dumpspedia logo
Refer to the exhibit.
The network design team has advised to use private IP addresses and private colors over the SP circuit for the data plane connections. The Public IP should be used for control connections. Which configuration should be applied at SiteA to achieve this task?
Refer to the exhibit.
The engineer must assign community tags to 3 of its 74 critical server networks as soon as that are advertised to BGP peers. These server networks must not be advertised outside AS. Which configuration fulfill this requirement?
A)
B)
C)
D)
Which policy configuration must be used to classify traffic as it enters the branch WAN Edge router to be put into the desired output queue?
A)
B)
C)
D)
Refer to the exhibit. An enterprise decides to use the Cisco SD-WAN Cloud onRamp for SaaS feature and utilize H.Q site Biz iNET to reach SaaS Cloud for branch C. currently reaching SaaS Cloud directly. Which role must be assigned to devices at both sites in vManage Cloud Express for this solution to work?
A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the master device. What must be configured to get the fastest failover to standby?
Refer to the exhibit.
Customer XYZ cannot provison dual connectivity on both Its routers due to budget constratnts but wants to use tnth RI and R2 interface for users behind them for load toward the hub site Which configurauon achieves this objectives?
A)
B)
C)
D)
What happens if the intelligent proxy is unreachable in the Cisco SD-WAN network?
Which vBond system configuration under VPN 0 allows for a routable public IP address even if the DNS name, hostname, or IP address of the vBond orchestrator are omitted?
When the VPN membership policy is being controlled at the vSmart controller, which policy disallows VPN 1 at sites 20 and 30?
A)
B)
C)
D)
Which two performance data details are provided by Cisco SO-WAN vAnalytics? (Choose two)
An engineer must configure egress QoS for voice traffic. Which queue must the engineer configure on the WAN Edge router to accomplish the task?
Which two mechanisms are used to guarantee the integrity of data packets in the Cisco SD-WAN architecture data plane? {Choose two)
Which two protocols are supported for software image delivery when images are hosted on a remote server? (Choose two.)
Refer to the exhibit. An ongineer configured OMP with an ovorlay-as of 10666. What is tho AS-PATH for prefix 104.104.104.104/32 on R1007?
What is a requirement for a WAN Edge to reach vManage, vBond, and vSmart controllers in a data center?
Drag and drop the Cisco SD-WAN components from the left onto their functions on the right.
Which service VPN must be reachable from all WAN Edge devices and the controllers?
Which VPNs must be configured outside the workflow to complete the SD-WAN overlay setup when using the Quick Connect workflow?
Which cloud based component in cisco SD-WAN is responsible for establishing a secure connection to each WAN edge router and distributes routers and policy information via omp?
An engineering team must prepare a traffic engineering policy where an MPLS circuit is preferred for traffic coming from the Admin VLAN Internet should be used as a backup only. Which configuration fulfill this requirement?
A)
B)
C)
D)
An enterprise has these three WAN connections:
public Internet
business internet
MPLS
An engineer must configure two available links to route traffic via both links. Which configuration achieves this objective?
Which table is used by the vSmart controller to maintain service routes of the WAN Edge routers in the hub and local branches?
Refer to the exhibit.
Which shaping-rate does the engineer use to shape traffic at 9 Mbps?
Which command on a WAN Edge device displays the information about the colors present in the fabric that are learned from vSmart via OMP?
A network engineer must configure all branches to communicate with each other through the Service Chain Firewall located at the headquarters site. Which configuration allows the engineer to accomplish this task?
A)
B)
C)
D)
Which protocol runs between the vSmart controllers and WAN Edge routers when the vSmart controller acts like a route reflector?
Which device in the SD- WAN solution receives and categorizes event reports, and generates alarms?
An administrator is configuring the severity level on the vManage NMS for events that indicate that an action must be taken immediately. Which severity level must be configured?
Refer to the exhibit Which configuration sets up direct Internet access for VPN 1?
Refer to the exhibit.
The tunnel interface configuration on both WAN Edge routers is:
Which configuration for WAN Edge routers will connect to the Internet?
Refer to the exhibit. Company ABC has a hub-and-spoke topology in place and currently is load balancing their data traffic at the hub site over MPLS and the public Internet. The leased circuit must be preferred over the shared circuit. Which configuration meets the requirement?
Which two REST API functions are performed for Cisco devices in an overlay network? (Choose two)
What problem happens on a device with two serial numbers, a unique device identifier (UDI), and secure unique device identifier (SUDI) when an engineer provisions ISR 4000 by PnP using only a UDI?
Refer to the exhibit The Cisco SD-WAN network is configured with a default full-mesh topology. Islamabad HQ and Islamabad WAN Edges must be used as the hub sites. Hub sites MPLS TLOC must be preferred when forwarding FTP traffic based on a configured SLA class list. Which policy configuration does the network engineer use to call the SLA class and set the preferred color to MPLS?
Refer to the exhibit. An administrator is configuring a policy in addition to an existing hub-and-spoke policy for two sites that should directly communicate with each other. How is this policy configured?
A network administrator is configuring a tunnel interface on a branch Cisco IOS XE router to run TLOC extensions. Which configuration will extend a TLOC over a GRE tunnel to another router in the branch?
Refer to the exhibit.
The Cisco SD-WAN network is configured with a default full-mesh topology. An engineer wants Paris WAN Edge to use the Internet HOC as the preferred TLOC for MSN Messenger and AOL Messenger traffic. Which policy achieves this goal?
A)
B)
C)
D)
At which layer does the application-aware firewall block applications on a WAN Edge?
Which on-the-box security feature supported by the Cisco ISR 4451 SD-WAN device and not on vEdge?
An engineer must configure the SD-WAN Edge router to identify DSCP 26 traffic coming from the router's local site and then change the DSCP value to DSCP 18 before sending it over to the SD-WAN fabric. What are the two ways to create the required configuration? (Choose two).
Refer to the exhibit. A network administrator is configuring OSPF advanced configuration pararmeters from a template using the vManager GUI for a branch WAN Edge router to calculate the cost of summary routes to an ASBR. Which action achieves this configuration?
Refer to the exhibit.
vManage and vSmart have an issue establishing a connection to vBond. Which configuration resolves the issue?
Which statement describes the requirement of integrating a secure internet gateway (SIG) with a Cisco SD-WAN Edge device?
An engineer must deploy a QoS policy with these requirements:
• policy name: App-police
• police rate: 1000000
• burst: 1000000
• exceed: drop
Which configuration meets the requirements?
An engineer must improve video quality by limiting HTTP traffic to the Internet without any failover. Which configuration in vManage achieves this goal?
Refer to the exhibit. The Cisco SD-VYAN is deployed using the default topology. The engineer v/ants to configure a service insertion policy such that all data traffic between Rome to Paris is forwarded through the NGFW located in London. Which configuration fulfills this requirement, assuming that the Sen/ice VPN ID is 1?
A)
B)
C)
D)
An engineer is configuring a WAN Edge router for DIA based on matching QoS parameters. Which two actions accomplish this task? (Choose two.)
Refer to the exhibit. Which configuration extends the INET interface on R1 to be used by R2 for control and data connections?
A)
B)
C)
Which component is used for stateful inspection of TCP, UDP. and ICMP flows in Cisco SD-WAN firewall policies?
Which hardware component is involved in the Cisco SD-WAN authentication process for ISR platforms?
Refer to the exhibit.
Which QoS treatment results from this configuration after the access list acl-guest is applied inbound on the vpn1 interface?
A network administrator is tasked to make sure that an OMP peer session is closed after missing three consecutive keepalive messages in 3 minutes. Additionally, route updates must be sent every minute. If a WAN Edge router becomes unavailable, the peer must use last known information to forward packets for 12 hours. Which set of configuration commands accomplishes this task?
Which value is verified in the certificates to confirm the identity of the physical WAN Edge device?
Refer to the exhibit Which NAT types must the engineer configure for the vEdge router to bring up the data plane tunnels?
REST applications communicate over HTTP or HTTPS to make calls between network devices. Which two HTTPS standard methods are included? (Choose two.)
What are the two advantages of configuration groups in a Cisco SD-WAN deployment? (Choose two.)
What is the default value for the Multiplier field of the BFD basic configuration in vManage?
Refer to the exhibit An engineer is configuring a QoS policy to shape traffic for VLAN 100 on a subinterface Which policy configuration accomplishes the task?
A)
B)
C)
D)
In Cisco SD-WAN, what protocol is used for control connections between SD-WAN devices?
What is a requirement for deployment of on-premises vBond controllers through the Cisco Plug and Play Connect process?
In the Cisco SD_WAN solution, vSmart controller is responsible for which two actions? (Choose two.)
Refer to the exhibit A WAN Edge device was recently added to vManage but a control connection could not be established Which action resolves this issue?
Two sites have one WAN Edge each WAN Edge has two public TLOCs with no restriction configured. There is full reachability between the TLOCs. How many data tunnels are formed on each Edge router?
An organization wants to discover monitor and track the applications running on the WAN Edge device on the LAN Which configuration achieves this goal?
Which component is used to optimize the multicast distribution tree enabled through the multicast network?
An engineer configures policing with a rate of 125 Bps and a burst rate of 8000 bits, as shown here:
Which configuration completes this task?
Which command displays BFD session summary information per TLOC on vEdge routers?
Refer to the exhibit The network team must configure ElGRP peering at HQ with devices in the service VPN connected to WAN Edge CSRv. CSRv is currently configured with
Which configuration on the WAN Edge meets the requiremnet
A)
B)
C)
D)
How many subnets are necessary in Azure VNet for a WAN Edge device to function in the cloud deployment?
A network engineer sets tags in OMP for routes that were originated in the Service VPN. Which monitoring tab must be used to verify tags on the next hop?
Which OSPF command makes the WAN Edge router a less preferred exit from a site with a dual WAN Edge design?
A)
B)
C)
D)
An engineer is adding a tenant with location ID 399533345 in vManage. What is the maximum number of alphanumeric characters that is accepted in the tenant name filed?
How many vCPUs and how much RAM are recommended to run the vSmart controller on the KVM server for 251 to 1000 devices in software version 20.4.x?
Refer to the exhibit.
vManage and vBond have an issue establishing a connection to each other. Which configuration resolves the issue?
Which component of the Cisco SD-WAN control plane architecture facilitates the storage of certificates and configurations for network components?
What are the default username and password for vSmart Controller when it is installed on a VMware ESXi hypervisor'?
When software is upgraded on a vManage NMS, which two image-adding options store images in a local vManage software repository? (Choose two.)
Which encryption algorithm secures binding exchanges Between Cisco TrustSec SXP peers?
Drag and drop the REST API calls from the left onto the functions on the right.
An engineer is troubleshooting a vEdge router and identifies a “DCONFAIL – DTLS connection failure” message. What is the problem?
Which protocol is used between redundant vSmart controllers to establish a permanent communication channel?
Drag and drop the alarm states from the left onto the corresponding alarm descriptions on the right.
An engineer modifies a data policy for DIA in VPN 67. The location has two Internet-bound circuits. Only the web browsing traffic must be admitted for DIA. without further discrimination about which transport to use.
Here is the existing data policy configuration:
Which policy configuration sequence meets the requirements?
Refer to the exhibit An engineer must configure a QoS policy between me hub and site A (spoke) over a standard internet circuit where traffic shaping is adjusted automatically based on evaiiabk» bandwidth Which configuration meets the requirement?
An engineer is configuring the branch office with a 172.16.0.0/16 subnet to use DIA for Internet traffic. All other traffic must flow to the central site or branches using the MPLS circuit Which configuration meets the requirement?
A)
B)
C)
D)
Which type of route represents prefixes received from a local site via an SD-WAN Edge router in a Cisco SD-WAN architecture?
Which protocol is used to measure loss latency, Jitter, and liveliness of the tunnel between WAN Edge router peers?
How should the IP addresses be assigned for all members of a Cisco vManage cluster located in the same data center?
A company is using Catalyst SD-WAN Manager as its root certificate authority server and must generate a root certificate using the vShell (Linux) built into the CLI of Catalyst SD-WAN Manager. Which command must be issued to generate the root certificate?
Refer to the exhibit.
The network team must configure branch B WAN Edge device 103 to establish dynamic full-mesh IPsec tunnels between all colors with branches over MPLS and Internet circuits. The branch ts configured with:
Which configuration meets the requirement?
A)
B)
C)
D)
What must an engineer conewef when decoying an SD-WAN on-pfemlses architecture based on ESXi hypervisor?
Which two services are critical for zero touch provisioning on-boarding? (Choose two)
Which configuration change allows direct internet access at the branch site for YouTube traffic?
Which routing protocol is used to exchange control plane information between vSmart controllers and WAN Edge routers in the Cisco SD-WAN secure extensible network?
Refer to the exhibit. An enterprise network is connected with an ISP network on an 80 Mbps bandwidth link. The network operation team observes 100 Mbps traffic on the 1Gig-ISP link during peak hours Which configuration provides bandwidth control to avoid traffic congestion during peak hours?
A)
B)
C)
D)
What is the default value for the number of paths advertised per prefix in the OMP feature template?
Which secure connection should be used to access the REST APIs through the Cisco vManage web server?
An enterprise has several sites with multiple VPNs that are isolated from each other A new requirement came where users in VPN 73 must be able to talk to users in VPN 50 Which configuration meets this requirement?
Which device information is requited on PNP/ZTP to support the zero-touch onboarding process?
Drag and drop the steps from the left into the sequence on the right for a WAN Edge router after powering on for zero touch provisioning.
Which protocol is configured on tunnels by default to detect loss, latency, jitter, and path failures in Cisco SD-WAN?
A voice packet requires a latency of 50 msec. Which policy is configured to ensure that a voice packet is always sent on the link with less than a 50 msec delay?
An engineer wants to track tunnel characteristics within an SLA-based policy for convergence. Which policy configuration will achieve this goal?
Which SD-WAN component is configured to enforce a policy to redirect branch-to-branch traffic toward a network service such as a firewall or IPS?
Which pathway under Monitor > Network > Select Device is used to verify service insertion configuration?
What is the purpose of ‘’vpn 0’’ in the configuration template when onboarding a WAN edge node?
An engineer is configuring a list that matches all IP prefixes with lengths from /1 to /16 in a centralized control policy. Which list accomplishes this task?
Refer to the exhibit A small company was acquired by a large organization As a result, the new organization decided to update information on their Enterprise RootCA and generated a new certificate using openssl Which configuration updates the new certificate and issues an alert in vManage Monitor | Events Dashboard?
Refer to the exhibit. An engineer must block FTP traffic coming in from a particular Service VPN on a WAN Edge device Which set of steps achieves this goal?
Which component of the Cisco SD-WAN secure extensible network provides a single pane of glass approach to network monitoring and configuration?
An engineer must configure two branch WAN Edge devices where an Internet connection is available and the controllers are in the headquarters. The requirement is to have IPsec VPN tunnels established between the same colors. Which configuration meets the requirement on both WAN Edge devices?
Which two types of SGT propagation are supported by Cisco TrustSec? (Choose two.)
TESTED 02 Dec 2025
