350-401 Free Practice Test

- (Topic 3)
What is one main REST security design principle?

1. A. separation of privilege
2. B. password hashing
3. C. confidential algorithms
4. D. OAuth

Correct Answer: A
Separation of Privilege: Granting permissions to an entity should not be purely based on a single condition, a combination of conditions based on the type of resource is a better idea.
https://restfulapi.net/security-essentials/#:~:text=REST Security Design Principles&text=Least Privilege:An entity should,when no longer in use.

- (Topic 2)
In a Cisco SD-Access solution, which protocol is used by an extended node to connect to a single edge node?

1. A. VXLAN
2. B. IS-IS
3. C. 802 1Q
4. D. CTS

Correct Answer: C
Reference: https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-sda-design-guide.html#Network_Components

- (Topic 4)
What is a characteristics of traffic shaping?

1. A. can be applied in both traffic direction
2. B. queues out-of-profile packets until the buffer is full
3. C. drops out-of-profile packets
4. D. causes TCP retransmits when packet are dropped

Correct Answer: B

- (Topic 2)
Refer to the exhibit.

An engineer must permit traffic from these networks and block all other traffic An informational log message should be triggered when traffic enters from these prefixes Which access list must be used?

1. A. access-list acl_subnets permit ip 10.0.32.0 0 0.0.255 log
2. B. access-list acl_subnets permit ip 10.0.32.0 0.0.7.255 log
3. C. access-list acl_subnets permit ip 10.0.32.0 0.0.7.255 access-list acl_subnets deny ip any log
4. D. access-list acl_subnets permit ip 10.0.32.0 255.255.248.0 log

Correct Answer: B

- (Topic 1)
An engineer must configure HSRP group 300 on a Cisco IOS router. When the router is functional, it must be the must be the active HSRP router. The peer router has been configured using the default priority value. Which command set is required?
A)

B)

C)

D)

1. A. Option A
2. B. Option B
3. C. Option C
4. D. Option D

Correct Answer: B