350-401 Practice Test Questions

253 Questions


Topic 1: Exam Pool A

Which solution simplifies management of secure access to network resources?


A. TrustSec to logically group internal user environments and assign policies


B. ISE to automate network access control leveraging RADIUS AV pairs


C. RFC 3580-based solution to enable authenticated access leveraging RADIUS and AV pairs


D. 802 1AE to secure communication in the network domain





C.   RFC 3580-based solution to enable authenticated access leveraging RADIUS and AV pairs

An engineer must create an EEM script to enable OSPF debugging in the event the OSPF neighborship goes down. Which script must the engineer apply?


A. event manager applet ENABLE_OSPF_DEBUG
event syslog pattern "%OSPF-1-ADJCHG: Process 5. Nbr 1.1.1.1 on SerialO/0 from FULL to DOWN"
action 1.0 cli command "debug ip ospf event"
action 2.0 cli command "debug ip ospf adj"
action 3.0 syslog priority informational msg "ENABLE_OSPF_DEBUG


B. event manager applet ENABLEOSPFDEBUG
event syslog pattern "%OSPF-5-ADJCHG: Process 5, Nbr 1.1.1.1 on SerialO/0 from LOADING to FULL"
action 1.0 cli command "debug ip ospf event"
action 2.0 cli command "debug ip ospf adj"
action 3.0 syslog priority informational msg "ENABLE JDSPF_DEBUG"


C. event manager apple! ENABLE OSPFDEBUG
event syslog pattern "%OSPF-5-ADJCHG: Process 5. Nbr 1.1.1.1 on SerialO/0 from LOADING to FULL"
action 1.0 cli command "enable"
action 2.0 cli command "debug ip ospf event"
action 3.0 cli command "debug ip ospf adj"
action 4.0 syslog priority informational msg "ENABLE_OSPFJ} EBUG"


D. event manager applet ENABLE_OSPF_DEBUG
event syslog pattern "%OSPF-5-ADJCHG: Process 6. Nbr 1.1.1.1 on SerialO/0 from FULL to DOWN"
action 1.0 cli command "enable"
action 2.0 cli command "debug ip ospf event"
action 3.0 cli command "debug ip ospf adj"
action 4.0 syslog priority informational msg "ENABLE_OSPF_DEBUG'*





D.   event manager applet ENABLE_OSPF_DEBUG
event syslog pattern "%OSPF-5-ADJCHG: Process 6. Nbr 1.1.1.1 on SerialO/0 from FULL to DOWN"
action 1.0 cli command "enable"
action 2.0 cli command "debug ip ospf event"
action 3.0 cli command "debug ip ospf adj"
action 4.0 syslog priority informational msg "ENABLE_OSPF_DEBUG'*

Which next generation firewall feature supports separate security services for multiple departments?


A. state sharing mode to .trade the user data sessions and replication to the neighbor firewall using a failover link


B. Layer 3 mode with resource tracking capabilities and automatic configuration synchronization between the nodes and security zones


C. multicontext mode with specific logical or physical interface allocation within each context and grouped into security zones


D. virtual switch mode to provide traffic inspection capabilities for the flows entering the firewall and dropping packets based on policy configuration





C.   multicontext mode with specific logical or physical interface allocation within each context and grouped into security zones

Which task Is mandatory when provisioning a device through the plug-and-play workflow in Cisco DNA Center?


A. site assignment


B. slack serial number assignment


C. golden image upgrade


D. template configuration application





D.   template configuration application

In Cisco CatalystCenter(formerly DNA Center) Inventory, the Software Version of a networkdevice displays a status of OUTDATED. What does It me?


A. There is a later software version available on Cisco Catalyst Center (formerly DNA Center).


B. The current software image does not match the selected Golden image for this type of network device.


C. The current type of software image does not match the type of the network device.


D. There is a later software version available at www.cisco.com website.





B.   The current software image does not match the selected Golden image for this type of network device.

What does the LAP send when multiple WLCs respond to the CISCO_CAPWAPCONTROLLER. localdomain hostname during the CAPWAP discovery and join process?


A. broadcast discover request


B. join request to all the WLCs


C. unicast discovery request to each WLC


D. Unicast discovery request to the first WLS that resolves the domain name





D.   Unicast discovery request to the first WLS that resolves the domain name

What is a characteristic of the Cisco Catalyst Center (formerly DNA Center) Template Editor feature?


A. It facilitates software upgrades to network devices from a central point.


B. It facilitates a vulnerability assessment of the network devices.


C. It uses a predefined configuration through parameterized elements or variables.


D. It provides a high-level overview of the health of every network device.





C.   It uses a predefined configuration through parameterized elements or variables.

What is one advantage of using a data modeling language to develop an API client application?


A. Increase in compatibility


B. easier feature extensibility


C. stronger security properties


D. lower resource requirements





B.   easier feature extensibility


A. Option A


B. Option B


C. Option C


D. Option D





D.   Option D


A. Option A


B. Option B


C. Option C


D. Option D





A.   Option A

Which characteristic applies to Cisco SD-Access?


A. It uses dynamic routing the discover and provision access switches.


B. It uses VXLAN for the control plane


C. It uses VXLAN for the data plane


D. It uses dynamic routing to discover and provision border switches





B.   It uses VXLAN for the control plane

Which two actions are recommended as security best practices to protect REST API? (Choose two.)


A. Use SSL for encryption.


B. Enable out-of-band authentication.


C. Enable dual authentication of the session.


D. Use TACACS+ authentication.


E. Use a password hash.





A.   Use SSL for encryption.

C.   Enable dual authentication of the session.


Page 2 out of 22 Pages
Previous