300-415 Implementing Cisco SD-WAN Solutions (300-415 ENSDWI) Questions and Answers

Drag and drop the steps from the left into the order on the right to delete a software image for a WAN Edge router starting with Maintenance > Software Upgrade > Device list on vManage.

How many cloud gateway instance(s) can be created per region when provisioning Cloud OnRamp for Multicloud from AWS in a multiregion environment?

Which on-the-box security feature supported by the Cisco ISR 4451 SD-WAN device and not on vEdge?

Which SD-WAN component allows an administrator to manage and store software images for SD-WAN network elements?

Drag and drop the alarm slates from the left onto the corresponding alarm descriptions on the right.

What two functions describe the TCP optimization tool used in the Cisco SD-WAN? (Choose two.)

A policy is created to influence routing in the network using a group of prefixes. What policy application will achieve this goal when applied to a site list?

What does forward error correction addresses in Cisco SO-WAN?

Which Cisco SD-WAN WAN Edge platform supports LTE and Wi-Fi?

Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?

Which issue triggers the Cisco Umbrella resolver to toward DNS requests to the intelligent proxy?

How must the application-aware enterprise firewall policies be applied within the same WAN Edge router?

A network administrator is creating an OMP feature template from the vManage GUI to be applied to WAN edge routers. Which configuration attribute will avoid the redistribution of the routes back into the OMP from the LAN side?

What is the default value for the number of paths advertised per prefix in the OMP feature template?

Refer to the exhibit.

An engineer is configuring service chaining. Which set of configurations is required for all traffic from Site ID 1 going toward Site ID 2 to get filtered through the firewall on the hub site?

A)

B)

C)

D)

Which platform is a Cisco SD-WAN virtual platform?

Which two architectural components are part of an SD-WAN high availability vManage cluster? (Choose two.)

What is the advantage of instating the controller on-premises?

An organization requires the use of integrated preventative engines, exploit protection, and the most updated and advanced signature-based antivirus with sandboxing and threat intelligence to stop malicious attachments before they reach users and get executed. Which Cisco SD-WAN solution meets the requirements?

Which Cisco SD-WAN feature propagates packets with SGTs through the network?

Refer to the exhibit Which configuration must the engineer use to form underlay connectivity for the Cisco SD-WAN network?

A)

B)

C)

D)

A vEdge platform is sending VRRP advertisement messages every 10 seconds. Which value configures the router back to the default timer?

Refer to the exhibit.

Which configuration change is needed to configure the tloc-extention on Branch1-Edge1?

Which configuration allows users to reach YouTube from a local Internet breakout?

A)

B)

C)

D)

An engineer is configuring a WAN Edge router for DIA based on matching QoS parameters. Which two actions accomplish this task? (Choose two.)

Refer to the exhibit vManage and vBond have an issue establishing a connection with each other Which action resolves the issue?

What is the order of operations for software upgrades of Cisco SD-WAN nodes'?

Drag and drop the components from the left onto the corresponding Cisco NFV infrastructure Building Blocks on the right. Not all options are used.

Which two criteria ate supported to filter traffic on a Cisco Umbrella Cloud-delivered firewall? (Choose two )

Which protocol Is used by the REST API to communicate with network services in the Cisco SO-WAN network?

Which protocol is used to measure loss latency, Jitter, and liveliness of the tunnel between WAN Edge router peers?

For data plane resiliency, what does the Cisco SD-WAN software implement?

An engineer is applying QoS policy for the transport-side tunnel interfaces to enable scheduling and shaping for a WAN Edge cloud router Which command accomplishes the task?

Where on vManage does an engineer find the details of control node failure?

Refer to the exhibit Which configuration ensures that OSPF routes learned from Site2 are reachable at Sitel and vice-versa?

Which device information is required on PNP/ZTP to support the zero-touch onboarding process?

Which OMP route is selected for equal OMP route preference values on WAN Edge routers?

Which two virtualized environments are available for a company to install the controllers using the on-premises model? (Choose two )

Refer to the exhibit The network team must configure ElGRP peering at HQ with devices in the service VPN connected to WAN Edge CSRv. CSRv is currently configured with

Which configuration on the WAN Edge meets the requiremnet

A)

B)

C)

D)

An engineer is configuring a list that matches all IP prefixes with lengths from /1 to /16 in a centralized control policy. Which list accomplishes this task?

Which cloud based component in cisco SD-WAN is responsible for establishing a secure connection to each WAN edge router and distributes routers and policy information via omp?

A network administrator configures SNMPv3 on a Cisco WAN Edge router from CLI for monitoring purposes How many characters are supported by the snmp user <username> command?

Refer to the exhibit An engineer is configuring a QoS policy to shape traffic for VLAN 100 on a subinterface Which policy configuration accomplishes the task?

A)

B)

C)

D)

An engineer is configuring a data policy for IPv4 prefixes for a single WAN Edge device on a site with multiple WAN Edge devices How is this policy added using the policy configuration wizard?

Which control policy assigned to Drenches in the out direction establishes a strict hub-and-spoke topology tor VPN2?

A)

B)

C)

D)

Drag and drop the vManage policy configuration procedures from the left onto the correct definitions on the right.

Which Cisco SD-WAN component the initial communication between WAN Edge devices to join the fabric?

A large retail organization decided to move some of the branch applications to the AWS cloud. How does the network architect extend the in-house Cisco SD-WAN branch to cloud network into AWS?

What is the minimum Red Hat Enterprise Linux operating system requirement for a Cisco SD-WAN controller deployment via KVM?

Which attributes are configured to uniquely Identify and represent a TLOC route?

A network engineer sets tags in OMP for routes that were originated in the Service VPN. Which monitoring tab must be used to verify tags on the next hop?

Refer to the exhibit Which configuration sets up direct Internet access for VPN 1?

An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?

Which two image formats are supported for controller codes? (Choose two.)

Refer to the exhibit.

Which two configurations are needed to get the WAN Edges registered with the controllers when certificates are used? (Choose two)

What is the default value (in milliseconds) set tor the poll interval in the BFD basic configuration?

A network administrator is tasked to make sure that an OMP peer session is closed after missing three consecutive keepalive messages in 3 minutes. Additionally, route updates must be sent every minute. If a WAN Edge router becomes unavailable, the peer must use last known information to forward packets for 12 hours. Which set of configuration commands accomplishes this task?

An engineer wants to change the configuration of the certificate authorization mode from manual to automated. Which GUI selection will accomplish this?

Which component of the Cisco SD-WAN secure extensible network provides a single pane of glass approach to network monitoring and configuration?

In which Cisco SD-WAN deployment scenario does Cisco Umbrella SIG deliver the most value?

What is a benefit of using REST APIs?

Refer to the exhibit.

A customer wants to implement primary and secondary Cisco SD-WAN overlay routing for prefixes that are advertised for both data centers. The east data center (TLOC 101.101.101.101) is primary for east sites, and the west data center (TLOC 100.100.100.100) is primary for west sites. Which configuration change achieves this objective?

How is an event monitored and reported for an individual device in the overlay network at site ID:S4300T6E43F36?

Refer to the exhibit. A network administrator is configuring OSPF advanced configuration parameters from a template using the vManager GUI for a branch WAN Edge router to calculate the cost of summary routes to an ASBR. Which action achieves this configuration?

How is the software managed in Cisco SD-WAN?

Which encryption algorithm secures binding exchanges Between Cisco TrustSec SXP peers?

Which two algorithms authenticate a user when configuring SNMPv3 monitoring on a WAN Edge router? (Choose two.)

What must an engineer conewef when decoying an SD-WAN on-pfemlses architecture based on ESXi hypervisor?

An engineer provisions a WAN Edge router. Which command should be used from the WAN Edge router to activate it with vManage?

Which value of the IPsec rekey timer must be set by the engineer for an OMP graceful restart value set for 24 hours?

Refer to the exhibit Which command allows traffic through the IPsec tunnel configured in VPN 0?

Which value is verified in the certificates to confirm the identity of the physical WAN Edge device?

Refer to the exhibit. The ge0/0 interface connects to a 30-MB link. A network administrator wants to always have 10 MB available for high priority traffic. When lower-priority traffic busts exceed 20 MB. Traffic should be redirected to the second WAN interface ge0/1. Which set of configurations accomplishes this task?

A)

B)

C)

D)

How does the Cisco SD-WAN Cloud OnRamp solution rate the performance of a SaaS application from a branch office to the cloud via a given path?

In an AWS cloud, which feature provision WAN Edge routers automatically in Cisco SD-WAN?

What is the default value for the Multiplier field of the BFD basic configuration in vManage?

An engineer builds a three-node vManage cluster and then realizes that multiple nodes are unnecessary for the size of the company. How should the engineer revert the setup to a single vManage?

Drag and drop the steps from the left Into the order on the right to delete a software image for a WAN Edge router starting with Maintenance > Software Upgrade > Device list on vManage.

A network administrator is configuring an application-aware firewall between inside zones to an outside zone on a WAN edge router using vManage GUI. What kind of Inspection is performed when the ‘’inspect’’ action is used?

The SD-WAN network is configured with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use the MPLS TLOC when forwarding Telnet traffic based on a configured SLA class list. Which configured must the engineer use to create a policy to call the SLA class and set the preferred color to MPLS?

A)

B)

C)

D)

Which Cisco SD-WAN configuration provides the advantages of day-zero deployment and reusable configuration components?

After deploying Cisco SD-WAN the company realized that by default, all sites built direct IPsec VPN tunnels to each other In their previous topology all spoke sites used the head office as their next hop for the LAN segment that belongs to network 40.0.0.0/16 The company wants to deploy its previous policy, which allows the 40.0.0.0/16 network that originates at the hub to advertise to the spokes. Which configuration meets the requirement'?

A)

B)

C)

D)

Which component is responsible for creating and maintaining the secure DTLS/TLS connection on the vSmart controller?

Which vBond system configuration under VPN 0 allows for a routable public IP address even if the DNS name, hostname, or IP address of the vBond orchestrator are omitted?

An engineer must configure the SD-WAN Edge router to identify DSCP 26 traffic coming from the router's local site and then change the DSCP value to DSCP 18 before sending it over to the SD-WAN fabric. What are the two ways to create the required configuration? (Choose two).

Refer to the exhibit.

The network team must configure branch B WAN Edge device 103 to establish dynamic full-mesh IPsec tunnels between all colors with branches over MPLS and Internet circuits. The branch ts configured with:

Which configuration meets the requirement?

A)

B)

C)

D)

Which device information is requited on PNP/ZTP to support the zero-touch onboarding process?

Drag and drop the attributes from the left that make each transport location unique onto the right. Not all options are used.

An engineer must automate certificate signing through Cisco. Which vManage configuration achieves this task?

A)

B)

C)

D)

An engineer is adding a tenant with location ID 399533345 in vManage. What is the maximum number of alphanumeric characters that is accepted in the tenant name filed?

How many vManage NMSs should be installed in each domain to achieve scalability and redundancy?

Which queue must an engineer configure for control and BFD traffic for convergence on a WAN Edge router?

Refer to the exhibit.

An engineer configured OMP with an overlay-as of 10666. What is the AS-PATH for prefix 104.104.104.104/32 on R100?

An engineer must use data prefixes to configure centralized data policies using the vManage policy configuration wizard. What is the first step to accomplish this task?

Refer to the exhibit.

What does the BFD value of 8 represent?

Which controller is used for provisioning and configuration in a Cisco SD-WAN solution?

Refer to the exhibit. Which configuration stops Netconf CLI logging on WAN Edge devices during migration?

Exhibit.

The SD-WAN network is configured with a default full-mash topology. An engineer wants Barcelona and Paris to communicate to each other through the London site using a control Which control policy configuration accomplishes the task?

A)

B)

C)

D)

A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the master device. What must be configured to get the fastest failover to standby?

Which component is used to optimize the multicast distribution tree enabled through the multicast network?

An engineer must configure local redundancy on a site. Which configuration accomplish this task?

A company is using Catalyst SD-WAN Manager as its root certificate authority server and must generate a root certificate using the vShell (Linux) built into the CLI of Catalyst SD-WAN Manager. Which command must be issued to generate the root certificate?

Refer to the exhibit. The Cisco SD-VYAN is deployed using the default topology. The engineer v/ants to configure a service insertion policy such that all data traffic between Rome to Paris is forwarded through the NGFW located in London. Which configuration fulfills this requirement, assuming that the Sen/ice VPN ID is 1?

A)

B)

C)

D)

Which policy configures an application-aware routing policy under Configuration > Policies?

An engineering team must prepare a traffic engineering policy where an MPLS circuit is preferred for traffic coming from the Admin VLAN Internet should be used as a backup only. Which configuration fulfill this requirement?

A)

B)

C)

D)

Refer to the exhibit. An administrator is configuring a policy in addition to an existing hub-and-spoke policy for two sites that should directly communicate with each other. How is this policy configured?

Refer to the exhibit.

The SD-WAN network is configured with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use MPLS TLOC as the preferred TLOC when communicating with Rome site. Which configuration must the engineer use to create a list to select MPLS color toward the Rome TLOC?

A)

B)

C)

D)

Drag and drop the functions from the left onto the correct templates on the right.

How is lhe software managed in Cisco SD-WAN?

Drag and drop the Cisco SD-WAN components from the left onto their functions on the right.

An engineer creates this data policy for DIA for VPN 10:

Which policy sequence enables DIA for external networks?

An application team is getting ready to deploy a new business-critical application to the network. To protect the traffic, the network team must add another queue to the QoS map and then deploy the map to fabric Which configuration slop must be completed prior to adding the queue to the QoS map and applying If

An engineer is modifying an existing data policy for VPN 115 to meet these additional requirements:

When browsing government websites, the traffic must use direct internet access.

The source address of the traffic leaving the site toward the government websites must be set to an IP range associated with the country itself, a particular TLOC.

The policy configuration is as follows:

Which policy sequence meets the requirements without interfering with other destinations?

A Cisco SD-WAN customer has a requirement to calculate the SHA value for files as they pass through the device to see the returned disposition and determine if the file is good, unknown or malicious. The customer also wants to perform real-time traffic analysis and generate alerts when threats are detected Which two Cisco SD-WAN solutions meet the requirements? (Choose two.)

Refer to the exhibit. An engineer configures a hub-and-spoke SD-WAN topology with the requirement that traffic from router A branch to router B branch is guaranteed to flow through the network hub, router C. Which configuration meets the requirement for router A?

A company deploys a Cisco SD-WAN solution but has an unstable Internet connection. When the link to vSmart comes back up, the WAN Edge router routing table is not refreshed, and some traffic to the destination network is dropped. The headquarters is the hub site, and it continuously adds new sites to the SD-WAN network. An engineer must configure route refresh between WAN Edge and vSmart within 2 minutes. Which configuration meets this requirement?

Which command disables the logging of syslog messages to the local disk?

In Cisco SD-WAN, what protocol is used for control connections between SD-WAN devices?

Which TLOC color is used for site-to-site communication in a Google Cloud integration with Cisco SD-WAN?

Refer to the exhibit Which NAT types must the engineer configure for the vEdge router to bring up the data plane tunnels?

How is TLOC defined?

Which logs verify when a device was upgraded?

If Smart Account Sync is not used, which Cisco SD-WAN component is used to upload an authorized serial number file?

Which policy tracks path characteristics such as loss, latency, and jitter in vManage?

Which two platforms for the Cisco SD-WAN architecture are deployable in a hypervisor on-premises or in IAAS Cloud? (Choose two.)

The branch users of an organization must be prevented from accessing malicious destinations, and the local files on users' systems must be protected from malware. Which two Cisco products must the organization deploy? (Choose two.)

Refer to the exhibit. Which configuration ensures that OSPP routes learned from Site2 are reachable at Stein and vice-versa?

Which two REST API functions are performed for Cisco devices in an overlay network? (Choose two)

An enterprise has several sites with multiple VPNs that are isolated from each other A new requirement came where users in VPN 73 must be able to talk to users in VPN 50 Which configuration meets this requirement?

WAN Edge routers are configured manually to use UDP port offset to use nondefault offset values when IPsec tunnels are created. What is the offse range?

An engineer must configure two branch WAN Edge devices where an Internet connection is available and the controllers are in the headquarters. The requirement is to have IPsec VPN tunnels established between the same colors. Which configuration meets the requirement on both WAN Edge devices?