Breathing Cisco 350-901 Questions Pool Online

NEW QUESTION 1
Which database type should be used to store data received from model- driven telemetry?

• A. BigQuery database
• B. Time series database
• C. NoSQL database
• D. PostgreSQL database

Answer: B

NEW QUESTION 2

Refer to the exhibit. The YAML represented is using the ios_vrf module. As part of the Ansible playbook workflow, what is the result when this task is run?

• A. VRFs not defined in the host_vars file are removed from the device.
• B. VRFs not defined in the host_vars file are added to the device, and any other VRFs on the device remain.
• C. VRFs defined in the host_vars file are removed from the device.
• D. VRFs are added to the device from the host_vars file, and any other VRFs on the device are removed.

Answer: D

NEW QUESTION 3
Which two techniques protect against injection attacks? (Choose two.)

• A. input validation
• B. trim whitespace
• C. limit text areas to 255 characters
• D. string escaping of user free text and data entry
• E. only use dropdown, checkbox, and radio button fields

Answer: AE

NEW QUESTION 4
A heterogeneous network of vendors and device types needs automating for better efficiency and to enable future automated testing. The network consists of switches, routers, firewalls and load balancers from different vendors, however they all support the NETCONF/RESTCONF configuration standards and the YAML models with every feature the business requires. The business is looking for a buy versus build solution because they cannot dedicate engineering resources, and they need configuration diff and rollback functionality from day 1.
Which configuration management for automation tooling is needed for this solution?

• A. Ansible
• B. Ansible and Terraform
• C. NSO
• D. Terraform
• E. Ansible and NSO

Answer: E

NEW QUESTION 5
Application sometimes store configuration as constants in the code, which is a violation of strict separation of configuration from code. Where should application configuration be stored?

• A. environment variables
• B. YAML files
• C. Python libraries
• D. Dockerfiles
• E. INI files

Answer: B

NEW QUESTION 6
How should a web application be designed to work on a platform where up to 1000 requests per second can be served?

• A. Use algorithms like random early detection to deny excessive requests.
• B. Set a per-user limit (for example, 5 requests/minute/user) and deny the requests from the users who have reached the limit.
• C. Only 1000 user connections are allowed; further connections are denied so that all connected users can be served.
• D. All requests are saved and processed one by one so that all users can be served eventually.

Answer: D

NEW QUESTION 7
Which two methods are API security best practices? (Choose two.)

• A. Use tokens after the identity of a client has been established.
• B. Use the same operating system throughout the infrastructure.
• C. Use encryption and signatures to secure data.
• D. Use basic auth credentials over all internal API interactions.
• E. Use cloud hosting services to manage security configuration.

Answer: AC

NEW QUESTION 8

Refer to the exhibit. Which additional line results in the output of Test 1 upon execution of the docker run --rm devnet 1 command in a Dockerfile with this content?

• A. CMD [“/bin/echo”, “Test”]
• B. RUN [“/bin/echo”, “Test”]
• C. ENTRYPOINT [“/bin/echo”, “Test”]
• D. CMD [“/bin/echo Test”]

Answer: A

NEW QUESTION 9
Which two statements are considered best practices according to the 12-factor app methodology for application design? (Choose two.)

• A. Application code writes its event stream to stdout.
• B. Application log streams are archived in multiple replicated databases.
• C. Application log streams are sent to log indexing and analysis systems.
• D. Application code writes its event stream to specific log files.
• E. Log files are aggregated into a single file on individual nodes.

Answer: AD

NEW QUESTION 10

Refer to the exhibit. Many faults have occurred in the ACI environment and a sample of them needs to be examined. Which API call retrieves faults 30 through 45?

• A. GET https://apic-ip-address/api/class/faultInfo.json?order-by=faultinst.severity|desc&page=1&page-size=15
• B. GET https://apic-ip-address/api/class/faultInfo.json?order-by=faultinst.severity|desc&page=2&page-size=15
• C. GET https://apic-ip-address/api/class/faultInfo.json?order-by=faultinst.severity|desc&page=30
• D. GET https://apic-ip-address/api/class/faultInfo.json?order-by=faultinst.severity|desc&page=2&page-size=30

Answer: D

NEW QUESTION 11
An Etag header is included in the HTTP response for an API resource. What are two benefits of using the value of the Etag for future interactions involving the same API resource? (Choose two.)

• A. caching and optimization of response payloads
• B. creating conditional requests
• C. categorizing and comparing this API resource with others
• D. checking the integrity of the resource
• E. requesting the list of operations authorized for this resource

Answer: AB

NEW QUESTION 12
On a Cisco Catalyst 9300 Series Switch, the guest shell is being used to create a service within a container. Which change is needed to allow the service to have external access?

• A. Apply ip nat overload on VirtualPortGroup0.
• B. Apply ip nat inside on Interface VirtualPortGroup0.
• C. Apply ip nat outside on Interface VirtualPortGroup0.
• D. Apply ip nat inside on Interface GigabitEthernet1.

Answer: B

NEW QUESTION 13
A client is written that uses a REST API to interact with a server. Using HTTPS as the transport, an HTTP request is sent and received an HTTP response. The response contains the HTTP response status code: 503 Service Unavailable.
Which action is the appropriate response?

• A. Add an Authorization header that supplies appropriate credentials and sends the updated request.
• B. Resend the request using HTTP as the transport instead of HTTPS.
• C. Add an Accept header that indicates the content types that the client understands and send the updated request.
• D. Look for a Retry-After header in the response and resend the request after the amount of time indicated.

Answer: A

NEW QUESTION 14
A network operations team is using the cloud to automate some of their managed customer and branch locations. They require that all of their tooling be ephemeral by design and that the entire automation environment can be recreated without manual commands. Automation code and configuration state will be stored in git for change control and versioning. The engineering high-level plan is to use VMs in a cloud-provider environment then configure open source tooling onto these VMs to poll, test, and configure the remote devices, as well as deploy the tooling itself.
Which configuration management and/or automation tooling is needed for this solution?

• A. Ansible
• B. Ansible and Terraform
• C. NSO
• D. Terraform
• E. Ansible and NSO

Answer: B

NEW QUESTION 15
Refer to the exhibit. The cURL POST request creates an OAuth access token for authentication with FDM API requests. What is the purpose of the file “@token_data” that cURL is handling?

• A. This file is a container to log possible error responses in the request.
• B. This file is given as input to store the access token received from FDM.
• C. This file is used to send authentication related headers.
• D. This file contains raw data that is needed for token authentication.

Answer: B

NEW QUESTION 16
Into which two areas are AppDynamics APIs categorized? (Choose two.)

• A. application-centric
• B. analytics-events
• C. database-visibility
• D. platform-side
• E. agent-side

Answer: DE

NEW QUESTION 17
DRAG DROP

Refer to the exhibit. Drag and drop the steps from the left into the correct order of operation on the right for a successful OAuth2 three-legged authorization code grant flow.
Select and Place:

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 18
Refer to the exhibit. An application uses an API to periodically sync a large data set. Based on the HTTP message sequence provided, which statements are true about the caching behavior seen in the scenario? (Choose two.)

• A. The full dataset was transmitted to the client twice.
• B. The dataset changed sometime between message #4 and #5.
• C. A partial dataset was transmitted to the client in message #4.
• D. The dataset did not change during the scenario.
• E. Messages #3 and #5 are equivalent.

Answer: AD

NEW QUESTION 19

Refer to the exhibit. The Ansible playbook is using the netconf_module to configure an interface using a YANG model. As part of this workflow, which YANG models augment the interface?

• A. ietf-interfaces and ietf-ip
• B. iana-if-type and ietf-interfaces
• C. ietf-ip and openconfig-interface
• D. ietf-ip and iana-if-type

Answer: B

NEW QUESTION 20
Which two countermeasures help reduce the risk of playback attacks? (Choose two.)

• A. Store data in a NoSQL database.
• B. Implement message authentication (HMAC).
• C. Enable end-to-end encryption.
• D. Remove stack traces from errors.
• E. Use short-lived access tokens.

Answer: BE

NEW QUESTION 21

Refer to the exhibit. Which two functions are performed by the load balancer when it handles traffic originating from the Internet destined to an application hosted on the file server farm? (Choose two.)

• A. Terminate the TLS over the UDP connection from the router and originate an HTTPS connection to the selected server.
• B. Terminate the TLS over the UDP connection from the router and originate an HTTP connection to the selected server.
• C. Terminate the TLS over the TCP connection from the router and originate an HTTP connection to the selected server.
• D. Terminate the TLS over the TCP connection from the router and originate an HTTPS connection to the selected server.
• E. Terminate the TLS over the SCTP connection from the router and originate an HTTPS connection to the selected server.

Answer: DE

NEW QUESTION 22
An application uses OAuth to get access to several API resources on behalf of an end user. What are two valid parameters to send to the authorization server as part of the first step of an authorization code grant flow? (Choose two.)

• A. URI to which the authorization server will send the user-agent back when access is granted or denied
• B. list of the API resources that the application is requesting to access
• C. secret that was generated by the authorization server when the application registered as an OAuth integration
• D. list of scopes that correspond to the API resources to which the application is requesting to access
• E. name of the application under which the application registered as an OAuth integration

Answer: AC

NEW QUESTION 23
A web application is susceptible to cross-site scripting. Which two methods allow this issue to be mitigated? (Choose two.)

• A. Use only drop downs.
• B. Limit user input to acceptable characters.
• C. Encrypt user input on the client side.
• D. Use AES encryption to secure the script.
• E. Remove all HTML/XML tags from user input.

Answer: BD

NEW QUESTION 24
A container running a Python script is failing when it reaches the integration testing phase of the CI/CD process. The code has been reviewed thoroughly and the build process works on this container and all other containers pass unit and integration testing.
What should be verified to resolve the issue?

• A. that the correct port is exposed in the Dockerfile
• B. that the necessary modules and packages are installed on build
• C. that the script is running from the night directory
• D. that the Python version of the container image is correct

Answer: B

NEW QUESTION 25
......