Cisco Designing Cisco Enterprise Networks Exam 300-420 ENSLD Exam Questions

Page: 1 / 14
Total 379 questions
Question 1

Refer to the exhibit.

Refer to the exhibit. An architect is designing a Layer 3 campus network. The design must hide network instability, reduce network overhead, and conserve critical device memory. Which route summarization solution must the architect select?



Answer : A

The correct design is to advertise a default route from the aggregation layer toward the access layer and summarize the VLAN subnets at the aggregation layer toward the core. Cisco hierarchical campus design places summarization at aggregation or distribution boundaries because that is where access-layer routes are collected before entering the core. Summarizing the VLAN ranges into 10.0.0.0/16 hides individual access VLAN instability from the core, reducing routing table entries, protocol churn, and memory consumption on core devices. Sending a default route from aggregation to access also keeps access switches simple and prevents them from carrying unnecessary campus routing detail. This design contains failures and convergence events inside the appropriate block. Summarizing at the access layer is less practical when multiple VLANs aggregate at distribution. Advertising a default toward the core is backwards, because the core must know the summarized access block. Reference topics: hierarchical campus routing, aggregation-layer summarization, default routing to access, route-table reduction, convergence containment.


Question 2

An engineer must propose a QoS architecture model that allows an application to inform the network of its traffic profile and to request a particular type of service to support its bandwidth and delay requirements. The application requires consistent and dedicated bandwidth end to end. Which QoS architecture model meets these requirements?



Answer : D

Integrated Services is the QoS model that allows an application to signal its traffic requirements to the network and request specific service treatment. Cisco QoS guidance distinguishes IntServ from DiffServ by explaining that IntServ follows a signaled-QoS model, while DiffServ uses provisioned per-hop behavior based on markings. IntServ uses RSVP to reserve resources along the end-to-end path. That reservation process allows the network to admit or deny the flow based on available bandwidth and policy, which is why IntServ aligns with applications that require consistent and dedicated bandwidth. DiffServ is much more scalable and widely deployed in enterprise networks, but it does not provide per-flow resource reservation by itself. LLQ is a queuing mechanism commonly used inside a DiffServ design for delay-sensitive traffic such as voice. WRED is a congestion-avoidance technique, not an end-to-end reservation architecture. Because the question explicitly says that the application informs the network of its traffic profile and requests a service level, the correct QoS architecture is IntServ.


Question 3

Refer to the exhibit.

Refer to the exhibit. An architect reviews the low-level design of a company's enterprise network and advises optimizing the STP convergence time. Which functionality must be to Gi1/0/1-10 to follow the architect's recommendation?



Answer : A

PortFast is the correct functionality for the Gi1/0/1-10 interfaces when those ports are endpoint-facing access ports. Cisco spanning-tree design uses PortFast to allow edge ports to transition directly to the forwarding state, avoiding the normal listening and learning delay associated with traditional STP convergence. That improves user and endpoint connectivity after link-up events and is especially important for workstations, phones, printers, and access devices that should not participate in the Layer 2 topology. Root guard and BPDU guard are protection features, not the primary convergence optimization requested by the architect. UplinkFast was used in older STP designs to accelerate recovery for access switches with redundant uplinks, but it is not the edge-port functionality for interfaces Gi1/0/1-10. In a modern design, PortFast should be enabled only on true host-facing ports, normally together with BPDU guard to protect against accidental switch attachment. If the exhibit shows these interfaces as end-user access ports, PortFast is the feature that follows the recommendation to optimize STP convergence time. Reference topics: STP PortFast, edge-port convergence, BPDU guard, Layer 2 campus design.


Question 4

Refer to the exhibit.



Answer : A, D

The correct design uses IPv4 unicast for Company A and Company B and VPNv4 in the shared core. In an MPLS Layer 3 VPN architecture, customer edge routing toward the provider edge commonly uses the ordinary IPv4 unicast address family. The PE router then places the learned customer routes into the appropriate VRF. Across the shared provider core, MP-BGP carries those customer routes as VPNv4 prefixes by adding route distinguishers, which keep identical or overlapping customer prefixes unique. Route targets then control which VRFs import or export each route. Cisco describes this VRF and VPNv4 model as the mechanism that prevents one VPN customer from learning another customer's prefixes while sharing the same provider backbone. VPNv4 is not normally used directly between the customer networks and their CE-facing sessions. Therefore, the customer sides use IPv4 unicast, and the shared core uses VPNv4 to preserve separation. Reference topics: MPLS Layer 3 VPN, MP-BGP VPNv4, VRF, route distinguisher, route targets, customer route isolation.


Question 5

An architect is designing a connectivity solution for a customer's two small branch offices. The customer wants a cost-effective design, no routing overload, and some down time during the year is acceptable. Which connectivity solution must the architect choose?



Answer : B

A single-homed WAN design is appropriate for two small branch offices when cost is the main concern, routing overload must be avoided, and occasional downtime is acceptable. Single-homed connectivity uses one WAN connection from the branch to the provider or headquarters. It is the simplest and least expensive model because it minimizes circuits, routers, routing adjacencies, and failover complexity. Dual-homed or multihomed designs improve availability, but they add cost and operational overhead through additional links, devices, routing policy, and monitoring. Dual multihomed designs are the most resilient but clearly exceed the requirement for a small cost-sensitive branch. A single multihomed design provides some provider or link diversity, but it is still more complex than necessary if the customer accepts some downtime. In Cisco WAN design, the correct topology must match the business availability requirement; not every site justifies redundant circuits. Reference topics: WAN topology selection, single-homed branch design, cost versus availability, routing simplicity, branch connectivity.


Question 6

Refer to the exhibit.

Refer to the exhibit. Which two points in the network must an engineer configure the ports for explicit trust when using a DiffServ model?



Answer : A

Explicit QoS trust should be configured at the network boundary points where markings first enter the managed DiffServ domain and are known to be reliable. In a DiffServ design, traffic classification and marking are typically performed at the access edge or at a controlled ingress boundary, and downstream devices then honor DSCP or CoS markings based on the trust boundary. Cisco QoS design stresses that the trust boundary must be intentionally placed; endpoints or unmanaged devices should not be trusted by default because they can mark traffic incorrectly and steal priority treatment. The exhibit answer identifies B and E as the correct trust points, meaning those are the controlled ingress locations where markings should be accepted. Options that trust uncontrolled endpoint-facing points or internal transit locations would either create a security problem or add no practical value. Once traffic is trusted and marked at the correct boundary, queuing, policing, and shaping policies can use the DSCP values consistently across the campus or WAN. Reference topics: DiffServ, QoS trust boundary, DSCP marking, classification, enterprise QoS design.


Question 7

An engineer uses Postman and YANG to configure a router with:

OSPF process ID 200

network 172.16.10.128/26 enabled for Area 0

Which get-config reply verifies that the model set was designed correctly?

A.

B.

C.

D.



Answer : A

The correct get-config reply is the one that shows OSPF process ID 200 and the network 172.16.10.128/26 assigned to Area 0 in the same YANG model hierarchy that was used for configuration. In model-driven configuration, verification is not based on visual similarity to CLI output; it is based on whether the operational or running datastore contains the intended structured objects at the correct schema paths. For IOS XE native OSPF configuration, the process identifier, network statement, wildcard or prefix representation, and area association must be represented exactly as the model requires. A /26 network beginning at 172.16.10.128 covers addresses 172.16.10.128 through 172.16.10.191, so replies showing a different base network, wrong process ID, wrong area, or invalid mask cannot verify the design. Option A is the matching reply. The professional validation workflow is to send the configuration, read back the intended datastore using get-config, and confirm the model fields rather than relying only on CLI screen output. Reference topics: NETCONF get-config, IOS XE native OSPF YANG, datastore verification, OSPF area configuration.


Page:    1 / 14   
Total 379 questions