Backupsand mirror-copies of data are an essential part of RPO solutions If a business wants to reduce their CAPEX for disaster recovery, which of the following solutions are applicable?

Which two control plane policer designs must be considered to achieve high availability? (Choose two.)

Which design benefit of bridge assurance is true?

Retefto the exhibit.

This network is running OSPF and EIGRP as the routing protocols Mutual redistribution of the routing protocols has been contoured on the appropriate ASBRs The OSPF network must be designed so that flapping routes m EIGRP domains do not affect the SPF runs within OSPF The design solution must not affect the way EIGRP routes are propagated into the EIGRP domains Which technique accomplishes the requirement?

While reviewing an existing network design, you are discussing the characteristics of different STP versions. Which protocol minimizes unicast flooding during a Topology Change Notification in a Layer 2 switched network with many VLANs?

Which three items do you recommend for control plane hardening of an infrastructure device? (Choose three.)

Which two possible drawbacks should you consider when introducing Network Functions Virtualization in a network design? (Choose two)

The major business applications of an enterprise are largely monolithic and hard-coded As part of a major modernization and overhaul of the applications the goal is to move to a modular and containerized application architecture mode At the same time decoupling from the hardware is desired to move to an on-demand provisioning However the CyberOps team mandated that the final architecture must provide the same security levels as an air-gapped data center. Which cloud architecture meets these requirements?

An engineer must design a network for a company that uses OSPF LFA to reduce loops. Which type of loop would be reduced by using this design?

Refer to the exhibit.

An engineer has been asked to redesign the traffic flow toward AS 111 coming from AS 500.Traffic destined to AS 111 network 91 7 0.0/16 should come in via AS 100. while traffic destined to all other networks in AS 111 should continue to use the existing path Which BGP attributes are best suited to control this inbound traffic coming from BGP AS 500 Into the 91.7.0.0/16 network?

You are designing the QoS policy for a company that is running many TCP-based applications. The company is experiencing tail drops for these applications. The company wants to use a congestion avoidance technique for these applications. Which QoS strategy can be used to fulfill the requirement?

Drag and drop the end-to-end network virtualization elements from the left onto the correct network areas on the right.

The Layer 3 control plane is the intelligence over the network that steers traffic toward its intended destination. Which two techniques can be used in service provider-style networks to offer a more dynamic, flexible, controlled, and secure control plane design? (Choose two.)

Refer to the exhibit.

ACME Mining has four data centers in Santiago. Cape Town. Mumbai, and Beijing, full-mesh connected via a 400 Mb/s EVP-LAN They want to deploy a new mission-critical application with these

requirements:

clusterheartbeat2Mb/s continuous (250 KB/s)

cluster heartbeat one-way maximum latency 100 ms

These are the current ping tests results between the four data centers:

Which hosting data center pair can host the new application?

Sometimes SDN leverages various overlay networking technologies to create layer(s) of network abstraction. What describes an overlay network?

The Company XYZ network is experiencing attacks against their router. Which type of Control Plane Protection must be used on the router to protect all control plane IP traffic that is destined directly for one of the router interfaces?

Two companies need to implement an extranet overlay network solution by using a VPN tunnel over the internet to use each other's HTTP REST APIs The solution must only provide data integrity because data confidentiality will be covered at the application layer The existing firewall devices will be used as VPN endpoints for the tunnel but they have limited available resources Which type of VPN tunnel must be deployed for the extranet service?

A company requires an RPO of less than 10 seconds to ensure business continuity. Which technology should be deployed?

When designing a WAN that will be carrying real-time traffic, what are two important reasons to consider serialization delay? (Choose two )

The network designer needs to use GLOP IP address in order make them unique within their ASN, which

multicast address range will be considered?

A product manufacturing organization is integrating cloud services into their IT solution The IT team is working on the preparation phase of the implementation approach, which includes the Define Strategy step. This step defines the scope of IT, the application, and the service What is one topic that should be considered in the Define Strategy step?

As technologies such as big data, cloud, and loT continue to grow, so will the demand for network bandwidth Business strategies must be flexible to accommodate these changes when it comes to priorities and direction and the network design strategy also must be agile and adaptable Drag and drop the benefits from the left onto the corresponding strategic approaches on the right as they relate to network design and management.

The SD-WAN architecture is composed of separate orchestration management, control, and data planes Which activity happens at the orchestration plane?

A company created an IPv6 adoption plan for its campus network that requires dual-stack connectivity on the network Campus users must have IPv6 connectivity to an HR management application which is the first IPv6-only application hosted in the company s data center. Which two security mechanisms can be used to prevent a malicious user from masquerading as the IPv6 gateway? (Choose two)

An enterprise wants to migrate an on-premises network to a cloud network, and the design team is finalizing the overall migration process. Drag and drop the options from the left into the correct order on the right.

Which design solution reduces the amount of IGMP state in the network?

What is a characteristic of a secure cloud architecture model?

Your network operations team is deploying Access Control Lists (ACLs) across your Internet gateways They wish to place an ACL inbound on the Internet gateway interface facing the core network (the "trusted" interface). Which IP address would the ACL need for traffic sourced from the inside interface, to match the source address of the traffic?

Refer to the exhibit.

A customer needs to implement a connectivity model by using one active link for inbound and outbound traffic and a second link for backup The backup link is low speed and is required only during outages of the primary link. Which design solution should be implemented?

An engineer must redesign the QoS strategy for Company XYZ The current network is experiencing many dropped packets due to oversubscription of the guaranteed bandwidth allocated by the service provider. Company XYZ wants a design with a QoS strategy that controls the traffic flow leaving the Edge router to minimize packet drops Which QoS technique can be recommended as a solution?

A business wants to centralize services via VDI technology and to replace remote WAN desktop PCs with thin client-type machines to reduce operating costs Which consideration supports the new business requirement?

Refer to the exhibit. An architect must design an enterprise WAN that connects the headquarters with 22 branch offices. The number of remote sites is expected to triple in the next three years. The final solution must comply with these requirements:

Only the loopback address of each of the enterprise CE X and Y routers must be advertised to the interconnecting service provider cloud network.

The transport layer must carry the VPNv4 label and VPN payload over the MP-BGP control plane.

The transport layer must not be under service provider control.

Which enterprise WAN transport virtualization technique meets the requirements?

Refer to the exhibit.

After a network audit a network engineer must optimize the current network convergence time The proposed solution must consider link layer and control plane failures. Which solution meets the requirements?

In a redundant hub and spoke "wheel" design, all spokes are connected to the hub, and spokes are connected to other spokes as well. During failure on one spoke link, the traffic from that site can be sent to a neighboring site for it to be forwarded to the hub site. But during peak hours, a link is overloaded and traffic is re-routed to a neighbor, which subsequently becomes overloaded. This overload results in network traffic oscillation as the load varies at each spoke site. This design provides more redundancy but not more resiliency because the routing protocol must process many alternate paths to determine the lowest cost path. Which two design

changes help to improve resilience in this case? (Choose two.)

A network uses an SDN architecture with switches and a centralized controller What should be on the switches but not on the controller?

You have been tasked with designing a data center interconnect as part of business continuity You want to use FCoE over this DCI to support synchronous replication. Which two technologies allow for FCoE via lossless Ethernet or data center bridging? (Choose two.)

Which two advantages of using DWDM over traditional optical networks are true? (Choose two.)

Refer to the exhibit.

For Company XYZ Bangkok is using ECMP to reach the 172 20 2 0/24 network The company wants a design that would allow them to forward traffic from 172 16 2 0/24 toward 172 20 2 0/24 via the Singapore router as the preferred route The rest of the traffic should continue to use ECMP Which technology fulfills this design requirement?

While computer networks and sophisticated applications have allowed individuals to be more productive the need to prepare for security threats has increased dramatically A six-step methodology on security incident handling has been adopted by many organizations including service providers enterprises, and government organizations to ensure that organizations are aware of significant security incidents and act quickly to stop the attacker, minimize damage caused, and prevent follow on attacks or similar incidents in the future Drag and drop the actions on the left to the targets on the right in the correct order.

Most security monitoring systems use a signature-based approach to detect threats In which two instances are systems based on Network Behavior Anomaly Detection better than signature-based systems when it comes to detecting security threat vectors'? (Choose two.)

Refer to the exhibit.

The WAN network of the General Bank of Greece has experienced several outages It takes too long to activate a new branch site The networking department of the bank plans to upgrade the legacy end-of-life WAN network with a new flexible manageable, and scalable in-house solution The number of branches will increase exponentially in the next fiscal year The CTO states that the bank’s mam goal is OPEX reduction The network engineering team prepares a table to evaluate the available options Which WAN technology can be used for the solution?

What are two common approaches to analyzing and designing networks? (Choose two.)

Which two characteristics are associated with 802 1s? (Choose two)

An engineer is designing a DMVPN network where OSPF has been chosen as the routing protocol A spoke-to-spoke 'J

You have been asked to design a high-density wireless network for a university campus. Which two principles would you apply in order to maximize the wireless network capacity? (Choose two.)

Network operators have many options available, from fully centralized to fully distributed control planes, and each approach has its own set of characteristics. Drag and drop the characteristics from the left onto the corresponding approach on the right.

Which two benefits can software defined networks provide to businesses? (Choose two.)

An architect receives a business requirement from a CTO that states the RTO and RPO for a new system should be as close as possible to zero. Which replication method and data center technology should be used?

Company XYZ uses an office model where the employees can use any open desk and plug their laptops in. They want to authenticate the end users using their domain username and password before allowing them access to the network. The design must also accommodate the ability of controlling traffic within the same group or subnet if a macro (or micro) segmentation-based model is adopted in the future. Which protocol can be recommended for this design to authenticate end users?

Company XYZ wants to redesign the Layer 2 part of their network and wants to use all available uplinks for increased performance. They also want to have end host reachability supporting conversational learning. However, due to design constraints, they cannot implement port-channel on the uplinks. Which other technique can be used to make sure the uplinks are in active/active state?

A network engineering team is in the process of designing a lab network for a customer demonstration. The design engineer wants to show that the resiliency of the MPLS traffic Engineering Fast Reroute solution has the same failover/failback times as a traditional SONET/SDH network (around 50MSEC). In order to address both link failure and node failure within the lab typology network, which type of the MPLS TE tunnels must be considered for this demonstration?

Which issue poses a challenge for security architects who want end-to-end visibility of their networks?

Which solution component helps to achieve comprehensive threat protection and compliance for migration to multicloud SDX architectures?

An enterprise network has two core routers that connect to 200 distribution routers and uses full-mesh IBGP peering between these routers as its routing method. The distribution routers are experiencing high CPU utilization due to the BGP process. Which design solution is the most cost effective?

Company XYZ is running SNMPv1 in their network and understands that it has some flaws. They want to change the security design to implement SNMPv3 in the network Which network threat is SNMPv3 effective against?

Company XYZwants to implement an IPS device to detect and block well-known attacks against their network They want a design solution where all packets that are forwarded to the network are checked against a signature database before being allowed through This check must be done with the minimum effect on performance. Which design is recommended?

The controller has a global view of the network, and it can easily ensure that the network is in a consistent and optimal configuration. Which two statements describe a centralized SDN control path? (Choose two.)

What is a country-specific requirement that data is subject to the laws of the country in which it is collected or processed and must remain within its borders?

A network security team uses a purpose-built tool to actively monitor the campus network, applications, and user activity. The team also analyzes enterprise telemetry data from IPFIX data records that are received from devices in the campus network. Which action can be taken based on the augmented data?

Which two statements about MLD snooping are true? (Choose two)

Which service abstracts away the management of the operating system, middleware, and runtime?

An architect receives a functional requirement for a NAC system from a customer security policy stating that if a corporate Wi-Fi device does not meet current AV definitions, then it cannot access the corporate network until the definitions are updated. Which component should be built into the NAC design?

As a network designer you need to support an enterprise with hundreds of remote sites connected over a single WAN network that carries different types of traffic, including VoIP, video, and data applications which of following design considerations will not impact design decision?

Refer to the exhibit.

This network is running OSPF as the routing protocol. The internal networks are being advertised in OSPF London and Rome are using the direct link to reach each other although the transfer rates are better via Barcelona Which OSPF design change allows OSPF to calculate the proper costs?

Which layer of the SDN architecture orchestrates how the applications are given the resources available in the network?

An enterprise that runs numerous proprietary applications has major issues with its on-premises server estate hardware, to the point where business-critical functions are compromised. The enterprise accelerates plans to migrate services to the cloud. Which cloud service should be used if the enterprise wants to avoid hardware issues yet have control of its applications and operating system?

The General Bank of Greece plans to upgrade its legacy end-of-life WAN network with a new flexible, manageable, and scalable solution. The mam requirements are ZTP support, end-to-end encryption application awareness and segmentation. The CTO states that the main goal of the bank is CAPEX reduction. Which WAN technology should be used for the solution?

In the wake of a security compromise incident where the internal networks were breached by an outside attacker at the perimeter of the infrastructure, an enterprise is now evaluating potential measures that can help protect against the same type of incident in the future. What are two design options that can be employed? (Choose two)

Company XYZIs runningaredundant private WAN network using OSPF as the underlay protocol The current design accommodates for redundancy In the network, but it Is taking over 30 seconds for the network to reconverge upon failure Which technique can be Implemented In the design to detect such a failure in a subsecond?

Company XYZhas two offices connected to each other over unequal redundant paths and they are running OSPF as the routing protocol An external network architect recommends BFD for OSPF Which effect would BFD have in the case of a link failure?

In an OSPF network with routers connected together with Ethernet cabling, which topology typically takes the longest to converge?

A green data center is being deployed and a design requirement is to be able to readily scale server virtualization Which IETF standard technology can provide this requirement?

Refer to the exhibit.

Which impact of using three or more ABRs between the backbone area and area 1 is true?

Which two technologies enable multilayer segmentation? (Choose two.)

In search of a system capable of hosting, monitoring compiling. and testing code in an automated way, what can be recommended to the organization?

Which tool automates network implementation activities and shortens the implementation lifecycle?

Company XYZasksfor design recommendationsfor Layer2redundancy. Thecompanywants to prioritize fast convergence and resiliency elements. In the design. Which two technologies are recommended? (Choose two.)

Which two statements explain the operation of BFD asynchronous mode? (Choose two )

Your company utilizes many different types of network transports and you want to increase the efficiency of the network Which solution can be used to improve network efficiency over PPPoE IPsec, and GRE networks'?

Drag and drop the multicast protocols from the left onto the current design situation on the right.

Drag and drop the characteristics from the left onto the corresponding network management options on the right.

Which three characteristics of the Single Tier and the Dual Tier Headend Architectures for DMVPN designs are true? (Choose three.)

What is a connection service inside a data center that provides direct connectivity to a cloud provider?

Company XYZis runningOSPFin their network. They have merged with another company that is running EIGRP as the routing protocol. Company XYZ now needs the two domains to talk to each other with redundancy, while maintaining a loop free environment. The solution must scale when new networks are added into the network in the near future. Which technology can be used to meet these requirements?

Which BGP feature provides fast convergence?

Which security architecture component offers streamlined security operations, ease of use, and visibility across all network security elements, independent of location or form factor?

A European national bank considers migrating its on-premises systems to a private cloud offering in a non-European location to significantly reduce IT costs. What is a primary factor prior to migration?

Refer to the table.

A customer investigates connectivity options for a DCI between two production data centers to aid a large-scale migration project. The migration is estimated to take 20 months to complete but might extend an additional 10 months if issues arise. All connectivity options meet the requirements to migrate workloads. Which transport technology provides the best ROI based on cost and flexibility?

Drag and drop the design use cases from the left onto the correct uRPF techniques used to prevent spoofing attacks Not all options are used.

Company XYZ has two routing domains in their network, EIGRP and OSPF. The company wants to provide full reachability between the two domains by implementing redistribution on a router running both protocols. They need to design the redistribution in a way that the OSPF routers will see link costs added to external routes. How must the redistribution strategy be designed for this network?

Refer to the exhibit.

This network is running EIGRP as the routing protocol and the internal networks are being advertised in EIGRP. Based on the link speeds, all traffic between London and Rome is getting propagated via Barcelona and the direct link between London and Rome is not being utilized under normal working circumstances. The EIGRP design should allow for efficiency in the routing table by minimizing the routes being exchanged. The link between London and Rome should be utilized for specific routes. Which two steps accomplish this task? (Choose two.)

An enterprise wants to provide low-cost delivery of network systems that can be scaled on business demand, followed by an initiative to reduce capital expenses for new IT equipment. Which technology meets these goals'?

The Agile release train workflow focuses on tasks which can be accomplished reliably and efficiently Scrum and Kanban are two of the most popular Agile frameworks, but both have a specific use case based on the implementation requirements In which two situations are Kanban the ideal framework to use”? (Choose two.)

The CIA triad is foundational to information security, and one can be certain that one or more of the principles within the CIA triad has been violated when data is leaked or a system is attacked Drag and drop the countermeasures on the left to the appropriate principle section on the right in any order

Traditionally, infrastructure is not managed using code, but instead it is managed and provisioned manually which can cause potential issues On the other side, infrastructure as code brings several advantages What is a benefit of infrastructure as code?

A business wants to refresh its legacy Frame Relay WAN. It currently has product specialists in each of its 200 branches but plans to reduce and consolidate resources. The goal is to have product specialists available via video link when customers visit the nationwide branch offices. Which technology should be used to meet this objective?

Which action must be taken before new VoIP systems are implemented on a network to ensure that the network is ready to handle the traffic?

Which two actions ensure voice quality in a branch location with a low-speed, high-latency WAN connection? (Choose two.)

You have been asked to design a remote access VPN solution to support up to 2000 devices. You must ensure that only corporate assets are allowed to connect to the VPN, and users must authenticate to gain access of their based on their user role. Users must use a password that they are already using to access existing applications . A user may not always use the same device to access the VPN. Which two options combined meet the requirements? (Choose two)

An IT service provider is upgrading network infrastructure to comply with PCI security standards. The network team finds that 802.1X and VPN authentication based on locally-significant certificates are not available on some legacy phones.

Which workaround solution meets the requirement?

An external edge router provides connectivity from a service provider to an enterprise Which two Internet edge best practices meet compliance regulations'? (Choose two )

Various teams in different organizations within an enterprise are preparing low-level design documents to capture network parameters using a Waterfall project model:

• hardware sizing and power consumption

• Layer 2 and layer 3 services parameters

• configuration of all control plane protocols

Input from relevant stakeholders was captured at the start of the project, and the project scope has been defined based on the parameters above. What impact will it have on documentation and project deliverables if the stakeholders ask to have changes carried out in the network before the information has been captured?

An engineer is designing the QoS strategy for Company XYZ. Based on initial analysis, a lot of scavenger type of traffic is traversing the network's 20Mb Internet link toward the service provider. The new design must use a QoS technique that limits scavenger traffic to 2 Mbps, which helps avoid oversubscription of the link during times of congestion. Which QoS technique can be used to facilitate this requirement?

An architect designs a multi-controller network architecture with these requirements:

Achieve fast failover to control traffic when controllers fail.

Yield a short distance and high resiliency in the connection between the switches and the controller.

Reduce connectivity loss and enable smart recovery to improve the SDN survivability.

Improve connectivity by adding path diversity and capacity awareness for controllers.

Which control plane component of the multi-controller must be built to meet the requirements?

Company XYZ wants to prevent switch loops caused by unidirectional point-point-link condition on Rapid FVST + and MST. Which technology can be used in the design to meet this requirement?

As part of a new network design documentation, you are required to explain the reason for choosing cisco FabricPath for Layer 2 loop avoidance.

Which two elements help Cisco FabricPath mitigate Layer 2 loops if they happen in the Layer 2 MP network?

(Choose two)

A thorough examination of the curant network infrastructure has revealed that several devices have an unusual high CPU load A traffic analysis indicates that control plane protocols and management traffic are affected as the devices are busy processing inbound traffic The networking team is working on updating their design for the entre network to handle situations like this Which feature or technology can be added to help mitigate the problem?

Which two statements describe the usage of the IS-IS overload bit technique? (Choose two )

A key to maintaining a highly available network is building in the appropriate redundancy to protect against failure. This redundancy is carefully balanced with the inherent complexity of redundant systems. Which design consideration is relevant for enterprise WAN use cases when it comes to resiliency?

Company XYZ branch offices connect to the headquarter sites using two links, MPLS and Internet. The company wants to design the traffic flow so that voice traffic goes through the MPLS link and all other traffic uses either the MPLS link or the Internet link. Which technique can the company use in their design to ensure that the traffic is not process switched?

Which two features are advantages of SD-WAN compared to MPLS-based connectivity? (Choose two.)

Company ABC uses IPv4-only. Recently they started deploying new endpoint devices. For operational reasons, IPv6 cannot be disabled on these new endpoint devices. Which security measure prevents the new endpoint from learning an IPv6 prefix from an attacker?

Enterprise XYZ wants to implement fast convergence on their network and optimize timers for OSPF However they also want to prevent excess flooding of LSAs if there is a constantly flapping link on the network Which timers can help prevent excess flooding of LSAs for OSPF?

Drag and drop the correct mitigation methods from the left onto the corresponding types of attack on the right

Company XYZ is connecting its sites over a private WAN The company is planningon implementing multicast routing on the network. The company has a mixture ofroutersfromdifferentvendorsWhichtechniquecanbeusedinthemulticastroutingdesigntominimize PIMsparsemodeconfigurations?