1. Home
  2. Cisco
  3. 352-001

Cisco 352-001 Online Practice Questions and Exam Preparation

352-001 Exam Details

  • Exam Code
    :352-001
  • Exam Name
    :CCDE Written
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :705 Q&As
  • Last Updated
    :Dec 07, 2025

Cisco 352-001 Online Questions & Answers

  • Question 531:

    Which two conditions are required for successful route aggregation? (Choose two)

    A. Contiguous prefix allocation
    B. Logical separation between zones or layers within networks
    C. Matching traffic aggregation with route aggregation locations
    D. Consistent prefix allocations per network
    E. Physical separation between zones or layers within networks

  • Question 532:

    You are designing a Group Encrypted Transport Virtual Private Network solution consisting of 30 group members. Which measure helps protect encrypted user traffic from replay attacks?

    A. counter-based anti-replay
    B. time-based anti-replay
    C. nonce payload
    D. RSA-encrypted nonce
    E. digital certificates

  • Question 533:

    Refer to the exhibit.

    This diagram depicts the design of a small network that will run EIGRP on R1 and R2, and EIGRP Stub on R3. In which two ways will this network be impacted if there is link instability between R1 and R2? (Choose two.)

    A. R1 will have routes in its routing table that originate from R2 and R3.
    B. R3 will have routes in its routing table that originate from R1 and R2.
    C. R2 will have routes in its routing table that originate from R1 and R3.
    D. R3 will be transit for traffic between R1 and R2.
    E. R3 will not be transit for traffic between R1 and R2.

  • Question 534:

    Which option should be part of your network design to support dynamic mutual redistribution between multiple OSPFv2 and IS-IS boundaries, to avoid suboptimal routing?

    A. route tagging and administrative policies
    B. route filtering and administrative policies
    C. route aggregation and administrative policies
    D. disabling IS-IS wide metrics

  • Question 535:

    An enterprise network manager has decided to dual-home two service providers for Internet connectivity. In order to provide optimal outbound routing, the full Internet routing table will be accepted from each provider.

    The enterprise has obtained address space and an AS to use in connecting to the Internet.

    What is the simplest mechanism the network manager can use to prevent it from becoming a transit between the two service providers?

    A. Build a route filter that only allows the specific networks the enterprise owns to be advertised to each of the service providers.
    B. Build a traffic filter that only allows traffic originating from the specific networks the enterprise owns to be forwarded towards the service providers.
    C. Build a route filter that only allows networks with an empty AS path to be advertised to each of the service providers.
    D. Build a route filter that only allows networks which are tagged with the LOCAL community to be advertised to each of the service providers.

  • Question 536:

    You work for a service provider and must design a simple solution to provide Internet connectivity to an MPLS Layer 3 VPN customer whose IPv4 address block is 172.32.100.0/24. Which two options, when combined, allow this customer to have access to the Internet? (Choose 2)

    A. Implement a route toward 172.32.100.0/24 in the global RIB of the PE.
    B. Implement a VRF source NAT for hosts on the 172.32.100.0/24 subnet.
    C. Implement a default route in the VRF with a next hop in the global RIB of the PE.
    D. Implement policy-based routing between the PE and CE.
    E. Implement destination NAT between the VRF and the global RIB of the PE.

  • Question 537:

    Which two headend router scalability factors should be considered when designing a DMVPN network solution that uses a hub-and-spoke topology? (Choose two.)

    A. the required aggregated packet per second
    B. the amount of bandwidth necessary to terminate all the remote tunnels
    C. the routing protocol chosen for the data plane routing
    D. the maximum number of tunnels supported by the headend router
    E. the CPU and memory of the headend router

  • Question 538:

    Which two statements about the various types or DevOps tools are true? (Choose two)

    A. Puppet requires the installation of a master (server) and agents (clients) architecture for configuring systems.
    B. Salt cannot communicate with clients through general SSH, it use minions client agents only.
    C. Puppet and Chef are written in Python, Python skills are a must to operate these two.
    D. Ansible does not require agent node installation and uses SSH for performing all tasks.
    E. Chef and Puppet are much more attuned to the needs of system administrators.

  • Question 539:

    An enterprise customer A with provider-independent address space is dual-homed to two ISP.

    Which two options , when combined, allow for customer A to efficiently achieve out-bond traffic load-balancing? ( Choose two)

    A. Advertise Customer A subnets with a shorter AS path prepend to one of the ISPs than to the other
    B. Advertise Customer A subnets with different MED values to the two ISPs
    C. Accept a default route from both ISPs
    D. Make the CE connected to both ISPs route reflector
    E. Accept the routes originated on both ISPs and their direct peers

  • Question 540:

    For which two reasons would you deploy an IDS sensor in promiscuous mode when designing a security solution? (Choose two.)

    A. The solution stops malicious traffic from reaching its intended target
    B. The solution allows denying packets inline C. The solution is resistant to sensor failure
    D. The solution allows for stream normalization
    E. The solution allows for signature-based pattern matching

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 352-001 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.