This page was exported from Offer Free Microsoft and Cisco Exam Dumps [ http://www.hitachidumps.com ] Export date:Thu Nov 13 3:31:11 2025 / +0000 GMT ___________________________________________________ Title: [2025-November-New]Braindump2go 300-420 VCE Exam Questions Free[Q1-Q80] --------------------------------------------------- 2025/November Latest Braindump2go 300-420 Exam Dumps with PDF and VCE Free Updated Today! Following are some new Braindump2go 300-420 Real Exam Questions!QUESTION 1Which routes does the overlay management protocol advertise in an SD-WAN overlay?A. underlay, MPLS, and overlayB. primary, backup, and load-balancedC. prefix, TLOC, and serviceD. Internet, MPLS, and backupAnswer: CQUESTION 2A network solution is being designed for a company that connects to multiple Internet service providers. Which Cisco proprietary BGP path attribute will influence outbound traffic flow?A. Local PreferenceB. MEDC. WeightD. AS PathE. CommunityAnswer: CExplanation:Weight is Cisco proprietary and is the first decision of all path attributes to influence outbound traffic on a singular router. Weight is non-transitive and will only influence routes as they leave that device.QUESTION 3Refer to the exhibit. EIGRP has been configured on all links. The spoke nodes have been configured as EIGRP stubs, and the WAN links to R3 have higher bandwidth and lower delay than the links to R4. When a link failure occurs at the R1-R2 link, what happens to traffic on R1 that is destined for a subnet attached to R2? A. R1 has no route to R2 and drops the trafficB. R1 load-balances across the paths through R3 and R4 to reach R2C. R1 forwards the traffic to R3, but R3 drops the trafficD. R1 forwards the traffic to R3 in order to reach R2Answer: AExplanation:As spoke router, only connected and summary route are communicated with neighboors.Stub router only advertise Connected and Summary - it will not re-advertise route.https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-mt/ire-15-mt-book/ire-eigrp-stub-rtg.htmlQUESTION 4A company is using OSPF between its HQ location and a branch office. HQ is assigned area 0 and the branch office is assigned area 1. The company purchases a second branch office, but due to circuit delays to HQ, it decides to connect the new branch office to the creating branch office as a temporary measure. The new branch office is assigned area 2. Which OSPF configuration enables all three locations to exchange routes?A. The existing branch office must be configured as a stub areaB. A virtual link must be configured between the new branch office and HQC. A sham link must be configured between the new branch office and HQD. The new branch office must be configured as a stub areaAnswer: BExplanation:Area 0 must connect to all other areas. When the network design goes against that practice we have to use virtual links to configure the connecting area as a transit area.QUESTION 5An engineer must design a multicast network for a financial application. Most of the multicast sources also receive multicast traffic (many-to-many deployment model). To better scale routing tables, the design must not use source trees. Which multicast protocol satisfies these requirements?A. PIM-SSMB. PIM-SMC. MSDPD. BIDIR-PIMAnswer: DExplanation:BIDIR-PIM is designed to be used for many-to-many applications within individual PIM domains. Multicast groups in bidirectional PIM mode can scale to an arbitrary number of sources without incurring overhead due to the number of sources.https://www.cisco.com/c/dam/en/us/products/collateral/ios-nx-os-software/multicast-enterprise/prod_white_paper0900aecd80310db2.pdfQUESTION 6An engineer is working for a large cable TV provider that requires multiple sources streaming video on different channels using multicast with no rendezvous point.Which multicast protocol meets these requirements?A. PIM-SMB. PIM-SSMC. any-source multicastD. BIDIR-PIMAnswer: BExplanation:PIM-SSM is suitable for when well-known sources exist within the local PIM domain and for broadcast applications. Also, PIM-SSM eliminates the RPs and shared trees.QUESTION 7What are two valid scaling techniques when an EIGRP network is designed that consists of more than 1000 routers? (Choose two.)A. Use structured hierarchical topology with route summarizationB. Used sub-second timersC. Use the distribute-list command to filter routesD. Modify delay parameters on the linksE. Implement multiple EIGRP autonomous systemsAnswer: AEQUESTION 8A customer with an IPv4 only network topology wants to enable IPv6 connectivity while preserving the IPv4 topology services. The customer plans to migrate IPv4 services to the IPv6 topology, then decommission the IPv4 topology. Which topology supports these requirements?A. dual stackB. 6VPEC. 6to4D. NAT64Answer: AQUESTION 9A company with multiple service providers wants to speed up BGP convergence time in the event a failure occurs with their primary link. Which approach achieves this goal and does not impact router CPU utilization?A. Utilize BFD and tune the multiplier to 50B. Lower the BGP hello intervalC. Decrease the BGP keepalive timerD. Utilize BFD and keep the default BGP timersAnswer: DExplanation:The issue is to speed up BGP convergence time in the event a FAILURE occurs and keep the CPU utilisation low - then BFD is the solution.QUESTION 10An engineer is working with NETCONF and Cisco NX-OS based devices. The engineer needs a YANG model that supports a specific feature relevant only to Cisco NX-OS. Which model must the engineer choose?A. NativeB. IEEEC. OpenConfigD. IETFAnswer: AExplanation:NXOS has a comprehensive number of both native and open YANG models, that allow you to manage the rich feature-set that NXOS provides. Data models provide a structured and well-defined base that facilitates programmatic interaction with NXOS devices. The list of supported models includes native, OpenConfig and IETF models. In addition, YANG provides a modeling language optimized for network devices and with a growing number of tools and utilities. OpenConfig and IETF are vendor agnostic models, that abstract the detailed configuration across OSs and platforms.QUESTION 11When designing interdomain multicast, which two protocols are deployed to achieve communication between multicast sources and receivers? (Choose two.)A. IGMPv2B. BIDIR-PIMC. MP-BGPD. MSDPE. MLDAnswer: CDExplanation:MSDP (Multicast interdomain discovery protocol) should exchange routing information using BGP.QUESTION 12A branch office has a primary L3VPN MPLS connection back to the main office and an IPSEC VPN tunnel that serves as backup. Which design ensures that data is sent over the backup connection only if the primary MPLS circuit is down?A. Use EIGRP to establish a neighbor relationship with the main office via L3VPN MPLS and the IPSEC VPN tunnel.B. Use BGP with the multipath feature enabled to force traffic via the primary path when available.C. Use static routes tied to an IP SLA to prefer the primary path while a floating static route points to the backup connection.D. Use OSPF with a passive-interface command on the backup connection.Answer: CExplanation:Floating static routes are static routes that are used to provide a backup path to a primary static or dynamic route, in the event of a link failure.QUESTION 13Company A recently acquired another company. Users of the newly acquired company must be able to access a server that exists on Company A's network, both companies use overlapping IP address ranges. Which action conserves IP address space and provides access to the server?A. Use a single IP address to create overload NATB. Use a single IP address to create a static NAT entryC. Build one-to-one NAT translation for every user that needs accessD. Re-IP overlapping address space in the acquired companyAnswer: BExplanation:You wouldn't create a NAT to convert every single user from the newly acquired company into one IP address in the other existing company. You would create a static NAT for traffic destined to the server at the network boundary between the 2 companies. Traffic destined to the server from the newly acquired company would be NAT'd to the server IP in Company A.QUESTION 14In an SD-WAN architecture, which methods are used to bootstrap a vEdge router?A. DHCP options or manual configurationB. vManage or DNS recordsC. ZTP or manual configurationD. DNS records or DHCP optionsAnswer: CExplanation:https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/SDWAN/sd-wan-wan-edge-onboarding-deploy-guide-2020jan.pdfQUESTION 15Which two statements about VRRP advertisements are true? (Choose two.)A. They are sent from the master router and standby routers.B. They include VRRP timer information.C. They are sent only from the master router.D. They include priority information.E. They are sent every three seconds by default.Answer: CDExplanation:The virtual router master sends VRRP advertisements to other VRRP routers in the same group. The advertisements communicate the priority and state of the virtual router master. The VRRP advertisements are encapsulated in IP packets and sent to the IP Version 4 multicast address assigned to the VRRP group. The advertisements are sent every second by default.https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-3s/fhp-xe-3s-book/fhp-vrrp.html#GUID-F08F171E-D151-448B-B58C-D2ED17E11E9FQUESTION 16Which common issue causes intermittent DMVPN tunnel flaps?A. a routing neighbor reachability issueB. a suboptimal routing tableC. interface bandwidth congestionD. that the GRE tunnel to hub router is not encryptedAnswer: AQUESTION 17Which two statements about VRRP object tracking are true? (Choose two)A. The priority of a VRRP device can change in accordance with the up or down status of a VRRP objectB. The VRRP interface priority must be manually configured by the administratorC. A VRRP group can track only one object at a timeD. VRRP can track the status of interfaces and routesE. VRRP supports only interce trackingAnswer: ADQUESTION 18Which solution allows overlay VNs to communicate with each other in an SD-WAN Architecture?A. External fusion routers can be used to map VNs to VRFs and selectively route traffic between VRFs.B. GRE tunneling can be configured between fabric edges to connect one VN to another.C. SGTs can be used to permit traffic from one VN to another.D. Route leaking can be used on the fabric border nodes to inject routes from one VN to another.Answer: AExplanation:A Fusion device enables Virtual routing and forwarding (VRF) leaking across SD-Access Fabric domains, and enables host connectivity to shared services, such as DHCP, DNS, NTP, ISE, Cisco DNA Center, Wireless LAN Controllers (WLC) and similar.QUESTION 19An engineer must design a VPN solution for a company that has multiple branches connecting to a main office. What are two advantages of using DMVPN instead of IPsec tunnels to accomplish this task? (Choose two.)A. support for AES 256-bit encryptionB. greater scalabilityC. support for anycast gatewayD. lower traffic overheadE. dynamic spoke-to-spoke tunnelsAnswer: BEExplanation:Greater scalability: DMVPN is a more scalable solution than IPsec tunnels. This is because DMVPN uses a hub-and-spoke topology, which allows for the easy addition or removal of spokes without having to reconfigure the entire network. IPsec tunnels, on the other hand, are point-to-point connections, which can be more difficult to scale.Dynamic spoke-to-spoke tunnels: DMVPN supports dynamic spoke-to-spoke tunnels. This means that tunnels are only created between spokes when they need to communicate with each other. This can help to reduce traffic overhead and improve performance. IPsec tunnels, on the other hand, are static tunnels, which means that they are always up, even when they are not needed.QUESTION 20Which NETCONF operation creates filtering that is specific to the session notifications?A. <create-subscription>B. <commit>C. <notification>D. <logging>Answer: AExplanation:https://community.cisco.com/kxiwq67737/attachments/kxiwq67737/5672j-docs-dev-nso/87/1/rfc5277.pdfQUESTION 21An enterprise customer has these requirements:- end-to-end QoS for the business-critical applications and VoIP services based on CoS marking.- flexibility to offer services such as IPv6 and multicast without any reliance on the service provider.- support for full-mesh connectivity at Layer 2.Which WAN connectivity option meets these requirements?A. VPWSB. MPLS VPNC. DMVPND. VPLSAnswer: DExplanation:VPLS provides full mesh connectivity at Layer 2. Cos marking will be kept in the frames because it transits on layer 2 network.QUESTION 22What is a benefit of using VRRPv3 as compared to VRRPv2?A. VRRPv3 supports IPv4 and IPv6B. VRRPv3 supports authenticationC. VRRPv3 supports preemptionD. VRRPv3 supports stateful switchoverAnswer: AExplanation:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/15-e/fhp-15-e-book/VRRPv3-Protocol-Support.htmlQUESTION 23A customer is discussing QoS requirements with a network consultant. The customer has specified that endto-end path verification is a requirement. Which QoS solution meets this requirement?A. IntServ model with RSVP to support the traffic flowsB. DiffServ model with PHB to support the traffic flowsC. marking traffic at the access layer with DSCP to support the traffic flowsD. marking traffic at the access layer with CoS to support the traffic flowsAnswer: AExplanation:https://www.cisco.com/en/US/technologies/tk543/tk766/technologies_white_paper09186a00800a3e2f.htmlQUESTION 24Which nonproprietary mechanism can be used to automate rendezvous point distribution in a large PIM domain?A. Embedded RPB. BSRC. Auto-RPD. Static RPAnswer: BExplanation:https://networklessons.com/cisco/ccie-routing-switching/multicast-pim-bootstrap-bsr#:~:text=BSR%20(Bootstrap)%20is%20similar%20to,is%20a%20Cisco%20proprietary%20protocol.QUESTION 25Which two best practices must be followed when designing an out-of-band management network? (Choose two.)A. Enforce access controlB. Facilitate network integrationC. Back up data using the management networkD. Ensure that the management network is a backup to the data networkE. Ensure network isolationAnswer: AEExplanation:An OOB management network should be deployed using the following best practices:- Provide network isolation- Enforce access control- Prevent data traffic from transiting the management networkQUESTION 26Refer to the exhibit. An engineer must optimize the traffic flow of the network.Which change provides a more efficient design between the access and the distribution layer? A. Add a link between access switch A and access switch BB. Reconfigure the distribution switch A to become the HSRP ActiveC. Change the link between distribution switch A and distribution switch B to be a routed linkD. Create an EtherChannel link between distribution switch A and distribution switch BAnswer: BQUESTION 27When a first hop redundancy solution is designed, which protocol ensures that load balancing occurs over multiple routers using a single virtual IP address and multiple virtual MAC addresses?A. GLBPB. IRDPC. VRRPD. HSRPAnswer: AQUESTION 28Which two routing protocols allow for unequal cost load balancing? (Choose two.)A. EIGRPB. IS-ISC. BGPD. OSPFE. RIPngAnswer: ACExplanation:EIGRP supports unequal cost load balancing through a feature called Variance. Variance allows EIGRP to include routes in the routing table that have a higher metric than the minimum metric route, but within a specified multiple (the variance value). This allows traffic to be distributed across multiple paths with different costs, thereby providing unequal cost load balancing.BGP also supports unequal cost load balancing, although it's not as commonly used as in EIGRP. BGP can be configured to install multiple paths to a destination in the routing table and distribute traffic across these paths. This can be done using features like "Add-Path" or through careful configuration of BGP attributes such as weight, local preference, and MED (Multi-Exit Discriminator) to influence path selection and achieve load balancing across paths with different costs.QUESTION 29Which two steps can be taken to improve convergence in an OSPF network? (Choose two.)A. Use Bidirectional Forwarding DetectionB. Merge all the areas into one backbone areaC. Tune OSPF parametersD. Make all non-backbone areas stub areasE. Span the same IP network across multiple areas.Answer: ACExplanation:Network convergence is the time that is needed for the network to respond to events.One of the significant factors in routing convergence is the detection of link or node failure (events). This is where BFD comes in to play.OSPF TimersThe default OSPF LSA propagation timers are quite conservative. Lowering the values of the timers that control OSPF LSA generation can significantly improve OSPF convergence timeshttps://www.ciscopress.com/articles/article.asp?p=1763921&seqNum=6QUESTION 30A network administrator is troubleshooting a DMVPN setup between the hub and the spoke. Which action should the administrator take before troubleshooting the IPsec configuration?A. Verify the GRE tunnels.B. Verify ISAKMP.C. Verify NHRP.D. Verify crypto maps.Answer: AQUESTION 31Which two options can you use to configure an EIGRP stub router? (Choose two)A. summary-onlyB. receive-onlyC. externalD. summaryE. totally-stubbyF. not-so-stubbyAnswer: BDQUESTION 32At which layer does Cisco Express Forwarding use adjacency tables to populate addressing information?A. Layer 4B. Layer 2C. Layer 1D. Layer 3Answer: BQUESTION 33Which design consideration should be observed when EIGRP is configured on Data Center switches?A. Perform manual summarization on all Layer 3 interfaces to minimize the size of the routing table.B. Prevent unnecessary EIGRP neighborships from forming across switch virtual interfaces.C. Lower EIGRP hello and hold timers to their minimum settings to ensure rapid route reconvergence.D. Configure multiple EIGRP autonomous systems to segment Data Center services and applications.Answer: AExplanation:When EIGRP is used in the data center (DC), several design considerations are important. Because DCs will have many different services, networks, and applications, you should design for summarizing data center subnets, just as you would do in wide-area networking. Furthermore, it is a good idea to advertise a default route into the DC from the aggregation layer. This way, you do not have to advertise all global network routes into the DC.QUESTION 34Which design consideration must be made when using IPv6 overlay tunnels?A. Overlay tunnels that connect isolated IPv6 networks can be considered a final IPv6 network architecture.B. Overlay tunnels should only be considered as a transition technique toward a permanent solution.C. Overlay tunnels can be configured only between border devices and require only the IPv6 protocol stack.D. Overlay tunneling encapsulates IPv4 packets in IPv6 packets for delivery across an IPv6 infrastructure.Answer: BExplanation:Overlay tunnels can be configured between border devices or between a border device and a host; however, both tunnel endpoints must support the IPv4 and IPv6 protocol stacks.https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/configuration/15-2mt/ipv6-15-2mt-book/ip6-tunnel.htmlQUESTION 35When a network is designed using IS-IS protocol, which two circuit types are supported? (Choose two.)A. nonbroadcast multiaccessB. multiaccessC. point-to-multipointD. nonbroadcastE. point-to-pointAnswer: BEExplanation:In Intermediate System-to-Intermediate System (IS-IS) Protocol, there are two types of networks: point-to-point and broadcast. Unlike Open Shortest Path First (OSPF) Protocol, IS-IS does not have other network types like non-broadcast and point-to-multipoint.QUESTION 36What is an advantage of designing an out-of-band network management solution?A. In the event of a production network outage, network devices can still be managed.B. There is no separation between the production network and the management network.C. In the event of a production network outage, it can be used as a backup network path.D. It is less expensive than an in-band management solutionAnswer: AQUESTION 37An engineer must propose a QoS architecture model that allows an application to inform the network of its traffic profile and to request a particular type of service to support its bandwidth and delay requirements. The application requires consistent and dedicated bandwidth end to end. Which QoS architecture model meets these requirements?A. DiffServB. LLQC. WREDD. IntServAnswer: DQUESTION 38Drag and Drop QuestionDrag and drop the properties from the left onto the protocols they describe on the right. Answer: Explanation:https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/166/b_166_programmability_cg/b_166_programmability_cg_chapter_01011.htmlhttps://www.cisco.com/c/en/us/td/docs/ios-xml/ios/prog/configuration/169/b_169_programmability_cg/ configuring_yang_datamodel.htmlQUESTION 39Drag and Drop QuestionDrag and drop the characteristics from the left onto the correct telemetry mode on the right. Answer: Explanation:In a dial-in mode, the destination initiates a session to the router and subscribes to data to be streamed. Dialin mode is supported over gRPC in only 64-bit platforms In a dial-out mode, the router initiates a session to the destinations based on the subscription.All 64-bit IOS XR platforms (except for NCS 6000 series routers) support gRPC and TCP protocols. All 32-bit IOS XR platforms support only TCP.Reference:https://www.cisco.com/c/en/us/td/docs/iosxr/asr9000/telemetry/b-telemetry-cg-asr9000-61x/b-telemetry-cgasr9000-61x_chapter_010.html#id_36445QUESTION 40Refer to the exhibit. Which solution decreases the EIGRP convergence time? A. Enable subsecond timersB. Increase the hold time valueC. Increase the dead timer valueD. Enable stub routing on the spokesAnswer: DExplanation:Query storms are eliminated, which saves bandwidth and CPU and allows the network to converge more quickly.https://www.cisco.com/en/US/technologies/tk648/tk365/technologies_white_paper0900aecd8023df6f.htmlQUESTION 41A router running ISIS is showing high CPU and bandwidth utilization. An engineer discovers that the router is configured as L1/L2 and has L1 and L2 neighbors. Which step optimizes the design to address the issue?A. Make this router a DIS for each of the interfacesB. Disable the default behavior of advertising the default route on the L1/L2 routerC. Configure the router to be either L1 or L2D. Configure each interface as either L1 or L2 circuit typeAnswer: DExplanation:You have an IS-IS router that is performing both L1 and L2 routing and has both L1 and L2 neighbors. How would you optimize the router's operation to conserve bandwidth and router resources?Configure each interface as either L1 or L2 circuit type, depending on the type of adjacency needed out that interface. The command to do this is, at the interface configuration mode, isis circuit-type [level-1 | level-1-2 | level-2-only]. This prevents unnecessary hellos from being sent out interfaces, which uses bandwidth and router resources.https://www.ciscopress.com/articles/article.asp?p=101756QUESTION 42A network engineer must connect two sites across a public network using a secure tunneling technology that supports multicast traffic. Which technology must be chosen?A. IPsecB. GREC. PPTPD. GRE over IPsecAnswer: DQUESTION 43Which control-plane technology allows the same subnet to exist across multiple network locations?A. LISPB. VXLANC. FabricPathD. ISE mobility servicesAnswer: AExplanation:VXLAN is a data plane technology - LISP is control plane related.https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.htmlQUESTION 44Which two statements describe source trees in a multicast environment? (Choose two.)A. Source trees guarantee the minimum amount of network latency for forwarding multicast trafficB. Source trees create an optimal path between the source and the receiversC. Source trees use a single common root placed at some chosen point in the networkD. Source trees can introduce latency in packet deliveryE. Source trees can create suboptimal paths between the source and the receiversAnswer: ABExplanation:Source trees have the advantage of creating the optimal path between the source and the receivers. This advantage guarantees the minimum amount of network latency for forwarding multicast traffic.QUESTION 45Which of the following are valid methods of VRRP authentication? (Choose three.) A. SHA-124B. SHA-254C. No authenticationD. WAPE. Plain text authenticationF. MD5Answer: CEFQUESTION 46Which three basic types of SD-WAN deployments are out on the market? (Choose three.)A. SD-WAN as-a-ServiceB. secure SD-WAN serviceC. internet-based SD-WAND. policy-based SD-WANE. managed service SD-WANF. MPLS-basedAnswer: ACEQUESTION 47Which two statements about VRRP are true? (Choose two.)A. Authentication commands must be entered under the interface.B. It sends advertisements to multicast address 224.0.0.9.C. It supports MD5 and IP sec authentication.D. It can use an interface IP address as the virtual IP address.E. It sends advertisements to multicast address 224.0.0.18.F. It is a Cisco proprietary protocol.Answer: DEQUESTION 48What following parameters for the EIGRP authentication need to match in order for EIGRP neighbors to establish a neighbor relationship?A. Autonomous System number.B. K-ValuesC. If authentication is used both: the key number, the password, and the date/time.D. The neighbors must be on common subnet (all IGPs follow this rule).Answer: CQUESTION 49Which feature must be incorporated into the campus LAN design to enable Wake on LAN?A. dynamic ARP Inspection Snooping on layer 2 devicesB. directed broadcasts on layer 3 devicesC. proxy ARP on layer 3 devicesD. DHCP Snooping on layer 2 devicesAnswer: BExplanation:If you send WoL packets from remote networks, the routers must be configured to allow directed broadcasts.https://www.cisco.com/c/en/us/support/docs/switches/catalyst-3750-series-switches/91672-catl3-wol-vlans.htmlQUESTION 50Which function are fabric intermediate nodes responsible for in an SD-Access Architecture?A. mapping EIDs to RLOCsB. encapsulating user traffic in a VXLAN header including the SGTC. registering new endpoints in the HTDBD. transporting IP packets between edge nodes and border nodesAnswer: DExplanation:Intermediate nodes are part of the Layer 3 network used for interconnections among the devices operating in a fabric role such as the interconnections between border nodes and edge nodes. These interconnections are created in the Global Routing Table on the devices and is also known as the underlay network.https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html#EdgeNodeQUESTION 51An engineer is designing a QoS policy that queues excess packets for later transmission.Which mechanism must be included in the design?A. shapingB. WREDC. policingD. REDAnswer: AExplanation:https://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.htmlQUESTION 52An organization is designing a detailed QoS plan that limits bandwidth to specific rates.Which two parameters are supported be the traffic policing feature? (Choose two.)A. violatingB. markingC. shapingD. burstingE. conformingAnswer: AEExplanation:https://www.cisco.com/c/en/us/support/docs/quality-of-service-qos/qos-policing/19645-policevsshape.htmlhttps://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_plcshp/configuration/xe-17/qos-plcshp-xe-17-book/qos-plcshp-trfc-plc.pdfQUESTION 53Which QoS feature responds to network congestion by dropping lower priority packets?A. CBWFQB. tail dropC. WREDD. strict priorityAnswer: CExplanation:WRED can selectively discard lower priority traffic when the interface begins to get congested and provide differentiated performance characteristics for different classes of service.https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_conavd/configuration/15-mt/qos-conavd-15-mt-book/qos-conavd-oview.html#:~:text=WRED%20can%20selectively%20discard%20lower,for%20different%20classes%20of%20service.QUESTION 54Which two BGP features will result in successful route exchanges between eBGP neighbors sharing the same AS number? (Choose two.)A. advertise-best-externalB. bestpath as-path ignoreC. client-to-client reflectionD. as-overrideE. allow-as-inAnswer: DEQUESTION 55A company is running BGP on a single router, which has two connections to the same ISP. Which BGP feature ensures traffic is load balanced across the two links to the ISP?A. MultihopB. Multipath Load SharingC. Next-Hop Address TrackingD. AS-Path PrependingAnswer: BExplanation:BGP Multipath Load Sharing for eBGP and iBGP allows you to configure multipath load balancing with both eBGP and iBGP paths in BGP networks that are configured to use MPLS.QUESTION 56What is the purpose of an edge node in an SD-Access network fabric?A. Edge nodes identify and authenticate endpoints and register endpoint information with control plane nodes.B. Edge nodes track endpoint IDs to location mappings, along with IPv4, IPv6, or MAC addresses.C. Edge nodes are the gateway between the fabric domain and network outside of the fabric.D. Edge nodes resolve lookup requests from edge and border nodes to locate destination endpoint IDs.Answer: AQUESTION 57An engineer is working with NETCONF and Cisco NX-OS based devices. The engineer needs a YANG model that supports a specific feature relevant only to Cisco NX-OS. Which model must the engineer choose?A. NativeB. IEEEC. OpenConfigD. IETFAnswer: AExplanation:NXOS has a comprehensive number of both native and open YANG models, that allow you to manage the rich feature-set that NXOS provides. Data models provide a structured and well-defined base that facilitates programmatic interaction with NXOS devices. The list of supported models includes native, OpenConfig and IETF models. In addition, YANG provides a modeling language optimized for network devices and with a growing number of tools and utilities. OpenConfig and IETF are vendor agnostic models, that abstract the detailed configuration across OSs and platforms.QUESTION 58Which OSPF area blocks LSA Type 3, 4 and 5, but allows a default summary route?A. normalB. stubC. NSSAD. totally stubbyAnswer: DExplanation:A totally stubby area does not flood network summary LSAs (Type 3). It stifles Type 4 LSAs, as well. Like regular stub areas, totally stubby areas do not flood Type 5 LSAs. A totally stubby area sends just a single LSA for the default route.QUESTION 59Which two options are requirements for EIGRP authentication? (Choose two)A. A crypto map must be configured.B. The Authentication key must be configured under the interface running EIGRP.C. The authentication key must be configured within the EIGRP routing configuration.D. The authentication key IDs must match between two neighbors.E. A separate key chain must be configured.F. AN IPsec profile must be configured.Answer: BDQUESTION 60A network engineer replaced a bad router with a spare, used router in an OSPF network. After the replacement, OSPF neighborship is not being established on one of the interfaces. Which two reasons cause this issue? (Choose two)A. authentication mismatchB. MTU mismatchC. OSPF process numbers do not match on both neighbor routersD. OSPF timers matchE. area numbers matchAnswer: ABQUESTION 61You are implementing WAN access for an enterprise network while running applications that require a fully meshed network, which two design standards are appropriate for such an environment? (Choose two)A. A centralized DMVPN solution to simplify connectivity for the enterpriseB. A dedicated WAN distribution layer to consolidate connectivity to remote sitesC. A collapsed core and distribution layer to minimize costsD. Multiple MPLS VPN connections with static routingE. Multiple MPLS VPN connections with dynamic routingAnswer: AEExplanation:DMVPN dynamically creates spoke-to-spoke tunnels, enabling a full mesh topology without manual configuration. This simplifies connectivity while maintaining scalability and flexibility.MPLS VPNs natively support any-to-any connectivity, and dynamic routing protocols (e.g., BGP, OSPF) automate route propagation, ensuring efficient and scalable management of a fully meshed network.QUESTION 62Which consideration must be taken into account when using the DHCP relay feature in a Cisco SD-Access Architecture?A. DHCP-relay must be enabled on fabric edge nodes to provide the correct mapping of DHCP scope to the local anycast gateway.B. A DHCP server must be enabled on the border nodes to allow subnets to span multiple fabric edges.C. DHCP servers must support Cisco SD-Access extensions to correctly assign IPs to endpoints in an SDAccess fabric with anycast gateway.D. DHCP Option-82 must be enabled to map the circuit IP option to the access fabric node where the DHCP discover originated.Answer: DExplanation:https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html#FabricDHCPOverviewandDesignQUESTION 63An engineer is looking for a standards-driven YANG model to manage a multivendor network environment.Which model must the engineer choose?A. NativeB. OpenConfigC. IETFD. IEEE NETCONFAnswer: BExplanation:OpenConfig is a vendor-neutral, community-driven initiative focused on developing consistent YANG data models for multivendor network environments. It aims to standardize configurations and operational state across different vendors, reducing fragmentation and ensuring interoperability.QUESTION 64What are two benefits of designing an SD-WAN network fabric with direct Internet access implemented at every site? (Choose two.)A. It decreases latency to applications hosted by public cloud service provider.B. It decreases latency on Internet circuits.C. It increases the speed of delivery of site deployments through zero-touch provisioning.D. It increases the total available bandwidth on Internet circuits.E. It alleviates network traffic on MPLS circuits.Answer: AEQUESTION 65An engineer is designing an enterprise campus network. The LAN infrastructure consists of switches from multiple vendors, and Spanning Tree must be used as a Layer 2 loop prevention mechanism. All configured VLANs must be grouped in two SIP instances. Which standards-based Spanning Tree technology supports this design solution?A. MSTPB. RSTPC. Rapid PVSTD. STPAnswer: AQUESTION 66What are three key concepts that apply when configuring the EIGRP stub routing feature in a hub and spoke network? (Choose three.)A. A hub router prevents routes from being advertised to the remote router.B. Only remote routers are configured as stubs.C. Stub routers are not queried for routes.D. Spoke routers connected to hub routers answer the route queries for the stub router.E. A stub router should have only EIGRP hub routers as neighbors.F. EIGRP stub routing should be used on hub routers only.Answer: BCEQUESTION 67When vEdge router redundancy is designed, which FHRP is supported?A. HSRPB. OMPC. GLBPD. VRRPAnswer: DQUESTION 68Which feature is required for graceful restart to recover from a processor failure?A. Cisco Express ForwardingB. Virtual Switch SystemC. Stateful SwitchoverD. Bidirectional Forwarding DetectionAnswer: CExplanation:Cisco Nonstop Forwarding (NSF) with Stateful Switchover (SSO) provides increased network service availability and protection against unplanned downtime due to hardware or software problems.Cisco Nonstop Forwarding and Stateful Switchover are designed to be deployed together. NSF relies on SSO to ensure that links and interfaces remain up during switchover, and that lower layer protocol state is maintained. NSF is, however, configured separately and it is possible to enable SSO without NSF.https://www.cisco.com/en/US/technologies/tk869/tk769/technologies_white_paper0900aecd801dc5e2.htmlQUESTION 69Which method will filter routes between EIGRP neighbors within the same autonomous system?A. distribute-listB. policy-based routingC. leak-mapD. route taggingAnswer: AQUESTION 70An infrastructure team is concerned about the shared memory utilization of a device, and for this reason, they need to monitor the device state. Which solution limits impact on the device and provides the required data?A. IPFIXB. static telemetryC. on-change subscriptionD. periodic subscriptionAnswer: CExplanation:There are two types of subscriptions: periodic and on-change. With periodic subscription, data is streamed out to the destination at the configured interval. It continuously sends data for the lifetime of that subscription. With on-change, data is published only when a change in the data occurs such as when an interface or OSPF neighbor goes down.https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide/streaming-telemetryQUESTION 71What two features are benefits of using GRE tunnels with IPsec over using an IPsec tunnel alone in building-to-building site-to-site VPNs? (Choose two.)A. allows dynamic routing securely over the tunnelB. IKE keepalives are unidirectional and sent every ten secondsC. reduces IPsec headers overhead since tunnel mode is usedD. supports non-IP traffic over the tunnelE. uses Virtual Tunnel Interface (VTI) to simplify the IPsec VPN configurationAnswer: ADQUESTION 72Which OSPF area prevent LSA type 4, LSA type 5? (Choose two)A. Stub AreaB. Totally Stubby AreaC. Not-So-Stubby AreaD. Totally Not-So-Stubby AreaAnswer: ABExplanation:Stub No Type 5 AS-external LSA allowed, accepts only 1,2,3 but no 4 totaly stubby No Type 3, 4 or 5 LSAs allowed except the default summary route NSS, accepts only 1,2 and route 0.0.0.0 NSSA No Type 5 AS-external LSAs allowed, but ABR converts type 7 to type 5. It accepts type 3 and 4 totaly NSSA No Type 3, 4 or 5 LSAs except the default summary route, but ABR converts type 7 to type 5.QUESTION 73What is one function of the vSmart controller in an SD-WAN deployment?A. orchestrates vEdge and cEdge connectivityB. responsible for the centralized control plane of the SD-WAN networkC. provides centralized network management and a GUI to monitor and operate the SD-WAN overlayD. provides a data-plane at branch offices to pass traffic through the SD-WAN networkAnswer: BQUESTION 74Which design consideration must be made when dual vEdge routers are deployed at a branch site?A. Use BGP AS-path prepending to influence egress traffic and use MED to influence ingress traffic from the branch.B. HSRP priorities must match the OMP routing policy to prefer one vEdge over the other.C. Traffic must be symmetrical as it egresses the vEdges and returns from remote sites for DPI to function properly.D. Configure BFD between vEdge routers to detect sub-second link failures.Answer: CExplanation:For the localized application visibility features (DPI and NBAR2) to be able to classify most application traffic, it is important that the WAN Edge router sees network traffic in both directions. In dual-WAN Edge sites without any policy enabled, equal cost paths exist over each transport and to each WAN Edge router, and network traffic is hashed depending on fields in the IP header. Traffic is unlikely to always be forwarded to the same WAN Edge router in both the LAN-to-WAN direction and the WAN-to-LAN direction. To maintain symmetric traffic, it is recommended to set up routing so that traffic prefers one WAN Edge over another at dual-WAN Edge router sites.QUESTION 75When IPsec VPNs are designed, what is a unique requirement if support for IP Multicast is required?A. encapsulation of traffic with GRE or VTIB. IPsec forwarding using transport modeC. additional bandwidth for headendD. IPsec forwarding using tunnel modeAnswer: AQUESTION 76How do endpoints inside an SD-Access network reach resources outside the fabric?A. a VRF fusion router is used to map resources in one VN to another VNB. Fabric borders use VRFs to map VNs to VRFsC. SD-Access transit links are used to transport encapsulated traffic from one fabric to anotherD. A fabric edge is used to de-encapsulate VXLAN traffic to normal IP traffic then transported over the outside networkAnswer: BExplanation:Fabric border routers handle the ingress & egress traffic for the SD-Access fabric, they are responsible for translating the policy, VRF & SGT information between the SD-Access fabric and the external networks.QUESTION 77Which three pieces of information are carried on OSPF type 3 LSAs? (Choose three)A. metricB. authentication typeC. link stateD. IP subnetE. external route tagF. subnet maskAnswer: ADFExplanation:There is IP prefix (192.168.1.0), Network Mask (/24) and a Metric (10). See below:R1#show ip ospf database summaryOSPF Router with ID (1.1.1.1) (Process ID 1)Summary Net Link States (Area 10)Routing Bit Set on this LSALS age: 872Options: (No TOS-capability, DC, Upward)LS Type: Summary Links(Network)Link State ID: 192.168.1.0 (summary Network Number)Advertising Router: 2.2.2.2LS Seq Number: 8000000BChecksum: 0xE0D5Length: 28Network Mask: /24TOS: 0 Metric: 10QUESTION 78Which two statements about DMVPN with NHRP are true? (Choose two)A. NHRP shortens the configuration of the hub router.B. NHRP dynamically provides information about the spoke routers to the hub.C. NHRP disables multicastD. The hub router uses NHRP to initiate the GRE tunnel with spokes.E. The spoke routers act as the NHRP servers.Answer: ABExplanation:https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/41940-dmvpn.html#dyntunDynamic Tunnel Creation for “Spoke-to-Hub”Configuration of the hub router is shortened and simplified since it does not need to have any GRE or IPsec information about the peer routers. All of this information is learned dynamically via NHRP.D is wrong box spokes are the devices who initiate the tunnel using NHRP not the HUBQUESTION 79In a simple MPLS L3VPN, which two tasks are performed by the PE router? (Choose two.)A. It establishes pseudo wires with other PEs.B. It exchanges VPNv4 and VPNv6 routes with CE Devices.C. It assigns labels to routes in individual VPNs.D. It forwards labeled packets to CE devices.E. It exchanges VPNv4 or VPNv6 route with other PE routers.Answer: CEQUESTION 80Refer to the exhibit. Which action would make the router the active VRRP router?A. Recover interface Serial 1/0.B. Increase priority in the configuration to 100.C. Change the interface tracking priority to 100.D. Recover interface Serial 1/1.Answer: AExplanation:As VRRP Group 30 is configured with preemption all that is required is that the VRRP Priority be higher than that of the current active VRRP router and the current master router priority is 50.Resources From:1.2025 Latest Braindump2go 300-420 Exam Dumps (PDF & VCE) Free Share:https://www.braindump2go.com/300-420.html2.2025 Latest Braindump2go 300-420 PDF and 300-420 VCE Dumps Free Share:https://drive.google.com/drive/folders/1SXwfGxRyjBzcw1iBNd9T4FhKWBoH7WUo?usp=sharing3.2025 Free Braindump2go 300-420 Exam Questions Download:https://www.braindump2go.com/free-online-pdf/300-420-VCE-Dumps(1-80).pdfFree Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams! --------------------------------------------------- Images: --------------------------------------------------- --------------------------------------------------- Post date: 2025-11-11 07:13:20 Post date GMT: 2025-11-11 07:13:20 Post modified date: 2025-11-11 07:13:20 Post modified date GMT: 2025-11-11 07:13:20 ____________________________________________________________________________________________ Export of Post and Page as text file has been powered by [ Universal Post Manager ] plugin from www.gconverters.com