Use Free 350-401 Exam Questions that Stimulates Actual EXAM
Get 100% Real 350-401 Free Online Practice Test
Cisco 350-401 certification exam is a critical certification exam for IT professionals who want to demonstrate their mastery of enterprise network technologies. 350-401 exam is designed to test the knowledge of candidates on various network technologies, including network automation, network security, and network design. Implementing Cisco Enterprise Network Core Technologies (350-401 ENCOR) certification exam is a comprehensive test that covers a wide range of topics, including network access, IP services, security, and infrastructure.
NEW QUESTION # 609
Which technology does VXLAN use to provide segmentation for Layer 2 and Layer 3 traffic?
- A. bridge domain
- B. VNI
- C. VLAN
- D. VRF
Answer: B
NEW QUESTION # 610
Drag and drop the DHCP messages that are exchanged between a client and an AP into the order they are exchanged on the right.
Answer:
Explanation:
NEW QUESTION # 611
A network engineer is enabling HTTPS access to the core switch, which requires a certificate to be installed on the switch signed by the corporate certificate authority Which configuration commands are required to issue a certificate signing request from the core switch?
A)
B)
C)
D)
- A. Option C
- B. Option D
- C. Option A
- D. Option B
Answer: D
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/ios/ios_xe/sec_secure_connectivity/configuration/guide/conve
NEW QUESTION # 612
Which method displays text directly into the active console with a synchronous EEM applet policy?
- A. event manager applet boom
event syslog pattern 'UP'
action 1.0 puts 'logging directly to console' - B. event manager applet boom
event syslog pattern 'UP'
action 1.0 syslog priority direct msg 'log directly to console' - C. event manager applet boom
event syslog pattern 'UP'
action 1.0 string 'logging directly to console' - D. event manager applet boom
event syslog pattern 'UP'
action 1.0 gets 'logging directly to console'
Answer: B
Explanation:
Explanation
To enable the action of printing data directly to the local tty when an Embedded Event Manager (EEM) applet is triggered, use the action puts command in applet configuration mode.
The following example shows how to print data directly to the local tty:
The action puts command applies to synchronous events. The output of this command for a synchronous applet is directly displayed to the tty, bypassing the syslog.
NEW QUESTION # 613
Refer to exhibit.
VLANs 50 and 60 exist on the trunk links between all switches All access ports on SW3 are configured for VLAN 50 and SW1 is the VTP server Which command ensures that SW3 receives frames only from VLAN
50?
- A. SW1 (config)#vtp pruning
- B. SW1 (config)#vtp mode transparent
- C. SW3(config)#vtp mode transparent
- D. SW2(config)#vtp pruning
Answer: A
Explanation:
Explanation
SW3 does not have VLAN 60 so it should not receive traffic for this VLAN (sent from SW2).
Therefore we should configure VTP Pruning on SW3 so that SW2 does not forward VLAN 60 traffic to SW3. Also notice that we need to configure pruning on SW1 (the VTP Server), not SW2.
NEW QUESTION # 614
Refer to the exhibit.
The traceroute fails from R1 to R3. What is the cause of the failure?
- A. Redistribution of connected routes into OSPF is not configured.
- B. An ACL applied Inbound on loopback0 of R2 Is dropping the traffic.
- C. An ACL applied Inbound on fa0/1 of R3 is dropping the traffic.
- D. The loopback on R3 Is in a shutdown stale.
Answer: C
Explanation:
We see in the traceroute result the packet could reach 10.99.69.5 (on R2) but it could not go any further so we can deduce an ACL on R3 was blocking it.
Note: Record option displays the address(es) of the hops (up to nine) the packet goes through.
NEW QUESTION # 615
Drag and drop the Qos mechanisms from the left to the correct descriptions on the right
Answer:
Explanation:
NEW QUESTION # 616
Drag and drop characteristics of PIM dense mode from the left to the right.
Answer:
Explanation:
NEW QUESTION # 617
Which IP SLA operation requires the IP SLA responder to be configured on the remote end?
- A. UDP jitter
- B. ICMP jitter
- C. ICMP echo
- D. TCP connect
Answer: A
Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/46sg/configuration/guide/ Wrapper-46SG/swipsla.pdf
NEW QUESTION # 618
Which method creates an EEM applet policy that is registered with EEM and runs on demand or manually?
- A. event manager applet ondemand
event none
action 1.0 syslog priority critical msg 'This is a message from ondemand' - B. event manager applet ondemand
event register
action 1.0 syslog priority critical msg 'This is a message from ondemand' - C. event manager applet ondemand
action 1.0 syslog priority critical msg 'This is a message from ondemand' - D. event manager applet ondemand
event manual
action 1.0 syslog priority critical msg 'This is a message from ondemand'
Answer: A
Explanation:
Explanation
An EEM policy is an entity that defines an event and the actions to be taken when that event occurs.
There are two types of EEM policies: an applet or a script.
An applet is a simple form of policy that is defined within the CLI configuration. answer 'event manager applet ondemand event register action 1.0 syslog priority critical msg 'This is a message from ondemand'
<="" p="" style="box-sizing: border-box;">
There are two ways to manually run an EEM policy.
EEM usually schedules and runs policies on the basis of an event specification that is contained within the policy itself.
The event none command allows EEM to identify an EEM policy that can be manually triggered.
To run the policy, use either the action policy command in applet configuration mode or the event manager run command in privileged EXEC mode.
NEW QUESTION # 619
Drag and drop the characteristics from the left onto the routing protocols they describe on the right.
Answer:
Explanation:
NEW QUESTION # 620
Refer to the exhibit.
What happens to access interfaces where VLAN 222 is assigned?
- A. STP BPDU guard is enabled
- B. They cannot provide PoE
- C. They are placed into an inactive state
- D. A description "RSPAN" is added
Answer: C
Explanation:
Explanation
Access ports (including voice VLAN ports) on the RSPAN VLAN are put in the inactive state.
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_55_se/configura
NEW QUESTION # 621
Which statement about VXLAN is true?
- A. VXLAN uses the Spanning Tree Protocol for loop prevention.
- B. VXLAN encapsulates a Layer 2 frame in an IP-UDP header, which allows Layer 2 adjacency across router boundaries.
- C. VXLAN extends the Layer 2 Segment ID field to 24-bits. which allows up to 4094 unique Layer 2 segments over the same network.
- D. VXLAN uses TCP 35 the transport protocol over the physical data cento network
Answer: B
Explanation:
802.1Q VLAN identifier space is only 12 bits.
The VXLAN identifier space is 24 bits.
This doubling in size allows the VXLAN ID space to support 16 million Layer 2 segments -> Answer 'VXLAN extends the Layer 2 Segment ID field to 24-bits, which allows up to 4094 unique Layer 2 segments over the same network' is not correct.
VXLAN is a MAC-in-UDP encapsulation method that is used in order to extend a Layer 2 or Layer 3 overlay network over a Layer 3 infrastructure that already exists.
Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/vlan/212682-virtualextensible-lan-and-ethernet-virt.html
NEW QUESTION # 622
Refer to the exhibit.
An engineer must deny HTTP traffic from host A to host B while allowing all other communication between the hosts, drag and drop the commands into the configuration to achieve these results. Some commands may be used more than once. Not all commands are used.
Answer:
Explanation:
Explanation:
Deny
Permit
Action drop
Action forward
NEW QUESTION # 623
Refer to the exhibit.
Which configuration establishes EBGP neighborship between these two directly connected neighbors and exchanges the loopback network of the two routers through BGP?
- A.
- B.
- C.
- D.
Answer: A
Explanation:
Explanation
With BGP, we must advertise the correct network and subnet mask in the "network" command (in this case network 10.1.1.0/24 on R1 and network 10.2.2.0/24 on R2). BGP is very strict in the routing advertisements. In other words, BGP only advertises the network which exists exactly in the routing table. In this case, if you put the command "network x.x.0.0 mask 255.255.0.0" or
"network x.0.0.0 mask 255.0.0.0" or "network x.x.x.x mask 255.255.255.255" then BGP will not advertise anything.
It is easy to establish eBGP neighborship via the direct link. But let's see what are required when we want to establish eBGP neighborship via their loopback interfaces. We will need two commands:
+ the command "neighbor 10.1.1.1 ebgp-multihop 2" on R1 and "neighbor 10.2.2.2 ebgpmultihop
2" on R1. This command increases the TTL value to 2 so that BGP updates can reach the BGP neighbor which is two hops away.
+ Answer 'R1 (config) #router bgp 1
R1 (config-router) #neighbor 192.168.10.2 remote-as 2
R1 (config-router) #network 10.1.1.0 mask 255.255.255.0
R2 (config) #router bgp 2
R2 (config-router) #neighbor 192.168.10.1 remote-as 1
R2 (config-router) #network 10.2.2.0 mask 255.255.255.0
Quick Wireless Summary
Cisco Access Points (APs) can operate in one of two modes: autonomous or lightweight
+ Autonomous: self-sufficient and standalone. Used for small wireless networks.
+ Lightweight: A Cisco lightweight AP (LAP) has to join a Wireless LAN Controller (WLC) to function.
LAP and WLC communicate with each other via a logical pair of CAPWAP tunnels.
- Control and Provisioning for Wireless Access Point (CAPWAP) is an IETF standard for control messaging for setup, authentication and operations between APs and WLCs. CAPWAP is similar to LWAPP except the following differences:
+CAPWAP uses Datagram Transport Layer Security (DTLS) for authentication and encryption to protect traffic between APs and controllers. LWAPP uses AES.
+ CAPWAP has a dynamic maximum transmission unit (MTU) discovery mechanism.
+ CAPWAP runs on UDP ports 5246 (control messages) and 5247 (data messages) An LAP operates in one of six different modes:
+ Local mode (default mode): measures noise floor and interference, and scans for intrusion detection (IDS) events every 180 seconds on unused channels
+ FlexConnect, formerly known as Hybrid Remote Edge AP (H-REAP), mode: allows data traffic to be switched locally and not go back to the controller. The FlexConnect AP can perform standalone client authentication and switch VLAN traffic locally even when it's disconnected to the WLC (Local Switched). FlexConnect AP can also tunnel (via CAPWAP) both user wireless data and control traffic to a centralized WLC (Central Switched).
+ Monitor mode: does not handle data traffic between clients and the infrastructure. It acts like a sensor for location-based services (LBS), rogue AP detection, and IDS
+ Rogue detector mode: monitor for rogue APs. It does not handle data at all.
+ Sniffer mode: run as a sniffer and captures and forwards all the packets on a particular channel to a remote machine where you can use protocol analysis tool (Wireshark, Airopeek, etc) to review the packets and diagnose issues. Strictly used for troubleshooting purposes.
+ Bridge mode: bridge together the WLAN and the wired infrastructure together.
Mobility Express is the ability to use an access point (AP) as a controller instead of a real WLAN controller. But this solution is only suitable for small to midsize, or multi-site branch locations where you might not want to invest in a dedicated WLC. A Mobility Express WLC can support up to 100 Aps
NEW QUESTION # 624
......
BEST Verified Cisco 350-401 Exam Questions (2024) : https://www.pass4surequiz.com/350-401-exam-quiz.html
The Best Practice Test Preparation for the 350-401 Certification Exam: https://drive.google.com/open?id=1Uw6SLRYpt8Q6bbSlDjZCVHdlkQ-Xir5a