Download Implementing Cisco Enterprise Network Core Technologies (350-401 ENCOR).ITExamAnswers.350-401.2022-04-19.1e.536q.vcex

Download Exam

File Info

Exam Implementing Cisco Enterprise Network Core Technologies (350-401 ENCOR)
Number 350-401
File Name Implementing Cisco Enterprise Network Core Technologies (350-401 ENCOR).ITExamAnswers.350-401.2022-04-19.1e.536q.vcex
Size 39.14 Mb
Posted April 19, 2022
Downloads 251
Download Implementing Cisco Enterprise Network Core Technologies (350-401 ENCOR).ITExamAnswers.350-401.2022-04-19.1e.536q.vcex

How to open VCEX & EXAM Files?

Files with VCEX & EXAM extensions can be opened by ProfExam Simulator.

Purchase

Coupon: MASTEREXAM
With discount: 20%



 
 



Demo Questions

Question 1

Which function does a fabric edge node perform in an SD-Access deployment?

  • A: Connects endpoints to the fabric and forwards their traffic.
  • B: Encapsulates end-user data traffic into LISP.
  • C: Connects the SD-Access fabric to another fabric or external Layer 3 networks.
  • D: Provides reachability between border nodes in the fabric underlay.

Correct Answer: A

There are five basic device roles in the fabric overlay:
Control plane node: This node contains the settings, protocols, and mapping tables to provide the endpoint-to-location (EID-to-RLOC) mapping system for the fabric overlay.
Fabric border node: This fabric device (for example, core layer device) connects external Layer 3 networks to the SDA fabric.
Fabric edge node: This fabric device (for example, access or distribution layer device) connects wired endpoints to the SDA fabric.
Fabric WLAN controller (WLC): This fabric device connects APs and wireless endpoints to the SDA fabric.
Intermediate nodes: These are intermediate routers or extended switches that do not provide any sort of SD-Access fabric role other than underlay services.
    




Question 2

Refer to the exhibit.Which privilege level is assigned to VTY users? 

    

  • A: 1
  • B: 7
  • C: 13
  • D: 15

Correct Answer: A

Lines (CON, AUX, VTY) default to level 1 privileges.




Question 3

What is the difference between a RIB and a FIB?

  • A: The FIB is populated based on RIB content.
  • B: The RIB maintains a minor image of the FIB.
  • C: The RIB is used to make IP source prefix-based switching decisions.
  • D: The FIB is where all IP routing information is stored.

Correct Answer: A

CEF uses a Forwarding Information Base (FIB) to make IP destination prefix-based switching decisions. The FIB is conceptually similar to a routing table or information base. It maintains a mirror image of the forwarding information contained in the IP routing table. When routing or topology changes occur in the network, the IP routing table is updated, and those changes are reflected in the FIB. The FIB maintains next-hop address information based on the information in the IP routing table. Because there is a one-to-one correlation between FIB entries and routing table entries, the FIB contains all known routes and eliminates the need for route cache maintenance that is associated with earlier switching paths such as fast switching and optimum switching. 
Note: In order to view the Routing information base (RIB) table, use the “show ip route” command.
To view the Forwarding Information Base (FIB), use the “show ip cef” command. RIB is in Control plane while FIB is in Data plane.




Question 4

Which requirement for an Ansible-managed node is true?

  • A: It must have an SSH server running.
  • B: It must be a Linux server or a Cisco device.
  • C: It must support ad hoc commands.
  • D: It must have an Ansible Tower installed.

Correct Answer: A




Question 5

A client device fails to see the enterprise SSID, but other client devices are connected to it. What is the cause of this issue?

  • A: The client has incorrect credentials stored for the configured broadcast SSID.
  • B: The hidden SSID was not manually configured on the client.
  • C: The broadcast SSID was not manually configured on the client.
  • D: The client has incorrect credentials stored for the configured hidden SSID.

Correct Answer: B




Question 6

Which two descriptions of FlexConnect mode for Cisco APs are true? (Choose two.)

  • A: APs that operate in FlexConnect mode cannot detect rogue APs
  • B: FlexConnect mode is used when the APs are set up in a mesh environment and used to bridge between each other.
  • C: FlexConnect mode is a feature that is designed to allow specified CAPWAP-enabled APs to exclude themselves from managing data traffic between clients and infrastructure.
  • D: When connected to the controller, FlexConnect APs can tunnel traffic back to the controller
  • E: FlexConnect mode is a wireless solution for branch office and remote office deployments

Correct Answer: DE

FlexConnect is a wireless solution for branch office and remote office deployments. It enables customers to configure and control access points in a branch or remote office from the corporate office through a wide area network (WAN) link without deploying a controller in each office. 
The FlexConnect access points can switch client data traffic locally and perform client authentication locally when their connection to the controller is lost. When they are connected to the controller, they can also send traffic back to the controller. In the connected mode, the FlexConnect access point can also perform local authentication. 
Click hereClick here




Question 7

Which OSPF network types are compatible and allow communication through the two peering devices?

  • A: point-to-multipoint to nonbroadcast
  • B: broadcast to nonbroadcast
  • C: point-to-multipoint to broadcast
  • D: broadcast to point-to-point

Correct Answer: B

The following different OSPF types are compatible with each other:
Broadcast and Non-Broadcast (adjust hello/dead timers) 
Point-to-Point and Point-to-Multipoint (adjust hello/dead timers) 
Broadcast and Non-Broadcast networks elect DR/BDR so they are compatible. Point-topoint/ multipoint do not elect DR/BDR so they are compatible. 
Reference: Click here




Question 8

Which NGFW mode blocks flows crossing the firewall?

  • A: tap
  • B: inline
  • C: passive
  • D: inline tap

Correct Answer: B

Firepower Threat Defense (FTD) provides six interface modes which are: Routed, Switched, Inline Pair, Inline Pair with Tap, Passive, Passive (ERSPAN).
When Inline Pair Mode is in use, packets can be blocked since they are processed inline When you use Inline Pair mode, the packet goes mainly through the FTD Snort engine When Tap Mode is enabled, a copy of the packet is inspected and dropped internally while the actual traffic goes through FTD unmodified 
Reference: Click here




Question 9

Which statement about route targets is true when using VRF-Lite?

  • A: Route targets control the import and export of routes into a customer routing table.
  • B: When BGP is configured, route targets are transmitted as BGP standard communities.
  • C: Route targets allow customers to be assigned overlapping addresses.
  • D: Route targets uniquely identify the customer routing table.

Correct Answer: A

Answer ‘Route targets allow customers to be assigned overlapping addresses’ and answer ‘Route targets uniquely identify the customer routing table’ are not correct as only route distinguisher (RD) identifies the customer routing table and “allows customers to be assigned overlapping addresses”. 
Answer ‘When BGP is configured, route targets are transmitted as BGP standard communities’ is not correct as “When BGP is configured, route targets are transmitted as BGP extended communities”




Question 10

How does Cisco TrustSec enable more flexible access controls for dynamic networking environments and data centers?

  • A: uses flexible NetFlow
  • B: assigns a VLAN to the endpoint
  • C: classifies traffic based on advanced application recognition
  • D: classifies traffic based on the contextual identity of the endpoint rather than its IP address

Correct Answer: D

The Cisco TrustSec solution simplifies the provisioning and management of network access control through the use of software-defined segmentation to classify network traffic and enforce policies for more flexible access controls. Traffic classification is based on endpoint identity, not IP address, enabling policy change without net-work redesign. 
Reference: Click here










CONNECT US

Facebook

Twitter

PROFEXAM WITH A 20% DISCOUNT

You can buy ProfExam with a 20% discount!



HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files