350-401 Sample Questions Answers

to enable vBond to learn the public IP of WAN Edge devices that are behind NAT gateways or in private address space

to facilitate downloading and distribution of operational and security patches

to allow for global reachability from all WAN Edges in the Cisco SD-WAN and to facilitate NAT traversal

to provide access to Cisco Smart Licensing servers for license enablement

lower monitoring requirements

low latency

scalability

quick failure isolation

improved throughput

To enable data to be easily structured grouped validated and replicated

To represent finite and well-defined network elements that cannot be changed

To model the flows of unstructured data within the infrastructure

To provide human readability to scripting languages

An EoIP tunnel is created between the client and the anchor controller to provide seamless connectively as the client is associated with the new AP.

The client entry on the original controller is passed to the database on the new controller.

The new controller assign an IP address from the new subnet to the client.

The client database on the original controller is updated with the anchor entry, and the new controller database is updated with the foreign entry.

HTML

PERL

JSON

Python

quick deployment

ideal for data center

complicated deployment

referred to as bare-metal

Puppet

Ansible

Saltstack

Chef

Use Cisco Firepower with Intrusion Policy and snort rules blocking SMB exploitation.

Use Cisco AMP deployment with the Malicious Activity Protection engine enabled.

Use Cisco AMP deployment with the Exploit Prevention engine enabled.

Use Cisco Firepower and block traffic to TOR networks.

The signal strength at location B is 10 dB better than location C.

The signal strength at location C is too weak to support web surfing

Location D has the strongest RF signal strength.

The RF signal strength at location B is 50% weaker than location A.

The RF signal strength at location C is 10 times stronger than location B

AP with highest IP address

AP with the lowest IP address

AP with highest MAC address

AP with highest controller up time

Decrease radio channel widths to 40 MHz.

Increase the mandatory minimum data rates.

Decrease the mandatory minimum data rates.

Increase radio channel widths to 160 MHz.

10.0.0.100 is managed by Cisco Catalyst Center (formerly DNA Center).

The URL for the second query is syntactically incorrect.

The authentication for the second query fails.

10.0.0.200 is known to DNA Center, but its ID is an empty string.

virtualized instances

hardware, software, cloud, and virtualized instances

hardware, virtualized. and cloud instances

hardware and virtualized instances

facilitating a unified approach to configuration and management

improving communication security with binary-encoded protocols

lowering CPU load incurred to managed devices

removing the distinction between configuration and runtime state data

Layer 3

Layer 7

Layer 1

Layer 2

user access based on IP addressB slows devices to bypass authentication

network access based on the physical address of a device

simultaneous user and device authentication

Make”:‘Gocar, “Model’: “Zoom”, “Features”: [“Power Windows”, “Manual Dnve”, “Auto AC”]}

'Make ”: “Gocar1, “Model”: “Zoom”, “Features”: [“Power Windows”, “Manual Drive”, “Auto AC”]

{“Make”: Gocar, “Model": Zoom, “Features": Power Windows, Manual Drive, Auto AC}

(“Make”:[ “Gocar”, “Model": “Zoom"], Features”: [“Power Windows", “Manual Drive", “Auto AC”]}

Primary/Secondary- Tertiary/Backup

stored WLC information

DNS

IP Helper Addresses

Option A

Option B

Option C

Option D

Use TLS to secure the underlying HTTP session.

Use me POST method Instead or URL-encoded GET to pass parameters.

Deploy digest-based authentication to protect the access to the API.

Encode sensitive data using Base64 encoding.

ingress tunnel router

map resolver

egress tunnel router

map server

Device(config)# netconf lock-time 500

Device(config)# netconf max-message 1000

Device(config)# no netconf ssh acl 1

Device(config)# netconf max-sessions 100

wireless client

Wireless LAN controller

access point

WCS location server

the interface specified on the WLAN configuration

any interface configured on the WLC

the controller management interface

the controller virtual interface

A close up of a text AI-generated content may be incorrect.

A close up of a logo AI-generated content may be incorrect.

A close up of a text AI-generated content may be incorrect.

A black text on a white background AI-generated content may be incorrect.

Option A

Option B

Option C

Option D

Data forwarding is stopped until the routing protocols reconverge after the switchover.

The standby route processor initialization is started when the primary router processor fails.

The standby route processor is fully initialed and state information is maintained.

User sessions are immediately recreated on the new active route processor.

Data forwarding can continue along known paths until routing protocol information is restored.

JSON

XML

XDR

YANG

API keys

custom tokens

OAuth

SOAP

A new security context is applied for each controller to which the client is associated, but the IP address remains the same.

The client must be associated to a new controller where a new IP address and security context are applied.

The client retains the same IP address and security context.

The client is marked as foreign in the database of each new controller to which it is connected.

Option A

Option B

Option C

Option D

when a stack member fails

when the stack primary is reset

when a switch with a higher priority is added to the stack

when the priority value of a stack member is changed to a higher value

Passive

Tap

Inline tap

Inline

It includes dish antennas.

It has high gain.

It provides the most focused and narrow beamwidth.

It includes dipole antennas.

header and payload

three parts separated by dots: version, header, and signature

payload and signature

three parts separated by dots: header, payload. and signature

It allows for an unlimited number of segments.

It has fewer devices to manage.

It uses all available Layer 3 paths in the underlying network.

It allows multi-tenanted segmentation.

It uses a MAC in IP/TCP encapsulation technique.

to establish a framework to process data by using an object-oriented programming approach

to specify the rules for transcoding between text and binary data encodings

to standardize the procedures that are executed when parsing sent and received data

to describe the structure and meaning of exchanged data

restarted

failed

stopped

successful

Use SSL for encryption.

Enable out-of-band authentication.

Enable dual authentication of the session.

Use TACACS+ authentication.

Use a password hash.

WPA3 Personal

WPA3 Enterprise

WPA3 Enterprise

WPA2 Personal

RFID

client probing

beacons

data packets

free space path loss

link power budget

fading

SNR

to provide centralized management and provisioning of all elements into the network

to configure NAT communication on WAN Edge routers

to provide configuration synchronization of an WAN Edge devices

to facilitate start-up by performing authentication and authorization of all elements into the network