Cisco 300-420 Exam Questions Free Practice Test

Viewing page 9 out of 11 pages

Viewing questions 81-90 out of questions

Questions # 81:

A company's security policy requires that all connections between sites be encrypted in a manner that does not

require maintenance of permanent tunnels. The sites are connected through a private MPLS-based service that

uses a dynamically changing key and spoke-to-spoke communication. Which type of transport encryption must

be used in this environment?

Options:

GETVPN

DMVPN

GRE VPN

standard IPsec VPN

Expert Solution

Questions # 82:

Question # 82

Refer to the exhibit. An architect reviews the low-level design of a company's enterprise network and advises optimizing the STP convergence time. Which functionality must be to Gi1/0/1-10 to follow the architect's recommendation?

Options:

PortFast

root guard

UplinkFast

BPDU guard

Expert Solution

Questions # 83:

An architect must develop a campus network solution that includes:

logically segmented and isolated networks

ability to communicate between network segments when required

support for overlapping IP addresses

widely available technologies to avoid purchasing specialized equipment

Which solution must the architect select?

Options:

VSS with IGP

802.1Q with HSRP

vPC with HSRP

VRF-Lite with OSPF

Expert Solution

Questions # 84:

An engineer is looking for a standards-driven YANG model to manage a multivendor network environment. Which model must the engineer choose?

Options:

Native

OpenConfig

IETF

IEEE NETCONF

Expert Solution

Questions # 85:

Which common issue causes intermittent DMVPN tunnel flaps?

Options:

a routing neighbor reachability issue

a suboptimal routing table

interface bandwidth congestion

that the GRE tunnel to hub router is not encrypted

Expert Solution

Questions # 86:

An engineer is designing a BGP network for a large customer. To permit efficient scaling, the BGP domain is split into clusters. Which peering solution should be used between the route reflectors in different clusters for the BGP routes to be propagated appropriately?

Options:

The route reflectors should be made dents of each other.

The route reflectors should be nonclients with regards to each other.

The route reflectors should not have any kind of BGP peering.

The route reflectors should have peering through another nonclient router.

Expert Solution

Questions # 87:

Question # 87

Refer to the exhibit. An architect must design a resilient gateway solution based on these requirements:

VLAN 10 and VLAN 11 support voice and video applications.

Link and node failures must have minimal impact on traffic.

Provide protection against false hello packets.

Support IPv6.

Which solution must the architect choose?

Options:

GLBP with IP SLA tracking

VRRP version 2 with authentication

HSRP version 2 with MD5 authentication

VRRP version 2 with object tracking

Expert Solution

Questions # 88:

What is the main purpose of the Cisco SD-Access underlay design?

Options:

to enable automated network provisioning and configuration

to support advanced firewall and IPS features

to optimize network traffic routing and load-balancing

to provide network segmentation and isolation for security

Expert Solution

Questions # 89:

A company is planning to open two new branches and allocate the 2a01:c30:16:7009::3800/118 IPv6 network for the region. Each branch should have the capacity to accommodate maximum of 200 hosts. Which two networks should the company use? (Choose two.)

Options:

2a01:0c30:0016:7009::3a00/120

2a01:0c30:0016:7009::3b00/121

2a01:0c30:0016:7009::3a80/121

2a01:0c30:0016:7009::3b00/120

2a01:0c30:0016:7009::3c00/120

Expert Solution

Questions # 90:

Which control plane protocol is responsible for ElD-to-RLOC mapping concerning SO-Access Architecture?

Options:

GBAC

LISP

CEF

VXLAN

Expert Solution

Viewing page 9 out of 11 pages

Viewing questions 81-90 out of questions

Pass the Cisco CCNP Enterprise 300-420 Questions and answers with CertsForce