352-001 Guide

The Secret of 352-001 exams

Q121. You have been hired to redesign a network due to issues with congestion. How will a router function if the QoS mechanism of congestion avoidance is integrated into the existing network design? 

A. the router handles the overflow of traffic by using FIFO B. the router handles the possible buildup of congestion by using WRED 

C. the router forces inbound and outbound traffic to stay within a defined profile by using rate limiting 

D. the router separates packets based on certain characteristics by using NBAR 

E. the router marks packets based on certain characteristics by using PBR 

Answer:


Q122. You have been hired by Acme Corporation to evaluate their existing network and determine if the current network design is secure enough to prevent man-in-the-middle attacks. When evaluating the network, which switch security option should you investigate to ensure that authorized ARP responses take place according to known IP-to-MAC address mapping? 

A. ARP rate limiting 

B. DHCP snooping 

C. Dynamic ARP Inspections 

D. IP Source Guard 

Answer:


Q123. When creating a network design that routes an IGP over L2VPNs, with which device does the remote CE router form an IGP adjacency? 

A. the hub site PE router 

B. the hub site CE router 

C. the directly connected PE router 

D. The IGP will not establish adjacency over the MPLS network. 

Answer:


Q124. Refer to the exhibit. 

When designing an MPLS-based LAN extension between DC-1 and DC-2, what are three advantages of deploying VSS? (Choose three.) 

A. Layers 2, 3, and 4 flow-based load balancing 

B. native VSS and MEC failover without using scripts 

C. sub-second failover 

D. required to configure VPLS 

E. failover time depends on Cisco IOS EEM and STP convergence 

F. limited VLAN-based VPLS traffic hashing 

Answer: A,B,C 


Q125. You are a network designer and are responsible for ensuring that the network you design is secure. How do you plan to prevent infected devices on your network from sourcing random DDoS attacks using forged source addresses? 

A. ACL-based forwarding 

B. ACL filtering by destination 

C. Unicast RPF loose mode 

D. Unicast RPF strict mode 

Answer:


Q126. You are a network designer and have been asked to consult with your server operations team to further enhance the security of the network. The operations team provides you with these details about the network: 

A pool of servers is accessed by numerous data centers and remote sites. 

The servers are accessed via a cluster of firewalls. 

The firewalls are configured properly and are not dropping traffic. 

The firewalls occasionally cause asymmetric routing of traffic within the server data center. 

Which technology would you recommend to enhance security by limiting traffic that could originate from a hacker compromising a workstation and redirecting flows at the servers? 

A. Access control lists to limit sources of traffic that exits the server-facing interface of the firewall cluster 

B. Poison certain subnets by adding static routes to Null0 on the server farm core switches. 

C. Unicast Reverse Path Forwarding in strict mode 

D. Unicast Reverse Path Forwarding in loose mode 

Answer:


Q127. You have been tasked with designing a data center interconnect as part of business continuity. You want to use FCoE over this DCI to support synchronous replication. Which two technologies allow for FCoE via lossless Ethernet or data center bridging? (Choose two.) 

A. EoMPLS 

B. DWDM 

C. Multichassis EtherChannel over Pseudowire 

D. OTV 

E. VPLS 

F. SONET/SDH 

Answer: BF 


Q128. A company supports IPv4 and IPv6 addresses, and they need to be able to support flow-based translations for multiple IPv6 devices to a single IPv4 address. Which address family translation design solution should be recommended? 

A. stateful NAT-PT 

B. NAT-PT 

C. stateless NAT64 

D. stateful NAT64 

Answer:


Q129. Refer to the exhibit. 

Acme Corporation hired you as a network designer to upgrade their network so that it supports IPv4 and IPv6 multicast. Which two protocols are needed on the LAN switch? (Choose two.) 

A. PIM sparse mode 

B. IGMP snooping 

C. PIM snooping 

D. Source Specific Multicast 

E. MLD snooping 

Answer: BE 


Q130. Refer to the exhibit. 

You are designing an IPv4 unicast Layer 3 VPN load-balancing solution. Which L3VPN feature needs to be configured on the PE routers to support the design requirement? 

A. nonmatching route distinguishers 

B. matching route target values 

C. disable split horizon on PE2 and PE3 

D. matching route distinguishers 

Answer:


To know more about the 352-001, click here.

Tagged as : Cisco 352-001 Dumps, Download 352-001 pdf, 352-001 VCE, 352-001 pass4sure, examcollection 352-001