Question No 1
Which component of the SD Access fabric is responsible for communicating with networks that are
external to the fabric?
A. edge nodes
B. control plane nodes
C. intermediate nodes
D. border-nodes
Answer: D
Explanation:
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/CVD-Software- Defined-AccessDesign-Guide-2018AUG.pdf
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/CVD-Software-Defined-AccessDesign-Gu
Question No 2
Which protocol runs between the vSmart controllers and between the vSmart controllers and the vEdge routers, and unifies all control plane functions under a single: protocol umbrella1?
A. BGP
B. OSPF
C. IKE
D. VRRP
Answer: D
Question No 3
Which two activities should occur during an SE's discovery process? (Choose two.)
A. Establishing credibility with the customer
B. Working with the customer to develop a reference architecture
C. Referencing the PPDIOO model to effectively facilitate the discussion
D. Gathering information about the current state of the customer's network environment
E. Mapping Cisco innovation to customer's needs
Answer: CE
Question No 4
Which two statements regarding Cisco SD WAN vEdge routers can mitigate DoS attacks against the infrastructure? (Choose two)
A. Open Certificate Authority and automated enrollment feature
B. By default, all incoming traffic is denied art the transport (WAN) side interfaces,
C. Only authorized controllers are allowed to communicate back to the vEdge router after the vEdge
router establishes connections with the controllers
D. In case of direct Internet access, the only traffic allowed back is the traffic matching the state table
entries on the vEdge router.
E. The vEdge routers run on hardened Linux operating systems
Answer: CD
Question No 5
What are the three foundational elements required for the new operational paradigm'? (Choose three.)
A. centralization
B. assurance
C. application QoS
D. multiple technologies at multiple OSI layers
E. policy based automated provisioning of network of
F. fabric
Answer: CDF
Question No 6
Which two statements are true regarding Cisco ISE? (Choose two.)
A. In distributed deployments, failover from primary to secondary Policy Administration Nodes happens automatically.
B. The number of logs that ISE can retain is determined by your disk space
C. ISE supports IPv6 downloadable ACLs
D. ISE can detected endpoints whose addresses have been translated via NAT.
E. ISE supports up to 100 Policy Services Nodes
F. In two-node standalone ISE deployments failover must be done manually
Answer: AB
Question No 7
Which Cisco products were incorporated into Cisco ISE between ISE releases 20 and 2.3?
A. Cisco ASA
B. Cisco ESA
C. Cisco ACS
D. Cisco WSA
Answer: C
