Cisco 400-007 Exam Dumps

Cisco 400-007 Sample Question Answers

Question # 1

Which component of the SDN architecture automatically ensures that application traffic is routed according to policies established by network administrators? 

A. packet forwarding engine
B. northbound API
C. southbound API
D. SDN controller

Show Answer

Question # 2

Which three items do you recommend for control plane hardening of an infrastructure device? (Choose three.)

A. routing protocol authentication
B. SNMPv3 
C. Control Plane Policing
D. redundant AAA servers
E. warning banners
F. to enable unused services

Show Answer

Question # 3

The Company XYZ network requires OSPF dead neighbor detection in a subsecond manner However the company network does not support BFD Which other feature can be used to fulfill the design requirement? 

A. STP
 B. fast hello
C. LFA
D. DPD

Show Answer

Question # 4

The SD-WAN architecture is composed of separate orchestration management, control, and data planes Which activity happens at the orchestration plane?

A. automatic onboarding of the SD-WAN routers into the SD-WAN overlay
B. decision-making process on where traffic flows
C. packet forwarding
D. central configuration and monitoring 

Show Answer

Question # 5

A consultant needs to evaluate project management methodologies for a new service deployment on the existing network of a customer. The customer wants to be involved in the end-to-end project progress and be provided with frequent updates. The customer also wants the ability to change the requirements if needed, as the project progresses. Which project management methodology should be used?

A. three principles
B. phased
C. Agile
D. Waterfall

Show Answer

Question # 6

Company XYZ, a global content provider, owns data centers on different continents. Their data center design involves a standard three-layer design with a Layer 3-only core. HSRP is used as the FHRP. They require VLAN extension across access switches in all data centers, and they plan to purchase a Layer 2 interconnection between two of their data centers in Europe. In the absence of other business or technical constraints, which termination point is optimal for the Layer 2 interconnection?

A. at the core layer, to otter the possibility to isolate STP domains 
B. at me aggregation layer because it is the Layer 2 to Layer 3 demarcation point 
 C. at the access layer because the STP root bridge does not need to align with the HSRP active node. 
D. at the core layer because all external connections must terminate there for security reasons 

Show Answer

Question # 7

What is the most important operational driver when building a resilient and secure modular network design?

A. Reduce the frequency of failures requiring human intervention 
B. Minimize app downtime
C. Increase time spent on developing new features
D. Dependencies on hardware or software that is difficult to scale

Show Answer

Question # 8

Which design consideration is valid when you contrast fabricPath and trill? 

A. FabricPath uses IS-IS, but TRILL uses VxLAN
B. FabricPath permits active-active FHRP and TRILL support anycast gateway.
C. FabricPath Permits ECMP, but TRILL does not
D. FabricPath permits active-active mode, but TRILL supports only active-standby mode.

Show Answer

Question # 9

Enterprise XYZ wants to implement fast convergence on their network and optimize timers for OSPF However they also want to prevent excess flooding of LSAs if there is a constantly flapping link on the network Which timers can help prevent excess flooding of LSAs for OSPF?

A. OSPF propagation timers 
 B. OSPF throttling timers 
 C. OSPF delay timers 
D. OSPF flooding timers

Show Answer

Question # 10

A network engineering team is in the process of designing a lab network for a customer demonstration. The design engineer wants to show that the resiliency of the MPLS traffic Engineering Fast Reroute solution has the same failover/failback times as a traditional SONET/SDH network (around 50MSEC). In order to address both link failure and node failure within the lab typology network, which type of the MPLS TE tunnels must be considered for this demonstration?

A. TE backup tunnel
B. Next-hop (NHop) tunnel
C. FRR Backup tunnel
D. next-next-hop (NNHop) tunnel

Show Answer

Question # 11

Which two benefits can software-defined networks provide to businesses? (Choose two.) 

A. provides additional redundancy
 B. reduction of OpEx/CapEx 
 C. reduced latency 
 D. decentralized management
 E. enables innovation F. meets high traffic demands 

Show Answer

Question # 12

What advantage of placing the IS-IS layer 2 flooding domain boundary at the core Layer in a threelayer hierarchical network is true? 

A. The Layer 1 and Layer 2 domains can easily overlap
B. It reduces the complexity of the Layer 1 domains
C. It can be applied to any kind of topology
D. The Layer 2 domain is contained and more stable

Show Answer

Question # 13

Which three items do you recommend for control plane hardening of an infrastructure device? (Choose three.)

A. routing protocol authentication 
B. SNMPv3 
 C. Control Plane Policing 
 D. redundant AAA servers
 E. warning banners
 F. to enable unused services

Show Answer

Question # 14

The Company XYZ network requires OSPF dead neighbor detection in a subsecond manner However the company network does not support BFD Which other feature can be used to fulfill the design requirement? 

A. STP 
 B. fast hello 
 C. LFA 
D. DPD

Show Answer

Question # 15

Which DCI technology utilizes a œflood and learn technique to populate the Layer2 forwarding table? 

A. LISP
B. OTV
C. VPLS
D. EVPN

Show Answer

Question # 16

Which two statements describe the functionality of OSPF packet-pacing timers? (Choose two ) The group-pacing timer controls the interval that is used for group and individual LSA refreshment

A. OSPF flood-pacing timers allow dynamic control of the OSPF transmission queue size
 B. OSPF retransmission-pacing timers allow control of interpacket spaang between consecutive linkstate update packets in the OSPF retransmission queue. 
 C. OSPF retransmission-pacing timers allow control of packet interleaving between nonconsecutive link-state update packets in the OSPF retransmission queue. 
 D. OSPF flood-pacing timers allow control of interpacket spacing between consecutive link-state update packets in the OSPF transmission queue 

Show Answer

Question # 17

Which design benefit of bridge assurance is true?

A. It supposes a spanning-tee topology change upon connecting and disconnecting a station on a port
B. It prevents switched traffic from traversing suboptimal paths on the network.
C. It allows small, unmanaged switches to be plugged into ports of access switches without the risk of switch loops.
D. It prevents switch loops caused by unidirectional point-to-point link condition on Rapid PVST + and MST 

Show Answer

Question # 18

An existing wireless network was designed to support data traffic only. You must now install context Aware services for location tracking changes must be applied to the existing wireless network to increase the location accuracy? (Chose two) 

A. Add access points along the perimeter of the coverage area.
B. Increase the access point density to create an average inter-access point distance of less than 40 feet or 12.2 meters
C. Use directional antennas to provide more cell overlapping
D. Install additional access points in monitor mode where the co-channel interference would otherwise be affected
E. Fine tune the radio configuration of the access point to have a higher average transmission power to achieve better coverage 

Show Answer

Question # 19

A consultant needs to evaluate project management methodologies for a new service deployment on the existing network of a customer. The customer wants to be involved in the end-to-end project progress and be provided with frequent updates. The customer also wants the ability to change the requirements if needed, as the project progresses. Which project management methodology should be used?

A. three principles 
B. phased 
 C. Agile 
 D. Waterfall

Show Answer

Question # 20

An enterprise campus is adopting a network virtualization design solution with these requirements It must include the ability to virtualize the data plane and control plane by using VLANs and VRFs It must maintain end-to-end logical path transport separation across the network resources available grouped at the access edge Which two primary models can this network virtualization design be categorized? (Choose two)

A. Path isolation
B. Session isolation
C. Group virtualization
D. Services virtualization
E. Edge isolation 

Show Answer

Question # 21

A business wants to centralize services via VDI technology and to replace remote WAN desktop PCs with thin client-type machines to reduce operating costs Which consideration supports the new business requirement?

A. VDI servers should be contained centrally within a DMZ 
 B. The thin client traffic should be placed in a WAN QoS priority queue
C. VDI servers should be contained within dedicated VLANs in each branch location 
 D. The WAN should offer low latency and be resized

Show Answer

Question # 22

Which issue poses a challenge for security architects who want end-to-end visibility of their networks?

A. too many overlapping controls 
 B. too many disparate solutions and technology silos 
 C. an overabundance of manual processes 
D. a network security skills shortage

Show Answer

Question # 23

Which actions are performed at the distribution layer of the three-layer hierarchical network design model? (Choose two)

A. Fast transport
B. Reliability
C. QoS classification and marking boundary
D. Fault isolation
E. Redundancy and load balancing

Show Answer

Question # 24

The major business applications of an enterprise are largely monolithic and hard-coded As part of a major modernization and overhaul of the applications the goal is to move to a modular and containerized application architecture mode At the same time decoupling from the hardware is desired to move to an on-demand provisioning However the CyberOps team mandated that the final architecture must provide the same security levels as an air-gapped data center. Which cloud architecture meets these requirements?

A. laaS 
B. private cloud 
 C. PaaS 
 D. hybrid cloud 
E. public cloud

Show Answer

Question # 25

Which component of the SDN architecture automatically ensures that application traffic is routed according to policies established by network administrators?

A. packet forwarding engine 
B. northbound API
 C. southbound API 
D. SDN controller

Show Answer

Question # 26

A customer asks you to perform a high level review of their upcoming WAN refresh for remote sites The review is specially focused on their retail store operations consisting of 500+ locations connected via mutlipoint IPsec VPN solution. Which routing protocol would be valid but would also be the most restrictive for the expansion of this deployment model? 

A. EIGRP
B. IS-IS
C. OSPF
D. BGP

Show Answer

Question # 27

What best describes the difference between Automation and Orchestration? 

A. Automation refers to an automatic process for completing a single task and Orchestration refers to assembling and coordinating a set of tasks and conditions.
B. Automation describes a hands-off configuration process while Orchestration refers to sets of automation tasks that require the network administrator to coordinate
C. Automation refers to an automatic process for completing multiple tasks with conditions and Orchestration refers to executing tasks in parallel.
D. Automation refers to scripting languages (Python. Ansible etc.) and Orchestration refers to commercial products that control configuration deployment

Show Answer

Question # 28

An MPLS service provider is offering a standard EoMPLS-based VPLS service to Customer A. providing Layer 2 connectivity between a central site and approximately 100 remote sites. Customer A wants to use the VPLS network to carry its internal multicast video feeds which are sourced at the central site and consist of 20 groups at Mbps each. Which service provider recommendation offers the most scalability?

A. EoMPLS-based VPLS can carry multicast traffic in a scalable manner
B. Use a mesh of GRE tunnels to carry the streams between sites
C. Enable snooping mechanisms on the provider PE routers.
D. Replace VPLS with a Layer 3 MVPN solution to carry the streams between sites

Show Answer

Question # 29

A Service Provider is designing a solution for a managed CE service to a number of local customers using a single CE platform and wants to have logical separation on the CE platform using Virtual Routing and Forwarding (VRF) based on IP address ranges or packet length. Which is the most scalable solution to provide this type of VRF Selection process on the CE edge device?

A. Static Routes for Route Leaking
B. Policy Based Routing
C. OSPF per VRF Instance
D. Multi-Protocol BGP

Show Answer

Question # 30

A multinational enterprise integrates a cloud solution with these objectives Achieve seamless connectivity across different countries and regions Extend data center and private clouds into public clouds and provider-hosted clouds What are two outcomes of deploying data centers and fabrics that interconnect different cloud networks? (Choose two.)

A. enhanced security 
B. data and network ownership 
 C. ability to place workloads across clouds
 D. centralized visibility 
 E. unidirectional workload mobility across the cloud

Show Answer

Question # 31

Company XYZ is running SNMPv1 in their network and understands that it has some flaws. They want to change the security design to implement SNMPv3 in the network Which network threat is SNMPv3 effective against? 

A. man-in-the-middle attack 
 B. masquerade threats 
 C. DDoS attack 
 D. brute force dictionary attack

Show Answer

Question # 32

What are two examples of components that are part of an SDN architecture? (Choose two.) 

A. software plane 
 B. control plane 
 C. application plane 
D. management plane 
E. network plane

Show Answer

Question # 33

What are two key design principles when using a hierarchical core-distribution-access network model? (Choose two ) 

A. A hierarchical network design model aids fault isolation
B. The core layer is designed first, followed by the distribution layer and then the access layer
C. The core layer provides server access in a small campus.
D. A hierarchical network design facilitates changes
E. The core layer controls access to resources for security

Show Answer

Question # 34

A customer migrates from a traditional Layer 2 data center network into a new SDN-based spine-andleaf VXLAN EVPN data center within the same location The networks are joined to enable host migration at Layer 2 What is the final migration step after hosts have physically migrated to have traffic flowing through the new network without changing any host configuration? 

A. Shut down legacy Layer 3 SVIs. clear ARP caches on all hosts being migrated and then configure the legacy VRRP address onto new VXLAN core switches 
 B. Increase VRRP priorities on new infrastructure over legacy VRRP values, then shut down legacy SVIs 
C. Shut down legacy infrastructure to allow VXLAN gateways to become active 
D. Shut down legacy Layer 3 SVIs and activate new preconfigured Layer 3 SVIs on VXLAN

Show Answer

Question # 35

Which three Cisco products are used in conjunction with Red Hat to provide an NFVi solution? (Choose three.)

A. Cisco Prime Service Catalog
B. Cisco Open Virtual Switch
C. Cisco Nexus switches
D. Cisco UCS
E. Cisco Open Container Platform
F. Cisco Virtual Network Function

Show Answer

Question # 36

When consumers that leverage laaS reach 100% resource capacity, what can be used to redirect the overflow of traffic to the public cloud so there is no disruption to service? 

A. cloud policing 
B. cloud spill 
C. cloud bursting 
 D. cloud shaping

Show Answer

Question # 37

A Tier-3 Service Provider is evolving into a Tier-2 Service Provider due to the amount of Enterprise business it is receiving The network engineers are re-evaluating their IP/MPLS design considerations in order to support duplicate/overlapping IP addressing from their Enterprise customers within each Layer3 VPN. Which concept would need to be reviewed to ensure stability in their network?

A. Assigning unique Route Distinguishers
B. Assigning unique Route Target ID'S
C. Assigning unique IP address space for the Enterprise NAT/Firewalls
D. Assigning unique VRF ID's to each L3VPN

Show Answer

Question # 38

A software-defined networking (SDN) controller teams network topology information by using BGP link-state sessions with the route reflectors of an MPLS-enabled network. The controller then uses the topology information to apply on-demand traffic policies to the network through a protocol that is supported from all Layer 3 routers Each policy is represented as a RIB entry in the control plane of the router Which SDN model has been implemented? 

A. SDN centralized 
 B. SDN traffic engineering 
 C. SD-WAN 
D. SDN hybrid

Show Answer

Question # 39

The General Bank of Greece plans to upgrade its legacy end-of-life WAN network with a new flexible, manageable, and scalable solution. The mam requirements are ZTP support, end-to-end encryption application awareness and segmentation. The CTO states that the main goal of the bank is CAPEX reduction. Which WAN technology should be used for the solution? 

A. SD-branch 
B. DMVPN with PfR
 C. managed SD-WAN 
D. SD-WAN 

Show Answer

Question # 40

A company plans to use BFD between its routers to detect a connectivity problem inside the switched network. An IPS is transparently installed between the switches. Which packets shold the IPS forward for BFD to work under all circumstances?

A. Fragmented packet with the do-not-fragment bit set
B. IP packets with broadcast IP source addresses
C. IP packets with the multicast IP source address
D. IP packet with the multicast IP destination address
E. IP packets with identical source and destination IP addresses
F. IP packets with the destination IP address 0.0.0.0. 

Show Answer

Question # 41

If the desire is to connect virtual network functions together to accommodate different types of network service connectivity what must be deployed? 

A. bridging 
B. service chaining 
 C. linking 
 D. daisy chaining 
E. switching 

Show Answer

Question # 42

Which aspect of BGP-LS makes it scalable in large network when multiarea topology information must be gathered?

A. transmit flow control 
 B. open-loop flow control 
C. hardware flow control 
 D. TCP-based flow control

Show Answer

Question # 43

You are designing a network running both IPv4 and IPv6 to deploy QoS Which consideration is correct about the QoS for IPv4 and IPv6? 

A. IPv4 and IPv6 traffic types can use use queuing mechanisms such as LLQ, PQ and CQ.
B. IPv6 packet classification is only available with process switching, whereas IPv4 packet classification is available with both process switching and CEF.
C. IPv6 and IB traffic types can use a single QoS policy to match both protocols
D. Different congestion management mechanisms need to be used for IPv4 and IPv6 traffic types

Show Answer

Question # 44

A business requirement is supplied to an architect from a car manufacturer stating their business model is changing to just-in-time manufacturing and a new network is required, the manufacturer does not produce all of the specific components m-house. which area should the architect focus on initially?

A. Automation 
 B. Zero Trust Networking 
C. Low Latency Infrastructure 
 D. Modularity

Show Answer

Question # 45

A network architect must redesign a service provider edge, where multiservice and multitenant PEs are currently present. Which design feature should be minimized in the new design to achieve reliability? 

A. bridging
B. fate sharing
C. redundancy
D. unicast overlay routing 

Show Answer

Question # 46

Company XYZ wants to prevent switch loops caused by unidirectional point-point-link condition on Rapid FVST + and MST. Which technology can be used in the design to meet this requirement? 

A. STPBPDU guard 
 B. STP bridge assurance 
 C. MSTP 
D. TRILL 

Show Answer

Question # 47

The Agile Manifesto is a document that defines the key values and principles behind the Agile philosophy and helps development teams work more efficiently and sustainably Each of the four key values is split into two sections a left-hand side and a right-hand side In other words, though there is value in the items on the right we value the items on the left more What is one of the key values of the Agile Manifesto?

A. comprehensive documentation over working software
B. contract negotiation over customer collaboration
C. individuals and interactions over processes and tools 
D. following a plan over responding to chang

Show Answer

Question # 48

You were tasked to enhance the security of a network with these characteristics: A pool of servers is accessed by numerous data centers and remote sites The servers are accessed via a cluster of firewalls The firewalls are configured properly and are not dropping traffic The firewalls occasionally cause asymmetric routing of traffic within the server data center. Which technology should you recommend to enhance security by limiting traffic that could originate from a hacker compromising a workstation and redirecting flows at the servers?

A. Poison certain subnets by adding static routes to Null0 on the core switches connected to the pool of servers.
B. Deploy uRPF strict mode.
C. Limit sources of traffic that exit the server-facing interface of the firewall cluster with ACLs.
D. Deploy uRPF loose mode

Show Answer

Question # 49

Company XYZ, a global content provider, owns data centers on different continents Their data center design involves a standard three-layer design with a Layer 3-only core VRRP is used as the FHRP They require VLAN extension across access switches in all data centers, and they plan to purchase a Layer 2 interconnection between two of their data centers in Europe in the absence of other business or technical constraints which termination point is optimal for the Layer 2 interconnection? 

A. at the core layer, to offer the possibility to isolate STP domains 
 B. at the access layer because the STP root bridge does not need to align with the VRRP active node 
C. at the core layer because all external connections must terminate there for security reasons 
D. at the aggregation layer because it is the Layer 2 to Layer 3 demarcation point

Show Answer

Question # 50

A senior network designer suggests that you should improve network convergence times by reducing BGP timers between your CE router and the PE router of the service provider. Which two factors should you consider to adjust the timer values? (Choose two.)

A. service provider agreement to support tuned timers
B. manual updates to the peer groups
C. service provider scheduling of changes to the PE
D. number of routes on the CE router
E. number of VRFs on the PE router

Show Answer