Master 2025 Latest The Questions CCNP Enterprise and Pass 300-420 Real Exam!
Penetration testers simulate 300-420 exam PDF
NEW QUESTION # 31
An engineer must design a VPN solution for a company that has multiple branches connecting to a main office. What are two advantages of using DMVPN instead of IPsec tunnels to accomplish this task? (Choose two.)
- A. greater scalability
- B. support for anycast gateway
- C. support for AES 256-bit encryption
- D. lower traffic overhead
- E. dynamic spoke-to-spoke tunnels
Answer: A,E
Explanation:
Greater scalability: DMVPN is a more scalable solution than IPsec tunnels. This is because DMVPN uses a hub-and-spoke topology, which allows for the easy addition or removal of spokes without having to reconfigure the entire network. IPsec tunnels, on the other hand, are point-to- point connections, which can be more difficult to scale.
Dynamic spoke-to-spoke tunnels: DMVPN supports dynamic spoke-to-spoke tunnels. This means that tunnels are only created between spokes when they need to communicate with each other.
This can help to reduce traffic overhead and improve performance. IPsec tunnels, on the other hand, are static tunnels, which means that they are always up, even when they are not needed.
NEW QUESTION # 32
What are three key concepts that apply when configuring the EIGRP stub routing feature in a hub and spoke network? (Choose three.)
- A. Only remote routers are configured as stubs.
- B. A stub router should have only EIGRP hub routers as neighbors.
- C. Spoke routers connected to hub routers answer the route queries for the stub router.
- D. EIGRP stub routing should be used on hub routers only.
- E. Stub routers are not queried for routes.
- F. A hub router prevents routes from being advertised to the remote router.
Answer: A,B,E
NEW QUESTION # 33
In a cisco SD-Access brownfield deployment scenario, which configuration deployment must be taken with Cisco DNA center?
- A. Automated UNDERLAY
- B. Subnet stretching
- C. Manual underlay
- D. LAN automation
Answer: D
NEW QUESTION # 34
A network solution is being designed for a company that connects to multiple Internet service providers. Which Cisco proprietary BGP path attribute will influence outbound traffic flow?
- A. Community
- B. AS Path
- C. Weight
- D. MED
- E. Local Preference
Answer: C
Explanation:
Weight is Cisco proprietary and is the first decision of all path attributes to influence outbound traffic on a singular router. Weight is non-transitive and will only influence routes as they leave that device.
NEW QUESTION # 35
How are wireless endpoints registered in the HTDB in a Cisco SD-Access architecture?
- A. Border nodes first register endpoints and then update the HTDB
- B. Fabric APs update the HTDB with the clients' ElD and RLOC
- C. Fabric WLCs update the HTDB as new clients connect to the wireless network
- D. Fabric edge nodes update the HTDB based on CAPPWAP messaging from the AP
Answer: C
NEW QUESTION # 36
Drag and drop the description from the left onto the corresponding WAN connectivity types and categories on the right.
Answer:
Explanation:
Explanation
Diagram Description automatically generated
NEW QUESTION # 37
What is the purpose of Cisco vBond as a Session Traversal Utilities for NAT server?
- A. provide Zero-Touch Provisioning to Cisco Catalyst SD-WAN vEdge devices
- B. secure data traffic between Cisco Catalyst SD-WAN edge routers that use IPsec
- C. integrate Cisco SD-Access Wireless into the fabric
- D. allow Cisco Catalyst SD-WAN routers to locate their own mapped IP addresses
Answer: A
NEW QUESTION # 38
An architect is designing a network that will utilize the spanning tree protocol to ensure a loop-free topology.
The network will support an engineering environment where it is necessary for end users to connect their own network switches for testing purposes. Which feature should the architect include in the design to ensure the spanning tree topology is not affected by these rogue switches?
- A. root guard
- B. BPDU guard
- C. BPDU Skew Detection
- D. loop guard
Answer: A
Explanation:
Section: Advanced Enterprise Campus Networks
NEW QUESTION # 39
When designing interdomain multicast, which two protocols are deployed to achieve communication between multicast sources and receivers? (Choose two.)
- A. BIDIR-PIM
- B. IGMPv2
- C. MLD
- D. MSDP
- E. MP-BGP
Answer: D,E
Explanation:
Section: Network Services
NEW QUESTION # 40
Which design consideration should be observed when EIGRP is configured on Data Center switches?
- A. Lower EIGRP hello and hold timers to their minimum settings to ensure rapid route reconvergence.
- B. Prevent unnecessary EIGRP neighborships from forming across switch virtual interfaces.
- C. Configure multiple EIGRP autonomous systems to segment Data Center services and applications.
- D. Perform manual summarization on all Layer 3 interfaces to minimize the size of the routing table.
Answer: D
Explanation:
Section: Advanced Addressing and Routing Solutions
NEW QUESTION # 41
An engineer is upgrading a company's main site to include a connection to a second ISP. The company will receive full Internet routing tables from both ISPs via BGP. The engineer must ensure that the company does not become a transit autonomous system. Which solution should be included in this design?
- A. Lower the MED for updates sent to the secondary ISP.
- B. Modify the local-preference for routes incoming from the primary ISP.
- C. Tag incoming routes from both ISPs with BGP community no-export.
- D. Use a route-map to prevent all prefixes from being advertised to either ISP.
Answer: C
Explanation:
There are 4 methods how you can prevent becoming a transit AS:
- Filter-list with AS PATH access-list.
- No-Export Community.
- Prefix-list Filtering
- Distribute-list Filtering
https://networklessons.com/bgp/bgp-prevent-transit-as
NEW QUESTION # 42
A network engineer must design an MSDP multicast solution to provide RP resilience in a network with two separate domains. Also, multicast sources and receivers must register with the local RP. Which solution must the engineer choose?
- A. Configure the RP priority with the same value, and traffic will route to the closest RP
- B. Configure the RP loopback interface with the same IP address/32, and traffic will route to the closest RP
- C. Configure the RP group ranges to split the multicast traffic, and traffic will route to the longest match
- D. Configure the RP has value to 0, and traffic will route to the closest RP
Answer: B
Explanation:
Two or more RPs are configured with the same IP address (for example, 10.0.0.1) on loopback interfaces. The loopback address should be configured with a 32-bit mask. All the downstream routers are configured so that they know that 10.0.0.1 is the IP address of their local RP. IP routing automatically selects the topologically closest RP for each source and receiver.
https://www.cisco.com/c/en/us/td/docs/ios/solutions_docs/ip_multicast/Phase_1/mcstmsdp/mcst_ p1.html
NEW QUESTION # 43
Drag and drop the elements from the left onto the YANG models where they and used on the right.
Answer:
Explanation:
Explanation
Diagram Description automatically generated
NEW QUESTION # 44
What is the purpose of an edge node in an SD-Access network fabric?
- A. Edge nodes identify and authenticate endpoints and register endpoint information with control plane nodes.
- B. Edge nodes track endpoint IDs to location mappings, along with IPv4, IPv6, or MAC addresses.
- C. Edge nodes resolve lookup requests from edge and border nodes to locate destination endpoint IDs.
- D. Edge nodes are the gateway between the fabric domain and network outside of the fabric.
Answer: A
NEW QUESTION # 45
Refer to the exhibit. Which process does the Ethernet LMI protocol follow that is defined by the MEF 16 Technical Specification?
- A. communicates ENI and EVC attributes to the CE
- B. broadcasts multicast network routes from the CE to the PE
- C. broadcasts to all subnets from the CE when an EVC is added
- D. notifies the CE of the availability state of a configured EVC
Answer: A
NEW QUESTION # 46
......
Penetration testers simulate 300-420 exam: https://validdumps.free4torrent.com/300-420-valid-dumps-torrent.html