400-007無料問題集「Cisco Certified Design Expert (CCDE v3.0) Written」

質問 1

Drag and drop the FCAPS network management reference models from the left onto the correct definitions on the right.

正解：

質問 2

An IT service provider is upgrading network infrastructure to comply with PCI security standards. The network team finds that 802.1X and VPN authentication based on locally-significant certificates are not available on some legacy phones.
Which workaround solution meets the requirement?

（A）Replace legacy phones with new phones because the legacy phones will lose trust if the certificate is renewed.

（B）Enable phone VPN authentication based on end-user username and password.

（C）Use authentication-based clear text password with no EAP-MD5 on the legacy phones.

（D）Temporarily allow fallback to TLS 1.0 when using certificates and then upgrade the software on legacy phones.

正解：B 解答を投票する

質問 3

QUESTION 69 Refer to the exhibit. AJI links are P2P Layer 3. A high availability application is synchronizing data between host A and host B. To increase chance of delivery the same data is sent twice from host A on two different NICs toward the two NICs on host B.

Which solution must be deployed in the network to ensure that any failure in the network does not trigger data loss on host B?

（A）BFD

（B）EIGRP with feasible successors

（C）IP Fast Reroute

（D）Static routes

正解：B 解答を投票する

質問 4

Which two statements describe the usage of the IS-IS overload bit technique? (Choose two )

（A）lf overload-bit is set on a Level 2 intermediate system, the other Level 2 intermediate systems in the topology will stop using the overloaded IS to forward Level 2 traffic However, the intermediate system can still forward Level 1 traffic

（B）It can be set in intermediate systems (IS-IS routers) to prioritize control plane CSNP packets.

（C）It can be set in intermediate systems (IS-IS routers) to attract transit traffic from other intermediate systems

（D）It can be used to automatically synchronize the link-state database between Level 1 intermediate systems

（E）It can be set in intermediate systems (IS-IS routers) to avoid traffic black holes until routing protocols are fully converged after a reload operation.

正解：A、E 解答を投票する

質問 5

Company ABC uses IPv4-only. Recently they started deploying new endpoint devices. For operational reasons, IPv6 cannot be disabled on these new endpoint devices. Which security measure prevents the new endpoint from learning an IPv6 prefix from an attacker?

（A）Source Guard and Prefix Guard

（B）Router Advertisement Guard

（C）Prefix Guard

（D）Secure Neighbor Discovery

正解：B 解答を投票する

質問 6

When planning their cloud migration journey what is crucial for virtually all organizations to perform?

（A）SASE framework deployment

（B）optimizing the WAN environment

（C）RPO and RTO calculations duration planning

（D）assessment of current infrastructure

正解：D 解答を投票する

質問 7

A network architect in an enterprise is designing a network policy for certain database applications. The goal of the policy is to allow these applications to access the internet directly, whereas other user and network applications that communicate with systems or users outside their own network must be routed through the data center. The focus is on achieving higher availability and a better user experience for the database applications, but switching between different network paths based on performance characteristics must be supported.
Which solution meets these requirements?

（A）Cloud onRamp for SaaS

（B）MPLS L3VPN with QoS

（C）Cloud onRamp for laaS

（D）MPLS direct connect

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

Which two actions minimize the impact of the trusted NMS polling your network, such as high CPU utilization on network devices and network instability? (Choose two.)

（A）Implement SNMP community restrictions that are associated with an ACL

（B）Increase the SNMP process priority

（C）Prevent polling of large tables through the use of SNMP OID restnctions

（D）Disable unused 01 Ds and MIBs on the NMS systems

（E）Unload unused MIBs from the network devices

正解：A、C 解答を投票する

質問 9

Refer to the exhibit.

Refer to the exhibit A service provider has a requirement to use Ethernet OAM to detect end-to-end connectivity failures between SP-SW1 and SP- SW2 Which two ways to design this solution are true? (Choose two)

（A）Forward E-LMI PDUs over VPLS

（B）Use upward maintenance endpoints on the SP switches

（C）Enable unicast heartbeat messages to be periodically exchanged between MEPs

（D）Enable Connectivity Fault Management on the SP switches

（E）Forward LLD PDUs over the VPLS

正解：B、D 解答を投票する

質問 10

A network attacker exploits application flaws to compromise critical systems in the organization with these objectives:
* Obtain sensitive data and export the data out of the network.
* Compromise developer and administrator credentials to potentially
What is the next step after application discovery is completed in Zero Trust networkings

（A）Establish visibility and behavior modeling

（B）Enforce policies and microsegmentation.

（C）Assess real-time security health.

（D）Ensure trustworthiness of systems.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

Which tool automates network implementation activities and shortens the implementation lifecycle?

（A）LISP

（B）Conclusion

（C）Python

（D）Java

正解：C 解答を投票する

質問 12

An enterprise network has two core routers that connect to 200 distribution routers and uses full-mesh IBGP peering between these routers as its routing method. The distribution routers are experiencing high CPU utilization due to the BGP process. Which design solution is the most cost effective?

（A）Increase the memory on the distribution routers

（B）Increase the memory on the core routers

（C）Implement e BGP between the core and distribution routers

（D）Increase bandwidth between the core routers

（E）Implement route reflectors on the two core routers

正解：E 解答を投票する

400-007 無料問題集「Cisco Certified Design Expert (CCDE v3.0) Written」

弊社を連絡する

関連リンク

トップ試験