March/2022 Latest Braindump2go 350-401 Exam Dumps with PDF and 350-401 Free Uodated Today! Following are some new 350-401 Real Exam Questions!
An engineer must export the contents of the devices object in JSON format.
Which statement must be used?
Refer to the exhibit. An engineer troubleshoots connectivity issues with an application. Testing is performed from the server gateway, and traffic with the DF bit set is dropped along the path after increasing packet size. Removing the DF bit setting at the gateway prevents the packets from being dropped. What is the cause of this issue?
A. PMTUD does not work due to ICMP Packet Too Big messages being dropped by an ACL
B. The remote router drops the traffic due to high CPU load
C. The server should not set the DF bit in any type of traffic that is sent toward the network
D. There is a CoPP policy in place protecting the WAN router CPU from this type of traffic
Refer to the exhibit. An engineer configures VRRP and issues the show commands to verify operation. What does the engineer confirm about VRRP group 1 from the output?
A. There is no route to 10.10.1.1/32 in R2’s routing table
B. If R1 reboots, R2 becomes the master virtual router until R2 reboots
C. Communication between VRRP members is encrypted using MD5
D. R1 is master if 10.10.1.1/32 is in its routing table
Refer to the exhibit. An engineer must add the SNMP interface table to the NetFlow protocol flow records. Where should the SNMP table option be added?
A. under the interface
B. under the flow record
C. under the flow monitor
D. under the flow exporter
This command causes the periodic sending of an options table, which will allow the collector to map the interface SNMP indexes provided in the flow records to interface names. The optional timeout can alter the frequency at which the reports are sent.
Router(config)# flow exporter FLOW-EXPORTER-1
Router(config-flow-exporter)# option interface-table
Refer to the exhibit. How does the router handle traffic after the CoPP policy is configured on the router?
A. Traffic coming to R1 that does not match access list SNMP is dropped.
B. Traffic coming to R1 that matches access list SNMP is policed.
C. Traffic passing through R1 that matches access list SNMP is policed.
D. Traffic generated by R1 that matches access list SNMP is policed.
A network engineer configures a WLAN controller with increased security for web access. There is IP connectivity with the WLAN controller, but the engineer cannot start a management session from a web browser. Which action resolves the issued
B. Disable Adobe Flash Player
C. Use a browser that supports 128-bit or larger ciphers.
D. Use a private or incognito session.
Refer to the exhibit. An engineer must configure static NAT on R1 lo allow users HTTP access to the web server on TCP port 80. The web server must be reachable through ISP 1 and ISP 2. Which command set should be applied to R1 to fulfill these requirements?
A. ip nat inside source static tcp 10.1.1.100 80 22.214.171.124 80 extendable
ip nat inside source static tcp 10.1.1.100 80 126.96.36.199 80 extendable
B. ip nat inside source static tcp 10.1.1.100 80 188.8.131.52 80
ip nat inside source static tcp 10.1.1.100 80 184.108.40.206 80
C. ip nat inside source static tcp 10.1.1.100 80 220.127.116.11 80
ip nat inside source static tcp 10.1.1.100 8080 18.104.22.168 8080
D. ip nat inside source static tcp 10.1.1.100 80 22.214.171.124 80 no-alias
ip nat inside source static tcp 10.1.1.100 80 126.96.36.199 80 no-alias
By default, which virtual MAC address does HSRP group 16 use?
B. 00:00:0c 07:ac:10
A customer requests a design that includes GLBP as the FHRP. The network architect discovers that the members of the GLBP group have different throughput capabilities.
Which GLBP load balancing method supports this environment?
A. host dependent
B. least connection
C. round robin
In a Cisco SD-WAN solution, which two functions are performed by OMP? (Choose two.)
A. advertisement of network prefixes and their attributes
B. configuration of control and data policies
C. gathering of underlay infrastructure data
D. delivery of crypto keys
E. segmentation and differentiation of traffic
An engineer must create a new SSID on a Cisco 9800 wireless LAN controller.
The client has asked to use a pre-shared key for authentication.
Which profile must the engineer edit to achieve this requirement?
A vulnerability assessment highlighted that remote access to the switches is permitted using unsecure and unencrypted protocols.
Which configuration must be applied to allow only secure and reliable remote access for device administration?
A. line vty 0 15
transport input none
B. line vty 0 15
transport input telnet ssh
C. line vty 0 15
transport input ssh
D. line vty 0 15
transport input all
How does a fabric AP fit in the network?
A. It is in local mode and must be connected directly to the fabric border node
B. It is in FlexConnect mode and must be connected directly to the fabric edge switch.
C. It is in FlexConnect mode and must be connected directly to the fabric border node
D. It is in local mode and must be connected directly to the fabric edge switch.
How are map-register messages sent in a LISP deployment?
A. egress tunnel routers to map resolvers to determine the appropriate egress tunnel router
B. ingress tunnel routers to map servers to determine the appropriate egress tunnel router
C. egress tunnel routers to map servers to determine the appropriate egress tunnel router
D. ingress tunnel routers to map resolvers to determine the appropnate egress tunnel router
Refer to the exhibit. An engineer attempts to bundle interface Gi0/0 into the port channel, but it does not function as expected.
Which action resolves the issue?
A. Configure channel-group 1 mode active on interface Gi0/0.
B. Configure no shutdown on interface Gi0/0
C. Enable fast LACP PDUs on interface Gi0/0.
D. Set LACP max-bundle to 2 on interface Port-channeM
Refer to the exhibit. An engineer must permit traffic from these networks and block all other traffic.
An informational log message should be triggered when traffic enters from these prefixes.
Which access list must be used?
A. access-list acl_subnets permit ip 10.0.32.0 0 0.0.255 log
B. access-list acl_subn*ls permit ip 10.0.32.0 0.0.7.255 log
C. access-list acl_subnets permit ip 10.0.32.0 0.0.7.255 access-list acl_subnets deny ip any log
D. access-list acl_subnets permit ip 10.0.32.0 255.255.248.0 log
Refer to the exhibit. After the code is run on a Cisco IOS-XE router, the response code is 204.
What is the result of the script?
A. The configuration fails because another interface is already configured with IP address 10.10.10.1/24.
B. The configuration fails because interface GigabitEthernet2 is missing on the target device.
C. The configuration is successfully sent to the device in cleartext.
D. Interface GigabitEthernet2 is configured with IP address 10.10.10.1/24
Which two parameters are examples of a QoS traffic descriptor? (Choose two)
A. MPLS EXP bits
E. packet size
Refer to the exhibit. After configuring HSRP an engineer enters the show standby command.
Which two facts are derived from the output? (Choose two.)
A. The router with IP 10.10 1.3 is active because it has a higher IP address
B. If FaO/0 is shut down, the HSRP pnonty on R2 becomes 80
C. R2 Fa1/0 regains the primary role when the link comes back up
D. R2 becomes the active router after the hold time expires.
E. R2 is using the default HSRP hello and hold timers.
If a client’s radio device receives a signal strength of -67 dBm and the noise floor is -85 dBm, what is the SNR value?
A. 15 dB
B. 16 dB
C. 18 dB
D. 20 dB
A network monitoring system uses SNMP polling to record the statistics of router interfaces. The SNMP queries work as expected until an engineer installs a new interface and reloads the router After this action, all SNMP queries for the router fail. What is the cause of this issue?
A. The SNMP community is configured incorrectly
B. The SNMP interface index changed after reboot.
C. The SNMP server traps are disabled for the interface index
D. The SNMP server traps are disabled for the link state.
In a Cisco SD-Access solution, which protocol is used by an extended node to connect to a single edge node?
C. 802 1Q
An engineer must enable a login authentication method that allows a user to log in by using local authentication if all other defined authentication methods fail. Which configuration should be applied?
A. aaa authentication login CONSOLE group radius local-case enable aaa
B. authentication login CONSOLE group radius local enable none
C. aaa authentication login CONSOLE group radius local enable
D. aaa authentication login CONSOLE group tacacs+ local enable
When firewall capabilities are considered, which feature is found only in Cisco next-generation firewalls?
A. malware protection
B. stateful inspection
C. traffic filtering
D. active/standby high availability
What does a northbound API accomplish?
A. programmatic control of abstracted network resources through a centralized controller
B. access to controlled network resources from a centralized node
C. communication between SDN controllers and physical switches
D. controlled access to switches from automated security applications
Refer to the exhibit. An engineer configures the BGP adjacency between R1 and R2, however, it fails to establish.
Which action resolves the issue?
A. Change the network statement on R1 to 172.16 10.0
B. Change the remote-as number for 192 168.100.11.
C. Enable synchronization on R1 and R2
D. Change the remote-as number on R1 to 6500.
Refer to the exhibit. The network administrator must be able to perform configuration changes when all the RADIUS servers are unreachable. Which configuration allows all commands to be authorized if the user has successfully authenticated?
A. aaa authorization exec default group radius none
B. aaa authentication login default group radius local none
C. aaa authorization exec default group radius if-authenticated
D. aaa authorization exec default group radius
What is a characteristic of Cisco StackWise technology?
A. It uses proprietary cabling
B. It supports devices that are geographically separated
C. lt combines exactly two devices
D. It is supported on the Cisco 4500 series.
Why would an engineer use YANG?
A. to transport data between a controller and a network device
B. to access data using SNMP
C. to model data for NETCONF
D. to translate JSON into an equivalent XML syntax
A customer wants to use a single SSID to authenticate loT devices using different passwords.
Which Layer 2 security type must be configured in conjunction with Cisco ISE to achieve this requirement?
A. Fast Transition
B. Central Web Authentication
C. Cisco Centralized Key Management
D. Identity PSK
Refer to the exhibit. An engineer must prevent the R6 loopback from getting into Area 2 and Area 3 from Area 0.
Which action must the engineer take?
A. Apply a fitter list inbound on R2 and R9
B. Apply a filter list outbound on R3 and R7
C. Apply a filter list outbound on R7 only.
D. Apply a filter list inbound on R3 and R7
In a Cisco StackWise Virtual environment, which planes are virtually combined in the common logical switch?
A. management and data
B. control and management
C. control, and forwarding
D. control and data
1.2022 Latest Braindump2go 350-401 Exam Dumps (PDF & VCE) Free Share:
2.2022 Latest Braindump2go 350-401 PDF and 350-401 VCE Dumps Free Share:
3.2021 Free Braindump2go 350-401 Exam Questions Download:
Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!