Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Questions and Answers
Which alarm setting is configured to monitor serious events that affect but do not shut down, the operation of a network function?
Refer to the exhibit, Which configuration routes Site 2 through the firewall in Site 1?
Which control policy assigned to Drenches in the out direction establishes a strict hub-and-spoke topology tor VPN2?
A)
B)
C)
D)
An engineer configures an application-aware routing policy for a group of sites The locations depend on public and private transports The policy does not work as expected when one of the transports does not perform properly This policy is configured:
which configuration completes the policy so that it works for all locations?
A)
B)
C)
D)
A customer has 1 to 100 service VPNs and wants to restrict outbound updates for VPN1 Which control policy configuration restricts these updates?
A)
B)
C)
D)
Drag and drop the attributes from the left that make each transport location unique onto the right. Not all options are used.
An engineer must configure local redundancy on a site. Which configuration accomplish this task?
A company must avoid downtime at the remote sites and data plane to continue forwarding traffic between WAN Edge devices if the branch router loses connectivity to its OMP peers Which configuration meets the requirement?
A)
B)
C)
D)
Refer to the exhibit An engineer is configuring a QoS policy to shape traffic for VLAN 100 on a subinterface Which policy configuration accomplishes the task?
A)
B)
C)
D)
Drag and drop the security terminologies from the left onto the PCI-compliant network features and devices on the right.
Which timer specifies information in the cache after all OMP sessions are lost at location S0123T4E56F78?
Refer to the exhibit.
An engineer is troubleshooting an issue where vManage and vSmart have a problem establishing a connection to vBond. Which action fixes the issue?
Which policy configures an application-aware routing policy under Configuration > Policies?
What must an engineer conewef when decoying an SD-WAN on-pfemlses architecture based on ESXi hypervisor?
Which two products are used to deploy Cisco WAN Edge Router virtual platforms? (Choose two.)
Which vBond system configuration under VPN 0 allows for a routable public IP address even if the DNS name, hostname, or IP address of the vBond orchestrator are omitted?
Refer to the exhibit. An engineer is enabling command line access via MPLS for in-band management. Which command completes the partial SD-WAN interface configuration with the highest degree of security?
What is an attribute of TLOC’?
Which protocol is used to measure loss latency, Jitter, and liveliness of the tunnel between WAN Edge router peers?
Which Cisco SD-WAN component facilitates the initial communication between WAN Edge devices to join the fabric?
An engineer provisions a WAN Edge router. Which command should be used from the WAN Edge router to activate it with vManage?
An engineer is configuring the branch office with a 172.16.0.0/16 subnet to use DIA for Internet traffic. All other traffic must flow to the central site or branches using the MPLS circuit Which configuration meets the requirement?
A)
B)
C)
D)
Which destination UDP port is used by WAN Edge router to make a DTLS connection with vBond Orchestrator?
Refer to the exhibit. vManage logs are available for the past few months. A device name change deployed mistakenly at a critical site. How is the device name change tracked by operation and design teams?
A)
B)
C)
Drag and drop the steps from the left into the order on the right to delete a software image for a WAN Edge router starting with Maintenance > Software Upgrade > Device list on vManage.
How many cloud gateway instance(s) can be created per region when provisioning Cloud OnRamp for Multicloud from AWS in a multiregion environment?
WAN Edge routers are configured manually to use UDP port offset to use nondefault offset values when IPsec tunnels are created. What is the offse range?
In which VPN is the NAT operation on an outgoing interface configured for direct Interne! access?
Which two services are critical for zero touch provisioning on-boarding? (Choose two)
Which application list is preconfigured?
In Cisco SD-WAN, what protocol is used for control connections between SD-WAN devices?
An engineer is configuring a shaping rate of 1 Mbps on the WAN link of a WAN Edge router Which configuration accomplishes this task’?
Refer to exhibit. An engineer is troubleshooting tear of control connection even though a valid CertificateSerialNumber is entered. Which two actions resolve Issue? (Choose two)
Which feature delivers traffic to the Cisco Umbrella SIG cloud from a Cisco SD-WAN domain?
Which feature allows reachability to an organization’s internally hosted application for an active DNS security policy on a device?
A network administrator is creating an OMP feature template from the vManage GUI to be applied to WAN edge routers. Which configuration attribute will avoid the redistribution of the routes back into the OMP from the LAN side?
What is the result during a WAN Edge software upgrade process if the version of the WAN Edge software is higher than the one running on a controller device?
Which component is used to optimize the multicast distribution tree enabled through the multicast network?
Which device in the SD- WAN solution receives and categorizes event reports, and generates alarms?
A network administrator is configuring a centralized control policy based on match action pairs for multiple conditions, which order must be configured to prefer Prefix List over TLOC and TLOC over Origin?
How are policies deployed on cloud-tiosted Cisco SD-WAN controllers?
What problem happens on a device with two serial numbers, a unique device identifier (UDI), and secure unique device identifier (SUDI) when an engineer provisions ISR 4000 by PnP using only a UDI?
Which command on a WAN Edge device displays the information about the colors present in the fabric that are learned from vSmart via OMP?
Which platforms are managed by a single vManage dashboard?
Refer to the exhibit.
The WAN Edge router at the data centers does not use NAT and has been configured with color restriction. Which color configuration needs to be associated to the WAN Edge router's VPN 0 interface to bring up the data plane tunnels?
What does forward error correction addresses in Cisco SO-WAN?
What are the two components of an application-aware firewall? (Choose two.)
Which command displays BFD session summary information per TLOC on vEdge routers?
Which capability does Cisco SD-WAN Multi-Region Fabric provide?
Which policy tracks path characteristics such as loss, latency, and jitter in vManage?
Company E wants to deploy Cisco SD-WAN with controllers in AWS The company's existing WAN is on private MPLS without Internet access to controllers m AWS An Internet circuit is added to a site in addition to the existing MPLS circuit. Which interface template establishes BFD neighbors over both transports?
A)
B)
C)
Miss
D)
An engineer is configuring a centralized policy to influence network route advertisement. Which controller delivers this policy to the fabric?
What is the main purpose of using TLOC extensions in WAN Edge router configuration?
Drag and drop the devices from the left into order on the right to upgrade the software from version 19 to version 20.
Drag and drop the definitions from the left to the configuration on the right.
A customer is receiving routes via OMP from vSmart controller for a specific VPN. The customer must provide access to the W2 loopback received via OMP to the OSPF neighbor on the service-side VPN, which configuration fulfils these requirements?
What are the two advantages of deploying cloud-based Cisco SD-WAN controllers? (Choose two.)
Which routing protocol is used to exchange control plane information between vSmart controllers and WAN Edge routers in the Cisco SD-WAN secure extensible network?
Drag and drop the REST API calls from the left onto the functions on the right.
In a Cisco SD-WAN network, which component is responsible for distributing route and policy information via the OMP?
An administrator needs to configure SD-WAN to divert traffic from the company's private network to an ISP network. What action should be taken to accomplish this goal?
Refer to the exhibit Which command allows traffic through the IPsec tunnel configured in VPN 0?
Which platform cannot provide IPS and URL filtering capabilities?
An engineer must configure VRRP for redundancy on WAN Edge router1 running an earlier version than 20.6, considering WAN Edge router2 is configured correctly. Which configuration meets the requirement?
Which secure connection should be used to access the REST APIs through the Cisco vManage web server?
Refer to the exhibit A small company was acquired by a large organization As a result, the new organization decided to update information on their Enterprise RootCA and generated a new certificate using openssl Which configuration updates the new certificate and issues an alert in vManage Monitor | Events Dashboard?
Which Cisco SD-WAN component the initial communication between WAN Edge devices to join the fabric?
When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?
Which SD-WAN component is configured to enforce a policy to redirect branch-to-branch traffic toward a network service such as a firewall or IPS?
For data plane resiliency, what does the Cisco SD-WAN software implement?
An organization requires the use of integrated preventative engines, exploit protection, and the most updated and advanced signature-based antivirus with sandboxing and threat intelligence to stop malicious attachments before they reach users and get executed. Which Cisco SD-WAN solution meets the requirements?
Refer to the exhibit.
What does the BFD value of 8 represent?
An enterprise needs DIA on some of its branches with a common location ID: A041:B70C: D78E::18 Which WAN Edge configuration meets the requirement?
A)
B)
C)
D)
How is lhe software managed in Cisco SD-WAN?
Refer to the exhibit. An engineer configures a hub-and-spoke SD-WAN topology with the requirement that traffic from router A branch to router B branch is guaranteed to flow through the network hub, router C. Which configuration meets the requirement for router A?
How many concurrent sessions does a vManage REST API have before it invalidates the least recently used session if the maximum concurrent session number is reached?
What is the behaviour of vBond orchestrator?
Which policy allows communication between TLOCs of data centers and spokes and blocks communication between spokes?
Refer to the exhibit.
Customer XYZ cannot provison dual connectivity on both Its routers due to budget constratnts but wants to use tnth RI and R2 interface for users behind them for load toward the hub site Which configurauon achieves this objectives?
A)
B)
C)
D)
An engineer configures policing with a rate of 125 Bps and a burst rate of 8000 bits, as shown here:
Which configuration completes this task?
Drag and drop the devices from the left onto the correct functions on the right.
Which two WAN Edge devices should be deployed in a cloud? (Choose two.)
Refer to the exhibit.
A network administrator is configuring OMP in vManage to advertise all the paths for the same prefix from a site that has two WAN Edge devices Each WAN Edge device is connected to three ISPs and two private MPLS transports. What is the minimum value for 'Number of Paths advertised per Prefix" that should be configured?
Which command disables the logging of syslog messages to the local disk?
What is a benefit of using REST APIs?
What are two benefits of installing Cisco SD-WAN controllers on cloud-hosted services? (Choose two.)
Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?
Which two advanced security features are available on the Cisco SD-WAN WAN Edge (vEdge) device? (Choose two.)
Which protocol is used for the vManage to connect to the vSmart Controller hosted in Cloud?
What is a benefit of the application-aware firewall?
What do receivers request to join multicast streams in a Cisco SO-WAN network?
Which VPNs must be configured outside the workflow to complete the SD-WAN overlay setup when using the Quick Connect workflow?
Which protocol runs between the vSmart controllers and WAN Edge routers when the vSmart controller acts like a route reflector?
A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the master device. What must be configured to get the fastest failover to standby?
An engineer is configuring a list that matches all IP prefixes with lengths from /1 to /16 in a centralized control policy. Which list accomplishes this task?
Which secure tunnel type should be used to connect one WAN Edge router to other WAN Edge routers?
Refer to the exhibit vManage and vBond have an issue establishing a connection with each other Which action resolves the issue?
A voice packet requires a latency of 50 msec. Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?
An administrator must deploy the controllers using the On-Prem method while vManage can access the PnP portal from inside How are the two WAN Edge authorized allowed lists to be made available to vManage? (Choose two)
In which device state does the WAN edge router create control connections, but data tunnels are not created?
Refer to the exhibit A WAN Edge device was recently added to vManage but a control connection could not be established Which action resolves this issue?
A large retail organization decided to move some of the branch applications to the AWS cloud. How does the network architect extend the in-house Cisco SD-WAN branch to cloud network into AWS?
Which percentage for total memory or total CPU usage for a device is classified as normal in the WAN Edge Health pane?
An engineer must advertise OSPF-learned routes and modify the update interval for route filtering by TLOC color to 300 on an SD-WAN device. Which configuration accomplishes this
task?
Refer to the exhibit.
An SD-WAN customer has 23 sites connected to its hub site, where a pair of WAN Edge devices and controllers are placed. All other branches have a single WAN Edge device connected to multiprotocol label switching (MPLS) and public internet circuits. An engineer must configure application-aware routing for a branch that has MPLS and public internet circuits provisioned using feature templates. The requirements for application-aware routing are:
All types of traffic prefers using public-internet circuit.
If the average latency reaches 100 ms, jitter 85 ms, and packet loss 5%, then video and voice traffic switches to the MPLS circuit.
Which feature template must be configured or modified in addition to configuring a centralized policy?
Which two requirements must be met for DNS inspection when integrating with cisco umbrella? (Choose two)
An engineer builds a three-node vManage cluster and then realizes that multiple nodes are unnecessary for the size of the company. How should the engineer revert the setup to a single vManage?
An engineer is configuring a data policy for packets that must be captured through the policy. Which command accomplishes this task?
Which protocol advertises WAN edge routes on the service side?
An enterprise deployed a Cisco SD-WAN solution with hub-and-spoke topology using MPLS as the preferred network over the Internet. A network engineer must implement an application-aware routing policy to allow ICMP traffic to be load-balanced over both the available links. Which configuration meets the requirement?
A)
B)
C)
D)
A vEdge platform is sending VRRP advertisement messages every 10 seconds. Which value configures the router back to the default timer?
Refer to the exhibit A user has selected the options while configuring a VPN Interface Ethernet feature template What is the required configuration parameter the user must set in this template for this feature to function?
Refer to the exhibit.
The tunnel interface configuration on both WAN Edge routers is:
Which configuration for WAN Edge routers will connect to the Internet?
An engineer wants to track tunnel characteristics within an SLA-based policy for convergence. Which policy configuration will achieve this goal?
An enterprise is continuously adding new sites to its Cisco SD-WAN network. It must configure any cached routes flushed when OMP peers have lost adjacency Which configuration allows the cached OMP routes to be flushed after every 24 hours from its routing table?
An engineer is configuring a data policy for IPv4 prefixes for a single WAN Edge device on a site with multiple WAN Edge devices How is this policy added using the policy configuration wizard?
Refer to the exhibit Which configuration must the engineer use to form underlay connectivity for the Cisco SD-WAN network?
A)
B)
C)
D)
Refer to the exhibit.
An organization is testing a Cisco SD-WAN solution and decided to have the control plane established first and not the data plane at the time of migration. Which configuration achieves this goal?
Which two prerequisites must be met before the Cloud onRamp for laaS is initiated on vManage to expand to the AWS cloud? (Choose two)
How are custom application ports monitored in Cisco SD-WAN controllers?
Which website allows access to visualize the geography screen from vManager using the internet?
A network is configured with CoPP to protect the CORE router route processor for stability and DDoS protection. As a company policy, a class named class-default is preconfigured and must not be modified or deleted. Troubleshoot CoPP to resolve the issues introduced during the maintenance window to ensure that:
WAN
CORE
MGMT
A screen shot of a computer screen AI-generated content may be incorrect.Text Description automatically generated with medium confidence
A screen shot of a computer AI-generated content may be incorrect.Graphical user interface Description automatically generated with medium confidence
A screenshot of a computer AI-generated content may be incorrect.Graphical user interface, text Description automatically generatedWhich configuration defines the groups of interest before creation of the access list or route map?
A)
B)
C)
D.
An engineer wants to automate the onboarding process for a WAN Edge router with vManage. Which command will accomplish this?
How is a TLOC uniquely identified from a WAN Edge router to the SD-WAN transport network?
Drag and drop the Cisco SD-WAN components from the left onto their functions on the right.
What is a requirement for deployment of on-premises vBond controllers through the Cisco Plug and Play Connect process?
Refer to the exhibit.
The control connection is failing. Which action resolves the issue?
Which action is performed during the onboarding process when a WAN Edge router is connected to ZTP server ztp.viptela com?
In an AWS cloud, which feature provision WAN Edge routers automatically in Cisco SD-WAN?
When a WAN Edge device joins the SD-WAN overlay, which Cisco SD-WAN components orchestrates the connection between the WAN Edge device and a vSmart controller?
A network administrator configures SNMPv3 on a Cisco WAN Edge router from CLI for monitoring purposes How many characters are supported by the snmp user
How do WAN Edge devices operate when vSmart is inaccessible or fails to be reached by the WAN Edge?
