2025 Updated 350-401 PDF for the 350-401 Tests Free Updated Today!
Fully Updated Dumps PDF - Latest 350-401 Exam Questions and Answers
Cisco 350-401 Exam Topics:
| Section | Weight | Objectives |
|---|---|---|
| Infrastructure | 30% | 1.Layer 2
2.Layer 3
3.Wireless
4.IP Services
|
| Automation | 15% | 1.Interpret basic Python components and scripts 2. Construct valid JSON encoded file 3. Describe the high-level principles and benefits of a data modeling language, such as YANG 4. Describe APIs for Cisco DNA Center and vManage 5. Interpret REST API response codes and results in payload using Cisco DNA Center and RESTCONF 6. Construct EEM applet to automate configuration, troubleshooting, or data collection 7. Compare agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack |
To prepare for the Cisco 350-401 certification exam, candidates can take advantage of various resources provided by Cisco, including official training courses, study materials, and practice exams. These resources cover all the topics and skills tested in the exam, helping candidates to gain a deep understanding of enterprise network core technologies and master the necessary skills to pass the exam. Additionally, candidates can also join online forums and communities to connect with other IT professionals and share their knowledge and experience in the field.
NEW QUESTION # 654
Which router is elected the IGMP Querier when more than one router is in the same LAN segment?
- A. The router with the shortest uptime
- B. The router with the longest uptime
- C. The router with the lowest IP address
- D. The router with the highest IP address
Answer: C
Explanation:
Query messages are used to elect the IGMP querier as follows: 1. When IGMPv2 devices start, they each multicast a general query message to the all-systems group address of 224.0.0.1 with their interface address in the source IP address field of the message. 2. When an IGMPv2 device receives a general query message, the device compares the source IP address in the message with its own interface address. The device with the lowest IP address on the subnet is elected the IGMP querier. 3. All devices (excluding the querier) start the query timer, which is reset whenever a general query message is received from the IGMP querier. If the query timer expires, it is assumed that the IGMP querier has gone down, and the election process is performed again to elect a new IGMP querier.
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/2_2_e
/multicast/configuration_guide/b_mc_1522e_3750x_3560x_cg/b_ipmc_3750x_3560x_chapter_01
000.html
NEW QUESTION # 655
Refer to the exhibit .
Which command must be configured for RESTCONF to operate on port 8888?
- A. ip http port 8888
- B. restconf port 8888
- C. ip http restconf port 8888
- D. restconf http port 8888
Answer: B
Explanation:
RESTCONF is a protocol used for network management that is based on HTTP, allowing for the retrieval and modification of configuration information using web-based APIs. It operates on a configurable port, and to set RESTCONF to use a specific port, the command restconf port <port-number> is used. Therefore, to configure RESTCONF to operate on port 8888, the correct command is restconf port 8888.
NEW QUESTION # 656
In a wireless Cisco SD-Access deployment, which roaming method is used when a user moves from one access point to another on a different access switch using a single WLC?
- A. fast roam
- B. auto anchor
- C. Layer 3
- D. inter-xTR
Answer: A
NEW QUESTION # 657
A customer has several small branches and wants to deploy a WI-FI solution with local management using CAPWAP. Which deployment model meets this requirement?
- A. Mobility Express
- B. Autonomous
- C. SD-Access wireless
- D. Local mode
Answer: A
Explanation:
Mobility Express is a solution designed for small to medium-sized deployments where a physical controller is not required. It simplifies the deployment and management of Wi-Fi networks by allowing local management using the CAPWAP protocol, which is ideal for the customer's requirement of managing several small branches.
References := Implementing and Operating Cisco Service Provider Network Core Technologies
NEW QUESTION # 658 
Refer to the exhibit. Which two commands are needed to allow for full reachability between AS 1000 and AS
2000? (Choose two)
- A. R1#no network 10.0.0.0 255.255.255.0
- B. R2#network 192.168.0.0 mask 255.255.0.0
- C. R1#network 192.168.0.0 mask 255.255.0.0
- D. R2#no network 10.0.0.0 255.255.255.0
- E. R2#network 209.165.201.0 mask 255.255.192.0
Answer: C,E
Explanation:
For full reachability between AS 1000 and AS 2000, R1 needs to advertise network 192.168.0.0 (option A) and R2 needs to advertise network 209.165.201.0 (option D). These commands ensure that both Autonomous Systems are aware of each other's networks, enabling full reachability between them as per the BGP routing protocol's operation.References := Cisco BGP Configuration Guide
NEW QUESTION # 659
Drag and drop the threat defense solutions from the left onto their descriptions on the right.
Answer:
Explanation:
Explanation
NEW QUESTION # 660
Refer to the exhibit. An engineer attempts to bundle interface Gi0/0 into the port channel, but it does not function as expected.
Which action resolves the issue?
- A. Configure no shutdown on interface Gi0/0
- B. Set LACP max-bundle to 2 on interface Port-channeM
- C. Enable fast LACP PDUs on interface Gi0/0.
- D. Configure channel-group 1 mode active on interface Gi0/0.
Answer: B
Explanation:
When enabled, LACP tries to configure the maximum number of LACP-compatible ports in a channel, up to a maximum of 16 ports.
https://www.cisco.com/c/en/us/td/docs/switches/blades/3020/software/release/12-
2_50_se/configuration/guide/scg/swethchl.pdf
NEW QUESTION # 661
Refer to the exhibit.
An engineers reaching network 172 16 10 0/24 via the R1-R2-R4 path. Which configuration forces the traffic to take a path of R1-R3-R4?
A)
B)
C)
D)
- A. Option D
- B. Option C
- C. Option A
- D. Option B
Answer: A
NEW QUESTION # 662
Refer to the exhibit.
Based on the configuration in this WLAN security setting. Which method can a client use to authenticate to the network?
- A. RADIUS token
- B. text string
- C. certificate
- D. username and password
Answer: B
NEW QUESTION # 663
An engineer must configure interface GigabitEthernet0/0 for VRRP group 10. When the router has the highest priority in the group, it must assume the master role. Which command set must be added to the initial configuration to accomplish this task?
- A. standby 10 ip 172.16.13.254 255.255.255.0
standby 10 preempt - B. vrrp group 10 ip 172.16.13 254.255.255.255.0
vrrp group 10 priority 120 - C. vrrp 10 ip 172.16.13.254
vrrp 10 preempt - D. standby 10 ip 172.16.13.254
standby 10 priority 120
Answer: C
Explanation:
Explanation
In fact, VRRP has the preemption enabled by default so we don't need the vrrp 10 preempt command. The default priority is 100 so we don't need to configure it either. But notice that the correct command to configure the virtual IP address for the group is vrrp 10 ip { } (not vrrp group 10 ip ...) and this command does not include a subnet mask.
NEW QUESTION # 664
Drag and drop the solutions that comprise Cisco Cyber Threat Defense from the left onto the objectives they accomplish on the right.
Answer:
Explanation:
Explanation
NEW QUESTION # 665
Refer to the exhibit.
Which privilege level is assigned to VTY users?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: C
Explanation:
Explanation
Lines (CON, AUX, VTY) default to level 1 privileges.
NEW QUESTION # 666
Drag and drop the descriptions of the VSS technology from the left to the right. Not all options are used.
Answer:
Explanation:
NEW QUESTION # 667
Drag and Drop Question
Drag and drop the characteristics from the left onto the switching architectures on the right.
Answer:
Explanation:
NEW QUESTION # 668
Which characteristic distinguishes Ansible from Chef?
- A. Ansible uses Ruby to manage configurations. Chef uses YAML to manage configurations.
- B. Ansible pushes the configuration to the client. Chef client pulls the configuration from the server.
- C. The Ansible server can run on Linux, Unix or Windows. The Chef server must run on Linux or Unix.
- D. Ansible lacks redundancy support for the master server. Chef runs two masters in an active/active mode.
Answer: B
Explanation:
Ansible works by connecting to your nodes and pushing out small programs, called "Ansible modules" to them.
These programs are written to be resource models of the desired state of the system. Ansible then executes these modules (over SSH by default), and removes them when finished.
Chef is a much older, mature solution to configure management. Unlike Ansible, it does require an installation of an agent on each server, named chef-client. Also, unlike Ansible, it has a Chef server that each client pulls configuration from.
NEW QUESTION # 669
Based on the router's API output in JSON format below, which Python code will display the value of the
"hostname" key?
- A. Option D
- B. Option C
- C. Option A
- D. Option B
Answer: D
NEW QUESTION # 670
Refer to the exhibit.
An engineer must configure static NAT on R1 lo allow users HTTP access to the web server on TCP port 80.
The web server must be reachable through ISP 1 and ISP 2. Which command set should be applied to R1 to fulfill these requirements?
- A. ip nat inside source static tcp 10.1.1.100 80 209.165.200.225 80
ip nat inside source static tcp 10.1.1.100 8080 209.165.201.1 8080 - B. ip nat inside source static tcp 10.1.1.100 80 209.165.200.225 80 no-alias ip nat inside source static tcp 10.1.1.100 80 209.165.201.1 80 no-alias
- C. ip nat inside source static tcp 10.1.1.100 80 209.165.200.225 80
ip nat inside source static tcp 10.1.1.100 80 209.165.201.1 80 - D. ip nat inside source static tcp 10.1.1.100 80 209.165.200.225 80 extendable ip nat inside source static tcp 10.1.1.100 80 209.165.201.1 80 extendable
Answer: C
NEW QUESTION # 671
What is the function of a control-plane node in a Cisco SD-Access solution?
- A. to connect APs and wireless endpoints to the SD-Access fabric
- B. to connect external Layer 3 networks to the SD Access fabric.
- C. to run a mapping system that manages endpoint to network device relationships
- D. to implement policies and communicate with networks outside the fabric
Answer: C
Explanation:
Explanation
Control-Plane Nodes - Map System that manages Endpoint to Device relationships Fabric Border Nodes - A Fabric device (e.g. Core) that connects External L3 network(s) to the SDA Fabric Fabric Edge Nodes - A Fabric device (e.g. Access or Distribution) that connects Wired Endpoints to the SDA Fabric Fabric Wireless Controller - A Fabric device (WLC) that connects APs and Wireless Endpoints to the SDA Fabric Reference:
https://www.cisco.com/c/dam/m/hr_hr/training-events/2019/cisco-connect/pdf/VH-Cisco-SD-Access-Connecting
NEW QUESTION # 672
Which component handles the orchestration plane of the Cisco SD-WAN?
- A. vManage
- B. vSmart
- C. vEdge
- D. vBond
Answer: D
NEW QUESTION # 673
Drag and drop characteristics of PIM dense mode from the left to the right.
Answer:
Explanation:
PIM-DM supports only source trees - that is, (S,G) entries-and cannot be used to build a shared distribution tree.
Reference:
PIM dense mode (PIM-DM) uses a push model to flood multicast traffic to every corner of the network. This push model is a brute-force method of delivering data to the receivers. This method would be efficient in certain deployments in which there are active receivers on every subnet in the network. PIM-DM initially floods multicast traffic throughout the network. Routers that have no downstream neighbors prune the unwanted traffic. This process repeats every 3 minutes.
A rendezvous point (RP) is required only in networks running Protocol Independent Multicast sparse mode (PIM-SM).
In PIM dense mode (PIM-DM), multicast traffic is initially flooded to all segments of the network. Routers that have no downstream neighbors or directly connected receivers prune back the unwanted traffic.
NEW QUESTION # 674
Which method of account authentication does OAuth 2.0 within REST APIs?
- A. username/role combination
- B. basic signature workflow
- C. cookie authentication
- D. access tokens
Answer: D
Explanation:
The most common implementations of OAuth (OAuth 2.0) use one or both of these tokens:
+ access token: sent like an API key, it allows the application to access a user's data; optionally, access tokens can expire.
+ refresh token: optionally part of an OAuth flow, refresh tokens retrieve a new access token if they have expired. OAuth2 combines Authentication and Authorization to allow more sophisticated scope and validity control.
NEW QUESTION # 675
......
Free 350-401 Exam Questions 350-401 Actual Free Exam Questions: https://www.validdumps.top/350-401-exam-torrent.html
100% Free 350-401 Exam Dumps to Pass Exam Easily: https://drive.google.com/open?id=135aZrkaxhxfvp_qQZ0u6TAJ0XOr_qaTO