[2025-November-New]Braindump2go 300-420 Exam Dumps PDF Free[Q1-Q80]

2025/November Latest Braindump2go 300-420 Exam Dumps with PDF and VCE Free Updated Today! Following are some new Braindump2go 300-420 Real Exam Questions!

QUESTION 1
Which routes does the overlay management protocol advertise in an SD-WAN overlay?

A. underlay, MPLS, and overlay
B. primary, backup, and load-balanced
C. prefix, TLOC, and service
D. Internet, MPLS, and backup

Answer: C

QUESTION 2
A network solution is being designed for a company that connects to multiple Internet service providers. Which Cisco proprietary BGP path attribute will influence outbound traffic flow?

A. Local Preference
B. MED
C. Weight
D. AS Path
E. Community

Answer: C
Explanation:
Weight is Cisco proprietary and is the first decision of all path attributes to influence outbound traffic on a singular router. Weight is non-transitive and will only influence routes as they leave that device.

QUESTION 3
Refer to the exhibit. EIGRP has been configured on all links. The spoke nodes have been configured as EIGRP stubs, and the WAN links to R3 have higher bandwidth and lower delay than the links to R4.
When a link failure occurs at the R1-R2 link, what happens to traffic on R1 that is destined for a subnet attached to R2?

A. R1 has no route to R2 and drops the traffic
B. R1 load-balances across the paths through R3 and R4 to reach R2
C. R1 forwards the traffic to R3, but R3 drops the traffic
D. R1 forwards the traffic to R3 in order to reach R2

Answer: A
Explanation:
As spoke router, only connected and summary route are communicated with neighboors.
Stub router only advertise Connected and Summary – it will not re-advertise route.
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15-mt-book/ire-eigrp-stub-rtg.html

QUESTION 4
A company is using OSPF between its HQ location and a branch office. HQ is assigned area 0 and the branch office is assigned area 1.
The company purchases a second branch office, but due to circuit delays to HQ, it decides to connect the new branch office to the creating branch office as a temporary measure.
The new branch office is assigned area 2.
Which OSPF configuration enables all three locations to exchange routes?

A. The existing branch office must be configured as a stub area
B. A virtual link must be configured between the new branch office and HQ
C. A sham link must be configured between the new branch office and HQ
D. The new branch office must be configured as a stub area

Answer: B
Explanation:
Area 0 must connect to all other areas. When the network design goes against that practice we have to use virtual links to configure the connecting area as a transit area.

QUESTION 5
An engineer must design a multicast network for a financial application.
Most of the multicast sources also receive multicast traffic (many-to-many deployment model).
To better scale routing tables, the design must not use source trees.
Which multicast protocol satisfies these requirements?

A. PIM-SSM
B. PIM-SM
C. MSDP
D. BIDIR-PIM

Answer: D
Explanation:
BIDIR-PIM is designed to be used for many-to-many applications within individual PIM domains. Multicast groups in bidirectional PIM mode can scale to an arbitrary number of sources without incurring overhead due to the number of sources.
https://www.cisco.com/c/dam/en/us/products/collateral/ios-nx-os-software/multicast-enterprise/prod_white_paper0900aecd80310db2.pdf

QUESTION 6
An engineer is working for a large cable TV provider that requires multiple sources streaming video on different channels using multicast with no rendezvous point.
Which multicast protocol meets these requirements?

A. PIM-SM
B. PIM-SSM
C. any-source multicast
D. BIDIR-PIM

Answer: B
Explanation:
PIM-SSM is suitable for when well-known sources exist within the local PIM domain and for broadcast applications. Also, PIM-SSM eliminates the RPs and shared trees.

QUESTION 7
What are two valid scaling techniques when an EIGRP network is designed that consists of more than 1000 routers? (Choose two.)

A. Use structured hierarchical topology with route summarization
B. Used sub-second timers
C. Use the distribute-list command to filter routes
D. Modify delay parameters on the links
E. Implement multiple EIGRP autonomous systems

Answer: AE

QUESTION 8
A customer with an IPv4 only network topology wants to enable IPv6 connectivity while preserving the IPv4 topology services.
The customer plans to migrate IPv4 services to the IPv6 topology, then decommission the IPv4 topology.
Which topology supports these requirements?

A. dual stack
B. 6VPE
C. 6to4
D. NAT64

Answer: A

QUESTION 9
A company with multiple service providers wants to speed up BGP convergence time in the event a failure occurs with their primary link.
Which approach achieves this goal and does not impact router CPU utilization?

A. Utilize BFD and tune the multiplier to 50
B. Lower the BGP hello interval
C. Decrease the BGP keepalive timer
D. Utilize BFD and keep the default BGP timers

Answer: D
Explanation:
The issue is to speed up BGP convergence time in the event a FAILURE occurs and keep the CPU utilisation low – then BFD is the solution.

QUESTION 10
An engineer is working with NETCONF and Cisco NX-OS based devices.
The engineer needs a YANG model that supports a specific feature relevant only to Cisco NX-OS.
Which model must the engineer choose?

A. Native
B. IEEE
C. OpenConfig
D. IETF

Answer: A
Explanation:
NXOS has a comprehensive number of both native and open YANG models, that allow you to manage the rich feature-set that NXOS provides. Data models provide a structured and well-defined base that facilitates programmatic interaction with NXOS devices. The list of supported models includes native, OpenConfig and IETF models. In addition, YANG provides a modeling language optimized for network devices and with a growing number of tools and utilities. OpenConfig and IETF are vendor agnostic models, that abstract the detailed configuration across OSs and platforms.

QUESTION 11
When designing interdomain multicast, which two protocols are deployed to achieve communication between multicast sources and receivers? (Choose two.)

A. IGMPv2
B. BIDIR-PIM
C. MP-BGP
D. MSDP
E. MLD

Answer: CD
Explanation:
MSDP (Multicast interdomain discovery protocol) should exchange routing information using BGP.

QUESTION 12
A branch office has a primary L3VPN MPLS connection back to the main office and an IPSEC VPN tunnel that serves as backup.
Which design ensures that data is sent over the backup connection only if the primary MPLS circuit is down?

A. Use EIGRP to establish a neighbor relationship with the main office via L3VPN MPLS and the IPSEC VPN tunnel.
B. Use BGP with the multipath feature enabled to force traffic via the primary path when available.
C. Use static routes tied to an IP SLA to prefer the primary path while a floating static route points to the backup connection.
D. Use OSPF with a passive-interface command on the backup connection.

Answer: C
Explanation:
Floating static routes are static routes that are used to provide a backup path to a primary static or dynamic route, in the event of a link failure.

QUESTION 13
Company A recently acquired another company. Users of the newly acquired company must be able to access a server that exists on Company A’s network, both companies use overlapping IP address ranges.
Which action conserves IP address space and provides access to the server?

A. Use a single IP address to create overload NAT
B. Use a single IP address to create a static NAT entry
C. Build one-to-one NAT translation for every user that needs access
D. Re-IP overlapping address space in the acquired company

Answer: B
Explanation:
You wouldn’t create a NAT to convert every single user from the newly acquired company into one IP address in the other existing company. You would create a static NAT for traffic destined to the server at the network boundary between the 2 companies. Traffic destined to the server from the newly acquired company would be NAT’d to the server IP in Company A.

QUESTION 14
In an SD-WAN architecture, which methods are used to bootstrap a vEdge router?

A. DHCP options or manual configuration
B. vManage or DNS records
C. ZTP or manual configuration
D. DNS records or DHCP options

Answer: C
Explanation:
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/SDWAN/sd-wan-wan-edge-onboarding-deploy-guide-2020jan.pdf

QUESTION 15
Which two statements about VRRP advertisements are true? (Choose two.)

A. They are sent from the master router and standby routers.
B. They include VRRP timer information.
C. They are sent only from the master router.
D. They include priority information.
E. They are sent every three seconds by default.

Answer: CD
Explanation:
The virtual router master sends VRRP advertisements to other VRRP routers in the same group. The advertisements communicate the priority and state of the virtual router master. The VRRP advertisements are encapsulated in IP packets and sent to the IP Version 4 multicast address assigned to the VRRP group. The advertisements are sent every second by default.
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-3s/fhp-xe-3s-book/fhp-vrrp.html#GUID-F08F171E-D151-448B-B58C-D2ED17E11E9F

QUESTION 16
Which common issue causes intermittent DMVPN tunnel flaps?

A. a routing neighbor reachability issue
B. a suboptimal routing table
C. interface bandwidth congestion
D. that the GRE tunnel to hub router is not encrypted

Answer: A

QUESTION 17
Which two statements about VRRP object tracking are true? (Choose two)

A. The priority of a VRRP device can change in accordance with the up or down status of a VRRP object
B. The VRRP interface priority must be manually configured by the administrator
C. A VRRP group can track only one object at a time
D. VRRP can track the status of interfaces and routes
E. VRRP supports only interce tracking

Answer: AD

QUESTION 18
Which solution allows overlay VNs to communicate with each other in an SD-WAN Architecture?

A. External fusion routers can be used to map VNs to VRFs and selectively route traffic between VRFs.
B. GRE tunneling can be configured between fabric edges to connect one VN to another.
C. SGTs can be used to permit traffic from one VN to another.
D. Route leaking can be used on the fabric border nodes to inject routes from one VN to another.

Answer: A
Explanation:
A Fusion device enables Virtual routing and forwarding (VRF) leaking across SD-Access Fabric domains, and enables host connectivity to shared services, such as DHCP, DNS, NTP, ISE, Cisco DNA Center, Wireless LAN Controllers (WLC) and similar.

QUESTION 19
An engineer must design a VPN solution for a company that has multiple branches connecting to a main office. What are two advantages of using DMVPN instead of IPsec tunnels to accomplish this task? (Choose two.)

A. support for AES 256-bit encryption
B. greater scalability
C. support for anycast gateway
D. lower traffic overhead
E. dynamic spoke-to-spoke tunnels

Answer: BE
Explanation:
Greater scalability: DMVPN is a more scalable solution than IPsec tunnels. This is because DMVPN uses a hub-and-spoke topology, which allows for the easy addition or removal of spokes without having to reconfigure the entire network. IPsec tunnels, on the other hand, are point-to-point connections, which can be more difficult to scale.
Dynamic spoke-to-spoke tunnels: DMVPN supports dynamic spoke-to-spoke tunnels. This means that tunnels are only created between spokes when they need to communicate with each other. This can help to reduce traffic overhead and improve performance. IPsec tunnels, on the other hand, are static tunnels, which means that they are always up, even when they are not needed.

QUESTION 20
Which NETCONF operation creates filtering that is specific to the session notifications?

A. <create-subscription>
B. <commit>
C. <notification>
D. <logging>

Answer: A
Explanation:
https://community.cisco.com/kxiwq67737/attachments/kxiwq67737/5672j-docs-dev-nso/87/1/rfc5277.pdf

QUESTION 21
An enterprise customer has these requirements:
– end-to-end QoS for the business-critical applications and VoIP services based on CoS marking.
– flexibility to offer services such as IPv6 and multicast without any reliance on the service provider.
– support for full-mesh connectivity at Layer 2.
Which WAN connectivity option meets these requirements?

A. VPWS
B. MPLS VPN
C. DMVPN
D. VPLS

Answer: D
Explanation:
VPLS provides full mesh connectivity at Layer 2. Cos marking will be kept in the frames because it transits on layer 2 network.

QUESTION 22
What is a benefit of using VRRPv3 as compared to VRRPv2?

A. VRRPv3 supports IPv4 and IPv6
B. VRRPv3 supports authentication
C. VRRPv3 supports preemption
D. VRRPv3 supports stateful switchover

Answer: A
Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/15-e/fhp-15-e-book/VRRPv3-Protocol-Support.html

QUESTION 23
A customer is discussing QoS requirements with a network consultant. The customer has specified that endto-end path verification is a requirement. Which QoS solution meets this requirement?

A. IntServ model with RSVP to support the traffic flows
B. DiffServ model with PHB to support the traffic flows
C. marking traffic at the access layer with DSCP to support the traffic flows
D. marking traffic at the access layer with CoS to support the traffic flows

Answer: A
Explanation:
https://www.cisco.com/en/US/technologies/tk543/tk766/technologies_white_paper09186a00800a3e2f.html

QUESTION 24
Which nonproprietary mechanism can be used to automate rendezvous point distribution in a large PIM domain?

A. Embedded RP
B. BSR
C. Auto-RP
D. Static RP

Answer: B
Explanation:
https://networklessons.com/cisco/ccie-routing-switching/multicast-pim-bootstrap-bsr#:~:text=BSR%20(Bootstrap)%20is%20similar%20to,is%20a%20Cisco%20proprietary%20protocol.

QUESTION 25
Which two best practices must be followed when designing an out-of-band management network? (Choose two.)

A. Enforce access control
B. Facilitate network integration
C. Back up data using the management network
D. Ensure that the management network is a backup to the data network
E. Ensure network isolation

Answer: AE
Explanation:
An OOB management network should be deployed using the following best practices:
– Provide network isolation
– Enforce access control
– Prevent data traffic from transiting the management network

QUESTION 26
Refer to the exhibit. An engineer must optimize the traffic flow of the network.
Which change provides a more efficient design between the access and the distribution layer?

A. Add a link between access switch A and access switch B
B. Reconfigure the distribution switch A to become the HSRP Active
C. Change the link between distribution switch A and distribution switch B to be a routed link
D. Create an EtherChannel link between distribution switch A and distribution switch B

Answer: B

QUESTION 27
When a first hop redundancy solution is designed, which protocol ensures that load balancing occurs over multiple routers using a single virtual IP address and multiple virtual MAC addresses?

A. GLBP
B. IRDP
C. VRRP
D. HSRP

Answer: A

QUESTION 28
Which two routing protocols allow for unequal cost load balancing? (Choose two.)

A. EIGRP
B. IS-IS
C. BGP
D. OSPF
E. RIPng

Answer: AC
Explanation:
EIGRP supports unequal cost load balancing through a feature called Variance. Variance allows EIGRP to include routes in the routing table that have a higher metric than the minimum metric route, but within a specified multiple (the variance value). This allows traffic to be distributed across multiple paths with different costs, thereby providing unequal cost load balancing.
BGP also supports unequal cost load balancing, although it’s not as commonly used as in EIGRP. BGP can be configured to install multiple paths to a destination in the routing table and distribute traffic across these paths. This can be done using features like “Add-Path” or through careful configuration of BGP attributes such as weight, local preference, and MED (Multi-Exit Discriminator) to influence path selection and achieve load balancing across paths with different costs.

QUESTION 29
Which two steps can be taken to improve convergence in an OSPF network? (Choose two.)

A. Use Bidirectional Forwarding Detection
B. Merge all the areas into one backbone area
C. Tune OSPF parameters
D. Make all non-backbone areas stub areas
E. Span the same IP network across multiple areas.

Answer: AC
Explanation:
Network convergence is the time that is needed for the network to respond to events.
One of the significant factors in routing convergence is the detection of link or node failure (events).
This is where BFD comes in to play.
OSPF Timers
The default OSPF LSA propagation timers are quite conservative. Lowering the values of the timers that control OSPF LSA generation can significantly improve OSPF convergence times
https://www.ciscopress.com/articles/article.asp?p=1763921&seqNum=6

QUESTION 30
A network administrator is troubleshooting a DMVPN setup between the hub and the spoke. Which action should the administrator take before troubleshooting the IPsec configuration?

A. Verify the GRE tunnels.
B. Verify ISAKMP.
C. Verify NHRP.
D. Verify crypto maps.

Answer: A

QUESTION 31
Which two options can you use to configure an EIGRP stub router? (Choose two)

A. summary-only
B. receive-only
C. external
D. summary
E. totally-stubby
F. not-so-stubby

Answer: BD

QUESTION 32
At which layer does Cisco Express Forwarding use adjacency tables to populate addressing information?

A. Layer 4
B. Layer 2
C. Layer 1
D. Layer 3

Answer: B

QUESTION 33
Which design consideration should be observed when EIGRP is configured on Data Center switches?

A. Perform manual summarization on all Layer 3 interfaces to minimize the size of the routing table.
B. Prevent unnecessary EIGRP neighborships from forming across switch virtual interfaces.
C. Lower EIGRP hello and hold timers to their minimum settings to ensure rapid route reconvergence.
D. Configure multiple EIGRP autonomous systems to segment Data Center services and applications.

Answer: A
Explanation:
When EIGRP is used in the data center (DC), several design considerations are important. Because DCs will have many different services, networks, and applications, you should design for summarizing data center subnets, just as you would do in wide-area networking. Furthermore, it is a good idea to advertise a default route into the DC from the aggregation layer. This way, you do not have to advertise all global network routes into the DC.

QUESTION 34
Which design consideration must be made when using IPv6 overlay tunnels?

A. Overlay tunnels that connect isolated IPv6 networks can be considered a final IPv6 network architecture.
B. Overlay tunnels should only be considered as a transition technique toward a permanent solution.
C. Overlay tunnels can be configured only between border devices and require only the IPv6 protocol stack.
D. Overlay tunneling encapsulates IPv4 packets in IPv6 packets for delivery across an IPv6 infrastructure.

Answer: B
Explanation:
Overlay tunnels can be configured between border devices or between a border device and a host; however, both tunnel endpoints must support the IPv4 and IPv6 protocol stacks.
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/15-2mt/ipv6-15-2mt-book/ip6-tunnel.html

QUESTION 35
When a network is designed using IS-IS protocol, which two circuit types are supported? (Choose two.)

A. nonbroadcast multiaccess
B. multiaccess
C. point-to-multipoint
D. nonbroadcast
E. point-to-point

Answer: BE
Explanation:
In Intermediate System-to-Intermediate System (IS-IS) Protocol, there are two types of networks: point-to-point and broadcast. Unlike Open Shortest Path First (OSPF) Protocol, IS-IS does not have other network types like non-broadcast and point-to-multipoint.

QUESTION 36
What is an advantage of designing an out-of-band network management solution?

A. In the event of a production network outage, network devices can still be managed.
B. There is no separation between the production network and the management network.
C. In the event of a production network outage, it can be used as a backup network path.
D. It is less expensive than an in-band management solution

Answer: A

QUESTION 37
An engineer must propose a QoS architecture model that allows an application to inform the network of its traffic profile and to request a particular type of service to support its bandwidth and delay requirements.
The application requires consistent and dedicated bandwidth end to end. Which QoS architecture model meets these requirements?

A. DiffServ
B. LLQ
C. WRED
D. IntServ

Answer: D

QUESTION 38
Drag and Drop Question
Drag and drop the properties from the left onto the protocols they describe on the right.

Answer:

Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/166/b_166_programmability_cg/b_166_programmability_cg_chapter_01011.html
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/169/b_169_programmability_cg/ configuring_yang_datamodel.html

QUESTION 39
Drag and Drop Question
Drag and drop the characteristics from the left onto the correct telemetry mode on the right.

Answer:

Explanation:
In a dial-in mode, the destination initiates a session to the router and subscribes to data to be streamed.
Dialin mode is supported over gRPC in only 64-bit platforms In a dial-out mode, the router initiates a session to the destinations based on the subscription.
All 64-bit IOS XR platforms (except for NCS 6000 series routers) support gRPC and TCP protocols. All 32-bit IOS XR platforms support only TCP.
Reference:
https://www.cisco.com/c/en/us/td/docs/iosxr/asr9000/telemetry/b-telemetry-cg-asr9000-61x/b-telemetry-cgasr9000-61x_chapter_010.html#id_36445

QUESTION 40
Refer to the exhibit. Which solution decreases the EIGRP convergence time?

A. Enable subsecond timers
B. Increase the hold time value
C. Increase the dead timer value
D. Enable stub routing on the spokes

Answer: D
Explanation:
Query storms are eliminated, which saves bandwidth and CPU and allows the network to converge more quickly.
https://www.cisco.com/en/US/technologies/tk648/tk365/technologies_white_paper0900aecd8023df6f.html

QUESTION 41
A router running ISIS is showing high CPU and bandwidth utilization.
An engineer discovers that the router is configured as L1/L2 and has L1 and L2 neighbors.
Which step optimizes the design to address the issue?

A. Make this router a DIS for each of the interfaces
B. Disable the default behavior of advertising the default route on the L1/L2 router
C. Configure the router to be either L1 or L2
D. Configure each interface as either L1 or L2 circuit type

Answer: D
Explanation:
You have an IS-IS router that is performing both L1 and L2 routing and has both L1 and L2 neighbors. How would you optimize the router’s operation to conserve bandwidth and router resources?
Configure each interface as either L1 or L2 circuit type, depending on the type of adjacency needed out that interface. The command to do this is, at the interface configuration mode, isis circuit-type [level-1 | level-1-2 | level-2-only]. This prevents unnecessary hellos from being sent out interfaces, which uses bandwidth and router resources.
https://www.ciscopress.com/articles/article.asp?p=101756

QUESTION 42
A network engineer must connect two sites across a public network using a secure tunneling technology that supports multicast traffic. Which technology must be chosen?

A. IPsec
B. GRE
C. PPTP
D. GRE over IPsec

Answer: D

QUESTION 43
Which control-plane technology allows the same subnet to exist across multiple network locations?

A. LISP
B. VXLAN
C. FabricPath
D. ISE mobility services

Answer: A
Explanation:
VXLAN is a data plane technology – LISP is control plane related.
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html

QUESTION 44
Which two statements describe source trees in a multicast environment? (Choose two.)

A. Source trees guarantee the minimum amount of network latency for forwarding multicast traffic
B. Source trees create an optimal path between the source and the receivers
C. Source trees use a single common root placed at some chosen point in the network
D. Source trees can introduce latency in packet delivery
E. Source trees can create suboptimal paths between the source and the receivers

Answer: AB
Explanation:
Source trees have the advantage of creating the optimal path between the source and the receivers. This advantage guarantees the minimum amount of network latency for forwarding multicast traffic.

QUESTION 45
Which of the following are valid methods of VRRP authentication? (Choose three.)

A. SHA-124
B. SHA-254
C. No authentication
D. WAP
E. Plain text authentication
F. MD5

Answer: CEF

QUESTION 46
Which three basic types of SD-WAN deployments are out on the market? (Choose three.)

A. SD-WAN as-a-Service
B. secure SD-WAN service
C. internet-based SD-WAN
D. policy-based SD-WAN
E. managed service SD-WAN
F. MPLS-based

Answer: ACE

QUESTION 47
Which two statements about VRRP are true? (Choose two.)

A. Authentication commands must be entered under the interface.
B. It sends advertisements to multicast address 224.0.0.9.
C. It supports MD5 and IP sec authentication.
D. It can use an interface IP address as the virtual IP address.
E. It sends advertisements to multicast address 224.0.0.18.
F. It is a Cisco proprietary protocol.

Answer: DE

QUESTION 48
What following parameters for the EIGRP authentication need to match in order for EIGRP neighbors to establish a neighbor relationship?

A. Autonomous System number.
B. K-Values
C. If authentication is used both: the key number, the password, and the date/time.
D. The neighbors must be on common subnet (all IGPs follow this rule).

Answer: C

QUESTION 49
Which feature must be incorporated into the campus LAN design to enable Wake on LAN?

A. dynamic ARP Inspection Snooping on layer 2 devices
B. directed broadcasts on layer 3 devices
C. proxy ARP on layer 3 devices
D. DHCP Snooping on layer 2 devices

Answer: B
Explanation:
If you send WoL packets from remote networks, the routers must be configured to allow directed broadcasts.
https://www.cisco.com/c/en/us/support/docs/switches/catalyst-3750-series-switches/91672-catl3-wol-vlans.html

QUESTION 50
Which function are fabric intermediate nodes responsible for in an SD-Access Architecture?

A. mapping EIDs to RLOCs
B. encapsulating user traffic in a VXLAN header including the SGT
C. registering new endpoints in the HTDB
D. transporting IP packets between edge nodes and border nodes

Answer: D
Explanation:
Intermediate nodes are part of the Layer 3 network used for interconnections among the devices operating in a fabric role such as the interconnections between border nodes and edge nodes. These interconnections are created in the Global Routing Table on the devices and is also known as the underlay network.
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html#EdgeNode

QUESTION 51
An engineer is designing a QoS policy that queues excess packets for later transmission.
Which mechanism must be included in the design?

A. shaping
B. WRED
C. policing
D. RED

Answer: A
Explanation:
https://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.html

QUESTION 52
An organization is designing a detailed QoS plan that limits bandwidth to specific rates.
Which two parameters are supported be the traffic policing feature? (Choose two.)

A. violating
B. marking
C. shaping
D. bursting
E. conforming

Answer: AE
Explanation:
https://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.html
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_plcshp/configuration/xe-17/qos-plcshp-xe-17-book/qos-plcshp-trfc-plc.pdf

QUESTION 53
Which QoS feature responds to network congestion by dropping lower priority packets?

A. CBWFQ
B. tail drop
C. WRED
D. strict priority

Answer: C
Explanation:
WRED can selectively discard lower priority traffic when the interface begins to get congested and provide differentiated performance characteristics for different classes of service.
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conavd/configuration/15-mt/qos-conavd-15-mt-book/qos-conavd-oview.html#:~:text=WRED%20can%20selectively%20discard%20lower,for%20different%20classes%20of%20service.

QUESTION 54
Which two BGP features will result in successful route exchanges between eBGP neighbors sharing the same AS number? (Choose two.)

A. advertise-best-external
B. bestpath as-path ignore
C. client-to-client reflection
D. as-override
E. allow-as-in

Answer: DE

QUESTION 55
A company is running BGP on a single router, which has two connections to the same ISP. Which BGP feature ensures traffic is load balanced across the two links to the ISP?

A. Multihop
B. Multipath Load Sharing
C. Next-Hop Address Tracking
D. AS-Path Prepending

Answer: B
Explanation:
BGP Multipath Load Sharing for eBGP and iBGP allows you to configure multipath load balancing with both eBGP and iBGP paths in BGP networks that are configured to use MPLS.

QUESTION 56
What is the purpose of an edge node in an SD-Access network fabric?

A. Edge nodes identify and authenticate endpoints and register endpoint information with control plane nodes.
B. Edge nodes track endpoint IDs to location mappings, along with IPv4, IPv6, or MAC addresses.
C. Edge nodes are the gateway between the fabric domain and network outside of the fabric.
D. Edge nodes resolve lookup requests from edge and border nodes to locate destination endpoint IDs.

Answer: A

QUESTION 57
An engineer is working with NETCONF and Cisco NX-OS based devices.
The engineer needs a YANG model that supports a specific feature relevant only to Cisco NX-OS.
Which model must the engineer choose?

A. Native
B. IEEE
C. OpenConfig
D. IETF

Answer: A
Explanation:
NXOS has a comprehensive number of both native and open YANG models, that allow you to manage the rich feature-set that NXOS provides. Data models provide a structured and well-defined base that facilitates programmatic interaction with NXOS devices. The list of supported models includes native, OpenConfig and IETF models. In addition, YANG provides a modeling language optimized for network devices and with a growing number of tools and utilities. OpenConfig and IETF are vendor agnostic models, that abstract the detailed configuration across OSs and platforms.

QUESTION 58
Which OSPF area blocks LSA Type 3, 4 and 5, but allows a default summary route?

A. normal
B. stub
C. NSSA
D. totally stubby

Answer: D
Explanation:
A totally stubby area does not flood network summary LSAs (Type 3). It stifles Type 4 LSAs, as well. Like regular stub areas, totally stubby areas do not flood Type 5 LSAs. A totally stubby area sends just a single LSA for the default route.

QUESTION 59
Which two options are requirements for EIGRP authentication? (Choose two)

A. A crypto map must be configured.
B. The Authentication key must be configured under the interface running EIGRP.
C. The authentication key must be configured within the EIGRP routing configuration.
D. The authentication key IDs must match between two neighbors.
E. A separate key chain must be configured.
F. AN IPsec profile must be configured.

Answer: BD

QUESTION 60
A network engineer replaced a bad router with a spare, used router in an OSPF network. After the replacement, OSPF neighborship is not being established on one of the interfaces. Which two reasons cause this issue? (Choose two)

A. authentication mismatch
B. MTU mismatch
C. OSPF process numbers do not match on both neighbor routers
D. OSPF timers match
E. area numbers match

Answer: AB

QUESTION 61
You are implementing WAN access for an enterprise network while running applications that require a fully meshed network, which two design standards are appropriate for such an environment? (Choose two)

A. A centralized DMVPN solution to simplify connectivity for the enterprise
B. A dedicated WAN distribution layer to consolidate connectivity to remote sites
C. A collapsed core and distribution layer to minimize costs
D. Multiple MPLS VPN connections with static routing
E. Multiple MPLS VPN connections with dynamic routing

Answer: AE
Explanation:
DMVPN dynamically creates spoke-to-spoke tunnels, enabling a full mesh topology without manual configuration. This simplifies connectivity while maintaining scalability and flexibility.
MPLS VPNs natively support any-to-any connectivity, and dynamic routing protocols (e.g., BGP, OSPF) automate route propagation, ensuring efficient and scalable management of a fully meshed network.

QUESTION 62
Which consideration must be taken into account when using the DHCP relay feature in a Cisco SD-Access Architecture?

A. DHCP-relay must be enabled on fabric edge nodes to provide the correct mapping of DHCP scope to the local anycast gateway.
B. A DHCP server must be enabled on the border nodes to allow subnets to span multiple fabric edges.
C. DHCP servers must support Cisco SD-Access extensions to correctly assign IPs to endpoints in an SDAccess fabric with anycast gateway.
D. DHCP Option-82 must be enabled to map the circuit IP option to the access fabric node where the DHCP discover originated.

Answer: D
Explanation:
https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html#FabricDHCPOverviewandDesign

QUESTION 63
An engineer is looking for a standards-driven YANG model to manage a multivendor network environment.
Which model must the engineer choose?

A. Native
B. OpenConfig
C. IETF
D. IEEE NETCONF

Answer: B
Explanation:
OpenConfig is a vendor-neutral, community-driven initiative focused on developing consistent YANG data models for multivendor network environments. It aims to standardize configurations and operational state across different vendors, reducing fragmentation and ensuring interoperability.

QUESTION 64
What are two benefits of designing an SD-WAN network fabric with direct Internet access implemented at every site? (Choose two.)

A. It decreases latency to applications hosted by public cloud service provider.
B. It decreases latency on Internet circuits.
C. It increases the speed of delivery of site deployments through zero-touch provisioning.
D. It increases the total available bandwidth on Internet circuits.
E. It alleviates network traffic on MPLS circuits.

Answer: AE

QUESTION 65
An engineer is designing an enterprise campus network.
The LAN infrastructure consists of switches from multiple vendors, and Spanning Tree must be used as a Layer 2 loop prevention mechanism.
All configured VLANs must be grouped in two SIP instances.
Which standards-based Spanning Tree technology supports this design solution?

A. MSTP
B. RSTP
C. Rapid PVST
D. STP

Answer: A

QUESTION 66
What are three key concepts that apply when configuring the EIGRP stub routing feature in a hub and spoke network? (Choose three.)

A. A hub router prevents routes from being advertised to the remote router.
B. Only remote routers are configured as stubs.
C. Stub routers are not queried for routes.
D. Spoke routers connected to hub routers answer the route queries for the stub router.
E. A stub router should have only EIGRP hub routers as neighbors.
F. EIGRP stub routing should be used on hub routers only.

Answer: BCE

QUESTION 67
When vEdge router redundancy is designed, which FHRP is supported?

A. HSRP
B. OMP
C. GLBP
D. VRRP

Answer: D

QUESTION 68
Which feature is required for graceful restart to recover from a processor failure?

A. Cisco Express Forwarding
B. Virtual Switch System
C. Stateful Switchover
D. Bidirectional Forwarding Detection

Answer: C
Explanation:
Cisco Nonstop Forwarding (NSF) with Stateful Switchover (SSO) provides increased network service availability and protection against unplanned downtime due to hardware or software problems.
Cisco Nonstop Forwarding and Stateful Switchover are designed to be deployed together. NSF relies on SSO to ensure that links and interfaces remain up during switchover, and that lower layer protocol state is maintained. NSF is, however, configured separately and it is possible to enable SSO without NSF.
https://www.cisco.com/en/US/technologies/tk869/tk769/technologies_white_paper0900aecd801dc5e2.html

QUESTION 69
Which method will filter routes between EIGRP neighbors within the same autonomous system?

A. distribute-list
B. policy-based routing
C. leak-map
D. route tagging

Answer: A

QUESTION 70
An infrastructure team is concerned about the shared memory utilization of a device, and for this reason, they need to monitor the device state.
Which solution limits impact on the device and provides the required data?

A. IPFIX
B. static telemetry
C. on-change subscription
D. periodic subscription

Answer: C
Explanation:
There are two types of subscriptions: periodic and on-change. With periodic subscription, data is streamed out to the destination at the configured interval. It continuously sends data for the lifetime of that subscription. With on-change, data is published only when a change in the data occurs such as when an interface or OSPF neighbor goes down.
https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide/streaming-telemetry

QUESTION 71
What two features are benefits of using GRE tunnels with IPsec over using an IPsec tunnel alone in building-to-building site-to-site VPNs? (Choose two.)

A. allows dynamic routing securely over the tunnel
B. IKE keepalives are unidirectional and sent every ten seconds
C. reduces IPsec headers overhead since tunnel mode is used
D. supports non-IP traffic over the tunnel
E. uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configuration

Answer: AD

QUESTION 72
Which OSPF area prevent LSA type 4, LSA type 5? (Choose two)

A. Stub Area
B. Totally Stubby Area
C. Not-So-Stubby Area
D. Totally Not-So-Stubby Area

Answer: AB
Explanation:
Stub No Type 5 AS-external LSA allowed, accepts only 1,2,3 but no 4 totaly stubby No Type 3, 4 or 5 LSAs allowed except the default summary route NSS, accepts only 1,2 and route 0.0.0.0 NSSA No Type 5 AS-external LSAs allowed, but ABR converts type 7 to type 5. It accepts type 3 and 4 totaly NSSA No Type 3, 4 or 5 LSAs except the default summary route, but ABR converts type 7 to type 5.

QUESTION 73
What is one function of the vSmart controller in an SD-WAN deployment?

A. orchestrates vEdge and cEdge connectivity
B. responsible for the centralized control plane of the SD-WAN network
C. provides centralized network management and a GUI to monitor and operate the SD-WAN overlay
D. provides a data-plane at branch offices to pass traffic through the SD-WAN network

Answer: B

QUESTION 74
Which design consideration must be made when dual vEdge routers are deployed at a branch site?

A. Use BGP AS-path prepending to influence egress traffic and use MED to influence ingress traffic from the branch.
B. HSRP priorities must match the OMP routing policy to prefer one vEdge over the other.
C. Traffic must be symmetrical as it egresses the vEdges and returns from remote sites for DPI to function properly.
D. Configure BFD between vEdge routers to detect sub-second link failures.

Answer: C
Explanation:
For the localized application visibility features (DPI and NBAR2) to be able to classify most application traffic, it is important that the WAN Edge router sees network traffic in both directions. In dual-WAN Edge sites without any policy enabled, equal cost paths exist over each transport and to each WAN Edge router, and network traffic is hashed depending on fields in the IP header. Traffic is unlikely to always be forwarded to the same WAN Edge router in both the LAN-to-WAN direction and the WAN-to-LAN direction. To maintain symmetric traffic, it is recommended to set up routing so that traffic prefers one WAN Edge over another at dual-WAN Edge router sites.

QUESTION 75
When IPsec VPNs are designed, what is a unique requirement if support for IP Multicast is required?

A. encapsulation of traffic with GRE or VTI
B. IPsec forwarding using transport mode
C. additional bandwidth for headend
D. IPsec forwarding using tunnel mode

Answer: A

QUESTION 76
How do endpoints inside an SD-Access network reach resources outside the fabric?

A. a VRF fusion router is used to map resources in one VN to another VN
B. Fabric borders use VRFs to map VNs to VRFs
C. SD-Access transit links are used to transport encapsulated traffic from one fabric to another
D. A fabric edge is used to de-encapsulate VXLAN traffic to normal IP traffic then transported over the outside network

Answer: B
Explanation:
Fabric border routers handle the ingress & egress traffic for the SD-Access fabric, they are responsible for translating the policy, VRF & SGT information between the SD-Access fabric and the external networks.

QUESTION 77
Which three pieces of information are carried on OSPF type 3 LSAs? (Choose three)

A. metric
B. authentication type
C. link state
D. IP subnet
E. external route tag
F. subnet mask

Answer: ADF
Explanation:
There is IP prefix (192.168.1.0), Network Mask (/24) and a Metric (10). See below:
R1#show ip ospf database summary
OSPF Router with ID (1.1.1.1) (Process ID 1)
Summary Net Link States (Area 10)
Routing Bit Set on this LSA
LS age: 872
Options: (No TOS-capability, DC, Upward)
LS Type: Summary Links(Network)
Link State ID: 192.168.1.0 (summary Network Number)
Advertising Router: 2.2.2.2
LS Seq Number: 8000000B
Checksum: 0xE0D5
Length: 28
Network Mask: /24
TOS: 0 Metric: 10

QUESTION 78
Which two statements about DMVPN with NHRP are true? (Choose two)

A. NHRP shortens the configuration of the hub router.
B. NHRP dynamically provides information about the spoke routers to the hub.
C. NHRP disables multicast
D. The hub router uses NHRP to initiate the GRE tunnel with spokes.
E. The spoke routers act as the NHRP servers.

Answer: AB
Explanation:
https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/41940-dmvpn.html#dyntun
Dynamic Tunnel Creation for “Spoke-to-Hub”
Configuration of the hub router is shortened and simplified since it does not need to have any GRE or IPsec information about the peer routers. All of this information is learned dynamically via NHRP.
D is wrong box spokes are the devices who initiate the tunnel using NHRP not the HUB

QUESTION 79
In a simple MPLS L3VPN, which two tasks are performed by the PE router? (Choose two.)

A. It establishes pseudo wires with other PEs.
B. It exchanges VPNv4 and VPNv6 routes with CE Devices.
C. It assigns labels to routes in individual VPNs.
D. It forwards labeled packets to CE devices.
E. It exchanges VPNv4 or VPNv6 route with other PE routers.

Answer: CE

QUESTION 80
Refer to the exhibit. Which action would make the router the active VRRP router?

A. Recover interface Serial 1/0.
B. Increase priority in the configuration to 100.
C. Change the interface tracking priority to 100.
D. Recover interface Serial 1/1.

Answer: A
Explanation:
As VRRP Group 30 is configured with preemption all that is required is that the VRRP Priority be higher than that of the current active VRRP router and the current master router priority is 50.

Resources From:

1.2025 Latest Braindump2go 300-420 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/300-420.html

2.2025 Latest Braindump2go 300-420 PDF and 300-420 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1SXwfGxRyjBzcw1iBNd9T4FhKWBoH7WUo?usp=sharing

3.2025 Free Braindump2go 300-420 Exam Questions Download:
https://www.braindump2go.com/free-online-pdf/300-420-VCE-Dumps(1-80).pdf

Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!