1. Home
  2. Cisco
  3. 352-001

CCDE Written

Exam Details

  • Exam Code
    :352-001
  • Exam Name
    :CCDE Written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :705 Q&As
  • Last Updated
    :Jul 03, 2023

Cisco Cisco Certifications 352-001 Questions & Answers

  • Question 11:

    Refer to the exhibit. The operations team has identified that some of the multi-tiered e-commerce applications have slow performance, due to illegitimate inbound traffic from the Internet. On which network device do you place traffic filtering to improve performance?

    A. A

    B. B

    C. C

    D. D

  • Question 12:

    Which markup language is used to format Ansible's playbook?

    A. ADML

    B. YAML

    C. XML

    D. HTML

    E. NAML

  • Question 13:

    Which two reasons for implementing Cisco MPLS TE in a service provider MPLS backbone are valid? (Choose two.)

    A. when Cisco MPLS TE is a prerequisite for implementing RSVP in the backbone

    B. when Cisco MPLS TE is required to create backup paths independently from the IGP

    C. when Cisco MPLS TE is required to route different MPLS QoS service classes through different paths

    D. when Cisco MPLS TE is required to reroute traffic within less than 1 second in case of a link inside the backbone

    E. when Cisco MPLS TE can detect and react to neighbor failures faster than IGPs can

  • Question 14:

    Your customer wants to migrate their network from IPv4 to IPv6. They currently have Control Plane Policing deployed to protect their network devices from illegitimate ICMP traffic flooding.

    How do you adjust Control Plane Policing for ICMPv6 traffic, if it should be adjusted at all?

    A. Unlike ICMPv4, ICMPv6 must never be policed because it has additional functionality in the LAN

    B. The customer must pay special attention to the ICMPv6 rate limiting policy because it has additional functionality in the LAN

    C. ICMPv6 must be policed to the ICMPv4 lower value because the ICMPv6 packet size is bigger

    D. The policy must remain the same for ICMPv4 and ICMPv6

  • Question 15:

    OSPF is implemented over a pseudowire Layer 2 VPN. Which statement about this design implementation is true?

    A. The IP MTU must be the same on both PE devices

    B. The physical interface MTU must be the same between the CE and PE devices

    C. The IP MTU must be the same on both CE devices

    D. The IP MTU must be the same on the CE and PE devices

  • Question 16:

    Which two best practices for the security design of an IPv6 network are true? (Choose two.)

    A. BGP and IS-IS only support unencrypted password authentication when IPv6 is enabled on the network

    B. IPv4 ICMP policies are different from IPv6 ICMP policies on the firewall

    C. uRPF is no longer required with IPv6 FHS implementation

    D. IPsec must be used if there is a requirement to secure OSPFv3

    E. IPv6 host security controls are enough to block and inspect IPv6 traffic from one device to another

  • Question 17:

    Refer to the exhibit. This customer uses Gigabit Ethernet on all router interfaces and gets point-to-point Layer 2 VPN connections from their telco provider. This network runs IS-IS with default parameters. Which action manipulates traffic flow so that router A traffic takes the high-speed links as the preferred path when routing to router H?

    A. Manually adjust the interface metrics

    B. Match the interface bandwidth with the actual circuit speed

    C. Adjust the reference bandwidth used to calculate the interface metrics

    D. Manually adjust the delay parameters on the circuits

  • Question 18:

    Company ABC uses IPv4-only. Recently, they started deploying new endpoint devices. For operational reasons, IPv6 cannot be disabled on these new endpoint devices. Which security measure prevents the new endpoint from learning an IPv6 prefix from an attacker?

    A. Secure Neighbor Discovery

    B. Router Advertisement Guard

    C. Prefix Guard

    D. Source Guard and Prefix Guard

  • Question 19:

    An enterprise company has an audit requirement to encrypt traffic between selected development teams. Those teams are located in multiple sites across the country. They must migrate all locations to an MPLS Layer 3 VPN-based service, but this implementation must not impact the VoIP solution. The VoIP traffic to and from the call center sites must be copied to the data center servers so that it is recorded to meet another audit requirement.

    Which solution meets these requirements?

    A. Implement GETVPN with selective encryption only for the development traffic

    B. Implement a DMVPN-based solution encrypting all traffic except the VoIP traffic

    C. Implement LISP-based tunnels for the development traffic

    D. Implement site-to-site GRE tunnels only for development traffic

  • Question 20:

    A network engineer has been tasked to design an IPV6 wireless sensor network using IEEE 802.15.4 to support an IoT project.

    Which two protocols does the engineer need to utilize for this design? (Choose two.)

    A. 802.11ax

    B. 802.11ac

    C. 802.11

    D. 6LoWPAN

    E. VPN

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 352-001 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.