500-490 Online Practice Questions and Answers

Which component of the SD-Access fabric is responsible for communicating with networks that are external to the fabric?

A. edge nodes

B. control plane nodes

C. intermediate nodes

D. border nodes

Which protocol runs between the vSmart controllers and between the vSmart controllers and the vEdge routers, and unifies all control plane functions under a single protocol umbrella?

A. BGP

B. OSPF

C. IKE

D. OMP

E. VRRP

Which two statements regarding Cisco SD-WAN vEdge routers can mitigate DoS attacks against the infrastructure? (Choose two.)

A. Open Certificate Authority and automated enrollment feature.

B. By default, all incoming traffic is denied at the transport (WAN) side interfaces.

C. Only authorized controllers are allowed to communicate back to the vEdge router after the vEdge router establishes connections with the controllers.

D. In case of direct Internet access, the only traffic allowed back is the traffic matching the state table entries on the vEdge router.

E. The vEdge routers run on hardened Linux operating systems.

Which two Cisco ISE use cases typically involve the highest level of implementation complexity? (Choose two.)

A. Guest and wireless access

B. Software-defined access

C. Device management

D. Asset visibility

E. Software-defined segmentation

Which three ways are SD-Access and ACI Fabric similar? (Choose three.)

A. use of overlays

B. use of Virtual Network IDs

C. focus on user endpoints

D. use of group policy

E. use of Endpoint Groups

F. use of Scalable Group Tags

Which element of the Cisco SD-WAN architecture facilitates the functions of controller discovery and NAT traversal?

A. vBond orchestrator

B. vManage

C. vSmart controller

D. vEdge

Which two primary categories are displayed on the overall health page of the assurance component in the Cisco DNA Center? (Choose two.)

A. Wired

B. Client

C. Access-Distribution

D. Server

E. Core

F. Network

What is the easiest way to enable SD-Access for all your remote sites after you have your campus SD-Access fabric up and running?

A. Treat all sites as one fabric domain and use the traditional physical network as the underlay.

B. Use a separate fabric domain for each site and use SD-WAN as the underlay.

C. Use a separate fabric domain for each site and use the traditional physical network as the underlay.

D. Treat all the sites as one fabric domain and use SD-WAN as the underlay.

Which are two advantages of a "one switch at a time" approach to integrating SD-Access into an existing brownfield environment? (Choose two.)

A. appropriate for campus and remote site environment

B. allows simplified testing prior to cutover

C. ideal for protecting recent investments while upgrading legacy hardware

D. involves the least risk of all approaches

E. opens up many new design and deployment opportunities

F. allows simplified roll back

What statement is true regarding the current time in Enterprise Networking history?

A. advent of cloud computing

B. pace of change

C. pervasive use of mobile devices

D. advent of IoT