300-440 Exam Questions

An engineer is implementing a highly secure multitier application in AWS that includes S3. RDS, and some additional private links. What is critical to keep the traffic safe?

What is the role of service providers to establish private connectivity between on-premises networks and Google Cloud resources?

Refer to the exhibits. An engineer must redistribute IBGP routes into OSPF to connect an on- premises network to a cloud provider. Which command must be configured on router R2?

An engineer must configure an IPsec tunnel to the cloud VPN gateway. Which Two actions send traffic into the tunnel? (Choose two.)

Which architecture model establishes internet-based connectivity between on-premises networks and AWS cloud resources?

A cloud engineer is setting up a new set of nodes in the AWS EKS cluster to manage database integration with Mongo Atlas. The engineer set up security to Mongo but now wants to ens...

Which feature is unique to Cisco SD-WAN IPsec tunnels compared to native IPsec VPN tunnels?

Which approach does a centralized internet gateway use to provide connectivity to SaaS applications?

Refer to the exhibit. An engineer needs to configure a site-to-site IPsec VPN connection between an on-premises Cisco IOS XE router and Amazon Web Services (AWS). Which configurati...

Refer to the exhibit. An engineer successfully brings up the site-to-site VPN tunnel between the remote office and the AWS virtual private gateway, and the site-to-site routing wor...

Refer to the exhibit. A company uses Cisco SD-WAN in the data center. All devices have the default configuration. An engineer attempts to add a new centralized control policy in Ci...

A company with multiple branch offices wants a suitable connectivity model to meet these network architecture requirements: - high availability - quality of service (QoS) - multiho...

A company has multiple branch offices across different geographic locations and a centralized data center. The company plans to migrate Its critical business applications to the pu...

Which method is used to create authorization boundary diagrams (ABDs)?

Refer to the exhibit. While troubleshooting an IPsec connection between a Cisco WAN edge router and an Amazon Web Services (AWS) endpoint, a network engineer observes that the secu...

Refer to the exhibit. A network engineer discovers that the policy that is configured on an on- premises Cisco WAN edge router affects only the route tables of the specific devices...

A company with multiple branch offices wants a connectivity model to meet its network architecture requirements. The company focuses on ensuring low latency and efficient routing f...

Which Microsoft Azure service enables a dedicated and secure connection between an on- premises infrastructure and Azure data centers through a colocation provider?

An engineer must enable the OMP advertisement of BGP routes for a specific VRF instance on a Cisco IOS XE SD-WAN device. What should be configured after the global address-family i...

Refer to the exhibits. An engineer troubleshoots a Cisco SD-WAN connectivity issue between an on-premises data center WAN Edge and a public cloud provider WAN Edge. The engineer di...

Refer to the exhibits. While troubleshooting, a network engineer discovers that the backup path fails between ASBR3 and ASBR4 for traffic between BGP AS6000 and BGP AS6500 when the...

Refer to the exhibits. An engineer needs to configure a site-to-site IPsec VPN connection between an on premises Cisco IOS XE router and Amazon Web Services (AWS). Which two IP pre...

Refer to the exhibits. An engineer must redistribute OSPF internal routes into BGP to connect an on-premises network to a cloud provider without introducing extra routes. Which two...

Refer to the exhibits. An engineer must redistribute only the 10.0.10.0/24 network into BGP to connect an on-premises network to a public cloud provider. These routes are currently...

Refer to the exhibits. An engineer must redistribute OSPF internal routes into BGP to connect an on-premises network to a cloud provider. Which two commands should the engineer run...

Which feature of Google Cloud VPN establishes secure internet-based connectivity between on- premises networks and Google Cloud resources?

Which model provides the middle mile from colocation and on-demand private connectivity to the cloud, where branches connect via the internet as a first mile?

What is an advantage of using a dedicated connection to a SaaS provider instead of public internet connectivity?

A company has a distributed network that consists of multiple branch offices, a corporate data center, and public cloud infrastructure that is hosted in AWS. The company requires h...

Which service allows for a dedicated, low latency connection between an organization's on- premises infrastructure and Google Cloud Platform through a colocation provider?

Refer to the exhibit. An engineer must redistribute 10.10.10.0/24 routes into BGP to connect the on-premises network to a cloud provider. Which command must be configured on the ro...

An engineer is implementing a highly secure multitier application in AWS that includes S3. RDS, and several additional private links. Which two features are required to keep the tr...

Which Microsoft Azure-native security feature controls inbound connectivity to an Azure virtual machine?

Which threat models are required for penetration testing of a FedRAMP network?

Which two types of target gateways, under VPC > VPN connections, should an engineer select to configure an AWS site-to-site VPN? (Choose two.)

Refer to the exhibit. An engineer must configure a site-to-site IPsec VPN connection between an on-premises Cisco IOS XE router and AWS. Which command completes the configuration?

Refer to the exhibit. An engineer establishes IPsec, internet-based, secure cloud connectivity between an on-premises Cisco IOS XE router and a native AWS endpoint. Which parameter...

Refer to the exhibit. An engineer is establishing a VPN tunnel from the Google Cloud VPN gateway toward the external IP addresses of the Montreal branch and the Toronto site. The e...

Refer to the exhibit. Which tunnel mode must be configured to allow cloud gateway connectivity to the VPC through the transit gateway using an AWS IPSec VPN approach?

Which two types of target gateways are used to configure an AWS site-to-site VPN? (Choose two.)

Refer to the exhibit. An engineer is troubleshooting an IPSec connectivity issue between an on- premises data center and a public cloud provider. Which two conclusions should the e...

Refer to the exhibit. An engineer must configure a site-to-site IPsec VPN connection between an on-premises Cisco IOS XE router and Amazon Web Services. Which IP address completes...

A network engineer configures a localized data policy on a router, but the configuration blocks data traffic between the routers on the SD-WAN overlay network. The configuration al...

Refer to the exhibit. An engineer must configure Cisco Catalyst SD-WAN connectivity between an on-premises data center and AWS. The GigabitEthernet0 interface is used for public In...

An engineer must deploy Cisco Catalyst SD-WAN, route software as a service application traffic for optimal performance, and route other types of traffic through the data center. Wh...

Refer to the exhibit. The policy has failed to stop DOS attacks from within the service VPN 100. The counter shows no logб but the destination network reported DOS attacks from net...

An engineer configured a Cisco Catalyst SD-WAN router for SIG and entered the secure- internet-gateway configuration level What is the next step to implement a Cisco SIG using Zsca...

Refer to the exhibit. The output shows a configured jitter variance of 10 ms. Which path is optimal for network traffic?

What is the advantage of using Cisco Catalyst SD-WAN for connectivity between on-premises networks and cloud resources?

An engineer needs to configure Cisco Catalyst SD-WAN connectivity between an on-premises data center and AWS. The GigabitEthernet1 interface is used for public Internet connectivit...