Cisco 350-401 Practice Test - Questions Answers, Page 82

This is because the Cisco DNA Center Template Editor feature is a tool that allows the network administrator to create and deploy configuration templates to multiple network devices. The configuration templates use parameterized elements or variables, which are placeholders for values that can be customized for each device. For example, a variable can represent the hostname, IP address, or interface number of a device. The parameterized elements or variables can be defined manually or automatically using the Cisco DNA Center inventory. The source of this answer is the Cisco ENCOR v1.1 course, module 8, lesson 8.5: Implementing Network Configuration Management.

A virtual link is a logical connection between two OSPF routers that belong to different areas but share a common border with a transit area. A virtual link allows an OSPF router to participate in the backbone area (Area 0) even if it is not physically connected to it. This way, the OSPF network can maintain connectivity and routing consistency across all areas.A virtual link is configured between the OSPF router IDs of the two routers that need to be connected to the backbone area123.

Option A is incorrect because a stub area is an area that does not receive external routes from other autonomous systems or other OSPF areas.A stub area can only transit traffic to and from the backbone area, and it cannot be used as a transit area for a virtual link12.

Option B is incorrect because a virtual link does not change the IP address space of the networks that it connects. A virtual link is transparent to the IP layer and only affects the OSPF routing protocol.To connect two networks that have overlapping private IP address space, other solutions such as NAT or VPN are required12.

Option C is incorrect because a virtual link cannot merge two existing Area 0s through a nonbackbone area. A virtual link can only extend an existing Area 0 through a nonbackbone area. If there are two separate Area 0s in an OSPF network, they cannot be merged by a virtual link, and the network is considered to be partitioned.A partitioned network can cause routing loops and inconsistencies, and it should be avoided12.Reference:1:Configure OSPF Connection in a Virtual Link Environment,2:How to configure OSPF Virtual Link,3:Understand OSPF Areas and Virtual Links

Option A is the correct configuration to set NetFlow data export and capture on the router. This option enables NetFlow data export to the Cisco DNA Center with the IP address 192.168.23.1 and UDP port 23000, and also enables the ip flow-top-talkers command on the interface Gig0/1.The ip flow-top-talkers command displays the top talkers (the source and destination pairs that are consuming the most bandwidth) on the interface, based on the NetFlow statistics collected by the router12.

Option B is incorrect because it does not enable the ip flow-top-talkers command on the interface Gig0/1, which is required to identify the flows that are consuming the most bandwidth.The collect counter bytes command is used to specify the fields to be collected by Flexible NetFlow, which is a different feature from NetFlow3.

Option C is incorrect because it does not specify the UDP port for the NetFlow data export destination, which is required to send the NetFlow packets to the Cisco DNA Center.The default UDP port for NetFlow is 9996, which does not match the port configured on the Cisco DNA Center4.

Option D is incorrect because it does not enable NetFlow data export on the router, which is required to send the NetFlow statistics to the Cisco DNA Center.The ip flow-export source command is used to specify the source IP address of the NetFlow packets, but it does not enable the NetFlow data export feature4.Reference:1:ip flow-top-talkers,2:Capture NetFlow data,3:collect counter bytes,4:ip flow-export destination

The Python code in the exhibit defines a function calledaveragethat takes two parametersaandband returns the arithmetic mean of them. The function is then called with the arguments5and10, which are assigned toaandbrespectively. The function returns(5 + 10) / 2, which is7.5. Therefore, the result of the Python code is7.5.Reference:Python Functions,Python Arithmetic Operators

Option A is the correct configuration to apply interface and sensor monitoring on a router with the given requirements. This option uses SNMPv3, which is the most secure version of SNMP that supports encryption and authentication.The configuration steps are as follows12:

Create an access list namednmsthat permits only the NMS server with IP address 10.15.2.19 to access the router:ip access-list standard nmsandpermit 10.15.2.19 0.0.0.0.

Create a view namedrwthat includes all the SNMP objects:snmp-server view rw included.

Create a group namednmsthat uses SNMPv3 with privacy (encryption) and authentication, and assigns the viewrwand the access listnmsto the group:snmp-server group nms v3 priv read rw access nms.

Create a user namednmsthat belongs to the groupnmsand uses DES for authentication and AES for encryption, with the passwordsdespassandaespassrespectively:snmp-server user nms nms v3 auth des despass priv aes 192 aespass.

Option B is incorrect because it does not use encryption for SNMP communication, which is required by the question.Thenoauthkeyword in thesnmp-server groupcommand means that no authentication or encryption is used, which makes the SNMP packets vulnerable to eavesdropping and tampering1.

Option C is incorrect because it does not use the most secure algorithms for SNMP communication, which is required by the question. Themd5anddeskeywords in thesnmp-server usercommand mean that MD5 and DES are used for authentication and encryption respectively, which are considered weak and outdated algorithms.AES and SHA are recommended instead1.

Option D is incorrect because it does not restrict the access to the NMS server only, which is required by the question. Thesnmp-server communitycommand creates a community string that acts as a password for SNMP access, but it does not specify an access list to limit the source IP addresses that can use the community string.Therefore, any device that knows the community string can access the router via SNMP1.Reference:1:Configuring SNMPv3,2:SNMP Configuration Guide, Cisco IOS XE Gibraltar 16.12.x

PIM sparse mode uses a pull model to deliver multicast traffic. This means that multicast traffic is only forwarded to routers that have explicitly requested it, using join messages. This reduces the amount of unnecessary traffic on the network and allows for efficient use of bandwidth. The source of this answer is the Cisco ENCOR v1.1 course, module 5, lesson 5.2: Implementing PIM Sparse Mode.