Printable of 352-001 free practice test materials and free demo for Cisco certification for IT professionals, Real Success Guaranteed with Updated 352-001 pdf dumps vce Materials. 100% PASS CCDE Written Exam exam Today!
2021 Jun 352-001 Study Guide Questions:
Q141. A network designer has provisioned a router to use IPsec to encrypt the traffic over a GRE tunnel going to a web server at a remote location. From the router, the network designer can ping the web server, although the users in the office comment that they are unable to reach it. (Note: The DF bit is not set.) Which aspect should be changed in the design of the virtual connection?
A. IP addresses of the GRE tunnel endpoints
B. IPsec configuration
C. MTU size on the GRE tunnel
D. encapsulation of the GRE tunnel
Q142. Which mechanism provides a Layer 2 fault isolation between data centers?
C. advanced VPLS
E. fabric path
Q143. A data center provider has designed a network using these requirements:
Two data center sites are connected to the public Internet.
Both data centers are connected to different Internet providers.
Both data centers are also directly connected with a private connection for the internal traffic, and public Internet traffic can also be routed at this direct connection.
The data center provider has only one /19 public IP address block.
Under normal conditions, Internet traffic should be routed directly to the data center where the services are located. When one Internet connection fails, the complete traffic for both data centers should be routed by using the remaining Internet connection. In which two ways can this routing be achieved? (Choose two.)
A. The data center provider must have an additional public IP address block for this routing.
B. One /20 block is used for the first data center and the second /20 block is used for the second data center. The /20 block from the local data center is sent out with a low BGP weight and the /20 block from the remote data center is sent out with a higher BGP weight at both sites.
C. One /20 block is used for the first data center and the second /20 block is used for the second data center. The /20 block from the local data center is sent out without path prepending and the /20 block from the remote data center is sent out with path prepending at both sites.
D. One /20 block is used for the first data center and the second /20 block is used for the second data center. Each /20 block is only sent out locally. The /19 block is sent out at both Internet connections for the backup case to reroute the traffic through the remaining Internet connection.
E. One /20 block is used for the first data center and the second /20 block is used for the second data center. The /20 block from the local data center is sent out with a low BGP local preference and the /20 block from the remote data center is sent out with a higher BGP local preference at both sites.
F. BGP will always load-balance the traffic to both data center sites.
Up to date oracal 352-001:
Q144. What are three key design principles when using a classic hierarchical network model? (Choose three.)
A. The core layer controls access to resources for security.
B. The core layer should be configured with minimal complexity.
C. The core layer is designed first, followed by the distribution layer and then the access layer.
D. A hierarchical network design model aids fault isolation.
E. The core layer provides server access in a small campus.
F. A hierarchical network design facilitates changes.
Q145. You have been tasked with designing a data center interconnect to provide business continuity. You want to encrypt the traffic over the DCI using IEEE 802.1AE MACsec to prevent the deployment of any firewall or IPS. Which two interconnect technologies support MACsec? (Choose two.)
B. MPLS Layer 3 VPN
F. GET VPN
Q146. A company is planning to deploy high-availability cluster support for their servers in a collapsed core data center design. Which issue should be a concern with this design?
A. NIC teaming
B. MAC address aging
C. Layer 3 domain sizing
D. Layer 2 domain sizing
High value balluff bis m-352-001-s115:
Q147. A Mobile Service Provider would like to design and deploy an Ethernet service which has similar physical link failover/failback characteristics on the active/backup links as the APS/MSP SONET properties. Which Layer 2 services should be considered to address this design feature?
C. Flex Link
D. Ethernet Pseudowires
Q148. An MPLS service provider is offering a standard EoMPLS-based VPLS service to Customer A, providing Layer 2 connectivity between a central site and approximately 100 remote sites. Customer A wants to use the VPLS network to carry its internal multicast video feeds, which are sourced at the central site and consist of 20 groups at 5 Mb/s each. Which service provider recommendation is the most scalable?
A. EoMPLS-based VPLS already carries multicast traffic in a scalable manner.
B. Replicate the multicast traffic on the P routers.
C. Replace VPLS with a Layer 3 MVPN solution to carry the streams between sites.
D. Use GRE tunnels to carry the streams between sites.
Q149. Which three reasons to deploy an IDS sensor in promiscuous mode when you design a security solution are true? (Choose three.)
A. Solution should be resistant to sensor failure.
B. Solution should allow for stream normalization.
C. Solution should not impact jitter and latency for voice traffic.
D. Solution should allow for signature-based pattern matching.
E. Solution should allow to deny packets inline.
Q150. You have been asked to establish a design that will allow your company to migrate from a WAN service to a Layer 3 VPN service. In your design, you are keeping some WAN links between critical sites as a backup for this service. You plan to use OSPF as your IGP and BGP for the PE-CE protocol. When the Layer 3 VPN service is available, how will you prevent transit traffic over the backup links?
A. Redistribute routes at the CE as external type 1.
B. Redistribute routes at the CE as external type 2.
C. Use conditional advertisement only when the Layer 3 service is down.
D. Manually turn off the backdoor link when the Layer 3 service is up.
see more 352-001 dumps