2022年最新の認定サンプル問題350-401問題集と練習試験合格させます
350-401豪華セット学習ガイドにはオンライン試験エンジン
質問 142
Refer to the exhibit.
Which IP address becomes the active next hop for 192.168.102 0/24 when 192.168.101.2 fails?
- A. 192.168.101.6
- B. 192.168.101.18
- C. 192.168.101.10
- D. 192.168.101.14
正解: B
質問 143 
Refer to the exhibit. After configurating an IPsec VPN, an engineer enters the show command to verify the ISAKMP SA status. What does the status show?
- A. ISAKMP SA is authenticated and can be used for Quick Mode.
- B. ISAKMP SA has been created, but it has not continued to form.
- C. Peers have exchanged keys, but ISAKMP SA remains unauthenticated.
- D. VPN peers agreed on parameters for the ISAKMP SA
正解: D
質問 144
Drag the drop the description from the left onto the routing protocol they describe on the right.
正解:
解説:
Explanation
質問 145
Which two GRE features are configured to prevent fragmentation? (Choose two.)
- A. MTU ignore
- B. TCP MSS
- C. DF bit Clear
- D. PMTUD
- E. IP MTU
- F. TCP window size
正解: B,D
解説:
The IP protocol was designed for use on a wide variety of transmission links. Although the maximum length of an IP datagram is 65535, most transmission links enforce a smaller maximum packet length limit, called an MTU. The value of the MTU depends on the type of the transmission link. The design of IP accommodates MTU differences since it allows routers to fragment IP datagrams as necessary. The receiving station is responsible for the reassembly of the fragments back into the original full size IP datagram.
Fragmentation and Path Maximum Transmission Unit Discovery (PMTUD) is a standardized technique to determine the maximum transmission unit (MTU) size on the network path between two hosts, usually with the goal of avoiding IP fragmentation. PMTUD was originally intended for routers in IPv4. However, all modern operating systems use it on endpoints.
The TCP Maximum Segment Size (TCP MSS) defines the maximum amount of data that a host is willing to accept in a single TCP/IP datagram. This TCP/IP datagram might be fragmented at the IP layer. The MSS value is sent as a TCP header option only in TCP SYN segments. Each side of a TCP connection reports its MSS value to the other side. Contrary to popular belief, the MSS value is not negotiated between hosts. The sending host is required to limit the size of data in a single TCP segment to a value less than or equal to the MSS reported by the receiving host.
TCP MSS takes care of fragmentation at the two endpoints of a TCP connection, but it does not handle the case where there is a smaller MTU link in the middle between these two endpoints.
PMTUD was developed in order to avoid fragmentation in the path between the endpoints. It is used to dynamically determine the lowest MTU along the path from a packet's source to its destination.
Reference:
25885-pmtud-ipfrag.html
質問 146
Drag and drop the characteristics from the left onto the correct infrastructure deployment types on the right.
正解:
解説:
Explanation
Cloud6,2,5 : On Premises4,3,1
質問 147
Drag and drop the REST API authentication methods from the left onto their descriptions on the right.
正解:
解説:
Explanation
Graphical user interface, application Description automatically generated with medium confidence
質問 148
Based on the output below, which Python code shows the value of the "upTime" key?
A)
B)
C)
D)
- A. Option D
- B. Option B
- C. Option A
- D. Option C
正解: A
質問 149
The login method is configured on the VTY lines of a router with these parameters.
The first method for authentication is TACACS
If TACACS is unavailable, login is allowed without any provided credentials
Which configuration accomplishes this task?
- A. R1#sh run | include aaa
aaa new-model
aaa authentication login VTY group tacacs+ none
aaa session-id common
R1#sh run | section vty
line vty 0 4
password 7 0202039485748
R1#sh run | include username
R1# - B. R1#sh run | include aaa
aaa new-model
aaa authentication login telnet group tacacs+ none
aaa session-id common
R1#sh run | section vty
line vty 0 4
R1#sh run | include username
R1# - C. R1#sh run | include aaa
aaa new-model
aaa authentication login default group tacacs+
aaa session-id common
R1#sh run | section vty
line vty 0 4
transport input none
R1# - D. R1#sh run | include aaa
aaa new-model
aaa authentication login default group tacacs+ none
aaa session-id common
R1#sh run | section vty
line vty 0 4
password 7 0202039485748
正解: D
解説:
According to the requirements (first use TACACS+, then allow login with no authentication), we
have to use "aaa authentication login ... group tacacs+ none" for AAA command.
The next thing to check is the if the "aaa authentication login default" or "aaa authentication
login list-name" is used. The 'default' keyword means we want to apply for all login connections
(such as tty, vty, console and aux). If we use this keyword, we don't need to configure anything
else under tty, vty and aux lines. If we don't use this keyword then we have to specify which
line(s) we want to apply the authentication feature.
From above information, we can find out answer 'R1#sh run | include aaa
aaa new-model
aaa authentication login default group tacacs+ none
aaa session-id common
R1#sh run | section vty
line vty 0 4
password 7 0202039485748
If you want to learn more about AAA configuration, please read our AAA TACACS+ and RADIUS
Tutorial - Part 2.
For your information, answer 'R1#sh run | include aaa
aaa new-model
aaa authentication login telnet group tacacs+ none
aaa session-id common
R1#sh run | section vty
line vty 0 4
R1#sh run | include username
R1#' would be correct if we add the following command under vty line ("line vty 0 4"): "login
authentication telnet" ("telnet" is the name of the AAA list above)
質問 150
Refer to this output. What is the logging severity level?
R1#Feb 14 37:15:12:429: %LINEPROTO-5-UPDOWN Line protocol on interface GigabitEthernet0/1.
Change state to up
- A. Emergency
- B. Notification
- C. Alert
- D. Critical
正解: B
質問 151
Which standard access control entry permits traffic from odd-numbered hosts in the 10.0.0.0/24 subnet?
- A. permit 10.0.0.1 0.0.0.254
- B. permit 10.0.0.0 0.0.0.1
- C. permit 10.0.0.0 255.255.255.254
- D. permit 10.0.0.1 0.0.0.0
正解: A
質問 152
Refer to the exhibit.
After implementing the configuration 172.20.20.2 stops replaying to ICMP echoes, but the default route fails to be removed. What is the reason for this behavior?
- A. The threshold value is wrong.
- B. The source-interface is configured incorrectly.
- C. The destination must be 172.30.30.2 for icmp-echo
- D. The default route is missing the track feature
正解: D
質問 153
Drag and drop the descriptions from the left onto the QoS components on the right.
正解:
解説:

質問 154
Refer to the exhibit.
An engineer must ensure that all traffic leaving AS 200 will choose Link 2 as an entry point. Assuming that all BGP neighbor relationships have been formed and that the attributes have not been changed on any of the routers, which configuration accomplish task?
- A. Option D
- B. Option B
- C. Option C
- D. Option A
正解: D
解説:
Explanation
R3 advertises BGP updates to R1 with multiple AS 100 so R3 believes the path to reach AS 200 via R3 is farther than R2 so R3 will choose R2 to forward traffic to AS 200.
質問 155
Refer to the exhibit.
Which two statements about the EEM applet configuration are true? (Choose two.)
- A. The running configuration is displayed only if the letter Y is entered at the CLI
- B. The EEM applet requires a case-insensitive response
- C. The EEM applet runs before the CLI command is executed
- D. The EEM applet runs after the CLI command is executed
正解: A,C
解説:
Explanation
When you use the sync yes option in the event cli command, the EEM applet runs before the CLI command is executed. The EEM applet should set the _exit_status variable to indicate whether the CLI command should be executed (_exit_status set to one) or not (_exit_status set to zero).
With the sync no option, the EEM applet is executed in background in parallel with the CLI command.
Reference: https://blog.ipspace.net/2011/01/eem-event-cli-command-options-and.html
質問 156
Refer to the exhibit.
The WLC administrator sees that the controller to which a roaming client associates has Mobility Role Anchor configured under Clients > Detail. Which type of roaming is supported?
- A. Layer 3 intercontroller
- B. Intracontroller
- C. Layer 2 intercontroller
- D. Indirect
正解: A
質問 157
Refer to the exhibit.
What is the JSON syntax that is formed the data?
- A. Option D
- B. Option B
- C. Option A
- D. Option C
正解: D
質問 158
What do Cisco DNA southbound APIs provide?
- A. Interface between the controller and the consumer
- B. Interface between the controller and the network devices
- C. RESful API interface for orchestrator communication
- D. NETCONF API interface for orchestration communication
正解: B
解説:
Explanation
The Southbound API is used to communicate with network devices.
Graphical user interface, text, application, chat or text message Description automatically generated
質問 159
Refer to the exhibit.
A port channel is configured between SW2 and SW3. SW2 is not running a Cisco operating system. When all physical connections are made, the port channel does not establish.
Based on the configuration excerpt of SW3, what is the cause of the problem?
- A. The port-channel trunk is not allowing the native VLAN.
- B. The port-channel mode should be set to auto.
- C. The port channel on SW2 is using an incompatible protocol.
- D. The port-channel interface load balance should be set to src-mac.
正解: C
質問 160
Refer to the exhibit. Router BRDR-1 is configured to receive the 0.0.0.0/0 and 172.17.1.0/24 network via BGP and advertise them into OSPF are 0. An engineer has noticed that the OSPF domain is receiving only the 172.17.1.0/24 route and default route 0.0.0.0/0 is still missing. Which configurating must engineer apply to resolve the problem?
- A. Option D
- B. Option B
- C. Option A
- D. Option C
正解: A
質問 161
What is the wireless received signal strength indicator?
- A. The value given to the strength of the wireless signal received compared to the noise level
- B. The value of how strong a tireless signal is receded, measured in dBm
- C. The value of how much wireless signal is lost over a defined amount of distance
- D. The value of how strong the wireless signal Is leaving the antenna using transmit power, cable loss, and antenna gain
正解: B
解説:
Explanation
RSSI, or "Received Signal Strength Indicator," is a measurement of how well your device can hear a signal from an access point or router. It's a value that is useful for determining if you have enough signal to get a good wireless connection.
This value is measured in decibels (dBm) from 0 (zero) to -120 (minus 120). The closer to 0 (zero) the stronger the signal is which means it's better, typically voice networks require a -65db or better signal level while a data network needs -80db or better.
質問 162
Drag and drop the Qos mechanisms from the left to the correct descriptions on the right
正解:
解説:

質問 163
Refer to the exhibit.
An engineer configures monitoring on SW1 and enters the show command to verify operation. What does the output confirm?
- A. SPAN session 2 only monitors egress traffic exiting port FastEthernet 0/14.
- B. RSPAN session 1 is incompletely configured for monitoring
- C. SPAN session 1 monitors activity on VLAN 50 of a remote switch
- D. SPAN session 2 monitors all traffic entering and exiting port FastEthernet 0/15.
正解: B
解説:
Explanation
SW1 has been configured with the following commands:
SW1(config)#monitor session 1 source remote vlan 50 SW1(config)#monitor session 2 source interface fa0/14 SW1(config)#monitor session 2 destination interface fa0/15 The session 1 on SW1 was configured for Remote SPAN (RSPAN) while session 2 was configured for local SPAN. For RSPAN we need to configure the destination port to complete the configuration.
Note: In fact we cannot create such a session like session 1 because if we only configure Source RSPAN VLAN 50 (with the command monitor session 1 source remote vlan 50) then we will receive a Type: Remote Source Session (not Remote Destination Session).
質問 164
......
Cisco 350-401 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
| トピック 8 |
|
| トピック 9 |
|
| トピック 10 |
|
| トピック 11 |
|
| トピック 12 |
|
| トピック 13 |
|
| トピック 14 |
|
| トピック 15 |
|
| トピック 16 |
|
| トピック 17 |
|
| トピック 18 |
|
| トピック 19 |
|
350-401問題集レビュー専門クイズで学習材料:https://jp.fast2test.com/350-401-premium-file.html
350-401テスト準備トレーニング練習試験問題練習テスト:https://drive.google.com/open?id=1AsAvlYFH_B3NJJJigyMiLDELIGmnb5ff