New 2022 350-401 Dumps for CCNP Enterprise Certified Exam Questions & Answer [Q181-Q204]

New 2022 350-401 Dumps for CCNP Enterprise Certified Exam Questions & Answer

Realistic Verified 350-401 exam dumps Q&As - 350-401 Free Update 

What are the prestigious career opportunities?

With CCIE Enterprise Infrastructure, CCIE Enterprise Wireless, and/or CCNP Enterprise under your belt, you can boost your career to a higher level. Thus, the certified professionals can take up various positions, including an Enterprise IT Infrastructure Architect, an Infrastructure Automation Engineer, a Director of Infrastructure, an IT Infrastructure Security Engineer, a Senior Enterprise Architect, a CCIE Consultant, a Principal Wireless Network Engineer, an Infrastructure Solutions Architect, and many more. The average salary can be up to $120,000 per year, depending on your job role, related tasks, and working experience.

Exam Topics for Implementing Cisco Enterprise Network Core Technologies (350-401 ENCOR)

The following will be practiced in CISCO 350-401 practice exam and CISCO 350-401 practice tests:

• Infrastructure
• Automation
• Architecture
• Network Assurance
• Virtualization
• Security

Architecture: This section requires that the candidates demonstrate a variety of skills. These are enumerated below:

• Describe the working principles of a Cisco SD-Access solution, which include SD-Access data plane, control elements, and traditional campus inter-operating with SD-Access;
• Describe the working principles inherent in a Cisco SD-WAN solution, such as SD-WAN data plans, control elements, SD-WAN, and Traditional WAN solutions;
• Describe different design principles that are used within an enterprise network. These include enterprise network design, Tier 2, and Tier 3, Fabric Capacity planning, and high availability methods, such as FHRP, SSO, and redundancy;
• Evaluate the design principles of WLAN deployments. This covers skills in wireless deployment models, such as centralized, controller-based, distributed, controller-less, remote branch, and Cloud. It also focuses on location services within WLAN designs;
• Explain the concepts of wireless and wired QoS, QoS policy, and components;
• Distinguish between Cloud and on-premise infrastructure deployments;
• Distinguish between software and hardware switching mechanisms, including FIB vs. RIB, Process and CEF, as well as TCAM and MAC address table.

NEW QUESTION 181
What are two benefits of virtualizing the server with the use of VMs in a data center environment? (Choose two.)

• A. increased security
• B. reduced IP and MAC address requirements
• C. reduced rack space, power, and cooling requirements
• D. smaller Layer 2 domain
• E. speedy deployment

Answer: C,E

 

NEW QUESTION 182
Refer to the exhibit.

Which IP address becomes the active next hop for 192.168.102 0/24 when 192.168.101.2 fails?

• A. 192.168.101.6
• B. 192.168.101.18
• C. 192.168.101.10
• D. 192.168.101.14

Answer: B

Explanation:
Explanation
The '>' shown in the output above indicates that the path with a next hop of 192.168.101.2 is the current best path.
Path Selection Attributes: Weight > Local Preference > Originate > AS Path > Origin > MED > External > IGP Cost > eBGP Peering > Router ID BGP prefers the path with highest weight but the weights here are all 0 (which indicate all routes that are not originated by the local router) so we need to check the Local Preference. Answer
'192.168.101.18' path without LOCAL_PREF (LocPrf column) means it has the default value of 100.
Therefore we can find the two next best paths with the next hop of 192.168.101.18 and
192.168.101.10.
We have to move to the next path selection attribute: Originate. BGP prefers the path that the local router originated (which is indicated with the "next hop 0.0.0.0"). But none of the two best paths is self-originated.
The AS Path of the next hop 192.168.101.18 is shorter than the AS Path of the next hop
192.168.101.10 then the next hop 192.168.101.18 will be chosen as the next best path.
Question 2

 

NEW QUESTION 183
Drag and drop the Qos mechanisms from the left to the correct descriptions on the right

Answer:

Explanation:

Explanation

 

NEW QUESTION 184
Refer to the exhibit.

An engineer must modify the access control list EGRESS to allow all IP traffic from subnet 10.1.10.0/24 to 10.1.2.0/24. The access control list is applied in the outbound direction on router interface GigabitEthemet 0/1. Which configuration commands can the engineer use to allow this traffic without disrupting existing traffic flows?
A)

B)

C)

D)

• A. Option D
• B. Option A
• C. Option C
• D. Option B

Answer: D

 

NEW QUESTION 185
Drag and drop the characteristics from the left onto the correct infrastructure deployment types on the right.

Answer:

Explanation:

Explanation

 

NEW QUESTION 186
Which design principle slates that a user has no access by default to any resource, and unless a resource is explicitly granted, it should be denied?

• A. fail-safe defaults
• B. economy of mechanism
• C. least privilege
• D. complete mediation

Answer: A

 

NEW QUESTION 187
Drag and drop the characteristics from the left to the correct Infrastructure deployment type on the right.

Answer:

Explanation:

Explanation

 

NEW QUESTION 188

Refer to the exhibit. Which command allows hosts that are connected to FastEthernet0/2 to access the Internet?

• A. ip nat outside source static 209.165.200.225 10.10.10.0 overload
• B. ip nat inside source list 10 interface FastEthernet0/2 overload
• C. ip nat outside source list 10 interface FastEthernet0/2 overload
• D. ip nat inside source list 10 interface FastEthernet0/1 overload

Answer: D

 

NEW QUESTION 189
Refer to the exhibit.

An engineer attempts to create a configuration to allow the Blue VRF to leak Into the global fouling table, but the configuration does not function as expected. Which action resolves this Issue?

• A. Change the access-list destination mask to a wildcard.
• B. Change the access-list number in the route map
• C. Change the source network that Is specified in access-list 101.
• D. Change the route-map configuration to VRF_BLUE.

Answer: A

 

NEW QUESTION 190
Which two sources cause interference for Wi-Fi networks? (Choose two).

• A. mirrored wall
• B. Incandesent lights
• C. 900MHz baby monitor
• D. fish tank
• E. DECT 6.0 cordless

Answer: A,D

Explanation:
Windows can actually block your WiFi signal. How? Because the signals will be reflected by the glass.
Some new windows have transparent films that can block certain wave types, and this can make it harder for your WiFi signal to pass through.
Tinted glass is another problem for the same reasons. They sometimes contain metallic films that can completely block out your signal. Mirrors, like windows, can reflect your signal. They're also a source of electromagnetic interference because of their metal backings.
Reference:
An incandescent light bulb, incandescent lamp or incandescent light globe is an electric light with a wire filament heated until it glows. WiFi operates in the gigahertz microwave band. The FCC has strict regulations on RFI (radio frequency interference) from all sorts of things, including light bulbs -> Incandesent lights do not interfere Wi-Fi networks.
Note:
+ Many baby monitors operate at 900MHz and won't interfere with Wi-Fi, which uses the 2.4GHz band. + DECT cordless phone 6.0 is designed to eliminate wifi interference by operating on a different frequency. There is essentially no such thing as DECT wifi interference.

 

NEW QUESTION 191
What are two benefits of virtualizing the server with the use of VMs in data center environment? (Choose two.)

• A. Increased security
• B. reduced IP and MAC address requirements
• C. reduced rack space, power, and cooling requirements
• D. smaller Layer 2 domain
• E. speedy deployment

Answer: C,E

Explanation:
Server virtualization and the use of virtual machines is profoundly changing data center dynamics.
Most organizations are struggling with the cost and complexity of hosting multiple physical servers in their data centers. The expansion of the data center, a result of both scale-out server architectures and traditional "one application, one server" sprawl, has created problems in housing, powering, and cooling large numbers of underutilized servers. In addition, IT organizations continue to deal with the traditional cost and operational challenges of matching server resources to organizational needs that seem fickle and ever changing.
Virtual machines can significantly mitigate many of these challenges by enabling multiple application and operating system environments to be hosted on a single physical server while maintaining complete isolation between the guest operating systems and their respective applications. Hence, server virtualization facilitates server consolidation by enabling organizations to exchange a number of underutilized servers for a single highly utilized server running multiple virtual machines.
By consolidating multiple physical servers, organizations can gain several benefits:
+ Underutilized servers can be retired or redeployed.
+ Rack space can be reclaimed.
+ Power and cooling loads can be reduced.
+ New virtual servers can be rapidly deployed.
+ CapEx (higher utilization means fewer servers need to be purchased) and OpEx (few servers means a simpler environment and lower maintenance costs) can be reduced.
Reference:
net_implementation_white_paper0900aecd806a9c05.html

 

NEW QUESTION 192
What are two reasons why broadcast radiation is caused in the virtual machine environment? (Choose two.)

• A. vSwitch must interrupt the server CPU to process the broadcast packet.
• B. The Layer 2 domain can be large in virtual machine environments.
• C. Virtual machines communicate primarily through broadcast mode.
• D. Communication between vSwitch and network switch is multicast based.
• E. Communication between vSwitch and network switch is broadcast based.

Answer: B,C

Explanation:
Explanation
Broadcast radiation is the accumulation of broadcast and multicast traffic on a computer network. Extreme amounts of broadcast traffic constitute a broadcast storm.
The amount of broadcast traffic you should see within a broadcast domain is directly proportional to the size of the broadcast domain. Therefore if the layer 2 domain in virtual machine environment is too large, broadcast radiation may occur -> VLANs should be used to reduce broadcast radiation.
Also if virtual machines communicate via broadcast too much, broadcast
radiation may occur.
Another reason for broadcast radiation is using a trunk (to extend VLANs) from the network switch to the physical server.
Note about the structure of virtualization in a hypervisor:
Hypervisors provide virtual switch (vSwitch) that Virtual Machines (VMs) use to communicate with other VMs on the same host. The vSwitch may also be connected to the host's physical NIC to allow VMs to get layer 2 access to the outside world.
Each VM is provided with a virtual NIC (vNIC) that is connected to the
virtual switch. Multiple vNICs can connect to a single vSwitch, allowing VMs on a physical host to communicate with one another at layer 2 without having to go out to a physical switch.

Although vSwitch does not run Spanning-tree protocol but vSwitch
implements other loop prevention mechanisms. For example, a
frame that enters from one VMNIC is not going to go out of the
physical host from a different VMNIC card.

 

NEW QUESTION 193
How does SSO work with HSRP to minimize network disruptions?

• A. It enables HSRP to failover to the standby RP on the same device.
• B. It enables HSRP to elect another switch in the group as the active HSRP switch.
• C. It ensures fast failover in the case of link failure.
• D. It enables data forwarding along known routes following a switchover, while the routing protocol reconverges.

Answer: D

 

NEW QUESTION 194
Drag and drop the REST API authentication methods from the left onto their descriptions on the right.

Answer:

Explanation:

 

NEW QUESTION 195
What are two characteristics of VXLAN? (Choose two)

• A. It extends Layer 2 and Layer 3 overlay networks over a Layer 2 underlay.
• B. It lacks support for host mobility
• C. It has a 12-bit network identifier
• D. It uses VTEPs to encapsulate and decapsulate frames.
• E. It allows for up to 16 million VXLAN segments

Answer: D,E

 

NEW QUESTION 196
Which JSON syntax is valid?

• A. Option D
• B. Option B
• C. Option A
• D. Option C

Answer: D

Explanation:
This JSON can be written as follows:
{
'switch': {
'name': 'dist1',
'interfaces': ['gig1', 'gig2', 'gig3']
}
}

 

NEW QUESTION 197
Drag and drop the characteristics from the left onto the orchestration tools they describe on the right.

Answer:

Explanation:

 

NEW QUESTION 198
Which statement about a fabric access point is true?

• A. It is in local mode an must be connected directly to the fabric border node.
• B. It is in FlexConnect mode and must be connected directly to the fabric edge switch.
• C. It is in FlexConnect mode and must be connected directly to the fabric border node.
• D. It is in local mode an must connected directly to the fabric edge switch.

Answer: D

Explanation:
Fabric mode APs continue to support the same wireless media services that traditional APs support; apply AVC, quality of service (QoS), and other wireless policies; and establish the CAPWAP control plane to the fabric WLC. Fabric APs join as local-mode APs and must be directly connected to the fabric edge node switch to enable fabric registration events, including RLOC assignment via the fabric WLC. The fabric edge nodes use CDP to recognize APs as special wired hosts, applying special port configurations and assigning the APs to a unique overlay network within a common EID space across a fabric. The assignment allows management simplification by using a single subnet to cover the AP infrastructure at a fabric site.
Reference: https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/sda-sdg-2019oct.html

 

NEW QUESTION 199
Which function does a fabric edge node perform in an SD-Access deployment?

• A. Connects endpoints to the fabric and forwards their traffic
• B. Encapsulates end-user data traffic into LISP.
• C. Provides reachability border nodes in the fabric underlay
• D. Connects the SD-Access fabric to another fabric or external Layer 3 networks

Answer: A

Explanation:
Explanation
There are five basic device roles in the fabric overlay:
+ Control plane node: This node contains the settings, protocols, and mapping tables to provide the endpoint-to-location (EID-to-RLOC) mapping system for the fabric overlay.
+ Fabric border node: This fabric device (for example, core layer device) connects external Layer
3 networks to the SDA fabric.
+ Fabric edge node: This fabric device (for example, access or distribution layer device) connects wired endpoints to the SDA fabric.
+ Fabric WLAN controller (WLC): This fabric device connects APs and wireless endpoints to the SDA fabric.
+ Intermediate nodes: These are intermediate routers or extended switches that do not provide any sort of SD-Access fabric role other than underlay services.

 

NEW QUESTION 200
Which controller is the single plane of management for Cisco SD-WAN?

• A. vSmart
• B. vEdge
• C. vManage
• D. vBond

Answer: C

Explanation:
The primary components for the Cisco SD-WAN solution consist of the vManage network
management system (management plane), the vSmart controller (control plane), the vBond
orchestrator (orchestration plane), and the vEdge router (data plane).
+ vManage - This centralized network management system provides a GUI interface to easily
monitor, configure, and maintain all Cisco SD-WAN devices and links in the underlay and overlay
network.
+ vSmart controller - This software-based component is responsible for the centralized control
plane of the SD-WAN network. It establishes a secure connection to each vEdge router and
distributes routes and policy information via the Overlay Management Protocol (OMP), acting as a
route reflector. It also orchestrates the secure data plane connectivity between the vEdge routers
by distributing crypto key information, allowing for a very scalable, IKE-less architecture.
+ vBond orchestrator - This software-based component performs the initial authentication of
vEdge devices and orchestrates vSmart and vEdge connectivity. It also has an important role in
enabling the communication of devices that sit behind Network Address Translation (NAT).
+ vEdge router - This device, available as either a hardware appliance or software-based router,
sits at a physical site or in the cloud and provides secure data plane connectivity among the sites
over one or more WAN transports. It is responsible for traffic forwarding, security, encryption,
Quality of Service (QoS), routing protocols such as Border Gateway Protocol (BGP) and Open
Shortest Path First (OSPF), and more.
Reference:
2018OCT.pdf

 

NEW QUESTION 201
Which method creates an EEM applet policy that is registered with EEM and runs on demand or manually?

• A. event manager applet ondemand
  action 1.0 syslog priority critical msg 'This is a message from ondemand'
• B. event manager applet ondemand
  event none
  action 1.0 syslog priority critical msg 'This is a message from ondemand'
• C. event manager applet ondemand
  event manual
  action 1.0 syslog priority critical msg 'This is a message from ondemand'
• D. event manager applet ondemand
  event register
  action 1.0 syslog priority critical msg 'This is a message from ondemand'

Answer: B

 

NEW QUESTION 202
Drag and drop the characteristics from the left onto the orchestration tools they describe on the right.

Answer:

Explanation:

 

NEW QUESTION 203
Which two network problems Indicate a need to implement QoS in a campus network? (Choose two.)

• A. port flapping
• B. duplicate IP addresses
• C. excess jitter
• D. bandwidth-related packet loss
• E. misrouted network packets

Answer: C,D

 

NEW QUESTION 204
......

Use Real 350-401 Dumps - 100% Free 350-401 Exam Dumps: https://www.prep4sureguide.com/350-401-prep4sure-exam-guide.html

350-401 Exam Dumps, Test Engine Practice Test Questions: https://drive.google.com/open?id=1W2WT4dAEqC_O9xcakAb8NXo_AGQ18Ua5