Certadept share 50 High quality Cisco CCDE 352-001 exam questions and answers increase your pass rate, 352-001 PDF online Download, first attempt to pass the 352-001 exam: https://www.pass4itsure.com/352-001.html (Q&As:640)
[PDF] Free Cisco CCDE 352-001 pdf dumps download from Google Drive: https://drive.google.com/open?id=1enBiNXhZK8JX5eWRVZFjKHh9wa-G0sQW
[PDF] Free Full Cisco pdf dumps download from Google Drive: https://drive.google.com/drive/folders/1dq6fv9FX6zSDDoHc3ge-WzVU9SNaUbsH
352-001 CCDE – Cisco: https://www.cisco.com/c/en/us/training-events/training-certifications/exams/current-list/ccde.html
Latest effective Cisco CCDE 352-001 Exam Practice Tests
QUESTION 1
A multinational enterprise company has many branches in the Americas, Europe, and Asia Pacific with
headquarters in London. Branch offices use Ethernet (bandwidth range from 1 Mb/s to 10 Mb/s) as access
technology to connect to the headquarters and the regional hubs. The company is currently implementing
VolP and QoS in all their locations, and they are worried about jitter between their branches and the
headquarters. Which option reduces the effect of jitter?
A. buffering at endpoints
B. Call Admission Control
C. increase the bandwidth of the links
D. WRED
Correct Answer: A
QUESTION 2
Which option described a difference between Ansible and Puppet?
A. Ansible is client-server based and puppet is not
B. Ansible requires an agent and puppet does not
C. Ansible is python and puppet is ruby based
D. Ansible automates repetetive tasks and puppet allow you to run plain ssh commands
Correct Answer: A
QUESTION 3
In a Cisco ACI environment, which option best describes “contracts”?
A. a set of interaction rules between endpoint groups
B. a Layer 3 forwarding domain
C. to determine endpoint group membership status
D. named groups of related endpoints
Correct Answer: C
QUESTION 4
You are designing a network solution to connect a primary data center to a disaster recovery site. The
applications hosted on the site will be mainly web and email servers that are provided through a virtualized
environment. A third data center facility may also be added in the next sixth months. for this Which
connectivity type is appropriate design?
A. point-to-point GRE tunnels
B. L2TPv3
C. VPWS
D. VPLS
Correct Answer: A
QUESTION 5
Which workflow-based software solution provides automation and orchestration processes for compute,
network, and storage with support for these features? single-pane infrastructure management, support for
multiple hypervisors, storage provisioning with EMC and NetApp, abstraction of hardware and software
elements into more than 1000 programmable workflows, self-provisioning of virtual machines using
catalogs.
A. OpenStack
B. AnsibleC. Cisco Intelligent Automation for Cloud
D. Cisco UCS Director
Correct Answer: D
QUESTION 6
A company wants to prioritize voice traffic at their network edge and ensure that it has reserved some
minimum bandwidth and treated with priority in the core. QoS is not currently implemented in the core, but
MPLS with RSVP as the signaling protocol is already enabled. Which three actions do you recommend to
optimize the voice traffic in the core with minimal changes? (Choose 3)
A. Configure PHB queueing policies on every core node based on the DSCP value.
B. Create GRE tunnels through the core and configure PBR to forward the voice traffic into those tunnels.
C. Create RSVP tunnels through the core, reserving a minimum bandwidth for voice traffic.
D. Perform class-based tunnel selection to forward voice packets through MPLS tunnels in the core based
on DSCP value.
E. Enable LDP throughout the core and configure PHB queueing policies based on the MPLS EXP field.
F. Mark the voice traffic at the network edge with a specific DSCP value.
Correct Answer: CDF
QUESTION 7
Which two functions are performed at the core layer of the three-layer hierarchical network design model?
(Choose 2)
A. QoS classification and marking boundary
B. fast transport
C. reliability
D. fault isolation
E. load balancing
Correct Answer: BC
QUESTION 8
You are assisting in convergence optimization for an MPLS network. Which option should you recommend
to prevent microloops in the core backbone of the service provider?
A. RSVP-TE
B. RLFA
C. LFA
D. prefix suppression
Correct Answer: C
QUESTION 9
As the new network designer for a manufacturing company, you are designing this resilient Ethernet ring
for the plant Ethernet network that is connected to the core, which does not use STP. Both edge ports are
on the same switch in a ring segment. There is connectivity between the edge ports throughout the
segment, so you can create a redundant connection between any two switches in the ring. Which three
options are characteristics of this design? (Choose 3)
A. If a link fails, then the alternate ports quickly unblock. When the failed link comes back up, a logically
blocked port per VLAN is selected with minimal disruption to the network.
B. If all ports in the segment are operational, then two ports are in the blocked state for each VLAN.
C. If VLAN load balancing is configured, then one port in the segment controls the blocked state of
VLANs.
D. If all ports in the segment are operational, then one port is in the blocked state for each VLAN.
E. If one or more ports in a segment are not operational, thereby causing a link failure, then all portsforward traffic on all VLANs to ensure connectivity.
F. If a link fails, then the alternate ports quickly unblock. When the failed link comes back up, a physically
blocked port per VLAN is selected with minimal disruption to the network.
Correct Answer: ADE
QUESTION 10
Which are two general SDN characteristics? (Choose 2)
A. OVSDB is an application database management protocol.
B. Northbound interfaces are open interfaces used between the control plane and the data plane.
C. OpenFlow is considered one of the first Northbound APIs used by SDN controllers.
D. Southbound interface are interfaces used between the control plane and the data plane.
E. The separation of the control plane from the data plane.
Correct Answer: DE
QUESTION 11
Which two benefits can be obtained by protecting the control plane of a network device? (Choose two.)
A. Maintains remote management access to the router
B. Preserves the confidentiality of traffic encrypted by IPsec
C. Prevents the delivery of packets from spoof sources
D. Maintains routing protocol adjacencies with local neighbors
Correct Answer: AD
QUESTION 12
The service provider that you work for wants to offer IPv6 internet service to its customers without
upgrading all of its access equipment to support IPv6. Which transition technology do you recommend?
A. CGN
B. NAT64
C. dual-stack CPE
D. 6RD
Correct Answer: B
QUESTION 13
How should you compensate for jitter on an IP network so it carries real-time VolP traffic with acceptable
voice transmission quality?
A. Set up VAD to replace gaps on speech with comfort noise.
B. Set up a playout buffer to play back the voice stream.
C. Deploy RSVP for dynamic VolP packet classification.
D. Change CODEC from G.729 to G.711.
Correct Answer: B
QUESTION 14
Which three of the following security controls would you take into consideration when implementing IoT
capabilities?
A. Layered security approach
B. Place security above functionality
C. Define lifecycle controls for IoT devices
D. Privacy impact AssessmentE. Change passwords every 90 days
F. Implement intrusion detection systems on IoT Devices
Correct Answer: ACD
QUESTION 15
You must design this network for IP Fast Reroute by enabling the OSPF Loop-Free Alternates feature (not
Remote Loop-Free Alternates). Which two options are concerns about the proposed solution? (Choose 2)
A. OSPF Loop-Free Alternates is not supported on ring topologies.
B. OSPF Loop-Free Alternates on ring topologies are prone to routing loops.
C. Fast Reroute requires MPLS TE.
D. The solution is prone to microloops in case of congestion
E. OSPF Loop-Free Alternates is transport dependent.
Correct Answer: AD
QUESTION 16
You are asked to design an RSVP-TE LSP protection solution for a large service provider network. Which
traffic protection mechanism is highly scalable and ensures that multiple LSPs always terminate at the
same merge point?
A. detour LSPs
B. 1:1 protection
C. 1:N protection
D. shared-explicit reservation style
Correct Answer: C
QUESTION 17
In Layer 2 access campus design, which mechanism should be enabled on access ports to protect the
campus network from undesired access switches and looped ports?
A. root guard
B. EtherChannel guard
C. BPDU guard
D. loop guard
Correct Answer: C
QUESTION 18
Which option describes a design benefit of root guard?
A. It makes the port go immediately into the forwarding state after being connected.
B. It does not generate a spanning-tree topology change upon connecting and disconnecting a station on
a port.
C. It allows small, unmanaged switches to be plugged into ports of access switches without the risk of
switch loops.
D. It prevents switch loops by detecting one-way communications on the physical port.
E. It prevents switch loops caused by unidirectional point-to-point link condition on Rapid PVST+ and
MST.
F. It prevents switched traffic from traversing suboptimal paths on the network.
Correct Answer: F
QUESTION 19
A network is designed to use OSPF to reach eBGP peers. Which condition should be avoided so that the
eBGP peers do not flap continuously in case of link failure?A. Advertise via a non-backbone OSPF area IP addresses used on eBGP peer statements.
B. Advertise via eBGP IP addresses used on eBGP peer statements.
C. Disable BGP synchronization.
D. Use an ACL to block BGP in one direction.
Correct Answer: B
QUESTION 20
Which two IEEE standards are commonly used at the data link layer for an access network, in an loT
environment? (Choose 2)
A. 802.11
B. 802.16
C. 802.15.4
D. 1901.2 NB-PLC
E. 802.22
Correct Answer: AC
QUESTION 21
Which two steps can be taken by the sinkhole technique? (Choose two.)
A. Delay an attack from reaching its target
B. Redirect an attack away from its target
C. Monitor attack noise, scans, and other activity
D. Reverse the direction of an attack
Correct Answer: BC
QUESTION 22
What is a correct design consideration of IPv6 MLD snooping?
A. MLD snooping requires IGMP snooping to be implemented.
B. MLD snooping conserves CPU by sharing IPv4 and IPv6 multicast topology.
C. MLD snooping is used to filter all MLD queries.
D. MLD snooping conserves bandwidth on switches.
Correct Answer: D
QUESTION 23
The Middle East-based cloud service provider, CSP, is planning to launch five data centers in Egypt,
United Arab Emirates, Saudi Arabia, Qatar, and Turkey. CSP is looking for VLAN extension and DCIs
between these five data centers to allow for software replication, where original and backup VMs must be
on the same subnet. Which tunneling technology must they use?
A. VPWS
B. L2TPv3
C. IPsec VPN
D. VPLS
Correct Answer: D
QUESTION 24
A service provider wants to use a controller to automate the provisioning of service function chaining.
Which two overlay technologies can be used with EVPN MP-BGP to create the service chains in the data
center? (Choose 2)A. MPLS L2VPN
B. 802.1Q
C. MPLSoGRE
D. VXLAN
E. Provider Backbone Bridging EVPN
Correct Answer: DE
QUESTION 25
In secure IP multicast, which protocol handles group key management?
A. IPsec
B. GDOI
C. MD5
D. SHA-256
Correct Answer: B
QUESTION 26
What is a characteristic of DMVPN as related to IP multicast?
A. The RP should be placed either in the core network or on the DMVPN headend.
B. When the multicast source is at a spoke, the data flows directly towards the spokes that want to
receive the traffic.
C. Multicast on DMVPN is similar in behavior to the broadcast multi-access network.
D. The RP is typically placed at the spoke router.
Correct Answer: A
QUESTION 27
Your company requires two diverse multihop eBGP peerings to a partner network. Which two methods
should you use to improve lost peer detection? (Choose 2)
A. Use Fast Peering Session Deactivation for the peers.
B. Use sub-second keepalives for the peers.
C. Use sub-second hold timers for the peers.
D. Use sub-second minimum route advertisement Interval timers for the peers.
E. Use Selective Address Tracking and match the peers.
Correct Answer: AE
QUESTION 28
Which two Layer 2 features should be applied to the network location identified by a circle? (Choose two)
A. UDLC
B. PortFast
C. PortFast trunk
D. BPDU filter
E. loop guard
F. BPDU guard
Correct Answer: BF
QUESTION 29
When data center 2 has a spanning-tree convergence event, data center 1 also sees high CPU utilization
on its switches. Which mechanism can reduce high CPU issue in this situation?A. Enable BPDU guard between switches A and D.
B. Enable BPDU filter between the routers B and C.
C. Enable BPDU filter between the switches A and D.
D. Enable BPDU guard between routers B and C.
Correct Answer: C
QUESTION 30
When designing a network that consists of multiple IPv6 multicast servers on a Layer 2 VLAN, which
option should you consider regarding IPv6 multicast traffic forwarding?
A. The RP IP address is embedded in IPv6 multicast address.
B. IPv6 multicast addresses are assigned based on network prefix.
C. IPv6 multicast addresses are assigned by IANA.
D. IPv6 multicast flooding optimization requires Layer 2 switches support of MLD snooping.
Correct Answer: D
QUESTION 31
You are designing a network virtualization solution across an enterprise campus. The design requirements
include the ability to virtualize the data plane and control plane using VLANs and VRFs while maintaining
end-to-end logical path transport separation across the network, with access to grouped resources
available at the access edge. Your network virtualization design can be categorized as which three primary
models? (Choose 3)
A. group virtualization
B. services virtualization
C. edge isolation
D. session isolation
E. path isolation
F. device virtualization
Correct Answer: BEF
QUESTION 32
Which openstack component implements role-based access control?
A. Horizon
B. Nova
C. Neutron
D. Keystone
Correct Answer: A
QUESTION 33
You are designing an OSPF network with multiple areas of for a large client. Due to the size of the routing
domain, all areas except the backbone area are configured as stub areas. A new requirement is to connect
a WAN link to a partner organization with a static route to one of the stub areas, area 100. What should
you do to redesign area 100, if anything, in order to support this WAN link while minimizing the size of the
link state database?
A. Convert area 100 into an NSSA.
B. Redistribute the static route as OSPF type E1.
C. Convert area 100 into a normal area.
D. No configuration changes to area 100 are needed.
Correct Answer: A
QUESTION 34
Which statement describes the main difference between the Layer 2 loop-free inverted U design and the
Layer 2 loop-free U design?
A. A loop-free U design has all uplinks active, but a loop-free inverted U design does not.
B. A loop-free inverted U design has all uplinks active, but a loop-free U design does not.
C. A loop-free U design extends VLANs between access switches, but a loop-free inverted U design does
not.
D. A loop-free U design extends VLANs between distribution switches, but a loop-free inverted U design
does not.
Correct Answer: C
QUESTION 35
Which statement about DHCPv6 Guard features design is true?
A. A certificate must be installed on the DHCPv6 server and relay agent.
B. DHCPv6 client requests can be rate-limited to protect the control plane.
C. Rogue DHCPv6 servers cannot assign IPv6 addresses to clients.
D. DHCPv6 client requests can be filtered to protect the data plane.
Correct Answer: C
QUESTION 36
You are the consultant network designer for a large GET VPN deployment for a large bank with national
coverage. Between 1800 and 2000 remote locations connect to the central location through four hubs
using an MPLS backbone and using two key servers. The bank is concerned with security and replay
attacks. Which two actions should you use to tune GET VPN to meet the bank requirements? (Choose 2)
A. Replace unicast rekey with multicast rekey.
B. Increase the cryptographic key size.
C. Reduce the SAR clock interval duration.
D. Reduce the Dead Peer Detection periodic timer.
E. Increase the TEK and KEK lifetime.
Correct Answer: BC
QUESTION 37
Which two disadvantages are of using proxy servers as compared to stateful firewalls? (Choose two)
A. Proxy servers expose the source addresses of traffic flows.
B. Proxy servers must be explicitly set to support new applications and protocols.
C. Proxy servers typically perform more slowly.
D. Proxy servers use network address translation as their primary security mechanism.
Correct Answer: BC
QUESTION 38
A mobile service provider wants to design and deploy an Ethernet service with similar physical link failover/
failback characteristics on the active/backup links as APS/MSP SONET. Which Layer 2 service addresses
this design requirement?
A. Ethernet Pseudowires
B. FlexLink
C. MLPPP
D. Port-Channel
Correct Answer: B
QUESTION 39
You are developing the routing design for two merging companies that have overlapping IP address
space. What must you consider when developing the routing and NAT design?
A. Global to local NAT translation is done before routing.
B. Local to global NAT translation is done after routing.
C. Global to local NAT translation is done after policy-based routing.
D. Local to global NAT translation is done before policy-based routing.
Correct Answer: D
QUESTION 40
Which two components are the responsibility of the customers in a Platform as a Service offering?
(Choose 2)
A. data
B. APIs
C. hardware
D. applications
E. infrastructure connectivity
Correct Answer: AD
QUESTION 41
You are designing a FabricPath network that connects to a spine-and-leaf topology using layer 2 IS-IS as
the IGP. The solution should be able to detect changes in the network topology and calculate loop-free
paths to other nodes in the network that are being used as top-of-rack switches. Which four options are
characteristics of this FabricPath design solution? (Choose 4)
A. The FabricPath domain should be replaced because it does not run STP.
B. The switch operating system uses multiple equal-cost, parallel links that provide ECMP.
C. To use the basic FabricPath functionality, you must configure IS-IS on every interface between the
leaf-and-spine switches.
D. FabricPath Layer 2 IS-IS uses the standard IS-IS functionality to populate up to 16 routes for a given
destination switch.
E. This path is used for forwarding unicast Fabricpath frames.
F. Each switch computes its shortest path to every other switch in the network using the SPF algorithm.
G. The interfaces in a FabricPath network run only the FabricPath Layer 2 IS-IS protocol with FTags
disabled.
Correct Answer: BDEF
QUESTION 42
Which is a requirement for performing attack detection by use of anomaly detection technologies?
A. Baseline data
B. Packet captures
C. Syslog data
D. Exploit signatures
Correct Answer: A
QUESTION 43
Which load balancing option for iP-only traffic is the least efficient in terms of Layer 2 EtherChnnel physical
links utilization?
A. on a per port number basisB. on a per destination MAC address basis
C. on a per destination IP address basis
D. on a per source IP address basis
Correct Answer: B
QUESTION 44
Which option forces traffic to take an explicit route across a backbone network?
A. IGP cost
B. TE metric
C. TE affinity
D. multiple IGPs
Correct Answer: B
QUESTION 45
Which two are loT sensor-specific constraints? (Choose 2)
A. the amount of devices
B. processing power
C. memory
D. cooling
E. standard transport protocols
Correct Answer: BC
QUESTION 46
Company ABC is using an Ethernet virtual circuit as its provider’s DCI solution. A goal is to reduce the time
to detect the link failure. Which protocol accomplishes this goal?
A. link aggregation group
B. Ethernet OAM
C. UDLD
D. spanning-tree bridge assurance
Correct Answer: B
QUESTION 47
A company decided to replace IEEE 802.1s on the campus and you must propose a Layer 2 open
standard technology that is highly scalable, ensures a resilient loop-free switched domain, and allows for
utilizing all links in the Layer 2 domain.
Which Layer 2 technology meets these requirements?
A. TRILL
B. VxLAN
C. LACP
D. FabricPath
E. MST
Correct Answer: A
QUESTION 48
You are designing a WAN network solution with EIGRP based on VPLS. The interface speed is 10 Mb/s,
but the access rate of the WAN connection is 256 Kb/s. What should you include in the network design, in
order to avoid potential issues with EIGRP?A. Tag outbound EIGRP traffic and have the WAN provider add it to the priority queue.
B. Set the interface bandwidth to match the access rate.
C. Limit traffic to the access rate with interface traffic shaping.
D. Limit EIGRP traffic to the access rate with a policer.
Correct Answer: B
QUESTION 49
You are reviewing the Layer 2 VPN service offering of a service provider. A top priority is meeting SLAs for
its customers. Which OAM standard should you recommend to monitor customer VPLS connectivity?
A. OAM for MPLS Networks
B. Connectivity Fault Management
C. Ethernet in the First Mile
D. Ethernet Local Management Interface
Correct Answer: A
QUESTION 50
A hosted service provider is designing an IPS solution to protect its DMZ segment. The goal is to detect
and prevent anomalous activities and, at the same time, give the security operations team visibility into any
attempted attacks against the organization. Which IPS solution should you deploy in the Internet perimeter
to accomplish this goal?
A. Deploy IPS as inline mode between the firewall and the servers
B. Deploy IPS as promiscuous mode between the firewall and the servers
C. Deploy IPS as inline mode between the firewall and the internet gateway
D. Deploy IPS as promiscuous mode between the firewall and the internet gateway
Correct Answer: A
50 Cisco CCDE 352-001 Exam Practice tests boost your skills and get more
Cisco 352-001 Exam dump options: https://www.pass4itsure.com/352-001.html (q&as:640)
[PDF] Free Cisco CCDE 352-001 pdf dumps download from Google Drive: https://drive.google.com/open?id=1enBiNXhZK8JX5eWRVZFjKHh9wa-G0sQW
[PDF] Free Full Cisco pdf dumps download from Google Drive: https://drive.google.com/drive/folders/1dq6fv9FX6zSDDoHc3ge-WzVU9SNaUbsH
Pass4itsure Promo Code 15% Off
related: https://www.microsoft-technet.com/helpful-cisco-100-105-dumps-icnd1-ccent-practice-exam.html