Ensurepass
2017 June Cisco Official New Released 300-320 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-320.html

Designing Cisco Network Service Architectures (ARCH)

QUESTION 21

Which two VPN solutions extend the routing capabilities of basic IPsec VPNs? (Choose two.)

 

A.

GRE

B.

NVI

C.

DES

D.

VTI

E.

AES

 

Correct Answer: AD

 

 

QUESTION 22

A e-commerce network has many devices that often need to be upgraded on a regular basis. What technology will ensure IP packets continue to be forwarded even during a device failover?

 

A.

stateful switchover

B.

nonstop forwarding

C.

route processor redundancy

D.

optimized edge routing

E.

enhanced object tracking

Correct Answ
er:
B

 

 

QUESTION 23

Which three Layer 2 access designs have all of their uplinks in an active state? (Choose three.)

 

A.

Flex Links

B.

loop-free U

C.

looped square

D.

looped triangle

E.

loop-free inverted U

 

Correct Answer: BCE

 

 

QUESTION 24

Which two protocols are used for high availability in enterprise networks? (Choose two.)

 

A.

BGP

B.

GLBP

C.

RSTP

D.

VRRP

E.

OSPF

 

Correct Answer: BD

 

 

QUESTION 25

A network engineer is building a LAN design that includes Cisco NAC. What two characteristics of an out-ofband NAC deployment are important to consider when evaluating it for the design? (Choose two.)

 

A.

supported by a limited number of switch models

B.

never in-line with user traffic

C.

aggregate client traffic is constrained to NAC server port speed

D.

recommended if sharing ports between IP phones and PCs

E.

supports real IP gateway (routed mode)

 

Correct Answer: AD

Explanation:

https://www.safaribooksonline.com/library/view/foundation-learning-guide/9780132652933/ch08.html

 

“Out-of-band traffic flow is supported with the Cisco NAS connected to most common Cisco switches with recent software releases.”

 

https://www.cisco.com/c/en/us/td/docs/security/nac/appliance/configuration_guide/47/cas/47cas-book/s_deploy.html

 

“OOB Virtual Gateway Recommended configuration if sharing ports between IP phones and PCs.”

 

 

 

QUESTION 26

Which three statements about Network Attached Storage are correct? (Choose three.)

 

A.

Data is accessed using NFS or CIFS.

B.

Data is accessed at the block level.

C.

NAS is referred to as captive storage.

D.

Storage devices can be shared between servers.

E.

A NAS implementation is not as fast as a DAS implementation.

 

Correct Answer: ADE

 

 

QUESTION 27

Which Cisco NAC Appliance design is the most scalable in large Layer 2-to-distribution implementation?

 

A.

Layer 2 out-of-band

B.

Layer 2 in-band

C.

Layer 3 out-of-band

D.

Layer 3 in-band

 

Correct Answer: B

Explanation:

https://www.safaribooksonline.com/library/view/foundation-learning-guide/9780132652933/ch08.html

 

“Layer 2 In-Band Designs The Layer 2 in-band topology is the most common deployment option.

[…]

This is the most scalable design in large L2-to-distribution environments, because this design can be transparently implemented in the existing network supporting multiple access layer switches. It supports all network infrastructure equipment. The Cisco NAS supports per-user ACLs.”

 

 

QUESTION 28

A campus network in a switch block design requires redundant distribution switches, load sharing across uplinks, a loop-free topology, and only one gateway IP address per VLAN. Which switching technology meets all of the requirements?

 

A.

HSRP

B.

VSS

C.

Spanning Tree Protocol

D.

EtherChannel

 

Correct Answer: B

 

 

QUESTION 29

Which three authentication services are supported by Cisco NAC Appliance? (Choose three.)

 

A.

RADIUS

B.

LDAP

C.

Kerberos

D.

TACACS+

E.

local

F.

SNMP

 

Correct Answer: ABC

Explanation:

https://www.cisco.com/c/en/us/td/docs/security/nac/appliance/configuration_guide/47/cam/47cam-book/m_auth.html

 

“Working with Existing Backend Authentication Servers

When working with existing backend authentication servers, Cisco supports the following authentication protocol types:

Kerberos

RADIUS (Remote Authentication Dial-In User Service)

Windows NT (NTLM Auth Server)

LDAP (Lightweight Directory Access Protocol)”

 

 

QUESTION 30

Which of these Layer 2 access designs does not support VLAN extensions?

 

A.

FlexLinks

B.

loop-free U

C.

looped square

D.

looped triangle

E.

loop-free inverted U

 

Correct Answer: B

100% Free Download!
—Download Free Demo:300-320 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-320 Full Exam PDF and VCE Q&As:389
—Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.06.01-2017.06.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE