Proper study guides for Improve Cisco Designing for Cisco Internetwork Solutions certified begins with Cisco 200-310 preparation products which designed to deliver the Precise 200-310 questions by making you pass the 200-310 test at your first time. Try the free 200-310 demo right now.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 200-310 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
2021 Mar 200-310 free exam
Q101. What is the benefit of VLSM?
A. reduces configuration complexity by using the same subnet mask length
B. reduces the routing table size by using automatic route summarization
C. reduces the routing table size by using manual route summarization
D. allows the subnet mask and classful routing updates to be advertised
E. secures the hosts on a subnet by using RFC 1918 addresses
Q102. Which layer of the OSI model does Cisco recommend to place the enterprise network core layer, when designing a network based on its switched hierarchical design?
A. Layer 1
B. Layer 2
C. Layer 3
D. Layer 4
Q103. What technology can secure data over an insecure medium and provide WAN redundancy in the event of a primary connection failure?
A. virtual private network
B. shadow PVC
C. dial-up ISDN
D. GRE Tunnel
Q104. What wireless authentication option requires a Public Key Infrastructure?
Q105. Which one of these statements is an example of how trust and identity management solutions should be deployed in the enterprise campus network?
A. Authentication validation should be deployed as close to the data center as possible.
B. Use the principle of top-down privilege, which means that each subject should have the privileges that are necessary to perform their defined tasks, as well as all the tasks for those roles below them.
C. Mixed ACL rules, using combinations of specific sources and destinations, should be applied as close to the source as possible.
D. For ease of management, practice defense in isolation - security mechanisms should be in place one time, in one place.
Explanation: Validating user authentication should be implemented as close to the source as possible, with an emphasis on strong authentication for access from untrusted networks. Access rules should enforce policy deployed throughout the network with the following guidelines:
.Source-specific rules with any type destinations should be applied as close to the source as possible.
.Destination-specific rules with any type sources should be applied as close to the destination as possible.
.Mixed rules integrating both source and destination should be used as close to the source as possible.
An integral part of identity and access control deployments is to allow only the necessary access. Highly distributed rules allow for greater granularity and scalability but, unfortunately, increase the management complexity. On the other hand, centralized rule deployment eases management but lacks flexibility and scalability.
Practicing “defense in depth” by using security mechanisms that back each other up is an important concept to understand. For example, the perimeter Internet routers should use ACLs to filter packets in addition to the firewall inspecting packets at a deeper level.
Cisco Press CCDA 640-864 Official Certification Guide Fourth Edition, Chapter 13
Replace 200-310 actual exam:
Q106. The enterprise campus core layer has requirements that are unique from the distribution and access layers. Which of the following is true about the core layer?
A. The core layer provides convergence using Layer 2 and Layer 3 services and features.
B. The core layer provides high availability to support the distribution layer connections to the enterprise edge.
C. The campus core layer is optional.
D. The core layer requires high performance to manage the traffic policing across the backbone.
Q107. When designing the infrastructure protection portion for the enterprise edge, which solution would be the most appropriate solution to consider?
B. ACLs in the core layer
C. Cisco Security MARS
Q108. An enterprise campus module is typically made up of four sub modules, as described by the Cisco Enterprise Architecture Model. Which two sub modules are part of this module?
B. enterprise branch
C. building distribution
D. server farm/data center
Q109. What two access point modes support the transmission of user traffic over a LWAPP/CAPWAP tunnel? (Choose two.)
C. rogue detector
Q110. When designing a new enterprise campus network, what topology should be used for maximum scalability?
D. partial mesh
E. full mesh