we provide Validated Cisco ccdp 300 320 braindumps which are the best for clearing 300 320 arch test, and to get certified by Cisco Designing Cisco Network Service Architectures. The 300 320 vce Questions & Answers covers all the knowledge points of the real 300 320 arch exam. Crack your Cisco aerospatiale alenia atr 42 300 320 Exam with latest dumps, guaranteed!

Q151. Which of the following two are effective and simple means of employing route summarization within the Enterprise Campus network? (Choose two) 

A. A default route ( /0) advertised dynamically into the rest of the network 

B. Route filtering to manage traffic flows in the network, avoid inappropriate transit traffic through remote nodes, and provide a defense against inaccurate or inappropriate routing updates 

C. Use manual split horizon 

D. Use a structured hierarchical topology to control the propagation of EIGRP queries 

E. Open Shortest Path First (OSPF) stub areas 

Answer: A,E 

Q152. A network manager wants to securely connect a new remote site to the existing headquarters site using a VPN technology that meets security requirements. Which VPN technology should be used? 


B. IPsec 

C. remote-access VPN 



Q153. Which VRF component ensures control plane separation between the different Layer 3 VPNs? 


B. routing protocol instance 


D. a subset of the router interfaces 




Q155. What are two characteristics of Server Load Balancing router mode? (Choose two.) 

A. The design supports multiple server subnets. 

B. An end-user sees the IP address of the real server. 

C. SLB routes between the outside and inside subnets. 

D. The source or destination MAC address is rewritten, but the IP addresses left alone. 

E. SLB acts as a "bump in the wire" between servers and upstream firewall or Layer 3 devices. 

Answer: A,C 

Q156. When designing remote access to the Enterprise Campus network for teleworkers and mobile workers, which of the following should the designer consider? 

A. It is recommended to place the VPN termination device in line with the Enterprise Edge firewall, with ingress traffic limited to SSL only 

B. Maintaining access rules, based on the source IP of the client, on an internal firewall drawn from a headend RADIUS server is the most secure deployment 

C. VPN Headend routing using Reverse Route Injection (RRI) with distribution is recommended when the remote user community is small and dedicated DHCP scopes are in place 

D. Clientless SSL VPNs provide more granular access control than SSL VPN clients (thin or thick), including at Layer7 


Q157. An organization is deploying a new load balancing environment to support sensitive applications. The security requirements include discrete IP segments used for VIPs and for the application hosts. What load balancer mode meets the requirements? 

A. router 

B. bridge 

C. transparent 

D. pass-through 


Q158. Which two technologies provide web and URL filtering and mitigate zero-day malware? (Choose two.) 

A. Cisco CWS 

B. Cisco WSA 

C. Cisco GETVPN 

D. Cisco ESA 


Answer: A,B 

Q159. Which multicast implementation strategy provides load sharing and redundancy by configuring intradomain RPs as MSDP peers? 

A. anycast RP 

B. auto-RP 

C. bootstrap router 

D. static RP 


Q160. Which Cisco feature can be run on a Cisco router that terminates a WAN connection, to gather and provide WAN circuit information that helps switchover to dynamically back up the WAN circuit? 

A. Cisco Express Forwarding 


C. passive interface 

D. traffic shaping