100% Pass Top-selling 350-401 Exams - New 2022 Cisco Pratice Exam [Q124-Q149]

100% Pass Top-selling 350-401 Exams - New 2022 Cisco  Pratice Exam

CCNP Enterprise Dumps 350-401 Exam for Full Questions - Exam Study Guide

NEW QUESTION 124

Refer to the exhibit. Which troubleshooting a routing issue, an engineer issues a ping from S1 to S2. When two actions from the initial value of the TTL? (Choose two.)

• A. The packet reaches R3, and the TTL expires
• B. The packet reaches R1 and the TTL expires.
• C. R2 replies with a TTL exceeded message
• D. R3 replies with a TTL exceeded message.
• E. R1 replies with a TTL exceeded message
• F. The packet reaches R2 and the TTL expires

Answer: A,D

 

NEW QUESTION 125
In a three-tier hierarchical campus network design, which action is a design best-practice for the core layer?

• A. provide QoS prioritization services such as marking, queueing, and classification for critical network traffic
• B. provide redundant Layer 3 point-to-point links between the core devices for more predictable and faster convergence
• C. provide advanced network security features such as 802. IX, DHCP snooping, VACLs, and port security
• D. provide redundant aggregation for access layer devices and first-hop redundancy protocols such as VRRP

Answer: A

 

NEW QUESTION 126
Drag and drop the Qos mechanisms from the left to the correct descriptions on the right

Answer:

Explanation:

Explanation
A picture containing diagram Description automatically generated

 

NEW QUESTION 127
What is a fact about Cisco EAP-FAST?

• A. It operates in transparent mode.
• B. It does not require a RADIUS server certificate.
• C. It requires a client certificate.
• D. It is an IETF standard.

Answer: B

Explanation:
Explanation


https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-fixed/72788-CSSC-Deployment-Guide.h

 

NEW QUESTION 128
Refer to the exhibit.

Which privilege level is assigned to VTY users?

• A. 0
• B. 1
• C. 2
• D. 3

Answer: B

 

NEW QUESTION 129
Which method displays text directly into the active console with a synchronous EEM applet policy?

• A. event manager applet boom
  event syslog pattern 'UP'
  action 1.0 puts 'logging directly to console'
• B. event manager applet boom
  event syslog pattern 'UP'
  action 1.0 string 'logging directly to console'
• C. event manager applet boom
  event syslog pattern 'UP'
  action 1.0 syslog priority direct msg 'logging directly to console'
• D. event manager applet boom
  event syslog pattern 'UP'
  action 1.0 gets 'logging directly to console'

Answer: C

 

NEW QUESTION 130
Refer to the exhibit.

What ate two effects of this configuration? (Choose two.)

• A. R1 becomes the active router.
• B. R1 becomes the standby router.
• C. If R1 goes down, R2 becomes active but reverts to standby when Rl comes back online.
• D. If R2 goes down, R1 becomes active but reverts to standby when R2 comes back online.
• E. If R1 goes down, R2 becomes active and remains the active device when R1 comes back online.

Answer: A,E

 

NEW QUESTION 131
What are two device roles in Cisco SD-Access fabric? (Choose two.)

• A. access switch
• B. border node
• C. vBond controller
• D. core switch
• E. edge node

Answer: B,E

Explanation:
Explanation
There are five basic device roles in the fabric overlay:
+ Control plane node: This node contains the settings, protocols, and mapping tables to provide the endpoint-to-location (EID-to-RLOC) mapping system for the fabric overlay.
+ Fabric border node: This fabric device (for example, core layer device) connects external Layer 3 networks to the SDA fabric.
+ Fabric edge node: This fabric device (for example, access or distribution layer device) connects wired endpoints to the SDA fabric.
+ Fabric WLAN controller (WLC): This fabric device connects APs and wireless endpoints to the SDA fabric.
+ Intermediate nodes: These are intermediate routers or extended switches that do not provide any sort of SD-Access fabric role other than underlay services.

 

NEW QUESTION 132

Refer to the exhibit. A network engineer configures a GRE tunnel and enters the show Interface tunnel command. What does the output confirm about the configuration?

• A. The physical interface MTU is 1476 bytes.
• B. The tunnel mode is set to the default.
• C. The keepalive value is modified from the default value.
• D. Interface tracking is configured.

Answer: B

 

NEW QUESTION 133
Refer to the exhibit.

What is the JSON syntax that is formed the data?

• A. Name', 'Bob Johson,' 'Age', 75, 'Alive', true, 'favourite Foods' 'Cereal', 'Mustard', 'Onions'}
• B. Name'', ''Bob'' Johson'', ''Age'', 75, ''Alive'', true, ''favourite Foods'', [''Cereal, ''Mustard'', Onions''}}
• C. Name: Bob, Johson, Age: 75, Alive: true, Favourite Foods. [Cereal, ''Mustard'', ''Onions}}
• D. Name''. ''Bob Johson'', ''Age'': Seventyfive, ''Alive'' true, ''favourite Foods'' ,[Cereal'' ''Mustard''
  ''Onions''}}

Answer: A

 

NEW QUESTION 134
Refer to the exhibit.

Edge-01 is currently operational as the HSRP primary with priority 110. Which command on Edge-02 causes it to take over the forwarding role when Edge-01 is down?

• A. standby 10 timers
• B. standby 10 preempt
• C. standby 10 priority
• D. standby 10 track

Answer: B

Explanation:
Explanation
The preempt command enables the HSRP router with the highest priority to immediately become the active router.

 

NEW QUESTION 135
Which technology does VXLAN use to provide segmentation for Layer 2 and Layer 3 traffic?

• A. VNI
• B. bridge domain
• C. VRF
• D. VLAN

Answer: A

Explanation:
Explanation
VXLAN has a 24-bit VXLAN network identifier (VNI), which allows for up to 16 million (= 224) VXLAN segments to coexist within the same infrastructure. This surely solve the small number of traditional VLANs.

 

NEW QUESTION 136
Which standard access control entry permits from odd-numbered hosts in the 10.0.0.0/24 subnet?

• A. Permit 10.0.0.1.0.0.0.0
• B. Permit 10.0.0.0.255.255.255.254
• C. Permit 10.0.0.0.0.0.0.1
• D. Permit 10.0.0.1.0.0.0.254

Answer: D

Explanation:
Explanation
Remember, for the wildcard mask, 1s are I DON'T CARE, and 0s are I CARE. So now let's analyze a simple ACL:
access-list 1 permit 172.23.16.0 0.0.15.255
Two first octets are all 0's meaning that we care about the network 172.23.x.x. The third octet of the wildcard mask, 15 (0000 1111 in binary), means that we care about first 4 bits but don't care about last 4 bits so we allow the third octet in the form of 0001xxxx (minimum:00010000 = 16; maximum: 0001111 = 31).

The fourth octet is 255 (all 1 bits) that means I don't care.
Therefore network 172.23.16.0 0.0.15.255 ranges from 172.23.16.0 to 172.23.31.255.
Now let's consider the wildcard mask of 0.0.0.254 (four octet: 254 = 1111 1110) which means we only care the last bit. Therefore if the last bit of the IP address is a "1" (0000 0001) then only odd numbers are allowed. If the last bit of the IP address is a "0" (0000 0000) then only even numbers are allowed.
Note: In binary, odd numbers are always end with a "1" while even numbers are always end with a "0".
Therefore in this question, only the statement "permit 10.0.0.1 0.0.0.254" will allow all oddnumbered hosts in the 10.0.0.0/24 subnet.

 

NEW QUESTION 137
Which method displays text directly into the active console with a synchronous EEM applet policy?

• A. event manager applet boom
  event syslog pattern 'UP'
  action 1.0 puts 'logging directly to console'
• B. event manager applet boom
  event syslog pattern 'UP'
  action 1.0 string 'logging directly to console'
• C. event manager applet boom
  event syslog pattern 'UP'
  action 1.0 gets 'logging directly to console'
• D. event manager applet boom
  event syslog pattern 'UP'
  action 1.0 syslog priority direct msg 'log directly to console'

Answer: D

Explanation:
Explanation
To enable the action of printing data directly to the local tty when an Embedded Event Manager (EEM) applet is triggered, use the command in applet configuration mode.
The following example shows how to print data directly to the local tty:

The action puts command applies to synchronous events. The output of this command for a synchronous applet is directly displayed to the tty, bypassing the syslog.
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/command/eem-cr-book/eemcr- a1.html

 

NEW QUESTION 138
Drag and drop the REST API authentication methods from the left onto their descriptions on the right.

Answer:

Explanation:

Explanation

 

NEW QUESTION 139
A wireless consultant is designing a high-density wireless network for a lecture hall for 1000 students Which antenna type is recommended for this environment?

• A. sector antenna
• B. parabolic dish
• C. omnidirectional antenna
• D. dipole antenna

Answer: C

Explanation:
Directional antennas Directional antennas come in many different styles and shapes. An antenna does not offer any added power to the signal; it simply redirects the energy it receives from the transmitter. By redirecting this energy, it has the effect of providing more energy in one direction and less energy in all other directions. As the gain of a directional antenna increases, the angle of radiation usually decreases, providing a greater coverage distance but with a reduced coverage angle. Directional antennas include patch antennas and parabolic dishes. Parabolic dishes have a very narrow RF energy path, and the installer must be accurate in aiming these types of antennas at each other.

Reference:
Omnidirectional antennas
An omnidirectional antenna is designed to provide a 360-degree radiation pattern. This type of antenna is used when coverage in all directions from the antenna is required. The standard 2.14-dBi "rubber duck" is one style of omnidirectional antenna.
Omnidirectional antenna

-> Therefore Omnidirectional antenna is best suited for a high-density wireless network in a lecture hall.

 

NEW QUESTION 140
What is the function of the LISP map resolver?

• A. to connect a site to the LISP-capable part of a core network publish the EID-to-RLOC mappings for the site, and respond to map-request messages
• B. to send traffic to non-LISP sites when connected to a service provider that does not accept nonroutable ElDs as packet sources
• C. to decapsulate map-request messages from ITRs and forward the messages to the MS.
• D. to advertise routable non-LISP traffic from one address family to LISP sites in a different address family

Answer: C

 

NEW QUESTION 141
Which algorithms are used to secure REST API from brute attacks and minimize the impact?

• A. SHA-512 and SHA-384
• B. PBKDF2, BCrypt, and SCrypt
• C. MD5 algorithm-128 and SHA-384
• D. SHA-1, SHA-256, and SHA-512

Answer: B

Explanation:
Explanation
One of the best practices to secure REST APIs is using password hash. Passwords must always be hashed to protect the system (or minimize the damage) even if it is compromised

 

NEW QUESTION 142
Which exhibit displays a valid JSON file?

• A. Option B
• B. Option C
• C. Option A
• D. Option D

Answer: D

 

NEW QUESTION 143
Which statement about TLS is true when using RESTCONF to write configurations on network devices?

• A. It is used for HTTP and HTTPS requests.
• B. It requires certificates for authentication.
• C. It is not supported on Cisco devices.
• D. It is provided using NGINX acting as a proxy web server.

Answer: D

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/166/ b_166_programmability_cg/b_166_programmability_cg_chapter_01011.html

 

NEW QUESTION 144
Which statement about Cisco EAP-FAST is true?

• A. It operates in transparent mode.
• B. It does not require a RADIUS server certificate.
• C. It requires a client certificate.
• D. It is an IETF standard.

Answer: A

Explanation:
The Cisco switch was configured with PAgP, which is a Cisco proprietary protocol so non-Cisco switch could not communicate.

 

NEW QUESTION 145
Refer to the exhibit.

Which command must be applied to R2 for an OSPF neighborship to form?

• A. network 20.1.1.2 255.255.255 area 0
• B. network 20.1.1.2.0.0.0.0 area 0
• C. network 20.1.1.2 255.255.0.0. area 0
• D. network 20.1.1.2.0.0.255.255 area 0

Answer: B

 

NEW QUESTION 146

Refer to the exhibit. An engineer must ensure that all traffic entering AS 200 from AS 100 chooses Link 2 as an entry point. Assume that all BGP neighbor relationships have been formed and that the attributes have not been changed on any of the routers. Which configuration accomplishes this task?

• A. R4(config)#route-map PREPEND permit 10
  R4(config-route-map)#set as-path prepend 100 100 100
  R4(config)#router bgp 200
  R4(config-router)#neighbor 10.2.2.2 route-map PREPEND in
• B. R3(config)#route-map PREPEND permit 10
  R3(config-route-map)#set as-path prepend 200 200 200
  R3(config)#router bgp 200
  R3#(config-router)#neighbor 10.1.1.1 route-map PREPEND out
• C. R4(config)#route-map PREPEND permit 10
  R4(config-route-map)#set as-path prepend 200 200 200
  R4(config)#router bgp 200
  R4(config-router)#neighbor 10.2.2.2 route-map PREPEND out
• D. R3(config)#route-map PREPEND permit 10
  R3(config-route-map)#set as-path prepend 100 100 100
  R3(config)#router bgp 200
  R3(config-router)#neighbor 10.1.1.1 route-map PREPEND in

Answer: B

Explanation:
Explanation

 

NEW QUESTION 147
Refer to the exhibit.

Which privilege level is assigned to VTY users?

• A. 0
• B. 1
• C. 2
• D. 3

Answer: B

Explanation:
Explanation
Lines (CON, AUX, VTY) default to level 1 privileges.

 

NEW QUESTION 148
Drag and drop the DHCP messages that are exchanged between a client and an AP into the order they are exchanged on the right.

Answer:

Explanation:

There are four messages sent between the DHCP Client and DHCP Server: DHCPDISCOVER, DHCPOFFER, DHCPREQUEST and DHCPACKNOWLEDGEMENT.
This process is often abbreviated as DORA (for Discover, Offer, Request, Acknowledgement).

 

NEW QUESTION 149
......

Authentic Best resources for 350-401 Online Practice Exam: https://testinsides.actualpdf.com/350-401-real-questions.html