New 2020 CCIE/CCNP 350-401 ENCOR exam questions from PassLeader 350-401 dumps! Welcome to download the newest PassLeader 350-401 VCE and PDF dumps: https://www.passleader.com/350-401.html (1129 Q&As –> 1198 Q&As –> 1239 Q&As) [Lab Simulations Available]
P.S. Free 2020 CCIE/CCNP 350-401 ENCOR dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=1nv6C6Az-yuR5kOXg8FV3gytDer_usQBX
NEW QUESTION 1057
An engineer must configure router R1 to validate user logins via RADIUS and fall back to the local user database if the RADIUS server is not available. Which configuration must be applied?
A. aaa authentication exec default radius local
B. aaa authentication exec default radius
C. aaa authorization exec default radius local
D. aaa authorization exec default radius
Answer: C
NEW QUESTION 1058
Which mechanism can be used to enforce network access authentication against an AAA server if the endpoint does not support the 802.1X supplicant functionality?
A. WebAuth
B. MACsec
C. private VLANs
D. port security
Answer: A
NEW QUESTION 1059
Which security option protects credentials from sniffer attacks in a basicAPI authentication?
A. next-generation firewall
B. TLS or SSL for communication
C. VPN connection between client and server
D. AAA services to authenticate the API
Answer: B
NEW QUESTION 1060
Which protocol does Cisco SD-WAN use to protect control plane communication?
A. STUN
B. OMP
C. IPsec
D. DTLS
Answer: D
NEW QUESTION 1061
Which DNS record type is required to allow APs to discover a WLC by using DNS on IPv4?
A. NS
B. A
C. SOA
D. MX
Answer: B
NEW QUESTION 1062
What is modularity in network design?
A. ability to bundle several functions into a single layer of the network
B. ability to create self-contained, repeatable sections of the network
C. ability to self-heal the network to prevent service outages
D. ability to scale and accommodate future needs of the network
Answer: D
Explanation:
You can design a campus network in a logical manner, using a modular approach. In this approach, each layer of the hierarchical network model can be broken into basic functional units. These units, or modules, then can be sized appropriately and connected, while allowing for future scalability and expansion.
NEW QUESTION 1063
A customer has two Cisco WLCs that manage separate APs throughout a building. Each WLC advertises the same SSID but terminates on different interfaces. Users report that they drop their connections and change IP addresses when roaming. Which action resolves this issue?
A. Configure high availability.
B. Enable fast roaming.
C. Configure mobility groups.
D. Enable client load balancing.
Answer: C
Explanation:
Mobility or roaming services enables a WLAN client to retain its association !!!seamlessly!!! while moving from one Access Point to another. Cisco WLAN controllers (WLC) can be organized into wireless mobility groups to support intercontroller roaming.
NEW QUESTION 1064
What is one difference between the RIB and the FIB?
A. The RIB keeps all routing information received from peers, and the FIB keeps the minimum information necessary to make a forwarding decision.
B. The RIB works at the data plane, and the FIB works at the control plane.
C. The FIB contains routing prefixes, and the RIB contains the Layer 2 and Layer 3 information necessary to make a forwarding decision.
D. The RIB is known as the CEF table, and the FIB is known as the routing table.
Answer: A
NEW QUESTION 1065
What is a characteristic of an AP operating in FlexConnect mode?
A. All traffic traverses the WLC to ensure policy enforcement on client traffic.
B. Forwarding for locally switched traffic continues when the AP loses connectivity to the WLC.
C. APs connect in a mesh topology and elect a root AP.
D. FlexConnect enables an AP to connect to multiple WLCs.
Answer: B
NEW QUESTION 1066
What is the benefit of using TCAM for IP forwarding decisions versus using the CAM table?
A. TCAM finds results based on binary, and CAM uses the longest match to find results.
B. TCAM processes lookups in a hardware CPU. and CAM relies on binary masks to find results.
C. TCAM finds results based on masks, and CAM finds results basing on exact match.
D. TCAM uses low cost hardware memory to store addresses, and CAM uses expensive hardware memory.
Answer: B
Explanation:
The problem with CAM is that it can only do exact matches on ones and zeros (binary CAMs). By implementing router prefix lookup in TCAM, we are moving process of Forwarding Information Base lookup from software to hardware.
NEW QUESTION 1067
Which feature is provided by Cisco Mobility Services Engine in a Cisco Wireless Unified Network architecture?
A. It adds client packet capturing.
B. It enables NetFlow data collection.
C. It adds client tracking and location API.
D. It identifies authentication problems.
Answer: C
Explanation:
This solution allows a customer to track any Wi-Fi device, including clients, active RFID tags, and rogue clients and access points (APs).
NEW QUESTION 1068
Which unit of measure is used to measure wireless RF SNR?
A. dBi
B. dB
C. dBm
D. mW
Answer: C
NEW QUESTION 1069
In a campus network design, what are two benefits of using BFD for failure detection? (Choose two.)
A. BFD speeds up routing convergence time.
B. BFD is an efficient way to reduce memory and CPU usage.
C. BFD provides fault tolerance by enabling multiple routers to appear as a single virtual router.
D. BFD provides path failure detection in less than a second.
E. BFD enables network peers to continue forwarding packets in the event of a restart.
Answer: AD
NEW QUESTION 1070
Which version of NetFlow does Cisco Threat Defense utilize to obtain visibility into the network?
A. NBAR2
B. IPFIX
C. 8
D. flexible
Answer: D
NEW QUESTION 1071
What is a difference between Chef and other automation tools?
A. Chef is an agentless tool that uses playbooks, and Ansible is an agent-based tool that uses cookbooks.
B. Chef is an agentless tool that uses a primary/minion architecture, and SaltStack is an agent-based tool that uses a primary/secondary architecture.
C. Chef is an agent-based tool that uses cookbooks, and Ansible is an agentless tool that uses playbooks.
D. Chef uses Domain Specific Language, and Puppet uses Ruby.
Answer: C
NEW QUESTION 1072
An engineer must configure a new WLAN that supports 802.11r and requires users to enter a passphrase. What must be configured to support this requirement?
A. 802.1X and Fast Transition
B. FT PSK and Fast Transition
C. 802.1X and SUITEB-1X
D. FT PSK and SUITEB-1X
Answer: D
NEW QUESTION 1073
What is one role of the VTEP in a VXLAN environment?
A. to maintain VLAN configuration consistency
B. to forward packets to non-LISP sites
C. to provide EID-to-RLOC mapping
D. to encapsulate the tunnel
Answer: D
NEW QUESTION 1074
How is CAPWAP data traffic encapsulated when running an Over the Top WLAN in a Cisco SD-Access wireless environment?
A. LISP
B. VXLAN
C. GRE
D. IPsec
Answer: B
NEW QUESTION 1075
Which technology is used as the basis for the Cisco SD-Access data plane?
A. LISP
B. 802.1Q
C. VXLAN
D. IPsec
Answer: C
NEW QUESTION 1076
How is OAuth framework used in REST API?
A. as a framework to hash the security information in the REST URL
B. by providing the external application a token that authorizes access to the account
C. as a framework to hide the security information in the REST URL
D. by providing the user credentials to the external application
Answer: B
NEW QUESTION 1077
What is a characteristic of Cisco DNA southbound APIs?
A. implements monitoring by using the SOAP protocol
B. enables orchestration and automation of network devices based on intent
C. utilizes REST API
D. simplifies management of network devices
Answer: B
NEW QUESTION 1078
Where is the wireless LAN controller located in a mobility express deployment?
A. The wireless LAN controller exists in a server that is dedicated for this purpose.
B. The wireless LAN controller is embedded into the access point.
C. The wireless LAN controller exists in the cloud.
D. There is no wireless LAN controller in the network.
Answer: B
NEW QUESTION 1079
Which hypervisor requires a host OS to run and is not allowed to directly access the hosts hardware and resources?
A. native
B. bare metal
C. type 1
D. type 2
Answer: D
NEW QUESTION 1080
What does the Cisco WLC Layer 3 roaming feature allow clients to do?
A. maintain their IP address when roaming to an AP or controller with a different client VLAN assignment
B. maintain their connection between APs even when the AP management VLANs are different
C. maintain their connection even if the client IP address changes when roaming
D. roam seamlessly between controllers even when the controller management VLANs are different
Answer: D
Explanation:
L3 roaming enables client to preserve its ip when roaming to an AP that is connected to another WLC.
NEW QUESTION 1081
……
New 2020 CCIE/CCNP 350-401 ENCOR exam questions from PassLeader 350-401 dumps! Welcome to download the newest PassLeader 350-401 VCE and PDF dumps: https://www.passleader.com/350-401.html (1129 Q&As –> 1198 Q&As –> 1239 Q&As) [Lab Simulations Available]
P.S. Free 2020 CCIE/CCNP 350-401 ENCOR dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=1nv6C6Az-yuR5kOXg8FV3gytDer_usQBX
