Which port is used for vBond under controller certificates if no alternate port is configured?

A. 12344

B. 12345

C. 12347

D. 12346

Refer to the exhibit. Which configuration extends the INET interface on R1 to be used by R2 for control and data connections?

A. R1 interface ge0/2 interface ge0/2.10 ip address 43.43.43.2/30 tloc-extension ge0/0 tunnel-interface color public-internet R2 interface ge0/2 interface ge0/2.10 ip address 43.43.43.1/30 tunnel-interface color public-internet

B. R1 interface ge0/2 mtu 1504 no shutdown interface ge0/2.10 ip address 43.43.43.2/30 tunnel-interface color public-internet R2 interface ge0/2 mtu 1504 no shutdown interface ge0/2.10 ip address 43.43.43.1/30 tloc-extension ge0/0

C. R1 interface ge0/2 mtu 1504 no shutdown interface ge0/2.10 ip address 43.43.43.2/30 tloc-extension ge0/0 R2 interface ge0/2 mtu 1504 no shutdown interface ge0/2.10 ip address 43.43.43.1/30 tunnel-interface color public-internet

D. R1 interface ge0/2 no shutdown interface ge0/2.10 ip address 43.43.43.2/30 tloc-extension ge0/0 R2 interface ge0/2 no shutdown interface ge0/2.10 ip address 43.43.43.1/30 tloc-extension ge0/0

Which vBond system configuration under VPN 0 allows for a routable public IP address even if the DNS name, hostname, or IP address of the vBond orchestrator are omitted?

A. WAN

B. local

C. dns-name

D. vbond-only

In Cisco SD-WAN, which protocol is used for control connections between Cisco SD-WAN devices?

A. BGP

B. DTLS

C. OSPF

D. OMP

20Management%20Protocol%20is,described%20in%20Overlay%20Routing%20Overview

Which component creates a feature profile using a structured approach to configuring Cisco SD-WAN in UX 2.0?

A. feature template

B. feature parcel

C. configuration group

D. device template

What is a benefit of using REST APIs?

A. predefined automation and orchestration platform for event management and logging

B. user-defined automation and integration into other orchestration systems or tools

C. vAnalytics to simplify operational services integration and real-time event monitoring

D. predefined SD-WAN controller with other platform integration for event management and logging

Which two products are used to deploy Cisco WAN Edge Router virtual platforms? (Choose two.)

A. Sun Enterprise M4000 Server running Sun Solaris

B. Sun SPARC Node running AIX

C. Cisco UCS

D. HP ProLiant DL380 Generation 10 running HP-UX

E. Cisco ENCS 5000 Series

What is the default value for the number of paths advertised per prefix in the OMP feature template?

A. 4

B. 8

C. 12

D. 16

Drag and drop the actions from the left into the correct sequence on the right to create a data policy to direct traffic to the Internet exit.

Select and Place:

An engineer provisions a WAN Edge router. Which command should be used from the WAN Edge router to activate it with vManage?

A. request vedge-cloud activate serial token

B. request vedge-cloud activate chassis-number organization

C. request vedge-cloud activate chassis-number serial

D. request vedge-cloud activate chassis-number token

Refer to the exhibit. A user has selected the options while configuring a VPN Interface Ethernet feature template. What is the required configuration parameter the user must set in this template for this feature to function?

A. The “Shaping Rate (Kbps)” field must be configured with a value.

B. The “IP MTU” field must be increased from the default value of 1500 to support the additional overhead.

C. The “Bandwidth Downstream” field must be configured with a value.

D. The “Adaptive QoS” field must be set to “on”.

Which command displays BFD session summary information per TLOC on vEdge routers?

A. show bfd tloc-summary-list

B. show bfd history

C. show bfd summary

D. show bfd sessions

Which logs verify when a device was upgraded?

A. ACL

B. Email

C. SNMP

D. Audit

Which protocol is used to measure loss, latency, jitter, and liveliness of the tunnel between WAN Edge router peers?

A. OMP

B. NetFlow

C. BFD

D. IP SLA

An engineer is adding a tenant with location ID 123456789 in vManage. What is the maximum number of alphanumeric characters that is accepted in the tenant name field?

A. 8

B. 256

C. 128

D. 64

An engineer must configure VRRP for redundancy on WAN Edge router 1 running an earlier version than 20.6, considering WAN Edge router2 is configured correctly. Which configuration meets the requirement?

A.

An engineer must configure local redundancy on a site. Which configuration accomplishes the task?

A. vpn 0
tloc-extension interface
interface-name

B. interface interface-name
tloc-extension

C. tloc-extension interface
interface-name

D. vpn 0
interface interface-name
tloc-extension interface-name

After deploying Cisco SD-WAN, the company realized that by default, all sites built direct IPsec VPN tunnels to each other. In their previous topology, all spoke sites used the head office as their next hop for the LAN segment that belongs to network 40.0.0.0/16. The company wants to deploy its previous policy, which allows the 40.0.0.0/16 network that originates at the hub to advertise to the spokes.
Which configuration meets the requirement?

A. C

A customer is receiving routes via OMP from vSmart controller for a specific VPN. The customer must provide access to the W2 loopback received via OMP to the
OSPF neighbor on the service-side VPN. Which configuration fulfills these requirements?

Refer to the exhibit.

A vBond controller was added to the controller list with the same Enterprise Root CA certificate as vManage. The two controllers can reach each other via VPNO and share the same organization name, but the control connection is not initiated. Which action resolves the issue?

A. configure a valid vBond IP on vManage.

B. Synchronize the WAN Edge list on vManage with controllers.

C. configure NTP on both controllers to establish a connection.

D. configure a valid system IP on the vBond controller.

A WAN Edge device has several service VPNs with no routing protocol configured in the service VPNs. The device must be configured so that all connected routes are visible in OMP for VPN 10. Which configuration meets the requirement?

A.

Which two algorithms authenticate a user when configuring SNMPv3 monitoring on a WAN Edge router? (Choose two.)

A. AES-256

B. MD5

C. SHA-2

D. AES-128

E. SHA-1

Refer to the exhibit. Which NAT type must the engineer configure for the vEdge router to bring up the data plane tunnels?

A. Use private color on the TLO

B. Enable Full Cone NAT on the vEdge interface.

C. Enable Symmetric NAT on the vEdge interface.

D. Use public color on the TLO

E.

Refer to the exhibit. An enterprise decides to use the Cisco SD-WAN Cloud onRamp for SaaS feature and utilize

A. Q site Biz iNET to reach SaaS Cloud for branch C, currently reaching SaaS Cloud directly. Which role must be assigned to devices at both sites in vManage Cloud Express for this solution to work?

B. Branch to be added as Client Sites and

C. Q as DI

D. Q to be added as Gateway and Branch as DI

E. Branch to be added as DIA and

F. Q as Client Site.

G. Q to be added as Gateway and Branch as Client Site.

What is the advantage of installing the controller on-premises?

A. automatic geographical redundancy and security

B. full control of the data plane and the control plane

C. scalability and a cost-saving

D. ease of deployment and management

Which controller manages the orchestration plane of Cisco SD-WAN in a cloud deployment?

A. Cisco DNA Center

B. vSmart

C. vBond

D. vManage

Which Cisco SD-WAN WAN Edge platform supports LTE and Wi-Fi?

A. ISR 1101

B. ASR 1001

C. CSR 1000v

D. vEdge 2000

What is one way an SD-WAN Edge router originates a vRoute?

A. learned from OSPF intra-area

B. learned from BGP

C. from TLOCs connected to the WAN transports

D. from the vBond controller

Which protocol is configured on tunnels by default to detect loss, latency, jitter, and path failures in Cisco SD-WAN?

A. TLS

B. BFD

C. OMP

D. BGP

Which two prerequisites must be met before the Cloud onRamp for IaaS is initiated on vManage to expand to the flaws cloud? (Choose two.)

A. Attach an OSPF feature template to the flaws cloud Edge router template.

B. Attach the AmazonCreateVPC and AmazonProvisionEC2 permission policy to the IAM account.

C. Subscribe to the SD-WAN Edge router AMI in the flaws account.

D. Attach a device template to the cloud WAN Edge router to be deployed in the flaws.

E. Preprovision the transit VPC in the flaws region.

Drag and drop the alarm states from the left onto the corresponding alarm descriptions on the right.

Select and Place:

Refer to the exhibit. Which command allows traffic through the IPsec tunnel configured in VPN 0?

A. service netsvc1 vpn1

B. service netsvc1 address 1.1.1.1

C. service FW address 1.1.1.1

D. service local

Which pathway under Monitor > Network > Select Device is used to verify service insertion configuration?

A. System Status

B. ACL Logs

C. Real Time

D. Events

An engineer is applying QoS policy for the transport-side tunnel interfaces to enable scheduling and shaping for a WAN Edge cloud router. Which command accomplishes the task?

A. cloud-qos-service-side

B. qos-scheduler QOS_0

C. rewrite-rule QOS-REQWRITE

D. qos-map QOS

Drag and drop the BFD parameters from the left onto the BFD configurations on the right.

Select and Place:

The application team is getting ready to deploy a new business-critical application to the network. To protect the traffic, the network team must add another queue to the QoS map and then deploy the map to the fabric. Which configuration step must be completed prior to adding the queue to the QoS map and applying it?

A. The relationship between the new QoS class and the hardware queue must be configured from the “lists” page of the Local Policy section of vManage. The QoS map is then applied to the WAN interface.

B. The relationship between the new QoS class and the hardware queue must be configured from the “lists” page of the Local Policy section of vManage. The QoS map is then applied to the service-side interface.

C. The relationship between the new QoS class and the hardware queue must be configured from the “lists” page of the Centralized Policy section of vManage. The QoS map is then applied to the service-side interface.

D. The relationship between the new QoS class and the hardware queue must be configured from the “lists” page of the Centralized Policy section of vManage. The QoS map is then applied to the WAN interface.

Which set of key security components of authentication, encryption, and integrity is used to establish an IPsec tunnel in the Cisco SD-WAN solution?

A. Authentication is 1024-bit key; encryption is AES-128 cipher, and integrity is ESP, HMAC-MD5.

B. Authentication is 1024-bit key; encryption is AES-256 cipher, and integrity is ESP, HMAC-MD5.

C. Authentication is 2048-bit key; encryption is AES-256 cipher, and integrity is ESP, HMAC-SHA1.

D. Authentication is 2048-bit key; encryption is AES-128 cipher, and integrity is ESP, HMAC-SHA1.

Refer to the exhibit. An engineer is troubleshooting a control connection issue. What does `connect` mean in this show control connections output?

A. Control connection is down

B. Control connection is up

C. Control connection attempt is in progress

D. Control connection is connected

A customer wants to use flaws for Cisco SD-WAN IaaS services by deploying virtual SD-WAN routers in a transit flaws VP

A. The transit VPC then connects via site-to-site IPsec tunnels to an flaws transit gateway.
Which transit VPC connects via site-to-site IPsec tunnels to an flaws transit gateway?

B. Cisco Cloud onRamp for SaaS

C. Cisco Cloud onRamp for Colocation

D. Cisco Cloud onRamp for IaaS

E. Cisco Cloud onRamp for Multicloud

Refer to the exhibit.

Which configuration must the engineer use to form underlay connectivity for the Cisco SD-WAN network?

A. D

In the Cisco SD-WAN solution, vSmart controller is responsible for which two actions? (Choose two.)

A. Authenticate and authorize WAN Edge routers.

B. configure and monitor WAN Edge routers.

C. Distribute route and policy information via OMP.

D. Distribute the IP address from DHCP server to WAN Edge routers.

E. Distribute crypto key information among WAN Edge routers.

Which two sets of identifiers does OMP carry when it advertises TLOC routes between WAN Edge routers? (Choose two.)

A. TLOC public and private address, carrier, and preference

B. source and destination IP address, MAC, and site ID

C. system IP address, link color, and encapsulation

D. VPN ID, local site network, and BGP next-hop IP address

E. TLOC public and private address, tunnel ID, and performance

An engineer is troubleshooting a certificate issue on vEdge. Which command is used to verify the validity of the certificates?

A. show control local-properties

B. show control summary

C. show certificate installed

D. show certificate status

Refer to the exhibit. A company requires a data traffic policy that uses the "mpls" and "biz-internet" colors for Google Apps if the SLA is met. A link with the "public-internet" color must be used if the other two links violate the data SL

A. Which configuration meets these requirements?

B.

When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?

A. two

B. four

C. one

D. three

docs.cisco.com/Product_Documentation/Software_Features/Release_18.4/Security/Enterprise_Firewall_with_Application_Awareness Community vote distribution

An engineer is configuring the branch office with a 172.16.0.0/16 subnet to use DIA for Internet traffic. All other traffic must flow to the central site or branches using the MPLS circuit. Which configuration meets the requirement?

A. D

Which secure tunnel type should be used to connect one WAN Edge router to other WAN Edge routers?

A. DTLS

B. SSL VPN

C. IPsec

D. TLS

In which device state does the WAN Edge router create control connections, but data tunnels are not created?

A. valid

B. backup

C. active

D. staging

An engineer creates this data policy for DIA for VPN 10:

Which policy sequence enables DIA for external networks?

A.

Where on vManage does an engineer find the details of control node failure?

A. Alarms

B. Events

C. Audit log

D. Network