A Review Of Vivid 400-007 Free Question

NEW QUESTION 1
A Tier-3 Service Provider is evolving into a Tier-2 Service Provider due to the amount of Enterprise business it is receiving.
The network engineers are re-evaluating their IP/MPLS design considerations in order to support duplicate/overlapping IP addressing from their Enterprise customers within each Layer3 VPN.
Which concept would need to be reviewed to ensure stability in their network?

• A. Assigning unique Route Distinguishers
• B. Assigning unique Route Target ID'S
• C. Assigning unique IP address space for the Enterprise NAT/Firewalls
• D. Assigning unique VRF ID's to each L3VPN

Answer: A

NEW QUESTION 2
Your network operations team is deploying Access Control Lists (ACLs) across your Internet gateways.
They wish to place an ACL inbound on the Internet gateway interface facing the core network (the "trusted" interface).
Which IP address would the ACL need for traffic sourced from the inside interface, to match the source address of the traffic?

• A. inside global
• B. outside global
• C. inside local
• D. outside local

Answer: C

NEW QUESTION 3
You were tasked to enhance the security of a network with these characteristics:
- A pool of servers is accessed by numerous data centers and remote sites
- The servers are accessed via a cluster of firewalls
- The firewalls are configured properly and are not dropping traffic
- The firewalls occasionally cause asymmetric routing of traffic within the server data center.
Which technology should you recommend to enhance security by limiting traffic that could originate from a hacker compromising a workstation and redirecting flows at the servers?

• A. Poison certain subnets by adding static routes to Null0 on the core switches connected to thepool of servers.
• B. Deploy uRPF strict mode.
• C. Limit sources of traffic that exit the server-facing interface of the firewall cluster with ACLs.
• D. Deploy uRPF loose mode

Answer: C

NEW QUESTION 4
You want to split an Ethernet domain in two.
Which parameter must be unique in this design to keep the two domains separated?

• A. VTP domain
• B. VTP password
• C. STP type
• D. VLAN ID

Answer: D

NEW QUESTION 5
Which three Cisco products are used in conjunction with Red Hat to provide an NFVi solution? (Choose three.)

• A. Cisco Prime Service Catalog
• B. Cisco Open Virtual Switch
• C. Cisco Nexus switches
• D. Cisco UCS
• E. Cisco Open Container Platform
• F. Cisco Virtual Network Function

Answer: CDF

NEW QUESTION 6
Company XYZ Is running a redundant private WAN network using OSPF as the underlay
protocol.
The current design accommodates for redundancy. In the network, but it Is taking over 30
seconds for the network to reconverge upon failure.
Which technique can be Implemented In the design to detect such a failure in a subsecond?

• A. STP
• B. fate sharing
• C. OSPF LFA
• D. BFD
• E. flex links

Answer: D

NEW QUESTION 7
Company XYZ wants to improve the security design of their network to include protection from reconnaissance and DoS attacks on their sub interfaces destined toward next hop routers.
Which technology can be used to prevent these types of attacks?

• A. MPP
• B. CPPr
• C. CoPP
• D. DPP

Answer: B

NEW QUESTION 8
Which MPLS TE design consideration is true?

• A. MPLS TE replaces LDP and the dependency of the IGP to identify the best path.
• B. MPLS TE provides link and node protection
• C. MPLS TE optimizes the routing of IP traffic, given the constraints imposed by backbone capacityand application requirements.
• D. MPLS TE requires Layer 3 VPN full-mesh topology deployment

Answer: C

NEW QUESTION 9
Which two control plane policer designs must be considered to achieve high availability? (Choose
two.)

• A. Control plane policers are enforced in hardware to protect the software path, but they arehardware platform dependent in terms of classification ability.
• B. Control plane policers are really needed only on externally facing devices.
• C. Control plane policers can cause the network management systems to create false alarms.
• D. Control plane policers must be processed before a forwarding decision is made.
• E. Control plane policers require that adequate protocols overhead are factored in to allow protocolconvergence.

Answer: AD

NEW QUESTION 10
Which option is a fate-sharing characteristic in regards to network design?

• A. A failure of a single element causes the entire service to fail
• B. It protects the network against failures in the distribution layer
• C. It acts as a stateful forwarding device
• D. It provides data sequencing and acknowledgment mechanisms

Answer: A

NEW QUESTION 11
Which design principal improves network resiliency?

• A. Added load-balancing
• B. Added redundancy
• C. Added confidentiality
• D. Added reliability

Answer: B

NEW QUESTION 12
Which two statements describe the usage of the IS-IS overload bit technique? (Choose two )

• A. lf overload-bit is set on a Level 2 intermediate system, the other Level 2 intermediate systems inthe topology will stop using the overloaded IS to forward Level 2 traffic However, the intermediatesystem can still forward Level 1 traffic
• B. It can be set in intermediate systems (IS-IS routers) to prioritize control plane CSNP packets.
• C. It can be used to automatically synchronize the link-state database between Level 1 intermediatesystems
• D. It can be set in intermediate systems (IS-IS routers) to avoid traffic black holes until routingprotocols are fully converged after a reload operation.
• E. It can be set in intermediate systems (IS-IS routers) to attract transit traffic from otherintermediate systems

Answer: AD

NEW QUESTION 13
Company XYZ runs OSPF in their network. A design engineer decides to implement hot-potato routing architecture.
How can this implementation be achieved?

• A. Enable iBGP and apply prepend to ensure all prefixes will have the same length of the AS pathattribute value.
• B. Redistribute the external prefixes onto OSPF and ensure the total metric calculation includes onlythe ext value and the value is the same in all ASBRs.
• C. Enable OSPF load-balancing over unequal cost path.
• D. Redistribute the external prefixes onto OSPF and ensure that the total metric calculation includesexternal internal values.

Answer: D

NEW QUESTION 14
Company XYZ is designing the network for IPv6 security and they have these design
requirements:
- A switch or router must deny access to traffic from sources with addresses that are correct, but
are topologically incorrect
- Devices must block Neighbor Discovery Protocol resolution for destination addresses that are
not found in the binding table.
Which two IPv4 security features are recommended for this company? (Choose two)

• A. IPv6 DHCP Guard
• B. IPv6 Source Guard
• C. IPv6 Destination Guard
• D. IPv6 Prefix Guard
• E. IPv6 RA Guard

Answer: CD

NEW QUESTION 15
What are two key design principles when using a hierarchical core-distribution-access network model? (Choose two )

• A. A hierarchical network design model aids fault isolation
• B. The core layer is designed first, followed by the distribution layer and then the access layer
• C. The core layer provides server access in a small campus.
• D. A hierarchical network design facilitates changes
• E. The core layer controls access to resources for security

Answer: AD

NEW QUESTION 16
......