Most Up-to-date 300-415 Exam Guide For Implementing Cisco SD-WAN Solutions (ENSDWI) Certification

NEW QUESTION 1
Which action is performed during the onboarding process when a WAN Edge router is connected to ZTP server ztp.viptela com?

• A. The router is connected to WAN Edge Cloud Center
• B. The router is synced with vSmart Controller via an IPsec tunnel
• C. The router receives its vBond Orchestrator information
• D. The router is connected 10 vSmart Controller via a DTLSTLS tunnel

Answer: C

NEW QUESTION 2
Which component of the Cisco SD-WAN control plane architecture should be located in a public Internet address space and facilitates NAT-traversal?

• A. vBond
• B. WAN Edge
• C. vSmart
• D. vManage

Answer: A

NEW QUESTION 3
Which two mechanisms are used to guarantee the integrity of data packets in the Cisco SD-WAN architecture data plane? {Choose two)

• A. transport locations
• B. authentication headers
• C. certificates
• D. TPM chip
• E. encapsulation security payload

Answer: BE

Explanation:
https://sdwan-docs.cisco.com/Product_Documentation/Software_Features/Release_18.4/Security/01Security_Ov

NEW QUESTION 4
What is the procedure to upgrade all Cisco SD-WAN devices to a recent version?

• A. The upgrade is performed for a group of WAN Edge devices first to ensure data-plabe availability when other controllers are updated.
• B. The upgrade is performed first on vManage, then on WAN Edge devices, then on vBond and finally on vSmart The reboot must start from WAN Edge devices.
• C. Upgrade and reboot are performed first on vManage then on vBond then on vSmar
• D. and finally on the Cisco WAN Edge devices.
• E. Upgrade and reboot are performed first on vBon
• F. then on vSmar
• G. and finally on the Cisco WAN Edge devices.

Answer: C

NEW QUESTION 5
In which VPN is the NAT operation on an outgoing interface configured for direct Interne! access?

• A. 1
• B. 10
• C. 512

Answer: D

NEW QUESTION 6
What is a benefit of the application-aware firewall?

• A. It blocks traffic by MAC address
• B. It blocks traffic by MTU of the packet.
• C. It blocks traffic by application.
• D. It blocks encrypted traffic

Answer: C

NEW QUESTION 7
Refer to the exhibit.

An engineer is configuring service chaining. Which set of configurations is required for all traffic from Site ID 1 going toward Site ID 2 to get filtered through the firewall on the hub site?
A)

B)

C)

D)

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer: B

Explanation:
https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/policies/vedge/policies-book/service-chainin

NEW QUESTION 8
An administrator is configuring the severity level on the vManage NMS for events that indicate that an action must be taken immediately. Which severity level must be configured?

• A. warning
• B. error
• C. critical
• D. alert

Answer: D

Explanation:

NEW QUESTION 9
Drag and drop the devices from the left onto the correct functions on the right.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 10
A vEdge platform is sending VRRP advertisement messages every 10 seconds. Which value configures the router back to the default timer?

• A. 2 seconds
• B. 3 seconds
• C. 1 second
• D. 5 seconds

Answer: C

NEW QUESTION 11
Refer to the exhibit

The network team must configure application-aware routing for the Service VPN 50.0.0.0/16
The SLA must prefer MPLS for video traffic but the remaining traffic must use a public network What must be defined other than applications before the application-aware policy is create?

• A. SLA Class, Site VP
• B. Prefix
• C. Data Prefix, Site VPN TLOC
• D. Application, SLA VP
• E. Prefix
• F. Color, SLA Class, Sue, VPN

Answer: A

NEW QUESTION 12
How are custom application ports monitored in Cisco SD-WAN controllers?

• A. Customers add custom application ports in vAnalytics and vManage.
• B. Customers add custom application ports in vAnalytics and vSmart.
• C. Cisco adds custom application ports In vAnalytics and vManage.
• D. Cisco adds custom application ports In vAnalytics and vSmart.

Answer: A

NEW QUESTION 13
Drag and drop the definitions from the left to the configuration on the right.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 14
An engineer creates this data policy for DIA for VPN 10:

Which policy sequence enables DIA for external networks?

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer: C

NEW QUESTION 15
Which two features does the application firewall provide? (Choose two.)

• A. classification of 1400+ layer 7 applications
• B. blocks traffic by application or application-family
• C. numbered sequences of match-action pairs
• D. classification of 1000+ layer 4 applications
• E. application match parameters

Answer: AB

Explanation:

NEW QUESTION 16
An engineer is troubleshooting a certificate issue on vEdge. Which command is used to verify the validity of the certificates?

• A. show control local-properties
• B. show control summary
• C. show certificate installed
• D. show certificate status

Answer: A

NEW QUESTION 17
How many concurrent sessions does a vManage REST API have before it invalidates the least recently used session if the maximum concurrent session number is reached?

• A. 150
• B. 200
• C. 250
• D. 300

Answer: A

NEW QUESTION 18
How must the application-aware enterprise firewall policies be applied within the same WAN Edge router?

• A. within and between zones
• B. between two VPN tunnels
• C. within zone pair
• D. between two VRFs

Answer: C

NEW QUESTION 19
......