Guaranteed 300-320 Free Practice Questions 2021

NEW QUESTION 1
A network engineer must use an Internet connection to provide backup connectivity between two sites. The backup connection must be encrypted and support multicast. Which technology must be used?

• A. GRE over IPsec
• B. GETVPN
• C. IPsec direct encapsulation
• D. DMVPN

Answer: A

NEW QUESTION 2
HSRP is running Bet SW A and Dist SW B. Which two links do the switches use to transmit HSRP mess? choose two

• A. core Switch A, port g2/1 to distr switch A, port g3/1
• B. distr Switch A, port g5/1 to distr swit B, port g5/2
• C. Core Switch A, por g1/1 tp core swit B, port g1/2
• D. Core Switch B, port g2/2 to distr switch b, port g3/2
• E. Distr Switch A, port g4/1 to acc swi, port g1/0/1
• F. Distri Switch B, port g4/2 to acc switch, port g2/0/1

Answer: EF

NEW QUESTION 3
Which Cisco NAC Appliance design is the most scalable in large Layer 2-to-distribution implementation?

• A. Layer 2 out-of-band
• B. Layer 2 in-band
• C. Layer 3 out-of-band
• D. Layer 3 in-band

Answer: B

Explanation: https://www.safaribooksonline.com/library/view/foundation-learning-guide/9780132652933/ch08.html "Layer 2 In-Band Designs The Layer 2 in-band topology is the most common deployment option.
[...]
This is the most scalable design in large L2-to-distribution environments, because this design can be transparently implemented in the existing network supporting multiple access layer switches. It supports all
network infrastructure equipment. The Cisco NAS supports per-user ACLs."

NEW QUESTION 4
An engineer want to ensure that of the PEs are discovery in VPLS discover PS. use signaling and access to across PE router without having manually provision VPLS neighbors, What solution must be implemented?

• A. BGP autodiscovery with BGP signalling
• B. BGP autodiscovery with LDP signalling
• C. H-VPLS with PW-access
• D. BGP-based VPLS autodiscovery

Answer: D

Explanation: https://www.cisco.com/c/en/us/td/docs/ios/12_2sr/12_2srb/feature/guide/fs_vpls.html and
https://tools.ietf.org/html/rfc4761

NEW QUESTION 5
Which first-hop redundancy protocol that was designed by Cisco allows packet load sharing among groups of redundant routers?

• A. GLBP
• B. HSRP
• C. VRRP
• D. VSS

Answer: A

NEW QUESTION 6
An engineer is considering uplink bandwidth over-subscription in a Layer 3 network design. Which option is the Cisco recommended over-subscription ratio for uplinks between the distribution and core layers?

• A. 3 to 1
• B. 4 to 1
• C. 6 to 1
• D. 8 to 1

Answer: B

NEW QUESTION 7
Which one of these could you implement to sustain a large DDoS attack?

• A. Stateful firewall
• B. uRPF
• C. Connections limits and timeouts
• D. Access-lists

Answer: C

NEW QUESTION 8
A company have single ASA hardware box and they need to separate company departments in way that they can apply different rules on them, ACL, NAT, and so on... Which mode is needed?

• A. routed mode
• B. transparent mode
• C. multiple context mode
• D. active failover mode

Answer: C

NEW QUESTION 9
Which two ways to support secure transport of multicast traffic are true? (Choose two.)

• A. Use spoke-to-spoke design.
• B. Use IPsec over GRE tunnel.
• C. Use GET VPN.
• D. Use NBMA instead of broadcast.
• E. Disable encryption for multicast traffic.

Answer: BC

Explanation: GET VPN = Group Encrypted Transport VPN. It is tunnel-less and can support multicast traffic

NEW QUESTION 10
Which two options describe how Taboo contracts differ from regular contracts in Cisco ACI? (Choose two) (E)

• A. Taboo contract entries are looked up with higher priority than entries in regular contracts
• B. Taboo contract entries are looked up with lower priority than entries in regular contracts.
• C. They are not associated with one EPG
• D. They are not associated with EPGs
• E. Taboo contract entries are looked up based on administrator configured priority
• F. They are associated with pair of EPGs

Answer: AF

Explanation: There may be times when the ACI administrator might need to deny traffic that is allowed by another contract. Taboos are a special type of contract that an ACI administrator can use to deny specific traffic that would otherwise be allowed by another contract. Taboos can be used to drop traffic matching a pattern (any EPG, a specific EPG, matching a filter, and so forth). Taboo rules are applied in the hardware before the rules of regular contracts are applied. Taboo contracts are not recommended as part of the ACI best practices but they can be used to transition from traditional networking to ACI. To imitate the traditional networking concepts, an "allow-all-traffic" contract can be applied, with taboo contracts configured to restrict certain types of traffic."

NEW QUESTION 11
What is the result of a successful RPF check?

• A. Packet is dropped because it arrived on the interface that used to forward the packet back to source.
• B. Packet is dropped because it arrived on the interface that used to forward the packet back to destination.
• C. Packet is forwarded because it arrived on the interface that used to forward the packet back to destination
• D. Packet is forwarded because it arrived on the interface that used to forward the packet back to source

Answer: D

NEW QUESTION 12
Which option must be included in the design when implementing a triangle looped access layer design?

• A. first hop redundancy protocol.
• B. Single uplinks between access and distribution switches.
• C. Layer 2 links between access switches.
• D. Layer 3 links between distribution switches.

Answer: A

NEW QUESTION 13
What multicast design would you use that cannot use rendezvous points?

• A. Pim bidirectional
• B. Pim Sparse
• C. Pim Dense
• D. Pim-SSM

Answer: D

NEW QUESTION 14
An engineer is designing an infrastructure to use a 40 Gigabit link as the primary uplink and a 10 Gigabit uplink as the alternate path. Which routing protocol allows for unequal cost load balancing?

• A. OSPF
• B. RIP
• C. EIGRP
• D. BGP
• E. IS-IS

Answer: C

NEW QUESTION 15
What protocol is used for connectivity between VSS layers?

• A. PAgP
• B. IVR
• C. ISL
• D. VSL
• E. ...

Answer: D

NEW QUESTION 16
A network engineer must create a backup network connection between two corporate sites over the Internet using the existing ASA firewalls. Which VPN technology best satisfies this corporate need?

• A. VPLS
• B. DMVPN
• C. GETVPN
• D. IPSec
• E. MPLS
• F. OTV

Answer: D

NEW QUESTION 17
Which IPv6 migration strategy supports IPv4 and IPv6 on the same router?

• A. IPv6 translation
• B. dual-stack
• C. IPv6 tunneling
• D. NAT

Answer: A