Practice Free 300-415 Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Exam Questions Answers With Explanation

An engineer must deploy a QoS policy with these requirements:

• policy name: App-police

• police rate: 1000000

• burst: 1000000

• exceed: drop

Which configuration meets the requirements?

An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?

In a Cisco SD-WAN architecture, what is the role of the WAN Edge?

How many network interface cards are needed to add in virtual machine settings when installing vSmart controller on VMware vSphere ESXi Hypervisor software?

Company ABC has decided to deploy the controllers using the On-Prem method. How does the administrator upload the WAN Edge list to the vManage?

A)

B)

C)

D)

In the Cisco SD_WAN solution, vSmart controller is responsible for which two actions? (Choose two.)

Which alarm setting is configured to monitor serious events that affect but do not shut down, the operation of a network function?

Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?

How does the replicator role function in cisco SD-WAN?

Refer to the exhibit. A network administrator is configuring OSPF advanced configuration parameters from a template using the vManager GUI for a branch WAN Edge router to calculate the cost of summary routes to an ASBR. Which action achieves this configuration?

Which SD-WAN devices require multicast PIM and IGMP configurations when setting up SD-WAN multicast?

What is a benefit of the application-aware firewall?

A network administrator is tasked to make sure that an OMP peer session is closed after missing three consecutive keepalive messages in 3 minutes. Additionally, route updates must be sent every minute. If a WAN Edge router becomes unavailable, the peer must use last known information to forward packets for 12 hours. Which set of configuration commands accomplishes this task?

An engineer creates this data policy for DIA for VPN 10:

Which policy sequence enables DIA for external networks?

Refer to the exhibit Which command allows traffic through the IPsec tunnel configured in VPN 0?

Which storage format Is used when vManage Is deployed as a virtual machine on a KVM hypervisor?

Drag and drop the security terminologies from the left onto the PCI-compliant network features and devices on the right.

Refer to the exhibit. vManage logs are available for the past few months. A device name change deployed mistakenly at a critical site. How is the device name change tracked by operation and design teams?

A)

B)

C)

Which application list is preconfigured?

What are the two protocols redistributed into OMP? (Choose two.)

Which platform cannot provide IPS and URL filtering capabilities?

What is the result during a WAN Edge software upgrade process if the version of the WAN Edge software is higher than the one running on a controller device?

Refer to the exhibit.

The tunnel interface configuration on both WAN Edge routers is:

Which configuration for WAN Edge routers will connect to the Internet?

Refer to the exhibit. The Cisco SD-WAN is deployed using the default topology. The engineer wants to configure a service insertion policy such that all data traffic between Rome to Paris is forwarded through the NGFW located in London. Which configuration fulfills this requirement, assuming that the Service VPN ID is 1?

Customer has two branch silos with overlapping IPs How must the data policy be configured to establish communication between the sites and server to avoid overlapping?

A)

B)

C)

D)

A customer wants to use AWS for Cisco SD-WAN laaS services by deploying virtual SD-WAN routers in a transit AWS VPC The transit VPC then connects via site-to-site IPsec tunnels to an AWS transit gateway Which transit VPC connects via site-to-site IPsec tunnels to an AWS transit gateway?

A customer has MPLS and Internet as the TLOC colors An engineer must configure conlroJIers with the Internet and not with MPLS Which configuration achieves this requirement on vManage?

A)

B)

C)

D)

Which configuration allows VPN 10 traffic to have direct internet access locally from the WAN Edge device?

A)

B)

C)

D)

An engineer modifies a data policy for DIA in VPN 67. The location has two Internet-bound circuits. Only the web browsing traffic must be admitted for DIA. without further discrimination about which transport to use.

Here is the existing data policy configuration:

Which policy configuration sequence meets the requirements?

Which TCP Optimization feature is used by WAN Edge to prevent unnecessary retransmissions and large initial TCP window sizes to maximize throughput and achieve a better quality?

Which OMP route is selected for equal OMP route preference values on WAN Edge routers?

Which SD-WAN component is configured to enforce a policy to redirect branch-to-branch traffic toward a network service such as a firewall or IPS?

How is multicast routing enabled on devices in the Cisco SD-WAN overlay network?

When the VPN membership policy is being controlled at the vSmart controller, which policy disallows VPN 1 at sites 20 and 30?

A)

B)

C)

D)

Refer to the exhibit. An enterprise decides to use the Cisco SD-WAN Cloud onRamp for SaaS feature and utilize H.Q site Biz iNET to reach SaaS Cloud for branch C. currently reaching SaaS Cloud directly. Which role must be assigned to devices at both sites in vManage Cloud Express for this solution to work?

Which configuration defines the groups of interest before creation of the access list or route map?

A)

B)

C)

D.

Which two virtualized environments are available for a company to install the controllers using the on-premises model? (Choose two )

Refer to the exhibit A vBond controller was added to the controller list with the same Enterprise Root CA certificate as vManage. The two controllers can reach each other via VPNO and share the same organization name, but the control connection is not initiated- Which action resolves the issue?

An engineering team must prepare a traffic engineering policy where an MPLS circuit is preferred for traffic coming from the Admin VLAN Internet should be used as a backup only. Which configuration fulfill this requirement?

A)

B)

C)

D)

Which OSPF command makes the WAN Edge router a less preferred exit from a site with a dual WAN Edge design?

A)

B)

C)

D)

A customer is receiving routes via OMP from vSmart controller for a specific VPN. The customer must provide access to the W2 loopback received via OMP to the OSPF neighbor on the service-side VPN, which configuration fulfils these requirements?

Refer to the exhibit. The network administrator has configured a centralized topology policy that results in the displayed routing table at a branch office. Which two configurations are verified by the output? [Choose two.)

In Cisco SD-WAN, what protocol is used for control connections between SD-WAN devices?

Which protocol is used to measure loss latency, Jitter, and liveliness of the tunnel between WAN Edge router peers?

A network administrator is configuring a tunnel interface on a branch Cisco IOS XE router to run TLOC extensions. Which configuration will extend a TLOC over a GRE tunnel to another router in the branch?

Which protocol is used to propagate multicast join requests over the Cisco SD-WAN fabric?

Which type of route advertisement of OMP can be verified?

What is the threshold to generate a warning alert about CPU or memory usage on a WAN Edge router?

What are the two advantages of configuration groups in a Cisco SD-WAN deployment? (Choose two.)

Which third-party Enterprise CA server must be used (or a cloud-based vSmart controller?

Which Cisco router provides a distributed multicore architecture optimized for SD-WAN branch support?

When a WAN Edge device joins the SD-WAN overlay, which Cisco SD-WAN components orchestrates the connection between the WAN Edge device and a vSmart controller?

Which protocol is used for the vManage to connect to the vSmart Controller hosted in Cloud?

Refer to the exhibit.

A network administrator is configuring OMP in vManage to advertise all the paths for the same prefix from a site that has two WAN Edge devices Each WAN Edge device is connected to three ISPs and two private MPLS transports. What is the minimum value for 'Number of Paths advertised per Prefix" that should be configured?

An engineer is configuring a shaping rate of 1 Mbps on the WAN link of a WAN Edge router Which configuration accomplishes this task’?

Which command on a WAN Edge device displays the information about the colors present in the fabric that are learned from vSmart via OMP?

Refer to the exhibit. An enterprise network is connected with an ISP network on an 80 Mbps bandwidth link. The network operation team observes 100 Mbps traffic on the 1Gig-ISP link during peak hours Which configuration provides bandwidth control to avoid traffic congestion during peak hours?

A)

B)

C)

D)

Which cloud based component in cisco SD-WAN is responsible for establishing a secure connection to each WAN edge router and distributes routers and policy information via omp?

REST applications communicate over HTTP or HTTPS to make calls between network devices. Which two HTTPS standard methods are included? (Choose two.)

Which capability does Cisco SD-WAN Multi-Region Fabric provide?

A network administrator is configuring an application-aware firewall between inside zones to an outside zone on a WAN edge router using vManage GUI. What kind of Inspection is performed when the ‘’inspect’’ action is used?

What are the two components of an application-aware firewall? (Choose two.)

Refer to the exhibit An engineer is getting a CTORGNMMIS error on a controller connection Which action resolves this issue?

Refer to the exhibit Which NAT types must the engineer configure for the vEdge router to bring up the data plane tunnels?

The SD-WAN network is configured ­­­with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use the MPLS TLOC when forwarding Telnet traffic based on a configured SLA class list. Which configured must the engineer use to create a policy to call the SLA class and set the preferred color to MPLS?

A)

B)

C)

D)

What prohibits deleting a VNF image from the software repository?

Refer to the exhibit The network team must configure application-aware routing for the Service VPN 50.0.0.0/16 The SLA must prefer MPLS for video traffic but the remaining traffic must use a public network What must be defined other than applications before the application-aware policy is create?

Drag and drop the vManage policy configuration procedures from the left onto the correct definitions on the right.

Which Cisco SD-WAN component facilitates the initial communication between WAN Edge devices to join the fabric?

In which Cisco SD-WAN deployment scenario does Cisco Umbrella SIG deliver the most value?

An engineer is configuring a centralized policy to influence network route advertisement. Which controller delivers this policy to the fabric?

Which two mechanisms are used to guarantee the integrity of data packets in the Cisco SD-WAN architecture data plane? {Choose two)

An SD-WAN customer must ensure that its network operations team can monitor and update the NTP server if needed on a WAN Edge in HQ. Which configuration meets this requirement?

A network administrator is configuring Qos on a vEdge 5000 router and needs to enable it on the transport side interface. Which policy setting must be selected to accomplish this goal?

Refer to the exhibit.

Which shaping-rate does the engineer use to shape traffic at 9 Mbps?

Which plane assists in the automatic onboarding of the SD-WAN routers into the SD-WAN overlay?

Refer to exhibit. An engineer is troubleshooting tear of control connection even though a valid CertificateSerialNumber is entered. Which two actions resolve Issue? (Choose two)

An engineer creates a data policy to prevent communication from the 172.20.21.0/24 network to the 172.20.41.0/24 network. Which configuration accomplishes this task?

Refer to the exhibit.

vManage and vSmart have an issue establishing a connection to vBond. Which configuration resolves the issue?

Which hardware component is involved in the Cisco SD-WAN authentication process for ISR platforms?

Which control policy assigned to Drenches in the out direction establishes a strict hub-and-spoke topology tor VPN2?

A)

B)

C)

D)

Which component of the Cisco SD-WAN secure extensible network provides a single pane of glass approach to network monitoring and configuration?

How is an event monitored and reported for an individual device in the overlay network at site ID:S4300T6E43F36?

A customer must upgrade the cisco SD-WAN devices and controllers from version 19.2 to version 20.3. The devices include WAN Edge cloud, vManage, vSmart, and vBond. Which types of image types of image files are needed for this upgrade?

Refer to the exhibit.

Which configuration change is needed to configure the tloc-extention on Branch1-Edge1?

An engineer must create a QoS policy by creating a class map and assigning it to the LLQ queue on a WAN Edge router Which configuration accomplishes the task?

A)

B)

C)

D)

Which statement describes the requirement of integrating a secure internet gateway (SIG) with a Cisco SD-WAN Edge device?

An engineer must use data prefixes to configure centralized data policies using the vManage policy configuration wizard. What is the first step to accomplish this task?

Which data policy configuration influences BGP routing traffic flow from LAN to WAN?

A)

B)

C)

D)

Which two requirements must be met for DNS inspection when integrating with cisco umbrella? (Choose two)

Which policy configuration must be used to classify traffic as it enters the branch WAN Edge router to be put into the desired output queue?

A)

B)

C)

D)

Refer to the exhibit.

An MPLS connection on R2 must extend to R1 Users behind R1 must have dual connectivity for data traffic Which configuration provides R1 control connectivity over the MPLS connection?

A)

B)

C)

D)

Refer to the exhibit. The ge0/0 interface connects to a 30-MB link. A network administrator wants to always have 10 MB available for high priority traffic. When lower-priority traffic busts exceed 20 MB. Traffic should be redirected to the second WAN interface ge0/1. Which set of configurations accomplishes this task?

A)

B)

C)

D)

Company E wants to deploy Cisco SD-WAN with controllers in AWS The company's existing WAN is on private MPLS without Internet access to controllers m AWS An Internet circuit is added to a site in addition to the existing MPLS circuit. Which interface template establishes BFD neighbors over both transports?

A)

B)

C)

Miss

D)

Drag and drop the actions from the left into the correct sequence on the right to create a data policy to direct traffic to the Internet exit.

Which component of the Cisco SD-WAN control plane architecture should be located in a public Internet address space and facilitates NAT-traversal?

What happens if the intelligent proxy is unreachable in the Cisco SD-WAN network?

Which two products that perform lifecycle management for virtual instances are supported by WAN Edge cloud routers? (Choose two.)

Which plane builds and maintains the network topology and makes decisions on traffic flows?

Which command disables the logging of syslog messages to the local disk?

On which device is a service FW address configured to Insert firewall service at the hub?

What is a key element used in a vBond Orchestrator redundancy topology?

What is an advantage of using auto mode versus static mode of power allocation when an access point is connected to a PoE switch port?

An engineer is adding a tenant with location JD 306432373 in vManage. What is the maximum number of alphanumeric characters that are accepted in the tenant name field?

A network administrator is creating an OMP feature template from the vManage GUI to be applied to WAN edge routers. Which configuration attribute will avoid the redistribution of the routes back into the OMP from the LAN side?

After deploying Cisco SD-WAN the company realized that by default, all sites built direct IPsec VPN tunnels to each other In their previous topology all spoke sites used the head office as their next hop for the LAN segment that belongs to network 40.0.0.0/16 The company wants to deploy its previous policy, which allows the 40.0.0.0/16 network that originates at the hub to advertise to the spokes. Which configuration meets the requirement'?

A)

B)

C)

D)

An engineer must configure local redundancy on a site. Which configuration accomplish this task?

An engineer builds a three-node vManage cluster and then realizes that multiple nodes are unnecessary for the size of the company. How should the engineer revert the setup to a single vManage?

Which encryption algorithm is used for encrypting SD-WAN data plane traffic?

What is the ZTP workflow for Cisco IOS XE-based devices?

A company is using Catalyst SD-WAN Manager as its root certificate authority server and must generate a root certificate using the vShell (Linux) built into the CLI of Catalyst SD-WAN Manager. Which command must be issued to generate the root certificate?

Drag and drop the alarm states from the left onto the corresponding alarm descriptions on the right.

Drag and drop the attributes from the left that make each transport location unique onto the right. Not all options are used.

Which vBond system configuration under VPN 0 allows for a routable public IP address even if the DNS name, hostname, or IP address of the vBond orchestrator are omitted?

How many subnets are necessary in Azure VNet for a WAN Edge device to function in the cloud deployment?

Which device should be configured with the service chain IP address to route intersite traffic through a firewall?

A network administrator configures SNMFV3 on a Cisco WAN Edge router from CL I for monitoring purposes How many characters are supported by the snmp user username command?

Which two sets of identifiers does OMP carry when it advertises TLOC routes between WAN Edge routers? (Choose two.)

Which queue must an engineer configure for control and BFD traffic for convergence on a WAN Edge router?

A policy is created to influence routing in the network using a group of prefixes. What policy application will achieve this goal when applied to a site list?

Which two architectural components are part of an SD-WAN high availability vManage cluster? (Choose two.)

Refer to exhibit.

An engineer is troubleshooting tear down of control connections even though a valid Certificate Serial Number is entered Which two actions resolve the Issue? (Choose two)

Refer to the exhibit. A Cisco SD-WAN network carries traffic for several departments and over 1200 users with several applications at site A and site B branches over the MPLS1 circuit. An engineer is provisioning a higher bandwidth on-demand metro circuit as a backup connection. Which two configurations must the engineer apply to implement the on-demand tunnels? (Choose two.)

Which multicast component is irrelevant when defining a multicast replicator outside the local network without any multicast sources or receivers?

An administrator needs to configure SD-WAN to divert traffic from the company's private network to an ISP network. What action should be taken to accomplish this goal?

Exhibit.

The SD-WAN network is configured with a default full-mash topology. An engineer wants Barcelona and Paris to communicate to each other through the London site using a control Which control policy configuration accomplishes the task?

A)

B)

C)

D)

An engineer must configure VRRP for redundancy on WAN Edge router1 running an earlier version than 20.6, considering WAN Edge router2 is configured correctly. Which configuration meets the requirement?