marks4sure logo
Refer to the exhibit. Which configuration extends the INET interface on R1 to be used by R2 for control and data connections?
A)
B)
C)
Which scheduling method is configured by default for the eight queues in the cloud vEdge router1?
When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?
Refer to the exhibit. A network administrator is setting the queueing value for voice traffic for one of the WAN Edge routers using vManager GUI. Which queue value must be set to accomplish this task?
Which alarm setting is configured to monitor serious events that affect but do not shut down, the operation of a network function?
What are two benefits of installing Cisco SD-WAN controllers on cloud-hosted services? (Choose two.)
Which protocol is used between redundant vSmart controllers to establish a permanent communication channel?
How should the IP addresses be assigned for all members of a Cisco vManage cluster located in the same data center?
A network administrator configures SNMPv3 on a Cisco WAN Edge router from CLI for monitoring purposes How many characters are supported by the snmp user
A network engineer must configure all branches to communicate with each other through the Service Chain Firewall located at the headquarters site. Which configuration allows the engineer to accomplish this task?
A)
B)
C)
D)
A company deploys a Cisco SD-WAN solution but has an unstable Internet connection. When the link to vSmart comes back up, the WAN Edge router routing table is not refreshed, and some traffic to the destination network is dropped. The headquarters is the hub site, and it continuously adds new sites to the SD-WAN network. An engineer must configure route refresh between WAN Edge and vSmart within 2 minutes. Which configuration meets this requirement?
An application team is getting ready to deploy a new business-critical application to the network. To protect the traffic, the network team must add another queue to the QoS map and then deploy the map to fabric Which configuration slop must be completed prior to adding the queue to the QoS map and applying If
Which two advanced security features are available on the Cisco SD-WAN WAN Edge (vEdge) device? (Choose two.)
Refer to the exhibit.
An engineer is troubleshooting a control connection Issue. What does "connect" mean in this how control connections output?
Which feature builds transport redundancy by using the cross link between two redundant WAN Edge routers?
Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?
Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?
Refer to the exhibit.
Which configuration change is needed to configure the tloc-extention on Branch1-Edge1?
What is a requirement for a WAN Edge to reach vManage, vBond, and vSmart controllers in a data center?
Which service VPN must be reachable from all WAN Edge devices and the controllers?
Refer to the exhibit vManage and vBond have an issue establishing a connection with each other Which action resolves the issue?
Refer to the exhibit.
Which command-line configuration on a WAN Edge device achieves these results?
A)
B)
C)
D)
Refer to the exhibit.
A network administrator is configuring OMP in vManage to advertise all the paths for the same prefix from a site that has two WAN Edge devices Each WAN Edge device is connected to three ISPs and two private MPLS transports. What is the minimum value for 'Number of Paths advertised per Prefix" that should be configured?
What is the default value for the Multiplier field of the BFD basic configuration in vManage?
Which cloud based component in cisco SD-WAN is responsible for establishing a secure connection to each WAN edge router and distributes routers and policy information via omp?
Drag and drop the alarm slates from the left onto the corresponding alarm descriptions on the right.
Customer has two branch silos with overlapping IPs How must the data policy be configured to establish communication between the sites and server to avoid overlapping?
A)
B)
C)
D)
An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?
Which timer specifies information in the cache after all OMP sessions are lost at location S0123T4E56F78?
Which SD-WAN component is configured to enforce a policy to redirect branch-to-branch traffic toward a network service such as a firewall or IPS?
In Cisco SD-WAN, what protocol is used for control connections between SD-WAN devices?
An enterprise deployed a Cisco SD-WAN solution with hub-and-spoke topology using MPLS as the preferred network over the Internet. A network engineer must implement an application-aware routing policy to allow ICMP traffic to be load-balanced over both the available links. Which configuration meets the requirement?
A)
B)
C)
D)
In the Cisco SD_WAN solution, vSmart controller is responsible for which two actions? (Choose two.)
In an AWS cloud, which feature provision WAN Edge routers automatically in Cisco SD-WAN?
Which configuration defines the groups of interest before creation of the access list or route map?
A)
B)
C)
D.
An administrator must configure an ACL for traffic coming in from the service-side VPN on a specific WAN device with circuit ID 391897770. Which policy must be used to configure this ACL?
Refer to the exhibit.
An MPLS connection on R2 must extend to R1 Users behind R1 must have dual connectivity for data traffic Which configuration provides R1 control connectivity over the MPLS connection?
A)
B)
C)
D)
Refer to the exhibit. A Cisco SD-WAN network carries traffic for several departments and over 1200 users with several applications at site A and site B branches over the MPLS1 circuit. An engineer is provisioning a higher bandwidth on-demand metro circuit as a backup connection. Which two configurations must the engineer apply to implement the on-demand tunnels? (Choose two.)
B. 
C. 
D. 
E. 
A customer has 1 to 100 service VPNs and wants to restrict outbound updates for VPN1 Which control policy configuration restricts these updates?
A)
B)
C)
D)
Which OSPF command makes the WAN Edge router a less preferred exit from a site with a dual WAN Edge design?
A)
B)
C)
D)
Refer to the exhibit The Cisco SD-WAN network is configured with a default full-mesh topology. Islamabad HQ and Islamabad WAN Edges must be used as the hub sites. Hub sites MPLS TLOC must be preferred when forwarding FTP traffic based on a configured SLA class list. Which policy configuration does the network engineer use to call the SLA class and set the preferred color to MPLS?
Which two mechanisms are used by vManage to ensure that the certificate serial number of the WAN Edge router that is needed to authenticate is listed in the WAN Edge Authorized Señal Number Hst’ (Choose two)
An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?
Which command displays BFD session summary information per TLOC on vEdge routers?
Which component of the Cisco SD-WAN control plane architecture should be located in a public Internet address space and facilitates NAT-traversal?
Refer to the exhibit Which configuration sets up direct Internet access for VPN 1?
A customer is receiving routes via OMP from vSmart controller for a specific VPN. The customer must provide access to the W2 loopback received via OMP to the OSPF neighbor on the service-side VPN, which configuration fulfils these requirements?
Which queue must an engineer configure for control and BFD traffic for convergence on a WAN Edge router?
An engineer must configure two branch WAN Edge devices where an Internet connection is available and the controllers are in the headquarters. The requirement is to have IPsec VPN tunnels established between the same colors. Which configuration meets the requirement on both WAN Edge devices?
Refer to the exhibit Which configuration must the engineer use to form underlay connectivity for the Cisco SD-WAN network?
A)
B)
C)
D)
Which component is used for stateful inspection of TCP, UDP. and ICMP flows in Cisco SD-WAN firewall policies?
An engineer is configuring the branch office with a 172.16.0.0/16 subnet to use DIA for Internet traffic. All other traffic must flow to the central site or branches using the MPLS circuit Which configuration meets the requirement?
A)
B)
C)
D)
Refer to the exhibit Which command allows traffic through the IPsec tunnel configured in VPN 0?
An engineer is configuring a data policy IPv4 prefixes for a site WAN edge device on a site with edge devices. How is this policy added using the policy configuration wizard?
An engineer is adding a tenant with location JD 306432373 in vManage. What is the maximum number of alphanumeric characters that are accepted in the tenant name field?
An engineering team must prepare a traffic engineering policy where an MPLS circuit is preferred for traffic coming from the Admin VLAN Internet should be used as a backup only. Which configuration fulfill this requirement?
A)
B)
C)
D)
On which device is a service FW address configured to Insert firewall service at the hub?
Refer to the exhibit.
What binding is created using the tloc-extension command?
An engineer must configure the SD-WAN Edge router to identify DSCP 26 traffic coming from the router's local site and then change the DSCP value to DSCP 18 before sending it over to the SD-WAN fabric. What are the two ways to create the required configuration? (Choose two).
An engineer wants to track tunnel characteristics within an SLA-based policy for convergence. Which policy configuration will achieve this goal?
Which feature delivers traffic to the Cisco Umbrella SIG cloud from a Cisco SD-WAN domain?
An engineer configures Rome WAN Edge 10 use MPLS cloud as the preferred link to reach Paris WAN Edge and use biz-internet as a backup. Which policy configuration must be led in the outbound direction toward Rome to accomplish the task?
A)
B)
C)
D)
Refer to the exhibit. An enterprise decides to use the Cisco SD-WAN Cloud onRamp for SaaS feature and utilize H.Q site Biz iNET to reach SaaS Cloud for branch C. currently reaching SaaS Cloud directly. Which role must be assigned to devices at both sites in vManage Cloud Express for this solution to work?
A Cisco SD-WAN customer has a requirement to calculate the SHA value for files as they pass through the device to see the returned disposition and determine if the file is good, unknown or malicious. The customer also wants to perform real-time traffic analysis and generate alerts when threats are detected Which two Cisco SD-WAN solutions meet the requirements? (Choose two.)
Which destination UDP port is used by WAN Edge router to make a DTLS connection with vBond Orchestrator?
Which type of connection is created between a host VNet and a transit VNet when configuring Cloud OnRamp for laaS?
Drag and drop the steps from the left into the order on the right to upload software on vManage repository that is accessible from maintenance > Software Repository.
Which command on a WAN Edge device displays the information about the colors present in the fabric that are learned from vSmart via OMP?
Which VPNs must be configured outside the workflow to complete the SD-WAN overlay setup when using the Quick Connect workflow?
Which pathway under Monitor > Network > Select Device is used to verify service insertion configuration?
Configure individual VRFs for each customer according to the topology to achieve these goals :
R1
R2
SW1
SW2
SW3
Which encryption algorithm secures binding exchanges Between Cisco TrustSec SXP peers?
Drag and drop the Cisco SD-WAN components from the left onto their functions on the right.
Refer to the exhibit. The ge0/0 interface connects to a 30-MB link. A network administrator wants to always have 10 MB available for high priority traffic. When lower-priority traffic busts exceed 20 MB. Traffic should be redirected to the second WAN interface ge0/1. Which set of configurations accomplishes this task?
A)
B)
C)
D)
Refer to the exhibit.
vManage and vBond have an issue establishing a connection to each other. Which configuration resolves the issue?
Drag and drop the security terminologies from the left onto the PCI-compliant network features and devices on the right.
How must the application-aware enterprise firewall policies be applied within the same WAN Edge router?
An engineer configured a data policy called ROME-POLICY. Which configuration allows traffic flow from the Rome internal network toward other sites?
Refer to the exhibit An engineer must configure a QoS policy between me hub and site A (spoke) over a standard internet circuit where traffic shaping is adjusted automatically based on evaiiabk» bandwidth Which configuration meets the requirement?
Which routes are similar to the IP route advertisements when the routing information of WAN Edge routers is learned from the local site and local routing protocols?
An engineer must deploy a QoS policy with these requirements:
• policy name: App-police
• police rate: 1000000
• burst: 1000000
• exceed: drop
Which configuration meets the requirements?
Refer to the exhibit The engineering must assign tags to 3 Of its 74 server networks as soon as they are advertised to peers These server network must not be advertised AS which configuration fulfil the requirement?
A)
B)
C)
D)
A customer has MPLS and Internet as the TLOC colors An engineer must configure conlroJIers with the Internet and not with MPLS Which configuration achieves this requirement on vManage?
A)
B)
C)
D)
Refer to the exhibit. vManage logs are available for the past few months. A device name change deployed mistakenly at a critical site. How is the device name change tracked by operation and design teams?
A)
B)
C)
A network administrator is configuring a centralized control policy based on match action pairs for multiple conditions, which order must be configured to prefer Prefix List over TLOC and TLOC over Origin?
An engineer is configuring a data policy for packets that must be captured through the policy. Which command accomplishes this task?
Which type of lists are used to group related items via an application-aware routing policy under the policy lists command hierarchy on vSmart controllers?
An engineer is configuring a WAN Edge router for DIA based on matching QoS parameters. Which two actions accomplish this task? (Choose two.)
Drag and drop the actions from the left into the correct sequence on the right to create a data policy to direct traffic to the Internet exit.
Refer to exhibit. An engineer is troubleshooting tear of control connection even though a valid CertificateSerialNumber is entered. Which two actions resolve Issue? (Choose two)
An engineer is applying QoS policy for the transport-side tunnel interfaces to enable scheduling and shaping for a WAN Edge cloud router Which command accomplishes the task?
A network administrator is configuring Qos on a vEdge 5000 router and needs to enable it on the transport side interface. Which policy setting must be selected to accomplish this goal?
Refer to exhibit.
An engineer is troubleshooting tear down of control connections even though a valid Certificate Serial Number is entered Which two actions resolve the Issue? (Choose two)
Refer to the exhibit Which configuration ensures that OSPF routes learned from Site2 are reachable at Sitel and vice-versa?
Which pathway under Monitor > Network > Select Device is used to verify service insertion configuration?
Drag and drop the attributes from the left that make each transport location unique onto the right. Not all options are used.
Refer to the exhibit.
Which QoS treatment results from this configuration after the access list acl-guest is applied inbound on the vpn1 interface?
The SD-WAN network is configured with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use the MPLS TLOC when forwarding Telnet traffic based on a configured SLA class list. Which configured must the engineer use to create a policy to call the SLA class and set the preferred color to MPLS?
A)
B)
C)
D)
Which VPN connects the transport-side WAN Edge interface to the underlay/WAN network?
Drag and drop the devices from the left onto the correct functions on the right.
TESTED 01 May 2025
