpEx and improve

response times when network components fail, XYZ Corp decided to acquire and deploy new routers. The network currently is operated over E1 leased lines (2 Mbps) with a managed CE service provided by the telco.

Drag and drop the implementation steps from the left onto the corresponding targets on the right in the correct order.

Options:

Buy Now
Questions 69

As part of workspace digitization, a large enterprise has migrated all their users to Desktop as a Sen/ice (DaaS), by hosting the backend system in their on-premises data center. Some of the branches have started to experience disconnections to the DaaS at periodic intervals, however, local users in the data center and head office do not experience this behavior. Which technology can be used to mitigate this issue?

Options:

A.

tail drop

B.

traffic shaping

C.

WRED

D.

traffic policing

Buy Now
Questions 70

A small organization of 20 employees is looking to deliver a network design service for modernizing customer networks to support advanced solutions.

  • Project scope and weekly progress should be visualized by the management.

  • Always consider feedback and make changes accordingly during the project.

  • Should consider flexibility to change scope at the point of time.

Which project methodology meets the requirements and have the least impact on the outcome?

Options:

A.

Scrum

B.

LEAN

C.

Kanban

D.

Six-Sigma

Questions 71

In a redundant hub and spoke "wheel" design, all spokes are connected to the hub, and spokes are connected to other spokes as well. During failure on one spoke link, the traffic from that site can be sent to a neighboring site for it to be forwarded to the hub site. But during peak hours, a link is overloaded and traffic is re-routed to a neighbor, which subsequently becomes overloaded. This overload results in network traffic oscillation as the load varies at each spoke site. This design provides more redundancy but not more resiliency because the routing protocol must process many alternate paths to determine the lowest cost path. Which two design

changes help to improve resilience in this case? (Choose two.)

Options:

A.

Increase the number of redundant paths considered during the routing convergence calculation.

B.

Eliminate links between every spoke.

C.

Increase routing protocol convergence timers.

D.

Increase unequal-cost parallel paths.

E.

Use two links to each remote site instead of one.

Buy Now
Questions 72

The major business applications of an enterprise are largely monolithic and hard-coded As part of a major modernization and overhaul of the applications the goal is to move to a modular and containerized application architecture mode At the same time decoupling from the hardware is desired to move to an on-demand provisioning However the CyberOps team mandated that the final architecture must provide the same security levels as an air-gapped data center. Which cloud architecture meets these requirements?

Options:

A.

laaS

B.

private cloud

C.

PaaS

D.

hybrid cloud

E.

public cloud

Buy Now
Questions 73

You are a network designer and you must ensure that the network you design is secure. How do you plan to prevent infected devices on your network from sourcing random DDoS attacks using forged source address?

Options:

A.

ACL based forwarding

B.

unicast RPF loose mode

C.

unicast RPF strict mode

D.

ACL filtering by destination

Buy Now
Questions 74

A Service Provider is designing a solution for a managed CE service to a number of local customers using a single CE platform and wants to have logical separation on the CE platform using Virtual Routing and Forwarding (VRF) based on IP address ranges or packet length. Which is the most scalable solution to provide this type of VRF Selection process on the CE edge device?

Options:

A.

Static Routes for Route Leaking

B.

Policy Based Routing

C.

OSPF per VRF Instance

D.

Multi-Protocol BGP

Buy Now
Questions 75

An enterprise requires MPLS connected branches to access cloud-based Microsoft 365 services over an SD-WAN solution. Internet access Is available only at dual regional hub sites that are connected to the MPLS network. Which connectivity method provides an optimum access method to the cloud-based services If one ISP suffers loss or latency?

Options:

A.

Cloud onRamp gateway site

B.

Cloud onRamp SWG

C.

Cloud onRamp

D.

Cloud onRamp SaaS

Questions 76

Which feature must be part of the network design to wait a predetermined amount of time before notifying the routing protocol of a change in the path in the network?

Options:

A.

Transmit delay

B.

Throttle timer

C.

SPF hold time

D.

Interface dampening

Buy Now
Questions 77

A business requirement is supplied to an architect from a car manufacturer stating their business model is changing to just-in-time manufacturing and a new network is required, the manufacturer does not produce all of the specific components m-house. which area should the architect focus on initially?

Options:

A.

Automation

B.

Zero Trust Networking

C.

Low Latency Infrastructure

D.

Modularity

Buy Now
Questions 78

What is a characteristic of a secure cloud architecture model?

Options:

A.

limited access to job function

B.

dedicated and restricted workstations

C.

multi-factor authentication

D.

software-defined network segmentation

Buy Now
Questions 79

What are two key design principles when using a hierarchical core-distribution-access network model? (Choose two )

Options:

A.

A hierarchical network design model aids fault isolation

B.

The core layer is designed first, followed by the distribution layer and then the access layer

C.

The core layer provides server access in a small campus.

D.

A hierarchical network design facilitates changes

E.

The core layer controls access to resources for security

Buy Now
Questions 80

Drag and drop the multicast protocols from the left onto the current design situation on the right.

Options:

Buy Now
Questions 81

SDWAN networks capitalize the usage of broadband Internet links over traditional MPLS links to offer more cost benefits to enterprise customers. However, due to the insecure nature of the public Internet, it is mandatory to use encryption of traffic between any two SDWAN edge devices installed behind NAT gateways. Which overlay method can provide optimal transport over unreliable underlay networks that are behind NAT gateways?

Options:

A.

TLS

B.

DTLS

C.

IPsec

D.

GRE

Buy Now
Questions 82

How many fully established neighbour relationships exist on an Ethernet with five routers running OSPF as network type broadcast?

Options:

A.

5

B.

6

C.

7

D.

10

E.

20

Buy Now
Questions 83

Refer to the table.

A customer investigates connectivity options for a DCI between two production data centers to aid a large-scale migration project. The migration is estimated to take 20 months to complete but might extend an additional 10 months if issues arise. All connectivity options meet the requirements to migrate workloads. Which transport technology provides the best ROI based on cost and flexibility?

Options:

A.

CWDM over dark fiber

B.

MPLS

C.

DWDM over dark fiber

D.

Metro Ethernet

Buy Now
Questions 84

Which two conditions must be met for EIGRP to maintain an alternate loop-free path to a remote network? (Choose two.)

Options:

A.

The Reported Distance from a successor is lower than the local Feasible Distance.

B.

The Reported Distance from a successor is higher than the local Feasible Distance.

C.

The feasibility condition does not need to be met.

D.

The Feasible Distance from a successor is lower than the local Reported Distance.

E.

A feasible successor must be present.

Buy Now
Questions 85

Company XYZ needs advice in redesigning their legacy Layer 2 infrastructure. Which technology should be included in the design to minimize or avoid convergence delays due to STP or FHRP and provide a loop-free topology?

Options:

A.

Use switch clustering in the access layer.

B.

Use switch clustering in the core/distribution layer.

C.

Use spanning-tree PortFast.

D.

Use BFD.

Buy Now
Questions 86

Which two statements describe network automation and network orchestration? (Choose two.)

Options:

A.

Network automation does not provide governance or policy management.

B.

Network automation spans multiple network services, vendors, and environments.

C.

Network orchestration is done through programmatic REST APIs enabling automation across devices and management platforms.

D.

Provisioning network services is an example of network automation.

E.

Network orchestration is used to run single, low-level tasks without human intervention

Buy Now
Questions 87

You are tasked with the design of a high available network. Which two features provide fail closed environments? (Choose two.)

Options:

A.

EIGRP

B.

RPVST+

C.

MST

D.

L2MP

Buy Now
Questions 88

Which tool automates network implementation activities and shortens the implementation lifecycle?

Options:

A.

LISP

B.

Java

C.

Conclusion

D.

Python

Buy Now
Questions 89

What are two primary design constraints when a robust infrastructure solution is created? (Choose two.)

Options:

A.

monitoring capabilities

B.

project time frame

C.

staff experience

D.

component availability

E.

total cost

Buy Now
Questions 90

Refer to the exhibit.

An engineer is designing the network for a multihomed customer running in AS 111 does not have any other Ass connected to it. Which technology is more comprehensive to use in the design to make sure that the AS is not being used as a transit AS?

Options:

A.

Configure the AS-set attribute to allow only routes from AS 111 to be propagated to the neighbor ASs.

B.

Use the local preference attribute to configure your AS as a non-transit'' AS.

C.

include an AS path access list to send routes to the neighboring ASs that only have AS 111 in the AS path field.

D.

Include a prefix list to only receive routes from neighboring ASs.

Buy Now
Questions 91

A company uses equipment from multiple vendors in a data center fabric to deliver SDN, enable maximum flexibility, and provide the best return on investment. Which YANG data model should be adopted for comprehensive features to simplify and streamline automation for the SDN fabric?

Options:

A.

proprietary

B.

OpenConfig

C.

native

D.

IETF

Buy Now
Questions 92

The Company XYZ network is experiencing attacks against their router. Which type of Control Plane Protection must be used on the router to protect all control plane IP traffic that is destined directly for one of the router interfaces?

Options:

A.

Control Plane Protection host subinterface

B.

Control Plane Protection main interface

C.

Control Plane Protection transit subinterface

D.

Control Plane Protection CEF-exception subinterface

Buy Now
Questions 93

Which design solution reduces the amount of IGMP state in the network?

Options:

A.

IGMP filtering

B.

IGMPv3 with PIM-SSM

C.

multiple multicast domains

D.

one multicast group address thorough network regardless of IGMP version

Buy Now
Questions 94

Retef to the exhibit.

An engineer is designing a multiarea OSPF network for a client who also has a large EIGRP domain EIGRP routes are getting redistributed into OSPF ,OSPF area 20 has routers with limited memory and CPU resources The engineer wants to block routes from EIGRP 111 from propagating into area 20 and allow EIGRP 222 routes to How in Which OSPF area type fulfills this design requirement?

Options:

A.

area 20 as a stub area

B.

type 5 LSA filtering on the ASBR between EIGRP 111 and area a

C.

area 20 as a NSSA area

D.

type 3 LSA filtering on the ABR between area 0 area 20

Buy Now
Questions 95

While reviewing an existing network design, you are discussing the characteristics of different STP versions. Which protocol minimizes unicast flooding during a Topology Change Notification in a Layer 2 switched network with many VLANs?

Options:

A.

PVRSTP

B.

MST

C.

STP

D.

PVSTP+

Buy Now
Questions 96

A Tier-3 Service Provider is evolving into a Tier-2 Service Provider due to the amount of Enterprise business it is receiving The network engineers are re-evaluating their IP/MPLS design considerations in order to support duplicate/overlapping IP addressing from their Enterprise customers within each Layer3 VPN. Which concept would need to be reviewed to ensure stability in their network?

Options:

A.

Assigning unique Route Distinguishers

B.

Assigning unique Route Target ID'S

C.

Assigning unique IP address space for the Enterprise NAT/Firewalls

D.

Assigning unique VRF ID's to each L3VPN

Buy Now
Questions 97

Company XYZ Is running a redundant private WAN network using OSPF as the underlay protocol The current design accommodates for redundancy In the network, but it Is taking over 30 seconds for the network to reconverge upon failure Which technique can be Implemented In the design to detect such a failure in a subsecond?

Options:

A.

STP

B.

fate sharing

C.

OSPF LFA

D.

BFD

E.

flex links

Buy Now
Questions 98

A service provider recently migrated to an SD-WAN solution for delivering WAN connections to its customers. One of the main challenges with the SD-WAN deployment is that branch site volume increases every year, which causes management complexity. Which action resolves the issue?

Options:

A.

Implement a scalable network management system to manage all sites.

B.

Adopt a well-structured SD-WAN service management lifecycle model

C.

Build a service orchestration platform on top of the network controller

D.

Set up a dedicated team to monitor and provision new customers

Buy Now
Exam Code: 400-007
Exam Name: Cisco Certified Design Expert (CCDE v3.0)
Last Update: Nov 25, 2024
Questions: 329

PDF + Testing Engine

$599

Testing Engine

$449

PDF (Q&A)

$399