400-007 CCDE:Cisco Certified Design Expert
Update:2026年6月3日
Questions and Answers: 400 Q&A
1.
Which two foundational aspects of IoT are still evolving and being worked on by the industry at large? (Choose two)
2.
Which type of interface are OpenFlow and OpFlex?
3.
n the Scrum Agile framework, who acts as the interface between the business/customers and the team?
4.
What is a country-specific requirement that data is subject to the laws of the country in which it is collected or processed and must remain within its borders?
5.
Company XYZ has 30 sites running a legacy private WAN architecture that connects to the Internet via multiple high-speed connections. The company is now redesigning their network and must comply with these design requirements:
- Use a private WAN strategy that allows the sites to connect to each other directly and caters for future expansion.
- Use the Internet as the underlay for the private WAN.
- Securely transfer the corporate data over the private WAN.
Which two technologies should be incorporated into the design of this network? (Choose two.)
6.
Which three components are part of the foundational information security principles of the CIA triad? (Choose three.)
7.
A green data center is being deployed and a design requirement is to be able to readily scale server virtualization. Which IETF standard technology can provide this requirement?
8.
Which two constraints of REST are important when building cloud-based solutions? (Choose two)
9.
SD-WAN can be used to provide secure connectivity to remote offices, branch offices, campus networks, data centers, and the cloud over any type of IP-based underlay transport network. Which two statements describe SD-WAN solutions? (Choose two.)
10.
Drag and drop the end-to-end network virtualization elements from the left onto the correct network areas on the right
11.
Company XYZ is designing their network using the three-layer hierarchical model. At which layer must the QoS design classify or mark the traffic?
12.
There are multiple trees in the Cisco FabricPath. All switches in the Layer 2 fabric share the same view of each tree. Which two concepts describe how the multicast traffic is load-balanced across this topology? (Choose two.)
13.
As a network designer, you need to support an enterprise with hundreds of remote sites connected over a single WAN network that carries different types of traffic, including VoIP, video,and data applications. Which of the following design considerations will not impact design decision?
14.
A product manufacturing organization is integrating cloud services into their IT solution. The IT team is working on the preparation phase of the mplementation approach, which includes the Define Strategy step. This step defines the scope of IT, the application, and the service. What is one topic that should be considered in the Define Strategy step?
15.
A new high availability DB server cluster is installed in the network. These two servers require high bandwidth and low latency Layer 2 connectivity for database replication. Which solution supports these requirements?
16.
Drag and drop the multicast protocols from the left onto the current design situation on the right.
17.
What are two advantages of controller-based networks versus traditional networks? (Choose two.)
18.
A customer migrates from a traditional Layer 2 data center network into a new SDN-based spine-and-leaf VXLAN EVPN data center within the same location. The networks are joined to enable host migration at Layer 2. What is the final migration step after hosts have physically migrated to have traffic flowing through the new network without changing any host configuration?
19.
A European national bank considers migrating its on-premises systems to a private cloud offering in a non-European location to significantly reduce IT costs. What is a primary factor prior to migration?
20.
Which three Cisco products are used in conjunction with Red Hat to provide an NFVi solution? (Choose three.)
21.
Which two business areas support continuity during emergencies by understanding data flows and business processes? (Choose two)
22.
An engineer must redesign the QoS strategy due to oversubscription and excessive packet drops. What QoS technique should be used to manage traffic leaving the edge router and reduce packet drops?
23.
Which two actions ensure voice quality in a branch location with a low-speed, high-latency WAN connection? (Choose two.)
24.
Company XYZ has implemented policy-based routing in their network. Which potential problem must be kept in mind about network reconvergence and PBR?
25.
Drag and drop the QoS technologies from the left onto the correct capabilities on the right
26.
Which two design options are available to dynamically discover the RP in an IPv6 multicast network? (Choose two)
27.
Which MPLS TE design consideration is true?
28.
Company XYZ branch offices connect to headquarters using two links, MPLS and Internet. The company wants to design traffic flow so voice traffic uses MPLS and all other traffic uses either link, avoiding process switching. Which technique can be used?
29.
Company XYZ is running a redundant private WAN network using OSPF as the underlay protocol. The current design accommodates for redundancy in the network, but it is taking over 30 seconds for the network to reconverge upon failure. Which technique can be implemented in the design to detect such a failure in a subsecond?
30.
Which mechanism enables small, unmanaged switches to plug into ports of access switches without risking switch loops?
31.
The SD-WAN architecture is composed of separate orchestration, management, control, and data planes. Which activity happens at the orchestration plane?
32.
Drag and drop the characteristics from the left onto the corresponding network management options on the right.
33.
Company XYZ wants to detect and block known attacks by inspecting every forwarded packet with minimal performance impact. What is the recommended design?
34.
A customer is migrating from a traditional Layer 2 data center to a VXLAN spine-leaf SDN architecture. Applications cannot be readdressed, and migration must occur incrementally. How should the legacy and new networks be connected?
35.
A European government passport agency considers upgrading its IT systems to increase performance and workload flexibility in response to constantly changing requirements. The budget manager wants to reduce capital expenses and IT staff and must adopt the lowest-cost technology. Which technology choice is suitable?
36.
One of the approaches used in cloud bursting is distributed load-balancing, where workloads operate between a public cloud and a data center. How can the characteristics of distributed load-balancing be described?
37.
A network security team observes phishing attacks on a user machine from a remote location. The organization has a policy of saving confidential data on two different systems using different types of authentication. What is the next step to control such events after the security team verifies all users in Zero Trust modeling?
38.
A network architect is designing a policy where database applications access the internet directly,while other traffic routes through the data center, with dynamic path switching based on performance. Which solution meets these requirements?
39.
Company XYZ must isolate and encrypt production traffic to meet HIPAA compliance. The current WAN includes MPLS and P2P links. What is the fastest deployment option?
40.
An architect designs a multi-controller network architecture with these requirements:
- Achieve fast failover to control traffic when controllers fail.
- Yield a short distance and high resiliency in the connection between the switches and the controller.
- Reduce connectivity loss and enable smart recovery to improve the SDN survivability.
- Improve connectivity by adding path diversity and capacity awareness for controllers.
Which control plane component of the multi-controller must be built to meet the requirements?
41.
A company named XYZ needs to apply security policies for end-user browsing by installing a secure web proxy appliance. All the web traffic must be inspected by the appliance, and the remaining traffic must be inspected by an NGFW that has been upgraded with intrusion prevention system functionality. In which two ways must the routing be performed? (Choose two)
42.
An enterprise organization currently provides WAN connectivity to their branch sites using MPLS technology, and the enterprise network team is considering rolling out SD-WAN services for all sites. With regards to the deployment planning, drag and drop the actions from the left onto the corresponding steps on the right
43.
ACME Mining has four data centers in Santiago. Cape Town. Mumbai, and Beijing, full-mesh connected via a 400 Mb/s EVP-LAN They want to deploy a new mission-critical application with these requirements:
- clusterheartbeat2Mb/s continuous (250 KB/s)
- cluster heartbeat one-way maximum latency 100 ms
These are the current ping tests results between the four data centers:
Which hosting data center pair can host the new application?
44.
Which statement about OSPF hub-and-spoke topology is true?
45.
Your network operations team is deploying Access Control Lists (ACLs) across your Internet gateways. They wish to place an ACL inbound on the Internet gateway interface facing the core network (the "trusted" interface). Which IP address would the ACL need for traffic sourced from the inside interface, to match the source address of the traffic?
46.
What is a disadvantage of the traditional three-tier architecture model when east-west traffic between different pods must go through the distribution and core layers?
47.
Two enterprise networks must be connected together. Both networks are using the same private IP addresses. The client requests from both sides should be translated using hide NAT (dynamic NAT) with the overload feature to save IP addresses from the NAT pools. Which design addresses this requirement using only one Cisco IOS NAT router for both directions?
48.
Company XYZ is running BGP as their routing protocol. An external design consultant recommends that TCP Path MTU Discovery be enabled. Which effect will this have on the network?
49.
The network has high CPU usage due to excessive inbound traffic impacting the control and management planes. What should be implemented?
50.
Company XYZ is redesigning their QoS policy. Some of the applications used by the company are real-time applications. The QoS design must give these applications preference in terms of transmission. Which QoS strategy can be used to fulfill the requirement?
51.
What advantage of placing the IS-IS Layer 2 flooding domain boundary at the core layer in a three-layer hierarchical network is true?
52.
The Company XYZ network is experiencing attacks against their router. Which type of Control Plane Protection must be used on the router to protect all control plane IP traffic that is destined directly for one of the router interfaces?
53.
Various teams in different organizations within an enterprise are preparing low-level design documents using a Waterfall project model. Input from relevant stakeholders was captured at the start of the project, and the scope has been defined. What impact will it have if stakeholders ask for changes before documentation is complete?
54.
Cost is often one of the motivators for a business to migrate from a traditional network to a software-defined network. Which design decision is directly influenced by CAPEX drivers?
55.
When an SDN-based model is used to transmit multimedia traffic, which aspect should an architect consider while designing the network?
56.
The network designer needs to use GLOP IP addresses in order to make them unique within their ASN. Which multicast address range should be used?
57.
You have been tasked with designing a data center interconnect to provide business continuity. You want to encrypt the traffic over the DCI using IEEE 802.1AE MACsec to prevent the deployment of any firewall or IPS. Which two interconnect technologies support MACsec? (Choose two.)
58.
Which two statements describe the hierarchical LAN design model? (Choose two)
59.
Creating a network that functions as a strategic business enabler starts with understanding business requirements. What specific type of knowledge helps create high-level LAN, WAN, and data center designs that support the business?
61.
Company XYZ runs OSPF in their network. A design engineer decides to implement hot-potato routing architecture. How can this implementation be achieved?
62.
Which impact of using three or more ABRs between the backbone area and area 1 is true?
63.
Company XYZ is designing the network for IPv6 security and they have these design requirements:
- A switch or router must deny access to traffic from sources with addresses that are correct but topologically incorrect.
- Devices must block Neighbor Discovery Protocol resolution for destination addresses not found in the binding table.
Which two IPv4 security features are recommended for this company? (Choose two)
64.
With virtualization applied throughout the network, every physical link may carry one or more virtual links. What is a key drawback of this?
65.
Which two factors must be considered for high availability in campus LAN designs to mitigate concerns about unavailability of network resources? (Choose two.)
