400-007 Online Practice Questions and Answers
Identity and access management between multiple users and multiple applications has become a mandatory requirement for Company XYZ to fight against ever increasing cybersecurity threats. To achieve this, federated identity services have been deployed in the Company XYZ network to provide single sign-on and Multi-Factor Authentication for the applications and services. Which protocol can be used by Company XYZ to provide authentication and authorization services?
A. OAuth2
B. OpenID Connect
C. OpenID
D. SAML2.0
Hybrid cloud computing allows organizations to like advantage of public and private cloud models. Which best practice should organizations follow to ensure data security in the private cloud?
A. Use standard protocols for data transmission over the network.
B. Encrypt data when it is at rest and in motion
C. Communicate all data security risks to customers and end users.
D. Use standard network protocols for data communication between unsecured network connections.
Retef to the exhibit.
An engineer is designing a multiarea OSPF network for a client who also has a large EIGRP domain EIGRP routes are getting redistributed into OSPF ,OSPF area 20 has routers with limited memory and CPU resources The engineer wants to block routes from EIGRP 111 from propagating into area 20 and allow EIGRP 222 routes to how in. Which OSPF area type fulfills this design requirement?
A. area 20 as a stub area
B. type 5 LSA filtering on the ASBR between EIGRP 111 and area a
C. area 20 as a NSSA area
D. type 3 LSA filtering on the ABR between area 0 area 20
How must the queue sizes be designed to ensure that an application functions correctly?
A. Each individual device queuing delay in the chain must be less than or equal to the application required delay.
B. The queuing delay on every device in the chain must be exactly the same to the application required delay.
C. The default queue sizes are good for any deployment as it compensates the serialization delay.
D. The sum of the queuing delay of all devices plus serialization delay in the chain must be less than or equal to the application required delay.
You were tasked to enhance the security of a network with these characteristics:
A pool of servers is accessed by numerous data centers and remote sites The servers are accessed via a cluster of firewalls The firewalls are configured properly and are not dropping traffic The firewalls occasionally cause asymmetric routing of traffic within the server data center.
Which technology should you recommend to enhance security by limiting traffic that could originate from a hacker compromising a workstation and redirecting flows at the servers?
A. Poison certain subnets by adding static routes to Null0 on the core switches connected to the pool of servers.
B. Deploy uRPF strict mode.
C. Limit sources of traffic that exit the server-facing interface of the firewall cluster with ACLs.
D. Deploy uRPF loose mode
Which two foundational aspects of loT are still evolving and being worked on by the industry at large? (Choose two)
A. WiFi protocols
B. Regulatory domains
C. Low energy Bluetooth sensors
D. loT consortia
E. Standards
Refer to the exhibit.
Your company designed a network to allow server VLANs to span all access switches in a data center In the design, Layer 3 VLAN interfaces and HSRP are configured on the aggregation switches Which two features improve STP stability within the network design? (Choose two.)
A. BPDU guard on access ports
B. BPDU guard on the aggregation switch downlinks toward access switches
C. root guard on the aggregation switch downlinks toward access switches
D. root guard on access ports
E. edge port on access ports
F. access switch pairs explicitly determined to be root and backup root bridges
Which methodology is the leading lifecycle approach to network design and implementation?
A. PPDIOO
B. Waterfall model
C. Spiral model
D. V model
Which effect of using ingress filtering to prevent spoofed addresses on a network design is true?
A. It reduces the effectiveness of DDoS attacks when associated with DSCP remarking to Scavenger.
B. It protects the network Infrastructure against spoofed DDoS attacks.
C. It Classifies bogon traffic and remarks it with DSCP bulk.
D. It filters RFC 1918 IP addresses.
DRAG DROP
Drag and drop the QoS technologies from the left onto the correct capabilities on the right.
Select and Place:
