300-415 Sample Questions Answers

A large retail organization decided to move some of the branch applications to the AWS cloud. How does the network architect extend the in-house Cisco SD-WAN branch to cloud network into AWS?

What is the default value for the number of paths advertised per prefix in the OMP feature template?

Which command displays BFD session summary information per TLOC on vEdge routers?

A network administrator is configuring an application-aware firewall between inside zones to an outside zone on a WAN edge router using vManage GUI. What kind of Inspection is performed when the ‘’inspect’’ action is used?

An administrator must configure an ACL for traffic coming in from the service-side VPN on a specific WAN device with circuit ID 391897770. Which policy must be used to configure this ACL?

An engineer configured a data policy called ROME-POLICY. Which configuration allows traffic flow from the Rome internal network toward other sites?

An engineer configures an application-aware routing policy for a group of sites The locations depend on public and private transports The policy does not work as expected when one of the transports does not perform properly This policy is configured:

which configuration completes the policy so that it works for all locations?

A)

B)

C)

D)

How is TLOC defined?

Which two prerequisites must be met before the Cloud onRamp for laaS is initiated on vManage to expand to the AWS cloud? (Choose two)

Which two different states of a WAN Edge certificate are shown on vManage? (Choose two.)

An administrator must deploy the controllers using the On-Prem method while vManage can access the PnP portal from inside How are the two WAN Edge authorized allowed lists to be made available to vManage? (Choose two)

Which component is used for stateful inspection of TCP, UDP. and ICMP flows in Cisco SD-WAN firewall policies?

Drag and drop the REST API calls from the left onto the functions on the right.

An engineer is configuring a list that matches all IP prefixes with lengths from /1 to /16 in a centralized control policy. Which list accomplishes this task?

What is the purpose of ‘’vpn 0’’ in the configuration template when onboarding a WAN edge node?

An engineer must configure two branch WAN Edge devices where an Internet connection is available and the controllers are in the headquarters. The requirement is to have IPsec VPN tunnels established between the same colors. Which configuration meets the requirement on both WAN Edge devices?

A customer is receiving routes via OMP from vSmart controller for a specific VPN. The customer must provide access to the W2 loopback received via OMP to the OSPF neighbor on the service-side VPN, which configuration fulfils these requirements?

Refer to the exhibit.

A network administrator is configuring OMP in vManage to advertise all the paths for the same prefix from a site that has two WAN Edge devices Each WAN Edge device is connected to three ISPs and two private MPLS transports. What is the minimum value for 'Number of Paths advertised per Prefix" that should be configured?

How is multicast routing enabled on devices in the Cisco SD-WAN overlay network?

When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?

What is the order of operations for software upgrades of Cisco SD-WAN nodes'?

What is the main purpose of using TLOC extensions in WAN Edge router configuration?

A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the master device. What must be configured to get the fastest failover to standby?

Refer to the exhibit. The network administrator has configured a centralized topology policy that results in the displayed routing table at a branch office. Which two configurations are verified by the output? [Choose two.)

Refer to the exhibit. An enterprise network is connected with an ISP network on an 80 Mbps bandwidth link. The network operation team observes 100 Mbps traffic on the 1Gig-ISP link during peak hours Which configuration provides bandwidth control to avoid traffic congestion during peak hours?

A)

B)

C)

D)

Which two virtualized environments are available for a company to install the controllers using the on-premises model? (Choose two )

Which IP address must be reachable by a WAN Edge device for the ZIP process to work?

Refer to the exhibit The engineering must assign tags to 3 Of its 74 server networks as soon as they are advertised to peers These server network must not be advertised AS which configuration fulfil the requirement?

A)

B)

C)

D)

Refer to the exhibit. A user in the branch is connecting to Office 365 for the first time. Over which path does the branch WAN Edge router traffic follow?

An organization wants to use the cisco SD-WAN regionalized service-chaining feature to optimize cost and user experience with application in the network, which allows branch routers to analyze and steer traffic toward the required network function. Which feature meets this requirement?

An engineer wants to automate the onboarding process for a WAN Edge router with vManage. Which command will accomplish this?

Which routing protocol has the highest default administrative distance?

Which two sets of identifiers does OMP carry when it advertises TLOC routes between WAN Edge routers? (Choose two.)

Which command verifies a policy that has been pushed to the vEdge router?

Refer to the exhibit Which configuration sets up direct Internet access for VPN 1?

Refer to the exhibit.

An enterprise has hub and spoke topology where it has several VPNs. An engineer must allow users in VPN91 to reach users in VPN92 and VPN10 to reach VPN91 and VPN92. Which configuration meets these requirements?

Company E wants to deploy Cisco SD-WAN with controllers in AWS The company's existing WAN is on private MPLS without Internet access to controllers m AWS An Internet circuit is added to a site in addition to the existing MPLS circuit. Which interface template establishes BFD neighbors over both transports?

A)

B)

C)

Miss

D)

An engineer wants to change the configuration of the certificate authorization mode from manual to automated. Which GUI selection will accomplish this?

Drag and drop the components from the left onto the corresponding Cisco NFV infrastructure Building Blocks on the right. Not all options are used.

Refer to the exhibit. The ge0/0 interface connects to a 30-MB link. A network administrator wants to always have 10 MB available for high priority traffic. When lower-priority traffic busts exceed 20 MB. Traffic should be redirected to the second WAN interface ge0/1. Which set of configurations accomplishes this task?

A)

B)

C)

D)

Which destination UDP port is used by WAN Edge router to make a DTLS connection with vBond Orchestrator?

Refer to the exhibit An engineer is getting a CTORGNMMIS error on a controller connection Which action resolves this issue?

Refer to the exhibit. An ongineer configured OMP with an ovorlay-as of 10666. What is tho AS-PATH for prefix 104.104.104.104/32 on R1007?

Which two platforms for the Cisco SD-WAN architecture are deployable in a hypervisor on-premises or in IAAS Cloud? (Choose two.)

What are the two functions of vSmart? (Choose two)

Which platform is a Cisco SD-WAN virtual platform?

Which feature allows reachability to an organization’s internally hosted application for an active DNS security policy on a device?

Which template configures the out-of-band management VPN?

A)

B)

C)

D)

Which two requirements must be met for DNS inspection when integrating with cisco umbrella? (Choose two)

An engineer must avoid routing loops on the SD-WAN fabric for routes advertised between data center sites Which BGP loop prevention attribute must be configured on the routers to meet this requirement?

Drag and drop the route verification output from show omp tlocs from the left onto the correct explanations on the right.

Which component is responsible for routing protocols such as BGP and OSPF in a Cisco SD-WAN solution?

An engineer is configuring a centralized policy to influence network route advertisement. Which controller delivers this policy to the fabric?

An organization wants to discover monitor and track the applications running on the WAN Edge device on the LAN Which configuration achieves this goal?

How are policies deployed on cloud-tiosted Cisco SD-WAN controllers?

Which set of elements are verified by the controller to confirm the identity of edge devices?

Which third-party Enterprise CA server must be used (or a cloud-based vSmart controller?

Two sites have one WAN Edge each WAN Edge has two public TLOCs with no restriction configured. There is full reachability between the TLOCs. How many data tunnels are formed on each Edge router?

An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?

What is a benefit of using REST APIs?

Which protocol is used to measure jitter, loss, and latency on SD-WAN overlay tunnels?

When redistribution is configured between OMP and BGP at two Data Center sites that have Direct Connection interlink, which step avoids learning the same routes on WAN Edge routers of the DCs from LAN?

Which VPN connects the transport-side WAN Edge interface to the underlay/WAN network?

Refer to the exhibit.

The Cisco SD-WAN network is configured with a default full-mesh topology. An engineer wants Paris WAN Edge to use the Internet HOC as the preferred TLOC for MSN Messenger and AOL Messenger traffic. Which policy achieves this goal?

A)

B)

C)

D)

Which type of certificate is installed on vManage for a user to access vManage via a web browser?

Refer to the exhibit An engineer is configuring a QoS policy to shape traffic for VLAN 100 on a subinterface Which policy configuration accomplishes the task?

A)

B)

C)

D)

How is lhe software managed in Cisco SD-WAN?

Which policy blocks TLOCs from remotes and allows TLOCs from the data center to form hub-and-spoke peering?

How many vCPUs and how much RAM are recommended to run the vSmart controller on the KVM server for 251 to 1000 devices in software version 20.4.x?

When a WAN Edge device joins the SD-WAN overlay, which Cisco SD-WAN components orchestrates the connection between the WAN Edge device and a vSmart controller?

Which protocol Is used by the REST API to communicate with network services in the Cisco SO-WAN network?

Refer to the exhibit.

What does the BFD value of 8 represent?

In a Cisco SD-WAN network, which component is responsible for distributing route and policy information via the OMP?

An engineer is tasked to improve throughput for connection-oriented traffic by decreasing round-trip latency. Which configuration will achieve this goal?

Refer to the exhibit.

Customer XYZ cannot provision dual connectivity on both of its routers due to budget constraints but wants to use both R1 and R2 interlaces for users behind them for load balancing toward the hub site. Which configuration achieves this objective?

An engineer creates a data policy to prevent communication from the 172.20.21.0/24 network to the 172.20.41.0/24 network. Which configuration accomplishes this task?

Which scheduling method is configured by default for the eight queues in the cloud vEdge router1?

Drag and drop the security terminologies from the left onto the PCI-compliant network features and devices on the right.

Drag and drop the steps from the left Into the order on the right to delete a software image for a WAN Edge router starting with Maintenance > Software Upgrade > Device list on vManage.

What is the procedure to upgrade all Cisco SD-WAN devices to a recent version?

Which attributes are configured to uniquely Identify and represent a TLOC route?

Refer to the exhibit. An enterprise decides to use the Cisco SD-WAN Cloud onRamp for SaaS feature and utilize H.Q site Biz iNET to reach SaaS Cloud for branch C. currently reaching SaaS Cloud directly. Which role must be assigned to devices at both sites in vManage Cloud Express for this solution to work?

Refer to the exhibit.

Which shaping-rate does the engineer use to shape traffic at 9 Mbps?

In Cisco SD-WAN, what protocol is used for control connections between SD-WAN devices?

An engineer is troubleshooting a certificate issue on vEdge. Which command is used to verify the validity of the certificates?

Refer to the exhibit.

The SD-WAN network is configured with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use MPLS TLOC as the preferred TLOC when communicating with Rome site. Which configuration must the engineer use to create a list to select MPLS color toward the Rome TLOC?

A)

B)

C)

D)

The network administrator is configuring a QoS scheduling policy on traffic received from transport side tunnels on WAN Edge 5000 routers at location 406141498 Which command must be configured on these devices?

Which type of certificate is installed on vManage for a user to access vManage via a web browser?

A vEdge platform is sending VRRP advertisement messages every 10 seconds. Which value configures the router back to the default timer?

Refer to the exhibit.

A customer wants to implement primary and secondary Cisco SD-WAN overlay routing for prefixes that are advertised for both data centers. The east data center (TLOC 101.101.101.101) is primary for east sites, and the west data center (TLOC 100.100.100.100) is primary for west sites. Which configuration change achieves this objective?

Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?

What is a description of vManage NMS?

Which VManage dashboard is used to monitor the next-hop reachability between two devices traversing through OMP for a service VPN’

Which pathway under Monitor > Network > Select Device is used to verify service insertion configuration?

Which component of the Cisco SD-WAN secure extensible network provides a single pane of glass approach to network monitoring and configuration?

When the VPN membership policy is being controlled at the vSmart controller, which policy disallows VPN 1 at sites 20 and 30?

A)

B)

C)

D)

Refer to the exhibit A vBond controller was added to the controller list with the same Enterprise Root CA certificate as vManage. The two controllers can reach each other via VPNO and share the same organization name, but the control connection is not initiated- Which action resolves the issue?

Which SD-WAN component detects path performance information in the organization to report the issue to the service provider at site ID:S4288T5E44F04?

An enterprise needs DIA on some of its branches with a common location ID: A041:B70C: D78E::18 Which WAN Edge configuration meets the requirement?

A)

B)

C)

D)

Drag and drop the BFD parameters from the left onto the BFD configurations on the right.

An engineer creates this data policy for DIA for VPN 10:

Which policy sequence enables DIA for external networks?

An engineer must improve video quality by limiting HTTP traffic to the Internet without any failover. Which configuration in vManage achieves this goal?

Which hardware component is involved in the Cisco SD-WAN authentication process for ISR platforms?

A network administrator is configuring a centralized control policy based on match action pairs for multiple conditions, which order must be configured to prefer Prefix List over TLOC and TLOC over Origin?