Answer:: Free Exam/Cram Practice Materials - Best Exam Practice Materials

Download as pdf or txt
Download as pdf or txt
You are on page 1of 20

Free Exam/Cram Practice Materials - Best Exam Practice Materials

IT Certification Guaranteed, The Easy Way!

NO.1 Refer to the exhibit.

What are two effects of this configuration? (Choose two.)


A. If R2 goes down, R1 becomes active but reverts to standby when R2 comes back online.
B. R1 becomes the standby router.
C. If R1 goes down, R2 becomes active but reverts to standby when R1 comes back online.
D. If R1 goes down. R2 becomes active and remains the active device when R1 comes back online.
E. R1 becomes the active router.
Answer: D,E

NO.2 Refer to the exhibit.

Assuming all links are functional, which path does PC1 take to reach DSW1?

2 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 1
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

A. PC1 goes from ALSW1 to DSW1


B. PC1 goes from ALSW1 to DSW2 to DSW1
C. PC1 goes form ALSW1 to DSW2 to ALSW2 to DSW1
D. PC1 goes from ALSW1 to DSW2 to Core to DSW1
Answer: B
Explanation
In the topology above, we see DSW2 has lowest priority 24576 so it is the root bridge for VLAN 10 so
surely all traffic for this VLAN must go through it. All of DSW2 ports must be in forwarding state. And:
+ The direct link between DSW1 and ALSW1 is blocked by STP. + The direct link between DSW1 and
ALSW2 is also blocked by STP.
Therefore PC1 must go via this path: PC1 -> ALSW1 -> DSW2 -> DSW1.

NO.3 Which two results occur if Cisco DNA Center loses connectivity to devices in the SD-Access
fabric? (Choose two )
A. Already connected users are unaffected, but new users cannot connect
B. All devices reload after detecting loss of connection to Cisco DNA Center
C. Cisco DNA Center is unable to collect monitoring data in Assurance.
D. User connectivity is unaffected.
E. Users lose connectivity
Answer: C,D
Explanation
If you have Cisco SD-Access implemented and DNA Center becomes unreachable then the wired and
wireless network will continue to forward packets as usual. There will be no impact to network
performance or behavior. Yes you will be able to SSH / telnet / console into switches and wireless
network infrastructure as usual. For the period DNA Center is unreachable, Assurance data will be
lost, and you will not be able to make configuration changes to the Cisco SD-Access network.

NO.4

Company policy restricts VLAN 10 to be allowed only on SW1 and SW2. All other VLANs can be on all
three switches. An administrator has noticed that VLAN 10 has propagated to SW3. Which
configuration corrects the issue?
A)

B)

3 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 2
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

C)

D)

A. Option A
B. Option C
C. Option B
D. Option D
Answer: B

NO.5 Which requirement for an Ansible-managed node is true?


A. It must be a Linux server or a Cisco device.
B. It must have an Ansible Tower installed.
C. It must have an SSH server running.
D. It must support ad hoc commands.
Answer: C

NO.6 Refer to the exhibit.

Which type of antenna is show on the radiation patterns?


A. Omnidirectional
B. Yagi
C. Patch
D. Dipole

4 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 3
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

Answer: D
Explanation
A dipole antenna most commonly refers to a half-wavelength (/2) dipole. The physical antenna (not
the package that it is in) is constructed of conductive elements whose combined length is about half
of a wavelength at its intended frequency of operation. This is a simple antenna that radiates its
energy out toward the horizon (perpendicular to the antenna). The patterns shown are those
resulting from a perfect dipole formed with two thin wires oriented vertically along the z-axis.

Reference:
https://www.cisco.com/c/en/us/products/collateral/wireless/aironet-antennas-
accessories/prod_white_paper0900a

NO.7 The login method is configured on the VTY lines of a router with these parameters.
* The first method for authentication is TACACS
* If TACACS is unavailable, login is allowed without any provided credentials Which configuration
accomplishes this task?
A. R1#sh run | include aaa
aaa new-model
aaa authentication login telnet group tacacs+ none
aaa session-id common
R1#sh run | section vty
line vty 0 4
R1#sh run | include username
R1#
B. R1#sh run | include aaa
aaa new-model
aaa authentication login VTY group tacacs+ none
aaa session-id common
R1#sh run | section vty
line vty 0 4
password 7 0202039485748
R1#sh run | include username

5 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 4
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

R1#
C. R1#sh run | include aaa
aaa new-model
aaa authentication login default group tacacs+
aaa session-id common
R1#sh run | section vty
line vty 0 4
transport input none
R1#
D. R1#sh run | include aaa
aaa new-model
aaa authentication login default group tacacs+ none
aaa session-id common
R1#sh run | section vty
line vty 0 4
password 7 0202039485748
Answer: D
Explanation
According to the requirements (first use TACACS+, then allow login with no authentication), we have
to use "aaa authentication login ... group tacacs+ none" for AAA command.
The next thing to check is the if the "aaa authentication login default" or "aaa authentication login
list-name" is used. The 'default' keyword means we want to apply for all login connections (such as
tty, vty, console and aux). If we use this keyword, we don't need to configure anything else under tty,
vty and aux lines. If we don't use this keyword then we have to specify which line(s) we want to apply
the authentication feature.
From above information, we can find out answer 'R1#sh run | include aaa aaa new-model aaa
authentication login default group tacacs+ none aaa session-id common R1#sh run | section vty line
vty 0 4 password 7 0202039485748 If you want to learn more about AAA configuration, please read
our AAA TACACS+ and RADIUS Tutorial - Part 2.
For your information, answer 'R1#sh run | include aaa
aaa new-model
aaa authentication login telnet group tacacs+ none
aaa session-id common
R1#sh run | section vty
line vty 0 4
R1#sh run | include username
R1#' would be correct if we add the following command under vty line ("line vty 0 4"): "login
authentication telnet" ("telnet" is the name of the AAA list above)

NO.8 Which exhibit displays a valid JSON file?

6 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 5
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

A. Option A
B. Option D
C. Option C
D. Option B
Answer: B

NO.9 Which feature is supported by ElGRP but is not supported by OSPF?


A. unequal-cost load balancing
B. route filtering
C. equal-cost load balancing
D. route summarization
Answer: A

NO.10 Refer to the exhibit.

7 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 6
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

An engineer must ensure that all traffic leaving AS 200 will choose Link 2 as an entry point. Assuming
that all BGP neighbor relationships have been formed and that the attributes have not been changed
on any of the routers, which configuration accomplish task?

8 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 7
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

A. Option B
B. Option A
C. Option C
D. Option D
Answer: B
Explanation
R3 advertises BGP updates to R1 with multiple AS 100 so R3 believes the path to reach AS 200 via R3
is farther than R2 so R3 will choose R2 to forward traffic to AS 200.

NO.11 Refer to the exhibit.

An engineer must configure a SPAN session. What is the effect of the configuration?
A. Traffic received on VLANs 10 and 12 only is copied and sent to interface g0/1.
B. Traffic received on VLANs 10, 11, and 12 is copied and sent to Interface g0/1.
C. Traffic sent on VLANs 10 and 12 only is copied and sent to interface g0/1.
D. Traffic sent on VLANs 10, 11, and 12 is copied and sent to interface g0/1.
Answer: B

NO.12 What is the responsibility of a secondary WLC?

9 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 8
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

A. It enables Layer 2 and Layer 3 roaming between Itself and the primary controller.
B. It registers the LAPs if the primary controller fails.
C. It avoids congestion on the primary controller by sharing the registration load on the LAPs.
D. It shares the traffic load of the LAPs with the primary controller.
Answer: B
Explanation
When the primary controller (WLC-1) goes down, the APs automatically get registered with the
secondary controller (WLC-2). The APs register back to the primary controller when the primary
controller comes back on line.
Reference:
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/69639-wlc-
failover.html

NO.13 During deployment, a network engineer notices that voice traffic is not being tagged correctly
as it traverses the network. Which COS to DSCP map must be modified to ensure that voice traffic is
treated properly?
A. COS of 3 to DSCP of 26
B. COS of 7 to DSCP 48
C. COS of 6 to DSCP 46
D. COS of 5 to DSCP 46
Answer: D
Explanation
CoS value 5 is commonly used for VOIP and CoS value 5 should be mapped to DSCP 46. DSCP 46 is
defined as being for EF (Expedited Forwarding) traffic flows and is the value usually assigned to all
interactive voice and video traffic. This is to keep the uniformity from end-to-end that DSCP EF
(mostly for VOICE RTP) is mapped to COS 5.
Note:
+ CoS is a L2 marking contained within an 802.1q tag,. The values for CoS are 0 - 7 + DSCP is a L3
marking and has values 0 - 63 + The default DSCP-to-CoS mapping for CoS 5 is DSCP 40

NO.14 Refer to the exhibit.

An engineer must create a script that appends the output of the show process cpu sorted command
to a file.
Which action completes the configuration?
A. action 4.0 syslog command "show process cpu sorted | append flash:high-cpu-file"
B. action 4.0 cli command "show process cpu sorted | append flash:high-cpu-file"
C. action 4.0 publish-event "show process cpu sorted | append flash:high-cpu-file"
D. action 4.0 ens-event "show process cpu sorted | append flash:high-cpu-file"

10 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 9
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

Answer: B

NO.15 Which statement about VXLAN is true?


A. VXLAN extends the Layer 2 Segment ID field to 24-bits. which allows up to 4094 unique Layer 2
segments over the same network.
B. VXLAN uses TCP 35 the transport protocol over the physical data cento network
C. VXLAN uses the Spanning Tree Protocol for loop prevention.
D. VXLAN encapsulates a Layer 2 frame in an IP-UDP header, which allows Layer 2 adjacency across
router boundaries.
Answer: D
Explanation
802.1Q VLAN identifier space is only 12 bits. The VXLAN identifier space is 24 bits.
This doubling in size allows the VXLAN ID space to support 16 million Layer 2 segments -> answer
'VXLAN extends the Layer 2 Segment ID field to 24-bits, which allows up to 4094 unique Layer 2
segments over the same network' is not correct.
VXLAN is a MAC-in-UDP encapsulation method that is used in order to extend a Layer 2 or Layer 3
overlay network over a Layer 3 infrastructure that already exists.
Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/vlan/212682-
virtualextensible-lan-and-ethernet-virt.html

NO.16 Refer to the exhibit.

An engineer must assign an IP address of 192.168.1.1/24 to the GigabitEthemet1 interface. Which


two commands must be added to the existing configuration to accomplish this task? (Choose two)
A. Router(config-vrf)Sip address 192.168.1.1 255.255.255.0
B. Router(config-if)=address-family ipv4
C. Router(config-vrf)#address-family ipv4
D. Router(config-if)Cip address 192.168.1.1 255.255.255.0
E. Router(config-vrf)#address-family ipv6

11 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 10
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

Answer: C,D

NO.17

Refer to the exhibit. An engineer configures CoPP and enters the show command to verify the
implementation.
What is the result of the configuration?
A. ICMP will be denied based on this configuration.
B. Class-default traffic will be dropped.
C. All traffic will be policed based on access-list 120.
D. If traffic exceeds the specified rate, it will be transmitted and remarked.
Answer: C

NO.18 Which access point mode allows a supported AP to function like a WLAN client would,
associating and identifying client connectivity issues?
A. client mode
B. SE-connect mode
C. sniffer mode
D. sensor mode
Answer: D

NO.19 Refer to the exhibit.

12 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 11
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

Which two commands ensure that DSW1 becomes root bridge for VLAN 10 and 20?
A. spanning-tree mst 1 root primary
B. spanning-tree mst 1 priority 1
C. spanning-tree mst 1 priority 4096
D. spanning-tree mstp vlan 10,20 root primary
E. spanning-tree mst vlan 10,20 priority root
Answer: A,C
Explanation

From the second command output (show spanning-tree mst) we learn that MST1 includes VLANs 10
&
20.Therefore if we want DSW1 to become root bridge for these VLANs we need to set the MST 1
region to root ->The command "spanning-tree mst 1 root primary" can do the trick. In fact, this
command runs a macro and setsthe priority lower than the current root.
Also we can see the current root bridge for these VLANs has the priority of 32769 (default value +
sysid) so wecan set the priority of DSW1 to a specific lower value. But notice that the priority must be
a multiple of
4096.

NO.20 How does the RIB differ from the FIB?


A. The RIB includes many routes to the same destination prefix. The FIB contains only the best route

13 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 12
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

B. The RIB is used to create network topologies and routing tables. The FIB is a list of routes to
particular network destinations.
C. The FIB maintains network topologies and routing tables. The RIB is a Iist of routes to particular
network destinations.
D. The FIB includes many routes a single destination. The RIB is the best route to a single destination.
Answer: B
Explanation

NO.21 Which two methods are used by an AP that is typing to discover a wireless LAN controller?
(Choose two.)
A. querying other APs
B. DHCP Option 43
C. DNS lookup cisco-DNA-PRIMARY.localdomain
D. broadcasting on the local subnet
E. Cisco Discovery Protocol neighbour
Answer: B,D
Explanation
A Cisco lightweight wireless AP needs to be paired with a WLC to function.
An AP must be very diligent to discover any controllers that it can join-all without any
preconfiguration on your part. Toaccomplish this feat, several methods of discovery are used. The
goal of discovery is just to build a list of live candidatecontrollers that are available, using the
following methods: + Prior knowledge of WLCs
+ DHCP and DNS information to suggest some controllers (DHCP Option 43) + Broadcast on the local
subnet to solicit controllers Reference: CCNP and CCIE Enterprise Core ENCOR 350-401 Official Cert
Guide If you do not tell the LAP where the controller is via DHCP option 43, DNS resolution of
"Cisco-capwap-controller.local_domain", or statically configure it, the LAP does not know where in
the network to find the managementinterface of the controller.
In addition to these methods, the LAP does automatically look on the local subnet for controllers with
a
255.255.255.255local broadcast.
Reference:
https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/119286-lap-
notjoin-wlc-ts

NO.22 Refer to the exhibit.

14 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 13
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

All switches are configured with the default port priority value. Which two commands ensure that
traffic from PC1 is forwarded over Gi1/3 trunk port between DWS1 and DSW2? (Choose two)
A. DSW2(config)#interface gi1/3
B. DSW2(config-if)#spanning-tree port-priority 128
C. DSW2(config-if)#spanning-tree port-priority 16
D. DSW1(config)#interface gi1/3
E. DSW1(config-if)#spanning-tree port-priority 0
Answer: A,C

NO.23 Refer to the exhibit.

15 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 14
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

An engineer must allow all users In the 10.2.2.0/24 subnet to access the Internet. To conserve
address space, the public interface address of 209.165.201.1 must be used for all external
communication. Which command set accomplishes these requirements?
A)

B)

16 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 15
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

C)

D)

A. Option C
B. Option A
C. Option B
D. Option D
Answer: D
Explanation
The command ip nat inside source list 10 interface G0/3 overload configures NAT to overload (PAT)
on the address that is assigned to the G0/3 interface.

NO.24 Which statements are used for error handling in Python?


A. block/rescue
B. try/except
C. try/catch
D. catch/release
Answer: B
Explanation

17 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 16
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

The words "try" and "except" are Python keywords and are used to catch exceptions. For example:
try:
print 1/0
except ZeroDivisionError:
print 'Error! We cannot divide by zero!!!'

NO.25 How is a data modeling language used?


A. To represent finite and well-defined network elements that cannot be changed.
B. To enable data to be easily structured, grouped validated, and replicated
C. To provide human readability to scripting languages
D. To model the flows of unstructured data within the infrastructure.
Answer: B
Explanation
Customer needs are fast evolving. Typically, a network center is a heterogenous mix of various
devices at multiple layers of the network. Bulk and automatic configurations need to be
accomplished. CLI scraping is not flexible and optimal. Re-writing scripts many times, even for small
configuration changes is cumbersome.
Bulk configuration changes through CLIs are error-prone and may cause system issues. The solution
lies in using data models-a programmatic and standards-based way of writing configurations to any
network device, replacing the process of manual configuration. Data models are written in a
standard, industry-defined language. Although configurations using CLIs are easier (more human-
friendly), automating the configuration using data models results in scalability.
Reference:
https://www.cisco.com/c/en/us/td/docs/optical/ncs1000/60x/b_Datamodels_cg_ncs1000/b_Datam
odels_cg_ncs1

NO.26 Which antenna type should be used for a site-to-site wireless connection?
A. dipole
B. Yagi
C. patch
D. Omnidirectional
Answer: B
Explanation

NO.27 What is the difference between the enable password and the enable secret password when
service password encryption is enable on an IOS device?
A. The enable password cannot be decrypted.

18 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 17
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

B. The enable secret password is protected via stronger cryptography mechanisms.


C. The enable password is encrypted with a stronger encryption method.
D. There is no difference and both passwords are encrypted identically.
Answer: B
Explanation
The "enable secret" password is always encrypted (independent of the "service passwordencryption"
command) using MD5 hash algorithm. The "enable password" does not encrypt the password and
can be view in clear text in the running-config. In order to encrypt the "enable password", use the
"service password-encryption" command. This command will encrypt the passwords by using the
Vigenere encryption algorithm. Unfortunately, the Vigenere encryption method is cryptographically
weak and trivial to reverse.
The MD5 hash is a stronger algorithm than Vigenere so answer 'The enable secret password is
protected via stronger cryptography mechanisms' is correct.

NO.28 In OSPF, which LAS type is responsible for pointing to the ASBR router?
A. type 4
B. type 1
C. type 2
D. type 3
Answer: A

NO.29 Drag and drop the DHCP messages that are exchanged between a client and an AP into the
order they are exchanged on the right.

Answer:

19 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 18
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

Explanation

There are four messages sent between the DHCP Client and DHCP Server: DHCPDISCOVER, DHCPO
FFER, DHCPREQUEST and DHCPACKNOWLEDGEMENT.
This process is often abbreviated as DORA (for Discover, Offer, Request, Acknowledgement).

NO.30 Refer to the exhibit.

What happens to access interfaces where VLAN 222 is assigned?


A. STP BPDU guard is enabled
B. They are placed into an inactive state
C. A description "RSPAN" is added
D. They cannot provide PoE
Answer: B
Explanation

20 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 19
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html
Free Exam/Cram Practice Materials - Best Exam Practice Materials
IT Certification Guaranteed, The Easy Way!

Access ports (including voice VLAN ports) on the RSPAN VLAN are put in the inactive state.
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-
2_55_se/configura

21 from Freecram.com.
Get Latest & Valid 350-401 Exam's Question and Answers 20
https://www.freecram.com/exam/350-401-implementing-and-operating-cisco-enterprise-network-core-technologies-
e10941.html

You might also like