New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: Board70

Passed Exam Today 400-007

Page: 10 / 24
Question 40

Which two points must network designers consider when designing a new network design or when evaluating an existing network design to help them understand the high-level design direction with regards to the security aspects? (Choose two)

Options:

A.

Consider Business objectives and goals

B.

Consider organization’s security policy standards

C.

Consider for only multi-site networks

D.

Consider for only new network technologies and components

Question 41

An IT service provider is upgrading network infrastructure to comply with PCI security standards. The network team finds that 802.1X and VPN authentication based on locally-significant certificates are not available on some legacy phones.

Which workaround solution meets the requirement?

Options:

A.

Replace legacy phones with new phones because the legacy phones will lose trust if the certificate is renewed.

B.

Enable phone VPN authentication based on end-user username and password.

C.

Temporarily allow fallback to TLS 1.0 when using certificates and then upgrade the software on legacy phones.

D.

Use authentication-based clear text password with no EAP-MD5 on the legacy phones.

Question 42

Which two statements explain the operation of BFD asynchronous mode? (Choose two )

Options:

A.

BFD asynchronous mode with echo packets combines the control packets and echo packets into a single packet.

B.

BFD asynchronous mode without echo packets uses control packets, and BFD asynchronous mode with echo packets does not.

C.

BFD asynchronous mode with and without echo packets use control packets.

D.

BFD asynchronous without echo packets has control packets sent back to the originating router, which echoes the control packet to detect failures.

E.

BFD asynchronous mode with echo packets uses separate control packets and echo packets.

Question 43

Company XYZ is migrating their existing network to IPv6 and they must plan for Layer 2 and Layer 3 devices Some of the access layer switches do not support IPv6, however, core and distribution switches fully support unicast and multicast routing. The company wants to minimize cost of the migration. Which migration strategy should be used in the design?

Options:

A.

The access layer switches must support IGMP snooping at a minimum. Any switches that do not support IGM snooping must be replaced.

B.

Upgrade the nonsupporting switches Otherwise, it will cause an issue with the migration.

C.

Layer 2 switches will not affect the implementation of IPv6. They can be included in the design in their current state.

D.

The access layer switches must support DHCPv6. Any switches that do not support DHCPv6 must be replaced.

Page: 10 / 24
Exam Code: 400-007
Exam Name: Cisco Certified Design Expert (CCDE v3.0)
Last Update: Dec 23, 2024
Questions: 329
400-007 pdf

400-007 PDF

$119.7  $399
400-007 Engine

400-007 Testing Engine

$134.7  $449
400-007 PDF + Engine

400-007 PDF + Testing Engine

$179.7  $599