Professional Documents
Culture Documents
350-401 60423b177d74
350-401 60423b177d74
(350-401)
Answer: A
Explanation:
The answer is A.
https://tools.ietf.org/id/draft-ietf-i2rs-rib-info-model-17.html
"Traditionally routers run routing protocols and the routing protocols (along with static configuration
information) populate the Routing Information Base (RIB) of the router. The RIB is managed by the RIB
manager and the RIB manager provides a northbound interface to its clients, i.e., the routing protocols, to
insert routes into the RIB. The RIB manager consults the RIB and decides how to program the Forwarding
Information Base (FIB) of the hardware by interfacing with the FIB manager."
Question: 2 CertyIQ
Which QoS component alters a packet to change the way that traffic is treated in the network?
A. policing
B. classification
C. marking
D. shaping
Answer: C
Explanation:
Question: 3 CertyIQ
DRAG DROP -
Drag and drop the descriptions from the left onto the correct QoS components on the right.
Select and Place:
Answer:
Explanation:
Traffic Policing
Traffic Shapping
Question: 4 CertyIQ
Which statement about Cisco Express Forwarding is true?
Answer: C
Explanation:
https://www.fir3net.com/Routers/Cisco/what-is-cef-cisco-express-forwarding.html
CEF is built around 2 main components - the Forwarding Information Base (FIB) and the Adjacency Table.
Answer, C
Question: 5 CertyIQ
What is a benefit of deploying an on-premises infrastructure versus a cloud infrastructure deployment?
A. ability to quickly increase compute power without the need to install additional hardware
B. less power and cooling resources needed to run infrastructure on-premises
C. faster deployment times because additional infrastructure does not need to be purchased
D. lower latency between systems that are physically located near each other
Answer: D
Explanation:
When you have devices in the same place, you have lower latency between systems that's why D is correct.
Question: 6 CertyIQ
DRAG DROP -
Drag and drop the characteristics from the left onto the appropriate infrastructure deployment types on the right.
Select and Place:
Answer:
Question: 7 CertyIQ
How does QoS traffic shaping alleviate network congestion?
Explanation:
B is Correct. During congestion, traffic shaping buffers and queues packets above the committed rate.
Answer A describes Policing dropping packets exceeding a certain bitrate. Answer C is describing packet
fragmentation when the router receives an IP packet above 1500 bytes. Answer D is sort of describing
Random Early Detection (RED) which is a congestion avoidance mechanism that randomly drops packets from
RED-enabled interfaces or queues during periods of high congestion. RED tells the packet source to decrease
its transmission rate.
Reference:
https://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.html
Question: 8 CertyIQ
An engineer is describing QoS to a client.
Which two facts apply to traffic policing? (Choose two.)
Answer: AD
Explanation:
Question: 9 CertyIQ
Which component handles the orchestration plane of the Cisco SD-WAN?
A. vBond
B. vSmart
C. vManage
D. WAN Edge
Answer: A
Explanation:
The Cisco vBond orchestrator is a multitenant element of the Cisco SD-WAN fabric. Cisco vBond is the first
point of contact and performs initial authentication when devices are connecting to the organization overlay.
Cisco vBond facilitates the mutual discovery of the control and management elements of the fabric by using a
zero-trust certificate-based allowed-list model. Cisco vBond automatically distributes a list of Cisco vSmart
controllers and the Cisco vManage system to the Cisco WAN Edge routers during the deployment process.
Reference:
https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2018/pdf/BRKCRS-2112.pdf page 8.
Question: 10 CertyIQ
What are two device roles in Cisco SD-Access fabric? (Choose two.)
A. edge node
B. vBond controller
C. access switch
D. core switch
E. border node
Answer: AE
Explanation:
A. edge node
E. border node
Question: 11 CertyIQ
What is the role of the vSmart controller in a Cisco SD-WAN environment?
Answer: B
Explanation:
Question: 12 CertyIQ
When a wired client connects to an edge switch in a Cisco SD-Access fabric, which component decides whether
the client has access to the network?
A. edge node
B. Identity Services Engine
C. RADIUS server
D. control-plane node
Answer: B
Explanation:
The correct answer is B, it was even in the CBT nuggets videos. Specifically Explain SD-Access Fabric
Operation/User Authentication. So, B is your correct answer.
Question: 13 CertyIQ
Which benefit is offered by a cloud infrastructure deployment but is lacking in an on-premises deployment?
A. virtualization
B. supported systems
C. storage capacity
D. efficient scalability
Answer: D
Explanation:
D. efficient scalability
Question: 14 CertyIQ
Which action is the vSmart controller responsible for in a Cisco SD-WAN deployment?
Answer: C
Explanation:
- onboard WAN Edge nodes into the Cisco SD-WAN fabric. (vBond)
- distribute policies that govern data forwarding performed within the Cisco SD-WAN fabric. (vSmart)
- handle, maintain, and gather configuration and status for nodes within the Cisco SD-WAN fabric. (vManage)
Question: 15 CertyIQ
Where is radio resource management performed in a Cisco SD-Access wireless solution?
A. DNA Center
B. control plane node
C. wireless controller
D. Cisco CMX
Answer: B
Explanation:
Question: 16 CertyIQ
DRAG DROP -
Drag and drop the characteristics from the left onto the infrastructure types on the right.
Select and Place:
Answer:
Question: 17 CertyIQ
How does the RIB differ from the FIB?
A. The FIB maintains network topologies and routing tables. The RIB is a list of routes to particular network
destinations.
B. The FIB includes many routes to a single destination. The RIB is the best route to a single destination.
C. The RIB is used to create network topologies and routing tables. The FIB is a list of routes to particular
network destinations.
D. The RIB includes many routes to the same destination prefix. The FIB contains only the best route.
Answer: D
Explanation:
RIB has a global and many protocol tables and FIB is the copy of the global "routing table" therefore D
D is correct
Question: 18 CertyIQ
Which technology is used to provide Layer 2 and Layer 3 logical networks in the Cisco SD-Access architecture?
A. underlay network
B. VPN routing/forwarding
C. easy virtual network
D. overlay network
Answer: D
Explanation:
Question: 19 CertyIQ
What is the difference between CEF and process switching?
A. CEF processes packets that are too complex for process switching to manage.
B. Process switching is faster than CEF.
C. CEF uses the FIB and the adjacency table to make forwarding decisions, whereas process switching punts
each packet.
D. CEF is more CPU-intensive than process switching.
Answer: C
Explanation:
Process switching requires the CPU to be personally involved with every forwarding decision
Answer: AC
Explanation:
AC
Question: 21 CertyIQ
DRAG DROP -
Drag and drop the characteristics from the left onto the correct infrastructure deployment type on the right.
Select and Place:
Answer:
Question: 22 CertyIQ
In a Cisco SD-Access fabric, which control plane protocol is used for mapping and resolving endpoints?
A. DHCP
B. VXLAN
C. SXP
D. LISP
Answer: D
Explanation:
Question: 23 CertyIQ
What are two differences between the RIB and the FIB? (Choose two.)
A. FIB is a database of routing prefixes, and the RIB is the information used to choose the egress interface for
each packet.
B. The FIB is derived from the data plane, and the RIB is derived from the FIB.
C. The RIB is a database of routing prefixes, and the FIB is the information used to choose the egress interface
for each packet.
D. The RIB is derived from the control plane, and the FIB is derived from the RIB.
E. The FIB is derived from the control plane, and the RIB is derived from the FIB.
Answer: CD
Explanation:
C&D
the interface is there in the adjacency table which is part of FIB and CEF
Question: 24 CertyIQ
Which two network problems indicate a need to implement QoS in a campus network? (Choose two.)
A. port flapping
B. excess jitter
C. misrouted network packets
D. duplicate IP addresses
E. bandwidth-related packet loss
Answer: BE
Explanation:
B. excess jitter
Question: 25 CertyIQ
In a Cisco SD-Access wireless architecture, which device manages endpoint ID to edge node bindings?
Answer: A
Explanation:
---> A simple Host Database, that tracks Endpoint ID to Edge Node bindings (RLOCs)
https://www.ciscolive.com/c/dam/r/ciscolive/latam/docs/2018/pdf/BRKEWN-2020.pdf Page 54
Question: 26 CertyIQ
DRAG DROP -
Drag and drop the QoS mechanisms from the left onto their descriptions on the right.
Select and Place:
Answer:
Explanation:
Question: 27 CertyIQ
Which control plane protocol is used between Cisco SD-WAN routers and vSmart controllers?
A. TCP
B. OMP
C. UDP
D. BGP
Answer: B
Explanation:
OMP overlay management protocol is used in sd-wan its a lot like IP-Sec tunnels
Question: 28 CertyIQ
In a three-tier hierarchical campus network design, which action is a design best-practice for the core layer?
A. provide QoS prioritization services such as marking, queueing, and classification for critical network traffic
B. provide redundant Layer 3 point-to-point links between the core devices for more predictable and faster
convergence
C. provide advanced network security features such as 802.1X, DHCP snooping, VACLs, and port security
D. provide redundant aggregation for access layer devices and first-hop redundancy protocols such as VRRP
Answer: B
Explanation:
A. provide QoS prioritization services such as marking, queueing, and classification for critical network traffic.
Distribution layer.
B. provide redundant Layer 3 point-to-point links between the core devices for more predictable and faster
convergence.
Core Layer.
C. provide advanced network security features such as 802.1X, DHCP snooping, VACLs, and port security.
Access Layer.
D. provide redundant aggregation for access layer devices and first-hop redundancy protocols such as VRRP.
Distribution layer.
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Campus/HA_campus_DG/hacampusdg.html
Question: 29 CertyIQ
What is a VPN in a Cisco SD-WAN deployment?
Answer: C
Explanation:
The correct answer is C, the VPN service is not alway related with "Secure", into MPLS architecture is used for
provide isolated traffic without "Secure" component, same as SD-WAN.
Question: 30 CertyIQ
Which function does a fabric edge node perform in an SD-Access deployment?
Answer: A
Explanation:
Answer is "A":
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/vxlan/configuration/guide/b_NX-
OS_VXLAN_Configuration_Guide/campus-fabric.pdf
"Fabric Edge Node : Fabric edge nodes are responsible for admitting, encapsulating/decapsulating and
Question: 31 CertyIQ
What is the role of a fusion router in an SD-Access solution?
Answer: C
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/dna-center/213525-sda-steps-to-c
onfigure-fusion-router.html#anc1
Question: 32 CertyIQ
Which action is the vSmart controller responsible for in an SD-WAN deployment?
Answer: C
Explanation:
- distribute security information for tunnel establishment between vEdge routers (vSmart)
- manage, maintain, and gather configuration and status for nodes within the SD-WAN fabric (vManage)
Question: 33 CertyIQ
What is one fact about Cisco SD-Access wireless network deployments?
Answer: A
Explanation:
In SD-Access Wireless, The WLC and APs are integrated into the fabric, and the APs connect to the fabric
overlay.
Question: 34 CertyIQ
In a Cisco SD-Access solution, what is the role of a fabric edge node?
Answer: B
Explanation:
B Correct
Refer to https://www.google.com/url?
sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwjF37T9udPtAhXwo4sKHfwzDKoQFjAAegQIA
C&url=https%3A%2F%2Fwww.cisco.com%2Fc%2Fdam%2Fm%2Fhr_hr%2Ftraining-
events%2F2019%2Fcisco-connect%2Fpdf%2FVH-
Cisco-SD-Access-Connecting.pdf&usg=AOvVaw26SeDD9KzfyOqR-hk_vF3q
Question: 35 CertyIQ
What are two reasons a company would choose a cloud deployment over an on-prem deployment? (Choose two.)
A. Cloud costs adjust up or down depending on the amount of resources consumed. On-prem costs for
hardware, power, and space are on-going regardless of usage.
B. Cloud resources scale automatically to an increase in demand. On-prem requires additional capital
expenditure.
C. In a cloud environment, the company is in full control of access to their data. On-prem risks access to data
due to service provider outages.
D. In a cloud environment, the company controls technical issues. On-prem environments rely on the service
provider to resolve technical issues.
E. Cloud deployments require long implementation times due to capital expenditure processes. On-prem
deployments can be accomplished quickly using operational expenditure processes.
Answer: AB
Explanation:
Cloud costs adjust up or down depending on the amount of resources consumed. On-prem costs for
hardware, power, and space are on-going regardless of usage.
Cloud resources scale automatically to an increase in demand. On-prem requires additional capital
expenditure.
Question: 36 CertyIQ
What is the difference between the MAC address table and TCAM?
A. TCAM is used to make L2 forwarding decisions. CAM is used to build routing tables.
B. Router prefix lookups happen in CAM. MAC address table lookups happen in TCAM.
C. The MAC address table supports partial matches. TCAM requires an exact match.
D. The MAC address table is contained in CAM. ACL and QoS information is stored in TCAM.
Answer: D
Explanation:
Question: 37 CertyIQ
Which controller is the single plane of management for Cisco SD-WAN?
A. vBond
B. vSmart
C. vManage
D. vEdge
Answer: C
Explanation:
Management Plane
vManage is the Cisco SD-WAN centralized GUI that allows to manage the SD-WAN network from end to end
from a single dashboard.
Reference:
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/SDWAN/CVD-SD-WAN-Design-2018OCT.pdf
Question: 38 CertyIQ
A company plans to implement intent-based networking in its campus infrastructure.
Which design facilitates a migration from a traditional campus design to a programmable fabric design?
A. two-tier
B. Layer 2 access
C. three-tier
D. routed access
Answer: D
Explanation:
Question: 39 CertyIQ
Which statement about a fabric access point is true?
A. It is in local mode and must be connected directly to the fabric edge switch.
B. It is in local mode and must be connected directly to the fabric border node.
C. It is in FlexConnect mode and must be connected directly to the fabric border node.
D. It is in FlexConnect mode and must be connected directly to the fabric edge switch.
Answer: A
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/sda-sdg-2019oct.html
Question: 40 CertyIQ
A customer requests a network design that supports these requirements:
✑ FHRP redundancy
✑ multivendor router environment
✑ IPv4 and IPv6 hosts
Which protocol does the design include?
A. VRRP version 2
B. VRRP version 3
C. GLBP
D. HSRP version 2
Answer: B
Explanation:
HSRP and GLBP are Cisco propietary, so they won't work in a multivendor setup. VRRPv3 us multivendor and
supports IPv4 and 6.
Question: 41 CertyIQ
While configuring an IOS router for HSRP with a virtual IP of 10.1.1.1, an engineer sees this log message.
Jan 1 12:12:12.111 : %HSRP-4-DIFFVIP1: GigabitEthernet0/0 Grp 1 active routers virtual IP address 10.1.1.1 is different
to the locally configured address 10.1.1.25
Which configuration change must the engineer make?
Answer: B
Explanation:
Syslog points to local router having VIP ip 10.1.1.25, and remote router in g0/0 interface having 10.1.1.1. We
want latter to all routers in HSRP so we need to configure local router, hence B.
Question: 42 CertyIQ
A network administrator has designed a network with two multilayer switches on the distribution layer, which act
as default gateways for the end hosts. Which two technologies allow every end host in a VLAN to use both
gateways? (Choose two.)
A. VRRP
B. GLBP
C. VSS
D. MHSRP
E. HSRP
Answer: BC
Explanation:
I'm going for B and C.VRRP - and HSRP suffer from that fact that they both have one primary/master router
which provides the _single_ default gateway (single VIP, single virtual MAC)MHSRP provides two Virtual IPs,
so end hosts would have to be configured with two default gateways - not common for end hosts. The same
concept would apply to multiple VRRP groups.GLBP provides one virtual IP and multiple virtual MAC
Addresses; the ARP replies from the Active Virtual Gateway to the hosts will use all the virtual MACs (one for
each virtual forwarder) in round robin fashion, so B is correct.which leaves VSS, where both ML Switches form
a single virtual switch and no FHRP is required at all to use them both.
I think the key here is "allow every end host in a VLAN to use both gateways". VRRP, HSRP or MHSRP can't
allow "every end host" to use "both" gateways at the same time. But MCEC protocols like VSS, StackWise or
vPC allows two gateways to act as one physically and virtually. So I'll go with GLBP and VSS for this one as
the other answers can't really seems to provide what is asked.
Question: 43 CertyIQ
Refer to the exhibit. On which interfaces should VRRP commands be applied to provide first hop redundancy to PC-
01 and PC-02?
Answer: C
Explanation:
Question: 44 CertyIQ
Under which network conditions is an outbound QoS policy that is applied on a router WAN interface most
beneficial?
Answer: B
Explanation:
Hi gents,here my thinking to this topicA. under traffic classification and marking conditions --> this is not a
condition but rather an action and therefore WRONGB. under interface saturation conditionsSaturation is a
condition and NOT BAD C. under all network conditionswell if this was the case, then the vendor Cisco would
have made this a default state and thats it. also WRONGD. under network convergence conditionsWell the
wording is very vague here. a service policy can assign utmost priority to system level tasks that help in
convergence, for example try putting OSPF protocol into CS6 or EF marking and implement a Priority
Queueing (PQ) then you have made convergence faster but starved out everything else. Also NOT BAD but
why would any clear thinking admin interfere with system level priorities?as far as i can see, there is only
answer B which is NOT BAD answer for a question worded like that.Answer B
Question: 45 CertyIQ
An engineer must configure HSRP group 300 on a Cisco IOS router. When the router is functional, it must be the
active HSRP router. The peer router has been configured using the default priority value. Which command set is
required?
Answer: A
Explanation:
Question: 46 CertyIQ
What is the function of a fabric border node in a Cisco SD-Access environment?
Answer: B
Explanation:
Border bode: The border nodes serve as the gateways between the Cisco SD-Access fabric and external
networks.
Question: 47 CertyIQ
In a wireless Cisco SD-Access deployment, which roaming method is used when a user moves from one AP to
another on a different access switch using a single
WLC?
A. Layer 3
B. inter-xTR
C. auto anchor
D. fast roam
Answer: B
Explanation:
Inter-xTR
The Answer is B
Question: 48 CertyIQ
What is the recommended MTU size for a Cisco SD-Access Fabric?
A. 4464
B. 17914
C. 9100
D. 1500
Answer: C
Explanation:
Question: 49 CertyIQ
What is the function of the fabric control plane node in a Cisco SD-Access deployment?
Explanation:
C.
The control plane node’s database tracks all endpoints in the fabric site and associates the endpoints to fabric
nodes, decoupling the endpoint IP address or MAC address from the location (closest router) in the network.
Question: 50 CertyIQ
What is the data policy in a Cisco SD-WAN deployment?
A. list of ordered statements that define node configurations and authentication used within the SD-WAN
overlay
B. set of statements that defines how data is forwarded based on IP packet information and specific VPNs
C. detailed database mapping several kinds of addresses with their corresponding location
D. group of services tested to guarantee devices and links liveliness within the SD-WAN overlay
Answer: B
Explanation:
Centralized data policy controls the flow of data traffic based on the source and destination addresses and
ports and DSCP fields in the packet's IP header (referred to as a 5-tuple), and based on network segmentation
and VPN membership. These types of data policy are provisioned centrally, on the Cisco vSmart controller,
and they affect traffic flow across the entire network.
Localized data policy controls the flow of data traffic into and out of interfaces and interface queues on a
Cisco vEdge device. This type of data policy is provisioned locally using access lists. It allows you to classify
traffic and map different classes to different queues. It also allows you to mirror traffic and to police the rate
at which data traffic is transmitted and received.
Question: 51 CertyIQ
In Cisco SD-WAN, which protocol is used to measure link quality?
A. IPsec
B. OMP
C. RSVP
D. BFD
Answer: D
Explanation:
The following Cisco SD-WAN capabilities helps to address application performance optimization:
● Application-Aware Routing: Application-aware routing allows the ability to create customized SLA-policies
for traffic and measures real-time performance taken by BFD probes
Question: 52 CertyIQ
What is used to perform QoS packet classification?
Answer: C
Explanation:
DSCP is used for marking, within the TOS which is in the IP header
Question: 53 CertyIQ
How do cloud deployments differ from on-premises deployments?
Answer: C
Explanation:
Question: 54 CertyIQ
Which controller is capable of acting as a STUN server during the onboarding process of Edge devices?
A. vBond
B. vSmart
C. vManage
D. PNP Server
Answer: A
Explanation:
The Cisco SD-WAN solution is comprised of separate orchestration, management, control and data plane.
• Orchestration plane assists in securely onboarding the SD-WAN WAN Edge routers into the SD-WAN
overlay. The
vBond controller, or orchestrator, authenticates and authorizes the SD-WAN components onto the network.
The
vBond orchestrator takes an added responsibility to distribute the list of vSmart and vManage controller
Question: 55 CertyIQ
How is 802.11 traffic handled in a fabric-enabled SSID?
A. centrally switched back to WLC where the user traffic is mapped to a VXLAN on the WLC
B. converted by the AP into 802.3 and encapsulated into VXLAN
C. centrally switched back to WLC where the user traffic is mapped to a VLAN on the WLC
D. converted by the AP into 802.3 and encapsulated into a VLAN
Answer: B
Explanation:
B is the best answer but vauge and technically wrong. Shouldn't it be 802.3ab? 802.3 without ad is "10BASE5
10 Mbit/s (1.25 MB/s) over thick coax. Same as Ethernet II (above) except Type field is replaced by Length, and
an 802.2 LLC header follows the 802.3 header. Based on the CSMA/CD Process."
Question: 56 CertyIQ
Refer to the exhibit.
An engineer is installing a new pair of routers in a redundant configuration. When checking on the standby status
of each router, the engineer notices that the routers are not functioning as expected.
Which action will resolve the configuration error?
Explanation:
The most situable for this question is D (configure unique virtual address) as is one of requirements for a
group to work, as seeing in the image. The others are wrong for the following reason. (so Wrong based in the
question)A) Not mandatory the timers must match to work on HSRP. on HSRP negotiation the active router
will override the standby timers. https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-
9000/nb-06-cat-9k-stack-wp-cte-en.pdfB) On the image key string match so is not this reason HSRP cant be
seen each otherC) Wrong, priority is for selecing the active router, the best practice is should be different thus
(WRONG)D) Different virtual Gateway configured on the same group number indeed will make HSRP routers
negotiation fail for that group thus (CORRECT)
VIP does not match. VIP should match while the physicals are unique.
Question: 57 CertyIQ
Refer to the exhibit.
Router1 is currently operating as the HSRP primary with a priority of 110. Router1 fails and Router2 takes over the
forwarding role. Which command on Router1 causes it to take over the forwarding role when it returns to service?
A. standby 2 priority
B. standby 2 preempt
C. standby 2 track
D. standby 2 timers
Answer: B
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/ip/hot-standby-router-protocol-hsrp/13780-6.html
Question: 58 CertyIQ
An engineer has deployed a single Cisco 5520 WLC with a management IP address of 172 16.50.5/24. The engineer
must register 50 new Cisco AIR-CAP2802I-
E-K9 access points to the WLC using DHCP option 43. The access points are connected to a switch in VLAN 100
that uses the 172.16.100.0/24 subnet. The engineer has configured the DHCP scope on the switch as follows:
Network 172.16.100.0 255.255.255.0
Answer: A
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/97066-dhcp-option-43-00.
html
Question: 59 CertyIQ
What is the role of vSmart in a Cisco SD-WAN environment?
Answer: A
Explanation:
B) is vManage.
C) is VPNs.
D) is vBond.
Reference:
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/sdwan-xe-gs-book/system-
overview.html
Question: 60 CertyIQ
Which action is performed by Link Management Protocol in a Cisco StackWise Virtual domain?
Answer: C
Explanation:
AnswerC:
The Link Management Protocol (LMP) is activated on each link of the StackWise Virtual link as soon as it is
brought up online. The LMP performs the following functions:
● Verifies link integrity by establishing bidirectional traffic forwarding, and rejects any unidirectional links
● Exchanges periodic hellos to monitor and maintain the health of the links
Question: 61 CertyIQ
What are two reasons why broadcast radiation is caused in the virtual machine environment? (Choose two.)
A. vSwitch must interrupt the server CPU to process the broadcast packet.
B. The Layer 2 domain can be large in virtual machine environments.
C. Virtual machines communicate primarily through broadcast mode.
D. Communication between vSwitch and network switch is broadcast based.
E. Communication between vSwitch and network switch is multicast based.
Answer: AB
Explanation:
A and B.
Because the vswitch is software based, as broadcasts are received the vswitch must interrupt the server CPU
to change contexts to enable the vswitch to process the packet. After the vswitch has determined that the
packet is a broadcast, it copies the packet to all the VMNICs, which then pass the broadcast packet up the
stack to process. This processing overhead can have a tangible effect on overall server performance if a
single domain is hosting a large number of virtual machines
Reference:
https://www.cisco.com/c/en/us/solutions/collateral/data-center-
virtualization/net_implementation_white_paper0900aecd806a9c05.html
Question: 62 CertyIQ
Which two GRE features are configured to prevent fragmentation? (Choose two.)
Answer: BC
Explanation:
For this question B,C .. but now it comes with one more choise (PMTUD) and this is more accurate .. beacause
IP MTU is not a GRE feature but a parameter that defines the maximum size of the IP packet that can be
transmitted over a network path without fragmentation, so we can controll it to control the fragmentation.
but PMTUD is a feature that detects the maximum transmission unit (MTU) of the path between two endpoints
and adjusts the packet size to fit within that MTU
Reference:
https://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/25885-pmtud-ipfrag.html
Question: 63 CertyIQ
Which LISP device is responsible for publishing EID-to-RLOC mappings for a site?
A. ETR
B. MR
C. ITR
D. MS
Answer: A
Explanation:
Reference:
https://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/locator-id-separation-protocol-lisp/wh
ite_paper_c11-652502.html
Question: 64 CertyIQ
Refer to the exhibit.
Assuming that R1 is a CE router, which VRF is assigned to Gi0/0 on R1?
A. default VRF
B. VRF VPN_A
C. VRF VPN_B
D. management VRF
Answer: A
Explanation:
Default VRF:
All Layer 3 interfaces exist in the default VRF until they are assigned to another VRF.
Routing protocols run in the default VRF context unless another VRF context is specified.
The default VRF uses the default routing context for all show commands.
The default VRF is similar to the global routing table concept in Cisco IOS.
Question: 65 CertyIQ
What are two benefits of virtualizing the server with the use of VMs in a data center environment? (Choose two.)
Answer: AD
Explanation:
D. speedy deployment
Question: 66 CertyIQ
Which statement about route targets is true when using VRF-Lite?
A. Route targets control the import and export of routes into a customer routing table.
B. When BGP is configured, route targets are transmitted as BGP standard communities.
C. Route targets allow customers to be assigned overlapping addresses.
D. Route targets uniquely identify the customer routing table.
Answer: A
Explanation:
https://www.cisco.com/c/en/us/td/docs/optical/15000r8_0/ethernet/454/guide/d80ether/r8vrf.pdf
Step: 3
Purposes: Creates a list of import and/or export route target communities for the specified VRF.
Question: 67 CertyIQ
Which LISP infrastructure device provides connectivity between non-LISP sites and LISP sites by receiving non-
LISP traffic with a LISP site destination?
A. PITR
B. map resolver
C. map server
D. PETR
Answer: A
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/DCI/5-0/LISPmobility/DCI_LISP_Ho
st_Mobility/LISPmobile_2.html
Question: 68 CertyIQ
Which statement explains why Type 1 hypervisor is considered more efficient than Type2 hypervisor?
A. Type 1 hypervisor is the only type of hypervisor that supports hardware acceleration techniques.
B. Type 1 hypervisor relies on the existing OS of the host machine to access CPU, memory, storage, and network
resources.
C. Type 1 hypervisor runs directly on the physical hardware of the host machine without relying on the
underlying OS.
D. Type 1 hypervisor enables other operating systems to run on it.
Answer: C
Explanation:
correct C
Type 1 hypervisors are an OS themselves, a very basic one on top of which you can run virtual machines. The
physical machine the hypervisor is running on serves virtualization purposes only.
https://phoenixnap.com/kb/what-is-hypervisor-type-1-2
Question: 69 CertyIQ
Which statement about VXLAN is true?
A. VXLAN encapsulates a Layer 2 frame in an IP-UDP header, which allows Layer 2 adjacency across router
boundaries.
B. VXLAN uses the Spanning Tree Protocol for loop prevention.
C. VXLAN extends the Layer 2 Segment ID field to 24-bits, which allows up to 4094 unique Layer 2 segments
over the same network.
D. VXLAN uses TCP as the transport protocol over the physical data center network.
Answer: A
Explanation:
VXLAN encapsulates a Layer 2 frame in an IP-UDP header, which allows Layer 2 adjacency across router
boundaries.
Question: 70 CertyIQ
Which TCP setting is tuned to minimize the risk of fragmentation on a GRE/IP tunnel?
A. MSS
B. MTU
C. MRU
D. window size
Answer: A
Explanation:
Question: 71 CertyIQ
Which statement describes the IP and MAC allocation requirements for virtual machines on Type 1 hypervisors?
A. Virtual machines do not require a unique IP or unique MAC. They share the IP and MAC address of the
physical server.
B. Each virtual machine requires a unique IP address but shares the MAC address with the physical server.
C. Each virtual machine requires a unique IP and MAC addresses to be able to reach to other nodes.
D. Each virtual machine requires a unique MAC address but shares the IP address with the physical server.
Answer: C
Explanation:
Each virtual machine requires a unique IP and MAC addresses to be able to reach to other nodes.
Question: 72 CertyIQ
Which two namespaces does the LISP network architecture and protocol use? (Choose two.)
A. TLOC
B. RLOC
C. DNS
D. VTEP
E. EID
Answer: BE
Explanation:
“C H A P T E R 1
Locator ID Separation Protocol (LISP) is a network architecture and protocol that implements the use of two
namespaces instead of a single IP address:
• Routing locators (RLOCs)—assigned to devices (primarily routers) that make up the global routing system.
…”
A. TLOC
Wrong answer.
B. RLOC
Correct answer.
C. DNS
Wrong answer.
D. VTEP
Wrong answer.
E. EID
Correct answer.
Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_lisp/configuration/xe-3s/irl-xe-3s-book/irl-
overview.html
Question: 73 CertyIQ
Which two entities are Type 1 hypervisors? (Choose two.)
A. Oracle VM VirtualBox
B. Microsoft Hyper-V
C. VMware server
D. VMware ESXi
E. Microsoft Virtual PC
Answer: BD
Explanation:
Reference:
https://phoenixnap.com/kb/what-is-hypervisor-type-1-2
Question: 74 CertyIQ
DRAG DROP -
Drag and drop the LISP components from the left onto the functions they perform on the right. Not all options are
used.
Select and Place:
Answer:
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/DCI/5-0/LISPmobility/DCI_LISP_Ho
st_Mobility/LISPmobile_2.html#:~:text=%
E2%80%93%20Proxy%20ITR%20(PITR)%3A%20A,devices%20deployed%20at%20LISP%20sites.
Question: 75 CertyIQ
Which action is a function of VTEP in VXLAN?
Answer: C
Explanation:
C correct
VTEPs connect between Overlay and Underlay network and they are responsible for encapsulating frame into
VXLAN packets to send across IP network (Underlay) then decapsulating when the packets leaves the VXLAN
tunnel.
Question: 76 CertyIQ
Which two actions provide controlled Layer 2 network connectivity between virtual machines running on the same
hypervisor? (Choose two.)
Answer: AE
Explanation:
The second you create a separate Virtual Switch as it's own instance it's not L2 anymore, you have to assign it
it's own IP address and it deviates entirely from the L2 question at stake. Answers are A, E
A should be correct in any case. E is (under normal circumstances) necessary when the VMs are on different
VLANs. So B just makes no sense.
Question: 77 CertyIQ
What is a Type 1 hypervisor?
A. runs directly on a physical server and depends on a previously installed operating system
B. runs directly on a physical server and includes its own operating system
C. runs on a virtual server and depends on an already installed operating system
D. runs on a virtual server and includes its own operating system
Answer: B
Explanation:
runs directly on a physical server and includes its own operating system
Question: 78 CertyIQ
Refer to the exhibit. A network engineer configures a GRE tunnel and enters the show interface tunnel command.
What does the output confirm about the configuration?
A. The keepalive value is modified from the default value.
B. The physical interface MTU is 1476 bytes.
C. The tunnel mode is set to the default.
D. Interface tracking is configured.
Answer: C
Explanation:
Question: 79 CertyIQ
What it the purpose of the LISP routing and addressing architecture?
A. It creates two entries for each network node, one for its identity and another for its location on the network.
B. It allows LISP to be applied as a network virtualization overlay though encapsulation.
C. It allows multiple instances of a routing table to co-exist within the same router.
D. It creates head-end replication used to deliver broadcast and multicast frames to the entire network.
Answer: A
Explanation:
It creates two entries for each network node, one for its identity and another for its location on the network.
Question: 80 CertyIQ
What function does VXLAN perform in a Cisco SD-Access deployment?
Answer: C
Explanation:
A. policy plane forwarding (SDA Fabric Policy Plane) -> Cisco TrusSec SGT tags
But Wait
I wanted to let you know that there is more content available in the full version.
The full paper contains additional sections and information that you may find helpful,
and I encourage you to download it to get a more comprehensive and detailed view of
all the subject matter.