400-007 Dumps (V17.03) – Accurate Questions with Precise Answers Help You Prepare for the 400-007 CCDE Exam

1. You are designing a network running both IPv4 and IPv6 to deploy QoS.

Which consideration is correct about the QoS for IPv4 and IPv6?

2. Refer to the exhibit.

An engineer has been asked to redesign the traffic flow toward AS 111 coming from AS 500.Traffic destined to AS 111 network 91 7 0.0/16 should come in via AS 100. while traffic destined to all other networks in AS 111 should continue to use the existing path.

Which BGP attributes are best suited to control this inbound traffic coming from BGP AS 500 Into the 91.7.0.0/16 network?

3. DRAG DROP

Drag and drop the multicast protocols from the left onto the current design situation on the right.

4. Which three components are part of the foundational information security principles of the CIA triad? (Choose three.)

5. Refer to the exhibit.

An architect must design an enterprise WAN that connects the headquarters with 22 branch offices. The number of remote sites is expected to triple in the next three years.

The final solution must comply with these requirements:

✑ Only the loopback address of each of the enterprise CE X and Y routers must be advertised to the interconnecting service provider cloud network.

✑ . The transport layer must carry the VPNv4 label and VPN payload over the MP-BGP control plane.

✑ . The transport layer must not be under service provider control.

Which enterprise WAN transport virtualization technique meets the requirements?

6. Which two conditions must be met for EIGRP to maintain an alternate loop-free path to a remote network? (Choose two.)

7. A customer asks you to perform a high level review of their upcoming WAN refresh for remote sites. The review is specially focused on their retail store operations consisting of 500+ locations connected via mutlipoint IPsec VPN solution.

Which routing protocol would be valid but would also be the most restrictive for the expansion of this deployment model?

8. What is an architectural framework created by ETSI that defines standards to decouple network functions from proprietary hardware-based appliances and have them run in software on standard x86 servers?

9. What best describes the difference between Automation and Orchestration?

10. A BGP route reflector in the network is taking longer than expected to coverage during large network changes. Troubleshooting shows that the router cannot handle all the TCP acknowledgements during route updates.

Which action can be performed to tune the device performance?

11. In search of a system capable of hosting, monitoring compiling and testing code in an automated way, what can be recommended to the organization?

12. A financial company requires that a custom TCP-based stock-trading application beprioritized over all other traffic for the business due to the associated revenue. The company also requires that VoIP be prioritized for manual trades.

Which directive should be followed when a QoS strategy is developed for the business?

13. Which two benefits can software defined networks provide to businesses? (Choose two.)

14. An international media provider is an early adopter of Docker and micro services and is using an open-source homegrown container orchestration system. A few years ago, they migrated from on-premises data centers to the cloud Now they are faced with challenges related to management of the deployed services with their current homegrown orchestration system.

Which platform is well-suited as a state-aware orchestration system?

15. Hybrid cloud computing allows organizations to like advantage of public and private cloud models.

Which best practice should organizations follow to ensure data security in the private cloud?

16. The Layer 3 control plane is the intelligence over the network that steers traffic toward its intended destination.

Which two techniques can be used in service provider-style networks to offer a more dynamic, flexible, controlled, and secure control plane design? (Choose two.)

17. Company XYZ has designed their network to run GRE over IPsec on their Internet-based VPN to connect two sites.

Which IPsec tunneling feature can they enable to optimize the data flow while ensuring that the headers contain no duplicate IP addresses?

18. What advantage of placing the IS-IS layer 2 flooding domain boundary at the core Layer in a three-layer hierarchical network is true?

19. You have been tasked with designing a data center interconnect to provide business continuity You want to encrypt the traffic over the DCI using IEEE 802 1AE MACsec to prevent the deployment of any firewall or IPS.

Which two interconnect technologies support MACsec? (Choose two.)

20. Which two foundational aspects of loT are still evolving and being worked on by the industry at large? (Choose two)

21. Which three Cisco products are used in conjunction with Red Hat to provide an NFVi solution? (Choose three.)

22. Which three elements help network designers to construct secure systems that protect information and resources (such as devices, communication, and data) from unauthorized access, modification, inspection, or destruction? (Choose three.)

23. An architect receives a business requirement from a CTO that states the RTO and RPO for a new system should be as close as possible to zero.

Which replication method and datacenter technology should be used?

24. Which DCI technology utilizes a “flood and learn” technique to populate the Layer2 forwarding table?

25. While reviewing an existing network design, you are discussing the characteristics of different STP versions.

Which protocol minimizes unicast flooding during a Topology Change Notification in a Layer 2 switched network with many VLANs?

26. Company ABC wants to minimize the risk of users plugging unauthorized switches and hubs into the network.

Which two features can be used on the LAN access ports to support this design requirement? (Choose two.)

27. Which best practice ensures data security in the private cloud?

28. A multicast network is sing Bidirectional PIM.

Which two combined actions achieve high availability so that two RPs within the same network can act in a redundant manner? (Choose two)

29. You have been asked to design a remote access VPN solution to support up to 2000 devices. You must ensure that only corporate assets are allowed to connect to the VPN, and users must authenticate to gain access of their based on their user role. Users must use a password that they are already using to access existing applications. A user may not always use the same device to access the VPN.

Which two options combined meet the requirements? (Choose two)

30. DRAG DROP

The network team in XYZ Corp wants to modernize their infrastructure and is evaluating an implementation and migration plan to allow integration MPLS-based, Layer 2 Ethernet services managed by a service provider to connect branches and remote offices. To decrease OpEx and improve response times when network components fail, XYZ Corp decided to acquire and deploy new routers. The network currently is operated over E1 leased lines (2 Mbps) with a managed CE service provided by the telco.

Drag and drop the implementation steps from the left onto the corresponding targets on the right in the correct order.

31. Retef to the exhibit.

This network is running OSPF and EIGRP as the routing protocols Mutual redistribution of the routing protocols has been contoured on the appropriate ASBRs. The OSPF network must be designed so that flapping routes m EIGRP domains do not affect the SPF runs within OSPF. The design solution must not affect the way EIGRP routes are propagated into the EIGRP domains.

Which technique accomplishes the requirement?

32. What are two top cloud-native security challenges faced by today's cloud-oriented organizations? (Choose two)

33. Company XYZ is redesigning their QoS policy. Some of the applications used by the company are real-time applications. The QoS design must give these applications preference in terms of transmission.

Which QoS strategy can be used to fulfill the requirement?

34. Company XYZ wants to use the FCAPS ISO standard for network management design. The focus of the design should be to monitor and keep track of any performance issues by continuously collecting and analyzing statistical information to monitor, correct, and optimize any reduced responsiveness across the network.

Which layer accomplishes this design requirement?

35. What are two examples of business goals to be considered when a network design is built? (Choose two.)

36. Which tool automates network implementation activities and shortens the implementation lifecycle?

37. Company XYZ Is running a redundant private WAN network using OSPF as the underlay protocol. The current design accommodates for redundancy In the network, but it Is taking over 30 seconds for the network to reconverge upon failure.

Which technique can be Implemented In the design to detect such a failure in a subsecond?

38. You have been asked to design a high-density wireless network for a university campus.

Which two principles would you apply in order to maximize the wireless network capacity? (Choose two.)

39. Refer to the exhibit.

This network is running OSPF as the routing protocol. The internal networks are being advertised in OSPF London and Rome are using the direct link to reach each other although the transfer rates are better via Barcelona.

Which OSPF design change allows OSPF to calculate the proper costs?

40. Which optimal use of interface dampening on a fast convergence network design is true?

41. As network designer, which option is your main concern with regards to virtualizing multiple network zones into a single hardware device?

42. A Service Provider is designing a solution for a managed CE service to a number of local customers using a single CE platform and wants to have logical separation on the CE platform using Virtual Routing and Forwarding (VRF) based on IP address ranges or packet length.

Which is the most scalable solution to provide this type of VRF Selection process on the CE edge device?

43. Company XYZ wants to improve the security design of their network to include protection from reconnaissance and DoS attacks on their sub interfaces destined toward next hop routers.

Which technology can be used to prevent these types of attacks?

44. Company XYZ has a multicast domain that spans across multiple autonomous systems. The company wants to choose a technology that provides simplified and controlled approach to interconnecting the multicast domains.

Which technology is the best fit for this purpose?

45. An existing wireless network was designed to support data traffic only. You must now install context.

Aware services for location tracking changes must be applied to the existing wireless network to increase the location accuracy? (Chose two)

46. Which two features are advantages of SD-WAN compared to MPLS-based connectivity? (Choose two.)

47. Which design benefit of bridge assurance is true?

48. How must the queue sizes be designed to ensure that an application functions correctly?

49. An enterprise that runs numerous proprietary applications has major issues with its on-premises server estate hardware, to the point where business-critical functions are compromised. The enterprise accelerates plans to migrate services to the cloud.

Which cloud service should be used if the enterprise wants to avoid hardware issues yet have control of its applications and operating system?

50. As a network designer you need to support an enterprise with hundreds of remote sites connected over a single WAN network that carries different types of traffic, including VoIP, video, and data applications which of following design considerations will not impact design decision?

51. A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different systems using different types of authentication.

What is the next step to control such events after the security team verifies all users in Zero Trust modeling?

52. You want to mitigate failures that are caused by STP loops that occur before UDLD detects the failure or that are caused by a device that is no longer sending BPDUs.

Which mechanism do you use along with UDLD?

53. You are tasked to design a QoS policy for a service provider so they can include it in the design of their MPLS core network.

If the design must support an MPLS network with six classes, and CEs will be managed by the service provider, which QoS policy should be recommended?

54. Company XYZ connects its sites over a private WAN. Their overlay network is running a DMVPN setup where the headquarters site is the hub. The company is planning on implementing multicast routing on the network.

What should be used in the multicast routing design?

55. A healthcare customer requested that SNMP traps must be sent over the MPLS Layer 3 VPN service.

Which protocol must be enabled?

56. A service provider hires you to design its new managed CE offering to meet these requirements

• The CEs cannot run a routing protocol with the PE

• Provide the ability for equal or unequal ingress load balancing in dual-homed CE scenarios.

• Provide support for IPv6 customer routes

• Scale up to 250.000 CE devices per customer.

• Provide low operational management to scale customer growth.

• Utilize low-end (inexpensive) routing platforms for CE functionality.

Which tunneling technology do you recommend?

57. A customer has a functional requirement that states HR systems within a data center should be segmented from other systems that reside in the same data center and same VLAN. The systems run legacy applications by using hard-coded IP addresses.

Which segmentation method is suitable and scalable for the customer?

58. You have been tasked with designing a data center interconnect as part of business continuity. You want to use FCoE over this DCI to support synchronous replication.

Which two technologies allow for FCoE via lossless Ethernet or data center bridging? (Choose two.)

59. Which actions are performed at the distribution layer of the three-layer hierarchical network design model? (Choose two)

60. Which two factors must be considered for high availability in campus LAN designs to mitigate concerns about unavailability of network resources? (Choose two.)

61. Refer to the exhibit.

Company XYZ BGP topology is as shown in the diagram. The interface on the LA router connected toward the 10 1.5.0/24 network is faulty and is going up and down, which affects the entire routing domain.

Which routing technique can the network administrator use so that the rest of the network is not affected by the flapping issue?

62. Company XYZ is running OSPF in their network. They have merged with another company that is running EIGRP as the routing protocol. Company XYZ now needs the two domains to talk to each other with redundancy, while maintaining a loop free environment. The solution must scale when new networks are added into the network in the near future.

Which technology can be used to meet these requirements?

63. In an OSPF network with routers connected together with Ethernet cabling, which topology typically takes the longest to converge?

64. How many fully established neighbour relationships exist on an Ethernet with five routers running OSPF as network type broadcast?

65. A senior network designer suggests that you should improve network convergence times by reducing BGP timers between your CE router and the PE router of the service provider.

Which two factors should you consider to adjust the timer values? (Choose two.)

66. Refer to the exhibit.

ACME Mining has four data centers in Santiago. Cape Town. Mumbai, and Beijing, full-mesh connected via a 400 Mb/s EVP-LAN.

They want to deploy a new mission-critical application with these requirements:

✑ cluster heartbeat 2 Mb/s continuous (250 KB/s)

✑ cluster heartbeat one-way maximum latency 100 ms

These are the current ping tests results between the four data centers:

Which hosting data center pair can host the new application?

67. Software-defined networking architecture is used for cost-effective, adaptable, and easily manageable applications.

In which two software-defined networks is SDN commonly used? (Choose two.)

68. Refer to the table.

A customer investigates connectivity options for a DCI between two production data centers to aid a large-scale migration project. The migration is estimated to take 20 months to complete but might extend an additional 10 months if issues arise. All connectivity options meet the requirements to migrate workloads.

Which transport technology provides the best ROI based on cost and flexibility?

69. Company XYZ has two routing domains in their network, EIGRP and OSPF. The company wants to provide full reachability between the two domains by implementing redistribution on a router running both protocols. They need to design the redistribution in a way that the OSPF routers will see link costs added to external routes.

How must the redistribution strategy be designed for this network?

70. Which two characteristics apply to firewall transparent mode operations in a firewall solution design? (Choose two.)

71. You are tasked with the design of a high available network.

Which two features provide fail closed environments? (Choose two.)

72. An enterprise solution team is performing an analysis of multilayer architecture and multicontroller SDN solutions for multisite deployments. The analysis focuses on the ability to run tasks on any controller via a standardized interface.

Which requirement addresses this ability on a multicontroller platform?

73. DRAG DROP

Drag and drop the FCAPS network management reference models from the left onto the correct definitions on the right.

74. DRAG DROP

Drag and drop the design characteristics from the left onto the correct network filter techniques on the right. Not all options are used.

75. Which two actions must merchants do to be compliant with the Payment Card Industry Data Security Standard? (Choose two.)

76. Which three items do you recommend for control plane hardening of an infrastructure device? (Choose three.)

77. Which effect of using ingress filtering to prevent spoofed addresses on a network design is true?

78. Agile and Waterfall are two popular methods for organizing projects.

What describes any Agile network design development process?

79. A company plans to use BFD between its routers to detect a connectivity problem inside the switched network. An IPS is transparently installed between the switches.

Which packets should the IPS forward for BFD to work under all circumstances?

80. An enterprise wants to provide low-cost delivery of network systems that can be scaled on business demand, followed by an initiative to reduce capital expenses for new IT equipment.

Which technology meets these goals?

81. Refer to the exhibit.

For Company XYZ Bangkok is using ECMP to reach the 172 20 2 0/24 network. The company wants a design that would allow them to forward traffic from 172 16 2 0/24 toward 172 20 2 0/24 via the Singapore router as the preferred route. The rest of the traffic should continue to use ECMP.

Which technology fulfills this design requirement?

82. Which design solution reduces the amount of IGMP state in the network?

83. Company XYZ is running BGP as their routing protocol. An external design consultant recommends that TCP path MTU discovery be enabled.

Which effect will this have on the network?

84. Refer to the exhibit.

Traffic was equally balanced between Layer 3 links on core switches SW1 and SW2 before an introduction of the new video server in the network. This video server uses multicast to send video streams to hosts and now one of the links between core switches is over utilized.

Which design solution solves this issue?

85. What is a description of a control plane action?

86. While designing a switched topology, in which two options is UplinkFast recommended? (Choose two)

87. Company XYZ runs OSPF in their network. A design engineer decides to implement hot-potato routing architecture.

How can this implementation be achieved?

88. Company XYZ has a hub-and-spoke topology over an SP-managed infrastructure. To measure traffic performance metrics, they implemented IP SLA senders on all spoke CE routers and an IP SLA responder on the hub CE router.

What must they monitor to have visibility on the potential performance impact due to the constantly increasing number of spoke sites?

89. DRAG DROP

Drag and drop the optical technology design characteristics on the left to the correct optical technologies on the right. Not all options are used

90. SDN emerged as a technology trend that attracted many industries to move from traditional networks to SDN.

Which challenge is solved by SDN for cloud service providers?

91. When designing a WAN that will be carrying real-time traffic, what are two important reasons to consider serialization delay? (Choose two)

92. An enterprise plans to evolve from a traditional WAN network to a software-defined WAN network. The existing devices have limited capability when it comes to virtualization. As the migration is carried out, enterprise applications and services must not experience any traffic impact.

Which implementation plan can be used to accommodate this during the migration phase?

93. Refer to the exhibit.

A customer runs OSPF with Area 5 between its aggregation router and an internal router When a network change occurs in the backbone. Area 5 starts having connectivity issues due to the SPF algorithm recalculating an abnormal number of times in Area 5 You are tasked to redesign this network to increase resiliency on the customer network with the caveat that Router B does not support the stub area.

How can you accomplish this task*?

94. You are designing a large-scale DMVPN network with more than 500 spokes using EIGRP as the IGP protocol.

Which design option eliminates potential tunnel down events on the spoke routers due to the holding time expiration?

95. IPFIX data collection via standalone IPFIX probes is an alternative to flow collection from routers and switches.

Which use case is suitable for using IPFIX probes?

96. Which design principal improves network resiliency?

97. Company XYZ is designing the network for IPv6 security and they have these design requirements:

✑ A switch or router must deny access to traffic from sources with addresses that are correct, but are topologically incorrect

✑ Devices must block Neighbor Discovery Protocol resolution for destination addresses that are not found in the binding table.

Which two IPv4 security features are recommended for this company?

98. Company XYZ has 30 sites using MPLS L3 VPN and the company is now concerned about data integrity.

The company wants to redesign the security aspect of their network based on these requirements:

• Securely transfer the corporate data over the private WAN

• Use a centralized configuration model.

• Minimize overhead on the tunneled traffic.

Which technology can be used in the new design to meet the company's requirements?

99. Router R1 is a BGP speaker with one peering neighbor over link "A". When the R1 link/interface "A" fails, routing announcements are terminated, which results in the tearing down of the state for all BGP routes at each end of the link.

What is this a good example of?

100. When an SDN-based model is used to transmit multimedia traffic, which aspect should an architect consider while designing the network?