Free Cisco 300-420 Test Practice Test Questions Exam Dumps
Prepare Top Cisco 300-420 Exam Audio Study Guide Practice Questions Edition
How can you evaluating the CCNP Enterprise, Cisco 300-420 - Enterprise Design Exam
Below is the analysis you need to consider for the Cisco 300-420 Exam
Cisco 300-420 Exam - Get Our Style Guide When You don't have a chance to explore the entire page
The CCNP Enterprise certification is designed to test the ability of a network expert to implement and maintain modern core business network technologies. The CCNP Enterprise core exam validates a prospect's understanding of infrastructure, virtualization, security, and automation; Creation of wired and wireless corporate networks VM, Virtual Switch, and Hypervisor Configuration, Chassis L2, L3, and Wireless Component Installation and Repair, Configure and confirm security attributes for wired and wireless infrastructures, Automate tasks with Python, REMAINDER API, and orchestration tools.
Cisco 300-420 Exam Topics:
| Section | Weight | Objectives |
|---|---|---|
| Advanced Enterprise Campus Networks | 25% | - Design campus networks for high availability
-Design campus Layer 2 infrastructures
-Design multicampus Layer 3 infrastructures
-Describe SD-Access Architecture (underlay, overlay, control and data plane, automation, wireless, and security) |
| Advanced Addressing and Routing Solutions | 25% | -Create structured addressing plans for IPv4 and IPv6 -Create stable, secure, and scalable routing designs for IS-IS -Create stable, secure, and scalable routing designs for EIGRP -Create stable, secure, and scalable routing designs for OSPF -Create stable, secure, and scalable routing designs for BGP
-Determine IPv6 migration strategies
|
| Network Services | 20% | -Select appropriate QoS strategies to meet customer requirements (DiffServ, IntServ) -Design end-to-end QoS policies
-Design network management techniques
-Describe multicast routing concepts (source trees, shared trees, RPF, rendezvous points) |
| WAN for Enterprise Networks | 20% | -Compare WAN connectivity options
-Design site-to-site VPN
-Design high availability for enterprise WAN
-Describe Cisco SD-WAN Architecture (orchestration plane, management plane, control plane, data plane, on-boarding and provisioning, security) |
The Cisco 300-420 exam is one of the requirements for the CCNP Enterprise certificate. Since candidates can choose their certification path according to their area of interest, those aiming to design Cisco enterprise networks should choose to take 300-420 test for sure. It validates one's ability to successfully handle different networks, perform advanced routing and addressing, work with WAN, ensure security, and many more.
NEW QUESTION 17 
Refer to the exhibit. All routers currently reside in OSPF area 0. The network manager recently used R1 and R2 as aggregation routers for remote branch locations and R3 and R4 for aggregation routers for remote office locations. The network has since been suffering from outages, which are causing frequent SPF runs. To enhance stability and introduce areas to the OSPF network with the minimal number of ABRs possible, which two solutions should the network manager recommend? (Choose two.)
- A. a new OSPF area for R1 and R2 connections, with R5 and R6 as ABRs
- B. a new OSPF area for R1, R2, R3, and R4 connections, with R1, R2, R3, and R4 as ABRs
- C. a newOSPFarea for R3andR4connections,with R5 and R6as ABRs
- D. a newOSPFarea for R3andR4connections,with R3 and R4as ABRs
- E. a newOSPFarea for R1andR2connections,with R1 and R2as ABRs
Answer: A,C
NEW QUESTION 18
Which type of rendezvous point deployment is standards-based and supports dynamic RP discovery?
- A. Auto-RP
- B. Anycast-RP
- C. bootstrap router
- D. static RP
Answer: C
NEW QUESTION 19
What are two valid scaling techniques when an EIGRP network is designed that consists of more than 1000 routers? (Choose two.)
- A. Modify delay parameters on the links
- B. Use the distribute-list command to filter routes
- C. Use structured hierarchical topology with route summarization
- D. Implement multiple EIGRP autonomous systems
- E. Used sub-second timers
Answer: C,D
Explanation:
Section: Advanced Addressing and Routing Solutions
NEW QUESTION 20
An engineer must design a VPN solution for a company that has multiple branches connecting to a main office.
What are two advantages of using DMVPN instead of IPsec tunnels to accomplish this task? (Choose two.)
- A. support for AES 256-bit encryption
- B. greater scalability
- C. dynamic spoke-to-spoke tunnels
- D. lower traffic overhead
- E. support for anycast gateway
Answer: B,C
Explanation:
Section: WAN for Enterprise Networks
NEW QUESTION 21
Refer to the exhibit.
EIGRP has been configured on all links. The spoke nodes have been configured as EIGRP stubs, and the WAN links to R3 have higher bandwidth and lower delay than the links to R4. When a link failure occurs at the R1-R2 link, what happens to traffic on R1 that is destined for a subnet attached to R2?
- A. R1 load-balances across the paths through R3 and R4 to reach R2
- B. R1 has no route to R2 and drops the traffic
- C. R1 forwards the traffic to R3 in order to reach R2
- D. R1 forwards the traffic to R3, but R3 drops the traffic
Answer: C
NEW QUESTION 22
A client is moving to Model-Driven Telemetry and requires periodic updates. What must the network architect consider with this design?
- A. Periodic updates include a full copy of the data that is subscribed to.
- B. Updates that contain changes within the data are sent only when changes occur.
- C. Empty data subscriptions do not generate empty update notifications.
- D. The primary push update is sent immediately and cannot be delayed.
Answer: A
Explanation:
Explanation
Periodic updates contain a full copy of the subscribed data element or table for all supported transport protocols
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/166/b_166_programmability_cg/model_d
NEW QUESTION 23
An architect must develop a campus network solution that includes:
logically segmented and isolated networks
ability to communicate between network segments when required
support for overlapping IP addresses
widely available technologies to avoid purchasing specialized equipment Which solution must the architect select?
- A. VRF-Lite with OSPF
- B. VSS with IGP
- C. 802.1Q with HSRP
- D. vPC with HSRP
Answer: A
NEW QUESTION 24
Which OSPF area blocks LSA Type 3, 4 and 5, but allows a default summary route?
- A. stub
- B. totally stubby
- C. normal
- D. NSSA
Answer: B
NEW QUESTION 25 
Refer to the exhibit. AS65533 and AS65530 are announcing a partial Internet routing table as well as their IP subnets. An architect must create a design that ensures AS64512 become a transit AS. Which filtering solution must the architect choose?
- A. Maximum-prefix
- B. No-advertise
- C. No Export
- D. Next-hop
Answer: A
NEW QUESTION 26
Which routes does the overlay management protocol advertise in an SD-WAN overlay?
- A. primary, backup, and load-balanced
- B. Internet, MPLS, and backup
- C. underlay, MPLS, and overlay
- D. prefix, TLOC, and service
Answer: D
Explanation:
Explanation/Reference:
NEW QUESTION 27
Which feature is required for graceful restart to recover from a processor failure?
- A. Cisco Express Forwarding
- B. Stateful Switchover
- C. Bidirectional Forwarding Detection
- D. Virtual Switch System
Answer: B
Explanation:
Explanation
https://archive.nanog.org/meetings/nanog42/presentations/Weissner_SSO.pdf The Stateful Switchover (SSO) feature works with Nonstop Forwarding (NSF) in Cisco software to minimize the amount of time a network is unavailable to its users following a switchover. The primary objective of SSO is to improve the availability of networks constructed with Cisco routers.
NEW QUESTION 28
Which feature is required for graceful restart to recover from a processor failure?
- A. Cisco Express Forwarding
- B. Stateful Switchover
- C. Bidirectional Forwarding Detection
- D. Virtual Switch System
Answer: B
Explanation:
https://archive.nanog.org/meetings/nanog42/presentations/Weissner_SSO.pdf
NEW QUESTION 29
Which feature is required for graceful restart to recover from a processor failure?
- A. Cisco Express Forwarding
- B. Bidirectional Forwarding Detection
- C. Stateful Switchover
- D. Virtual Switch System
Answer: A
Explanation:
Section: Advanced Enterprise Campus Networks
NEW QUESTION 30
An engineer must propose a QoS architecture model that allows an application to inform the network of its traffic profile and to request a particular type of service to support its bandwidth and delay requirements. The application requires consistent and dedicated bandwidth end to end. Which QoS architecture model meets these requirements?
- A. LLQ
- B. IntServ
- C. WRED
- D. DiffServ
Answer: B
Explanation:
Explanation/Reference:
NEW QUESTION 31 
Refer to the exhibit. The connection between SW2 and SW3 is fiber and occasionally experiences unidirectional link failure. An architect must optimize the network to reduce the change of layer2 forwarding loops when the link fails. Which solution should the architect include?
- A. Utilize 8PDU filter on SW3.
- B. Utilize loop guard on SW2
- C. Utilize BPDU guard on SW1
- D. Utilize root guard on SW1.
Answer: B
NEW QUESTION 32
An infrastructure team is concerned about the shared memory utilization of a device, and for this reason, they need to monitor the device state. Which solution limits impact on the device and provides the required data?
- A. on-change subscription
- B. static telemetry
- C. periodic subscription
- D. IPFIX
Answer: A
Explanation:
Explanation
There are two types of subscriptions: periodic and on-change. With periodic subscription, data is streamed out to the destination at the configured interval. It continuously sends data for the lifetime of that subscription.
With on-change, data is published only when a change in the data occurs such as when an interface or OSPF neighbor goes down.
https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide/streaming-telemetry
NEW QUESTION 33
Which command is needed to enable DHCP snooping if a switchport is connected to a DHCP server?
- A. ip dhcp snooping information
- B. ip dhcp snooping trust
- C. ip dhcp snooping
- D. ip dhcp trust
Answer: B
Explanation:
When configuring DHCP snooping, follow these guidelines:
DHCP snooping is not active until you enable the feature on at least one VLAN, and enable DHCP globally on the switch.
Before globally enabling DHCP snooping on the switch, make sure that the devices acting as the DHCP server and the DHCP relay agent are configured and enabled.
If a Layer 2 LAN port is connected to a DHCP server, configure the port as trusted by entering the "ip dhcp snooping trust" interface configuration command.
If a Layer 2 LAN port is connected to a DHCP client, configure the port as untrusted by entering the no ip dhcp snooping trust interface configuration command.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/ book/snoodhcp.html
NEW QUESTION 34
You have executed the following commands on switchA:
What is the result of executing the given commands? (Choose two.)
- A. The key for the RADIUS server is firstKey111
- B. Only the listed RADIUS server is used for authentication
- C. 802.1X authentication is enabled on the Fa0/1 interface only
- D. AAA is not enabled on the switch
Answer: A,B
Explanation:
A default list is used for the RADIUS server for authentication and the key for the RADIUS server is firstKey111. A RADIUS server combines the authentication and authorization processes. Before you configure the RADIUS server, you should enable AAA by using the aaa new-model command in the global configuration mode. Then, you can specify the location of the RADIUS server and the key using the radius-server host command. In this case, the RADIUS server is located at the IP address 192.168.105.67 and requires the key firstKey111 as the encryption key. This key must be mutually agreed upon by the server and the clients.
The aaa authentication dot1x default group radius command creates a method list for 802.1X authentication.
The default group radius keywords specify that the default method will be to use all listed RADIUS servers to authenticate clients. Since only one is listed, it will be the only one used.
It is incorrect to state that 802.1X authentication is enabled on the Fa0/1 interface only. The interface range Fa
0/1 - 11 and the dot1x port-control auto commands specify that 802.1X authentication is enabled on the interfaces Fa0/1 to Fa0/11.
It is incorrect to stat that AAA is not enabled on the switch. The aaa new-model command enables AAA globally on the switch.
Objective:
Infrastructure Security
Sub-Objective:
Describe device security using Cisco IOS AAA with TACACS+ and RADIUS
References:
Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide, 12.2(31)SG > Configuring 802.1X Port- Based Authentication Cisco IOS LAN Switching Command Reference (PDF)
NEW QUESTION 35
Drag and drop the characteristics from the left onto the YANG modules they describe on the right. Not all options are used.
Answer:
Explanation:
NEW QUESTION 36 
Refer to the exhibit. An architect must design an IP addressing scheme for a multisite network connected via a WAN transit. The campus site must accommodate 12,000 devices and the branch sites must accommodate
1,000 devices. Which address scheme optimizes network device resources, contains convergence events to the different blocks of the network, and ensures future growth of the network?
* * Campus: 10.0.0.0/18
* Branch1: 10.0.192.0/21
* Branch2: 10.0.200.0/21
* * Campus: 10.0.0.0/16
* Branchi: 10.255.0.0/20
* Branch2: 10.255.16.0/20
* * Campus: 10.0.0.0/10
* Branch1: 10.64.0.0/10
* Branch2: 10.128.0.0/10
* * Campus: 10.0.0.0/20
- A. Branch1: 10.0.64.0/21
- B. Branch2: 10.0.128.0/21
Answer: A
NEW QUESTION 37
An engineer is working with NETCONF and Cisco NX-OS based devices. The engineer needs a YANG model that supports a specific feature relevant only to Cisco NX-OS. Which model must the engineer choose?
- A. IETF
- B. Native
- C. IEEE
- D. OpenConfig
Answer: A
NEW QUESTION 38
DRAG DROP
Drag and drop the characteristics from the left onto the correct telemetry mode on the right.
Select and Place:
Answer:
Explanation:
Explanation:
In a dial-in mode, the destination initiates a session to the router and subscribes to data to be streamed. Dial-in mode is supported over gRPC in only 64-bit platforms In a dial-out mode, the router initiates a session to the destinations based on the subscription. All 64-bit IOS XR platforms (except for NCS 6000 series routers) support gRPC and TCP protocols. All 32-bit IOS XR platforms support only TCP.
Reference:
https://www.cisco.com/c/en/us/td/docs/iosxr/asr9000/telemetry/b-telemetry-cg-asr9000-61x/b-telemetry-cg- asr9000-61x_chapter_010.html#id_36445
NEW QUESTION 39
Drag and drop the characteristics from the left onto the Yang model they describe on the right.
Select and Place:
Answer:
Explanation:
NEW QUESTION 40
Which of the following features does GLBP provide, but not HSRP and VRRP? (Choose all that apply.)
- A. Support for single active router
- B. Support for automatic load balancing
- C. Support for interface tracking
- D. Support for multiple gateways
Answer: B,D
Explanation:
Support for automatic load balancing and support for multiple gateways are two features that are provided by Gateway Load Balancing Protocol (GLBP) but not by Hot Standby Routing Protocol (HSRP) or Virtual Router Redundancy Protocol (VRRP).
GLBP, HSRP, and VRRP provide a redundant and fault-tolerant solution in case of first-hop router failure in a network. The basic operation of these three protocols is the same. In all three protocols, a group of routers on the same LAN is formed. One of the routers is selected as the active router and another as the standby router.
The router with the highest priority is automatically selected as the active router. If the active router fails, the standby router assumes the responsibilities of the active router. The role of the active router is to forward the packets from the hosts to the virtual router (default gateway).
GLBP provides automatic load balancing between multiple routers by configuring multiple MAC addresses but a single virtual IP address. Every active virtual forwarder (AVF) in the group is configured with the virtual IP address but with different MAC addresses. All such AVFs can then participate in the packet-forwarding process. Multiple gateways then can share the load. On the contrary, HSRP and VRRP do not support automatic load balancing. Both these protocols require additional configuration on all the routers that need to load balance. The additional configuration involves using multiple groups on the routers or assignment of different default gateways for the hosts.
Note that GLBP and VRRP are supported by both Cisco and non-Cisco routers, whereas, HSRP is supported only by Cisco routers.
Single active router and interface tracking both are supported by GLBP, HSRP, and VRRP.
Objective:
Infrastructure Services
Sub-Objective:
Configure and verify first-hop redundancy protocols
References:
Home > End-of-Sale and End-of-Life Products > Cisco IOS Software Releases 12.2.T > Product Literature > White Papers > GLBP Gateway Load Balancing Protocol > Information About Gateway Load Balancing Protocol Home > Support > Technology Support > IP > IP Application Services > Design > Design Technotes > Hot Standby Router Protocol Features and Functionality > HSRP Background and Operations > HSRP Operation
NEW QUESTION 41
......
Go to 300-420 Questions - Try 300-420 dumps pdf: https://pdftorrent.dumpexams.com/300-420-vce-torrent.html