ExamGecko
Login
Home / Cisco / 300-440 / List of questions
Ask Question

Cisco 300-440 Practice Test - Questions Answers, Page 3

Add to Whishlist

List of questions

Question 21

Report Export Collapse

A cloud engineer is setting up a new set of nodes in the AWS EKS cluster to manage database integration with Mongo Atlas. The engineer set up security to Mongo but now wants to ensure that the nodes are also secure on the network side. Which feature in AWS should the engineer use?

EC2 Trust Lock

EC2 Trust Lock

security groups

security groups

tagging

tagging

key pairs

key pairs

Suggested answer: B
Explanation:

Security groups are a feature in AWS that allow you to control the inbound and outbound traffic to your instances. They act as a virtual firewall that can filter the traffic based on the source, destination, protocol, and port. You can assign one or more security groups to your instances, and each security group can have multiple rules. Security groups are stateful, meaning that they automatically allow the response traffic for any allowed inbound traffic, and vice versa. Security groups are essential for securing your nodes in the AWS EKS cluster, as they can prevent unauthorized access to your Mongo Atlas database or other resources. You can also use security groups to isolate your nodes from other instances in the same VPC or subnet, or to allow communication between nodes in different clusters or regions.Reference:=

AWS Security Groups

Security Groups for Your VPC

Security Groups for Your Amazon EC2 Instances

Security Groups for Your Amazon EKS Cluster

asked 07/10/2024
Marcelo Tamaki
42 questions

Question 22

Report Export Collapse

DRAG DROP

An engineer needs to configure enhanced policy-based routing (ePBR) for IPv4 by using Cisco vManage. Drag and drop the steps from the left onto the order on the right to complete the configuration of the ePBR using the CLI add-on template.


Become a Premium Member for full access
  Unlock Premium Member

Question 23

Report Export Collapse

Which feature is unique to Cisco SD-WAN IPsec tunnels compared to native IPsec VPN tunnels?

Become a Premium Member for full access
  Unlock Premium Member

Question 24

Report Export Collapse

Which approach does a centralized internet gateway use to provide connectivity to SaaS applications?

Become a Premium Member for full access
  Unlock Premium Member

Question 25

Report Export Collapse

Refer to the exhibits.

Cisco 300-440 image Question 25 112698 10072024005928000000

Refer to the exhibit. An engineer needs to configure a site-to-site IPsec VPN connection between an on-premises Cisco IOS XE router and Amazon Web Services (AWS). Which configuration command must be placed in the blank in the code to complete the tunnel configuration?

Become a Premium Member for full access
  Unlock Premium Member

Question 26

Report Export Collapse

DRAG DROP

An engineer must configure a CLI add-on feature template in Cisco vManage for enhanced policy-based routing (ePBR) for IPv4. These configurations were deleted:

* licensing config enable false

* licensing config privacy hostname true

* licensing config privacy version false

* licensing config utility utility-enable true

Drag and drop the steps from the left onto the order on the right to complete the configuration.


Become a Premium Member for full access
  Unlock Premium Member

Question 27

Report Export Collapse

DRAG DROP

An engineer must configure an AppGoE service node for WAN optimization for applications that are hosted in the cloud using Cisco vManage for C8000V or C8500L-8S4X devices. Drag and drop the steps from the left onto the order on the right to complete the configuration.


Become a Premium Member for full access
  Unlock Premium Member

Question 28

Report Export Collapse

Refer to the exhibits.

Cisco 300-440 image Question 28 112701 10072024005928000000

Cisco 300-440 image Question 28 112701 10072024005928000000

Refer to the exhibits. An engineer must redistribute only the 10.0.10.0/24 network into BGP to connect an on-premises network to a public cloud provider. These routes are currently redistributed:

Cisco 300-440 image Question 28 112701 10072024005928000000

Which command is missing on router R2?

Become a Premium Member for full access
  Unlock Premium Member

Question 29

Report Export Collapse

Refer to the exhibits.

Cisco 300-440 image Question 29 112702 10072024005928000000

Cisco 300-440 image Question 29 112702 10072024005928000000

Refer to the exhibits. An engineer must redistribute OSPF internal routes into BGP to connect an on-premises network to a cloud provider. Which two commands should the engineer run on router R2? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member

Question 30

Report Export Collapse

Refer to the exhibits.

Cisco 300-440 image Question 30 112703 10072024005928000000

Refer to the exhibit. An engineer successfully brings up the site-to-site VPN tunnel between the remote office and the AWS virtual private gateway, and the site-to-site routing works correctly. However, the end-to-end ping between the office user PC and the AWS EC2 instance is not working. Which two actions diagnose the loss of connectivity? (Choose two.)

Become a Premium Member for full access
  Unlock Premium Member
Total 38 questions
Go to page: of 4
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

DRAG DROP Drag and drop the commands from the left onto the purposes on the right to identify issues on a Cisco IOS XE SD-WAN device.
Refer to the exhibits. Refer to the exhibit. An engineer successfully brings up the site-to-site VPN tunnel between the remote office and the AWS virtual private gateway, and the site-to-site routing works correctly. However, the end-to-end ping between the office user PC and the AWS EC2 instance is not working. Which two actions diagnose the loss of connectivity? (Choose two.)
Which Microsoft Azure service enables a dedicated and secure connection between an on-premises infrastructure and Azure data centers through a colocation provider?
DRAG DROP An engineer must use Cisco vManage to configure an application-aware routing policy Drag and drop the steps from the left onto the order on the right to complete the configuration.
An engineer is implementing a highly secure multitier application in AWS that includes S3. RDS, and some additional private links. What is critical to keep the traffic safe?
Refer to the exhibit. While troubleshooting an IPsec connection between a Cisco WAN edge router and an Amazon Web Services (AWS) endpoint, a network engineer observes that the security association status is active, but no traffic flows between the devices What is the problem?
A company with multiple branch offices wants a suitable connectivity model to meet these network architecture requirements: * high availability * quality of service (QoS) * multihoming * specific routing needs Which connectivity model meets these requirements?
Refer to the exhibit. A company uses Cisco SD-WAN in the data center. All devices have the default configuration. An engineer attempts to add a new centralized control policy in Cisco vManage but receives an error message. What is the problem?
Refer to the exhibits. Refer to the exhibits. An engineer must redistribute only the 10.0.10.0/24 network into BGP to connect an on-premises network to a public cloud provider. These routes are currently redistributed: Which command is missing on router R2?
A company with multiple branch offices wants a connectivity model to meet its network architecture requirements. The company focuses on ensuring low latency and efficient routing for its critical business applications. Which connectivity model meets these requirements?