December/2019 Braindump2go 300-320 Dumps with PDF and VCE New Updated Today! Following are some new 300-320 Exam Questions,
New Question
What multicast design would you use that cannot use rendezvous points?
A. Pim bidirectional
B. Pim Sparse
C. Pim Dense
D. Pim-SSM
Answer: D
New Question
A customer with 30 branch offices requires dynamic IGP routing protocol, IP multicast, and non-IP protocol support. Which solution satisfies these requirements?
A. dmvpn spoke-to-spoke
B. dmvpn hub-and-spoke
C. vti
D. p2p gre
E. IPsec direct encapsulation
Answer: D
Explanation:
Non IP traffic is not supported by DMVPN.
https://www.cisco.com/c/dam/en/us/products/collateral/ios-nx-os-software/enterprise-class-teleworker-ect-solution/prod_brochure0900aecd80582078.pdf
New Question
A network consultant is designing an enterprise network that includes an IPsec headend termination device. Which two capabilities are the most important to consider when assessing the headend device’s scalability? (Choose two.)
A. bandwidth capabilities
B. packets per second processing capability
C. CPU capabilities
D. number of tunnels that can be aggregated
E. memory capabilities
Answer: BC
Explanation:
Reference From Cisco “Scalability considerations guide the order is Packets, Tunnel quantity, Gre encapsulation and then only Routing protocols affecting the CPU. sound like asking for enterprise IPsec, so like anyconnect Remote-Access = no routing affected on VPN headend
Look what IPSEC VPN WAN Design guide says: Number of Tunnels May be a Factor
Each time a crypto engine encrypts or decrypts a packet, it performs mathematical computations on the IP packet payload using the unique crypto key for the trustpoint, agreed upon by the sender and receiver. If more than one IPsec tunnel is terminated on a router, the router has multiple trust points and therefore multiple crypto keys. When packets are to be sent or received to a different tunnel than the last packet sent or received, the crypto engine must swap keys to use the right key matched with the trustpoint. This key swapping can degrade the performance of a crypto engine, depending on its architecture, and increase the router CPU utilization.
New Question
An engineer must add a new firewall in front of the public web server infrastructure in an ACI network. Which ACI function is used to accomplish this requirement?
A. Application Network Profile
B. Service chaining
C. Static binding
D. Layer 4-7 services
Answer: D
New Question
A customer is discussing QoS requirements with a network consultant. The customer has specified that end-to-end path verification is a requirement.
Which QoS architecture is most appropriate for the requested design?
A. marking traffic at the access layer with DSCP to support the traffic flow
B. marking traffic at the access layer with CoS to support the traffic flow
C. RSTP mdoel with PHB to support the traffic flows
D. IntServ model with RSVP to support the traffic flows
Answer: D
New Question
Which two options are characteristics of bidirectional PIM? (Choose two)
A. A registration process is required
B. It is ideal for many-to-many host applications
C. The creation of a source tree is required
D. A designated forwarder is not required
E. It enables scalability with a large number of sources
Answer: BE
New Question
An engineer is configuring QoS to meet the following requirement:
– all traffic that exceeds the allocated bandwidth will still traverse the infrastructure but will be forwarded later
What will be requirements?
A. Per-Hop behaviours
B. Weighted Fair Queuing
C. IP Precedence
D. Shaping
Answer: D
New Question
To use multiple path from distribution to core
A. install IGP
B. ECMP
C. RSTP+
D. HSRP
Answer: B
New Question
An OSPF router should participate in a maximum of how many areas?
A. 4
B. 2
C. 3
D. 1
Answer: C
New Question
After an incident caused by a DDOS attack on a router, an engineer must ensure that the router is accessible and protected from future attacks without making any changes to traffic passing through the router.
Which security function can be utilized to protect the router?
A. zone-based policy firewall
B. access control lists
C. class maps
D. control plane policing
Answer: D
New Question
Which two statements about 802.1X are true? (Choose three)
A. It is Cisco standard
B. It can allow and deny port access based on device identity
C. It works only with wired devices
D. It can allow and deny port access based on user identity
E. EAP messages in Ethernet frames and don’t use PPP
F. EAP messages in Ethernet frames and use PPP
Answer: BDE
New Question
A company has 30 sites and wants allow dynamic IGP protocol, multicast and non IP traffic between sites.
Which topology should the company implement?
A. dmvpn spoke-to-spoke
B. dmvpn hub-to-spoke
C. vti
D. p2p gre
Answer: D
1.|2019 Latest Braindump2go 300-320 Exam Dumps (VCE & PDF) Instant Download:
https://www.braindump2go.com/300-320.html
2.|2019 Latest Braindump2go 300-320 Exam Questions & Answers Instant Download:
https://drive.google.com/drive/folders/0B75b5xYLjSSNWS1ocVZVUU03VU0?usp=sharing