[Lead2pass New] Lead2pass 352-001 Exam Dumps New Updated By Cisco Official Exam Center (201-220)

2017 October Cisco Official New Released 352-001 Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

We Lead2pass.com are providing 352-001 exam braindumps here in both PDF file and Online Practice Test Formats. The 352-001 dumps are updated time to time having all the questions answers which cover complete course outlines of the 352-001 certification exam.

Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/352-001.html

QUESTION 201
Which restriction prevents a designer from using a GDOI-based VPN to secure traffic that traverses the Internet?

A.    Enterprise host IP addresses are typically not routable.
B.    GDOI is less secure than traditional IPsec.
C.    Network address translation functions interfere with tunnel header preservation.
D.    The use of public addresses is not supported with GDOI.

Answer: C

QUESTION 202
Refer to the exhibit. In this network, R1 is redistributing 10.1.5.0/24 into Area 1. Which LSA containing 10.1.5.0/24 will R6 have in its database?

 

A.    R6 will have an NSSA external (type 7) LSA in its local database for 10.1.5.0/24.
B.    R6 will have an external (type 5) LSA for 10.1.5.0/24 in its local database.
C.    R6 will have a border router (type 4) LSA in its local database for 10.1.5.0/24.
D.    R6 will not have any LSAs containing 10.1.5.0/24.

Answer: D

QUESTION 203
What is the function of the Community String field defined in a trap PDU?

A.    enable the routing of messages
B.    allow authentication by management station
C.    enable reliable delivery of messages
D.    isolate the PDU within a defined region of the network

Answer: B

QUESTION 204
Which statement is true about the RSVP protocol?

A.    It is reserved bi-directionally by each originating node.
B.    It is only for avoiding packet drop on collision-prone media (such as Ethernet).
C.    It is initiated uni-directionally along the data path downstream from each requesting node.
D.    It is only shared by pairs of peers participating in delay-sensitive, real-time applications like VoIP.

Answer: C

QUESTION 205
What is required in order to perform attack detection using anomaly detection technologies?

A.    packet captures
B.    exploit signatures
C.    baseline data
D.    syslog data

Answer: C

QUESTION 206
Your company’s external routers BGP peer with multiple service providers and external organizations. In all cases, the external routers are peered with their BGP neighbors via directly-connected interfaces.
How does GTSM provide additional security for your BGP speakers?

A.    GTSM prevents the processing of BGP packets from devices that are not on the directly-connected
interfaces.
B.    GTSM prevents the formation of BGP adjacencies from unauthorized devices.
C.    GTSM ensures that all BGP routing updates have been verified for secure origination.
D.    GTSM replaces the TCP 3-way handshake between BGP speakers on directly connected interfaces.
E.    GTSM prevents random TCP resets from being injected into the BGP data stream.

Answer: A

QUESTION 207
What are two potential effects of increasing the percentage of priority traffic? (Choose two.)

A.    can increase latency and jitter for priority traffic
B.    can increase latency and jitter for non-priority traffic
C.    makes it impossible to bound the impact that priority traffic will have on non-priority traffic
D.    must be avoided regardless of traffic patterns
E.    will not ever change the performance of non-priority traffic

Answer: AB

QUESTION 208
Your customer asks you to assist with their traffic policy design. They want to guarantee a minimum amount of bandwidth to certain traffic classes. Which technique would you advise them to implement?

A.    Modular QoS CLI
B.    committed accessrRate
C.    policy-based routing
D.    traffic shaping

Answer: A

QUESTION 209
You are designing a network that includes IP QoS. Which two architectures could be used to ensure that IP QoS is implemented properly? (Choose two.)

A.    Differentiated Services, where the user, with the assistance of the RSVP signaling protocol, reserves
the resources end to end before sending the data
B.    Integrated Services, where the user, with the assistance of the RSVP signaling protocol, reserves the
resources end to end before sending the data
C.    Integrated Services, which relies on the information carried within each packet to make resource-allocation
decisions at each network node
D.    Differentiated Services, which relies on the information carried within each packet to make
resource-allocation decisions at each network node
E.    Integrated Services, where the user, with the assistance of the DSCP signaling protocol, reserves
the resources end to end before sending the data

Answer: BD

QUESTION 210
How should multiple OSPF areas be designed when deployed on a classic three-layer (core/distribution/access) network hierarchy?

A.    The OSPF flooding domain boundary should be at the edge of the core layer.
B.    The OSPF flooding domain boundary should be within the distribution layer.
C.    OSPF should generally be deployed in a three-layer domain hierarchy to align with the physical
three-layer hierarchy.
D.    OSPF flooding domain boundaries should be placed with route aggregation in mind.

Answer: D

QUESTION 211
You are tasked to design a QoS policy for a service provider so they can include it in the design of their MPLS core network. If the design must support an MPLS network with six classes, and CEs will be managed by the service provider, which QoS policy should be recommended?

A.    map DSCP bits into the Exp field
B.    map IP precedence bits into the DSCP field
C.    map flow-label bits into the Exp field
D.    map IP CoS bits into the IP Precedence field
E.    map IP ToS bits into the Exp field

Answer: A

QUESTION 212
When network summaries are created for access networks in a network design, how does it change the behavior of the Shortest Path First (SPF) running in a backbone area?

A.    There would be fewer incremental SPFs.
B.    There would be fewer partial SPFs.
C.    There would be fewer full SPFs.
D.    There would be no change with the SPFs.

Answer: B

QUESTION 213
Refer to the exhibit. When designing an MPLS-based LAN extension between DC-1 and DC-2, what are three advantages of deploying VSS? (Choose three.)

 

A.    Layers 2, 3, and 4 flow-based load balancing
B.    native VSS and MEC failover without using scripts
C.    sub-second failover
D.    required to configure VPLS
E.    failover time depends on Cisco IOS EEM and STP convergence
F.    limited VLAN-based VPLS traffic hashing

Answer: ABC

QUESTION 214
You are the lead network designer hired by Service Provider XYZ to deploy CoS functionality on the core MPLS network (P routers). The goal of the network design is to provide a complete CoS solution to all customers that purchase services such as dedicated Internet access, MPLS L3VPN, and L2VPN (pseudowire). Service Provider XYZ has these design requirements:

– The network supports four service queues with equal treatment for delay, jitter, and packet loss.
– Queues are numbered 0-3, where 0 is the default queue.
– Three queues have one treatment.
– One queue has either one or two treatments.

If your design includes eight CoS queues on the Service Provider XYZ MPLS PE router ingress (CE facing) interface, how will customer traffic be classified as it enters the MLS P routers?

A.    The eight CoS queues in the MPLS P router are remapped to the eight CoS queues.
B.    Traffic is classified on the MPLS PE routers on core facing interface. The DSCP value is mapped
into EXP field where multiple EXP settings (2+) will be assigned to a single queue throughout the
MPLS P routers.
C.    Discard the traffic from the eight CoS queues that does not match the four CoS queues of the
MPLS P routers.
D.    The 8 CoS queues in the MPLS P router are remapped to four 4 flow-label queues.

Answer: B

QUESTION 215
As part of the network design, ACME Corporation requires the ability to export IPv6 information to better manage its network. Which version of NetFlow records is required to export this information?

A.    5
B.    6
C.    7
D.    8
E.    9

Answer: E

QUESTION 216
Which of these can you use to effectively and dynamically reduce IP address spoofing?

A.    Egress Packet Filtering
B.    Ingress Packet Filtering
C.    Egress Route Filtering
D.    route dampening
E.    unicast Reverse Path Forwarding

Answer: E

QUESTION 217
A certain service provider network includes IPsec tunnels between PE router loopbacks and dual-homed PE routers. The service provider is using OSPF to carry infrastructure routes and using BGP to carry tunnel endpoints.
What could the service provider do to provide fast convergence in case of a link failure in its network?

A.    tune OSPF on all routers
B.    tune BGP on all routers
C.    configure a full mesh of traffic engineering among PE routers
D.    carry IPsec tunnels in GRE among PE routers
E.    carry IPsec tunnels in L2TPv3 among PE routers
F.    carry IPsec tunnels in VPLS among PE routers

Answer: A

QUESTION 218
Which statement about OSPF incremental SPF is true?

A.    iSPF must be enabled on all routers in the domain.
B.    iSPF must be enabled on all routers in a particular area.
C.    iSPF capability is advertised using Opaque LSAs.
D.    iSPF is local to the router and does not require interoperability.
E.    iSPF is negotiated during the OSPF adjacency process.

Answer: D

QUESTION 219
What are two components of effective change management planning? (Choose two.)

A.    a change validation mechanism
B.    a what-if analysis for each proposed change
C.    an automated change management tracking system
D.    a multi-discipline change management team

Answer: AB

QUESTION 220
Cyclic congestion spikes are causing your Telnet users to experience delays. Traffic analysis shows minimal use of UDP. Which technology can you deploy to mitigate the problem?

A.    Committed Access Rate
B.    Weighted RED
C.    Deficit Round Robin
D.    Class Based Weighted Fair Queuing

Answer: B

The 352-001 online practice test prepare you according to the real exam scenario. Free demo is available to check before buying the 352-001 study guide.

352-001 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDR2ZCZUNXbmRWTjg

2017 Cisco 352-001 exam dumps (All 510 Q&As) from Lead2pass:

https://www.lead2pass.com/352-001.html [100% Exam Pass Guaranteed]