ExamGecko
Login
Home / Cisco / 350-401 / List of questions
Ask Question

Cisco 350-401 Practice Test - Questions Answers, Page 8

Add to Whishlist

List of questions

Question 71

Report Export Collapse

When using TLS for syslog, which configuration allows for secure and reliable transportation of messages to its default port?

logging host 10.2.3.4 vrf mgmt transport tcp port 6514

logging host 10.2.3.4 vrf mgmt transport tcp port 6514

logging host 10.2.3.4 vrf mgmt transport udp port 6514

logging host 10.2.3.4 vrf mgmt transport udp port 6514

logging host 10.2.3.4 vrf mgmt transport tcp port 514

logging host 10.2.3.4 vrf mgmt transport tcp port 514

logging host 10.2.3.4 vrf mgmt transport udp port 514

logging host 10.2.3.4 vrf mgmt transport udp port 514

Suggested answer: A
Explanation:

The TCP port 6514 has been allocated as the default port for syslog over Transport Layer Security (TLS).

Reference: https://tools.ietf.org/html/rfc5425

asked 10/10/2024
Nicholas Johnson
46 questions

Question 72

Report Export Collapse

At which Layer does Cisco DNA Center support REST controls?

EEM applets or scripts

EEM applets or scripts

Session layer

Session layer

YMAL output from responses to API calls

YMAL output from responses to API calls

Northbound APIs

Northbound APIs

Suggested answer: D
asked 10/10/2024
Wislon Pereira
41 questions

Question 73

Report Export Collapse

Refer to the exhibit.

Cisco 350-401 image Question 73 115372 10102024232942000000

Which troubleshooting a routing issue, an engineer issues a ping from S1 to S2. When two actions from the initial value of the TTL? (Choose two.)

The packet reaches R3, and the TTL expires

The packet reaches R3, and the TTL expires

R2 replies with a TTL exceeded message

R2 replies with a TTL exceeded message

R3 replies with a TTL exceeded message.

R3 replies with a TTL exceeded message.

The packet reaches R2 and the TTL expires

The packet reaches R2 and the TTL expires

R1 replies with a TTL exceeded message

R1 replies with a TTL exceeded message

The packet reaches R1 and the TTL expires.

The packet reaches R1 and the TTL expires.

Suggested answer: A, D
Explanation:

Source MAC in the capture is VMWare, MAC is Cisco. Routers first check the TTL before any further process, subtract 1 at R1. Send to R2, subtract and you have ZERO. Discard packet and reply with ICMP Time Exceeded message from that point, don't even bother checking the Route table for further processing.

asked 10/10/2024
Kevin Intriago
39 questions

Question 74

Report Export Collapse

Which technology provides a secure communication channel for all traffic at Layer 2 of the OSI model?

MACsec

MACsec

IPsec

IPsec

SSL

SSL

Cisco Trustsec

Cisco Trustsec

Suggested answer: A
Explanation:

MACsec, defined in 802.1AE, provides MAC-layer encryption over wired networks by using outofband methods for encryption keying. The MACsec Key Agreement (MKA) Protocol provides the

asked 10/10/2024
Carol Phelps
44 questions

Question 75

Report Export Collapse

Cisco 350-401 image Question 75 115374 10102024232942000000

Refer to the exhibit. An engineer is configuring an EtherChannel between Switch1 and Switch2 and notices the console message on switch2. Based on the output, which action resolves this issue?

Configure less member ports on Switch2.

Configure less member ports on Switch2.

Configure the same port channel interface number on both switches

Configure the same port channel interface number on both switches

Configure the same EtherChannel protocol on both switches

Configure the same EtherChannel protocol on both switches

Configure more member ports on Switch1.

Configure more member ports on Switch1.

Suggested answer: C
Explanation:

In this case, we are using your EtherChannel without a negotiation protocol on Switch2. As a result, if the opposite switch is not also configured for EtherChannel operation on the respective ports, there is a danger of a switching loop. The EtherChannel Misconfiguration Guard tries to prevent that loop from occuring by disabling all the ports bundled in the EtherChannel.

asked 10/10/2024
Camrin Schroyer
36 questions

Question 76

Report Export Collapse

Which entity is responsible for maintaining Layer 2 isolation between segments In a VXLAN environment?

switch fabric

switch fabric

VTEP

VTEP

VNID

VNID

host switch

host switch

Suggested answer: C
Explanation:

Cisco 350-401 image Question 76 explanation 115375 10102024232942000000

VXLAN uses an 8-byte VXLAN header that consists of a 24-bit VNID and a few reserved bits. The VXLAN header together with the original Ethernet frame goes in the UDP payload. The 24-bit VNID is used to identify Layer 2 segments and to maintain Layer 2 isolation between the segments.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/vxlan/configuration/guide/b_Cisco_Nexus_9000_Series_NXOS_VXLAN_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NXOS_VXLAN_Configuration_Guide_7x_chapter_010.html

asked 10/10/2024
Duc Hai
46 questions

Question 77

Report Export Collapse

Which DHCP option helps lightweight APs find the IP address of a wireless LAN controller?

Option 43

Option 43

Option 60

Option 60

Option 67

Option 67

Option 150

Option 150

Suggested answer: A
asked 10/10/2024
Felomino Bacquiano II
50 questions

Question 78

Report Export Collapse

Refer the exhibit.

Cisco 350-401 image Question 78 115377 10102024232942000000

Which router is the designated router on the segment 192.168.0.0/24?

This segment has no designated router because it is a nonbroadcast network type.

This segment has no designated router because it is a nonbroadcast network type.

This segment has no designated router because it is a p2p network type.

This segment has no designated router because it is a p2p network type.

Router Chicago because it has a lower router ID

Router Chicago because it has a lower router ID

Router NewYork because it has a higher router ID

Router NewYork because it has a higher router ID

Suggested answer: B
asked 10/10/2024
miguel sartori
40 questions

Question 79

Report Export Collapse

What are two differences between the RIB and the FIB? (Choose two.)

The FIB is derived from the data plane, and the RIB is derived from the FIB.

The FIB is derived from the data plane, and the RIB is derived from the FIB.

The RIB is a database of routing prefixes, and the FIB is the Information used to choose the egress interface for each packet.

The RIB is a database of routing prefixes, and the FIB is the Information used to choose the egress interface for each packet.

FIB is a database of routing prefixes, and the RIB is the information used to choose the egress interface for each packet.

FIB is a database of routing prefixes, and the RIB is the information used to choose the egress interface for each packet.

The FIB is derived from the control plane, and the RIB is derived from the FIB.

The FIB is derived from the control plane, and the RIB is derived from the FIB.

The RIB is derived from the control plane, and the FIB is derived from the RIB.

The RIB is derived from the control plane, and the FIB is derived from the RIB.

Suggested answer: B, E
asked 10/10/2024
Brant McGurk
35 questions

Question 80

Report Export Collapse

Which algorithms are used to secure REST API from brute attacks and minimize the impact?

SHA-512 and SHA-384

SHA-512 and SHA-384

MD5 algorithm-128 and SHA-384

MD5 algorithm-128 and SHA-384

SHA-1, SHA-256, and SHA-512

SHA-1, SHA-256, and SHA-512

PBKDF2, BCrypt, and SCrypt

PBKDF2, BCrypt, and SCrypt

Suggested answer: D
Explanation:

One of the best practices to secure REST APIs is using password hash. Passwords must always be hashed to protect the system (or minimize the damage) even if it is compromised in some hacking attempts. There are many such hashing algorithms which can prove really effective for password security e.g. PBKDF2, bcrypt and scrypt algorithms.

Other ways to secure REST APIs are: Always use HTTPS, Never expose information on URLs

(Usernames, passwords, session tokens, and API keys should not appear in the URL), Adding Timestamp in Request, Using OAuth, Input Parameter Validation.

Reference: https://restfulapi.net/security-essentials/

asked 10/10/2024
Bruno Colussi
30 questions
Total 983 questions
Go to page: of 99
Open VPLUS File
Convert VPLUS to PDF

Related questions

An engineer must configure a multicast UDP jitter operation. Which configuration should be applied? A) B) C) D)
A customer has recently implemented a new wireless infrastructure using WLC-5520 at a site directly next to a large commercial airport. Users report that they intermittently lose WI-FI connectivity, and troubleshooting reveals it is due to frequent channel changes. Which two actions fix this issue? (Choose two)
An engineer is troubleshooting the Ap join process using DNS. Which FQDN must be resolvable on the network for the access points to successfully register to the WLC?
Reter to the exhibit. Refer to the exhibit. A network engineer must be notified when a user switches to configuration mode. Which script should be applied to receive an SNMP trap and a critical-level log message?
Refer to the exhibit. An engineer must allow R1 to advertise the 192 168.1 0/24 network to R2 R1 must perform this action without sending OSPF packets to SW1 Which command set should be applied?
What are two differences between the RIB and the FIB? (Choose two.)
Refer to the exhibit. What is the result of this Python code?
An engineer must use IP SLA to measure the network performance and record statistics hop-by-hop. Which configuration must be used?
A network engineer must configure the VTY lines on a router to achieve these results: Remote access should be permitted for all feasible protocols. Only a password should be required for device authentication. All idle EXEC sessions must be terminated in 60 minutes. Which configuration should be applied?
Which devices does Cisco DNA Center configure when deploying an IP-based access control policy?