Practice Free 300-415 Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Exam Questions Answers With Explanation

An engineer is applying QoS policy for the transport-side tunnel interfaces to enable scheduling and shaping for a WAN Edge cloud router Which command accomplishes the task?

An enterprise has these three WAN connections:

public Internet

business internet

MPLS

An engineer must configure two available links to route traffic via both links. Which configuration achieves this objective?

A customer has 1 to 100 service VPNs and wants to restrict outbound updates for VPN1 Which control policy configuration restricts these updates?

A)

B)

C)

D)

What is the purpose of ‘’vpn 0’’ in the configuration template when onboarding a WAN edge node?

An engineer must advertise OSPF-learned routes and modify the update interval for route filtering by TLOC color to 300 on an SD-WAN device. Which configuration accomplishes this

task?

What is a requirement for a WAN Edge to reach vManage, vBond, and vSmart controllers in a data center?

Which configuration changes the packet loss priority from low to highly?

A)

B)

C)

D)

How many concurrent sessions does a vManage REST API have before it invalidates the least recently used session if the maximum concurrent session number is reached?

In Cisco SD-WAN, what protocol is used for control connections between SD-WAN devices?

Which component of the Cisco SD-WAN control plane architecture should be located in a public Internet address space and facilitates NAT-traversal?

Company ABC has decided to deploy the controllers using the On-Prem method. How does the administrator upload the WAN Edge list to the vManage?

A)

B)

C)

D)

Which two actions are necessary to set the Controller Certificate Authorization mode to indicate a root certificate? (Choose two)

Drag and drop the devices from the left onto the correct functions on the right.

An engineer creates this data policy for DIA for VPN 10:

Which policy sequence enables DIA for external networks?

Drag and drop the actions from the left into the correct sequence on the right to create a data policy to direct traffic to the Internet exit.

How many cloud gateway instance(s) can be created per region when provisioning Cloud OnRamp for Multicloud from AWS in a multiregion environment?

Refer to the exhibit An engineer must configure a QoS policy between me hub and site A (spoke) over a standard internet circuit where traffic shaping is adjusted automatically based on evaiiabk» bandwidth Which configuration meets the requirement?

Refer to the exhibit. A customer wants to deploy service insertion at site1. Which traffic from VPN 10 must route to this site through a firewall. A policy must be in place to route VPN 10 traffic from all sites toward this firewall. Which configuration must be on the vSmart controller to meet this requirement?

Refer to the exhibit.

The control connection is failing. Which action resolves the issue?

An application team is getting ready to deploy a new business-critical application to the network. To protect the traffic, the network team must add another queue to the QoS map and then deploy the map to fabric Which configuration slop must be completed prior to adding the queue to the QoS map and applying If

Refer to the exhibit A user has selected the options while configuring a VPN Interface Ethernet feature template What is the required configuration parameter the user must set in this template for this feature to function?

Refer to the exhibit.

What binding is created using the tloc-extension command?

What is the procedure to upgrade all Cisco SD-WAN devices to a recent version?

Drag and drop the vManage policy configuration procedures from the left onto the correct definitions on the right.

Which two sets of identifiers does OMP carry when it advertises TLOC routes between WAN Edge routers? (Choose two.)

Which two vRoute attributes should be matched or set in vSmart policies and modified by data policies? (Choose two.)

An engineer must configure two branch WAN Edge devices where an Internet connection is available and the controllers are in the headquarters. The requirement is to have IPsec VPN tunnels established between the same colors. Which configuration meets the requirement on both WAN Edge devices?

Which compression algorithm does DRE use in a Cisco SD-WAN environment?

A company deploys a Cisco SD-WAN solution but has an unstable Internet connection. When the link to vSmart comes back up, the WAN Edge router routing table is not refreshed, and some traffic to the destination network is dropped. The headquarters is the hub site, and it continuously adds new sites to the SD-WAN network. An engineer must configure route refresh between WAN Edge and vSmart within 2 minutes. Which configuration meets this requirement?

Refer to the exhibit. Which configuration stops Netconf CLI logging on WAN Edge devices during migration?

Which plane assists in the automatic onboarding of the SD-WAN routers into the SD-WAN overlay?

What happens if the intelligent proxy is unreachable in the Cisco SD-WAN network?

Refer to the exhibit A vBond controller was added to the controller list with the same Enterprise Root CA certificate as vManage. The two controllers can reach each other via VPNO and share the same organization name, but the control connection is not initiated- Which action resolves the issue?

Refer to the exhibit.

The engineer must assign community tags to 3 of its 74 critical server networks as soon as that are advertised to BGP peers. These server networks must not be advertised outside AS. Which configuration fulfill this requirement?

A)

B)

C)

D)

Which queue must an engineer configure for control and BFD traffic for convergence on a WAN Edge router?

What is the threshold to generate a warning alert about CPU or memory usage on a WAN Edge router?

Which routing protocol has the highest default administrative distance?

Refer to the exhibit. An engineer is troubleshooting a control connection issue on a WAN Edge device that shows socket errors. The packet capture shows some ICMP packets dropped between the two devices. Which action resolves the issue?

What is the ZTP workflow for Cisco IOS XE-based devices?

Drag and drop the alarm slates from the left onto the corresponding alarm descriptions on the right.

Which plane builds and maintains the network topology and makes decisions on traffic flows?

Refer to the exhibit. A Cisco SD-WAN network carries traffic for several departments and over 1200 users with several applications at site A and site B branches over the MPLS1 circuit. An engineer is provisioning a higher bandwidth on-demand metro circuit as a backup connection. Which two configurations must the engineer apply to implement the on-demand tunnels? (Choose two.)

Refer to the exhibit, which configuration configures IPsec tunnels in active and standby?

Refer to the exhibit The Cisco SD-WAN network is configured with a default full-mesh topology. Islamabad HQ and Islamabad WAN Edges must be used as the hub sites. Hub sites MPLS TLOC must be preferred when forwarding FTP traffic based on a configured SLA class list. Which policy configuration does the network engineer use to call the SLA class and set the preferred color to MPLS?

Which logs verify when a device was upgraded?

An engineer creates a data policy to prevent communication from the 172.20.21.0/24 network to the 172.20.41.0/24 network. Which configuration accomplishes this task?

In which device state does the WAN edge router create control connections, but data tunnels are not created?

An SD-WAN customer must ensure that its network operations team can monitor and update the NTP server if needed on a WAN Edge in HQ. Which configuration meets this requirement?

An engineer is tasked to improve throughput for connection-oriented traffic by decreasing round-trip latency. Which configuration will achieve this goal?

Refer to exhibit.

An engineer is troubleshooting tear down of control connections even though a valid Certificate Serial Number is entered Which two actions resolve the Issue? (Choose two)

An engineer is configuring a list that matches all IP prefixes with lengths from /1 to /16 in a centralized control policy. Which list accomplishes this task?

A voice packet requires a latency of 50 msec. Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?

If Smart Account Sync is not used, which Cisco SD-WAN component is used to upload an authorized serial number file?

What are the default username and password for vSmart Controller when it is installed on a VMware ESXi hypervisor'?

Which two products that perform lifecycle management for virtual instances are supported by WAN Edge cloud routers? (Choose two.)

Refer to the exhibit.

A customer wants to implement primary and secondary Cisco SD-WAN overlay routing for prefixes that are advertised for both data centers. The east data center (TLOC 101.101.101.101) is primary for east sites, and the west data center (TLOC 100.100.100.100) is primary for west sites. Which configuration change achieves this objective?

Refer to the exhibit. An engineer configures a hub-and-spoke SD-WAN topology with the requirement that traffic from router A branch to router B branch is guaranteed to flow through the network hub, router C. Which configuration meets the requirement for router A?

Which protocol runs between the vSmart controllers and WAN Edge routers when the vSmart controller acts like a route reflector?

What is the main purpose of using TLOC extensions in WAN Edge router configuration?

Drag and drop the steps from the left into the order on the right to upload software on vManage repository that is accessible from maintenance > Software Repository.

A network administrator configures SNMPv3 on a Cisco WAN Edge router from CLI for monitoring purposes How many characters are supported by the snmp user command?

On which device is a service FW address configured to Insert firewall service at the hub?

Refer to the exhibit vManage and vBond have an issue establishing a connection to vSmart Which two actions does the administrator take to fix the issue? (Choose two)

An enterprise has several sites with multiple VPNs that are isolated from each other A new requirement came where users in VPN 73 must be able to talk to users in VPN 50 Which configuration meets this requirement?

Refer to the exhibit A WAN Edge device was recently added to vManage but a control connection could not be established Which action resolves this issue?

The Cisco SD-WAN engineer is configuring service chaining for a next-generation firewall located at the headquarters. Which configuration creates the service?

A)

B)

C)

D)

Drag and drop the alarm states from the left onto the corresponding alarm descriptions on the right.

Which protocol is used to measure jitter, loss, and latency on SD-WAN overlay tunnels?

Customer has two branch silos with overlapping IPs How must the data policy be configured to establish communication between the sites and server to avoid overlapping?

A)

B)

C)

D)

A network administrator is configuring Qos on a vEdge 5000 router and needs to enable it on the transport side interface. Which policy setting must be selected to accomplish this goal?

How is an event monitored and reported for an individual device in the overlay network at site ID:S4300T6E43F36?

Refer to the exhibit. Which configuration ensures that OSPP routes learned from Site2 are reachable at Stein and vice-versa?

What are the two advantages of deploying cloud-based Cisco SD-WAN controllers? (Choose two.)

Refer to the exhibit. An engineer must configure the Overlay Management Protocol route preference so that when B2 tries to reach host routes advertised by B1 it always chooses the MPLS circuit. Which two match conditions must be configured to accomplish this task? (Choose two.)

An engineer modifies a data policy for DIA in VPN 67. The location has two Internet-bound circuits. Only the web browsing traffic must be admitted for DIA. without further discrimination about which transport to use.

Here is the existing data policy configuration:

Which policy configuration sequence meets the requirements?

Refer to the exhibit. The ge0/0 interface connects to a 30-MB link. A network administrator wants to always have 10 MB available for high priority traffic. When lower-priority traffic busts exceed 20 MB. Traffic should be redirected to the second WAN interface ge0/1. Which set of configurations accomplishes this task?

A)

B)

C)

D)

An organization wants to discover monitor and track the applications running on the WAN Edge device on the LAN Which configuration achieves this goal?

Which component of the Cisco SD-WAN control plane architecture facilitates the storage of certificates and configurations for network components?

An engineer modifies a data policy for DIA in VPN 200 to meet the requirements for traffic destined to these locations:

* external networks; must be translated

* external networks; must use a public TLOC color

* syslog servers, must use a private TLOC color

Here is the existing data policy configuration:

Which policy configuration sequence set meets the requirements?

Refer to the exhibit.

An enterprise has enabled load balancing over MPLS and Internet links. Which feature from the monitoring tool does an engineer use to visualize the available links utilized by the data traffic between Service VPNs?

Which destination UDP port is used by WAN Edge router to make a DTLS connection with vBond Orchestrator?

Which policy configures an application-aware routing policy under Configuration > Policies?

An engineer is configuring a shaping rate of 1 Mbps on the WAN link of a WAN Edge router Which configuration accomplishes this task’?

A company must avoid downtime at the remote sites and data plane to continue forwarding traffic between WAN Edge devices if the branch router loses connectivity to its OMP peers Which configuration meets the requirement?

A)

B)

C)

D)

Which platforms are managed by a single vManage dashboard?

What are the two components of an application-aware firewall? (Choose two.)

How many vManage NMSs should be installed in each domain to achieve scalability and redundancy?

An engineer must create a QoS policy by creating a class map and assigning it to the LLQ queue on a WAN Edge router Which configuration accomplishes the task?

A)

B)

C)

D)

What is the advantage of instating the controller on-premises?

An engineer is configuring a centralized policy to influence network route advertisement. Which controller delivers this policy to the fabric?

Which component of the Cisco SD-WAN architecture oversees the control plane of overlay network to establish, adjust, and maintain the connections between the WAN Edge devices that form the Cisco SD-WAN fabric?

An engineer must avoid routing loops on the SD-WAN fabric for routes advertised between data center sites Which BGP loop prevention attribute must be configured on the routers to meet this requirement?

Which feature builds transport redundancy by using the cross link between two redundant WAN Edge routers?

When software is upgraded on a vManage NMS, which two image-adding options store images in a local vManage software repository? (Choose two.)

Which platform cannot provide IPS and URL filtering capabilities?

An engineer must use data prefixes to configure centralized data policies using the vManage policy configuration wizard. What is the first step to accomplish this task?

In which VPN is the NAT operation on an outgoing interface configured for direct Interne! access?

Which type of route advertisement of OMP can be verified?

Refer to the exhibit. An enterprise decides to use the Cisco SD-WAN Cloud onRamp for SaaS feature and utilize H.Q site Biz iNET to reach SaaS Cloud for branch C. currently reaching SaaS Cloud directly. Which role must be assigned to devices at both sites in vManage Cloud Express for this solution to work?

Which value is verified in the certificates to confirm the identity of the physical WAN Edge device?

Refer to the exhibit.

vManage and vSmart have an issue establishing a connection to vBond. Which configuration resolves the issue?

Which IP address must be reachable by a WAN Edge device for the ZIP process to work?

Refer to the exhibit.

The SD-WAN network is configured with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use MPLS TLOC as the preferred TLOC when communicating with Rome site. Which configuration must the engineer use to create a list to select MPLS color toward the Rome TLOC?

A)

B)

C)

D)

At which layer does the application-aware firewall block applications on a WAN Edge?

Which device in the SD- WAN solution receives and categorizes event reports, and generates alarms?

Drag and drop the steps from the left into the sequence on the right for a WAN Edge router after powering on for zero touch provisioning.

What problem happens on a device with two serial numbers, a unique device identifier (UDI), and secure unique device identifier (SUDI) when an engineer provisions ISR 4000 by PnP using only a UDI?

A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the primary device. What must be configured to get the fastest failover to standby?

When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?

A network engineer must configure all branches to communicate with each other through the Service Chain Firewall located at the headquarters site. Which configuration allows the engineer to accomplish this task?

A)

B)

C)

D)

Which vBond system configuration under VPN 0 allows for a routable public IP address even if the DNS name, hostname, or IP address of the vBond orchestrator are omitted?

An engineer is modifying an existing data policy for VPN 115 to meet these additional requirements:

When browsing government websites, the traffic must use direct internet access.

The source address of the traffic leaving the site toward the government websites must be set to an IP range associated with the country itself, a particular TLOC.

The policy configuration is as follows:

Which policy sequence meets the requirements without interfering with other destinations?

Which type of lists are used to group related items via an application-aware routing policy under the policy lists command hierarchy on vSmart controllers?

Which two REST API functions are performed for Cisco devices in an overlay network? (Choose two)

Which timer specifies information in the cache after all OMP sessions are lost at location S0123T4E56F78?

How do WAN Edge devices operate when vSmart is inaccessible or fails to be reached by the WAN Edge?

How is TLOC defined?

Refer to the exhibit. An ongineer configured OMP with an ovorlay-as of 10666. What is tho AS-PATH for prefix 104.104.104.104/32 on R1007?

Which encryption algorithm is used for encrypting SD-WAN data plane traffic?

A bank is looking for improved customer experience for applications and reduce overhead related to compliance and security. Which key feature or features of the Cisco SD-WAN solution will help the bank to achieve their goals?

Which platform is a Cisco SD-WAN virtual platform?

Which component is used for stateful inspection of TCP, UDP. and ICMP flows in Cisco SD-WAN firewall policies?

Refer to the exhibit.

vManage and vBond have an issue establishing a connection to each other. Which configuration resolves the issue?

Drag and drop the definitions from the left to the configuration on the right.

Refer to the exhibit.

Which QoS treatment results from this configuration after the access list acl-guest is applied inbound on the vpn1 interface?

A customer wants to use AWS for Cisco SD-WAN laaS services by deploying virtual SD-WAN routers in a transit AWS VPC The transit VPC then connects via site-to-site IPsec tunnels to an AWS transit gateway Which transit VPC connects via site-to-site IPsec tunnels to an AWS transit gateway?

Which command verifies a policy that has been pushed to the vEdge router?

Refer to the exhibit, Which configuration routes Site 2 through the firewall in Site 1?