352-001 Exam Details
-
Exam Code
:352-001 -
Exam Name
:CCDE Written -
Certification
:Cisco Certifications -
Vendor
:Cisco -
Total Questions
:705 Q&As -
Last Updated
:Dec 07, 2025
Cisco 352-001 Online Questions & Answers
-
Question 441:
An network is designed to use OSPF to reach eBGP peers.
Which condition should be avoided in the design to potentially prevent the eBGP peers do not flap continuously in case of link failure?
A. Disable BGP synchronization.
B. Advertise IP addresses used on eBGP peer statement via a non-backbone OSPF area.
C. Advertise via eBGP IP addresses used on eBGP peer statements.
D. Use an ACL to block BGP in one direction. -
Question 442:
Which statement about DHCPv6 Guard features design is true?
A. A certificate must be installed on the DHCPv6 server and relay agent.
B. DHCPv6 client requests can be rate-limited to protect the control plane.
C. Rogue DHCPv6 servers cannot assign IPv6 addresses to clients.
D. DHCPv6 client requests can be filtered to protect the data plane. -
Question 443:
You are designing a multisite VPN solution for a customer and you are concerned with the additional overhead of point-to-point tunnels and the associated overlay routing with DMVPN. How does a GDOI-based VPN eliminate the additional tunnel and routing overhead found in DMVPN?
A. The GDOI-based VPN requires overlaying a secondary routing infrastructure through the tunnels.
B. In a GDOI-based VPN, all group members share a common security association.
C. The GDOI-based VPN requires the provisioning of a complex connectivity mesh.
D. The GDOI-based VPN leverages the routing protocol to find its peer for tunnel setup. -
Question 444:
For the following items, which one is the weakness of rate limiting as a response to a DoS attack?
A. Rate limiting does not drop enough packets.
B. Rate limiting does not detect attacks.
C. Rate limiting only works on inbound traffic.
D. Rate limiting is too processor-intensive. -
Question 445:
Refer to the exhibit. The customer uses Gigabit Ethernet on all router interfaces and gets point-to-point Layer 2 VPN connections from their Telco. This network runs IS-IS with default parameters. In which to circuits should you manually decrease the interface metric to allow bidirectional traffic to take the high-speed links between router A and router H? (Choose two.)
A. between router B and router D
B. between router D and router F
C. between router F and router G
D. between router C and router F -
Question 446:
Which openstack component implements role-based access control?
A. Horizon
B. Nova
C. Neutron
D. Keystone -
Question 447:
In which two ways is IPv4 and IPv6 traffic handled in a network design that uses QoS deployment options? (Choose two.)
A. IPv6 and IPv4 traffic is treated in the same way by using a single QoS policy that classifies and matches on both protocols.
B. IPv6 traffic is treated differently than IPv4 by using the flow-label field, which is built into the IPv6 packet header.
C. IPv6 traffic does not require QoS because it uses to the flow-label field, which classifies and matches on the IPv6 protocol.
D. IPv6 traffic is treated differently than IPv4 by using two different QoS policies.
E. IPv6 traffic is treated differently than IPv4 because it uses only the DSCP value and not the IP precedence. -
Question 448:
DRAG DROP
Classify the OSPF Fast Network Convergence technique by dragging the techniques on the left and dropping them into the corresponding categories on the right.
Select and Place:
-
Question 449:
A retail company connects its 250 branches across the globe to the core using MPLS Layer 3 VPN. The company is planning to migrate its traditional telephony services to VoIp, in order to reduce the cost of international calls. What are the two primary concerns when implementing this migration? (Choose two)
A. Jitter
B. Call routing design
C. SRST
D. MTU
E. Available bandwidth -
Question 450:
What information can you get from TCP flags while assessing an attack?
A. Type of attack
B. Target of the attack
C. Priority of the attack traffic
D. Source of the attack
Related Exams:
-
300-745
Designing Cisco Security Infrastructure (300-745 SDSI) v1.0 -
350-101
Implementing and Operating Cisco Wireless Core Technologies (350-101 WLCOR)v1.0 -
352-011
Cisco Certified Design Expert Practical -
500-052
Cisco Unified Contact Center Express -
500-173
Designing the FlexPod Solution (FPDESIGN) -
500-201
Deploying Cisco Service Provider Mobile Backhaul Solutions -
500-210
SP Optical Technology Field Engineer Representative -
500-220
Engineering Cisco Meraki Solutions (ECMS) v2.2 -
500-230
Cisco Service Provider Routing Field Engineer -
500-240
Cisco Mobile Backhaul for Field Engineers
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 352-001 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.