DevNet Associate v1.0 – Practice Final Exam Answers

How to find: Press “Ctrl + F” in the browser and fill in whatever wording is in the question to find that question/answer. If the question is not here, find it in Questions Bank.
NOTE: If you have the new question on this test, please comment Question and Multiple-Choice list in form below this article. We will update answers for you in the shortest time. Thank you! We truly value your contribution to the website.

1. A network engineer is working on a bash script in order to automate some mundane tasks needed by the department. Why would the engineer add a she-bang (#!) to the top of the script as shown:

#!/bin/bash

  • The script file has specific commands that are preceded by the exclamation mark (!) and should not be executed.
  • The script file has specific commands that are preceded by the pound sign (#) and should not be executed.
  • The commands within the script fie are to have the output stored in the /bin/bash directory.
  • The script file has commands that need to be run in the bash shell.

Explanation: A she-bang is the pound sign (#) followed by an exclamation mark (!) and designates the path to the command interpreter. In this case, the interpreter is bash and bash will be used to interpret the script that follows.

2. An international manufacturing company is implementing an industrial internet of things plant infrastructure. The design requires that computing resources are located as close to the user as possible. Which cloud model is suitable for this situation?

  • public
  • edge
  • private
  • hybrid

Explanation: Edge clouds are located as close to the user as possible. Having computing power at the network edge is a benefit for internet of things devices such as cameras, industrial automation equipment, and autonomous vehicles.

3. What are three tools used by developers for scanning code to check for well-known security issues? (Choose three.)

  • Viptela
  • Brakeman
  • VisualCodeGrepper
  • Docker
  • Bandit
  • VIRL

Explanation: Because most code developers are not security experts, it is not uncommon to have security vulnerabilities inadvertently written into applications. To help mitigate this threat, there are code scanning tools that a developer can use to look for any well-know security issues embedded into the code. Examples of such tools are Bandit, Brakeman, and VisualCodeGrepper.

4. A network engineer is configuring a Jenkins job and finishing with the following script in order to trigger the build:

node {
    stage('Preparation') {
          catchError(buildResult: 'SUCCESS') {
              sh 'docker stop samplerunning'
              sh 'docker rm samplerunning'
          }
    }
    stage('Build') {
          build 'BuildAppJob'
    }
    stage('Results') {
          build 'TestAppJob'
    }
}

After saving the job, what should the engineer do next?

  • Test the script in Docker.
  • Run the job.
  • Open the Recent Changes option to verify the results of the job.
  • Manually run the samplerunning container.

Explanation: Once a script is created, use the Build Now Jenkins menu option to run the job. If the script is done correctly, then the Stage View should show three green boxes. If errors are found, check the script for errors.

5. What are three ways to mitigate SQL injection threats? (Choose three.)

  • stored procedures configured with the “db_owner” rights set as default
  • stateless packet-filtering firewalls
  • dynamic queries
  • database firewalls
  • whitelist input validation
  • parameterized database queries

Explanation: SQL injection is a basic web application attack technique which, if successful, can delete or change sensitive data or reveal it to the attacker. There are several methods to mitigate the threat of SQL injection such as the use of parameterized database queries, database firewalls, and whitelist input validation.

6. What is the purpose of adding salt to the password hashing process?

  • to decrease password complexity
  • to increase the length of a password
  • to make hashed passwords deterministic
  • to create a unique hash for every password

Explanation: Because of the deterministic nature of the hash function, hashed passwords are not unique. The same password always produces the same hash even if the password is created by different users. The salting process adds random data to the input of the hash function to guarantee a unique, nondeterministic output.

7. Match the CI/CD software development philosophy with a description.

DevNet Associate (Version 1.0) - Practice Final Exam Answers 1

8. What is an operational characteristic of the local version control system?

  • It locks a file once it is checked out by a user to prevent modification by others.
  • It pushes a working copy of a file to a main repository after individuals have made changes.
  • It allows multiple individuals to edit a working copy of a file at the same time.
  • It stores a delta of two versions of a file as opposed to the file itself.

Explanation: There are three types of version control systems:

  • Local version control system
  • Centralized version control system
  • Distributed version control system

The local version control system stores the delta between the two versions of the file, as opposed to the file itself. When the user wants to revert to the previous version of the file, the delta is reversed to get to the requested version.

9. An organization is using the Waterfall methodology for a software development project. In what order are the SDLC phases completed when using this method?

  • requirements and analysis, design, testing, implementation, deployment, maintenance
  • requirements and analysis, design, implementation, testing, deployment, maintenance
  • requirements and analysis, design, implementation, deployment, testing, maintenance
  • requirements and analysis, design, deployment, testing, implementation, maintenance

Explanation: The Software Development Life Cycle (SDLC) is the process of developing software from concept to final product. The process consists of six phases, with each phase using the results of the previous phase as input. The phases are ordered as follows: (1) requirements & analysis, (2) design, (3) implementation, (4) testing, (5) deployment, and (6) maintenance.

10. In which phase of the SDLC process does the product development team gather feedback from the potential customer on the desired features for the new software?

  • design
  • deployment
  • implementation
  • requirements and analysis

Explanation: The first phase of the SDLC is the requirements and analysis phase. In this phase the product owner and qualified team members, using feedback from potential customers, gather the requirements for the software to be built.

11. Which Git command is used to get an initial copy on an existing Git repository for the first time?

  • git add
  • git copy
  • git clone
  • git repo

Explanation: The command that you would use for the first copy of an existing Git repository is git clone .

12. Refer to the exhibit. Which message format is being used?

DevNet Associate (Version 1.0) - Practice Final Exam Answers 2

  • JSON
  • HTML
  • YAML
  • XML

Explanation: JSON objects are unordered sets of name/value pairs that begin and end with curly braces { }.

13. A student is learning Python using the interactive interpreter mode. The student issues these commands:

>>> class Url():
...          def __init__(self, host, prot):
...                self.host = host
...                self.prot = prot
...                self.url = self.prot + "://" + self.host
...
>>>

Which type of Python structure is created?

  • a method
  • a class
  • a function
  • a module

Explanation: In Python, classes are a means of bundling data storage and functionality in a single structure. Each class declaration defines a new object type. A class is defined with the class Class_Name() command.

14. Match the Git stage with a description.

DevNet Associate (Version 1.0) - Practice Final Exam Answers 3

15. How does YAML maintain data-structure hierarchy?

  • braces
  • brackets
  • parenthesis
  • indentation

Explanation: In YAML the data-structure hierarchy is maintained by outline indentation.

16. Which SDLC phase concludes with a high quality, bug-free, working piece of software that is ready for production?

  • design
  • deployment
  • implementation
  • testing

Explanation: There are six phases in the SDLC process.

  • Requirements & analysis : The product owner and qualified team members gather the requirements for the software to be built.
  • Design: Software architects and developers design the software based on the provided software requirement specification document.
  • Implementation : Developers take the design documentation and develop the code according to that design.
  • Testing : Test engineers take the code and install it into the testing environment so that they can follow the test plan.
  • Deployment : The software is installed into the production environment.
  • Maintenance : The development team provides support for customers and works on software improvements.

     

17. Match the SDLC phase with its description. (Not all options are used.)

DevNet Associate (Version 1.0) - Practice Final Exam Answers 4

18. Which terminal command can be used to print the Python version number installed on a system?

  • python -h
  • python -i
  • python -V
  • which python

Explanation: The command python -V can be used from a command or terminal window to view the Python version installed on the system.

19. What are three platforms that the Firepower Management Center can run on in the overall architecture of a large enterprise? (Choose three.)

  • on every router
  • on a wide range of Cisco devices
  • in the Secure Operations Center (SOC)
  • on VMWare VSphere
  • in an availability zone
  • on Amazon Web Services (AWS)

Explanation: Firepower Management Center can run on VMware vSphere or Amazon Web Services (AWS). It can also run on a range of physical devices including the Cisco FMC series.

20. Which two types of APIs are supported by Cisco Finesse? (Choose two.)

  • AXL
  • REST
  • JavaScript
  • SOAP
  • Python SDK

Explanation: Cisco Finesse has REST APIs and JavaScript APIs that can be used to build fully customized agent desktops, integrate contact center functionality into applications, and integrate applications into the Finesse agent and supervisor desktop.

21. An engineer is learning how to enable RESTful API access for the Cisco Meraki Dashboard. What is the first step that must be taken in order to use API calls with the Meraki enterprise cloud-managed networking infrastructure service?

  • The Meraki Dashboard API must first be enabled under Organizations > Settings within the GUI.
  • Each cloud-managed organization must specify API access and allow the Meraki Dashboard administrator to employ site-specific APIs.
  • The engineer must first generate an API key by going to the My Profile page within the GUI.
  • A GET request must be created and include header parameters including authentication credentials and the Meraki API URL.

Explanation: In order to provide API access for an organization, API access must first be enabled within the GUI, under Organization > Settings .
After the API is enabled, an API key must be generated within the My Profile page.

22. What does the Intersight REST API enable an application developer to access?

  • JavaScript Object Notation
  • Management Information Model
  • IETF Interface
  • Universal Resource Locator

Explanation: The Intersight REST API enables a user to access the Management Information Model. The Intersight API accepts and returns messages that are encapsulated through JavaScript Object Notation (JSON) documents and uses HTTP over TLS as the transport protocol.

23. A student in the DevNet class is learning SDKS and APIS. What is the difference between an API and an SDK?

  • An API is essentially a documented set of URIs, whereas an SDK is a package integrated with code examples and libraries.
  • An API contains the components that have been created for a specific purpose, whereas an SDK is commonly an interface for a service.
  • An API is a tool box that contains multiple SDKs, whereas each SDK allows the creation of software for a specific hardware platform.
  • An API is a software development tool for developing applications, whereas an SDK is a set of protocols for building application software.

Explanation: Most SDKs are packages that require installation and are integrated with libraries, documents, and code examples. APIs are essentially a documented set of URIs that act as an interface for a service.

24. Which modeling language is most commonly used for data modeling?

  • Python
  • YAML
  • YANG
  • SQL

Explanation: YANG, an acronym for Yet Another Next Generation, is a data modeling language used to model configuration and state data manipulated by the Network Configuration Protocol (NETCONF), NETCONF remote procedure calls, and NETCONF notifications.

25. Match the description to the corresponding layer of the OSI model. (Not all options are used.)

DevNet Associate (Version 1.0) - DevNet Associate 1.0 Practice Final exam

DevNet Associate (Version 1.0) – DevNet Associate 1.0 Practice Final exam

Explanation: Place the options in the following order:

Application
Includes protocols that provide specific functionality to a variety of end user applications.
Provides the interface between applications and the underlying network.

Presentation
Compresses the data in a way that can be decompressed by the destination device.
Ensures that data from the source device can be interpreted by the appropriate application on the destination device.

Session
Restarts dialogs between source and destination applications when they are disrupted.
Handles the exchange of information to initiate dialogs between source and destination applications.

26. Which field in an 802.1Q Ethernet frame is used by switches to identify VLAN membership of the frame?

  • Tag
  • Data
  • FCS
  • Preamble

Explanation: The 12-bit VLAN identifier is part of the 4-byte Tag field of an 802.1Q Ethernet frame.

27. Which two statements are correct if a configured NTP master on a network cannot reach any clock with a lower stratum number? (Choose two.)

  • The NTP master will lower its stratum number.
  • The NTP master will be the clock with 1 as its stratum number.
  • Other systems will be willing to synchronize to that master using NTP.
  • The NTP master will claim to be synchronized at the configured stratum number.
  • An NTP server with a higher stratum number will become the master.

Explanation: If the network NTP master cannot reach any clock with a lower stratum number, the system will claim to be synchronized at the configured stratum number, and other systems will be willing to synchronize to it using NTP.

28. What are three parts of an IPv6 global unicast address? (Choose three.)

  • a global routing prefix that is used to identify the network portion of the address that has been provided by an ISP
  • a global routing prefix that is used to identify the portion of the network address provided by a local administrator
  • an interface ID that is used to identify the local network for a particular host
  • an interface ID that is used to identify the local host on the network
  • a subnet ID that is used to identify networks inside of the local enterprise site

Explanation: There are three elements that make up an IPv6 global unicast address. A global routing prefix which is provided by an ISP, a subnet ID which is determined by the organization, and an interface ID which uniquely identifies the interface interface of a host.

29. Match the IPv6 address to the IPv6 address type. (Not all options are used.)

DevNet Associate (Version 1.0) - Practice Final Exam Answers 5

30. What attribute of a NIC would place it at the data link layer of the OSI model?

  • IP address
  • RJ-45 port
  • attached Ethernet cable
  • MAC address
  • TCP/IP protocol stack

Explanation: The data link layer describes media access and physical addressing. The encoding of a MAC address on a NIC places it at that layer. Ports and cables are placed at the physical layer of the OSI model. IP addresses are placed at the network layer. The TCP/IP protocol stack describes a different model.

31. Match the firewall function to the type of threat protection it provides to the network. (Not all options are used.)

DevNet Associate (Version 1.0) - Practice Final Exam Answers 6

  • packet filtering – prevents access based on IP or MAC address
  • URL filtering – prevents access to websites
  • network address translator – (none)
  • stateful packet inspection – prevents unsolicited incoming sessions
  • application filtering – prevents access by port number

Explanation: Firewall products come packaged in various forms. These products use different techniques for determining what will be permitted or denied access to a network. They include the following:

+ Packet filtering – Prevents or allows access based on IP or MAC addresses
+ Application filtering – Prevents or allows access by specific application types based on port numbers
+ URL filtering – Prevents or allows access to websites based on specific URLs or keywords
+ Stateful packet inspection (SPI) – Incoming packets must be legitimate responses to requests from internal hosts. Unsolicited packets are blocked unless permitted specifically. SPI can also include the capability to recognize and filter out specific types of attacks, such as denial of service (DoS)

32. Which protocol automates assignment of IP addresses on a network, and which port number does it use? (Choose two.)

  • DHCP
  • DNS
  • SMB
  • 53
  • 67
  • 80

Explanation: DNS uses port 53 and translates URLs to IP addresses. SMB provides shared access to files and printers and uses port 445. Port 80 is used by HTTP. HTTP is a protocol used to communicate between a web browser and a server.

33. What are the two types of DevNet Sandboxes? (Choose two.)

  • assigned
  • always-on
  • reserved
  • intermal-use only
  • exclusive

Explanation: The two types of DevNet Sandboxes include always-on and reserved. An “always-on” sandbox is available to anyone and typically provides read-only access. A reserved Cisco DevNet Sandbox has shared resources with a quota setting and uses a VPN connection so that traffic to and from the sandbox and development environment is protected.

34. Which fee-based Cisco DevNet developer support option provides a response time of 1 business day?

  • knowledge base
  • chat with DevNet
  • case-based ticket
  • community forum

Explanation: Case-based tickets provide 1-on-1 support for certain Cisco APIs. The response time is commonly 1 business day and the cost varies based on the amount of case-based tickets purchased.

35. When working with both a live production environment and testing code in a shared developer sandbox, what are two important rules to follow? (Choose two.)

  • Never request assistance or share information in community or public environments.
  • Never use publicly posted tokens or credentials in a production environment.
  • Never provide any identifying information in community or public environments.
  • Never use a customized token in the sandbox, but instead use personal tokens that currently exist.
  • Never use any personal tokens in the sandbox, but instead use a customized token for development.

Explanation: When working in a leaming environment or community-based environment, remember never to use any personal tokens or credentials in the sandbox. Also, do not use tokens or credentials provided in a course or online community in a production environment. It is important to be protective of tokens, passwords, and other identifying information in development environments.

36. Which DevNet resource would a student use to learn how to make REST API requests?

  • DevNet Learning Labs
  • DevNet Sandbox
  • Code Exchange
  • DevNet Support

Explanation: DevNet provides a catalog of free, self-paced online tutorials called Learning Labs.

37. Which two forums are available on the Cisco Developer Community? (Choose two.)

  • Developer Automation
  • Developer Networking
  • Developer Coding
  • Developer Support
  • Developer Security

Explanation: There are a total of ten developer forums on the Cisco Developer Community:

Developer Networking
Developer Collaboration
Developer Security
Developer Data Center
Developer Intemet of Things
Developer Cloud
Developer Services
Developer Mobility
Developer Analytics and Automation Software
Developer DevNet Site

38. What are two benefits of using automation for IT infrastructure? (Choose two.)

  • increased implementation of specific opinionated companion components
  • increased speed in the deployment of technologies and products
  • reduced user requisition requests for on-demand infrastructure
  • reduced risk while working at scale
  • reduced need for IT personnel and operations staff

Explanation: There are commonly three benefits of infrastructure automation:
Speed
Repeatability
The ability to work at scale, with reduced risk

39. Which component is required by both Puppet and Chef to be run on hosts?

  • agents that query a server to determine their desired state, then converge upon it
  • cron jobs that access a server to randomize access times to prevent server overload
  • IPtables that enable masquerade tunneling
  • certificates for authentication and encryption

Explanation: Puppet and Chef both require the use of an agent, which is used to reterieve information and make desired changes.

40. What are two processes that can be used to execute remote scripts securely? (Choose two.)

  • pipe scripts to a remote machine using cat | telnet and execute them in sequence with other commands, capturing and returning results to a local terminal
  • access the built-in rexec command within Bash, target the IP address of the remote machine, and execute the Bash command
  • store scripts locally, transmit them to a target machine with scp , log into the remote machine via ssh, and execute the scripts
  • store scripts on a webserver, log into the remote machine, and retrieve the scripts using wget via HTTP
  • store scripts in a Git repository, install git on the remote machine, clone the repo, check out a branch, and execute the scripts

Explanation: There are many ways to configure remote systems using scripts. However, scripts should be delivered to a remote system through the use of secured protocols or services or both.

41. What is an example of an SLI?

  • All services provided include data integrity and security and comply with local regulations about where and how data is stored.
  • 95% of requests will be served within 75 milliseconds.
  • All applications being provided will offer a good-enough experience to the user base.
  • 100% availability will be maintained for any services provided.

Explanation: A Service Level Indicator or SLI is a real-world benchmark metric used to determine Service-Level Objectives (SLOs).

42. Which component of a software-defined infrastructure provides available cloud resources within hours or minutes of needing them?

  • repeatability
  • observability
  • self-service
  • platform abstraction

Explanation: Self-service or “platforms on demand” speeds up all phases of development by using cloud resources that can be available within hours or minutes of needing them.


43. A user is working on Ansible on the local NMS to manage remote network devices. The user issues the ansible webservers -m ping command to test the communication. What is the parameter ping in the command?

  • a function
  • a class
  • a module
  • a method

Explanation: In the ansible webservers -m ping command, the parameter ping is an Ansible module invoked by the switch -m

44. A network operator is testing a network management application that uses REST API to communicate with network devices. The operator received an HTTP response code 403 in a test step. What does this response code indicate?

  • Client has not authenticated to access the site or API call.
  • The page at HTTP URL location does not exist or is hidden.
  • Request failed due to a client-side issue.
  • Access is not granted based on supplied credentials.

Explanation: Most common HTTP status codes include:

200 – OK (using GET or POST to exchange data with an API successfully)
201 – Created (creating resources by using a REST API call successfully)
400 – Bad Request (The request from the client is failed due to client-side issue.)
401 – Unauthorized (The client is not authenticated to access site or API call.)
403 – Forbidden (The access request is not granted based on the supplied credentials.)
404 – Not Found (The page requested at HTTP URL location does not exist or is hidden.)

45. Which three characteristics are associated with the SOAP architecture? (Choose three.)

  • stateless
  • neutral
  • extensible
  • layered system
  • independent
  • uniform interface

Explanation: SOAP architecture has three characteristics:
Independent – different applications can communicate with one another
Extensible – extensions can be added to SOAP because it is an application of XML
Neutral – SOAP can use a variety of protocols including HTTP, SMTP, TCP, UDP, or JMS

46. A client is using an API key to authenticate and access resources on a website through a REST API. The string in the API request is GET http://example.com:8080/v1/books?API_KEY= < key >. Which component in the API request is used to provide this string?

  • cookie
  • query string
  • header
  • body data

Explanation: A REST API request can provide an API key in a few different ways including query string, header, body data, and cookie. In this case, the API key is provided through the query string that is preceded with a symbol ? .

47. Refer to the exhibit. A student is learning network automation with Python and REST API. The student constructs a small Python script to get information from a local network device. The device is a sandbox located inside the college lab and it is using a self-signed SSL certificate. Which parameter is needed in the Python code (in place of the question mark) to skip the SSL verification?

DevNet Associate (Version 1.0) - Practice Final Exam Answers 7

  • verify = True
  • verify = False
  • verify = NO
  • verify = YES

Explanation: When the protocol used within the URI is HTTPS, the connection will perform an SSL handshake between the client and the server for secure authentication. This handshake needs to be successful before the REST API request is even sent to the API server. However, because the SSL is self-signed, it would not pass the SSL verification with a CA. In the case of learning and practicing on a local resource, the SSL verification can be turned off by the “verify = False” parameter.

48. What are two features of REST APIs? (Choose two.)

  • They communicate over HTTP.
  • They follow the Representational State Transfer principles.
  • Requests always contain data.
  • Responses are always in JSON format.
  • They maintain session states in communications.

Explanation: REST APIs are the short name for Representational State Transfer Webservice APIs. They follow the REST architectural style and communicate over HTTP. REST API requests and responses can use many different data formats; it is not mandatory to use JSON. It is also not mandatory for requests or responses to contain data. Data is provided when applicable. Communication using REST APIs is stateless.

49. What are two advantages of using an APl rate limit? (Choose two.)

  • It protects against a DoS attack.
  • It reduces the amount of overhead within the API request.
  • It allows requests to be processed in a prioritized manner.
  • It supports token passing so tha each client gets a turn.
  • It provides better quality of service and response time.

Explanation: An API rate limit allows a web service to control the number of requests made in a defined amount of time and is a best practice to use for public and unrestricted APIS. Benefits of using rate limits include the following:

Avoids a server overload from too many requests at once
Provides better service and response time to all users
Protects against a denial of service (DoS) attack

50. Which three authentication mechanisms are used in REST APIs? (Choose three.)

  • basic authentication
  • OAuth
  • open authentication
  • API Key
  • bearer authentication
  • SSO

Explanation: For security reasons, most REST APIs require authentication to prevent random users from being able to create, update, or delete information incorrectly or maliciously. Basic Authentication, Bearer Authentication, and API Key are authentication mechanisms used by REST APIs. OAuth is an authorization mechanism

51. What are two advantages of using an API rate limit? (Choose two.)

  • It reduces the amount of overhead within the API request.
  • It protects against a DoS attack.
  • It allows requests to be processed in a prioritized manner.
  • It provides better quality of service and response time.
  • It supports token passing so that each client gets a turn.

Explanation: An API rate limit allows a web service to control the number of requests made in a defined amount of time and is a best practice to use for public and unrestricted APIs. Benefits of using rate limits include the following:
Avoids a server overload from too many requests at once
Provides better service and response time to all users
Protects against a denial of service (DoS) attack

52. What are three characteristics of containers on a host server? (Choose three.)

  • They all share the same OS.
  • They are isolated from each other.
  • They leverage the kernel of the host OS for a quick start.
  • They include a guest OS.
  • They virtualize a physical server.
  • They are resource intensive and require several minutes to start.

Explanation: A container is an isolated environment where containerized applications run. It contains the application and all dependencies needed for the application to run. The containers on a physical server all share the same OS, are isolated from each other, and leverage the kernel of the host operating system to allow for quick starts.

53. Which two statements accurately describe an advantage or a disadvantage when deploying NAT for IPv4 in a network? (Choose two.)

  • NAT adds authentication capability to IPv4.
  • NAT introduces problems for some applications that require end-to-end connectivity.
  • NAT will impact negatively on switch performance.
  • NAT provides a solution to slow down the IPv4 address depletion.
  • NAT improves packet handling.
  • NAT causes routing tables to include more information.

Explanation: Network Address Translation (NAT) is a technology that is implemented within IPv4 networks. One application of NAT is to use private IP addresses inside a network and use NAT to share a few public IP addresses for many internal hosts. In this way it provides a solution to slow down the IPv4 address depletion. However, since NAT hides the actual IP addresses that are used by end devices, it may cause problems for some applications that require end-to-end connectivity.

54. What is one function of a Layer 2 switch?

  • forwards data based on logical addressing
  • duplicates the electrical signal of each frame to every port
  • learns the port assigned to a host by examining the destination MAC address
  • determines which interface is used to forward a frame based on the destination MAC address

Explanation: A switch builds a MAC address table of MAC addresses and associated port numbers by examining the source MAC address found in inbound frames. To forward a frame onward, the switch examines the destination MAC address, looks in the MAC address for a port number associated with that destination MAC address, and sends it to the specific port. If the destination MAC address is not in the table, the switch forwards the frame out all ports except the inbound port that originated the frame.

55. What is the purpose of the subnet mask in conjunction with an IP address?

  • to uniquely identify a host on a network
  • to identify whether the address is public or private
  • to determine the subnet to which the host belongs
  • to mask the IP address to outsiders

Explanation: With the IPv4 address, a subnet mask is also necessary. A subnet mask is a special type of IPv4 address that coupled with the IP address determines the subnet of which the device is a member.

56. Which type of threat defense is provided by Cisco Umbrella?

  • blocking requests to malicious Internet destinations
  • monitoring and analyzing network traffic for potential network intrusion attacks
  • identifying and blocking zero-day threats that manage to infiltrate the network
  • blocking hidden malware from both suspicious and legitimate websites

Explanation: Cisco Umbrella serves as a first line of defense for an organization by blocking requests to malicious internet destinations.

57. What are two features of the formal code review? (Choose two.)

  • For a quicker turnaround, it involves only one reviewer
  • It involves the developer going through code with the reviewer line-by-line.
  • It promotes discussion among all of the reviewers.
  • It allows the developer to make changes on the spot.
  • It involves a review of the entire code base in a series of meetings.

Explanation: In a formal code review, developers have a series of meetings to review the whole codebase and go over the code line by line, discussing each one in detail. The formal code review process promotes discussion among all of the reviewers.

58. What is immutable infrastructure in DevOps?

  • infrastructure that is deployed with all component versions locked except for the ability to perform manual configuration changes
  • infrastructure that is only deployed and maintained in containers
  • infrastructure that is entirely maintained and deployed in code and never subjected to manual changes
  • virtualized infrastructure that is deployed as golden images

59. What is a benefit of using a bare metal deployment solution?

  • increased processor and memory resource flexibility
  • direct access to hardware resources for increased efficiency
  • enhanced security
  • addition of an extra layer of abstraction

60. What are two characteristics of containers that are running on the same host server? (Choose two.)

  • They all share the same host operating system.
  • They are isolated from each other.
  • They each include a guest operating system.
  • They each virtualize a different physical server.
  • They are resource intensive and require several minutes to start.

62. What type of attack is being attempted if code similar to this is entered in the login field on a web site?
SELECT REPLACE (User_Name, ‘administrator’, ‘hacker’) Userlist FROM Credentials;

  • DoS
  • zero day
  • brute force
  • SQL injection

Explanation: This item is based on information contained in the presentation.
A DoS (denial of service) attack prevents users from accessing network resources. A brute force attack attempts to guess the password of an account. A zero day attack is the first occurrence of a previously unknown virus or other malware.

63. A user is testing an application by sending requests to gather information from a network device through a REST API. The user reviews the API responses and notices an HTTP header string of “Cache-Control: max-age=3600, public”. Which two statements describe the HTTP directive? (Choose two.)

  • The response can be saved in cache and the cached content is open to public access.
  • The client web browser can save the response in the cache and it will expire in an hour.
  • Only responses to requests with the HTTP protocol can be cached.
  • The response may be stored by any cache, even if the response is normally noncacheable.
  • The response can be saved in cache and the information must be refreshed after 60 minutes

Explanation: The HTTP header string is a cache control directive that indicates that (1) the response content can be saved by any cache and (2) the cached content will expire in 3600 seconds unless it gets refreshed before it expires.

64. What is Bash?

  • a web application framework written in Python
  • a code injection technique used to attack data-driven applications
  • a Linux script engine that allows commands to be entered on the command line
  • a philosophy for software deployment that figures prominently in the field of DevOps

Explanation: Bash is the name of the default script engine that lets you do things from the command line. It is the default shell for most Linux distributions.

65. Match the principles in the uniform interface constraint of the REST to the description. (Not all options are used.)
DevNet Associate (Version 1.0) - Practice Final Exam Answers 8

  • manipulation of resources through representations: The client receives a representation of the resource from the server that must contain enough data for the client to handle the resource.
  • hypermedia as the engine of application state: The server must include additional actions and resources available for the client to access supplemental information about the resource.
  • independence of client and server: (Not use)
  • notification of cache capability: (Not use)
  • self-descriptive messages: Each message must contain all the information for the recipient to process.
  • identification of resources: A resource must be identified in the request as the individual object.

67. What is a philosophy associated with the test-driven development process?

  • Application code is developed at a slower pace to allow for repetitive testing.
  • Application code should be written before validating system design and tested for functionality as needed.
  • More than enough code is written to support the application.
  • Failures are expected to occur in order to limit the application code to only what is needed to pass the test.

Explanation: With the Test-Driven Development process, testing code is written before application code. The application code is then created with the single purpose of being able to barely pass the testing code.

68. What process would need to be taken to extract information from XML and convert it into a form that Python could access conveniently?

  • decoding
  • parsing
  • encoding
  • serializing

Explanation: Parsing is the process of analyzing a message, separating it into component parts, and understanding the purpose of it in context.

69. What is the outcome of performing a Git merge between two branches?

  • The changes/commits located within both the source branch and target branch are modified to cause the branches to converge.
  • The changes/commits of files within the target branch are analyzed against the changes/commits located within the source branch using a generic comparison tool.
  • The changes/commits located within the target branch are modified to mirror the changes/commits stored within the source branch.
  • The changes/commits located within the source branch are modified to mirror the changes/commits stored within the target branch.

70. In which situation would a router be used?

  • when performing a formal code review
  • when testing an app on a cloud-based server
  • when developing an app on a private server located on the same network as the development team
  • when authenticating to a REST API service on the local host

71. A network app developer has configured an app to use a particular DNS server in order to test the application against a test database. The developer suspects a DNS issue. Which command could be used to verify a particular domain name?

  • sudo puppet agent -t
  • nslookup
  • ifconfig
  • ssh -p 53

Explanation: The nslookup command is used to obtain an IP address for a specific domain name by querying a DNS server. The desired domain name follows the command and optionally the IP address of a particular DNS server.

72. A user makes some REST API calls to a server and the responses from the server include third-party executable code. The user notices that the responses do not work. Which network device may prevent the third-party code from execution?

  • proxy server
  • reverse proxy server
  • Layer 3 switch
  • firewall

73. What are two reasons a VLAN would be used on a Layer 2 switch? (Choose two.)

  • to create separate broadcast domains on a switch
  • to filter network traffic based on protocol port numbers
  • to allow a router to broadcast traffic between two networks
  • to allow multiple networks to be created at Layer 2
  • to allow traffic to be sent between two networks

Explanation: A virtual local-area network (VLAN) is a separate Layer 2 network that has its own broadcast domain. A Layer 3 device such as a router or multilayer switch is required to communicate between VLANs.

74. A user is testing an application by sending requests to gather information from a network device through a REST API. The user expects a very large amount of data to be returned. The user requests that the network device sends the data back with the compression algorithm of gzip. What response header string would indicate that the return data is compressed as requested?

  • Accept-Encoding: compress
  • Accept-Encoding: gzip
  • Content-Encoding: compress; gzip
  • Content-Encoding: gzip

Explanation: If a large amount of return data is expected, the client can request that the return data be compressed with a specific compression algorithm. To request a data compression, the request must add the Accept-Encoding field to the API request header. For example, a header string of “Accept-Encoding: gzip” tells the server to compress the return data using the gzip algorithm. If the server fulfills the compression, it will send the response back with the compressed data and add the Content-Encoding field to the response header. The value of the Content-Encoding is the type of compression that was used.

75. Match the protocol to the description. (Not all options are used.)
DevNet Associate (Version 1.0) - Practice Final Exam Answers 9

  • resolves a host name to an IP address –> DNS
  • facilitates network and device monitoring –> SNMP
  • extends the lifetime of IPv4 addresses –> NAT
  • provides IP address configuration information –> DHCP
  • provides accurate clock-related information –> NTP

76. Refer to the exhibit. Match the Python coding components to the location. (Not all options are used.)
DevNet Associate (Version 1.0) - Practice Final Exam Answers 10
Answers:
DevNet Associate (Version 1.0) - Practice Final Exam Answers 11

  • A = Authorization
  • B = Content-Type
  • C = application/json
  • D = max
  • E = 100
  • F = url
  • G = headers=headers

77. Refer to the exhibit. Match the items needed in the Python script. (Not all options are used.)
DevNet Associate (Version 1.0) - Practice Final Exam Answers 12
DevNet Associate (Version 1.0) - Practice Final Exam Answers 13

import requests
“Item A”
api_url = “http://localhost:58000/api/v1/ticket”
headers = {
   “content-type”: “application/json”
   }

Body = {
“Item B”
}

resp = requests.post(api_url, json.dumps(body), headers=headers, verify=False)

print(“Ticket request status: “,”Item C”)
response1 = “Item D”

serviceTicket = response1[“response”][“Item E”]
print(“The service ticket number is: “, serviceTicket)

A : import json
B : “username”:”cisco”, “password”:”cisco123!”
C : resp.status_code
D : resp.json()
E : serviceTicket

78. A user is developing an application to remotely manage a network device through the API. The features of the API should support the client-server model, JSON or XML data format, and stateless operation. What is an API architecture style that the developer could use?

  • webhook
  • RPC
  • SOAP
  • REST

Explanation: RPC, SOAP, and REST are the three most popular types of API architectural styles. They all support the client-server model. RPC and REST can use XML or JSON. SOAP uses XML. REST requires that the communication between the client and the server remains stateless.

79. Which two statements describe the characteristics of the model-driven programmability implemented on Cisco IOS XE? (Choose two.)

  • The configuration command ip http secure-server is required to enable RESTCONF over port 443.
  • Both NETCONF and RESTCONF support running and candidate data stores.
  • RESTCONF is enabled by the configuration command restconf enable .
  • NETCONF connections should be authenticated using AAA credentials.
  • NETCONF connections require that a VPN link be established first.

Explanation: Cisco IOS XE is the next-generation programmable platform. Both NETCONF and RESTCONF are supported. Their connections should be authenticated using AAA credentials. RESTCONF runs over HTTPS which is enabled by the command ip http secure-server . The CLI command to enable RESTCONF is simply restconf . NETCONF uses SSH as a transport. NETCONF supports both running and candidate data stores, whereas RESTCONF supports only a running datastore.

80. A student is learning network automation using the DevNet site. Which DevNet resource allows users to search and share their programming skills and experiences?

  • Code Exchange
  • Sandbox
  • Learning Labs
  • Automation Exchange

Explanation: DevNet provides ways for community members to share with each other. These are called Exchanges. In the Code Exchange site, users can submit a repository that they have found useful for any technology area. Users can search for any keyword in the repository and get a list of results.

81. A network administrator is evaluating Cisco UCS Manager products to deploy centralized management for the data center. The data center has about 500 physical servers. Which product should the administrator choose?

  • UCS Central (UCSC)
  • Unified Communications Manager (CUCM)
  • UCS Manager (UCSM)
  • Integrated Management Controller (CIMC)

Explanation: The Cisco UCS Manager products provide scalability by integrating many components of a data center. The different management products directly relate to the number of servers being managed:

  • Cisco Integrated Management Controller (CIMC) can manage a single physical server.
  • Cisco UCS Manager (UCSM) can manage up to 160 physical servers.
  • Cisco UCS Central (UCSC) can manage up to 10,000 physical servers.

 

82. Which REST API supported by Cisco Unified Communications Manager is designed to enable end users to update and configure personal settings.?

  • UDS API
  • UC Manager Serviceability API
  • Telephony API
  • AXL API

Explanation: User Data Services (UDS) is a REST-based API that provides a mechanism for inserting, retrieving, updating, and removing data from the Unified Communication configuration database. The UDS API is designed to enable end users to update and configure personal settings.

83. What is the outcome of performing a Git merge between two branches?

  • The changes/commits located within both the source branch and target branch are modified to cause the branches to converge.
  • The changes/commits located within the source branch are modified to mirror the changes/commits stored within the target branch.
  • The changes/commits located within the target branch are modified to mirror the changes/commits stored within the source branch.
  • The changes/commits of files within the target branch are analyzed against the changes/commits located within the source branch using a generic comparison tool.

Explanation: When a Git merge is performed, the source branch is untouched and only the target branch is modified.

85. What are two benefits of using a distributed version control system compared to other version control systems? (Choose two.)

  • Every user has the ability to work on any file at any time.
  • An offline user is not required to make a copy of an important file before editing it further.
  • A simple database is used to store the delta between the versions of a single file.
  • A corrupt repository can be restored from any client system.
  • A single user can lock a file to prevent other users from modifying it until the single user is done editing it.

Explanation: The distributed version control system is a peer-to-peer model that clones the full repository to client systems and allows every individual to work on any file, even at the same time.

86. Match the Meraki APIs for integration to the description. (Not all options are used.)
DevNet Associate (Version 1.0) - Practice Final Exam Answers 14

  • Dashboard API: a RESTful service for device provisioning, management, and monitoring
  • Location Streaming API: an HTTP POST method providing Wi-Fi and Bluetooth client location information
  • Webhook API: a real-time notification system for network alerts, covering events and network health
  • External Captive Portal (EXCAP) API: an API that enables an organization to build out custom engagement models at Wi-Fi access points
  • MV Sense API: a combination of REST APIs and realtime MQTT stream supporting oversight of a physical space

87. What two components form the Python-based network device test and validation solution of pyATS?

  • Python and VIRL
  • Python and Genie
  • Python and Puppet
  • Python and Ansible

Explanation: PyATS uses Python for low-level code, but relies on Genie, a higher-level library system, in order to interact with network devices and perform testing.

89. Match the Cisco NSO component to the description.
DevNet Associate (Version 1.0) - Practice Final Exam Answers 15

  • Service Manager: maintains device dependencies and provideds a service self start for triggering diagnostic tests
  • Device Manager: deploys configuration changes to multiple devices through the use of distributed transactions
  • Configuration Database: provides an internal API for locating network element configurations and automatic support for upgrade and downgrade of configuration data

90. What are two symptoms that DNS is an issue when developing and testing network scripts? (Choose two.)

  • no connection between the app and a remote server
  • host IP address showing 169.x.x.x
  • 403 error code
  • authentication failure
  • 1XX status code

Explanation: Name resolution issues often manifest as lost network connectivity and authentication failures between a network app and a remote server. Common problems include defining the correct DNS server, a missing or incorrect DNS entry, an incorrect hostname, or a configuration issue on the DNS server being used.

91. Refer to the exhibit. A company uses three servers to support a new network app. The network administrator is looking to include a load balancer as part of the network design to improve the performance of the application response. Where should the load balancer be installed?

DevNet Associate (Version 1.0) - Practice Final Exam Answers 16

  • attached to the same switch as the servers
  • between the host and the cloud
  • between the servers and storage
  • within the cloud

Explanation: Because server load balancing distributes server requests across multiple servers, the load balancer should be attached to the same switch that the servers are on.

92. What are two functions of MAC addresses in a LAN? (Choose two.)

  • to indicate the best path between separate networks
  • to determine which host has priority to transfer data
  • to associate with a specific network IP address
  • to uniquely identify a node on a network
  • to allow the transfer of frames from source to destination

Explanation: All Ethernet network devices have a unique Media Access Control (MAC) address that is burned into the network interface card (NIC). The MAC address is used to direct data from a particular device to a specific network destination.

93. What is a benefit to an organization of implementing edge computing?

  • minimizes high levels of data transfer across the network
  • provides low latency and increased bandwidth for remote IoT devices
  • consolidates compute resources into a single cloud
  • allows all compute resources to be centralized in the data center

Explanation: The term edge computing refers to the practice of placing computing resources as close to the actual sources of data as possible. Deploying computer resources at the edge, can help to avoid high levels of data transfer across the network for performance or security purposes.

94. Refer to the exhibit. A student is learning network automation by using an API. The student constructs a Python file to communicate with a Webex Teams server. Which two statements describe characteristics of the script? (Choose two.)
DevNet Associate (Version 1.0) - Practice Final Exam Answers 17

  • It is used to obtain an access token from the server.
  • It loads two modules from a Cisco SDK.
  • It is used to retrieve the email addresses associated with the student.
  • The term people in the script is a class object.
  • The access token is set with a WEBEX_TEAMS_ACCESS_TOKEN environment variable.

95. Which situation illustrates the use of a webhook application

  • A user sends a REST API call to a webhook server to poll a predefined data set.
  • Triggered by the operation of a user, a mobile application sends a REST API request to get information from a webhook server.
  • A network automation application queries a router to get CPU and memory usage over a period of time.
  • A developer subscribes to a webhook server for an application so that the application will receive a notification when an event occurs.

Explanation: A webhook is an HTTP callback, or an HTTP POST, to a specified URL that notifies a registered application when an activity or event has occurred in one of the resources on the platform. Webhooks enable applications to get real-time data. With webhooks, applications are more efficient because they no longer need to have a polling mechanism.

96. Refer to the exhibit. A user is working on Ansible on the local NMS to manage remote network devices. Which file is the user creating?
DevNet Associate (Version 1.0) - Practice Final Exam Answers 18

  • service
  • playbook
  • variable
  • hosts

Explanation: Ansible uses an inventory file called hosts that contains device information used by Ansible playbooks. The hosts file begins with an alias for the remote. After the alias, the hosts file specifies three variables that will be used by the Ansible playbook to access the device. These are the SSH credentials Ansible needs to securely access the remote host.

97. Refer to the exhibit. A student is learning Python in the interpret mode. The student enters Python statements and after a while, an error message returns. What is a possible cause for the error?
DevNet Associate (Version 1.0) - Practice Final Exam Answers 19

  • The student did not provide the authentication credentials.
  • The host domain name cannot be resolved.
  • The parameter of “verify = False” should be replaced with “verify = True”.
  • The resource on the host is not available.

Explanation: The error message indicates that the connection to the host cannot be established. The causes could be an internet connection issue, or the domain name of the host cannot be resolved by DNS servers because it is wrong.

98. The development team in the IT department has decided to implement CI/CD. What are three characteristics of this strategy? (Choose three.)

  • Strategies are used to limit the impact of a possible bad build to users.
  • CI/CD places a higher priority on satisfying the customer needs than does the development plan.
  • The integration and development process goes in one direction and can never go backwards.
  • It is modeled after the software development life cycle and is a more traditional implementation method.
  • The development process attempts to eliminate the problem of application merge conflicts.
  • Automation is part of the creation, verification, and deployment of software.

Explanation: Continuous Integration/Continuous Deployment (CI/CD) is a philosophy for software development that includes automation as part of the process. Continuous integration attempts to eliminate the problem of conflicts that occur when new or updated code is applied to the main application. Even though there is a potential of a bad build being deployed to the users, companies can limit that impact by using a deployment strategy such as a rolling upgrade, canary pipeline, or blue-green deployment.

99. What are two benefits of model-driven programmability in infrastructure automation? (Choose two.)

  • uses human-readable configuration language
  • leverages open-source technology
  • leverages code that is coupled with transport, protocol, and encoding
  • relies on the use of device-specific scripts
  • uses device-specific CLIs

Explanation: In summary, model-driven programmability does the following:

  • Provides configuration language that is human-readable
  • Is model-based, structured, and computer-friendly
  • Includes support for multiple model types, including native, OpenConfig, and IETF
  • Uses a specification that is decoupled from transport, protocol end encoding
  • Uses model-driven APIs for abstraction and simplification
  • Leverages open-source and enjoys wide support

 

100. How does Cisco VIRL benefit the testing and development of code and automation?

  • Cisco VIRL can duplicate the performance of SDN software components in optimal production conditions.
  • Cisco VIRL can duplicate the same code that runs inside actual Cisco products.
  • Cisco VIRL can duplicate the performance of elite hardware components in optimal production conditions.
  • Cisco VIRL can duplicate network simulations using a .virl file, which is a JSON file.

Explanation: Cisco VIRL is used to build network simulations and it can duplicate the same code that runs inside actual Cisco products. The native configuration format is called a.virl file, which is a human-readable YAML file.

101. Refer to the exhibit. Which portion of the RESTful request specifies the API that is being requested.

  • 4
  • 3
  • 2
  • 1

102. A user sends a request to add a loopback interface on a Cisco router through the REST API. Which response status code will the user expect to receive that indicates the request is fulfilled?

  • 200
  • 201
  • 202
  • 203

Explanation: With REST APIs, the response code 201 is with the status message of “Created”. It indicates that the request was fulfilled, and the requested resource was created.

103. Which two components of XML code are contained within the XML prologue? (Choose two.)

  • the character encoding
  • the XML namespaces
  • the tag name xml
  • the URNs
  • the instance objects

Explanation: The XML prologue is placed as the first line in an XML file and contains the tag name xml and attributes that provide the version and the character encoding.

Leave a Reply

Your email address will not be published. Required fields are marked *

Ads Blocker Image Powered by Code Help Pro

Ads Blocker Detected!!!

We have detected that you are using extensions to block ads. Please support us by disabling these ads blocker.

Translate »