2021 350-401 Premium Files Test pdf - Free Dumps Collection [Q152-Q167]

Share

2021 350-401 Premium Files Test pdf - Free Dumps Collection

 Get ready to pass the 350-401 Exam right now using our CCNP Enterprise  Exam Package

NEW QUESTION 152
Refer to the exhibit.

Which configuration establishes EBGP neighborship between these two directly connected neighbors and exchanges the loopback network of the two routers through BGP?
A)

B)

C)

D)

  • A. Option A
  • B. Option D
  • C. Option B
  • D. Option C

Answer: A

Explanation:
Explanation
With BGP, we must advertise the correct network and subnet mask in the "network" command (in this case network 10.1.1.0/24 on R1 and network 10.2.2.0/24 on R2). BGP is very strict in the routing advertisements. In other words, BGP only advertises the network which exists exactly in the routing table. In this case, if you put the command "network x.x.0.0 mask 255.255.0.0" or
"network x.0.0.0 mask 255.0.0.0" or "network x.x.x.x mask 255.255.255.255" then BGP will not advertise anything.
It is easy to establish eBGP neighborship via the direct link. But let's see what are required when we want to establish eBGP neighborship via their loopback interfaces. We will need two commands:
+ the command "neighbor 10.1.1.1 ebgp-multihop 2" on R1 and "neighbor 10.2.2.2 ebgpmultihop
2" on R1. This command increases the TTL value to 2 so that BGP updates can reach the BGP neighbor which is two hops away.
+ Answer 'R1 (config) #router bgp 1
R1 (config-router) #neighbor 192.168.10.2 remote-as 2
R1 (config-router) #network 10.1.1.0 mask 255.255.255.0
R2 (config) #router bgp 2
R2 (config-router) #neighbor 192.168.10.1 remote-as 1
R2 (config-router) #network 10.2.2.0 mask 255.255.255.0
Quick Wireless Summary
Cisco Access Points (APs) can operate in one of two modes: autonomous or lightweight
+ Autonomous: self-sufficient and standalone. Used for small wireless networks.
+ Lightweight: A Cisco lightweight AP (LAP) has to join a Wireless LAN Controller (WLC) to function.
LAP and WLC communicate with each other via a logical pair of CAPWAP tunnels.
- Control and Provisioning for Wireless Access Point (CAPWAP) is an IETF standard for control messaging for setup, authentication and operations between APs and WLCs. CAPWAP is similar to LWAPP except the following differences:
+CAPWAP uses Datagram Transport Layer Security (DTLS) for authentication and encryption to protect traffic between APs and controllers. LWAPP uses AES.
+ CAPWAP has a dynamic maximum transmission unit (MTU) discovery mechanism.
+ CAPWAP runs on UDP ports 5246 (control messages) and 5247 (data messages) An LAP operates in one of six different modes:
+ Local mode (default mode): measures noise floor and interference, and scans for intrusion detection (IDS) events every 180 seconds on unused channels
+ FlexConnect, formerly known as Hybrid Remote Edge AP (H-REAP), mode: allows data traffic to be switched locally and not go back to the controller. The FlexConnect AP can perform standalone client authentication and switch VLAN traffic locally even when it's disconnected to the WLC (Local Switched). FlexConnect AP can also tunnel (via CAPWAP) both user wireless data and control traffic to a centralized WLC (Central Switched).
+ Monitor mode: does not handle data traffic between clients and the infrastructure. It acts like a sensor for location-based services (LBS), rogue AP detection, and IDS
+ Rogue detector mode: monitor for rogue APs. It does not handle data at all.
+ Sniffer mode: run as a sniffer and captures and forwards all the packets on a particular channel to a remote machine where you can use protocol analysis tool (Wireshark, Airopeek, etc) to review the packets and diagnose issues. Strictly used for troubleshooting purposes.
+ Bridge mode: bridge together the WLAN and the wired infrastructure together.
Mobility Express is the ability to use an access point (AP) as a controller instead of a real WLAN controller. But this solution is only suitable for small to midsize, or multi-site branch locations where you might not want to invest in a dedicated WLC. A Mobility Express WLC can support up to 100 Aps

 

NEW QUESTION 153
Which JSON syntax is valid?

  • A. Option D
  • B. Option C
  • C. Option A
  • D. Option B

Answer: B

Explanation:
Explanation
This JSON can be written as follows:
{
'switch': {
'name': 'dist1',
'interfaces': ['gig1', 'gig2', 'gig3']
}
}

 

NEW QUESTION 154
Why would a log file contain a * next to the date?

  • A. The network device is not configured to use NTP
  • B. The network device is not configured to use NTP time stamps for logging.
  • C. The network device was receiving NTP time when the log messages were recorded
  • D. The network device was unable to reach the NTP server when the log messages were recorded.

Answer: D

Explanation:
Explanation
If the system clock has not been set, the date and time are preceded by an asterisk (*) to indicate that the date and time are probably not correct.
Reference:
https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamp

 

NEW QUESTION 155
What are two features of NetFlow flow monitoring? (Choose two.)

  • A. Include the flow record and the flow importer
  • B. Does not required packet sampling on interfaces
  • C. Can be used to track multicast, MPLS, or bridged traffic.
  • D. Copies all ingress flow information to an interface
  • E. Can track ingress and egress information

Answer: C,E

Explanation:
The following are restrictions for Flexible NetFlow: + Traditional NetFlow (TNF) accounting is not supported. + Flexible NetFlow v5 export format is not supported, only NetFlow v9 export format is supported. + Both ingress and egress NetFlow accounting is supported. + Microflow policing feature shares the NetFlow hardware resource with FNF. + Only one flow monitor per interface and per direction is supported.
Reference:
When configuring NetFlow, follow these guidelines and restrictions:
+ Except in PFC3A mode, NetFlow supports bridged IP traffic. PFC3A mode does not support NetFlow bridged IP traffic. + NetFlow supports multicast IP traffic.
The Flexible NetFlow - MPLS Egress NetFlow feature allows you to capture IP flow information for packets that arrive on a router as Multiprotocol Label Switching (MPLS) packets and are transmitted as IP packets. This feature allows you to capture the MPLS VPN IP flows that are traveling through the service provider backbone from one site of a VPN to another site of the same VPN

 

NEW QUESTION 156
Refer to the exhibit. An engineer is investigating why guest users are able to access other guest user devices when the users are connected to the customer guest WLAN. What action resolves this issue?

  • A. implement P2P blocking
  • B. implement Wi-Fi direct policy
  • C. implement MFP client protection
  • D. implement split tunneling

Answer: B

Explanation:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-1/configurationguide/b_cg81/b_cg81_chapter_01000110.pdf

 

NEW QUESTION 157
Which statement explains why Type 1 hypervisor is considered more efficient than Type 2 hypervisor?

  • A. Type 1 hypervisor relies on the existing OS of the host machine to access CPU, memory, storage, and network resources.
  • B. Type 1 hypervisor runs directly on the physical hardware of the host machine without relying on the underlying OS
  • C. Type 1 hypervisor is the only type of hypervisor that supports hardware acceleration techniques
  • D. Type 1 hypervisor enables other operating systems to run on it

Answer: B

 

NEW QUESTION 158
What is the role of the vsmart controller in a Cisco SD-WAN environment?

  • A. It manages the data plane.
  • B. It is the centralized network management system.
  • C. It manages the control plane.
  • D. IT performs authentication and authorization

Answer: C

Explanation:
Control plane (vSmart) builds and maintains the network topology and make
decisions on the traffic flows. The vSmart controller disseminates control plane
information between WAN Edge devices, implements control plane policies and
distributes data plane policies to network devices for enforcement.

 

NEW QUESTION 159
Drag and drop the LISP components from the left onto the function they perform on the right. Not all options are used.

Answer:

Explanation:

Explanation

+ accepts LISP encapsulated map requests: LISP map resolver
+ learns of EID prefix mapping entries from an ETR: LISP map server
+ receives traffic from LISP sites and sends it to non-LISP sites: LISP proxy ETR
+ receives packets from site-facing interfaces: LISP ITR
Explanation
ITR is the function that maps the destination EID to a destination RLOC and then encapsulates the original packet with an additional header that has the source IP address of the ITR RLOC and the destination IP address of the RLOC of an Egress Tunnel Router (ETR).
After the encapsulation, the original packet become a LISP packet.
ETR is the function that receives LISP encapsulated packets, decapsulates them and forwards to its local EIDs. This function also requires EID-to-RLOC mappings so we need to point out an "map-server" IP address and the key (password) for authentication.
A LISP proxy ETR (PETR) implements ETR functions on behalf of non-LISP sites. A PETR is typically used when a LISP site needs to send traffic to non-LISP sites but the LISP site is connected through a service provider that does not accept no routable EIDs as packet sources. PETRs act just like ETRs but for EIDs that send traffic to destinations at non-LISP sites.
Map Server (MS) processes the registration of authentication keys and EID-to-RLOC mappings. ETRs sends periodic Map-Register messages to all its configured Map Servers.
Map Resolver (MR): a LISP component which accepts LISP Encapsulated Map Requests, typically from an ITR, quickly determines whether or not the destination IP address is part of the EID namespace

 

NEW QUESTION 160
Refer to the exhibit.

An engineer must create a configuration that executes the show run command and then terminates the session when user CCNP legs in. Which configuration change is required''

  • A. Add the access-class keyword to the username command
  • B. Add the autocommand keyword to the username command
  • C. Add the autocommand keyword to the aaa authentication command
  • D. Add the access-class keyword to the aaa authentication command

Answer: B

 

NEW QUESTION 161
A local router shows an EBGP neighbor in the Active state. Which statement is true about the local router?

  • A. The local router is receiving prefixes from the neighboring router and adding them in RIB-IN
  • B. The local router is attempting to open a TCP session with the neighboring router.
  • C. The local router has active prefixes in the forwarding table from the neighboring router
  • D. The local router has BGP passive mode configured for the neighboring router

Answer: B

 

NEW QUESTION 162
Based on this interface configuration, what is the expected state of OSPF adjacency?

  • A. FULL/BDR on R1 and FULL/BDR on R2
  • B. 2WAY/DROTHER on both routers
  • C. Full on both routers
  • D. not established

Answer: D

 

NEW QUESTION 163
What is the differences between TCAM and the MAC address table?

  • A. The MAC address table supports partial matches. TCAM requires an exact match
  • B. The MAC address table is contained in CAM ACL and QoS information is stored in TCAM
  • C. Router prefix lookups happens in CAM. MAC address table lookups happen in TCAM.
  • D. TCAM is used to make Layer 2 forwarding decisions CAM is used to build routing tables

Answer: B

Explanation:
https://community.cisco.com/t5/networking-documents/cam-content-addressable-memory-vs-tcam-ternary-content/ta-p/3107938

 

NEW QUESTION 164
Refer to the exhibit.

What happens to access interfaces where VLAN 222 is assigned?

  • A. They cannot provide PoE
  • B. They are placed into an inactive state
  • C. A description "RSPAN" is added
  • D. STP BPDU guard is enabled

Answer: B

Explanation:
Explanation

Access ports (including voice VLAN ports) on the RSPAN VLAN are put in the inactive state.
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_55_se/configura

 

NEW QUESTION 165
What NTP Stratum level is a server that is connected directly to an authoritative time source?

  • A. Stratum 0
  • B. Stratum 15
  • C. Stratum 1
  • D. Stratum 14

Answer: C

Explanation:
Explanation
The stratum levels define the distance from the reference clock. A
reference clock is a stratum 0 device that is assumed to be accurate and has little or no delay associated with it. Stratum 0 servers cannot be used on the network but they are directly connected to computers which then operate as stratum-1 servers. A stratum 1 time server acts as a primary network time standard.

A stratum 2 server is connected to the stratum 1 server; then a stratum 3 server is connected to the stratum 2 server and so on. A stratum 2 server gets its time via NTP packet requests from a stratum 1 server. A stratum 3 server gets its time via NTP packet requests from a stratum-2 server... A stratum server may also peer with other stratum servers at the same level to provide more stable and robust time for all devices in the peer group (for example a stratum 2 server can peer with other stratum 2 servers).
NTP uses the concept of a stratum to describe how many NTP hops away a
machine is from an authoritative time source. A stratum 1 time server
typically has an authoritative time source (such as a radio or atomic clock, or a Global Positioning System (GPS) time source) directly attached, a stratum 2 time server receives its time via NTP from a stratum 1 time server, and so on.
nce: https://www.cisco.com/c/en/us/td/docs/routers/asr920/con
figuration/guide/bsm/16-6-1/b-bsm-xe-16-6-1-asr920/bsm-timecalendar-
set.html

 

NEW QUESTION 166
Which statement about VXLAN is true?

  • A. VXLAN uses TCP 35 the transport protocol over the physical data cento network
  • B. VXLAN encapsulates a Layer 2 frame in an IP-UDP header, which allows Layer 2 adjacency across router boundaries.
  • C. VXLAN extends the Layer 2 Segment ID field to 24-bits. which allows up to 4094 unique Layer 2 segments over the same network.
  • D. VXLAN uses the Spanning Tree Protocol for loop prevention.

Answer: D

 

NEW QUESTION 167
......

Master 2021 Latest The Questions CCNP Enterprise and Pass 350-401  Real Exam!: https://www.exams4collection.com/350-401-latest-braindumps.html

A fully updated 2021 350-401 Exam Dumps exam guide from training expert Exams4Collection: https://drive.google.com/open?id=1LYtvv5k_XlTAQtsF0bgGRT3mC9wHcWfJ