What is the result during a WAN Edge software upgrade process if the version of the WAN Edge software is higher than the one running on a controller device?
Which component is used for stateful inspection of TCP, UDP. and ICMP flows in Cisco SD-WAN firewall policies?
Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?
Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?
Refer to the exhibit A WAN Edge device was recently added to vManage but a control connection could not be established Which action resolves this issue?
Which control policy assigned to Drenches in the out direction establishes a strict hub-and-spoke topology tor VPN2?
A)
B)
C)
D)
Customer has two branch silos with overlapping IPs How must the data policy be configured to establish communication between the sites and server to avoid overlapping?
A)
B)
C)
D)
An engineer is configuring a shaping rate of 1 Mbps on the WAN link of a WAN Edge router Which configuration accomplishes this task’?
The Cisco SD-WAN engineer is configuring service chaining for a next-generation firewall located at the headquarters. Which configuration creates the service?
A)
B)
C)
D)
Which two algorithms authenticate a user when configuring SNMPv3 monitoring on a WAN Edge router? (Choose two.)
When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?
Which two prerequisites must be met before the Cloud onRamp for laaS is initiated on vManage to expand to the AWS cloud? (Choose two)
Drag and drop the REST API calls from the left onto the functions on the right.
Refer to the exhibit. A user in the branch is connecting to Office 365 for the first time. Over which path does the branch WAN Edge router traffic follow?
Refer to the exhibit The network team must configure El GRP peering at HQ with devices in the service VPN connected to WAN Edge CSRv. CSRv is currently configured with
A)
B)
C)
D)
What is the default value (in milliseconds) set tor the poll interval in the BFD basic configuration?
What is an advantage of using auto mode versus static mode of power allocation when an access point is connected to a PoE switch port?
Refer to the exhibit.
vManage and vSmart have an issue establishing a connection to vBond. Which configuration resolves the issue?
Refer to the exhibit.
The SD-WAN network is configured with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use MPLS TLOC as the preferred TLOC when communicating with Rome site. Which configuration must the engineer use to create a list to select MPLS color toward the Rome TLOC?
A)
B)
C)
D)
Refer to the exhibit. The network administrator has configured a centralized topology policy that results in the displayed routing table at a branch office. Which two configurations are verified by the output? [Choose two.)
An engineer wants to automate the onboarding process for a WAN Edge router with vManage. Which command will accomplish this?
Refer to exhibit.
An engineer is troubleshooting tear down of control connections even though a valid Certificate Serial Number is entered Which two actions resolve the Issue? (Choose two)
An engineer wants to track tunnel characteristics within an SLA-based policy for convergence. Which policy configuration will achieve this goal?
Refer to the exhibit.
An engineer is troubleshooting an issue where vManage and vSmart have a problem establishing a connection to vBond. Which action fixes the issue?
Refer to the exhibit.
An engineer is configuring service chaining. Which set of configurations is required for all traffic from Site ID 1 going toward Site ID 2 to get filtered through the firewall on the hub site?
A)
B)
C)
D)
Drag and drop the policies from the left onto the correct policy types on the right.
An organization requires the use of integrated preventative engines, exploit protection, and the most updated and advanced signature-based antivirus with sandboxing and threat intelligence to stop malicious attachments before they reach users and get executed. Which Cisco SD-WAN solution meets the requirements?
What are the two functions of vSmart? (Choose two)
Which two criteria ate supported to filter traffic on a Cisco Umbrella Cloud-delivered firewall? (Choose two )
Which command on a WAN Edge device displays the information about the colors present in the fabric that are learned from vSmart via OMP?
Which port is used for vBond under controller certificates if no alternate port is configured?
Which two actions are necessary to set the Controller Certificate Authorization mode to indicate a root certificate? (Choose two)
Which two image formats are supported for controller codes? (Choose two.)
Which component is responsible for routing protocols such as BGP and OSPF in a Cisco SD-WAN solution?
Which configuration allows VPN 10 traffic to have direct internet access locally from the WAN Edge device?
A)
B)
C)
D)
Which secure tunnel type should be used to connect one WAN Edge router to other WAN Edge routers?
Which protocol detects path status (up/down), measures loss/latency/jitter, and measures the quality of the IPsec tunnel MTU?
Which VPNs must be configured outside the workflow to complete the SD-WAN overlay setup when using the Quick Connect workflow?
Which protocol is used between redundant vSmart controllers to establish a permanent communication channel?
A customer is receiving routes via OMP from vSmart controller for a specific VPN. The customer must provide access to the W2 loopback received via OMP to the OSPF neighbor on the service-side VPN, which configuration fulfils these requirements?
An engineering team must prepare a traffic engineering policy where an MPLS circuit is preferred for traffic coming from the Admin VLAN Internet should be used as a backup only. Which configuration fulfill this requirement?
A)
B)
C)
D)
How is the scalability of the vManage increased in Cisco SD-WAN Fabric?
Which table is used by the vSmart controller to maintain service routes of the WAN Edge routers in the hub and local branches?
What is the main purpose of using TLOC extensions in WAN Edge router configuration?
Refer to the exhibit.
Customer XYZ cannot provision dual connectivity on both of its routers due to budget constraints but wants to use both R1 and R2 interlaces for users behind them for load balancing toward the hub site. Which configuration achieves this objective?
Which protocol Is used by the REST API to communicate with network services in the Cisco SO-WAN network?
An administrator must configure an ACL for traffic coming in from the service-side VPN on a specific WAN device with circuit ID 391897770. Which policy must be used to configure this ACL?
A network administrator configures SNMPv3 on a Cisco WAN Edge router from CLI for monitoring purposes How many characters are supported by the snmp user
Refer to the exhibit The network team must configure ElGRP peering at HQ with devices in the service VPN connected to WAN Edge CSRv. CSRv is currently configured with
Which configuration on the WAN Edge meets the requiremnet
A)
B)
C)
D)
Which VPN must be present on at least one interface to install Cisco vManage and integrate it with WAN Edge devices in an overlay network site ID:S4307T7E78F29?
Which feature allows reachability to an organization’s internally hosted application for an active DNS security policy on a device?
What are two attributes of vRoute? (Choose two)
A voice packet requires a latency of 50 msec. Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?
Refer to the exhibit. The Cisco SD-VYAN is deployed using the default topology. The engineer v/ants to configure a service insertion policy such that all data traffic between Rome to Paris is forwarded through the NGFW located in London. Which configuration fulfills this requirement, assuming that the Sen/ice VPN ID is 1?
A)
B)
C)
D)
I
In which file format is a critical severity report downloaded from the MONITOR I ALARM tab in the vManage GUI?
How should the IP addresses be assigned for all members of a Cisco vManage cluster located in the same data center?
Which encryption algorithm secures binding exchanges Between Cisco TrustSec SXP peers?
Which Cisco SD-WAN component the initial communication between WAN Edge devices to join the fabric?
How does the replicator role function in cisco SD-WAN?
When redistribution is configured between OMP and BGP at two Data Center sites that have Direct Connection interlink, which step avoids learning the same routes on WAN Edge routers of the DCs from LAN?
What is the size of SGT data in the metadata header?
An engineer creates this data policy for DIA for VPN 10:
Which policy sequence enables DIA for external networks?
What is the minimum Red Hat Enterprise Linux operating system requirement for a Cisco SD-WAN controller deployment via KVM?
What is the default value for the number of paths advertised per prefix in the OMP feature template?
Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?
Which component of the Cisco SD-WAN control plane architecture facilitates the storage of certificates and configurations for network components?
Refer to the exhibit. An enterprise decides to use the Cisco SD-WAN Cloud onRamp for SaaS feature and utilize H.Q site Biz iNET to reach SaaS Cloud for branch C. currently reaching SaaS Cloud directly. Which role must be assigned to devices at both sites in vManage Cloud Express for this solution to work?
Which two virtualized environments are available for a company to install the controllers using the on-premises model? (Choose two )
Refer to the exhibit, Which configuration routes Site 2 through the firewall in Site 1?
Refer to the exhibit.
Which two configurations are needed to get the WAN Edges registered with the controllers when certificates are used? (Choose two)
Which two products are used to deploy Cisco WAN Edge Router virtual platforms? (Choose two.)
Which pathway under Monitor > Network > Select Device is used to verify service insertion configuration?
A network administrator is creating an OMP feature template from the vManage GUI to be applied to WAN edge routers. Which configuration attribute will avoid the redistribution of the routes back into the OMP from the LAN side?
An organization wants to discover monitor and track the applications running on the WAN Edge device on the LAN Which configuration achieves this goal?
Which TCP Optimization feature is used by WAN Edge to prevent unnecessary retransmissions and large initial TCP window sizes to maximize throughput and achieve a better quality?
Which multicast component is irrelevant when defining a multicast replicator outside the local network without any multicast sources or receivers?
Refer to the exhibit vManage and vBond have an issue establishing a connection to vSmart Which two actions does the administrator take to fix the issue? (Choose two)
Install the certificate received from the certificate server.
Which alarm setting is configured to monitor serious events that affect but do not shut down, the operation of a network function?
What is the order of operations for software upgrades of Cisco SD-WAN nodes'?
What must an engineer conewef when decoying an SD-WAN on-pfemlses architecture based on ESXi hypervisor?
Refer to the exhibit.
Customer XYZ cannot provison dual connectivity on both Its routers due to budget constratnts but wants to use tnth RI and R2 interface for users behind them for load toward the hub site Which configurauon achieves this objectives?
A)
B)
C)
D)
Which two mechanisms are used by vManage to ensure that the certificate serial number of the WAN Edge router that is needed to authenticate is listed in the WAN Edge Authorized Señal Number Hst’ (Choose two)
Which hardware component is involved in the Cisco SD-WAN authentication process for ISR platforms?
Refer to the exhibit. A network administrator is configuring OSPF advanced configuration pararmeters from a template using the vManager GUI for a branch WAN Edge router to calculate the cost of summary routes to an ASBR. Which action achieves this configuration?
In which VPN is the NAT operation on an outgoing interface configured for direct Interne! access?
Which data policy configuration influences BGP routing traffic flow from LAN to WAN?
A)
B)
C)
D)
Refer to the exhibit. An enterprise network is connected with an ISP network on an 80 Mbps bandwidth link. The network operation team observes 100 Mbps traffic on the 1Gig-ISP link during peak hours Which configuration provides bandwidth control to avoid traffic congestion during peak hours?
A)
B)
C)
D)
An engineer builds a three-node vManage cluster and then realizes that multiple nodes are unnecessary for the size of the company. How should the engineer revert the setup to a single vManage?
Which two requirements must be met for DNS inspection when integrating with cisco umbrella? (Choose two)
What is the procedure to upgrade all Cisco SD-WAN devices to a recent version?
Refer to the exhibit Which configuration sets up direct Internet access for VPN 1?
A network administrator is configuring a tunnel interface on a branch Cisco IOS XE router to run TLOC extensions. Which configuration will extend a TLOC over a GRE tunnel to another router in the branch?
Which device in the SD- WAN solution receives and categorizes event reports, and generates alarms?
An engineer is troubleshooting a certificate issue on vEdge. Which command is used to verify the validity of the certificates?
Refer to the exhibit. A customer wants to deploy service insertion at site1. Which traffic from VPN 10 must route to this site through a firewall. A policy must be in place to route VPN 10 traffic from all sites toward this firewall. Which configuration must be on the vSmart controller to meet this requirement?
Which protocol runs between the vSmart controllers and WAN Edge routers when the vSmart controller acts like a route reflector?
An engineer is configuring a centralized policy to influence network route advertisement. Which controller delivers this policy to the fabric?
A bank is looking for improved customer experience for applications and reduce overhead related to compliance and security. Which key feature or features of the Cisco SD-WAN solution will help the bank to achieve their goals?
How is an event monitored and reported for an individual device in the overlay network at site ID:S4300T6E43F36?
Which IP address must be reachable by a WAN Edge device for the ZIP process to work?
At which layer does the application-aware firewall block applications on a WAN Edge?
A network administrator configures SNMFV3 on a Cisco WAN Edge router from CL I for monitoring purposes How many characters are supported by the snmp user username command?
An enterprise is continuously adding new sites to its Cisco SD-WAN network. It must configure any cached routes flushed when OMP peers have lost adjacency Which configuration allows the cached OMP routes to be flushed after every 24 hours from its routing table?
Drag and drop the route verification output from show omp tlocs from the left onto the correct explanations on the right.
Refer to the exhibit The engineering must assign tags to 3 Of its 74 server networks as soon as they are advertised to peers These server network must not be advertised AS which configuration fulfil the requirement?
A)
B)
C)
D)
Which API call retrieves a list of all devices in the network?
Drag and drop the definitions from the left to the configuration on the right.
Which type of policy must be applied on a WAN Edge application-aware firewall to control traffic between two or more VPNs?
An engineer must configure a centralized policy on a site in which all HTTP traffic should use the Public Internet circuit if the loss on this circuit is below 10%. otherwise MPLS should be used Which configuration wizard fulfils this requirement?
Refer to the exhibit.
A customer wants to implement primary and secondary Cisco SD-WAN overlay routing for prefixes that are advertised for both data centers. The east data center (TLOC 101.101.101.101) is primary for east sites, and the west data center (TLOC 100.100.100.100) is primary for west sites. Which configuration change achieves this objective?
What are the two protocols redistributed into OMP? (Choose two.)
Which encryption algorithm is used for encrypting SD-WAN data plane traffic?
Which command disables the logging of syslog messages to the local disk?
Which set of platforms must he in separate VMS as of release 16.1?
An engineer must configure two branch WAN Edge devices where an Internet connection is available and the controllers are in the headquarters. The requirement is to have IPsec VPN tunnels established between the same colors. Which configuration meets the requirement on both WAN Edge devices?
Refer to the exhibit. vManage logs are available for the past few months. A device name change deployed mistakenly at a critical site. How is the device name change tracked by operation and design teams?
A)
B)
C)
Which actions must be taken to allow certain departments to require firewall protection when interacting with data center network without including other departments? (Choose two.)
Which policy configures an application-aware routing policy under Configuration > Policies?
Copyright © 2021-2025 CertsTopics. All Rights Reserved
