Question 1:

What two best describe self-healing functionality on vEdges? (Choose two.)

A. Software reconfiguration capability allowing for dynamic reconfiguration of existing channels

B. In software upgrade process, rolling back to the previously running software image when connectivity to vManage fails

C. vManage detect routing outage detection to detect reachability outages and understand their scope and likely root cause

D. With configuration change, rolling back the configuration change when loss of connectivity to vManage

Correct Answer: BD

Question 2:

Which three statements best describe Cisco ISE configuration capabilities? (Choose three.)

A. ISE Deployment Assistant (IDA) is a built in application designed to accelerate the deployment of Cisco Identity Service Engine (ISE)

B. Cisco ISE includes wireless setup wizard and visibility wizard.

C. ISE requires an understanding of the command line for set-up and configuration.

D. ISE wizards and pre-canned configurations ease ISE roll-out significantly.

E. Cisco Active Advisor provides additional guidance for ISE deployments

Correct Answer: ABE

Question 3:

Which are three key features within the Cisco ISE that mainly compete with the other RADIUS and NAC products? (Choose three.)

A. BYOD provides auto configuration of endpoints.

B. Deep packet inspection upon authorization of endpoints.

C. Guest access and guest lifecycle management functionality.

D. Software based firewall capabilities for selected devices and endpoints.

E. Ability to authenticate and authorize users and endpoints.

Correct Answer: ACE

Question 4:

Which three statements are true regarding Cisco SDWAN license tiers? (Choose three.)

A. With Pro license, control and data policies are supported

B. With Plus license, split-tunnel is supported

C. With Pro license, unlimited segmentations are supported

D. With Plus license, Hub and spoke, partial mesh are supported

E. With Enterprise license, vAnalytics is included

F. With Enterprise license, TCP optimization is not supported

Correct Answer: ABE

Question 5:

Which two platforms can host a vEdge Cloud Router? (Choose two.)

A. Microsoft Azure

B. Dreamhost


D. DigitalCloud

E. Google

Correct Answer: AC

Question 6:

What is a challenge of having an SD-Access Centralized design where a single fabric encompasses the main site and all branch sites across the WAN?

A. End to End Routing is not supported

B. SSIDs would be the same across all sites

C. DNA Center does not support it

D. Since the traffic is encapsulated. SD-WAN features can\’t be used to optimize/route traffic.

Correct Answer: A

Question 7:

How does identity management solve two customer problems? (Choose two.)

A. Enables and enforces 802.1X across the network platform

B. Manages group membership

C. Provides network visibility and security

D. Increases digitization

E. Achieves dynamic and adaptive network segmentation

Correct Answer: CE

Reference:https://www.slideshare.net/robboyd/techwisetv-workshop-cisco-identity-services-engine-ise slide 3

Question 8:

Which options are Network Access Device types?

A. Switches, Wireless Controllers, and VPN Gateways

B. Wireless Controllers, Routers, and VPN Gateways

C. Switches, Wireless Controllers, and Routers

D. Switches, Routers, and VPN Gateways

Correct Answer: A

Reference:https://www.cisco.com/c/en/us/td/docs/security/ise/1-4/admin_guide/b_ise_admin_guide_14/ b_ise_admin_guide_14_chapter_0100.html

Question 9:

How many vEdge router security zones (VPN\’s) can be configured?

A. 256

B. 32

C. 510

D. 16

Correct Answer: C

Reference:https://sdwan-docs.cisco.com/Product_Documentation/Software_Features/ Release_18.1/04Segmentation/02Configuring_Segmentation_(VPNs)

Question 10:

Device Sensor provides which two types of information to ISE? (Choose two.)


B. Encrypted traffic

C. User/Device Name


E. NetFlow

Correct Answer: AD

Reference:https://www.cisco.com/c/en/us/support/docs/security/identity-services-engine/200292-Configure-Device-Sensor-for-ISE-Profilin.html?referring_site=REandpos=1andpage=https://www.cisco.com/c/en/us/td/docs/switches/lan/ catalyst3750/software/release/15-0_1_se/device_sensor/guide/sensor_guide.html

Question 11:

Which protocol is used between an Endpoint and a Switch with an 802.1 authentication?





Correct Answer: B

Question 12:

Where does the Cisco V-Edge Router perform QOS traffic classification?

A. Per VPN

B. Per vEdge

C. Egress interface

D. Ingress interface

Correct Answer: D

Question 13:

Which two options are SD-WAN solution capabilities? (Choose two.)

A. Ability to provide and integrate security with complementary products and applications

B. The separation of management plane, control plane and data plane to enable horizontal scaling

C. Truck roll branch turn up for easy provisioning and new installations

D. Cloud hosted or on-Premise fully redundant management and control plane functions

Correct Answer: BD

Reference:https://www.cisco.com/c/dam/m/sl_si/training-events/2018/cisco-connect/pdfs/ sodobna_prostrana_omrezja_s_sd-wan_konceptom_tom_cof.pdf Slide 2

