Cisco 500-490  

  RSS

New Member
Joined:5 years  ago
Posts: 1
14/11/2018 5:01 pm  

Exam A
QUESTION 1
Which are two advantages of a "one switch at a tune' approach to integrating SD-Access into an existing brownfield
environment? (Choose two.)
A. appropriate for campus and remote site environments
B. allows simplified testing prior to cutover
C. deal for protecting recent investments while upgrading legacy hardware
D. involves the least risk of all approaches
E. opens up many new design and deployment opportunities
F. allows simplified roll back
Answer: BE
Explanation/Reference:
QUESTION 2
What statement is true regarding the current time in Enterprise Networking history?
A. advent of cloud computing
B. pace of change
C. pervasive use of mobile devices
D. advent of loT
Answer: D
Explanation/Reference:
QUESTION 3
Which three key differentiators that DNA Assurance provides that our competitors are unable match? (Choose three)
A. Support for Overlay Virtual Transport
B. On-premise and cloud-base analytics

C. Apply Insights
D. VXLAN support
E. Proactive approach to guided remediation
F. Network time travel
Answer: ABC
Explanation/Reference:
QUESTION 4
Which are the three focus areas for reinventing the WAN? (Choose three.)
A. Centralized device authentication
B. Secure Elastic Connectivity
C. Application Quality of Experience
D. Operations
E. Cloud Fast
F. Execution
Answer: ABF
Explanation/Reference:
QUESTION 5
Which feature is supported on the Cisco vEdge platform?
A. single sign on
B. IPv6 transport (WAN)
C. 2-factor authentication
D. license enforcement
E. reporting
F. non-Ethernet interfaces
Answer: B

Explanation/Reference:
QUESTION 6
Which two statements are true regarding Cisco ISE? (Choose two.)
A. The major business outcomes of ISE are enhanced user experience and secure VLAN segmentation
B. ISE plays critical role in SD Access
C. Without integration with any other product, ISE can track the actual physical location of a wireless endpoint as it
moves
D. ISE am provide data about when a specific device connected to the network
E. An ISE deployment requires only a Cisco ISE network access control appliance
Answer: BD
Explanation/Reference:
QUESTION 7
Which two statements are true regarding SD-WAN demonstrations? (Choose two.)
A. As a Cisco SD-WAN SF, you should you should spend your time learning about the technology rather than
contributing to demo innovation
B. Use demonstrations primarily for large opportunities and competitive situations
C. During a demo, you should demonstrate and discuss what the team considers important details
D. There is a big difference between demos that use a top down approach and demos that use a bottom up approach
E. During a demo you should consider the target audience and the desired outcome
Answer: AB
Explanation/Reference:
QUESTION 8
Which Cisco vEdge route offers 20 Gb of encrypted throughput?

A. Cisco vEdge 5000
B. Cisco vEdge 1000
C. Cisco vEdge 2000 D Cisco vEdge 100
Answer: A
Explanation/Reference:
QUESTION 9
Which are two Cisco recommendations that demonstrates SDA? (Choose two.)
A. Use the CLI to perform as much of the configuration as possible
B. Show lite customer how to integrate ISL into DMA Center at the end of the demo
C. Focus on business benefits
D. Keep the demo at a high level
E. Be sure you explain the major technologies such as VXLAN and LISP in depth
Answer: AE
Explanation/Reference:
QUESTION 10
Winch two primary categories are displayed on the overall health page of the assurance component in the Cisco DNA
Center? (Choose two.)
A. Wired
B. Client
C. Access-Distribution
D. Server
E. Network
Answer: CE
Explanation/Reference:

QUESTION 11
Which two options help you sell Cisco ISE? (Choose two.)
A. Downplaying the value of px Grid as compared to REST ful APIs
B. Explaining ISE support for 3rd party network devices
C. Show casing the entire ISE feature set
D. Referring to Trust Sec as being only supported on Cisco networks
E. Discussing (he importance of custom profiling
Answer: BD
Explanation/Reference:
QUESTION 12
Which node enables Cisco ISE to share contextual information on a device with Cisco Stealth watch?
A. Monitoring and Troubleshooting
B. pXGrid Controller
C. Policy Administration Node
D. Inline Posture Node
Answer: A
Explanation/Reference:
QUESTION 13
Which Cisco products were incorporated into Cisco ISE between ISE releases 20 and 2.3?
A. Cisco ASA
B. Cisco ESA
C. Cisco ACS
D. Cisco WSA

Answer: C
Explanation/Reference:
QUESTION 14
Which three ways are SD-Access and ACI Fabric similar? (Choose three.)
A. use of overlays
B. use of Virtual Network IDs
C. focus on user endpoints
D. use of group policy
E. use of Endpoint Groups
F. use of Scalable Group Tags
Answer: ABD
Explanation/Reference:
QUESTION 15
Which two activities should occur during an SE's discovery process? (Choose two.)
A. Establishing credibility with the customer
B. Working with the customer to develop a reference architecture
C. Referencing the PPDIOO model to effectively facilitate the discussion
D. Gathering information about the current state of the customer's network environment
E. Mapping Cisco innovation to customer's needs
Answer: CE
Explanation/Reference:
QUESTION 16
Which two activities should occur during an SE's demo process? (Choose two.)

A. determining whether the customer would like to drive deeper during a follow up
B. asking the customer to provide network drawings or white board the environment for you
C. identifying which capabilities require demonstration
D. leveraging a company such as Complete Communications to build a financial case.
E. highlighting opportunities that although not currently within scope would result in lower operational costs and
complexity
Answer: CD
Explanation/Reference:
QUESTION 17
Which protocol runs between the vSmart controllers and between the vSmart controllers and the vEdge routers, and
unifies all control plane functions under a single: protocol umbrella1?
A. BGP
B. OSPF
C. IKE
D. VRRP
Answer: D
Explanation/Reference:
QUESTION 18
Which option will help build your customers platform during the discovery phase?
A. business case
B. detailed design
C. POV report
D. high-level design
E. PO
Answer: E

Explanation/Reference:
QUESTION 19
Which element of the Cisco SD-WAN architecture facilitates the functions of controller discovery and NAT traversal?
A. vBond orchestrator
B. vManage
C. vSmart controller
D. vEdge
Answer: B
Explanation/Reference:
QUESTION 20
How would cisco ISE handle authentication for your printer that does not have a supplicant?
A. ISE would not authenticate the printer as printers are not subject to ISE authentication.
B. ISE would authenticate the printer using 8.2.1X authentication
C. ISE would authenticate the printer using MAB.
D. ISE would authenticate the printer using web authentication.
E. ISE would authenticate the printer using MAC RADIUS authentication
Answer: B
Explanation/Reference:
QUESTION 21
Which three options focus of the current digital business era'? (Choose three.)
A. loT scale
B. connectivity

C. virtualized services
D. automation
E. centralized enterprise and web applications
F. Human scale
Answer: BCD
Explanation/Reference:
QUESTION 22
Which Cisco product supports SD-Access and specifically built lo address new challenges faced by enterprises?
A. Nexus 7700 w/ Sup2E and M3 line cards
B. ISR 4221
C. Catalyst 9500
D. ASR 1000 MX
E. CSRv virtual router
F. Catalyst 6807-XL W/ Sup6T and C6800 10G line cards
Answer: F
Explanation/Reference:
QUESTION 23
What are three ways in Which Cisco ISE learns information about devices? (Choose three,)
A. user authentication to the ISE
B. SMIP agents
C. RPC mechanism via HTTPS
D. traffic generated by the device
E. network servers the device has accessed
F. RADIUS attributes
Answer: ADE

Explanation/Reference:
QUESTION 24
What should you do if you are looking at a strategic win with a customer and the customer wants to examine Cisco ISE
for longer than a few weeks?
A. Give then, some of our flash files mat can be played on any browser
B. Set them up with an account on a Cisco UCS server that hosts ISE
C. Set them up with a d Cloud account
D. Give them our ISE YouTube videos
E. Provide them with a downloadable POV kit
F. Provide them to our d Cloud demo library
Answer: B
Explanation/Reference:
QUESTION 25
Which are two Cisco ISE that benefits our customers ? (Choose two.)
A. provides network access controller
B. helps them stop and contain real time threats
C. enables them to set traffic priorities across the network
D. helps them accelerate application deployment and delivery
Answer: AB
Explanation/Reference:
QUESTION 26
Which two Cisco ISE use cases typically involve the highest level of implementation complexity? (Choose two.)

A. Guest and wireless access
B. Software defined access
C. Device management
D. Asset visibility
E. Software defined segmentation
Answer: AC
Explanation/Reference:
QUESTION 27
Which two options are primary functions of Cisco ISE? (Choose two.)
A. providing VPN access for any type of device
B. providing information about every device that touches the network
C. enabling WAN deployment over any type of connection
D. automatically enabling, disabling, or reducing allocated power to certain devices
E. enforcing endpoint compliance with network security policies Q allocating resources
Answer: AB
Explanation/Reference:
QUESTION 28
Which is a function of lite Proactive Insights feature of Cisco DNA Center Assurance'?
A. pointing out where the most serious issues are happening in the network
B. generating synthetic traffic to perform tests that raise awareness of potential network issues
C. enabling you to quickly view all of the contextual information related to the end application
D. enabling you to see the complete path of packets from the client to the end application
Answer: D
Explanation/Reference:

QUESTION 29
Which two statements regarding Cisco SD WAN vEdge routers can mitigate DoS attacks against the infrastructure?
(Choose two)
A. Open Certificate Authority and automated enrollment feature
B. By default, all incoming traffic is denied art the transport (WAN) side interfaces,
C. Only authorized controllers are allowed to communicate back to the vEdge router after the vEdge router establishes
connections with the controllers
D. In case of direct Internet access, the only traffic allowed back is the traffic matching the state table entries on the
vEdge router.
E. The vEdge routers run on hardened Linux operating systems
Answer: CD
Explanation/Reference:
QUESTION 30
What is the easiest way to enable SD-Access for all your remote site after you have your campus SD-Access fabric up
and running?
A. Treat all the sites as one fabric domain and use the traditional physical network as the underlay
B. Use a separate fabric domain for each site and use SD-WAN as the underlay
C. Use a separate fabric domain for each site and use the traditional physical network as the underlay
D. Treat all the sites as one fabric domain and use SD-WAN as the underlay
Answer: A
Explanation/Reference:
QUESTION 31
Which two statements describes Cisco SD-Access? (Choose Two.)
A. programmable overlays enabling network virtualization across the campus

B. an automated encryption/decryption engine for highly secured transport requirements
C. software-defined segmentation and policy enforcement based on user identity and group membership
D. a collection of tools and applications that are a combination of loose and tight coupling
E. an overlay for the wired infrastructure in which traffic is tunneled via a GRF tunnel lo a mobility controller for policy
and application visibility.
Answer: AC
Explanation/Reference:
QUESTION 32
Which component of the SD Access fabric is responsible for communicating with networks that are external to the fabric?
A. edge nodes
B. control plane nodes
C. intermediate nodes
D. border-nodes
Answer: A
Explanation/Reference:
Explanation
https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Campus/CVD-Software-Defined-Access-Design-Gu
QUESTION 33
What are the three foundational elements required for the new operational paradigm'? (Choose three.) A. centralization
A. assurance
B. application QoS
C. multiple technologies at multiple OSI layers
D. policy based automated provisioning of network of
E. fabric
Answer: BCE
Explanation/Reference:

QUESTION 34
Which is a benefit of a cloud-based SD-WAN deployment?
A. might be required for compliance with industry standards
B. Controller availability never an issue
C. security never an issue
D. agility of change dependent only on your own internal IT processes
E. Instant scale
Answer: E
Explanation/Reference:
QUESTION 35
Which two statements are true regarding Cisco ISE? (Choose two.)
A. In distributed deployments, failover from primary to secondary Policy Administration Nodes happens automatically.
B. The number of logs that ISE can retain is determined by your disk space
C. ISE supports IPv6 downloadable ACLs
D. ISE can detected endpoints whose addresses have been translated via NAT.
E. ISE supports up to 100 Policy Services Nodes
F. In two-node standalone ISE deployments failover must be done manually
Answer: AB
Explanation/Reference:


ReplyQuote
PrepAway - Latest Free Exam Questions & Answers
  
Working

Please Login or Register