Category: 352-001

352-001-Cisco Certified Design Expert Qualification Exam

Which restriction prevents a designer from using a GDOI-based VPN to secure traffic that traverses the Internet?

Which restriction prevents a designer from using a GDOI-based VPN to secure traffic that traverses the
Internet?
A. Enterprise host IP addresses are typically not routable.
B. GDOI is less secure than traditional IPsec.
C. Network address translation functions interfere with tunnel header preservation.
D. The use of public addresses is not supported with GDOI.

Which limitation is valid when using route reflectors in this design?

An IBGP mesh design is being scoped, and in the discussions, one of the design engineers proposes the use
of route reflectors. Which limitation is valid when using route reflectors in this
70

design?
A. The configuration complexity on the routers will be increased.
B. Route reflectors will limit the total number of routes in the topology.
C. Multipath information is difficult to propagate in a route reflector topology.
D. Route reflectors will cause an opportunity to create routing loops.

What is the best method?

You are designing a wireless LAN with the following components:
– High-density indoor access point deployment
– 2.4-GHz and 5-GHz radios
– 802.11a, 802.11g, and 802.11n mode wireless LAN clients
Site survey results show negligible foreign WiFi and non-WiFi interference. What is the best method to
decrease duty cycle (radio frequency utilization) and increase overall wireless LAN client performance for this
design?
A. Disable all data rates below 12 Mb/s on all access points.
B. Decrease radio transmit power on all access points that report a high duty cycle.
C. Increase radio transmit power on all access points that report a high duty cycle.
D. Disable all data rates above 12 Mb/s on all access points.
E. Increase radio transmit power on all access points.

Which feature can be used to simplify the network design?

A company wants to connect two data center sites using a hub-and-spoke design with 2000 remote sites. One
design consideration is the requirement to transfer MPLS packets over the public Internet. In addition, one
router at each site should be used, and the MPLS packets must be encapsulated inside IP packets because
the public Internet cannot transfer native MPLS packets. Which feature can be used to simplify the network
design?
A. GET VPN can be used to encrypt the MPLS packets with IPsec.
B. DMVPN can be used to build up GRE tunnels dynamically with MPLS encapsulation inside.
C. L2TPv3 can be used to encapsulate the MPLS packets.
D. Site-to-site IPsec without GRE can be used to encapsulate the MPLS packets.
E. PPPoE can be used to encapsulate the MPLS packets.

while minimizing disruption?

You work for a large company that has just acquired another smaller company. You have been asked to lead
a group of SAN experts from both companies to design the integration plan that will be used to interconnect
the SANs and migrate the data from the newly acquired company to the main storage arrays. The first thing
that the team discovers is that the two SANs have the same domain IDs.
As the SAN team lead, what would you advise your team to do so that you can interconnect the two SANs
while minimizing disruption?
A. Use FCIP with Write Acceleration and IVR version 1 with a transit VSAN to expedite the data transfer
between the two SANs.
B. Change the domain IDs on both SANs so that they are both unique and then connect ISLs between the
SANs.
C. Use IVR NAT with a transit VSAN between the SANs.
D. The two SANs cannot be merged without disruption.

the network design so that the appliance is added into the traffic path? (Choose two

A company wants to use an external appliance between its data center and WAN to optimize email and HTTP
communications. The traffic flow must pass this appliance in both directions. The appliance is connected with
only one interface to a Cisco IOS router and has a single IP address. Which two adjustments can you make to
the network design so that the appliance is added into the traffic path? (Choose two.)
A. Configure static routes to route the traffic to the appliance.
B. Adjust the dynamic routing to route the traffic to the appliance.
C. Configure NAT to force the traffic to the appliance.
D. Configure a route map at the data center-side interface to forward the traffic to the appliance IP

address.
E. Configure a route map at the appliance-facing interface to forward the traffic to the appliance IP address.
F. Configure a route map at the WAN-side interface to forward the traffic to the appliance IP address.

will govern the sources of traffic entering the tunnel in the inside interface?

75

Your company plans to implement an Internet gateway router that is performing NAT. This same gatewaywill
be terminating various IPsec tunnels to other remote sites. Which address type is appropriate for the ACL that
will govern the sources of traffic entering the tunnel in the inside interface?
A. inside local
B. inside global
C. outside local
D. outside global

describe reasons to use the MPLS-TP standard in your design? (Choose three

You have been hired by a startup company to provide optical services using MPLS-TP. Which three options
describe reasons to use the MPLS-TP standard in your design? (Choose three.)
A. MPLS-TP is a newer packet transport technology that replaces SONET/SDH.
B. MPLS-TP includes extensions to native MPLS OAM for fault detection, monitoring, and propagation.
C. MPLS-TP requires a routing protocol.
D. MPLS-TP uses an IANA assigned label 13 for OAM.
E. MPLS-TP uses Ethernet Y.1731 OAM.


Page 1 of 1712345...10...Last »