web analytics

[6-Apr-2022] New 2020 CCIE/CCNP 350-401 ENCOR Dumps with VCE and PDF from PassLeader (Update Questions)

New 2020 CCIE/CCNP 350-401 ENCOR exam questions from PassLeader 350-401 dumps! Welcome to download the newest PassLeader 350-401 VCE and PDF dumps: https://www.passleader.com/350-401.html (735 Q&As –> 770 Q&As –> 793 Q&As)

P.S. Free 2020 CCIE/CCNP 350-401 ENCOR dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=1nv6C6Az-yuR5kOXg8FV3gytDer_usQBX

NEW QUESTION 701
A customer transitions a wired environment to a Cisco SD-Access solution. The customer does not want to integrate the wireless network with the fabric. Which wireless deployment approach enables the two systems to coexist and meets the customer requirement?

A.    Deploy the APs in autonomous mode.
B.    Deploy the wireless network over the top of the fabric.
C.    Deploy a separate network for the wireless environment.
D.    Implement a Cisco DNA Center to manage the two networks.

Answer: D

NEW QUESTION 702
What is a TLOC in a Cisco SD-WAN deployment?

A.    value that identifies a specific tunnel within the Cisco SD-WAN overlay
B.    identifier that represents a specific service offered by nodes within the Cisco SD-WAN overlay
C.    attribute that acts as a next hop for network prefixes
D.    component set by the administrator to differentiate similar nodes that offer a common service

Answer: D
Explanation:
– A TLOC is a Transport Locator that represents an attachment point where a Cisco WAN Edge device connects to a WAN transport. A TLOC is uniquely identified by a tuple of three values – (System-IP address, Color, Encapsulation).
– A TLOC route consists of all required information needed by a remote peer in order to establish an overlay tunnel with that TLOC. This includes private and public IP addresses and ports, site-id, preference, weight, status, encapsulation info such as encryption and authentication parameters, and much more.

NEW QUESTION 703
Which two solutions are used for backing up a Cisco DNA Center Assurance database? (Choose two.)

A.    NFS share
B.    non-linux server
C.    local server
D.    remote server
E.    bare metal server

Answer: AD
Explanation:
Cisco DNA Center creates the backup files and posts them to a remote server. Each backup is uniquely stored using the UUID as the directory name.To support Assurance data backups, the server must be a Linux-based NFS server that meets the following requirements:
– Support NFS v4 and NFS v3.
– Cisco DNA Center stores backup copies of Assurance data on an external NFS device and automation data on an external remote sync (rsync) target location.
– The remote share for backing up an Assurance database (NDP) must be an NFS share.

NEW QUESTION 704
What are the main components of Cisco TrustSec?

A.    Cisco ISE and Enterprise Directory Services.
B.    Cisco ISE network switches, firewalls, and routers.
C.    Cisco ISE and TACACS+.
D.    Cisco ASA and Cisco Firepower Threat Defense.

Answer: C

NEW QUESTION 705
Which three resources must the hypervisor make available to the virtual machines? (Choose three.)

A.    memory
B.    bandwidth
C.    IP address
D.    processor
E.    storage
F.    secure access

Answer: ADE

NEW QUESTION 706
Which protocol is implemented to establish secure control plane adjacencies between Cisco SD-WAN nodes?

A.    IKF
B.    DTLS
C.    IPsec
D.    ESP

Answer: B

NEW QUESTION 707
Which benefit is realized by implementing SSO?

A.    IP first-hop redundancy
B.    communication between different nodes for cluster setup
C.    physical link redundancy
D.    minimal network downtime following an RP switchover

Answer: B

NEW QUESTION 708
Which two features does the Cisco SD-Access architecture add to a traditional campus network? (Choose two.)

A.    software-defined segmentation
B.    private VLANs
C.    SD-WAN
D.    modular QoS
E.    identity services

Answer: AC

NEW QUESTION 709
How do EIGRP metrics compare to OSPF metrics?

A.    EIGRP metrics are based on a combination of bandwidth and packet loss, and OSPF metrics are based on interface bandwidth.
B.    EIGRP uses the Dijkstra algorithm, and OSPF uses The DUAL algorithm.
C.    The EIGRP administrative distance for external routes is 170. and the OSPF administrative distance for external routes is undefined.
D.    The EIGRP administrative distance for external routes is 170. and the OSPF administrative distance for external routes is 110.

Answer: A

NEW QUESTION 710
What is a characteristic of a WLC that is in master controller mode?

A.    All wireless LAN controllers are managed by the master controller.
B.    All new APs that join the WLAN are assigned to the master controller.
C.    Configuration on the master controller is executed on all wireless LAN controllers.
D.    The master controller is responsible for load balancing all connecting clients to other controllers.

Answer: B

NEW QUESTION 711
By default, which virtual MAC address does HSRP group 14 use?

A.    04.16.19.09.4c.0e
B.    00:05:5e:19:0c:14
C.    00:05:0c:07:ac:14
D.    00:00:0c:07:ac:0e

Answer: C

NEW QUESTION 712
What is one characteristic of the Cisco SD-Access control plane?

A.    It is based on VXLAN technology.
B.    Each router processes every possible destination and route.
C.    It allows host mobility only in the wireless network.
D.    It stores remote routes in a centralized database server.

Answer: D
Explanation:
A control plane node maintains a host tracking database (HTDB), and also uses Locator/ID Separation Protocol (LISP) to provide a map server, populating the HTDB from fabric edge registration messages; and a map resolver to respond to queries from edge devices requesting location information about destination nodes.

NEW QUESTION 713
What is used to validate the authenticity of the client and is sent in HTTP requests as a JSON object?

A.    SSH
B.    HTTPS
C.    JWT
D.    TLS

Answer: B

NEW QUESTION 714
What is the API keys option for REST API authentication?

A.    a predetermined string that is passed from client to server
B.    a one-time encrypted token
C.    a username that is stored in the local router database
D.    a credential that is transmitted unencrypted

Answer: A

NEW QUESTION 715
What is an OVF?

A.    a package that is similar to an IMG and that contains an OVA file used to build a virtual machine
B.    an alternative form of an ISO that is used to install the base operating system of a virtual machine
C.    the third step in a P2V migration
D.    a package of files that is used to describe a virtual machine or virtual appliance

Answer: D

NEW QUESTION 716
Which option works with a DHCP server to return at least one WLAN management interface IP address during the discovery phase and is dependent upon the VCI of the AP?

A.    option 42
B.    option 15
C.    option 125
D.    option 43

Answer: D

NEW QUESTION 717
What is a characteristics of traffic policing?

A.    lacks support for marking or remarking
B.    must be applied only to outgoing traffic
C.    can be applied in both traffic directions
D.    queues out-of-profile packets until the buffer is full

Answer: D

NEW QUESTION 718
Which two Cisco SD-WAN components exchange OMP information? (Choose two.)

A.    vAnaiytlcs
B.    vSmart
C.    WAN Edge
D.    vBond
E.    vManage

Answer: BC

NEW QUESTION 719
Which type of tunnel Is required between two WLCs to enable Intercontroller roaming?

A.    mobility
B.    LWAPP
C.    CAPWAP
D.    iPsec

Answer: A

NEW QUESTION 720
Which protocol is responsible for data plane forwarding in a Cisco SD-Access deployment?

A.    VXLAN
B.    IS-IS
C.    OSPF
D.    LISP

Answer: A

NEW QUESTION 721
Which function does a fabric AP perform in a cisco SD-access deployment?

A.    It updates wireless clients’ locations in the fabric.
B.    It connects wireless clients to the fabric.
C.    It manages wireless clients’ membership information in the fabric.
D.    It configures security policies down to wireless clients in the fabric.

Answer: B

NEW QUESTION 722
What is the calculation that is used to measure the radiated power of a signal after it has gone through the radio, antenna cable, and antenna?

A.    EIRP
B.    mW
C.    dBm
D.    dBi

Answer: A

NEW QUESTION 723
What is one main REST security design principle?

A.    separation of privilege
B.    password hashing
C.    confidential algorithms
D.    OAuth

Answer: A
Explanation:
Separation of Privilege: Granting permissions to an entity should not be purely based on a single condition, a combination of conditions based on the type of resource is a better idea.

NEW QUESTION 724
What is the recommended minimum SNR for data applications on wireless networks?

A.    15
B.    20
C.    25
D.    10

Answer: B
Explanation:
Generally, a signal with an SNR value of 20 dB or more is recommended for data networks where as an SNR value of 25 dB or more is recommended for networks that use voice applications.

NEW QUESTION 725
A system must validate access rights to all its resources and must not rely on a cached permission matrix. If the access level to a given resource is revoked but is not reflected in the permission matrix, the security is violates. Which term refers to this REST security design principle?

A.    economy of mechanism
B.    complete mediation
C.    separation of privilege
D.    least common mechanism

Answer: B
Explanation:
A system should validate access rights to all its resources to ensure that they are allowed and should not rely on the cached permission matrix. If the access level to a given resource is being revoked, but that is not being reflected in the permission matrix, it would be violating security.
https://medium.com/strike-sh/rest-security-design-principles-434bd6ee57ea

NEW QUESTION 726
What is a characteristic of the overlay network in the Cisco SD-Access architecture?

A.    It uses a traditional routed access design to provide performance and high availability to the network.
B.    It consists of a group of physical routers and switches that are used to maintain the network.
C.    It provides isolation among the virtual networks and independence from the physical network.
D.    It provides multicast support to enable Layer 2 Hooding capability in the underlay network.

Answer: C

NEW QUESTION 727
Which VXLAN component is used to encapsulate and decapsulate Ethernet frames?

A.    VNI
B.    GRE
C.    VTEP
D.    EVPN

Answer: C

NEW QUESTION 728
An engineer must configure an EXEC authorization list that first checks a AAA server then a local username. If both methods fail, the user is denied. Which configuration should be applied?

A.    aaa authorization exec default local group tacacs+
B.    aaa authorization exec default local group radius none
C.    aaa authorization exec default group radius local none
D.    aaa authorization exec default group radius local

Answer: D

NEW QUESTION 729
What is a characteristics of a vSwitch?

A.    supports advanced Layer 3 routing protocols that are not offered by a hardware switch
B.    enables VMs to communicate with each other within a virtualized server
C.    has higher performance than a hardware switch
D.    operates as a hub and broadcasts the traffic toward all the vPorts

Answer: B

NEW QUESTION 730
What is a characteristic of a Type I hypervisor?

A.    It is installed on an operating system and supports other operating systems above it.
B.    It is referred to as a hosted hypervisor.
C.    Problems in the base operating system can affect the entire system.
D.    It is completely independent of the operating system.

Answer: D

NEW QUESTION 731
Which two characteristics apply to the endpoint security aspect of the Cisco Threat Defense architecture? (Choose two.)

A.    detect and black ransomware in email attachments
B.    outbound URL analysis and data transfer controls
C.    user context analysis
D.    blocking of fileless malware in real time
E.    cloud-based analysis of threats

Answer: BD

NEW QUESTION 732
Drag and Drop
Drag and drop the LIPS components on the left to the correct description on the right.
350-401-Exam-Dumps-7321

Answer:
350-401-Exam-Dumps-7322

NEW QUESTION 733
Drag and Drop
Drag and drop the Cisco SD-Access solution areas from the left onto the protocols they use on the right.
350-401-Exam-Dumps-7331

Answer:
350-401-Exam-Dumps-7332

NEW QUESTION 734
……


New 2020 CCIE/CCNP 350-401 ENCOR exam questions from PassLeader 350-401 dumps! Welcome to download the newest PassLeader 350-401 VCE and PDF dumps: https://www.passleader.com/350-401.html (735 Q&As –> 770 Q&As –> 793 Q&As)

P.S. Free 2020 CCIE/CCNP 350-401 ENCOR dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=1nv6C6Az-yuR5kOXg8FV3gytDer_usQBX