1. Home
  2. Cisco
  3. 400-007

Cisco Certified Design Expert (CCDE Written)

Exam Details

  • Exam Code
    :400-007
  • Exam Name
    :Cisco Certified Design Expert (CCDE Written)
  • Certification
    :CCDE
  • Vendor
    :Cisco
  • Total Questions
    :381 Q&As
  • Last Updated
    :Mar 31, 2025

Cisco CCDE 400-007 Questions & Answers

  • Question 41:

    Which design principal improves network resiliency?

    A. Added load-balancing

    B. Added redundancy

    C. Added confidentiality

    D. Added reliability

  • Question 42:

    A company plans to use BFD between its routers to detect a connectivity problem inside the switched network. An IPS is transparently installed between the switches. Which packets shold the IPS forward for BFD to work under all circumstances?

    A. Fragmented packet with the do-not-fragment bit set

    B. IP packets with broadcast IP source addresses

    C. IP packets with the multicast IP source address

    D. IP packet with the multicast IP destination address

    E. IP packets with identical source and destination IP addresses

    F. IP packets with the destination IP address 0.0.0.0.

  • Question 43:

    Which two statements describe the usage of the IS-IS overload bit technique? (Choose two )

    A. lf overload-bit is set on a Level 2 intermediate system, the other Level 2 intermediate systems in the topology will stop using the overloaded IS to forward Level 2 traffic However, the intermediate system can still forward Level 1 traffic

    B. It can be set in intermediate systems (IS-IS routers) to prioritize control plane CSNP packets.

    C. It can be used to automatically synchronize the link-state database between Level 1 intermediate systems

    D. It can be set in intermediate systems (IS-IS routers) to avoid traffic black holes until routing protocols are fully converged after a reload operation.

    E. It can be set in intermediate systems (IS-IS routers) to attract transit traffic from other intermediate systems

  • Question 44:

    What is a web-based model in which a third-party provider hosts applications that are available to customers over the Internet?

    A. PaaS

    B. SaaS

    C. laaS D. WaaS

  • Question 45:

    Company XYZ is revisiting the security design for their data center because they now have a requirement to control traffic within a subnet and implement deep packet inspection Which technology meets the updated requirements and can be incorporated into the design?

    A. routed firewall

    B. VLAN ACLs on the switch

    C. transparent firewall

    D. zone-based firewall on the Layer 3 device

  • Question 46:

    Refer to the exhibit.

    A customer runs OSPF with Area 5 between its aggregation router and an internal router When a network change occurs in the backbone. Area 5 starts having connectivity issues due to the SPF algorithm recalculating an abnormal number of times in Area 5 You are tasked to redesign this network to increase resiliency on the customer network with the caveat that Router B does not support the stub area.

    How can you accomplish this task?

    A. Increase the bandwidth on the connection between Router A and Router B

    B. Implement LSA filtering ontheAB, allowing summary routes and preventing more specific routes into Area 5

    C. Create a virtual link to Area 0 from Router B to the ABR

    D. Turn on LSA throttling on all devices in Area 5

    E. Set Area 5 to stubby at the ABR anyway

  • Question 47:

    Which Interconnectivity method offers the fastest convergence in the event of a unidirectional issue between three Layer 3 switches connected together with routed links in the same rack in a data center?

    A. Copper Ethernet connectivity with BFD enabled

    B. Copper Ethernet connectivity with UDLD enabled

    C. Fiber Ethernet connectivity with BFD enabled

    D. Fiber Ethernet connectivity with UDLD enabled

  • Question 48:

    Which solution component helps to achieve rapid migration to the cloud for SaaS and public cloud leveraging SD-WAN capabilities?

    A. service-oriented cloud architecture

    B. Cloud onramp

    C. cloud registry

    D. microservices in the cloud

  • Question 49:

    Which technology supports antispoofing and does not have any impact on encryption performance regardless of packet size?

    A. MACsec

    B. IP source guard

    C. DHCP snooping with DAI

    D. IPsec

  • Question 50:

    You have been tasked with designing a data center interconnect to provide business continuity You want to encrypt the traffic over the DCI using IEEE 802 1AE MACsec to prevent the deployment of any firewall or IPS. Which two interconnect technologies support MACsec? (Choose two.)

    A. EoMPLS

    B. MPLS Layer 3 VPN

    C. DMVPN

    D. GET VPN

    E. KVPLS

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 400-007 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.