Summer Special Sale - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: spcl70

Practice Free 400-007 Cisco Certified Design Expert (CCDE v3.1) Exam Questions Answers With Explanation

We at Crack4sure are committed to giving students who are preparing for the Cisco 400-007 Exam the most current and reliable questions . To help people study, we've made some of our Cisco Certified Design Expert (CCDE v3.1) exam materials available for free to everyone. You can take the Free 400-007 Practice Test as many times as you want. The answers to the practice questions are given, and each answer is explained.

Question # 6

Which technology supports antispoofing and does not have any impact on encryption performance regardless of packet size?

A.

MACsec

B.

IP source guard

C.

DHCP snooping with DAI

D.

IPsec

Question # 7

The Company XYZ network is experiencing attacks against their router. Which type of Control Plane Protection must be used on the router to protect all control plane IP traffic that is destined directly for one of the router interfaces?

A.

Control Plane Protection host subinterface

B.

Control Plane Protection main interface

C.

Control Plane Protection transit subinterface

D.

Control Plane Protection CEF-exception subinterface

Question # 8

Company XYZ is running OSPF in their network. They have merged with another company that is running EIGRP as the routing protocol. Company XYZ now needs the two domains to talk to each other with redundancy, while maintaining a loop-free environment. The solution must scale when new networks are added into the network in the near future. Which technology can be used to meet these requirements?

A.

multipoint route-redistribution with route filtering using ACLs

B.

DUMP multipoint route-redistribution with route filtering using route tags

C.

DUMPS single point route-redistribution with route filtering using route tags

D.

DUMPS single point route-redistribution with route filtering using ACLs

Question # 9

You are tasked to design a QoS policy for a service provider so they can include it in the design of their MPLS core network. If the design must support an MPLS network with six classes, and CEs will be managed by the service provider, which QoS policy should be recommended?

A.

map IP CoS bits into the IP Precedence field

B.

map flow-label bits into the Exp field

C.

map IP precedence bits into the DSCP field

D.

map DSCP bits into the Exp field

Question # 10

A network engineering team is in the process of designing a lab network for a customer demonstration. The design engineer wants to show that the resiliency of the MPLS Traffic Engineering Fast Reroute solution has the same failover/failback times as a traditional SONET/SDH network (around 50 msec). In order to address both link failure and node failure within the lab topology network, which type of the MPLS TE tunnels must be considered for this demonstration?

A.

TE backup tunnel

B.

Next-hop (NHop) tunnel

C.

FRR Backup tunnel

D.

Next-next-hop (NNHop) tunnel

Question # 11

A legacy enterprise is using a Service Provider MPLS network to connect its head office and branches. Recently, they added a new branch to their network. Due to physical security concerns, they want to extend their existing IP CCTV network of the head office to the new branch, without any routing changes in the network. They are also under some time constraints. What is the best approach to extend the existing IP CCTV network to the new branch, without incurring any IP address changes?

A.

GRE

B.

EoMPLS

C.

VXLAN

D.

L2TPv3

Question # 12

Which action must be taken before new VoIP systems are implemented on a network to ensure that the network is ready to handle the traffic?

A.

Evaluate bandwidth utilization and connection quality

B.

Enable special requirements such as direct DID lines on pickup

C.

Make recommendations to limit the size of the half-open session table on routers

D.

Check if anomaly detection is enabled for SIP and H.323 on Layer 3 devices

Question # 13

When a traditional network is transformed to a hierarchical network, the state information in the control plane is reduced so that changes in one area of the network do not result in changes in the routing table on devices half-way around the globe What is a potential trade off in these cases?

A.

suboptimal use of available resources

B.

vertical split of failure domains

C.

horizontal split of failure domains

D.

increased routing table size

Question # 14

Which feature must be part of the network design to wait a predetermined amount of time before notifying the routing protocol of a change in the path in the network?

A.

Transmit delay

B.

Throttle timer

C.

SPF hold time

D.

Interface dampening

Question # 15

Network changes due to mergers, acquisitions, and divestitures can be highly disruptive if not carefully planned. When an organization sells part of its business, it must detach those parts of the network with minimal risk and downtime.

Which network design approach is appropriate to minimize the impact and risks as the divested parts of the network are detached?

A.

Redundant design

B.

Modular design

C.

Less complex design

D.

Routed access design

Question # 16

Which design benefit of bridge assurance is true?

A.

It supposes a spanning-tree topology change upon connecting and disconnecting a station on a port

B.

It prevents switched traffic from traversing suboptimal paths on the network.

C.

It allows small, unmanaged switches to be plugged into ports of access switches without the risk of switch loops.

D.

It prevents switch loops caused by unidirectional point-to-point link condition on Rapid PVST+ and MST

Question # 17

An attacker exploits application flaws to obtain data and credentials. What is the next step after application discovery in Zero Trust networking?

A.

Establish visibility and behavior modeling

B.

Enforce policies and microsegmentation

C.

Assess real-time security health

D.

Ensure trustworthiness of systems

Question # 18

Company XYZ wants to secure the data plane of their network. Which two technologies can be included in the security design? (Choose two)

A.

DAI

B.

IP Source Guard

C.

BEEP

D.

CPPr

E.

MPP

Question # 19

Which MPLS TE design consideration is true?

A.

MPLS TE replaces LDP and the dependency of the IGP to identify the best path

B.

MPLS TE provides link and node protection

C.

MPLS TE optimizes the routing of IP traffic, given the constraints imposed by backbone capacity and application requirements

D.

MPLS TE requires Layer 3 VPN full-mesh topology deployment

Question # 20

Which two benefits can software-defined networks provide to businesses? (Choose two.)

A.

Provides additional redundancy

B.

Decentralized management

C.

Reduced latency

D.

Enables innovation

E.

Reduction of OpEx/CapEx

F.

Meets high traffic demands

Question # 21

Drag and drop the correct mitigation methods from the left onto the corresponding types of attack on the right

400-007 question answer

Question # 22

Drag and drop the design use cases from the left onto the correct uRPF techniques used to prevent spoofing attacks Not all options are used.

400-007 question answer

Question # 23

Refer to the table.

400-007 question answer

A customer investigates connectivity options for a DCI between two production data centers to aid a large-scale migration project. The solution must provide a single 10G connection between locations and be able to run its own varying QoS profiles without service provider interaction based on the migration stages. All connectivity methods are at 10 Gbps. Which transport technology costs the least if the connectivity is required for just one year?

A.

MPLS wires only

B.

CWDM over dark fiber

C.

DWDM over dark fiber

D.

Metro Ethernet

Question # 24

Which two advantages of using DWDM over traditional optical networks are true? (Choose two.)

A.

inherent topology flexibility and service protection provided without penalty through intelligent oversubscription of bandwidth reservation

B.

ability to expand bandwidth over existing optical infrastructure

C.

inherent topology flexibility with built-in service protection

D.

inherent topology flexibility with intelligent chromatic dispersion

E.

inherent topology flexibility with service protection provided through a direct integration with an upper layer protocol

Question # 25

: 482

Even with two different device platforms that support NETCONF or any other common transport method it does not mean they are compatible from a tooling and/or a developer’s perspective What is required to get the compatibility?

A.

Both devices must use a common data modeling language

B.

Both devices should have vendor-specific interoperability

C.

Both devices must use the same versions of NETCONF

D.

Both devices must support the same NETCONF features

Question # 26

Which two benefits can software defined networks provide to businesses? (Choose two.)

A.

Provides additional redundancy

B.

Decentralized management

C.

Reduced latency

D.

Enables innovation

E.

Reduction of OpEx/CapEx

F.

Meets high traffic demands

Question # 27

Organic growth or decline comes from a company ' s normal business activities, rather than through acquisitions or divestment. Changes in usage patterns can also cause organic change in network requirements Which tool is useful when designing and operationalizing a network that is in the process of change?

A.

change management

B.

modularity

C.

mobility

D.

Monitoring

Question # 28

Which encoding format does Cisco IOS XE software support for NETCONF?

A.

It supports HTML encoding for NETCONF

B.

It supports YAML encoding for NETCONF

C.

It supports XML encoding for NETCONF

D.

It supports JSON encoding for NETCONF

Question # 29

Refer to the exhibit.

400-007 question answer

This network is running legacy STP 802.1d. Assuming " hello_timer " is fixed to 2 seconds, which parameters can be modified to speed up convergence times after single link/node failure?

A.

The transit_delay=5 and bpdu_delay=20 are recommended values, considering hello_timer=2 and specified.

B.

Only the maximum_transmission_halt_delay and diameter parameters are configurable parameters in 802.1d to speed up STP convergence process.

C.

The max_age and forward delay parameters can be adjusted to speed up STP convergence process.

D.

Only the transit_delay and bpdu_delay timers are configurable parameters in 802.1d to speed up STP convergence process.

Question # 30

Security experts promote the security defense-m-depth principle which states that network security should be multilayered and modular and multiple methods should be designed and applied to different parts of the network Drag and drop the characteristics on the left to the matching enterprise network components on the right.

400-007 question answer

Question # 31

Which optimal use of interface dampening on a fast convergence network design is true?

A.

When occasional flaps of long duration occur

B.

When numerous adjacent flaps of very short duration occur

C.

When the router hardware is slower than the carrier delay down detection

D.

When the switch hardware is faster than the debounce timer down detection

Question # 32

What is a web-based model in which a third-party provider hosts applications that are available to customers over the Internet?

A.

PaaS

B.

SaaS

C.

IaaS

D.

WaaS

Question # 33

A network uses an SDN architecture with switches and a centralized controller What should be on the switches but not on the controller?

A.

control plane functions

B.

data plane functions

C.

northbound interface

D.

a southbound interface

Question # 34

A well-executed network design provides improved performance and efficiency, increased security, and reduced downtime and support costs Which feature helps to achieve resilience in the network?

A.

automatically reroute traffic or restart services

B.

implementing layers of protection

C.

optimizing your network traffic

D.

setting up adequate user permissions

Question # 35

How many fully established neighbour relationships exist on an Ethernet with five routers running OSPF as network type broadcast?

A.

5

B.

6

C.

7

D.

10

E.

20

Question # 36

Which two factors must be considered for high availability in campus LAN designs to mitigate concerns about unavailability of network resources? (Choose two.)

A.

Device resiliency

B.

Device type

C.

Network type

D.

Network resiliency

E.

Network size

Question # 37

Which three components are part of the foundational information security principles of the CIA triad? (Choose three.)

A.

Cryptography

B.

Confidentiality

C.

Authorization

D.

Identification

E.

Integrity

F.

Availability

Question # 38

: 484

Traditionally networks handled static web pages e-mail and routine client/server traffic Today enterprise networks must handle more sophisticated types of network applications that include voice and video Applications place increasing demands on IT infrastructures as they evolve into highly visible services that represent the face of the business to internal and external audiences The large amount and variety of data requires that the modern network be aware of the content earned across it to optimally handle that content. Which service provide this intelligence?

A.

centralized network services

B.

application networking services

C.

network infrastructure services

D.

modular infrastructure services

Question # 39

The controller has a global view of the network, and it can easily ensure that the network is in a consistent and optimal configuration. Which two statements describe a centralized SDN control path? (Choose two.)

A.

Scaling of the centralized controller cluster is challenging for services like DHCP and load-balancing.

B.

It is highly-available by design with no single-point-of-failure risks present.

C.

Integrating smart NIC capabilities on the local host level is made easier through REST APIs.

D.

It significantly improves the latency when performing reactive handling of PACKET_IN events.

E.

The centralized controller can support all southbound APIs, which allows for easy integration with legacy equipment.

Question # 40

: 487

Which layer of the SDN architecture orchestrates how the applications are given the resources available in the network?

A.

orchestration layer

B.

northbound API

C.

control layer

D.

southbound API

Question # 41

What is an advantage of using Agile over Waterfall methodology in the network design lifecycle?

A.

dosed loop operation

B.

lower total cost

C.

ideal for large projects

D.

reduced risk in the design process

Question # 42

Which two protocols are used by SDN controllers to communicate with switches and routers? (Choose two.)

A.

OpenFlash

B.

OpenFlow

C.

NetFlash

D.

Open vSwitch Database

E.

NetFlow

Question # 43

An enterprise solution team is analyzing multilayer architecture and multicontroller SDN solutions for multisite deployments. The analysis focuses on the ability to run tasks on any controller via a standardized interface. Which requirement addresses this ability on a multicontroller platform?

A.

Deploy a root controller to gather a complete network-level view.

B.

Use the East-West API to facilitate replication between controllers within a cluster.

C.

Build direct physical connectivity between different controllers.

D.

Use OpenFlow to implement and adapt new protocols.

Question # 44

What are two parameters that can be leveraged by SAML in mixed private/public cloud environments by using identity and asset management? (Choose two)

A.

unified directories

B.

policy-based tokens

C.

link federations

D.

identity federations

E.

multifactor hard tokens

Question # 45

What are two descriptions of network optimization? (Choose two.)

A.

Maintain high availability

B.

Proactive network management

C.

Network redesign

D.

Network health maintenance

E.

Identify network requirements

Question # 46

Which security architecture component offers streamlined security operations, ease of use, and visibility across all network security elements, independent of location or form factor?

A.

Threat-centric protection

B.

Integrated actionable intelligence

C.

Distributed enforcement

D.

Central command and control

Question # 47

You are designing the QoS policy for a company that is running many TCP-based applications. The company is experiencing tail drops for these applications. The company wants to use a congestion avoidance technique for these applications. Which QoS strategy can be used?

A.

Weighted fair queuing

B.

Weighted random early detection

C.

Low-latency queuing

D.

First-in first-out

Question # 48

Router R1 is a BGP speaker with one peering neighbor over link " A " . When link " A " fails, routing announcements are terminated, which results in the tearing down of the state for all BGP routes at each end of the link. What is this a good example of?

A.

Fault isolation

B.

Resiliency

C.

Redundancy

D.

Fate sharing

Question # 49

Refer to the exhibit Which impact of using three or more ABRs between the backbone area and area 1 is true?

A.

In a large-scale network LSA replication by all ABRs can cause serious scalability issues

B.

Multiple ABRs reduce the CPU processing on each ABR due to splitting prefix advertisement

C.

In a large-scale network multiple ABRs can create microloops

D.

Prefixes from the non-backbone area are advertised by one ABR to the backbone

Question # 50

If the desire is to connect virtual network functions together to accommodate different types of network service connectivity, what must be deployed?

A.

Bridging

B.

Service Chaining

C.

Linking

D.

Daisy Chaining

E.

Switching

Question # 51

Which main IoT migration aspect should be reviewed for a manufacturing plant?

A.

Sensors

B.

Security

C.

Applications

D.

Wi-Fi Infrastructure

E.

Ethernet Switches

Question # 52

Modem IT departments are more service oriented than they used to be To meet the needs oí their customers. IT departments are spending more time analyzing and documenting their processes for delivering services A focus on processes helps to ensure effective service delivery and to avoid wasted expenditures on technology that doesn ' t provide a needed service What defines frameworks and processes that can help an organization match the delivery of IT services with the business needs of the organization?

A.

IT Service Management

B.

remedy management

C.

IT helpdesk

D.

service desk monitoring

Question # 53

The network designer needs to use GLOP IP addresses in order to make them unique within their ASN. Which multicast address range should be used?

A.

232.0.0.0 to 232.255.255.255

B.

233.0.0.0 to 233.255.255.255

C.

239.0.0.0 to 239.255.255.255

D.

224.0.0.0 to 224.0.0.255

Question # 54

Which two characteristics are associated with 802.1s? (Choose two)

A.

802.1s supports up to 1024 instances of 802.1

B.

802.1s is a Cisco enhancement to 802.1w.

C.

802.1s provides for faster convergence over 802.1D and PVST+.

D.

CPU and memory requirements are the highest of all spanning-tree STP implementations.

E.

802.1s maps multiple VLANs to the same spanning-tree instance.

Question # 55

Refer to the exhibit.

400-007 question answer

ACME Mining has four data centers in Santiago. Cape Town. Mumbai, and Beijing, full-mesh connected via a 400 Mb/s EVP-LAN They want to deploy a new mission-critical application with these

requirements:

clusterheartbeat2Mb/s continuous (250 KB/s)

cluster heartbeat one-way maximum latency 100 ms

These are the current ping tests results between the four data centers:

400-007 question answer

Which hosting data center pair can host the new application?

A.

Mumbai and Beijing

B.

Santiago and Cape Town

C.

Santiago and Mumbai

D.

Cape Town and Mumbai

E.

Cape Town and Beijing

F.

Santiago and Beijing

Question # 56

A network architect is working on a large project involving migration to a software-defined networking platform, and is currently working on writing an executive summary for final approval by the management board. When writing the executive summary, What is a limitation of or challenges with software-defined networks that must be listed?

A.

Provides better flexibility but decreases the speed of service delivery.

B.

Difficulties in making significant improvements to service request response times.

C.

Virtualization inherently adds overhead and network latency.

D.

Often comes with a high CAPEX due to use of automation tools.

Question # 57

How can EIGRP topologies be designed to converge as fast as possible in the event of a point-to-point link failure?

A.

Limit the query domain by use of distribute lists.

B.

Build neighbor adjacencies in a triangulated fashion.

C.

Build neighbor adjacencies in squared fashion.

D.

Limit the query domain by use of summarization.

E.

Limit the query domain by use of default routes.

Question # 58

Which two features control multicast traffic in a VLAN environment? (Choose two)

A.

IGMP snooping

B.

MLD snooping

C.

RGMP

D.

PIM snooping

E.

pruning

Question # 59

Which two types of planning approaches are used to develop business-driven network designs and to facilitate the design decisions? (Choose two)

A.

cost optimization approach

B.

strategic planning approach

C.

modular approach

D.

tactical planning approach

E.

business optimization approach

Question # 60

An enterprise wants to migrate an on-premises network to a cloud network, and the design team is finalizing the overall migration process. Drag and drop the options from the left into the correct order on the right.

400-007 question answer

Question # 61

A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different systems using different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling?

A.

Enforce risk-based and adaptive access policies.

B.

Assess real-time security health of devices.

C.

Apply a context-based network access control policy for users.

D.

Ensure trustworthiness of devices.

Question # 62

Compared to data plane traffic, control plane traffic is relatively small in volume, but these flows are critical to the overall functioning of the network infrastructure and to voice and video endpoint well. When designing a QoS policy for a network, which two actions for the network control service-class is recommended? (Choose two)

A.

A moderately provisioned guaranteed-bandwidth queue can be assigned

B.

Traffic in this class needs to carry a CS6 DSCP marking.

C.

Place the traffic in the same queue as other signalling traffic.

D.

Network control traffic may be assigned a moderately provisioned shared queue

E.

WRED must be enabled on the class to avoid traffic being dropped

Question # 63

Which regulatory compliance element ensures adherence to regulations and improves speed to market, which gives businesses a competitive advantage?

A.

compliance change management

B.

quality management system

C.

regulatory enhancement process

D.

robust document control

Question # 64

Which mechanism enables small, unmanaged switches to plug into ports of access switches without risking switch loops?

A.

PortFast

B.

UDLD

C.

Root guard

D.

BPDU guard

Question # 65

Which protocol does an SD-Access wireless Access Point use for its fabric data plane?

A.

GRE

B.

MPLS

C.

VXLAN

D.

LISP

E.

CAPWAP

Question # 66

You are using iSCSI to transfer files between a 10 Gigabit Ethernet storage system and a 1 Gigabit Ethernet server. The performance is only approximately 700 Mbps and output drops are occurring on the server switch port. Which action will improve performance in a cost-effective manner?

A.

Change the protocol to CIFS.

B.

Increase the queue to at least 1 GB

C.

Use a WRED random drop policy

D.

Enable the TCP Nagle algorithm on the receiver

Question # 67

Which two descriptions of CWDM are true? (Choose two)

A.

Typically used over long distances, but requires optical amplification

B.

Uses the 850nm band

C.

Allows up to 32 optical carriers to be multiplexed onto a single fiber

D.

Shares the same transmission window as DWDM

E.

Passive CWDM devices require no electrical power

Question # 68

In the case of outsourced IT services, the RTO is defined within the SLA Which two support terms are often included in the SLA by IT and other service providers’ (Choose two)

A.

Network size and cost

B.

Support availability

C.

Network sustainability

D.

Network reliability

E.

Resolution time

Question # 69

An engineer is designing a DMVPN network where OSPF has been chosen as the routing protocol. A spoke-to-spoke data propagation model must be set up. Which two design considerations must be taken into account? (Choose two)

A.

Configure all the sites as network type broadcast.

B.

The network type on all sites should be point-to-multipoint.

C.

The network type should be point-to-multipoint for the hub and point-to-point for the spokes.

D.

The hub should be set as the DR by specifying the priority to 255.

E.

The hub should be the DR by changing the priority of the spokes to 0.

Question # 70

A customer migrates from a traditional Layer 2 data center network into a new SDN-based spine-and-leaf VXLAN EVPN data center within the same location. The networks are joined to enable host migration at Layer 2. Which activity should be completed each time a legacy network is migrated?

A.

The migrated VLAN should be pruned from the Layer 2 interconnects.

B.

The migrated network should have a VXLAN VNID configured within the new network.

C.

The migrated network should be advertised to the EVPN network as a Type 2 network.

D.

The migrated network should be added to the EVPN BGP routing.

Question # 71

What are two common approaches to analyzing and designing networks? (Choose two.)

A.

bottom-up approach

B.

high-low security approach

C.

top-down approach

D.

left-right approach

E.

three-tier approach

Question # 72

Which effect of using ingress filtering to prevent spoofed addresses on a network design is true?

A.

It reduces the effectiveness of DDoS attacks when associated with DSCP remarking to Scavenger.

B.

It protects the network infrastructure against spoofed DDoS attacks.

C.

It classifies bogon traffic and remarks it with DSCP bulk.

D.

It filters RFC 1918 IP addresses.

Question # 73

A small organization of 20 employees is looking to deliver a network design service for modernizing customer networks to support advanced solutions.

Project scope and weekly progress should be visualized by the management.

Always consider feedback and make changes accordingly during the project.

Should consider flexibility to change scope at any point in time.

Which project methodology meets the requirements and has the least impact on the outcome?

A.

Scrum

B.

LEAN

C.

Kanban

D.

Six-Sigma

Question # 74

A large enterprise is planning a new WAN connection to headquarters. The current dual-homed setup with static routing is not providing consistent resiliency. Users complain when one specific link fails, while failure of the other causes no issues. The organization wants to improve resiliency and ROI.

Which solution should be recommended?

A.

Implement granular quality of service on the links

B.

Procure additional bandwidth

C.

Use dynamic routing toward the WAN

D.

Add an additional link to the WAN

Question # 75

Which two design solutions ensure sub-50 msec of the convergence time after a link failure in the network? (Choose two)

A.

BFD

B.

Ti-LFA

C.

Minimal BGP scan time

D.

MPLS-FRR

E.

IGP fast hello

Question # 76

Company XYZ needs advice in redesigning their legacy Layer 2 infrastructure. Which technology should be included in the design to minimize or avoid convergence delays due to STP or FHRP and provide a loop-free topology?

A.

Use switch clustering in the access layer.

B.

Use switch clustering in the core/distribution layer.

C.

Use spanning-tree PortFast.

D.

Use BFD.

Question # 77

While computer networks and sophisticated applications have allowed individuals to be more productive the need to prepare for security threats has increased dramatically A six-step methodology on security incident handling has been adopted by many organizations including service providers enterprises, and government organizations to ensure that organizations are aware of significant security incidents and act quickly to stop the attacker, minimize damage caused, and prevent follow on attacks or similar incidents in the future Drag and drop the actions on the left to the targets on the right in the correct order.

400-007 question answer

Question # 78

Refer to the exhibit.

400-007 question answer

The network 10.10.0.0/16 has been redistributed to OSPF processes and the best path to the destination from R1 has been chosen as R1–R2–R3. A failure occurred on the link between R2 and R3 and the path was changed to R1–R4–R5–R3. What happens when the link between R2 and R3 is restored?

A.

The path R1–R4–R5–R3 continues to be the best path because the metric is better

B.

The path reverts back to R1–R2–R3 because the route type is E1

C.

The path R1–R4–R5–R3 continues to be the best path because OSPF does not compare the metrics between two domains

D.

The path reverts to R1–R2–R3 because this was the previous best path

Question # 79

A business wants to centralize services via VDI technology and to replace remote WAN desktop PCs with thin client-type machines to reduce operating costs. Which consideration supports the new business requirement?

A.

VDI servers should be contained centrally within a DMZ

B.

The thin client traffic should be placed in a WAN QoS priority queue

C.

VDI servers should be contained within dedicated VLANs in each branch location

D.

The WAN should offer low latency and be resized

Question # 80

When constraint-based routing is under consideration to be added to a network design, what are two inherent characteristics or impacts that must be considered? (Choose two)

A.

better network utilization

B.

stability in the route table

C.

high computation overhead

D.

smaller routing table size

E.

less resources than the shortest path

Question # 81

Which two statements about MLD snooping are true? (Choose two)

A.

When MLD snooping is enabled, QoS is automatically enabled

B.

A VLAN can support multiple active MLD snooping queriers, as long as each one is associated to a different multicast group

C.

An MLD snooping querier election occurs when any MLD snooping querier goes down or if there is an IP address change on the active querier

D.

When multiple MLD snooping queriers are enabled in a VLAN, the querier with the lowest IP address in the VLAN is elected as the active MLD snooping querier

Question # 82

The goal for any network designer is to strive to build a resilient network that adapts to changing conditions rapidly with minimal impact on the services running over the network. A resilient network can adapt to failures, but which soft failure can be harder to define and detect?

A.

A network with operational challenges due to lack of skills

B.

A network that is not running in an optimal way

C.

A network which does not solve complexity issues

D.

A network or service that experiences outages

Question # 83

What are two top cloud-native security challenges faced by today ' s cloud-oriented organizations? (Choose two.)

A.

Establishing user roles

B.

Polymorphism

C.

Lack of visibility and tracking

D.

Increased attack surface

E.

User credential validation

Question # 84

: 473

A network consists of multiple planes where each plane represents a different area of network operations and cames different types of network traffic Which two statements describe the concepts of assurance in the context of control planes? (Choose two.)

A.

It is responsible for collecting analyzing, and enforcing policies based on observed data

B.

It primarily deals with configuring system access and network traffic flow policies

C.

It focuses on gathering and analyzing metrics, logs, and traces to infer the health of systems

D.

It executes predefined policies and forwards network traffic

E.

It is the ability to ensure system compliance and reliability under specified conditions

Question # 85

An engineer must design a network for a company that uses OSPF LFA to reduce loops. Which type of loop would be reduced by using this design?

A.

DTP

B.

Micro loops

C.

STP

D.

REP

Question # 86

The modular design model approach allows companies to have a network infrastructure that is better suited for scalable applications What is the benefit for companies that use this model?

A.

low communication with its employees through the intranet

B.

more flexible in the event of rapid market changes

C.

less efficient organizational ecosystem

D.

more in-house expertise and skilled resources

Question # 87

Which two actions must be taken when assessing an existing wireless network implementation for its readiness to support voice traffic? (Choose two.)

A.

Check for high roaming delay.

B.

Check for uniform radio coverage across the floors.

C.

Check for high channel utilization.

D.

Check for latency over wireless.

E.

Identify frequent TX power changes.

Question # 88

A banking customer determines that it is operating POS and POI terminals that are noncompliant with PCI DSS requirements, as it is running TLSv1.0. The customer plans to migrate the terminals to TLSv1.2. What are two requirements to complete the migration? (Choose two.)

A.

Ensure that strong cryptography is applied for users who have administrative access through networks

B.

Apply strong cryptography and security protocols to safeguard sensitive cardholder data.

C.

Apply strong encryption for transmission of cardholder data across public networks.

D.

Protect all user systems against malware and frequently update antivirus software

E.

Maintain a policy that addresses information security for employees and third parties.

Question # 89

According to the CIA triad principles for network security design, which principle should be priority for a Zero Trust network?

A.

requirement for data-in-motion encryption and 2FA authentication

B.

requirement for data-at-rest encryption for user identification within the VPN termination hardware

C.

categorization of systems, data, and enterprise BYOD assets that are connected to network zones based on individual privacy needs

D.

ensuring that authorized users have high-availability system access from defined zones to defined systems or zones

Question # 90

Which tool automates network implementation activities and shortens the implementation lifecycle?

A.

LISP

B.

Java

C.

Conclusion

D.

Python

Question # 91

Which two compliance audit functions are useful to meet business requirements? (Choose two.)

A.

risk prevention

B.

advise auditing

C.

audit monitoring

D.

risk identification audit resolution

Question # 92

Refer to the exhibit.

400-007 question answer

Traffic was equally balanced between Layer 3 links on core switches SW1 and SW2 before an introduction of the new video server in the network. This video server uses multicast to send video streams to hosts and now one of the links between core switches is overutilized. Which design solution solves this issue?

A.

Add more links between core switches.

B.

Aggregate links Layer 2 link aggregation.

C.

Apply a more granular load-balancing method on SW1.

D.

Apply a more granular load-balancing method on SW2.

E.

Filter IGMP joins on an overutilized link.

Question # 93

Company XYZ connects its sites over a private WAN. Their overlay network is running a DMVPN setup where the headquarters site is the hub. The company is planning on implementing multicast routing on the network. What should be used in the multicast routing design?

A.

PIM dense mode with RP located at the hub

B.

PIM sparse mode with RP located at each remote site

C.

PIM sparse mode with RP located at the hub

D.

PIM dense mode with RP located at each remote site

Question # 94

A multinational enterprise integrates a cloud solution with these objectives:

• Achieve seamless connectivity across different countries and regions

• Extend data center and private clouds into public clouds and provider-hosted clouds

What are two outcomes of deploying data centers and fabrics that interconnect different cloud networks? (Choose two.)

A.

Enhanced security

B.

Data and network ownership

C.

Ability to place workloads across clouds

D.

Centralized visibility

E.

Unidirectional workload mobility across the cloud

Question # 95

As part of a design solution a consultant needs to describe the trade-offs between different SDN models Drag the characteristics on the left to the correct controller-based network designs on the right in no particular order.

400-007 question answer

Question # 96

A customer asks you to perform a high-level review of their upcoming WAN refresh for remote sites. The review is specially focused on their retail store operations consisting of 500+ locations connected via multipoint IPsec VPN solution. Which routing protocol would be valid but would also be the most restrictive for the expansion of this deployment model?

A.

EIGRP

B.

IS-IS

C.

OSPF

D.

BGP

Question # 97

Refer to the exhibit.

400-007 question answer

An engineer is designing the network for a multihomed customer running in AS 111. The AS does not have any other ASs connected to it. Which technology is more comprehensive to use in the design to make sure that the AS is not being used as a transit AS?

A.

Configure the AS-set attribute to allow only routes from AS 111 to be propagated to the neighbor ASs.

B.

Use the local preference attribute to configure your AS as a non-transit AS.

C.

Include an AS path access list to send routes to the neighboring ASs that only have AS 111 in the AS path field.

D.

Include a prefix list to only receive routes from neighboring ASs.

Question # 98

400-007 question answer

Reter to the exhibit This network is running OSPF and EIGRP as the routing protocols Mutual redistribution of the routing protocols has been contoured on the appropriate ASBRs The OSPF network must be designed so that flapping routes m EIGRP domains do not affect the SPF runs within OSPF The design solution must not affect the way EIGRP routes are propagated into the EIGRP domains Which technique accomplishes the requirement?

A.

route summarization on the ASBR interfaces facing the OSPF domain

B.

route summarization on the appropriate ASBRs

C.

route summarization on the appropriate ABRs

D.

route summarization on EIGRP routers connecting toward the ASBR

Question # 99

Which development model is closely associated with Agile project management?

A.

static model

B.

evolutionary delivery model

C.

lifecycle model

D.

starfish model

Question # 100

You want to split an Ethernet domain in two.

Which parameter must be unique in this design to keep the two domains separated?

A.

VTP domain

B.

VTP password

C.

STP type

D.

VLAN ID

Question # 101

Which two impacts of adding the IP event dampening feature to a network design are true? (Choose two.)

A.

It protects against routing loops.

B.

It switches traffic immediately after a link failure.

C.

It speeds up link failure detection.

D.

It reduces the utilization of system processing resources.

E.

It improves overall network stability.

Question # 102

A customer has a functional requirement that states HR systems within a data center should be segmented from other systems that reside in the same data center and same VLAN. The systems run legacy applications by using hard-coded IP addresses. Which segmentation method is suitable and scalable for the customer?

A.

Data center perimeter firewalling

B.

VACLs on data center switches

C.

Transparent firewalling

D.

Routed firewalls

Question # 103

Which statement about hot-potato routing architecture design is true?

A.

Hot-potato routing is the preferred architecture when connecting to content providers

B.

Hot-potato keeps traffic under the control of the network administrator for longer

C.

OSPF uses hot-potato routing if all ASBRs use the same value for the external metric

D.

Hot-potato routing is prone to misconfiguration as well as poor coordination between two networks

Question # 104

Which extensions to GRE tunneling provide session tracking and in-order packet delivery in exchange for additional state stored in tunnel endpoints?

A.

GRE Protocol Type and Checksum extension fields.

B.

GRE Version and Reserved0 extension fields.

C.

No extension fields are available in the GRE header to track session data and packet sequences.

D.

GRE Key and Sequence number extensions.

Question # 105

An enterprise SDWAN customer based in the US has several branches in Europe Currently branches use the HQ in the US to access both internal and external services over an MPLS arcuit The design team has been tasked to suggest a solution allowing branches to access their cloud-based office productivity tools and services directly Since all their applications and services are hosted in the cloud, the design team has also been asked to come up with a solution, so branches can connect to the cloud directly from the branch as well Which two cost-effective and optimized solutions can be suggested? (Choose two)

cloud onRamp (SaaS)

A.

DIA

B.

software-defined cloud interconnects

C.

cloud SSO broker

D.

cloud hubs

Question # 106

What is the key strategy to address scalability challenges In the rapidly evolving digital landscape with resilient designs?

A.

Mitigate the impact of power outages.

B.

Minimize the distance.

C.

Identify potential bottlenecks.

D.

Optimize resource utilization.

Question # 107

Company XYZ has implemented policy-based routing in their network. Which potential problem must be kept in mind about network reconvergence and PBR?

A.

It can limit network scalability

B.

It can create microloops during reconvergence

C.

It increases convergence time.

D.

It reduces convergence time.

Question # 108

A large enterprise cloud design team is evaluating different cloud consumption models What is an example of typical PaaS limitations or concerns that should be considered during service design?

A.

Vendor lock-in

B.

runtime issues

C.

lack of control

D.

multi-tenant security

Question # 109

which two actions must be taken when assessing an existing wireless network implementation for its readliness to support voice traffic? (choose two)

A.

Validate antenna settings on APs

B.

Verify that RX level are not above -6WBm.

C.

Analyze typical roaming delays.

D.

Identify frequent TX power changes.

E.

Check for high channel utilization

Question # 110

Company ABC uses IPv4-only. Recently they started deploying new endpoint devices. For operational reasons, IPv6 cannot be disabled on these new endpoint devices. Which security measure prevents the new endpoint from learning an IPv6 prefix from an attacker?

A.

Source Guard and Prefix Guard

B.

Router Advertisement Guard

C.

Prefix Guard

D.

Secure Neighbor Discovery

Question # 111

Refer to the exhibit.

400-007 question answer

After a network audit, a network engineer must optimize the current network convergence time. The proposed solution must consider link layer and control plane failures. Which solution meets the requirements?

A.

Configure debounce timers

B.

Increase fast hello timers

C.

Implement BFD

D.

Enable LSP fast flood

Question # 112

Refer to the exhibit.

400-007 question answer

An engineer is designing the traffic flow for AS 111. Traffic from AS 111 should be preferred via AS 100 for all external routes. A method must be used that only affects AS 111. Which BGP attributes are best suited to control outbound traffic?

A.

community

B.

MED

C.

local preference

D.

AS path

Question # 113

Refer to the table.

400-007 question answer

A customer investigates connectivity options for a DCI between two production data centers to aid a large-scale migration project. The migration is estimated to take 20 months to complete but might extend an additional 10 months if issues arise. All connectivity options meet the requirements to migrate workloads. Which transport technology provides the best ROI based on cost and flexibility?

A.

CWDM over dark fiber

B.

MPLS

C.

DWDM over dark fiber

D.

Metro Ethernet

Question # 114

Setting a specific goal for throughput based on per-second data rates between end hosts does not identify the requirements for specific applications When specifying throughput goals for applications, it is important to understand the throughput requirements for each application Which two factors that can constrain application layer throughput? (Choose two.)

A.

protocol parameters, such as frame size and retransmission timers

B.

sent packets or cells at networking devices

C.

the pps or cps rate of networking devices

D.

workstation and server availability

E.

end-to-end throughput rates

Question # 115

A customer migrates from a traditional Layer 2 data center network into a new SDN-based spine-and-leaf VXLAN EVPN data center within the same location. The networks are joined to enable host migration at Layer 2. What is the final migration step after hosts have physically migrated to have traffic flowing through the new network without changing any host configuration?

A.

Shut down legacy Layer 3 SVIs, clear ARP caches on all hosts being migrated, and then configure the legacy VRRP address onto new VXLAN core switches

B.

Increase VRRP priorities on new infrastructure over legacy VRRP values, then shut down legacy SVIs

C.

Shut down legacy infrastructure to allow VXLAN gateways to become active

D.

Shut down legacy Layer 3 SVIs and activate new preconfigured Layer 3 SVIs on VXLAN

Question # 116

Over the years, many solutions have been developed to limit control plane state which reduces the scope or the speed of control plane information propagation. Which solution removes more specific information about a particular destination as topological distance is covered in the network?

A.

Aggregation

B.

Summarization

C.

Back-off timers

D.

Layering

Question # 117

A consultant needs to evaluate project management methodologies for a new service deployment on the existing network of a customer. The customer wants to be involved in the end-to-end project progress and be provided with frequent updates. The customer also wants the ability to change the requirements if needed, as the project progresses. Which project management methodology should be used?

A.

Three principles

B.

Phased

C.

Agile

D.

Waterfall

Question # 118

Your company wants to deploy a new data center infrastructure. Based on the requirements you have chosen VXLAN as encapsulation technology. The customer is concerned about misconfiguration of Layer 2 devices and DC-wide outages caused by Layer 2 loops. What do you answer?

A.

VXLAN offers native loop avoidance mechanism

B.

Storm Control should be enabled on all ports

C.

VPC+ could prevent L2 loop on access ports

D.

BPDU Guard should be enabled on all VTEP access ports

Question # 119

A multinational corporation intends to deploy Al/ML-driven analytics for consumer data The company operates in multiple locations, including the EU, where data protection regulations are rigorous The organization must guarantee that its Al/ML solution adheres to local regulations, especially with data storage and processing

Which cloud environment will most effectively meet the company’s data sovereignty needs while assuring adherence to regional data protection regulations?

A.

storing client data in a public cloud environment situated outside the EU and processing it via a centralized AI/ML system in the United States

B.

employing a hybrid cloud infrastructure, wherein customer data from the EU is retained in local data centers and processed within a centralized AI/ML system situated in a separate jurisdiction

C.

storing client data in a private cloud situated within the EU region to adhere to local data protection regulations

D.

using a public cloud infrastructure that permits the storage and processing of customer data in any worldwide region, devoid of specific local limitations

Question # 120

An existing wireless network was designed to support data traffic only. You must now install context-aware services for location tracking. What changes must be applied to the existing wireless network to increase the location accuracy? (Choose two)

A.

Add access points along the perimeter of the coverage area.

B.

Increase the access point density to create an average inter-access point distance of less than 40 feet or 12.2 meters.

C.

Use directional antennas to provide more cell overlapping.

D.

Install additional access points in monitor mode where the co-channel interference would otherwise be affected.

E.

Fine tune the radio configuration of the access point to have a higher average transmission power to achieve better coverage.

Question # 121

Which design benefit of PortFast is true?

A.

PortFast does not generate a spanning tree topology change when a station on a port is connected or disconnected

B.

PortFast disables spanning tree on the port, which puts the port into the forwarding state immediately after it is connected

C.

PortFast allows small, unmanaged switches to be plugged into ports of access switches without risking switch loops

D.

PortFast detects one-way communications on the physical port, which prevents switch loops

E.

PortFast prevents switch loops that are caused by a unidirectional point-to-point link condition on Rapid PVST+ and MST

F.

PortFast prevents switched traffic from traversing suboptimal paths on the network

Question # 122

Which two characteristics apply to firewall transparent mode operations in a firewall solution design? (Choose two.)

A.

Changes in the existing IP addressing and subnets are required

B.

The firewall can participate actively on spanning tree.

C.

Multicast traffic can traverse the firewall.

D.

OSPF adjacencies can be established through the firewall

E.

The firewall acts like a router hop in the network.

Question # 123

During evaluation of migrating current on-premises infrastructure to add cloud-based infrastructure, a network planning team must meet three core requirements:

Technology must be adaptable over the next three years (CapEx investment).

Network bandwidth requirements are dynamic.

Operational expenses (OpEx) must be minimized.

Which cloud strategy meets these requirements?

A.

Private

B.

Hybrid

C.

Public

D.

Multicloud

Question # 124

Which two points must network designers consider when designing a new network design or when evaluating an existing network design to help them understand the high-level design direction with regards to the security aspects? (Choose two)

A.

Consider Business objectives and goals

B.

Consider organization’s security policy standards

C.

Consider for only multi-site networks

D.

Consider for only new network technologies and components

Question # 125

Company XYZ wants to use the FCAPS ISO standard for network management design, focusing on minimizing outages through detection, isolation, and corrective actions. Which layer accomplishes this design requirement?

A.

Fault management

B.

Performance management

C.

Security management

D.

Accounting management

Question # 126

A large enterprise customer is planning a new WAN connection to its headquarters The current architecture is dual homed with static routing but users complain when a specific link fails Failure of the other link does not affect any services or applications The new WAN connection must provide the headquarters with a resilient network design and increase the return on investment Which solution should be recommended to the customer?

A.

Implement granular quality of service on the links.

B.

Procure additional bandwidth.

C.

Use dynamic routing toward the WAN.

D.

Add an additional link to the WAN.

Question # 127

An MPLS service provider is offering a standard EoMPLS-based VPLS service to Customer A, providing Layer 2 connectivity between a central site and approximately 100 remote sites. Customer A wants to use the VPLS network to carry its internal multicast video feeds which are sourced at the central site and consist of 20 groups at Mbps each. Which service provider recommendation offers the most scalability?

A.

EoMPLS-based VPLS can carry multicast traffic in a scalable manner

B.

Use a mesh of GRE tunnels to carry the streams between sites

C.

Enable snooping mechanisms on the provider PE routers

D.

Replace VPLS with a Layer 3 MVPN solution to carry the streams between sites

Question # 128

Company XYZ has 30 sites running a legacy private WAN architecture that connects to the Internet via multiple high-speed connections. The company is now redesigning their network and must comply with these design requirements:

Use a private WAN strategy that allows the sites to connect to each other directly and caters for future expansion.

Use the Internet as the underlay for the private WAN.

Securely transfer the corporate data over the private WAN.

Which two technologies should be incorporated into the design of this network? (Choose two.)

A.

S-VTI

B.

IPsec

C.

DMVPN

D.

GET VPN

E.

PPTP

Question # 129

Drag and drop the characteristics from the left onto the corresponding network management options on the right.

400-007 question answer

Question # 130

Which undesired effect of increasing the jitter compensation buffer is true?

A.

The overall transport jitter decreases and quality improves.

B.

The overall transport jitter increases and quality issues can occur.

C.

The overall transport delay increases and quality issues can occur.

D.

The overall transport delay decreases and quality improves.

Question # 131

Which three items do you recommend for control plane hardening of an infrastructure device? (Choose three.)

A.

redundant AAA servers

B.

Control Plane Policing

C.

warning banners

D.

to enable unused services

E.

SNMPv3

F.

routing protocol authentication

Question # 132

In a redundant hub-and-spoke design with inter-spoke links, load oscillation and routing instability occur due to overload conditions. Which two design changes improve resiliency? (Choose two)

A.

Increase the number of redundant paths considered during the routing convergence calculation

B.

Eliminate links between every spoke

C.

Increase routing protocol convergence timers

D.

Increase unequal-cost parallel paths

E.

Use two links to each remote site instead of one

Question # 133

An IT service provider is upgrading network infrastructure to comply with PCI security standards. The network team finds that 802.1X and VPN authentication based on locally-significant certificates are not available on some legacy phones. Which workaround solution meets the requirement?

A.

Replace legacy phones with new phones because the legacy phones will lose trust if the certificate is renewed.

B.

Enable phone VPN authentication based on end-user username and password.

C.

Temporarily allow fallback to TLS 1.0 when using certificates and then upgrade the software on legacy phones.

D.

Use authentication-based clear text password with no EAP-MD5 on the legacy phones.

Question # 134

You have been asked to design a remote access VPN solution to support up to 2000 devices. You must ensure that only corporate assets are allowed to connect to the VPN, and users must authenticate to gain access based on their user role. Users must use a password that they are already using to access existing applications. A user may not always use the same device to access the VPN. Which two options combined meet the requirements? (Choose two)

A.

Use local usernames and passwords on the VPN device

B.

Deploy a central authentication directory that users can be authenticated and authorized against

C.

Deploy certificates that are unique to each user

D.

Deploy an IPsec VPN solution

E.

Deploy certificates that are unique to each device

F.

Deploy a SSL VPN solution

Question # 135

An architect designs a multi-controller network architecture with these requirements:

Achieve fast failover to control traffic when controllers fail.

Yield a short distance and high resiliency in the connection between the switches and the controller.

Reduce connectivity loss and enable smart recovery to improve the SDN survivability.

Improve connectivity by adding path diversity and capacity awareness for controllers.

Which control plane component of the multi-controller must be built to meet the requirements?

A.

control node reliability

B.

controller stale consistency

C.

control path reliability

D.

controller clustering

Question # 136

QUESTION 69 Refer to the exhibit. AJI links are P2P Layer 3. A high availability application is synchronizing data between host A and host B. To increase chance of delivery the same data is sent twice from host A on two different NICs toward the two NICs on host B.

400-007 question answer

Refer to the exhibit. All links are P2P Layer 3. A high availability application is synchronizing data between Host A and Host B. To increase the chance of delivery, the same data is sent twice from Host A on two different NICs toward the two NICs on Host B.

Which solution must be deployed in the network to ensure that any failure in the network does not trigger data loss on Host B?

A.

EIGRP with feasible successors

B.

BFD

C.

IP Fast Reroute

D.

Static routes

Question # 137

Company XYZ, a global content provider, owns data centers on different continents. Their data center design involves a standard three-layer design with a Layer 3-only core. HSRP is used as the FHRP. They require VLAN extension across access switches in all data centers, and they plan to purchase a Layer 2 interconnection between two of their data centers in Europe. In the absence of other business or technical constraints, which termination point is optimal for the Layer 2 interconnection?

A.

at the core layer, to offer the possibility to isolate STP domains

B.

at the aggregation layer because it is the Layer 2 to Layer 3 demarcation point

C.

at the access layer because the STP root bridge does not need to align with the HSRP active node

D.

at the core layer because all external connections must terminate there for security reasons

Question # 138

A networking team needs to prevent spoofing attacks They are describing the different uRPF design use cases so they can identify and deploy the optimal mode in various parts of their network

Drag and drop the use cases from the left onto the corresponding uRPF technique on the right Not all options are used

400-007 question answer

Question # 139

: 475

Company XYZ is a large US-based online retailer that is preparing for a major sale scheduled for the holiday season. Large volumes of dynamic workloads are expected, which are time sensitive and seasonal. In anticipation of the surge in data, they are re-architecting their workload management. Which two technical considerations for service placement of workloads should be considered? (Choose two.)

A.

service level agreement

B.

performance

C.

time to market

D.

workload elasticity

E.

business asset control

Question # 140

The General Bank of Greece plans to upgrade its legacy end-of-life WAN network with a new flexible, manageable, and scalable solution. The main requirements are ZTP support, end-to-end encryption, application awareness, and segmentation. The CTO states that the main goal of the bank is CAPEX reduction. Which WAN technology should be used for the solution?

A.

SD-branch

B.

DMVPN with PfR

C.

Managed SD-WAN

D.

SD-WAN

Question # 141

400-007 question answer

Refer to the exhibit A solution architect is tasked with designing a quick fault detection and convergence solution based on a set of requirements

•Due to the use of voice applications, users must ideally not experience traffic disruption in excess of 100 milliseconds in case of link or node failures in OSPF area 100. •The enterprise requires the network to be highly available

•Traffic must quickly switch to another path without waiting for the OSPF dead interval to kick in What can be included in the design in order to meet these requirements?

A.

Make OSPF peers use BFD and set the BFD timers to an appropriate value.

B.

Enable IP SLA tracking with next hop to OSPF peer

C.

Use fault propagation timers specified in milliseconds for the OSPF SPF algorithm.

D.

Adjust SPF delay and LSA interval timers in OSPF protocol.

Question # 142

Which two statements describe the functionality of OSPF packet-pacing timers? (Choose two.)

A.

The group-pacing timer controls the interval that is used for group and individual LSA refreshment

B.

OSPF flood-pacing timers allow dynamic control of the OSPF transmission queue size

C.

OSPF retransmission-pacing timers allow control of interpacket spacing between consecutive link-state update packets in the OSPF retransmission queue

D.

OSPF retransmission-pacing timers allow control of packet interleaving between nonconsecutive link-state update packets in the OSPF retransmission queue

E.

OSPF flood-pacing timers allow control of interpacket spacing between consecutive link-state update packets in the OSPF transmission queue

Question # 143

What is a country-specific requirement that data is subject to the laws of the country in which it is collected or processed and must remain within its borders?

A.

Data sovereignty

B.

Data rationality

C.

Data inheritance

D.

Data replication

Question # 144

Two routers R1 and R2 are directly connected through an Ethernet link Both routers are running OSPF. OSPF has been registered with BFD and BFD is running in asynchronous mode with the echo function enabled Which two actions occur that are related to the echo function? (Choose two)

A.

DFD sent at a slower pace because the echo function is enabled

B.

BFD echo packets are sent from forwarding engines along the Layer 2 path to perform detection

C.

BFD control packets are sent at a higher pace because the echo function is enabled

D.

Only BFD control packets are sent from forwarding engines along the Layer 2 path to perform detection

E.

DUMPS BFD sessions at either end actively participate in the forwarding of echo packets

Question # 145

Which solution component helps to achieve comprehensive threat protection and compliance for migration to multicloud SDX architectures?

A.

System-oriented architecture

B.

OSASE architecture

C.

Platform-oriented architecture

D.

SASE architecture

Question # 146

: 492

A network architect is tasked to develop a design where it is a requirement to group resources according to their security and trust level in the network. Which tool can be leveraged to achieve this?

A.

multi-factor authentication

B.

application firewalls

C.

proxy servers

D.

IDS based malware detection

Question # 147

Which methodology is the leading lifecycle approach to network design and implementation?

A.

PPDIOO

B.

Waterfall model

C.

Spiral model

D.

V model

Question # 148

You are designing the routing design for two merging companies that have overlapping IP address space. Which of these must you consider when developing the routing and NAT design?

A.

Local to global NAT translation is done after routing

B.

Global to local NAT translation is done before routing

C.

Local to global NAT translation is done before policy-based routing

D.

Global to local NAT translation is done after policy-based routing

Question # 149

Company XYZ is redesigning their QoS policy. Some of the applications used by the company are real-time applications. The QoS design must give these applications preference in terms of transmission. Which QoS strategy can be used to fulfill the requirement?

A.

weighted fair queuing

B.

weighted random early detection

C.

low-latency queuing

D.

first-in first-out

Question # 150

400-007 question answer

Refer to the exhibit. A company is running their data center based on VXLAN and BGP EVPN with stretched subnets for servers attaching to the edge devices being an important feature. The security team has defined a requirement where server group A must not be able to communicate with each other but is allowed to communicate with server group B. while servers in Group B must be able to communicate with all servers. Which scalable solution can be deployed to support these requirements?

A.

VACL

B.

VRF with route leaking

C.

private VLAN

D.

transparent firewall

400-007 PDF

$119.7

$399

3 Months Free Update

  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

400-007 PDF + Testing Engine

$179.7

$599

3 Months Free Update

  • Exam Name: Cisco Certified Design Expert (CCDE v3.1)
  • Last Update: Jul 5, 2026
  • Questions and Answers: 503
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

400-007 Engine

$134.7

$449

3 Months Free Update

  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included