Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Questions and Answers
An engineer modifies a data policy for DIA in VPN 200 to meet the requirements for traffic destined to these locations:
* external networks; must be translated
* external networks; must use a public TLOC color
* syslog servers, must use a private TLOC color
Here is the existing data policy configuration:
Which policy configuration sequence set meets the requirements?
Which API call retrieves a list of all devices in the network?
Which two services are critical for zero touch provisioning on-boarding? (Choose two)
Which protocol advertises WAN edge routes on the service side?
Refer to the exhibit. Which configuration extends the INET interface on R1 to be used by R2 for control and data connections?
A)
B)
C)
Refer to the exhibit. A network administrator is configuring OSPF advanced configuration parameters from a template using the vManager GUI for a branch WAN Edge router to calculate the cost of summary routes to an ASBR. Which action achieves this configuration?
Which Cloud OnRamp solution is used by partners and vendors without Cisco SD-WAN but still needs connectivity to their customers without installing SD-WAN routing appliances on their sites?
Which Cisco SD-WAN configuration provides the advantages of day-zero deployment and reusable configuration components?
An engineer must improve video quality by limiting HTTP traffic to the Internet without any failover. Which configuration in vManage achieves this goal?
Which application list is preconfigured?
Which VManage dashboard is used to monitor the next-hop reachability between two devices traversing through OMP for a service VPN’
Refer to the exhibit.
An engineer configured OMP with an overlay-as of 10666. What is the AS-PATH for prefix 104.104.104.104/32 on R100?
Which two REST API functions are performed for Cisco devices in an overlay network? (Choose two)
How is TLOC defined?
What does forward error correction addresses in Cisco SO-WAN?
A network administrator is tasked to make sure that an OMP peer session is closed after missing three consecutive keepalive messages in 3 minutes. Additionally, route updates must be sent every minute. If a WAN Edge router becomes unavailable, the peer must use last known information to forward packets for 12 hours. Which set of configuration commands accomplishes this task?
Refer to the exhibit.
Customer XYZ cannot provision dual connectivity on both of its routers due to budget constraints but wants to use both R1 and R2 interlaces for users behind them for load balancing toward the hub site. Which configuration achieves this objective?
What is the purpose of ‘’vpn 0’’ in the configuration template when onboarding a WAN edge node?
Which VPN must be present on at least one interface to install Cisco vManage and integrate it with WAN Edge devices in an overlay network site ID:S4307T7E78F29?
An engineer must create a QoS policy by creating a class map and assigning it to the LLQ queue on a WAN Edge router Which configuration accomplishes the task?
A)
B)
C)
D)
What is the role of the Session Traversal Utilities for NAT server provided by the vBond orchestrator?
Refer to the exhibit.
Which command-line configuration on a WAN Edge device achieves these results?
A)
B)
C)
D)
How is the software managed in Cisco SD-WAN?
Refer to the exhibit.
Which configuration change is needed to configure the tloc-extention on Branch1-Edge1?
In which device state does the WAN edge router create control connections, but data tunnels are not created?
Refer to the exhibit.
A customer wants to implement primary and secondary Cisco SD-WAN overlay routing for prefixes that are advertised for both data centers. The east data center (TLOC 101.101.101.101) is primary for east sites, and the west data center (TLOC 100.100.100.100) is primary for west sites. Which configuration change achieves this objective?
Which multicast component is irrelevant when defining a multicast replicator outside the local network without any multicast sources or receivers?
Which VPN connects the transport-side WAN Edge interface to the underlay/WAN network?
Drag and drop the vManage policy configuration procedures from the left onto the correct definitions on the right.
What is the order of operations for software upgrades of Cisco SD-WAN nodes'?
Which protocol runs between the vSmart controllers and WAN Edge routers when the vSmart controller acts like a route reflector?
An engineer is troubleshooting a vEdge router and identifies a “DCONFAIL – DTLS connection failure” message. What is the problem?
In a Cisco SD-WAN network, which component is responsible for distributing route and policy information via the OMP?
A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the primary device. What must be configured to get the fastest failover to standby?
Which configuration component is used in a firewall security policy?
An engineer is configuring a data policy for packets that must be captured through the policy. Which command accomplishes this task?
Which controller is used for provisioning and configuration in a Cisco SD-WAN solution?
What is a benefit of using REST APIs?
How should the IP addresses be assigned for all members of a Cisco vManage cluster located in the same data center?
Which two advanced security features are available on the Cisco SD-WAN WAN Edge (vEdge) device? (Choose two.)
Which TCP Optimization feature is used by WAN Edge to prevent unnecessary retransmissions and large initial TCP window sizes to maximize throughput and achieve a better quality?
Which pathway under Monitor > Network > Select Device is used to verify service insertion configuration?
Refer to the exhibit. A user in the branch is connecting to Office 365 for the first time. Over which path does the branch WAN Edge router traffic follow?
Which secure connection should be used to access the REST APIs through the Cisco vManage web server?
What are two benefits of installing Cisco SD-WAN controllers on cloud-hosted services? (Choose two.)
What do receivers request to join multicast streams in a Cisco SO-WAN network?
Which component of the Cisco SD-WAN secure extensible network provides a single pane of glass approach to network monitoring and configuration?
Which set of platforms must he in separate VMS as of release 16.1?
Which component of the Cisco SD-WAN control plane architecture facilitates the storage of certificates and configurations for network components?
Refer to the exhibit.
The Cisco SD-WAN network is configured with a default full-mesh topology. An engineer wants Paris WAN Edge to use the Internet HOC as the preferred TLOC for MSN Messenger and AOL Messenger traffic. Which policy achieves this goal?
A)
B)
C)
D)
Refer to the exhibit The network team must configure application-aware routing for the Service VPN 50.0.0.0/16 The SLA must prefer MPLS for video traffic but the remaining traffic must use a public network What must be defined other than applications before the application-aware policy is create?
Which policy configures an application-aware routing policy under Configuration > Policies?
An administrator wants to create a policy to add a traffic policer called "politer-ccnp" to police data traffic on the WAN Edge. Which configuration accomplishes this task in vSmart?
A voice packet requires a latency of 50 msec. Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?
Which cloud based component in cisco SD-WAN is responsible for establishing a secure connection to each WAN edge router and distributes routers and policy information via omp?
An engineer is creating a policy for VPN1 users. Their scavenger traffic at site 101 must pass through a firewall. Which two match conditions must be selected to enable this policy? (Choose two.)
An engineer must deploy a QoS policy with these requirements:
• policy name: App-police
• police rate: 1000000
• burst: 1000000
• exceed: drop
Which configuration meets the requirements?
What are the default username and password for vSmart Controller when it is installed on a VMware ESXi hypervisor'?
How many network interface cards are needed to add in virtual machine settings when installing vSmart controller on VMware vSphere ESXi Hypervisor software?
Refer to the exhibit An engineer is getting a CTORGNMMIS error on a controller connection Which action resolves this issue?
Which port is used for vBond under controller certificates if no alternate port is configured?
An engineer must configure egress QoS for voice traffic. Which queue must the engineer configure on the WAN Edge router to accomplish the task?
Drag and drop the attributes from the left that make each transport location unique onto the right. Not all options are used.
Which value of the IPsec rekey timer must be set by the engineer for an OMP graceful restart value set for 24 hours?
An engineer modifies a data policy for DIA in VPN 67. The location has two Internet-bound circuits. Only the web browsing traffic must be admitted for DIA. without further discrimination about which transport to use.
Here is the existing data policy configuration:
Which policy configuration sequence meets the requirements?
WAN Edge routers are configured manually to use UDP port offset to use nondefault offset values when IPsec tunnels are created. What is the offse range?
An engineer is configuring a centralized policy to influence network route advertisement. Which controller delivers this policy to the fabric?
An organization wants to discover monitor and track the applications running on the WAN Edge device on the LAN Which configuration achieves this goal?
Which action is performed during the onboarding process when a WAN Edge router is connected to ZTP server ztp.viptela com?
Which policy allows communication between TLOCs of data centers and spokes and blocks communication between spokes?
Refer to the exhibit Which NAT types must the engineer configure for the vEdge router to bring up the data plane tunnels?
An enterprise is continuously adding new sites to its Cisco SD-WAN network. It must configure any cached routes flushed when OMP peers have lost adjacency Which configuration allows the cached OMP routes to be flushed after every 24 hours from its routing table?
An administrator is configuring the severity level on the vManage NMS for events that indicate that an action must be taken immediately. Which severity level must be configured?
Which command on a WAN Edge device displays the information about the colors present in the fabric that are learned from vSmart via OMP?
In a customer retail network with multiple data centers, what does the network administrator use to create a regional hub topology?
Which command disables the logging of syslog messages to the local disk?
Which two criteria ate supported to filter traffic on a Cisco Umbrella Cloud-delivered firewall? (Choose two )
An enterprise has these three WAN connections:
public Internet
business internet
MPLS
An engineer must configure two available links to route traffic via both links. Which configuration achieves this objective?
What is the main purpose of using TLOC extensions in WAN Edge router configuration?
Refer to the exhibit. A customer wants to deploy service insertion at site1. Which traffic from VPN 10 must route to this site through a firewall. A policy must be in place to route VPN 10 traffic from all sites toward this firewall. Which configuration must be on the vSmart controller to meet this requirement?
Refer to the exhibit. An engineer is troubleshooting a control connection issue on a WAN Edge device that shows socket errors. The packet capture shows some ICMP packets dropped between the two devices. Which action resolves the issue?
Which attributes are configured to uniquely Identify and represent a TLOC route?
Refer to the exhibit A small company was acquired by a large organization As a result, the new organization decided to update information on their Enterprise RootCA and generated a new certificate using openssl Which configuration updates the new certificate and issues an alert in vManage Monitor | Events Dashboard?
Which protocol detects path status (up/down), measures loss/latency/jitter, and measures the quality of the IPsec tunnel MTU?
The network administrator is configuring a QoS scheduling policy on traffic received from transport side tunnels on WAN Edge 5000 routers at location 406141498 Which command must be configured on these devices?
Refer to the exhibit. An ongineer configured OMP with an ovorlay-as of 10666. What is tho AS-PATH for prefix 104.104.104.104/32 on R1007?
Which storage format Is used when vManage Is deployed as a virtual machine on a KVM hypervisor?
A large retail organization decided to move some of the branch applications to the AWS cloud. How does the network architect extend the in-house Cisco SD-WAN branch to cloud network into AWS?
What is the behaviour of vBond orchestrator?
Which feature template configures OMP?
A)
B)
C)
D)
An engineer must configure VRRP for redundancy on WAN Edge router1 running an earlier version than 20.6, considering WAN Edge router2 is configured correctly. Which configuration meets the requirement?
What is a benefit of the application-aware firewall?
An organization wants to use the cisco SD-WAN regionalized service-chaining feature to optimize cost and user experience with application in the network, which allows branch routers to analyze and steer traffic toward the required network function. Which feature meets this requirement?
Which two actions are necessary to set the Controller Certificate Authorization mode to indicate a root certificate? (Choose two)
When redistribution is configured between OMP and BGP at two Data Center sites that have Direct Connection interlink, which step avoids learning the same routes on WAN Edge routers of the DCs from LAN?
What is the default value for the Multiplier field of the BFD basic configuration in vManage?
Which OSPF command makes the WAN Edge router a less preferred exit from a site with a dual WAN Edge design?
A)
B)
C)
D)
A network administrator is configuring Qos on a vEdge 5000 router and needs to enable it on the transport side interface. Which policy setting must be selected to accomplish this goal?
An engineer must advertise OSPF-learned routes and modify the update interval for route filtering by TLOC color to 300 on an SD-WAN device. Which configuration accomplishes this
task?
Refer to the exhibit. Which configuration ensures that OSPP routes learned from Site2 are reachable at Stein and vice-versa?
Which two mechanisms are used by vManage to ensure that the certificate serial number of the WAN Edge router that is needed to authenticate is listed in the WAN Edge Authorized Señal Number Hst’ (Choose two)
An engineer must create a QoS policy by creating a class map and assigning it to the LLQ queue on a WAN Edge router Which configuration accomplishes the task?
A)
B)
C)
D)
Which destination UDP port is used by WAN Edge router to make a DTLS connection with vBond Orchestrator?
Refer to the exhibit.
vManage and vBond have an issue establishing a connection to each other. Which configuration resolves the issue?
How is multicast routing enabled on devices in the Cisco SD-WAN overlay network?
Which type of lists are used to group related items via an application-aware routing policy under the policy lists command hierarchy on vSmart controllers?
Which protocol Is used by the REST API to communicate with network services in the Cisco SO-WAN network?
Refer to the exhibit.
The engineer must assign community tags to 3 of its 74 critical server networks as soon as that are advertised to BGP peers. These server networks must not be advertised outside AS. Which configuration fulfill this requirement?
A)
B)
C)
D)
Which SD-WAN component is configured to enforce a policy to redirect branch-to-branch traffic toward a network service such as a firewall or IPS?
Exhibit.
The SD-WAN network Is configured with a default full-mesh topology. The network engineer wants the Rome WAN Edge to use the MPLS TLOC as the preferred TLOC when ….. Telnet traffic as long as me MPLS Ink has these, characteristics:
Loss: 5%
Latency: 100ms
Jitter: 100 ms
Which configuration must the network engineer use to create a list that that classifies the MPLS link characteristics?
A)
B)
C)
D)
An engineer must use data prefixes to configure centralized data policies using the vManage policy configuration wizard. What is the first step to accomplish this task?
In which VPN is the NAT operation on an outgoing interface configured for direct Interne! access?
A WAN Edge device has several service VPNs with no routing protocol configured in the service VPNs The device must be configured so that all connected routes are visible in OMP for VPN 10 Which configuration meets the requirement?
A)
B)
C)
D)
Refer to the exhibit. An engineer configures a hub-and-spoke SD-WAN topology with the requirement that traffic from router A branch to router B branch is guaranteed to flow through the network hub, router C. Which configuration meets the requirement for router A?
Which policy blocks TLOCs from remotes and allows TLOCs from the data center to form hub-and-spoke peering?
Which two different states of a WAN Edge certificate are shown on vManage? (Choose two.)
Which encryption algorithm is used for encrypting SD-WAN data plane traffic?
How many concurrent sessions does a vManage REST API have before it invalidates the least recently used session if the maximum concurrent session number is reached?
Which set of elements are verified by the controller to confirm the identity of edge devices?
How many subnets are necessary in Azure VNet for a WAN Edge device to function in the cloud deployment?
Drag and drop the functions from the left onto the correct templates on the right.
Which protocol is used to propagate multicast join requests over the Cisco SD-WAN fabric?
What two functions describe the TCP optimization tool used in the Cisco SD-WAN? (Choose two.)
Refer to the exhibit A vBond controller was added to the controller list with the same Enterprise Root CA certificate as vManage. The two controllers can reach each other via VPNO and share the same organization name, but the control connection is not initiated- Which action resolves the issue?
Which configuration changes the packet loss priority from low to highly?
A)
B)
C)
D)
Which service VPN must be reachable from all WAN Edge devices and the controllers?
On which device is a service FW address configured to Insert firewall service at the hub?
Which feature allows reachability to an organization’s internally hosted application for an active DNS security policy on a device?
How is the scalability of the vManage increased in Cisco SD-WAN Fabric?
Which attribute identifies the type of a vRoute?
Refer to the exhibit.
An engineer is troubleshooting an issue where vManage and vSmart have a problem establishing a connection to vBond. Which action fixes the issue?
Refer to the exhibit. The network administrator has configured a centralized topology policy that results in the displayed routing table at a branch office. Which two configurations are verified by the output? [Choose two.)
