Top Cisco 352-001 testing bible Choices

Exambible offers free demo for 352-001 exam. "CCDE Written Exam", also known as 352-001 exam, is a Cisco Certification. This set of posts, Passing the Cisco 352-001 exam, will help you answer those questions. The 352-001 Questions & Answers covers all the knowledge points of the real exam. 100% real Cisco 352-001 exams and revised by experts!

The article at going over is very comprehensive.

Q81. You are designing an Out of Band Cisco Network Admission Control, Layer 3 Real-IP Gateway deployment for a customer. Which VLAN must be trunked back to the Clean Access Server from the access switch? 

A. untrusted VLAN 

B. user VLAN 

C. management VLAN 

D. authentication VLAN 


Q82. A company plans to use BFD between its routers to detect a connectivity problem inside the switched network. An IPS is transparently installed between the switches. Which packets should the IPS forward for BFD to work under all circumstances? 

A. IP packets with broadcast IP source addresses 

B. IP packets with identical source and destination IP addresses 

C. fragmented packets with the do-not-fragment bit set 

D. IP packets with the multicast IP source address 

E. IP packets with the multicast IP destination address 

F. IP packets with the destination IP address 


Q83. A service provider creates a network design that runs MPLS in its WAN backbone using OSPF as the IGP routing protocol. What would be two effects of additionally implementing MPLS-TE? (Choose two.) 

A. MPLS-TE is required to reroute traffic within less than 1 second in case of a link failure inside the backbone. 

B. MPLS-TE is required to route different MPLS QoS service classes through different paths. 

C. MPLS-TE and OSPF cannot be used together inside one MPLS network. 

D. MPLS-TE cannot use OSPF for the traffic path calculation. 

E. MPLS-TE is required to create backup paths independently from the IGP. 

Answer: B,E 

Q84. You have been tasked to create a Layer 2 network design that uses vPC to provide resiliency and avoid loops. vPC removes Layer 2 loops while providing redundancy through which mechanism? 

A. dual-active detection 

B. address synchronization 

C. strict forwarding rules 

D. Bridge Assurance 


Q85. Refer to the exhibit. 

A new IPv4 multicast-based video-streaming service is being provisioned. During the design-validation tests, you realize that the link between the two buildings is carrying multicast traffic even when there are no receivers connected to the switch in Building B and despite IGMP snooping being enabled on both Layer 2 switches and IGMPv2 runs on the hosts. Which design change will prevent the multicast traffic from being unnecessarily flooded throughout the campus network? 

A. Enable PIM snooping on both Layer 2 switches. 

B. Enable multicast storm control on the link between Switch 1 and Switch 2. 

C. Use static Layer 2 MAC forwarding entries on Switch 1. 

D. Change the IPv4 multicast group address such that it excludes the usage of link-local MAC addresses. 

E. Ensure that Switch 1 is an IGMP querier. 


Q86. Which restriction prevents a designer from using a GDOI-based VPN to secure traffic that traverses the Internet? 

A. Enterprise host IP addresses are typically not routable. 

B. GDOI is less secure than traditional IPsec. 

C. Network address translation functions interfere with tunnel header preservation. 

D. The use of public addresses is not supported with GDOI. 


Q87. After the recent implementation of a new design that incorporated GRE tunnels into the network, the network operations staff is seeing the following syslog message in multiple routers on the network - %TUN-5-RECURDOWN: Tunnel0 temporarily disabled due to recursive routing. 

From a design perspective, what was not taken into account prior to implementing the solution? 

A. The neighboring routers cannot respond within the specified hold time. 

B. The interface on the router that is the source of the tunnel is down. 

C. The interface on the neighboring router that is the source of the tunnel is down. 

D. The router is learning the route to the tunnel destination address using the tunnel interface. 

E. The tunnel interface on the router is not receiving any keepalives within the specified hold time. 


Q88. Which two options are characteristics of firewall transparent mode operations in a firewall solution design? (Choose two.) 

A. The firewall acts like a router hop in the network. 

B. OSPF adjacencies can be established through the firewall. 

C. Changes in the existing IP addressing and subnets are required. 

D. Multicast traffic can traverse the firewall. 

E. The firewall can participate actively on spanning tree. 

Answer: BD 

Q89. Which mechanism should be added to a network design to identify unidirectional Spanning Tree Protocol failures through BPDU loss? 


B. loop guard 

C. BPDU guard? 

D. root guard 


Q90. Refer to the exhibit. 

Your junior design engineer presents this configuration design. What is the next-hop router for CE3, and why? 

A. CE1. BGP weight is higher than CE2. 

B. CE2. EBGP administrative distance is lower than RIP. 

C. CE2. The link between CE2 and PE1 has more bandwidth than CE1-to-PE1. 

D. CE1. HSRP on CE1 is in active state.