Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > Cisco > CCNP Enterprise > 350-401 > 350-401 Online Practice Questions and Answers

350-401 Online Practice Questions and Answers

Questions 4

SIMULATION

Guidelines

This is a lab item in which tasks will be performed on virtual devices.

1.

Refer to the Tasks tab to view the tasks for this lab item.

2.

Refer to the Topology tab to access the device console(s) and perform the tasks.

3.

Console access is available for all required devices by clicking the device icon or using the tab(s) above the console window.

4.

All necessary preconfigurations have been applied.

5.

Do not change the enable password or hostname for any device.

6.

Save your configurations to NVRAM before moving to the next item.

7.

Click Next at the bottom of the screen to submit this lab and move to the next question.

8.

When Next is clicked, the lab closes and cannot be reopened.

Topology

Tasks

The operations team started configuring network devices for a new site. R10 and R20 are preconfigured with the CORP VRF. R10 has network connectivity to R20. Complete the configurations to achieve these goals:

1.

Extend the CORP VRF between R10 and R20 using Tunnel0.

2.

Protect Tunnel0 using the preconfigured profile

3.

Configure static routing on R10 and R20 so that users in VLANs100 and 101 that belong to the CORP VRF are able to communicate with each other. Tunnel0 should be the only interface used to route traffic for the CORP VRF

A. See the solution below in Explanation.

B. Place Holder

C. Place Holder

D. Place Holder

Buy Now

Correct Answer: A

We need to find out the IP addresses of e0/1 of R10 and e0/2 of R20 first with the “show ip interface brief” command on these two routers. Supposethey are 10.10.1.10 and 10.10.2.20 respectively. We will use them in the “tunnel destination

…” commands

R10

interface Tunnel 0

ip vrf forwarding CORP

tunnel source e0/1

tunnel destination 10.10.2.20

tunnel vrf TECH

R20

interface Tunnel 0

ip vrf forwarding CORP

tunnel source e0/2

tunnel destination 10.10.1.10

tunnel vrf TECH

We are not sure if “TECH” is another VRF configured on both routers. If yes then maybe this sim wants us to configure a “front-door VRF”.On a tunnel interface you use the ip vrf forwarding command to place the tunnel interface in that

particular routing table.The tunnel vrf command instructs the router to use the specified VRFs routing table for the tunnel source and destination IP addresses.

Static route:

R10:

ip route vrf TECH 10.100.1.0 255.255.255.0 tunnel0

R20:

ip route vrf TECH 10.101.2.0 255.255.255.0 tunnel0

Questions 5

Which network devices secure API platform?

A. next-generation intrusion detection systems

B. Layer 3 transit network devices

C. content switches

D. web application firewalls

Buy Now

Correct Answer: D

Questions 6

Which three resources must the hypervisor make available to the virtual machines? (Choose three)

A. memory

B. bandwidth

C. IP address

D. processor

E. storage

F. secure access

Buy Now

Correct Answer: ADE

Questions 7

Refer to the exhibit.

The traceroute fails from R1 to R3. What is the cause of the failure?

A. The loopback on R3 Is in a shutdown stale.

B. An ACL applied Inbound on loopback0 of R2 Is dropping the traffic.

C. An ACL applied Inbound on fa0/1 of R3 is dropping the traffic.

D. Redistribution of connected routes into OSPF is not configured.

Buy Now

Correct Answer: C

We see in the traceroute result the packet could reach 10.99.69.5 (on R2) but it could not go any further so we can deduce an ACL on R3 was blocking it. Note: Record option displays the address(es) of the hops (up to nine) the packet goes through.

Questions 8

By default, which virtual MAC address does HSRP group 30 use?

A. 00:05:0c:07:ac:30

B. 00:00:0c:07:ac:1e

C. 05:0c:5e:ac:07:30

D. 00:42:18:14:05:1e

Buy Now

Correct Answer: B

Questions 9

Which statement explains why Type 1 hypervisor is considered more efficient than Type 2 hypervisor?

A. Type 1 hypervisor runs directly on the physical hardware of the host machine without relying on the underlying OS.

B. Type 1 hypervisor enables other operating systems to run on it.

C. Type 1 hypervisor relics on the existing OS of the host machine to access CPU, memory, storage, and network resources.

D. Type 1 hypervisor is the only type of hypervisor that supports hardware acceleration techniques.

Buy Now

Correct Answer: A

There are two types of hypervisors: type 1 and type 2 hypervisor. In type 1 hypervisor (or native hypervisor), the hypervisor is installed directly on the physical server. Then instances of an operating system (OS) are installed on the hypervisor. Type 1 hypervisor has direct access to the hardware resources. Therefore they are more efficient than hosted architectures. Some examples of type 1 hypervisor are VMware vSphere/ESXi, Oracle VM Server, KVM and Microsoft Hyper-V. In contrast to type 1 hypervisor, a type 2 hypervisor (or hosted hypervisor) runs on top of an operating system and not the physical hardware directly. answer 'Type 1 hypervisor runs directly on the physical hardware of the host machine without relying on the underlying OS' big advantage of Type 2 hypervisors is that management console software is not required. Examples of type 2 hypervisor are VMware Workstation (which can run on Windows, Mac and Linux) or Microsoft Virtual PC (only runs on Windows).

Questions 10

Which NGFW mode blocks flows crossing the firewall?

A. tap

B. inline

C. passive

D. inline tap

Buy Now

Correct Answer: B

Reference: https://www.cisco.com/c/en/us/support/docs/security/firepower-ngfw/200924-configuring-firepower-threat-defense-int.html

Questions 11

Refer to the exhibit.

An engineer must ensure that all traffic leaving AS 200 will choose Link 2 as the exit point. Assuming that all BGP neighbor relationships have been formed and that the attributes have not been changed on any of the routers.

Which configuration accomplish task?

A. R4(config-router)bgp default local-preference 200

B. R3(config-router)neighbor 10.1.1.1 weight 200

C. R3(config-router)bgp default local-preference 200

D. R4(config-router)nighbor 10.2.2.2 weight 200

Buy Now

Correct Answer: A

Local preference is an indication to the AS about which path has preference to exit the AS in order to reach a certain network. A path with a higher local preference is preferred. The default value for local preference is 100.

Unlike the weight attribute, which is only relevant to the local router, local preference is an attribute that routers exchange in the same AS. The local preference is set with the "bgp default local-preference value " command.

In this case, both R3 and R4 have exit links but R4 has higher local-preference so R4 will be chosen as the preferred exit point from AS 200.

Questions 12

A network engineer attempts to connect to the Router1 console port.

Which configuration is needed to allow Telnet connections?

A. Router1(config)# line vty 0 15 Router1(config-line)# transport output telnet

B. Router1(config)# telnet client

C. Router1(config)# line console 0 Router1(config-line)# transport output telnet

D. Router1(config)# access-list 100 permit tcp any any eq telnet Router1(config)# line console 0 Router1(config-line)# access-class 100 out

Buy Now

Correct Answer: C

Router# Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#line con 0 Router(config-line)#transport output none Router(config-line)#end *Apr 19 17:33:16.198: %SYS-5-CONFIG_I: Configured from console by console Router#disable Router>telnet 10.0.0.2 % telnet connections not permitted from this terminal Router>en Router#conf t Enter configuration commands, one per line. End with CNTL/Z. Router(config)#line console 0 Router(config-line)#transport output telnet Router(config-line)#exit Router(config)#end Router# *Apr 19 17:34:06.111: %SYS-5-CONFIG_I: Configured from console by console Router#disable Router>telnet 10.0.0.2 Trying 10.0.0.2 ... % Connection refused by remote host

Router>

Reference: https://www.cisco.com/c/en/us/td/docs/routers/sdwan/command/iosxe/qualified-cli-command-reference-guide/m-line-commands.pdf

Questions 13

Which Cisco DNA Center Assurance feature verifies host reachability?

A. path trace

B. application experience

C. detail information

D. network time travel

Buy Now

Correct Answer: A

Exam Code: 350-401
Exam Name: Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)
Last Update: May 07, 2025
Questions: 1457

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2025 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.