Dumpsbuddy logo
An engineer is configuring a data policy for packets that must be captured through the policy. Which command accomplishes this task?
What is the minimum Red Hat Enterprise Linux operating system requirement for a Cisco SD-WAN controller deployment via KVM?
Which feature allows reachability to an organization’s internally hosted application for an active DNS security policy on a device?
What is the threshold to generate a warning alert about CPU or memory usage on a WAN Edge router?
An organization requires the use of integrated preventative engines, exploit protection, and the most updated and advanced signature-based antivirus with sandboxing and threat intelligence to stop malicious attachments before they reach users and get executed. Which Cisco SD-WAN solution meets the requirements?
Drag and drop the steps from the left into the order on the right to delete a software image for a WAN Edge router starting with Maintenance > Software Upgrade > Device list on vManage.
An administrator needs to configure SD-WAN to divert traffic from the company's private network to an ISP network. What action should be taken to accomplish this goal?
Refer to the exhibit.
An engineer is configuring service chaining. Which set of configurations is required for all traffic from Site ID 1 going toward Site ID 2 to get filtered through the firewall on the hub site?
A)
B)
C)
D)
A network administrator is creating an OMP feature template from the vManage GUI to be applied to WAN edge routers. Which configuration attribute will avoid the redistribution of the routes back into the OMP from the LAN side?
Which Cisco router provides a distributed multicore architecture optimized for SD-WAN branch support?
Which statement describes the requirement of integrating a secure internet gateway (SIG) with a Cisco SD-WAN Edge device?
An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?
Refer to the exhibit.
The tunnel interface configuration on both WAN Edge routers is:
Which configuration for WAN Edge routers will connect to the Internet?
A network is configured with CoPP to protect the CORE router route processor for stability and DDoS protection. As a company policy, a class named class-default is preconfigured and must not be modified or deleted. Troubleshoot CoPP to resolve the issues introduced during the maintenance window to ensure that:
WAN
CORE
MGMT
Refer to the exhibit. An administrator is configuring a policy in addition to an existing hub-and-spoke policy for two sites that should directly communicate with each other. How is this policy configured?
Refer to the exhibit. The ge0/0 interface connects to a 30-MB link. A network administrator wants to always have 10 MB available for high priority traffic. When lower-priority traffic busts exceed 20 MB. Traffic should be redirected to the second WAN interface ge0/1. Which set of configurations accomplishes this task?
A)
B)
C)
D)
Refer to the exhibit. The Cisco SD-WAN is deployed using the default topology. The engineer wants to configure a service insertion policy such that all data traffic between Rome to Paris is forwarded through the NGFW located in London. Which configuration fulfills this requirement, assuming that the Service VPN ID is 1?
Refer to the exhibit. An engineer configures a hub-and-spoke SD-WAN topology with the requirement that traffic from router A branch to router B branch is guaranteed to flow through the network hub, router C. Which configuration meets the requirement for router A?
Refer to the exhibit vManage and vBond have an issue establishing a connection with each other Which action resolves the issue?
Refer to the exhibit A small company was acquired by a large organization As a result, the new organization decided to update information on their Enterprise RootCA and generated a new certificate using openssl Which configuration updates the new certificate and issues an alert in vManage Monitor | Events Dashboard?
What happens if the intelligent proxy is unreachable in the Cisco SD-WAN network?
In which device state does the WAN edge router create control connections, but data tunnels are not created?
Refer to the exhibit. Which configuration stops Netconf CLI logging on WAN Edge devices during migration?
What is a requirement for deployment of on-premises vBond controllers through the Cisco Plug and Play Connect process?
Which two algorithms authenticate a user when configuring SNMPv3 monitoring on a WAN Edge router? (Choose two.)
Which table is used by the vSmart controller to maintain service routes of the WAN Edge routers in the hub and local branches?
Refer to the exhibit Which configuration must the engineer use to form underlay connectivity for the Cisco SD-WAN network?
A)
B)
C)
D)
An engineer must apply the configuration for certificate installation to vBond Orchestrator and vSmart Controller. Which configuration accomplishes this task?
Which two prerequisites must be met before the Cloud onRamp for laaS is initiated on vManage to expand to the AWS cloud? (Choose two)
Which percentage for total memory or total CPU usage for a device is classified as normal in the WAN Edge Health pane?
Which configuration allows users to reach YouTube from a local Internet breakout?
A)
B)
C)
D)
Which set of elements are verified by the controller to confirm the identity of edge devices?
Which destination UDP port is used by WAN Edge router to make a DTLS connection with vBond Orchestrator?
The SD-WAN network is configured with a default full-mesh topology. The SD-WAN engineer wants the Barcelona WAN Edge to use the MPLS TLOC when forwarding Telnet traffic based on a configured SLA class list. Which configured must the engineer use to create a policy to call the SLA class and set the preferred color to MPLS?
A)
B)
C)
D)
Which vBond system configuration under VPN 0 allows for a routable public IP address even if the DNS name, hostname, or IP address of the vBond orchestrator are omitted?
What are two benefits of installing Cisco SD-WAN controllers on cloud-hosted services? (Choose two.)
The branch users of an organization must be prevented from accessing malicious destinations, and the local files on users' systems must be protected from malware. Which two Cisco products must the organization deploy? (Choose two.)
An engineer must create a QoS policy by creating a class map and assigning it to the LLQ queue on a WAN Edge router Which configuration accomplishes the task?
A)
B)
C)
D)
Refer to the exhibit.
An enterprise has hub and spoke topology where it has several VPNs. An engineer must allow users in VPN91 to reach users in VPN92 and VPN10 to reach VPN91 and VPN92. Which configuration meets these requirements?
Which SD-WAN component detects path performance information in the organization to report the issue to the service provider at site ID:S4288T5E44F04?
An engineer must advertise OSPF-learned routes and modify the update interval for route filtering by TLOC color to 300 on an SD-WAN device. Which configuration accomplishes this
task?
Which TCP Optimization feature is used by WAN Edge to prevent unnecessary retransmissions and large initial TCP window sizes to maximize throughput and achieve a better quality?
An engineer wants to change the configuration of the certificate authorization mode from manual to automated. Which GUI selection will accomplish this?
An enterprise needs DIA on some of its branches with a common location ID: A041:B70C: D78E::18 Which WAN Edge configuration meets the requirement?
A)
B)
C)
D)
Which controller is used for provisioning and configuration in a Cisco SD-WAN solution?
A network administrator is configuring a tunnel interface on a branch Cisco IOS XE router to run TLOC extensions. Which configuration will extend a TLOC over a GRE tunnel to another router in the branch?
How must the application-aware enterprise firewall policies be applied within the same WAN Edge router?
What is a requirement for a WAN Edge to reach vManage, vBond, and vSmart controllers in a data center?
Drag and drop the security terminologies from the left onto the PCI-compliant network features and devices on the right.
Refer to the exhibit.
An engineer is troubleshooting a control connection Issue. What does "connect" mean in this how control connections output?
A network administrator is bringing up one WAN Edge for branch connectivity. Which types of tunnels form when the WAN edge router connects to the SD-WAN fabric?
Which component of the Cisco SD-WAN architecture oversees the control plane of overlay network to establish, adjust, and maintain the connections between the WAN Edge devices that form the Cisco SD-WAN fabric?
When the VPN membership policy is being controlled at the vSmart controller, which policy disallows VPN 1 at sites 20 and 30?
A)
B)
C)
D)
Which two different states of a WAN Edge certificate are shown on vManage? (Choose two.)
Which secure tunnel type should be used to connect one WAN Edge router to other WAN Edge routers?
An organization wants to use the cisco SD-WAN regionalized service-chaining feature to optimize cost and user experience with application in the network, which allows branch routers to analyze and steer traffic toward the required network function. Which feature meets this requirement?
Which protocol is used to propagate multicast join requests over the Cisco SD-WAN fabric?
What is the main purpose of using TLOC extensions in WAN Edge router configuration?
Which device information is requited on PNP/ZTP to support the zero-touch onboarding process?
What two functions describe the TCP optimization tool used in the Cisco SD-WAN? (Choose two.)
An engineer wants to track tunnel characteristics within an SLA-based policy for convergence. Which policy configuration will achieve this goal?
When VPNs are grouped to create destination zone in Zone-Based Firewall, how many zones can a single VPN be part of?
What are the two requirements for plug-and-play provisioning on Cisco IOS XE SD-WAN devices? (Choose two.)
Refer to the exhibit.
Which two configurations are needed to get the WAN Edges registered with the controllers when certificates are used? (Choose two)
Drag and drop the devices from the left onto the correct functions on the right.
An engineer must configure the SD-WAN Edge router to identify DSCP 26 traffic coming from the router's local site and then change the DSCP value to DSCP 18 before sending it over to the SD-WAN fabric. What are the two ways to create the required configuration? (Choose two).
Which two platforms for the Cisco SD-WAN architecture are deployable in a hypervisor on-premises or in IAAS Cloud? (Choose two.)
An engineer must improve video quality by limiting HTTP traffic to the Internet without any failover. Which configuration in vManage achieves this goal?
Which service VPN must be reachable from all WAN Edge devices and the controllers?
Which port is used for vBond under controller certificates if no alternate port is configured?
An engineer must deploy a QoS policy with these requirements:
• policy name: App-police
• police rate: 1000000
• burst: 1000000
• exceed: drop
Which configuration meets the requirements?
Which action is performed during the onboarding process when a WAN Edge router is connected to ZTP server ztp.viptela com?
Refer to the exhibit. vManage logs are available for the past few months. A device name change deployed mistakenly at a critical site. How is the device name change tracked by operation and design teams?
A)
B)
C)
A network administrator is tasked to make sure that an OMP peer session is closed after missing three consecutive keepalive messages in 3 minutes. Additionally, route updates must be sent every minute. If a WAN Edge router becomes unavailable, the peer must use last known information to forward packets for 12 hours. Which set of configuration commands accomplishes this task?
A network administrator is configuring VRRP to avoid a traffic black hole when the transport side of the network is down on the master device. What must be configured to get the fastest failover to standby?
Refer to the exhibit.
The network design team has advised to use private IP addresses and private colors over the SP circuit for the data plane connections. The Public IP should be used for control connections. Which configuration should be applied at SiteA to achieve this task?
A company must avoid downtime at the remote sites and data plane to continue forwarding traffic between WAN Edge devices if the branch router loses connectivity to its OMP peers Which configuration meets the requirement?
A)
B)
C)
D)
Refer to the exhibit An engineer is configuring a QoS policy to shape traffic for VLAN 100 on a subinterface Which policy configuration accomplishes the task?
A)
B)
C)
D)
Which device information is required on PNP/ZTP to support the zero-touch onboarding process?
Refer to the exhibit, Which configuration routes Site 2 through the firewall in Site 1?
Which protocol is configured on tunnels by default to detect loss, latency, jitter, and path failures in Cisco SD-WAN?
An engineer is modifying an existing data policy for VPN 115 to meet these additional requirements:
When browsing government websites, the traffic must use direct internet access.
The source address of the traffic leaving the site toward the government websites must be set to an IP range associated with the country itself, a particular TLOC.
The policy configuration is as follows:
Which policy sequence meets the requirements without interfering with other destinations?
What are the two impacts of losing vManage connectivity to fabric in the Cisco SD-WAN network? (Choose two)
How many vCPUs and how much RAM are recommended to run the vSmart controller on the KVM server for 251 to 1000 devices in software version 20.4.x?
How is a TLOC uniquely identified from a WAN Edge router to the SD-WAN transport network?
Which two products are used to deploy Cisco WAN Edge Router virtual platforms? (Choose two.)
Drag and drop the actions from the left into the correct sequence on the right to create a data policy to direct traffic to the Internet exit.
Which controller is excluded from the process of checking against the authorized, allowed list?
A Cisco SD-WAN customer has a requirement to calculate the SHA value for files as they pass through the device to see the returned disposition and determine if the file is good, unknown or malicious. The customer also wants to perform real-time traffic analysis and generate alerts when threats are detected Which two Cisco SD-WAN solutions meet the requirements? (Choose two.)
An engineer is troubleshooting a vEdge router and identifies a “DCONFAIL – DTLS connection failure” message. What is the problem?
Which component is responsible for creating and maintaining the secure DTLS/TLS connection on the vSmart controller?
Which two protocols are supported for software image delivery when images are hosted on a remote server? (Choose two.)
Refer to the exhibit The Cisco SD-WAN network is configured with a default full-mesh topology. Islamabad HQ and Islamabad WAN Edges must be used as the hub sites. Hub sites MPLS TLOC must be preferred when forwarding FTP traffic based on a configured SLA class list. Which policy configuration does the network engineer use to call the SLA class and set the preferred color to MPLS?
Refer to the exhibit Which command allows traffic through the IPsec tunnel configured in VPN 0?
Refer to the exhibit. The network administrator has configured a centralized topology policy that results in the displayed routing table at a branch office. Which two configurations are verified by the output? [Choose two.)
Refer to the exhibit.
The network team must configure branch B WAN Edge device 103 to establish dynamic full-mesh IPsec tunnels between all colors with branches over MPLS and Internet circuits. The branch ts configured with:
Which configuration meets the requirement?
A)
B)
C)
D)
An engineer must configure a centralized policy on a site in which all HTTP traffic should use the Public Internet circuit if the loss on this circuit is below 10%. otherwise MPLS should be used Which configuration wizard fulfils this requirement?
Refer to the exhibit Which configuration ensures that OSPF routes learned from Site2 are reachable at Sitel and vice-versa?
An engineer is adding a tenant with location JD 306432373 in vManage. What is the maximum number of alphanumeric characters that are accepted in the tenant name field?
An engineer is applying QoS policy for the transport-side tunnel interfaces to enable scheduling and shaping for a WAN Edge cloud router Which command accomplishes the task?
Which two actions are necessary to set the Controller Certificate Authorization mode to indicate a root certificate? (Choose two)
An engineer provisions a WAN Edge router. Which command should be used from the WAN Edge router to activate it with vManage?
Which TLOC color is used for site-to-site communication in a Google Cloud integration with Cisco SD-WAN?
Drag and drop the alarm states from the left onto the corresponding alarm descriptions on the right.
Refer to the exhibit The network team must configure ElGRP peering at HQ with devices in the service VPN connected to WAN Edge CSRv. CSRv is currently configured with
Which configuration on the WAN Edge meets the requiremnet
A)
B)
C)
D)
A network administrator is configuring a centralized control policy based on match action pairs for multiple conditions, which order must be configured to prefer Prefix List over TLOC and TLOC over Origin?
A policy is created to influence routing path in the network using a group of prefixes. What policy application will achieve this goal when applied to a site List?
Which encryption algorithm secures binding exchanges Between Cisco TrustSec SXP peers?
TESTED 05 Dec 2025
A screen shot of a computer screen AI-generated content may be incorrect.Text Description automatically generated with medium confidence
A screen shot of a computer AI-generated content may be incorrect.Graphical user interface Description automatically generated with medium confidence
A screenshot of a computer AI-generated content may be incorrect.Graphical user interface, text Description automatically generated
