100% Correct of cisco 300 320 free practice exam materials and lab for Cisco certification for IT professionals, Real Success Guaranteed with Updated ccdp 300 320 pdf dumps vce Materials. 100% PASS Designing Cisco Network Service Architectures exam Today!

Q161. Which statement about IPS and IDS solutions is true? 

A. IDS and IPS read traffic only in inline mode. 

B. IDS and IPS read traffic only in promiscuous mode. 

C. An IDS reads traffic in inline mode, and an IPS reads traffic in promiscuous mode. 

D. An IDS reads traffic in promiscuous mode, and an IPS reads traffic in inline mode. 


Q162. NBAR is deployed on the network as part of network optimization. Which technology is critical to recognize new applications on the network? 


B. ACLs 

C. code upgrade 

D. additional licenses 


Q163. Given the addresses and, which option is the best summary? 






Q164. What is one reason to implement Control Plane Policing? 

A. allow OSPF routing protocol to advertise routes 

B. protect the network device route processor from getting overloaded by rate limiting the incoming control plane packets 

C. allow network devices to generate and receive packets 

D. protect the data plane packets 


Q165. A network engineer is building a LAN design that includes Cisco NAC. What two characteristics of an out-of-band NAC deployment are important to consider when evaluating it for the design? (Choose two.) 

A. supported by a limited number of switch models 

B. never in-line with user traffic 

C. aggregate client traffic is constrained to NAC server port speed 

D. recommended if sharing ports between IP phones and PCs 

E. supports real IP gateway (routed mode) 

Answer: A,D 

Q166. Which four Cisco proprietary Spanning Tree Protocol enhancements are supported with rapid per-VLAN Spanning-Tree plus? (Choose four.) 

A. PortFast 

B. UplinkFast 

C. loop guard 

D. root guard 

E. BPDU guard 

F. BackboneFast 

Answer: A,C,D,E 

Q167. Refer to the exhibit. 

The Cisco Nexus 1000V in the VMware vSphere solution effectively creates an additional access layer in the virtualized data center network; which of the following 1000V characteristics can the designer take advantage of? 

A. Offloads the STP requirement from the external Access layer switches 

B. If upstream access switches do not support vPC or VSS the dual-homed ESX host traffic can still be distributed using virtual port channel host mode using subgroups automatically discovered through CDP 

C. Allows transit traffic to be forwarded through the ESX host between VMNICs 

D. Can be divided into multiple virtual device contexts for service integration, enhanced 

security, administrative boundaries, and flexibility of deployment 


Q168. Which unique characteristics of the Data Center Aggregation layer must be considered by an Enterprise Campus designer? 

A. Layer 3 routing between the Access and Aggregation layers facilitates the ability to span VLANs across multiple access switches, which is a requirement for many server virtualization and clustering technologies. 

B. "East-west" server-to-server traffic can travel between aggregation modules by way of the core, but backup and replication traffic typically remains within an aggregation module. 

C. Load balancing, firewall services, and other network services are commonly integrated by the use of service modules that are inserted in the aggregation switches. 

D. Virtualization tools allow a cost effective approach for redundancy in the network design by using two or four VDCs from the same physical switch. 



Drag the task on the left to the appropriate layer category on the right.