ExamGecko
Search Search Login
Home Home / Cisco / 350-401

Cisco 350-401 Practice Test - Questions Answers, Page 17

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which option works with a DHCP server to return at least one WLAN management interface IP address during the discovery phase and is dependent upon the VCI of the AP?
What are two differences between the RIB and the FIB? (Choose two.)
An engineer must update the local web authentication details on a Cisco 5520 WLC. The engineer has one active SSID configured for web authentication and plans to update the virtual interface with a nonroutable IP address. Which command must the engineer apply?
An engineer is troubleshooting the Ap join process using DNS. Which FQDN must be resolvable on the network for the access points to successfully register to the WLC?
Which port is required to allow APs to join a WLC when directed broadcasts are used on a Cisco iOS switch?
Reter to the exhibit. Refer to the exhibit. A network engineer must be notified when a user switches to configuration mode. Which script should be applied to receive an SNMP trap and a critical-level log message?
Refer to the exhibit. An engineer must allow R1 to advertise the 192 168.1 0/24 network to R2 R1 must perform this action without sending OSPF packets to SW1 Which command set should be applied?
Refer to the Exhibit. Refer to the exhibit. Which action must be performed to allow RESTCONF access to the device?
An engineer must configure a multicast UDP jitter operation. Which configuration should be applied? A) B) C) D)
Refer to the Exhibit. Refer to the exhibit An engineer is troubleshooting an mDNS issue in an environment where Cisco ISE is used to dynamically assign mDNS roles to users The engineer has confirmed that ISE is sending the correct values, but name resolution is not functioning as expected Which WLC configuration change resolves the issue?

Question 161

Report
Export
Collapse

Refer to the exhibit.

After implementing the configuration 172.20.20.2 stops replaying to ICMP echoes, but the default route fails to be removed. What is the reason for this behavior?

A.

The source-interface is configured incorrectly.

A.

The source-interface is configured incorrectly.

Answers
B.

The destination must be 172.30.30.2 for icmp-echo

B.

The destination must be 172.30.30.2 for icmp-echo

Answers
C.

The default route is missing the track feature

C.

The default route is missing the track feature

Answers
D.

The threshold value is wrong.

D.

The threshold value is wrong.

Answers
Suggested answer: C

Explanation:

The last command should be "R1(config)#ip route 0.0.0.0 0.0.0.0 172.20.20.2 track 10".

Question 162

Report
Export
Collapse

If the noise floor is -90 dBm and wireless client is receiving a signal of -75 dBm, what is the SNR?

A.

15

A.

15

Answers
B.

1.2

B.

1.2

Answers
C.

-165

C.

-165

Answers
D.

.83

D.

.83

Answers
Suggested answer: A

Question 163

Report
Export
Collapse

Refer to the exhibit. An engineer must create a script that appends the output of the show process cpu sorted command to a file.

A.

action 4.0 syslog command "show process cpu sorted | append flash:high-cpu-file"

A.

action 4.0 syslog command "show process cpu sorted | append flash:high-cpu-file"

Answers
B.

action 4.0 publish-event "show process cpu sorted | append flash:high-cpu-file"

B.

action 4.0 publish-event "show process cpu sorted | append flash:high-cpu-file"

Answers
C.

action 4.0 ens-event "show process cpu sorted | append flash:high-cpu-file"

C.

action 4.0 ens-event "show process cpu sorted | append flash:high-cpu-file"

Answers
D.

action 4.0 cli command "show process cpu sorted | append flash:high-cpu-file"

D.

action 4.0 cli command "show process cpu sorted | append flash:high-cpu-file"

Answers
Suggested answer: D

Question 164

Report
Export
Collapse

Which two mechanisms are available to secure NTP? (Choose two.)

A.

IP prefix list-based

A.

IP prefix list-based

Answers
B.

IPsec

B.

IPsec

Answers
C.

TACACS-based authentication

C.

TACACS-based authentication

Answers
D.

IP access list-based

D.

IP access list-based

Answers
E.

Encrypted authentication

E.

Encrypted authentication

Answers
Suggested answer: D, E

Question 165

Report
Export
Collapse

What is the difference between CEF and process switching?

A.

CEF processes packets that are too complex for process switching to manage.

A.

CEF processes packets that are too complex for process switching to manage.

Answers
B.

CEF is more CPU-intensive than process switching.

B.

CEF is more CPU-intensive than process switching.

Answers
C.

CEF uses the FIB and the adjacency table to make forwarding decisions, whereas process switching punts each packet.

C.

CEF uses the FIB and the adjacency table to make forwarding decisions, whereas process switching punts each packet.

Answers
D.

Process switching is faster than CEF.

D.

Process switching is faster than CEF.

Answers
Suggested answer: C

Question 166

Report
Export
Collapse

Which AP mode allows an engineer to scan configured channels for rogue access points?

A.

sniffer

A.

sniffer

Answers
B.

monitor

B.

monitor

Answers
C.

bridge

C.

bridge

Answers
D.

local

D.

local

Answers
Suggested answer: B

Question 167

Report
Export
Collapse

What is a characteristic of MACsec?

A.

802.1AE provides encryption and authentication services

A.

802.1AE provides encryption and authentication services

Answers
B.

802.1AE is bult between the host and switch using the MKA protocol, which negotiates encryption keys based on the master session key from a successful 802.1X session

B.

802.1AE is bult between the host and switch using the MKA protocol, which negotiates encryption keys based on the master session key from a successful 802.1X session

Answers
C.

802.1AE is bult between the host and switch using the MKA protocol using keys generated via the Diffie-Hellman algorithm (anonymous encryption mode)

C.

802.1AE is bult between the host and switch using the MKA protocol using keys generated via the Diffie-Hellman algorithm (anonymous encryption mode)

Answers
D.

802.1AE is negotiated using Cisco AnyConnect NAM and the SAP protocol

D.

802.1AE is negotiated using Cisco AnyConnect NAM and the SAP protocol

Answers
Suggested answer: B

Explanation:

MACsec, defined in 802.1AE, provides MAC-layer encryption over wired networks by using out-ofband methods for encryption keying. The MACsec Key Agreement (MKA) Protocol provides the required session keys and manages the required encryption keys. MKA and MACsec are implemented after successful authentication using the 802.1x Extensible Authentication Protocol (EAP-TLS) or Pre Shared Key (PSK) framework.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9300/software/release/16-9/configuration_guide/sec/b_169_sec_9300_cg/macsec_encryption.html

Question 168

Report
Export
Collapse

Which method should an engineer use to deal with a long-standing contention issue between any two VMs on the same host?

A.

Adjust the resource reservation limits

A.

Adjust the resource reservation limits

Answers
B.

Live migrate the VM to another host

B.

Live migrate the VM to another host

Answers
C.

Reset the VM

C.

Reset the VM

Answers
D.

Reset the host

D.

Reset the host

Answers
Suggested answer: A

Question 169

Report
Export
Collapse

Refer to the exhibit.

The EtherChannel between SW2 and SW3 is not operational which action resolves this issue?

A.

Configure the channel-group mode on SW2 Gi0/1 and Gi0/1 to on.

A.

Configure the channel-group mode on SW2 Gi0/1 and Gi0/1 to on.

Answers
B.

Configure the channel-group mode on SW3 Gi0/1 to active

B.

Configure the channel-group mode on SW3 Gi0/1 to active

Answers
C.

Configure the mode on SW2 Gi0/0 to trunk

C.

Configure the mode on SW2 Gi0/0 to trunk

Answers
D.

Configure the mode on SW2 Gi0/1 to access.

D.

Configure the mode on SW2 Gi0/1 to access.

Answers
Suggested answer: B

Question 170

Report
Export
Collapse

Refer to the exhibit. Which action completes the configuration to achieve a dynamic continuous mapped NAT for all users?

A.

Configure a match-host type NAT pool

A.

Configure a match-host type NAT pool

Answers
B.

Reconfigure the pool to use the 192.168 1 0 address range

B.

Reconfigure the pool to use the 192.168 1 0 address range

Answers
C.

Increase the NAT pool size to support 254 usable addresses

C.

Increase the NAT pool size to support 254 usable addresses

Answers
D.

Configure a one-to-one type NAT pool

D.

Configure a one-to-one type NAT pool

Answers
Suggested answer: C
Total 983 questions
Go to page: of 99
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms