300-420 ENSLD:Designing Cisco Enterprise Networks (ENSLD)
Update:2026年6月4日
Questions and Answers: 336 Q&A
1.
An engineer must propose a solution for a campus network that includes the capability to create multiple Layer 3 virtual networks. Each network must have its own addressing structure and routing table for data forwarding. The solution must be scalable to support hundreds of virtual networks and allow simple configuration and management with minimal administrative overhead. Which solution does the engineer recommend?
2.
Drag and drop the description from the left onto the corresponding WAN connectivity types and categories on the right.
3.
A branch office has a primary L3VPN MPLS connection back to the main office and an IPSEC VPN tunnel that serves as backup. Which design ensures that data is sent over the backup connection only if the primary MPLS circuit is down?
4.
Which method does Cisco SD-WAN use to avoid fragmentation issues?
5.
A customer has several remote sites connected with their headquarters through microwave links. An engineer must propose a backup WAN solution based on these conditions:
- Aphysical WAN solution is not available for most of the sites.
- The customer has a limited budget and a short tmeframe for implementation.
- The backup link will have low bandwidth requirements.
- Users will tolerate a WAN outage of up to 2 hours
Which backup WAN link type the engineer recommend?
6.
In a cisco SD-Access brownfield deployment scenario, which configuration deployment must be taken with Cisco DNA center?
7.
An architect is designing an ISIS solution with these requirements:
- The backbone area will grow to 50 routers in the next 12 months.
- Routers A1 and A2 must avoid suboptimal routing.
- Summarization and route-leaking should be allowed in areas 49.002 and 49.003.
Which solution must the architect select?
8.
Which security functionality does gRPC provide?
9.
A network architect Is enabling TV services In the LAN. The source will be streaming to the 239.1.1.1 group IP address. Dense mode Is not allowed In the network. Multicast has already been enabled on all network devices In the LAN segment. Which action must the architect take to finalize the design?
10.
Which design consideration must be made when dual WAN Edge routers are deployed at a branch site?
11.
An engineer working for a telecommunication company with an employee ID 4449:30 959 Is calculating STP scalability for switches to ensure that the numbers are below the maximum supported value for STP logical ports How many logical interfaces are active for switch A?
12.
An engineer uses Postman and YANG to configure a router with:
- OSPF process ID 100
- network 10.10.10.0/28 enabled for Area0
Which get-config replay verifies that the model set was designed correctly?
13.
Which two options can you use to configure an EIGRP stub router? (Choose two)
14.
A global organization with several branches hired a network architect to design an overlay VPN solution. The branches communicate with each other frequently. The customer expects to add more branches in the future. To meet the customer's security requirements, the architect plans to provide traffic protection using dynamic IPsec tunnels. Which solution should the architect choose?
15.
What is the purpose of Cisco vBond as a Session Traversal Utilities for NAT server?
16.
An engineer is working with NETCONF and Cisco NX-OS based devices. The engineer needs a YANG model that supports a specific feature relevant only to Cisco NX-OS. Which model must the engineer choose?
17.
A customer requires QoS to support multimedia conferencing over MPLS. The network architect chooses to use per-hop behavior. Which solution must the architect use to classify and mark traffic traveling between branch sites?
18.
An architect is designing an IPv4 plan using the 172 20 0.0/16 network The design must maximize the number of subnets and minimize the number of wasted IP addresses In addition, the plan must allocate a subnet to these customers and links
- Customer A, which supports 125 hosts
- Customer D, which supports 62 hosts
- Links B C. and E
Which two configuration sets meet these requirements'? (Choose two)
19.
An engineer must establish a direct connection between two remote offices. The new connection must be established using a logical path, share a common broadcast domain, connect over private WAN, and have as little overhead as possible. Which technology must the engineer choose?
20.
An engineer is designing an OSPF solution for a customer. The design must take into consideration:
- Application load balancers D. E. and F are in different geographical locations and are OSPF-enabled.
- Hosts A, B. and C connect to an application through the load balancers using IP address 10.1.1.1/32.
- In the event of a failure of one of the load balancers, hosts must still have access to the application.
Which solution must the engineer choose?
21.
A network engineer must connect two sites across a public network using a secure tunneling technology that supports multicast traffic. Which technology must be chosen?
22.
Customers report low video quality and delays when having point-to-point telepresence video calls between the two locations. An architect must optimize a design so that traffic follows the same path for egress and ingress traffic flows. Which technique optimizes the design?
23.
A network administrator is troubleshooting a DMVPN setup between the hub and the spoke. Which action should the administrator take before troubleshooting the IPsec configuration?
24.
Drag and drop the properties from the left onto the Cisco SD-WAN components that perform them on the right.
25.
A customer is planning to onboard three new VPN partner connections in the data center. The new subnets must not overlap with the existing data center network, and the subnet size must not be bigger than necessary. The customer dedicated 10.1.8.0/21 for this design. Ho1// must the subnets be divided to meet these requirements?
26.
How are wireless endpoints registered in the HTDB in a Cisco SD-Access architecture?
27.
A network engineer must design a highly available OSPF solution based on these requirements:
- Traffic disruptions caused by link or node failures in Area-1 must be resolved in milliseconds.
- In the event of a failure, traffic must switch to another path without waiting for the OSPF dead interval.
Which fault detection solution must the engineer choose?
28.
Drag and drop the characteristics from the left onto the telemetry mode they apply to on the right.
29.
An engineer must optimize the traffic flow of the network. Which change provides a more efficient design between the access and the distribution layer?
30.
An architect is designing a network solution for a customer The network is IPv6-only with 1000 hosts. The design must provide external access to up to 10 concurrent IPv6 hosts to allow communication with legacy IPv4 devices on an adjacent network. The customer set aside 10 IPv4 addresses to allow for one-to-one communication between hosts. Which solution must the architect select?
31.
A customer needs to apply QoS to the network management traffic passing through the GigabitEthernet0/2 interface. All eight queuing classes are in use, so the new requirement must be integrated into the existing policy. Which solution must the customer choose?
32.
Which information update is carried by OMP and enables the Cisco SD-WAN to build a secure overlay fabric on top of any public or private transport without regard for the actual link IP?
33.
Which nonproprietary mechanism can be used to automate rendezvous point distribution in a large PIM domain?
34.
An engineer must design a VPN solution for a company that has multiple branches connecting to a main office. What are two advantages of using DMVPN instead of IPsec tunnels to accomplish this task? (Choose two.)
35.
An engineer is designing a hierarchical ISIS solution for an enterprise customer with these requirements
- Users in areas 25 and 55 send and receive traffic from both backbone areas
- Link flaps in areas 35 and 45 must not impact other areas
- Routers will double within the next 12 months in areas 35 and 45
Which design must the engineer select?
36.
A company has some offices that are connected via dark fiber in New York. A network architect must optimize the network design based on the EIGRP routing protocol. The network has hierarchical addressing between 10 and 12 routers in each office. Routing convergence time must be at the minimum. What must the network architect do to reduce the query range?
37.
An organization plans to deploy multicast across two different autonomous systems. Their solution must allow RPs to:
- discover active sources outside their domain
- use the underlying routing information for connectivity with other RPs
- announce sources joining the group
Which solution supports these requirements?
38.
An architect is designing a Layer 2 network for a customer. The network will use the spanning-tree protocol. During a link failure between SW1 and SW2, the fastest possible convergence time is desired. Which solution must the architect select?
39.
Drag and drop the descriptions from the left onto the categories they apply to on the right.
40.
An engineer is tasked with designing a dual BGP peering solution with a service provider. The design must meet these conditions:
- The routers will not learn any prefix with a subnet mask greater than /24.
- The routers will determine the routes to include in the routing table based on the length of the mask alone.
- The routers will make this selection regardless of the service provider configuration.
Which solution should the engineer include in the design?
41.
Which method must an architect use to provide connectivity between the mail servers?
42.
A company wants to switch from static to dynamic routing. The branches use DMVPN back to the hub using two internet connections. One internet connection speed is 10 Mbps, and the other is 100 Mbps. All locations use Cisco routers; however, the branch routers have limited memory and CPU resources. Which routing protocol and design solution must the company choose for optimal traffic forwarding during peak traffic times?
43.
A company is using OSPF between its HQ location and a branch office. HQ is assigned area 0 and the branch office is assigned area 1. The company purchases a second branch office, but due to circuit delays to HQ, it decides to connect the new branch office to the creating branch office as a temporary measure. The new branch office is assigned area 2. Which OSPF configuration enables all three locations to exchange routes?
44.
An architect must design a solution to connect bank site A with bank site B and support:
- network operation center monitoring end-to-end L3VPN and L2VPN traffic
- company adding thousands of routes in the next two years
Which two BGP solutions must the design include? (Choose two.)
45.
A company needs to increase access port capacity on one floor of a building. They want to leverage the existing catalyst access switch. There is no problem with uplink bandwidth capacity. However, no additional uplinks can be added because no ports are available on the distribution switches. Which solution must the company choose to provide additional access ports?
46.
A network engineer must optimize a campus OSPF deployment Currently each time a type 1 or type 2 LSA is generated within an area, the OSPF process must recompute the entire SPT Which solution improves the recomputation process?
47.
Which function are fabric intermediate nodes responsible for in an SD-Access Architecture?
48.
A company wants to switch from static routing to a dynamic routing protocol to ease the administrative and operational overhead. The network topology is hub and spoke, and the branches use DMVPN back to the hub using two 100 Mbps internet connections. Both links must be used due to spikes in traffic, and routing must take traffic utilization of the links into account. Also, the branch routers have limited memory and CPU resources. Which routing protocol and design solution must the company choose?
49.
The full EIGRP routing table is advertised throughout the network. Currently, users experience data loss when any one link in the network fails. An architect optimizes the network to reduce the impact when a link fails. Which solution should the architect include in the design?
50.
An engineer is designing an EIGRP network for a small branch site where there is only one Layer 3 router. The engineer wants the router to advertise the local LAN network to remote EIGRP neighbors without sending any unnecessary multicast messages on the local LAN. Which action should the engineer take?
51.
An architect must design a QoS model for a business-critical application that Is delay-sensitive and requires high bandwidth. The company's head office hosts the application, and DMVPN tunnels protected with IPsec provide connectivity between the head office and branches. Which solution must the architect choose?
52.
An architect is designing a network that requires route redistribution. The design must prevent route feedback and the creation of routing loops. The OSPF domain is using default metrics, and the IS-IS domain is using narrow metrics. Which solution must the architect select?
53.
An engineer must design an automatic failover solution. The solution should allow HSRP to detect a WAN 1 failure and initiate an automatic failover, making router R2 the active HSRP router. Which two solutions should the engineer choose? (Choose two.)
54.
An engineer must design an addressing plan for a small business using a single /24 network. Each department must have its own subnet. Drag and drop the subnets from the left onto the departments requirements that they fulfill on the right. Not all options are used.
55.
An engineer is troubleshooting an issue in which the Gig0/2 interface on a Cisco switch named SW2 fails to become the root port. Which two commands must be run on SW2 to resolve this issue? (Choose two.)
56.
An engineer is designing a multicast network for a financial application Most of the multicast sources also receive multicast traffic (many-to-many deployment model). To better routing tables, the design must not use source trees. Which multicast protocol satisfies these requirements?
57.
Which two points in the network must an engineer configure the ports for explicit trust when using a DiffServ model?
58.
An architect reviews the low-level design of a company's enterprise network and advises optimizing the STP convergence time. Which functionality must be to Gi1/0/1-10 to follow the architect's recommendation?
59.
How does a model-driven telemetry dial-out approach function?
60.
An architect is working on a design to connect a company's main site to several small to mediumsized remote branches. The solution must include redundant WAN links, but the customer has a limited budget and wants the ability to increase the link speed easily in the future. QoS will not on the branch routers so there is no need for consistent end-to-end QoS. Which solution does the architect propose?
61.
Which feature of Cisco SD-WAN Secure Direct Cloud Access divides user traffic into different zones and VPNs or VRFs?
62.
An engineer uses Postman and YANG to configure a router with:
- OSPF process ID 400
- network 192.168.128.128/25 enabled for Area 0
Which get-config reply verifies that the model set was designed correctly?
63.
A network engineer must design a BGP solution based on:
- The route reflector must have one or more direct physical connections to the core routers (R3 and R4).
- The route reflector must have full redundancy and avoid a single point of failure.
- R2 to R1 link utilization is 90%. and the remaining links are less than 50% utilized.
Which two solutions must the design Include? (Choose two.)
64.
Due to budget constraints, a customer decided to purchase WAN routers with one LAN and one WAN interface per device. There is a requirement to connect the three sites to ensure high availability without buying additional WAN links. Which design deployment must the customer choose?
65.
A customer's current Layer 2 infrastructure is running Spanning Tree 802.1d, and all configuration changes are manually implemented on each switch. An architect must redesign the Layer 2 domain to achieve these goals:
- reduce the impact of topology changes
- reduce the time spent on network administration
- reduce manual configuration errors
Which two solutions should the architect include in the new design? (Choose two.)
66.
An engineer must peer with an ISP for internet connectivity using BGP, initially, the engineer wants to receive only specific prefixes from the ISP and a default route. However, the solution must provide the flexibility to add prefixes in the future at short notice. The ISP has a two-week change process in place. Which route filtering solution must the engineer employ?
67.
An engineer is designing a QoS solution for a customer The customer's internet connection has a bandwidth of 10 Mbps. The design must ensure that traffic bursts of data do not exceed the bandwidth of the connection and that received traffic does not starve out business-critical traffic Which solution must the engineer choose?
68.
A Cisco Catalyst switch is configured to.. only one MAC address to be learned manually on interface gkjO/2. Which command must be run to dynamically learn the devices that are connected to the switch port?
69.
What is a challenge of the SaaS model?
70.
Which type of rendezvous point deployment is standards-based and support dynamic RP discovery?
71.
An engineer is designing a QoS policy that queues excess packets for later transmission. Which mechanism must be included in the design?
72.
An engineer must connect a new remote site to an existing OSPF network. The new site consists of two low-end routers, one for WAN, and one for LAN. There is no demand for traffic to pass through this area. Which area type does the engineer choose to provide minimal router resources utilization, while still allowing for full connectivity to the rest of the network?
73.
An engineer must design a management network for a customer's enterprise network. The design must:
- provide the ability to grant and revoke access privileges
- allow only protocols SSH, NTP, FTP, and SNMP
- restrict access to management Interfaces
Which solution must the engineer choose to meet the requirements?
74.
Which PIM mode uses a shared tree only?
75.
How do endpoints inside an SD-Access network reach resources outside the fabric?
76.
An engineer proposed this solution for a company that requires a loop-free. Layer 2 network design. The network will run 802.1W, and all links will be 1 Gbps. If all interfaces are up as point- to-point adjacencies, what are the expected port end states based on the design?
77.
An engineer working for a service provider with an employee ID: 4863:43:939 must design a solution to provide remote connectivity over the public internet. The design must:
- securely connect multiple remote sites to the central site
- provide redundant paths to the central site
- allow auto path selection based on failure and connection quality
- support IP multicast
- minimal configuration at remote sites
Which solution must the engineer choose?
78.
Drag and drop the model driven telemetry characteristics from the left onto the mode they belong to on the right.
79.
What is an advantage of designing an out-of-band network management solution?
80.
An architect must develop a campus network solution that includes:
logically segmented and isolated networks
ability to communicate between network segments when required
support for overlapping IP addresses
widely available technologies to avoid purchasing specialized equipment
Which solution must the architect select?
81.
An architect is creating a migration strategy for a large organization in which the choice made by the application between IPv6 and IPv4 is based on the DNS request. Which migration strategy does the architect choose?
82.
An architect must design a solution to connect the network behind R3 with the EIGRP network. Which mechanism should be included to avoid routing loops?
83.
Which control plane protocol is responsible for ElD-to-RLOC mapping concerning SO-Access Architecture?
84.
A company is running BGP on a single router, which has two connections to the same ISP. Which BGP feature ensures traffic is load balanced across the two links to the ISP?
85.
Which NETCONF operation creates filtering that is specific to the session notifications?
86.
What is a benefit of using VRRPv3 as compared to VRRPv2?
87.
The distribution switches serve as the layer 3 boundary. HSRP preemption is enabled. When the primary switch comes back after a failure, traffic is initially dropped. Which solution must be implemented to improve the design?
88.
A company wants to enable several third-party video conferencing networks based on multicast services. The video conferencing platform can accommodate numerous and dispersed senders and receivers in third-party networks The interior routing protocol is OSPF and the exterior routing protocol is BGP Which multicast mode must be selected to achieve this goal?
89.
A company must automate a set of complex changes aligned with DR testing in the network. These changes are specific, and the DR playbook will be adjusted in the future. The playbook has diverse routing and switching assets in scope as well as multiple vendor and hardware platforms. A developer will create a thin, web front-end microservice and integrate with an Open daylight controller to push changes to the network. Which YANG model should be used?
90.
An architect is designing a network for a customer supporting a Wake-on-LAN application. Which solution must the architect choose?
91.
An architect must design a solution that uses the direct link between R1 and R2 for traffic from 10.10.10.0/24 toward network 10.10.20.0/24. Which solution should the architect include in the design?
92.
What are two advantages of the Cisco SD-WAN technology9 (Choose two)
93.
In Cisco SD-Access. virtual networks create segmentation that allows for separation of users and resources. How is this type of segmentation described?
94.
Which topology within a network underlay eliminates the need for first hop redundancy protocols while improving fault tolerance, increasing resiliency, and simplifying the network?
95.
Which design consideration must be made when using IPv6 overlay tunnels?
96.
Which consideration must be made when designing a Cisco SD-Access fabric underlay?
97.
An architect must ensure a convergence time of 200 ms or less during a link failure within area 0. In addition, the solution must not impact the overall performance of the network. Which solution must the architect select?
98.
An engineer working for a service provider with an employee ID 4598.48.606 prepared several designs for a traditional campus network. The design must allow the deployment on the same VXLAN to any switch at the access layer and must support:
- Fast convergence
- High availability
- Resilience
Which design must be selected?
99.
Drag and drop the elements from the left onto the functions they perform in the Cisco SD-WAN architecture on the right.
100.
An engineer must design an in-band management solution for a customer with branch sites. The solution must allow remote management of the branch sites using management protocols over an MPLS WAN. Queueing is implemented at the remote sites using these classes:
- Class1 equals voice traffic
- Class2 equals mission-critical traffic
- Class3 equals default traffic
How must the solution prioritize the management traffic over the WAN?
101.
. A network engineer working for a private service provider with an employee ID: 4670:71:451 must design a BGP solution based on:
- All traffic originating from AS100 must pass through AS200 to reach the NTP and DHCP server
- When a link failure occurs between R3 and R4, traffic must follow the R2-R9 link to reach the NTP and DHCP server.
Which solution must the design include?
102.
A network engineer must improve the current IS-IS environment. The Catalyst switch is equipped with dual supervisors. Each time a stateful switchover occurs, the network experiences unnecessary route recomputation. Which solution addresses this issue if the upstream router does not understand graceful restart messaging?
