300-540 Exam Questions
71 real 300-540 exam questions with expert-verified answers and explanations. Page 1 of 2.
- Question #1
Refer to the exhibit. An engineer must design a solution that allows a user to choose which private Cisco Catalyst SD-WAN network they want to connect to AWS. The solution must aut...
- Question #2
An engineer must design a cloud platform for managing IaC. The solution must be flexible, integrate with APIs, and allow for automation. What must be used?
- Question #3
Refer to the exhibit. An engineer must configure multihoming between router R1 and service provider SP-2. Locally generated routes must be advertised to service provider SP-2. Whic...
- Question #4
Refer to the exhibit. An engineer must configure an IPsec VPN connection between site 1 and site 2. The indicated configuration was applied to router R1; however, the tunnel fails...
- Question #5
Refer to the exhibit. An engineer must configure an IPsec VPN connection between site 1 and site 2. The ISAKMP policy for the phase 1 negotiations of the tunnel must use AES and SH...
- Question #6
What does Cisco Always-On Cloud DDoS use to protect against DDoS attacks?
- Question #7
Refer to the exhibit. An engineer must configure an IPsec VPN connection between site 1 and site 2. The indicated configuration was applied to router R1; however, the tunnel fails...
- Question #8
Refer to the exhibit. An engineer must deploy a standalone Cisco NFVIS. These configurations were performed already: Deployed the virtual machine Configured the hostname and IP add...
- Question #9
Refer to the exhibit. An engineer is troubleshooting a physical configuration issue in Cisco NFVI. Which two observations should be made? (Choose two.)
- Question #10
An engineer must design a cloud platform for event-driven applications. The solution must allow micro-sized atomic components to be built, deployed, and run code on demand. Which s...
- Question #11
Refer to the exhibit. An engineer must configure multihoming between router R1 and service providers SP-1 and SP-2. Locally generated routes must be advertised to the service provi...
- Question #12
An engineer must design a solution to provide safe channels between peer-to-peer devices, ensure that unauthorized users cannot break into the network, and ensure that listening de...
- Question #13
How does SR-IOV move data directly to and from the network adapter?
- Question #14
An engineer must implement a public cloud solution that enables a company to place all its infrastructure and its end-user applications in the cloud, eliminating the need for softw...
- Question #15
Refer to the exhibit. An engineer must deploy a Layer 3 EVPN over segment routing MPLS in the data center core; however, Cisco switch Spine_A fails to join the OSPF network. Which...
- Question #16
What should be used to protect against lateral movements during a Cisco NFVI security breach?
- Question #17
An engineer must enable the highest level of logging when troubleshooting Cisco NFVIS. Which command must be run?
- Question #18
What is a valid connection method between carrier-neutral facilities that are more than 20 miles away from each other?
- Question #19
What is used to protect a web server against a DDoS attack?
- Question #20
What is used to protect against an API logic flaw?
- Question #21
An engineer must implement a solution on a Cisco ASR 1000 Series router to protect against DDoS attacks. DDoS traffic must be dropped by transmitting Flowspec attributes to edge ro...
- Question #22
Refer to the exhibit. An engineer must configure iBGP multipath load sharing across three paths. Which two commands must be run on router R2? (Choose two.)
- Question #23
Refer to the exhibit. An engineer is troubleshooting a Cisco NFVI issue where the management node fails to start. Which service must be restarted to resolve the issue?
- Question #24
What is a capability of a Cisco NFVIS SNMP trap?
- Question #25
Refer to the exhibit. An engineer must stop DDoS attacks on web and mail servers by using an ACL. Which two commands must be run on router R17? (Choose two.)
- Question #26
What is a benefit of a carrier-neutral data center?
- Question #27
Which type of cyberattack does Cisco Umbrella DNS-layer security effectively help mitigate?
- Question #28
An engineer attempts to kill a NETCONF session. The session ID is equal to the current session. What is the effect of this action?
- Question #29
Direct Connect offers which of the following advantages over traditional internet connections?
- Question #30
SNMP traps are utilized for which of the following purposes?
- Question #31
EVPN over SR/MPLS can solve which of the following issues?
- Question #32
What is a benefit of using VXLANs in a cloud-scale environment?
- Question #33
An engineer must configure NTP servers in Cisco Enterprise NFVIS. The primary NTP server has an IP address of 192.168.1.1 and the backup NTP server has an IP address of 192.168.2.1...
- Question #34
Refer to the exhibit. An engineer must connect switch TOR1 and switch TOR2 to switch LEAF1 and switch LEAF2 by using double-sided vPCs. LEAF1 and LEAF2 are already configured as vP...
- Question #35
What is a valid connection method between carrier-neutral facilities within the same metro area?
- Question #36
Refer to the exhibit. The indicated configuration was applied to a Cisco switch Switch_A located in the Los Angeles DC data center; however, Switch_A fails to establish OTV connect...
- Question #37
An engineer must add VNF implementation definitions and VNF service definitions to an OpenStack deployment data model to deploy virtual routers and firewalls to an enterprise netwo...
- Question #38
A large company's legacy network is set up with equipment from multiple vendors. The company engaged a network architect to optimize the network for virtualization. The architect m...
- Question #39
Which cloud provider connection permits BGP peering?
- Question #40
A network architect must design a solution for implementing virtualization functions. The main goal is to ensure network reliability and reduce downtime by considering the network...
- Question #41
Refer to the exhibit. An engineer must configure Cisco IOS SLB for DNS on router R1 to meet these requirements: must be redirected to the DNS server at 10.1.1.1; must be redirected...
- Question #42
Carrier-neutral facilities offer connectivity options to cloud providers through which of the following? (Choose two)
- Question #43
Virtual Machines and Containers are both used to virtualize resources. Which statement is true?
- Question #44
Load balancers are recommended in high availability designs to distribute traffic across multiple __________.
- Question #45
Which of the following technologies are used for NFV orchestration? (Choose three)
- Question #46
An engineer recently deployed a Secure Endpoint VPC in AirGap mode. Which command must be run in the Secure Endpoint Private Cloud portal to update the package to the latest versio...
- Question #47
An engineer must create a new VPC and deploy several Amazon EC2 instances in AWS. Only SSH connections originating from IP address 20.20.20.20 must be allowed to reach the EC2 inst...
- Question #48
Which format is used by Cisco Container Platform for configuration files?
- Question #49
An engineer must design a pay-as-you-go solution for their partners. The solution must allow for rapid deployments, be flexible, and scale resources up or down in a hybrid workplac...
- Question #50
Refer to the exhibit. An engineer working for a private service provider with an employee ID 5207:22:409 must configure iBGP multipath load sharing across the three paths. Which tw...