4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.

1 Questions – Part 5

Type text to search here...

Home > All ENCOR v1.1 Questions – Part 5

All ENCOR v1.1 Questions – Part 5

September 17th, 2024 in ENCOR Quizzes Go to comments

Result of All ENCOR v1.1 Questions – Part 5:

Total Questions Full Score Passing Rate Your Score Correct Answer Percentage Elapsed
102 1200 90% 970 80.83% 00:54:23

Sorry!

You failed :( but surely you will do it better next time!

If you want to retake this quiz, please press Ctrl + F5 on Windows or press CMD + R on Mac.

Your answers are shown below:

Question 1

Refer to the exhibit.

line vty 0 4
exec-timeout 120 0
login local
line vty 5 15
exec-timeout 30 0
login local

An engineer must update the existing configuration to achieve these results:

– Only administrators from the 192.168.1.0/24 subnet can access the vty lines.
– Access to the vty lines using clear-text protocols is prohibited.

Which command set should be applied?

Option A Option B
access-list 1 permit 192.168.1.0 0.0.0.255 access-list 1 permit 192.168.1.0 0.0.0.255
line vty 0 15 line vty 0 15
access-class 1 in access-class 1 in
transport input ssh transport input none

Option C Option D
access-list 1 permit 192.168.1.0 255.255.255.0 access-list 1 permit 192.168.1.0 0.0.0.255
line vty 0 15 line vty 0 15
access-class 1 in access-class 1 in
transport input telnet rlogin transport input telnet ssh

A. Option A
B. Option B
C. Option C

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 1/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
D. Option D

Question 2

Which two management protocols can be used to modify a network device configuration by using YANG data models? (Choose
two)

A. SNMP
B. NETCONF
C. CMIP
D. CLI
E. RESTCONF

Explanation

YANG (Yet Another Next Generation) is a data modeling language used to model configuration and state data for network devices. To
modify a network device configuration using YANG data models, protocols specifically designed for interacting with structured data, such
as RESTCONF and NETCONF, are typically used.

Question 3

A new security policy dictates that all corporate wireless devices must authenticate using an EAP method that uses a certificate
and user credentials. Wireless devices will be allowed to attempt EAP key negotiation twice. More attempts will cause the
authentication to fail. Which configuration must be applied?

A. EAPOL-Key Timeout
B. EAP-Identity Request Timeout
C. EAP-Identity Request Max Retries
D. EAPOL-Key Max Retries

Explanation

+ EAP−Identity−Request Timeout: This timer affects how long you wait between EAP Identity Requests.
+ EAP−Identity−Request Max Retries: The Max Retries value is the number of times the WLC will send the Identity Request to the client,
before removing its entry from the MSCB. Once the Max Retries is reached, the WLC sends a de−authentication frame to the client,
forcing them to restart the EAP process.
+ EAPOL−Key Max Retries: This means that we will retry the original key attempt to the client twice. The default is 2.

Question 4

Please drag and drop the options provided in the left to configure NTP in client mode.

Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left.

Set the IP address of the NTP server and the public key Step 2
Enable NTP authentication Step 3
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 2/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Configure an authentication key pair for NTP and specify whether the key will be trusted or untrusted Step 1
Enable NTP client mode Step 4

Explanation

Answer:

+ Set the IP address of the NTP server and the public key: Step 2
+ Enable NTP authentication: Step 4
+ Configure an authentication key pair for NTP and specify whether the key will be trusted or untrusted: Step 1
+ Enable NTP client mode: Step 3

Explanation

Configuring Authentication in Client Mode

Authentication can enhance the security of a system running NTP. When you enable the authentication feature, the client switch sends
time-of-day requests only to trusted NTP servers.

To configure authentication, perform this task in privileged mode:

Task
Configure an authentication key pair for NTP and specify whether the key will be trusted
Step 1
or untrusted.
Step 2 Set the IP address of the NTP server and the public key.
Step 3 Enable NTP client mode.
Step 4 Enable NTP authentication.
Step 5 Verify the NTP configuration.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4000/8-2glx/configuration/guide/ntp.html

Question 5

At which plane does vBond operate in Cisco Catalyst SD-WAN solutions?

A. data plane
B. management plane
C. orchestration plane
D. control plane

Explanation

Orchestration plane (vBond) assists in securely onboarding the SD-WAN WAN Edge routers into the SD-WAN overlay. The vBond
controller, or orchestrator, authenticates and authorizes the SD-WAN components onto the network.

Question 6

An engineer must construct an access list for a Cisco Catalyst 9800 Series WLC that will redirect wireless guest users to a splash
page that is hosted on a Cisco ISE server. The Cisco ISE servers are hosted at 10.9.11.144 and 10.1.11.141. Which access list meets
the requirements?

Option A Option B

ip access-list extended ACL_WEBAUTH_REDIRECT ip access-list extended ACL_WEBAUTH_REDIRECT

70 deny ip any host 10.9.11.141
80 deny ip any host 10.1.11.141
500 permit tcp any any eq www
600 permit tcp any any eq 443
700 permit tcp any any eq 8443
800 deny udp any any eq domain
50 deny ip host 10.9.11.141 any
60 deny ip any host 10.9.11.141
70 deny ip host 10.1.11.141 any
80 deny ip any host 10.1.11.141
500 permit tcp any any eq www
600 permit tcp any any eq 443
700 permit tcp any any eq 80

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 3/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

Option C Option D

ip access-list extended ACL_WEBAUTH_REDIRECT ip access-list extended ACL_WEBAUTH_REDIRECT

70 permit ip any host 10.9.11.141
80 permit ip any host 10.1.11.141
500 permit tcp any any eq www
800 permit tcp any any eq 443
700 permit tcp any any eq 8443
800 deny udp any any eq domain
70 permit ip any host 10.9.11.141
80 permit ip any host 10.1.11.141
500 deny tcp any any eq www
600 deny tcp any any eq 443
700 deny tcp any any eq 8443
800 deny udp any any eq domain
901 deny ip any any

A. Option A
B. Option B
C. Option C
D. Option D

Explanation

You need to deny traffic to your ISE PSNs nodes as well as deny DNS and permit all the rest. For the redirection ACL, think of the deny
action as a deny redirection (not deny traffic) and the permit action as permit redirection. The WLC only looks into traffic that it can
redirect (ports 80 and 443 by default).

CLI:

ip access-list extended REDIRECT

deny ip any host <ISE-IP>
deny ip host <ISE-IP> any
deny udp any any eq domain
deny udp any eq domain any
permit tcp any any eq 80

Reference: https://www.cisco.com/c/en/us/support/docs/wireless/catalyst-9800-series-wireless-controllers/213920-central-web-
authentication-cwa-on-cata.html

-> Option B is the best choice.

Question 7

In a Cisco Mobility Express wireless deployment, which AP takes over if the primary AP fails?

A. AP with highest MAC address

B. AP with the lowest IP address
C. AP with highest IP address
D. AP with highest controller up time

Explanation

In an event of a failure of Primary AP, another Mobility Express capable AP is elected as a Primary automatically. Primary Access Point
election is based on a set of priorities.

1. User Defined Master – User can select an Access Point to be the Primary Access Point.
2. Next Preferred Master – Admin can configure the Next Preferred Master from CLI. When this is configured
and the active Primary AP fails, the one configured as the Next Preferred Master will be elected as a Primary.
3. Most Capable Access Point – If the first two priorities are not configured, Primary AP election algorithm will select the new Primary
based on the capability of the Access Point. For example, 3800 is the most capable followed by 2800, 1850, 1830 and finally the 1815
Series.
4. Least Client Load – If here are multiple Access Points with the same capability i.e. multiple 3800 Access points, the one with least client
load is elected as the Primary Access Point.
5. Lowest MAC Address – If all of the Access Points are the same and have the same client load, then Access Point with the lowest MAC
will be elected as a Primary.

Maybe in this question, “highest MAC address” means “lowest MAC value”.

Question 8

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 4/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Which method displays text directly into the active console with a synchronous EEM applet policy?
A. event manager applet boom
event syslog pattern ‘UP’
action 1.0 gets ‘logging directly to console’
B. event manager applet boom
event syslog pattern ‘UP’
action 1.0 puts ‘logging directly to console’
C. event manager applet boom
event syslog pattern ‘UP’
action 1.0 syslog priority direct msg ‘log directly to console’
D. event manager applet boom
event syslog pattern ‘UP’
action 1.0 string ‘logging directly to console’

Explanation

To enable the action of printing data directly to the local tty when an Embedded Event Manager (EEM) applet is triggered, use the action
puts command in applet configuration mode.

The following example shows how to print data directly to the local tty:

Router(config-applet)# event manager applet puts

Router(config-applet)# event none
Router(config-applet)# action 1 regexp “(.*) (.*) (.*)” “one two three” _match _sub1
Router(config-applet)# action 2 puts “match is $_match”
Router(config-applet)# action 3 puts “submatch 1 is $_sub1”
Router# event manager run puts
match is one two three
submatch 1 is one
Router#

The action puts command applies to synchronous events. The output of this command for a synchronous applet is directly displayed to the
tty, bypassing the syslog.

Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/command/eem-cr-book/eem-cr-a1.html

Question 9

The Radio Resource Management software that is embedded in the Cisco WLC acts as a manager to constantly monitor over-the-
air metrics. Which other factor does the Radio Resource Management software detect?

A. unauthorized wireless network access

B. repeated attempts to authenticate to a wireless network
C. presence of rogue APs or malicious SSIDs
D. end-node vulnerabilities

Explanation

The Radio Resource Management (RRM) software embedded in the Cisco Wireless LAN Controller acts as a built-in RF engineer to
consistently provide real-time RF management of your wireless network. RRM enables Cisco WLCs to continually monitor their
associated lightweight access points.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-8/config-guide/b_cg88/radio_resource_management.html

One of the functions of RRM is Radio Resource Monitoring.

RRM automatically detects and configures new Cisco WLCs and lightweight access points as they are added to the network. It then
automatically adjusts associated and nearby lightweight access points to optimize coverage and capacity.
Lightweight access points can simultaneously scan all valid 5-GHz and 2.4-GHz channels for the country of operation as well as for
channels available in other locations. The access points go “off-channel” for a period not greater than 60 ms to monitor these channels for
noise and interference. Packets collected during this time are analyzed to detect rogue access points, rogue clients, ad-hoc clients, and
interfering access points.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 5/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

Question 10

What is a difference between OSPF and EIGRP?

A. OSPF is an advanced distance vector protocol, EIGRP is a link-state protocol.

B. OSPF is a hybrid routing protocol, EIGRP is a link-state routing protocol
C. OSPF uses an administrative distance of 110, EIGRP uses an administrative distance of 170.
D. OSPF uses the DUAL algorithm, EIGRP uses the SPF algorithm

Explanation

OSPF is a link-state routing protocol while EIGRP is an advanced distance vector protocol -> Answer 'OSPF is an advanced distance
vector protocol, EIGRP is a link-state protocol' and answer 'OSPF is a hybrid routing protocol EIGRP is a link-state routing protocol' are
not correct.

EIGRP uses DUAL algorithm while OSPF uses SPF algorithm -> Answer 'OSPF uses the DUAL algorithm EIGRP uses the SPF algorithm'
is not correct.

OSPF administrative distance is 110 and EIGRP External route administrative distance is 170 -> Answer 'OSPF uses an administrative
distance of 110 EIGRP uses an administrative distance of 170' is correct although it is tricky.

Question 11

Refer to the exhibit.

Users in the Operations VLAN on Switch A are unable to communicate with users in the Operations VLAN on Switch B. Which
action resolves the issue?

A. Set the EtherChannel mode to PAGP on Switch B.

B. Set the EtherChannel mode to LACP on Switch A.
C. Set the switchport mode to dynamic desirable on Switch B.
D. Configure the same allowed VLAN list on Switch A and Switch B.

Explanation

Answer 'Set the EtherChannel mode to LACP on Switch A' is not correct as we can use either PAgP or LACP.

Answer 'Configure the same allowed VLAN list on Switch A and Switch B' is not correct as we only care about Operations VLAN, which
is VLAN 30. This VLAN was allowed on both switches.

Answer 'Set the EtherChannel mode to PAGP on Switch B' is not correct as PAGP has been configured already on both switches.

Therefore only answer 'Set the switchport mode to dynamic desirable on Switch B' is left and this is the correct choice. We tested with
above configuration, the Port-channel interface was still up but with “static access” operating mode:

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 6/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
SwitchB#show interface port-channel 5 switchport
Name: Po5
Switchport: Enabled
Administrative Mode: dynamic auto
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
--output omitted--
Trunking VLANs Enabled: 1,10,20,30,40
Pruning VLANs Enabled: 2-1001

But after changing to “dynamic desirable” on Switch B (use the “switchport mode dynamic desirable” under physical interfaces), the
operating mode changed to trunk:
SwitchB#show interface port-channel 5 switchport
Name: Po5
Switchport: Enabled
Administrative Mode: dynamic desirable
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
--output omitted--
Trunking VLANs Enabled: 1,10,20,30,40
Pruning VLANs Enabled: 2-1001

The reason is shown in the table below. If both ends are “dynamic auto” then a trunk cannot be formed. But with one end configures as
“dynamic desirable” then a trunk is formed:

DTP Trunking modes

Question 12

Refer to the exhibit.

import json
Devices={'Switches':
[
{'name': 'AccSw1', 'ip': '2001:db8:1:fffe::1'},
{'name': 'AccSw2', 'ip': '2001:db8:1:fffe::2'}
],
'Routers':
{'CE1': {'ip': '2001:db8:1:ffff::1'},
'CE2': {'ip': '2001:db8:1:ffff::2'}
}
}

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 7/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Which Python snippet stores the data structure of the device in JSON format?

Option A Option B
with open('devices.json', 'w') as OutFile: OutFile = open('devices.json', 'w')
Devices = json.load(OutFile) json.dump(Devices, OutFile)
OutFile.close()

Option C Option D
with open('devices.json', 'w') as OutFile: OutFile = open('devices.json', 'w')
json.dumps(Devices) OutFile.write(str(Devices))
OutFile.close()

A. Option A
B. Option B
C. Option C
D. Option D

Explanation

The json.dump() method converts a Python object into a JSON and writes it to a file, while the json.dumps() method encodes a Python
object into JSON and returns a string -> Option B is correct.

Question 13

An engineer must update the local web authentication details on a Cisco 5520 WLC. The engineer has one active SSID configured
for web authentication and plans to update the virtual interface with a nonroutable IP address. Which command must the engineer
apply?

A. config interface address virtual 192.0.2.1

B. config wlan create wlan_idname
C. config interface address virtual 1.1.1.1
D. config interface address dynamic-interface virtual 192.0.2.1

Explanation

To update the virtual interface with a nonroutable IP address on a Cisco 5520 WLC, the command config interface address virtual
192.0.2.1 should be used. This IP address is typically used for web authentication redirection, ensuring that the client is redirected properly
to the web authentication page.

Question 14

Refer to the exhibit.

interface GigabitEthernet5
description L3 Link to dist-sw01
ip address 172.16.252.10 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
!
interface GigabitEthernet6
description L3 Link to dist-rtr02
ip address 172.16.252.17 255.255.255.252
negotiation auto
no mop enabled
no mop sysid
!
router ospf 1
no log-adjacency-changes
passive-interface default
network 172.16.252.0 0.0.3.255 area 0
!

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 8/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
A network engineer connected two routers using OSPF but the routers are not sharing routes. Which command completes the
configuration?
A. router ospf 1
no passive-interface default
B. router ospf 1
network 172.16.252.0 0.0.0.255 area 0
C. interface GigabitEthernet5
no passive-interface
D. router ospf 1
no passive-interface GigabitEthernet5

Explanation

By setting the “passive-interface default” command, you make all OSPF interfaces passive. Therefore GigabitEthernet5 and
GigabitEthernet6 interfaces cannot form OSPF neighbor relationship with other routers. We need to disable this command so that OSPF
relationship can be established.

Question 15

A script contains the statement “while loop != 999:”. Which value terminates the loop?

A. A value equal to 999

B. A value greater then or equal to 999
C. A value less then or equal to 999
D. A value not equal to 999

Explanation

The “while {expression}” loop exits when the expression is false. Therefore only the expression “999 != 999” is false so this is the correct
answer.

Note: “!=” means “is not equal to”.

Question 16

What is provided to the client to identify the authenticated session in subsequent API calls after authenticating to the Cisco DNA
Center API?

A. session cookie
B. username and password
C. client X.509 certificate
D. authentication token

Explanation

After authenticating to the Cisco DNA Center API, an authentication token is provided to the client. This token is used to identify and
authorize subsequent API calls during the session.

Question 17

An engineer must configure a new WLAN that supports 802.11r and requires users to enter a passphrase. What must be
configured to support this requirement?

A. 802.1X and Fast Transition

B. FT PSK and Fast Transition
C. 802.1X and SUITEB-1X
D. FT PSK and SUITEB-1X

Explanation

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 9/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Pre-Shared Key (PSKs) requires to enter a passphrase while FT means 802.11r, which is the IEEE standard for fast roaming, introduces a
new concept of roaming where the initial handshake with the new AP is done even before the client roams to the target AP, which is called
Fast Transition (FT).

Question 18

Which Cisco WLC feature allows a wireless device to perform a Layer 3 roam between two separate controllers without changing
the client IP address?

A. mobility tunnel
B. GRE tunnel
C. LWAPP tunnel
D. mobile IP

Explanation

The controller supports seamless roaming across multiple mobility groups. During seamless roaming, the client maintains its IP address
across all mobility groups. When a client crosses a mobility group boundary during a roam, the client is fully authenticated, but the IP
address is maintained, and mobility tunneling is initiated for Layer 3 roaming.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/mobility_groups.html

Question 19

What is a characteristic of VRRP?

A. It ensures symmetric traffic flow upstream and downstream.

B. It inherently balances load amongst the available gateways.
C. It is a Cisco proprietary protocol.
D. It uses a virtual IP address and a virtual MAC address to achieve redundancy.

Question 20

Refer to the exhibit.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 10/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
What is achieved by this Python script?
A. It displays access list statements on a terminal screen.
B. It configures access list statements.
C. It reads access list statements into a dictionary list.
D. It converts access list statements to a human-readable format.

Explanation

We can use python xmltodict module to read XML file and convert it to Dict or JSON data.

Question 21

What is a characteristic of the HSRP SSO process?

A. It allows the router IOS to detect an installed standby RP.

B. It reduces the amount of time routing table updates take when a failure occurs.
C. It enables MD5 authentication within the HSRP group.
D. It decrements standby router priority if the HSRP group active router fails.

Explanation

The SSO HSRP feature enables the Cisco IOS HSRP subsystem software to detect that a standby RP is installed and the system is
configured in SSO redundancy mode. Further, if the active RP fails, no change occurs to the HSRP group itself and traffic continues to be
forwarded through the current active gateway device.

Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-16/fhp-xe-16-book/fhp-hsrp-sso.pdf

Question 22

In Cisco Catalyst Center (formerly DNA Center), what is the integration API?

A. an interface between the controller and the network devices, which enables network discovery and configuration management
B. northbound consumer-facing RESTful API, which enables network discovery and configuration management
C. westbound interface, which allows the exchange of data to be used by ITSM, IPAM and reporting
D. southbound consumer-facing RESTful API, which enables network discovery and configuration management

Question 23

An engineer must configure HSRP for VLAN 1200 on SW1. The second switch is configured by using the last usable IP address in
the network as the virtual IP. Which command set accomplishes this task?

Option A
SW1(config)#interface vlan 1200
SW1(config-if)#ip address 172.12.0.2 255.255.255.0
SW1(config-if)#standby 1200 ip 172.12.0.254
SW1(config-if)#standby 1200 timers 5 15
SW1(config-if)#standby 1200 preempt
Option B
SW1(config)#interface vlan 1200
SW1(config-if)#ip address 172.12.0.2 255.255.255.0
SW1(config-if)#standby version 2
SW1(config-if)#standby 1200 ip 172.12.0.254
SW1(config-if)#standby 1200 preempt

Option C Option D

SW1(config)#interface vlan 1200 SW1(config)#interface vlan 1200

SW1(config-if)#ip address 172.12.0.1 255.255.255.0 SW1(config-if)#ip address 172.12.0.254 255.255.255.0
SW1(config-if)#standby 1200 ip 172.12.0.254 SW1(config-if)#standby version 2
SW1(config-if)#standby 1200 timers 5 15 SW1(config-if)#standby 1200 ip 172.12.0.2
SW1(config-if)#standby 1200 preempt SW1(config-if)#standby 1200 preempt

A. Option A
B. Option B
C. Option C
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 11/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
D. Option D

Explanation

The group numbers of HSRP version 1 range from 0 to 255. HSRP does support group number of 0 (we do check it and in fact, it is the
default group number if you don’t enter group number in the configuration) so HSRP version 1 supports up to 256 group numbers. HSRP
version 2 supports 4096 group numbers so in this question we must configure HSRP version 2.

The virtual IP address must be the same on two HSRP switches so we must have command “standby 1200 ip 172.12.0.254” on both
switches.

Question 24

What are the main components of Cisco TrustSec?

A. Cisco ASA and Cisco Firepower Threat Defense

B. Cisco ISE and TACACS+
C. Cisco ISE, network switches, firewalls, and routers
D. Cisco ISE and Enterprise Directory Services

Explanation

The key component of Cisco TrustSec is the Cisco Identity Services Engine. It is typical for the Cisco ISE to provision switches with
TrustSec Identities and Security Group ACLs (SGACLs), though these may be configured manually.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/configuration/guide/sy_swcg/trustsec.pdf

Question 25

Which multicast operational mode sends a prune message to the source when there are no connected members or downstream
neighbors?

A. IGMPv2
B. IGMPv3
C. PIM sparse mode
D. PIM dense mode

Explanation

Protocol Independent Multicast (PIM) dense mode (PIM-DM) is a push model where we flood all interfaces with multicast packets until a
downstream router requests the upstream router to stop forwarding multicast traffic.

Each downstream router not interested in the multicast traffic will send a prune message to its upstream router. Prune messages tell the
source routers that it doesn’t need that multicast traffic right now.

Reference: https://study-ccnp.com/ip-multicast-pim-dense-mode-explained/

Question 26

By default, which virtual MAC address does HSRP group 41 use?

A. 004:41:73:18:84:29
B. 00:05:0c:07:ac:41
C. 0c:5e:ac:07:0c:29
D. 00:00:0c:07:ac:29

Explanation

HSRP version 1 uses the MAC address range 0000.0C07.ACxx while HSRP version 2 uses the MAC address range 0000.0C9F.F0xx.
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 12/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
The last two-digit hex value in the MAC address presents the HSRP group number. In this case 41 in decimal is 29 in hexadecimal. ->
Answer '00:00:0c:07:ac:29' is correct.

Question 27

Which two advanced security features are available in next-generation firewalls but were not provided by standard firewalls?
(Choose two)

A. stateful traffic inspection

B. network telemetry
C. application control
D. intrusion prevention
E. remote access VPN

Explanation

Next-generation firewalls (NGFWs) are deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add
application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall.

Reference: https://www.gartner.com/en/information-technology/glossary/next-generation-firewalls-ngfws

Question 28

Which feature does Cisco DNA Center Assurance provide?

A. device onboarding and configuration

B. data correlation and analysis
C. software upgrade and management
D. application policy configuration

Explanation

The following figure and the information that follows describes the Assurance architecture:

Data Correlation and Analysis: As and when data is ingested, Assurance correlates and analyzes the data.

….

Reference: https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center-
assurance/2-2-3/b_cisco_dna_assurance_2_2_3_ug/b_cisco_dna_assurance_2_2_2_ug_chapter_01.html

Question 29

Which JSON script is property formatted?

Option A Option B
[ [
'class': 'class': {
{ 'title':'Science',
'name': Reading 101 'grade':'11',
'Session ID':'474604043' 'location':'Room C'.
'location':B-15' }
} ]
] ]

Option C Option D

'Auto':[ {
{ 'music':[
'type':'truck', {
'model':'1500', 'title':'A New Song',
'year':'2023' 'genre':'Pop',

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 13/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
} 'year':'2019'
] }
]
}

A. Option A
B. Option B
C. Option C
D. Option D

Question 30

Which type of wireless antenna is used to provide a 360-degree radiation pattern?

A. Patch
B. Yagi
C. Directional
D. Dipole

Explanation

A dipole antenna provides a 360-degree radiation pattern (omnidirectional) in the horizontal plane. This type of antenna radiates energy
equally in all directions around it, making it suitable for applications that require broad coverage.

The patterns shown are those resulting from a perfect dipole formed with two thin wires oriented vertically along the z-axis.

Reference: https://www.industrialnetworking.com/pdf/Antenna-Patterns.pdf

Question 31

Which two items are found in YANG data models? (Choose two)

A. XML schema
B. JSON schema
C. container statements
D. HTTP return codes
E. rpc statements

Explanation

The following YANG example uses a container statement to define a timeout mechanism for a request to a server. The timeout has two
components: access-timeout, which represents the maximum time without server response, and retries, which represents the number of
request attempts before giving up.
container timeout {
leaf access-timeout {
type uint32;
}

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 14/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
leaf retries {
type uint8;
}
}

Reference: https://www.tail-f.com/wordpress/wp-content/uploads/2014/02/Tail-f-Instant-YANG.pdf

IOS XR actions are RPC statements that trigger an operation or execute a command on the router. Theses actions are defined as YANG
models using RPC statements. An action is executed when the router receives the corresponding NETCONF RPC request. Once the router
executes an action, it replies with a NETCONF RPC response.

Reference: https://www.cisco.com/c/en/us/td/docs/iosxr/ncs5000/DataModels/b-data-models-config-guide-ncs5000/b-data-models-config-
guide-ncs5000_chapter_010.html

Note: A data model is simply a well understood and agreed upon method to describe “something”. As an example, consider this simple
“data model” for a person.
Person
•Gender-male, female, other
•Height-Feet/Inches or Meters
•Weight-Pounds or Kilos
•Hair Color-Brown, Blond, Black, Red, other
•Eye Color-Brown, Blue, Green, Hazel, other

Question 32

Which JSON script is properly formatted?

Option A Option B
['plants':{ [
'type': annual, 'subject':{
'color': yellow, [
'season':summer 'title':'Language'
} 'ID':'841143'
] 'location':'Main Campus'
}
]
]

Option C Option D
'Stores':[ {
{ 'activity': [
'type':'retail', {
'location':'B27', 'type':'golf',
'contact':'545-345-3451' 'level':'beginning',
} 'session':'2024'
] }
]
}

A. Option A
B. Option B
C. Option C
D. Option D

Explanation

A JSON string should always start with {} (an object) or [] (an array) -> Option C is not correct.

In a JSON string, the key/value pairs are always in double quotes '' -> Option A and Option B are not correct.

Question 33

Which security feature does stateless authentication and authorization use for REST API calls?

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 15/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
A. SSL/TLS certificate encryption
B. API keys
C. OAuth 2 token
D. Cookie-based session authentication

Explanation

Statelessness means that every HTTP request happens in complete isolation. When the client makes an HTTP request, it includes all
information necessary for the server to fulfill the request.

The server never relies on information from previous requests from the client. If any such information is important then the client will send
that as part of the current request.

Reference: https://restfulapi.net/statelessness/

TLS/SSL is stateful. The web server and the client (browser) cache the session including the cryptographic keys to improve performance
and do not perform key exchange for every request. -> Answer 'SSL/TLS certificate encryption' is not correct.

Cookie/Session Based Authentications are stateful. Here is how it works: The server creates a session ID upon a user’s login request,
storing it in either a database or an in-memory cache on the server. This session ID is then stored on a cookie in the user’s browser. With
each subsequent request, the server receives the cookie containing the session ID and validates the user’s identity by comparing it with the
corresponding session information stored on the server. -> Answer 'Cookie-based session authentication' is not correct.

Token-based authentication enables users to obtain a token that allows them to access a service and/or fetch a specific resource without
using their username and password to authenticate every request. Because the token can be a self-contained entity that conveys all the
required information for authenticating the request, it is often referred to as stateless authentication.

The authentication token is created by the authenticating service and contains information to identify a particular user and the token
validity. The token itself is cryptographically signed to prevent tampering.

After the token is validated by the service, it is used to establish security context for the client, so the service can make authorization
decisions or audit activity for successive user requests -> Answer 'OAuth 2 token' is correct.

Reference: https://doubleoctopus.com/security-wiki/network-architecture/stateless-authentication/

When you use an API key to authenticate to an API, the API key does not identify a principal, nor does it provide any authorization
information. -> Answer 'API keys' is not correct.

Question 34

Drag and drop the threat defense solutions from the left onto their descriptions on the right.

Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left.

StealthWatch performs security analytics by collecting network flows

ESA protects against email threat vector
AMP4E provides malware protection on endpoints
Umbrella provides DNS protection
FTD provides IPS/IDS capabilities

Explanation

Answer:

+ StealthWatch: performs security analytics by collecting network flows

+ ESA: protects against email threat vector
+ AMP4E: provides malware protection on endpoints
+ Umbrella: provides DNS protection
+ FTD: provides IPS/IDS capabilities

Explanation

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 16/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
+ StealthWatch: performs security analytics by collecting network flows via NetFlow
+ ESA: email security solution which protects against email threats like ransomware, business email compromise, phishing, whaling, and
many other email-driven attacks
+ AMP for Endpoints (AMP4E): provides malware protection on endpoints
+ Umbrella: provides DNS protection by blocking malicious destinations using DNS
+ Firepower Threat Defense (FTD): provides a comprehensive suite of security features such as firewall capabilities, monitoring, alerts,
Intrusion Detection System (IDS) and Intrusion Prevention System (IPS).

Question 35

Which statement describes the Cisco SD-Access plane functionality for fabric-enabled wireless?

A. Control plane traffic and data plane traffic are sent to the WLC through VXLAN
B. Control plane traffic and data plane traffic are sent to the WLC through CAPWAP tunnels
C. The control plane traffic is sent to the WLC through VXLAN, and the data plane traffic is sent to the WLC through CAPWAP
tunnels
D. The control plane traffic is sent to the WLC through CAPWAP tunnels, and the data plane traffic is sent from the AP
to the fabric edge switch through VXLAN

Question 36

Which function is handled by vManage in the Cisco SD-WAN fabric?

A. Establishes BFD sessions to test liveliness of links and nodes.

B. Establishes IPsec tunnels with nodes.
C. Distributes policies that govern data forwarding.
D. Performs remote software upgrades for WAN Edge, vSmart, and vBond.

Explanation

Cisco vManage handles tasks like performing remote software upgrades for devices within the SD-WAN fabric, including WAN Edge
routers, vSmart controllers, and vBond orchestrators. It provides centralized management and orchestration for the entire SD-WAN
environment.

Question 37

What must be configured to enable aWIPS for all radios in a specific site or location, when a Cisco Catalyst 9800 Series WLC is
used?

A. rogue profile
B. policy tag
C. RF tag
D. AP join profile

Explanation

aWIPS initialization is done by the controller. aWIPS initialization could also be triggered via the controller GUI or CLI. The controller
then sends the aWIPS configuration to the APs using CAPWAP.

Step 1. Choose Configuration > Tags & Profiles > AP Join.

Step 2. On the AP Join page, click the name of the desired AP join profile
…

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/17-2/config-guide/b_wl_17_2_cg/advanced_wips.pdf

Question 38

What is a difference between Chef and other automation tools?

A. Chef is an agent-based tool that uses cookbooks, and Ansible is an agentless tool that uses playbooks.
B. Chef uses Domain Specific Language, and Puppet uses Ruby.
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 17/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
C. Chef is an agentless tool that uses a primary/minion architecture, and SaltStack is an agent- based tool that uses a
primary/secondary architecture
D. Chef is an agentless tool that uses playbooks, and Ansible is an agent-based tool that uses cookbooks.

Explanation

Chef uses Cookbooks, which are multiple recipes that can be grouped together. A Cookbook defines a scenario and contains everything
that is required to support that scenario. A Cookbook also includes attributes, libraries, metadata, and other files that are necessary for
supporting each configuration. Cookbooks are created using Ruby language and Domain Specific languages are used for specific
resources.

A comparison list of Ansible, Puppet and Chef automation tool is shown below:

Question 39

Drag and drop the components of the Cisco SD-Access fabric architecture from the left onto the correct descriptions on the right.
Not all options are used.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 18/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

Note: Please type the corresponding numbers of the options on the left to the textbox below that match the options on the right.
For example: 145

Please type your answer here: 234

Explanation

Answer:

+ map system that manages endpoint ID to location relationships: CP node

+ fabric device (for example, Core) that connects external Layer 3 networks to the SD-Access fabric: border node
+ fabric device (for example, Access) that connects wired endpoints to the SD-Access fabric: edge node

Explanation

+ Control-Plane Nodes – Map System that manages Endpoint to Device relationships

+ Fabric Border Nodes – A Fabric device (e.g. Core) that connects External L3 network(s) to the SDA Fabric

+ Fabric Edge Nodes – A Fabric device (e.g. Access or Distribution) that connects Wired Endpoints to the SDA Fabric

+ Fabric Wireless Controller – A Fabric device (WLC) that connects APs and Wireless Endpoints to the SDA Fabric

Reference: https://www.cisco.com/c/dam/m/hr_hr/training-events/2019/cisco-connect/pdf/VH-Cisco-SD-Access-Connecting.pdf

Question 40

Drag and drop the automation characteristics from the left onto the appropriate tools on the right. Not all options are used.

Note: Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order for each
group. For example: 1324 (which means 13 for first group, 24 for second group).
Please type your answer here: 1325 (correct answer: 1235)

Explanation

SaltStack uses YAML extensively. YAML is the primary data format for SaltStack configuration files, including state files, pillar data, and
configuration management. It is used for writing infrastructure-as-code to define how systems should be configured and managed.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 19/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
SaltStack primarily uses a pull model, but it also has the ability to function in a push model depending on how it is configured. Pull Model
is the default operation in SaltStack. In this mode, the Salt minions (agents) running on managed nodes regularly check in with the Salt
master to request updates or changes. SaltStack can also be used in a push model, where the Salt master sends commands to the minions
without waiting for the minions to check in.

Question 41

An engineer must configure a router to allow users to run specific configuration commands by validating the user against the
router database. Which configuration must be applied?

A. aaa authentication exec default local

B. aaa authentication network default local
C. aaa authorization network default local
D. aaa authorization exec default local

Explanation

“allow users to run specific configuration commands” which means authorization, not authentication so we need the “aaa authorization …”
command.

“Enable AAA authorization with the network keyword to allow interface configuration from the RADIUS server.” -> Answer 'aaa
authorization network default local' is not correct.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/31sga/configuration/guide/config/dot1x.html

-> Only answer 'aaa authorization exec default local' is left. We need the keyword “exec” to allow user to run an EXEC shell.

Question 42

Drag and drop the characteristics from the left onto the tools on the right. Not all options are used.

Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example:
1325 (which means 13 for first group, 25 for second group).

Please type your answer here: 1324

Explanation

Answer:

Configuration Management Tools

+ works with mutable elements
+ deploy and configure applications and software

Orchestration Tools
+ works with immutable elements
+ deploy server instances

Explanation
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 20/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Traditional server environments are mutable, in that they are changed after they are installed. Administrators are always making tweaks or
adding code. CM tools evolved to manage this complexity and bring order to the configuration and updating of tens to thousands of
servers.

An immutable infrastructure is one in which servers are never modified after they’re deployed. With orchestration, immutability is easily
applied to servers as they usually have built-in support for managing the lifecycle of a resource from creation to tearing down.

Reference: https://www.ibm.com/cloud/blog/chef-ansible-puppet-terraform

Configuration management tools simplify and accelerate the deployment process by automating the setup and management of
environments. This automation allows teams to deploy applications in a repeatable and reliable manner, reducing the time and effort
required for manual configurations.

Question 43

Which device, in a LISP routing architecture, receives and de-encapsulates LISP traffic for endpoints within a LISP-capable site?

A. MR
B. OMS
C. ITR
D. ETR

Explanation

Egress Tunnel Router (ETR) is the device (or function) that connects a site to the LISP-capable part of a core network (such as the
Internet), publishes EID-to-RLOC mappings for the site, responds to Map-Request messages, and decapsulates and delivers LISP-
encapsulated user data to end systems at the site. During operation, an ETR sends periodic Map-Register messages to all its configured
map servers.

Question 44

What is a characteristic of omnidirectional antennas?

A. They have high gain.

B. They include dish antennas.
C. They provide the most focused and narrow beamwidth.
D. They are well suited for point-to-multipoint environments.

Explanation

Omnidirectional antennas are commonly used in point-to-multipoint networks because they provide the widest coverage possible.

In point-to-multipoint wireless networks, such as outdoor wireless broadband connections or surveillance systems, omnidirectional
antennas at the central base station provide coverage to multiple client devices spread in various directions around the base station.

Question 45

Drag and drop the code snippets from the bottom onto the blanks in the code to construct a request that configures policy-based
routing.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 21/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

Please type the corresponding numbers of each item at the bottom to the blank below that matches the boxes on the top. For
example: 1324

Please type your answer here: 2134 (correct answer: 2431)

Explanation

Answer:

1. permit
2. set
3. next-hop
4. address

Question 46

A customer deployed an ISE solution that allows for web authentication and URL redirect enforced from the access layer. Due to
control plane security concerns, only host IP 10.0.1.25 should have HTTP access to these switches. Which configuration must be
applied to the switches?

Option A Option B

ip access-list standard 10 ip access-list standard 10

deny 10.0.1.25 0.0.0.0 permit 10.0.1.25 0.0.0.0
permit any ip http server
ip http server ip http secure-server
ip http secure-server ip http secure-active-session-modules none
class-map CoPP_Class ip http access-class 10
match access_group 10
policy-map CoPP_Policy
class CoPP_Class
police 100000 conform-action permit exceed-action drop violate-action drop
control-plane
service-policy input CoPP_Policy

Option C Option D
ip access-list extended HOST-ACL ip access-list extended HOST-ACL
10 permit host 10.0.1.25 any 10 permit host 10.0.1.25 any
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 22/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
20 deny any any 20 deny any any
no ip http server ip http server
ip http secure-server ip http secure-server
class-map CoPP_Class ip http secure-active-session-modules none
match access_group HOST-ACL ip http active-session-modules none
policy-map CoPP_Policy ip http access-class HOST-ACL
class CoPP_Class
police 100000 conform-action permit exceed-action drop violate-action drop
control-plane
service-policy input CoPP_Policy

A. Option A
B. Option B
C. Option C
D. Option D

Explanation

Option A and Option C use CoPP but they do not solve the problem with “conform-action permit” (in fact it should be “conform-action
transmit”). With Option A, host 10.0.1.25 is allowed unconstrained (deny 10.0.1.25 which means CoPP is not applied to this host) while
other hosts are applied CoPP. But with “conform-action transmit”, these hosts can still access the devices.

The “ip http access-class” command can only be used with a standard ACL in the range 0 to 99 -> Only Option B is correct.

Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/https/command/nm-https-cr-book/nm-https-cr-cl-sh.html#wp1110651970

Question 47

Reter to the exhibit.

A client requests a new SSID that will use web-based authentication and external RADIUS servers. Which Layer 2 security mode
must be selected?

A. Static WEP
B. WPA + WPA2
C. WPA2 + WPA3
D. None

Explanation

This document explains how to perform external web authentication using an external RADIUS Server.
…
Configure the WLAN on WLC for Web Authentication
The next step is to configure the WLAN for web authentication on WLC. Perform these steps in order to configure the WLAN on WLC:
1. Click the WLANs menu from the controller GUI, and choose New.
2. Choose WLAN for Type.
3. Enter a Profile Name and a WLAN SSID of your choice, and click Apply.
4. Under the General tab, make sure that the Enabled option is checked for both Status and Broadcast SSID.
5. Choose an interface for the WLAN. Typically, an interface configured in a unique VLAN is mapped to the WLAN so that the client
receives an IP address in that VLAN. In this example, we use management for Interface.
6. Choose the Security tab.
7. Under the Layer 2 menu, choose None for Layer 2 Security.
8. Under the Layer 3 menu, choose None for Layer 3 Security. Check the Web Policy checkbox, and choose Authentication.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 23/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Reference: https://www.cisco.com/c/en/us/support/docs/wireless/5500-series-wireless-controllers/112134-external-web-radius-00.html

Question 48

What is a characteristic of Layer 3 roaming?

A. Clients must obtain a new IP address when they roam between APs
B. It provides seamless roaming between APs that are connected to different Layer 3 networks and different mobility
groups.
C. It is only supported on controllers that run SSO.
D. It provides seamless client roaming between APs in different Layer 3 networks but within the same mobility group

Explanation

Layer 3 roaming in wireless networks typically takes place between different mobility groups (but in the same mobility doamin). A
mobility group refers to a set of WLCs that share information to facilitate client roaming.

When a client device roams between access points controlled by different WLCs within the same mobility group, it’s usually referred to as
layer 2 roaming. In this scenario, the client maintains its IP address and session as it moves between access points, and the WLCs
coordinate handoffs seamlessly.

However, when a client roams between access points controlled by WLCs in different mobility groups, it’s considered layer 3 roaming. In
this case, the client may need to obtain a new IP address and establish a new session as it moves between different subnets or networks
managed by different WLCs.

Question 49

Which wireless deployment mode uses a Flex architecture and allows Layer 2 roaming between APs without a physical wireless
controller?

A. unified
B. Cisco Mobility Express
C. autonomous mode
D. fabric

Question 50

Which nodes require VXLAN encapsulation support in a Cisco SD-Access deployment?

A. distribution nodes
B. core nodes
C. aggregation nodes
D. border nodes

Explanation

Border node will send the data plane traffic (VXLAN encapsulated ) to the Edge node in Subscriber VN Employee.

Reference: https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2023/pdf/BRKENS-2811.pdf

The border nodes are responsible for connecting the SD-Access fabric to external networks (such as a data center, WAN, or other network
segments) and therefore require VXLAN encapsulation support to handle traffic entering and leaving the SD-Access fabric.

Question 51

An engineer must create a script to append and modify device entries in a JSON-formatted file. The script must work as follows:
• Until interrupted from the keyboard, the script reads in the hostname of a device, its management IP address, operating system
type, and CLI remote access protocol.
• After being interrupted, the script displays the entered entries and adds them to the JSON-formatted file, replacing existing
entries whose hostname matches.
The contents of the JSON-formatted file are as follows:
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 24/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
{
'examplerouter': {
'ip': '203.0.113.1',
'os': ios-xe',
'protocol': 'ssh'
},
...
}

Drag and drop the statements onto the blanks within the code to complete the script. Not all options are used.

Please type the corresponding numbers of each item on the right to the blank below from top to bottom. For example: 13625
(which means 1 for first, 3 for second, 6 for third, 2 for fourth and 5 for last yellow box).

Please type your answer here: 31265

Explanation

Answer:

1. import json
2. while True:
3. except
4. File = open
5. File.close()

Explanation

We tested this code successfully:

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 25/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

And this is the result:

Note:
+ In Python, “pass” is a null statement. It is usually used as a placeholder.
+ In order to run the code successfully, we must have the “devicesData.json” first with at least one sample.
+ This code runs infinitely with “while True:” so we have to use Keyboard interrupt to exit (Ctrl-C in Windows, for example).

Question 52

What is the name of the numerical relationship of the wireless signal compared to the noise floor?

A. EIRP

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 26/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
B. SNR
C. RSSI
D. gain

Explanation

SNR (Signal-to-Noise Ratio) is the numerical relationship between the strength of the wireless signal and the noise floor (the level of
background noise in the environment). SNR is typically measured in decibels (dB) and is a crucial metric in wireless networks, as a higher
SNR indicates a clearer and more reliable signal.

Question 53

What is a common trait between Ansible and Chef?

A. Both are used for mutable infrastructure.

B. Both rely on a declarative approach.
C. Both require a client to be installed on hosts.
D. Both rely on NETCONF.

Explanation

Ansible is a procedural tool, meaning that each Ansible playbook defines the steps to transform your infrastructure or configuration into
what it should look like.

Chef is procedural, meaning that rather than defining the end state, you write configuration code to determine how your infrastructure
setup should eventually look.

-> Answer 'Both rely on a declarative approach' is not correct.

Reference: https://redpanda.com/blog/ansible-terraform-chef-salt-puppet-cloud

Ansible is Agentless while Chef is Agent Based Architecture. Agentless means that the managed device does not need any code (agent) to
be installed on it. Therefore Ansible uses SSH (NETCONF over SSH in particular) to “push” changes and extract information to managed
devices.

-> Answer 'Both require a client to be installed on hosts' is not correct.

Ansible uses SSH/NETCONF while Chef use REST -> Answer 'Both rely on NETCONF' is not correct.

Note: The concept for mutable and immutable infrastructure is whether or not an environment can change after its creation. While a
mutable environment allows changes to be made during its lifecycle, like fixing configuration errors and updating the resources that are
already provisioned, in an immutable environment, that would not be possible. The resource is destroyed and created again with a new
version.

Question 54

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 27/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Refer to the exhibit.
import requests
import json
from urllib3.exceptions import InsecureRequestWarning
requests.packages.urllib3.disable_warnings(category=InscureRequestWarning)

def printBytesAsJSON(bytes):
print(json.dumps(json.loads(bytes), indent=2))

response = requests.get(
url = 'https://192.168.159.10/restconf/data/Cisco-X0S-XE-
native:native/interface/GigabitEthernet=2',
auth = ('cisco', 'cisco'),
headers = {
'Accept': 'application/yang-data+json',
'Content-Type': 'application/yang-data+json'
},
data = json.dumps ( {
'Cisco-IOS-XE-native:GigabitEthernet' : {
'ip': {
'address': {
'primary': {
'address' : '10.10.10.1',
'mask' : '255.255.255.0'
}
}
}
}
}),
verify = False)
print ('Response Code: ' + str(response.status_code))

An engineer attempts to use RESTCONF to configure GigabitEthernet2 on a remote router with IP address 192.168.159.10, but the
configuration fails. Which configuration is required to complete the action?

Option A

data = json.dumps({
'Cisco-IOS-XE-native:GiagabitEthernet2': {

Option B

data = json.dumps({
'Cisco-IOS-XE-native:GigabitEthernet': {
'ip': {
'address': {
'interface': {

Option C
url = 'https://192.168.159.10/restconf/data/Cisco-IOS-XE-native:native/interface/GigabitEthernet2',

Option D
response = requests.patch(

A. Option A
B. Option B
C. Option C
D. Option D

Explanation

In the exhibit, the response.get method is used to retrieve information from the given server using a given URL so it cannot be used to
configure a remote device. We should use PATCH (requests.patch) method instead.

Comments

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 28/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

Question 55

How do OSPF and EIGRP compare?

A. OSPF and EIGRP use the same administrative distance.

B. EIGRP shows an known routes, and OSPF shows successor and feasible successor routes.
C. Both OSPF and EIGRP use the concept of areas.
D. EIGRP shows successor and feasible successor routes, and OSPF shows all known routes.

Explanation

This question mentions about the EIGRP topology table (with command “show ip eigrp topology”), which keeps all the Successor and
Feasible Successor routes. OSPF topology table (with command “show ip ospf database”) contains the entire road map of the network with
all available OSPF routers.

Question 56

An engineer adds a new switch to a Cisco StackWise stack. The switch that was active before the switch was added is elected as the
active switch again. Which action does the active switch take?

A. It clears the MAC table of the stack and relearns the attached devices.
B. It checks the IOS and running configuration of the new switch and updates them if necessary to match the other
switches in the stack.
C. It suspends traffic forwarding until the new switch is updated with the current running configuration of the stack.
D. It removes any Layer 3 configuration on the new switch to maintain normal Layer 2 functionality on the stack.

Question 57

Which DNS record type is required to allow APs to discover a WLC by using DNS on IPv4?

A. A
B. NS
C. MX
D. SOA

Explanation

Upon connecting an AP to the network, the following WLC discovery methods will be attempted:
– Broadcast on local subnet
– Use a previously configured/discovered list stored on the APs NVRAM
– Use DHCP Option 43 provided from DHCP server
– Use DNS to resolve “CISCO-CAPWAP-CONTROLLER.localdomain”

The AP will attempt to resolve “CISCO-CAPWAP-CONTROLLER.localdomain” to an IP address. This can be done by configuring a Host
A Record on the DNS server specified in DHCP.

Reference: https://higher-frequency.blogspot.com/2016/08/cisco-wlc-discovery-join-methods.html

Question 58

Refer to the exhibit.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 29/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

R1
track 26 interface Serial0/0.1 line-protocol
interface FastEthernet0/0
ip address 209.165.201.1 255.255.255.224
standby 100 ip 209.165.201.30
standby 100 priority 105
standby 100 preempt
standby 100 track 26

R2
interface FastEthernet0/0
ip address 209.165.201.2 255.255.255.224
standby 100 ip 209.165.201.30
standby 100 track 26

Which command must be added to enable R2 to take over as primary when Serial interface 0/0.1 is down on R1?
A. R2# standby 100 priority 100
B. R2# standby 100 preempt
C. R1# no standby 100 track 26
D. R2# no standby 100 track 26

Explanation

R2 is missing the "standby 100 preempt" command to actively take over the primary from R1 when the priority of R1 falls down below
100.

Question 59

In a wireless Cisco SD-Access deployment, which roaming method is used when a user moves from one access point to another on a
different access switch using a single WLC?

A. Layer 3
B. auto anchor
C. fast roam
D. inter-xTR

Explanation

SDA supports two additional types of roaming, which are Intra-xTR and Inter-xTR. In SDA, xTR stands for an access-switch that is a
fabric edge node. It serves both as an ingress tunnel router as well as an egress tunnel router.

When a client on a fabric enabled WLAN, roams from an access point to another access point on the same access-switch, it is called Intra-
xTR. Here, the local client database and client history table are updated with the information of the newly associated access point.

When a client on a fabric enabled WLAN, roams from an access point to another access point on a different access-switch, it is called
Inter-xTR. Here, the map server is also updated with the client location (RLOC) information. Also, the local client database is updated
with the information of the newly associated access point.

Reference: https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/mobility.html

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 30/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

Question 60

Which RF value represents the decline of the RF signal amplitude over a given distance?

A. free space path loss

B. received signal strength indicator
C. signal-to-noise ratio
D. effective isotropic radiated power

Explanation

Free space path loss (FSPL) is the reduction in signal strength that occurs when an electromagnetic wave travels through free space, such
as air or a vacuum, without any obstacles to interfere with it. The FSPL is used to predict the strength of a RF signal at a particular
distance. This is a theoretical value, as in the real world, there are many obstacles, reflections and losses which need to be accounted for
when estimating the signal at a location. However the FSPL is a good approximation for estimating the loss of signal when propagating
through free space.

Note:

Effective Isotropic Radiated Power (EIRP): EIRP measures the total power radiated by an antenna in a specific direction, accounting for
transmitter power and antenna gain. It does not describe the decline of the signal over distance.

Signal-to-Noise Ratio (SNR): SNR is the ratio of the desired signal strength to the background noise level, indicating the quality of the
signal but not directly related to signal decline over distance.

Received Signal Strength Indicator (RSSI): RSSI measures the power level of a received signal at a specific point, but it does not
describe the natural attenuation of the signal over distance.

Question 61

What is a characteristic of Wi-Fi channels?

A. Wi-Fi channels are spaced 30 MHz apart.

B. The 5-GHz band offers 11 different channels for Wi-Fi clients
C. Devices that connect to the same Wi-Fi channel reside in the same collision domain.
D. The 2.4-GHz band 2 non-overlapping channels

Explanation

WiFi channels are smaller bands within WiFi frequency bands that are used by your wireless network to send and receive data. Depending
on which frequency band your router is using, you have a certain number of WiFi channels to choose from:
+ 11 WiFi channels are in the 2.4 GHz frequency band (3 non-overlapping channels) -> Answer 'The 2.4-GHz band 2 non-overlapping
channels' is not correct.
+ 45 WiFi channels are in the 5 GHz frequency band (24 non-overlapping channels) -> Answer 'The 5-GHz band offers 11 different
channels for Wi-Fi clients' is not correct.

Due to the WiFi standard, the channel spacing is 5 MHz. This causes that when the band is placed in a particular channel, for example, 6,
there are 15MHz overlapping adjacent channels (part of 4, 5, 7, and 8) -> Answer 'Wi-Fi channels are spaced 30 MHz apart' is not correct.

Question 62

What is a benefit of MACsec in a multilayered LAN network design?

A. Layer 3 links between switches can be secured.

B. There is no requirement to run IEEE 802.1X when MACsec is enabled on a switch port.
C. Application flows between hosts on the LAN to remote destinations can be encrypted.
D. Layer 2 trunk links between switches can be secured.

Explanation

MACsec, defined in 802.1AE, provides MAC-layer encryption over wired networks by using out-of-band methods for encryption keying.
The MACsec Key Agreement (MKA) Protocol provides the required session keys and manages the required encryption keys.
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 31/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Answer "Application flows between hosts on the LAN to remote destinations can be encrypted" is incorrect because MACsec operates at
Layer 2, not at the application layer, so it does not encrypt application flows at Layer 7.

Answer "There is no requirement to run IEEE 802.1X when MACsec is enabled on a switch port" is incorrect because MACsec and IEEE
802.1X are often used together to secure ports, but MACsec doesn't eliminate the need for 802.1X.

Answer "Layer 3 links between switches can be secured" is incorrect because MACsec is a Layer 2 technology, not Layer 3, so it cannot
secure Layer 3 links between switches.

Question 63

Select the devices from the below options that can be part of Cisco SDWAN Solution. (Choose two)

A. FTD 1120
B. IR8300
C. ASR 1000
D. ISR 2900
E. ASR 9000

Explanation

In the Cisco Catalyst SD-WAN Device Compatibility list at this Cisco link, they list the following options:

+ Cisco Catalyst 8500 Series Edge Platforms

+ Cisco Catalyst 8300 Series Edge Platforms
+ Cisco Catalyst 8200 Series Edge Platforms
+ Cisco Catalyst 8200 uCPE Series Edge Platforms
+ Cisco ASR 1000 Series Aggregation Services Routers
+ Cisco ISR 4000 Series Integrated Services Routers
+ Cisco ISR 1100 and ISR 1100X Series Integrated Services Routers
+ Cisco ISR 1000 Series Integrated Services Routers
+ Cisco IR1101 Integrated Services Router Rugged
+ Cisco Catalyst IR1800 Rugged Series Routers
+ Cisco Catalyst IR8100 Heavy Duty Series Router
+ Cisco IR8300 Integrated Services Router Rugged
+ Cisco 5000 Series Enterprise Network Compute System
+ Cisco ESR6300 Embedded Series Routers
…

Question 64

Refer to the exhibit.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 32/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

An engineer is creating a Python script to fetch the BGP configuration from a device using RESTCONF. What does the output
indicate?
A. The BGP data resource identifier in the URL is incorrect.
B. RESTCONF is not enabled on the device.
C. The HTTPS connection to the device could not be established.
D. There is no BGP process running on the device.

Explanation

After running this code, we received the message “HTTP Response: 404 Not Found” so answer 'The BGP data resource identifier in the
URL is incorrect' is the best choice.

Question 65

Refer to the exhibit.

OSFF-1 HELLO Gi0/0: Rcv hello from 10.2.2.2 area 0 10.0.0.2

OSFF-1 HELLO Gi0/0: No more immediate hello for nbr 10.2.2.2, which has been sent on this intf 2 times
OSFF-1 HELLO Gi0/0: Send hello to 224.0.0.5 area 0 from 10.0.0.1
OSFF-1 HELLO Gi0/0: Rcv hello from 10.2.2.2 area 0 10.0.0.2
OSPF-1 HELLO Gi0/0: No more immediate hello for nbr 10.2.2.2, which has been sent on this intf 2 times
OSFF-1 HELLO Gi0/0: Send hello to 224.0.0.5 area 0 from 10.0.0.1
OSFF-1 ADJ Gi0/0: Rcv DBD from 10.2.2.2 seq 0xE09 opt 0x52 flag 0x7 len 32 mtu 1400 state INIT
OSFF-1 ADJ Gi0/0: 2 Way Communication to 10.2.2.2, state 2WAY
OSFF-1 ADJ Gi0/0: Neighbor change event
OSFF-1 ADJ Gi0/0: Nbr 10.2.2.2: Prepare dbase exchange
OSFF-1 ADJ Gi0/0: Send DSD to 10.2.2.2 seq 0x1C01 opt 0x52 flag 0x7 len 32
OSPF-1 ADJ Gi0/0: NBR Negotiation Done. We are the SLAVE
OSPF-1 ADJ Gi0/0: Nbr 10.2.2.2: Summary list built, size 5
OSFF-1 ADJ Gi0/0: Send DBD to 10.2.2.2 seq 0xE09 opt 0x52 flag 0x2 len 132
OSFF-1 HELLO Gi0/0: Rcv hello from 10.2.2.2 area 0 10.0.0.2
OSFF-1 ADJ Gi0/0: Rcv DBD from 10.2.2.2 seq 0xE09 opt 0x52 flag 0x7 len 32 mtu 1400 state EXCHANGE
OSFF-1 ADJ Gi0/0: Nbr 10.2.2.2 has smaller interface MTU
OSPF-1 ADJ Gi0/0: Send DBD to 10.2.2.2 seq 0xE09 opt 0x52 flag 0x2 len 132
OSFF-1 HELLO Gi0/0: Rcv hello from 10.2.2.2 area 0 10.0.0.2
OSFF-1 HELLO Gi0/0: Send hello to 224.0.0.5 area 0 from 10.0.0.1

Two indirectly connected routers fail to form an OSPF neighborship. What is the cause of the issue?

A. failing hello packets between the two routers

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 33/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
B. DR/BDR selection dispute
C. OSPF network type mismatch
D. MTU mismatch

Explanation

The problem here is “Nbr 10.2.2.2 has smaller interface MTU” which is MTU mismatch.

Question 66

Drag and drop the automation characteristics from the left onto the corresponding tools on the right. Not all options are used.

Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example:
132 (which means 13 for first group, 2 for second group).

Please type your answer here: 132 (correct answer: 342)

Explanation

Answer:

Puppet
+ high availability offered through a multi-primary architecture
+ Ruby syntax in configuration files

Chef
+ proprietary syntax in configuration files based on Ruby

Explanation

Chef configuration files and recipes are written in pure Ruby, which allows for more flexibility and integration with Ruby code.

Question 67

Refer to the exhibit.

Switch(config-ip-sla)# udp-jitter 172.29.139.134 5000

Switch(config-ip-sla-jitter)# frequency 300
Switch(config-ip-sla-jitter)# exit
Switch(config)# ip sla schedule 5 start-time now life forever
Switch(config)# end

What is the result of the IP SLA configuration?

A. The operation runs 5000 times a day

B. The rate is configured to repeat every 5 minutes
C. IP SLA is scheduled to run at 3 a.m
D. The operation runs 300 times a day

Explanation

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 34/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
“frequency 300” means it runs every 300 seconds (5 minutes).

Question 68

Which port is required to allow APs to join a WLC when directed broadcasts are used on a Cisco IOS switch?

A. TCP 5247
B. UDP5246
C. UDP5247
D. TCP 5246

Explanation

After the LAP gets an IP address from the DHCP server, the LAP broadcasts a Layer 3 CAPWAP discovery message on to its local subnet
Normally these broadcast are limited to local subnet as it will not cross layer 3 boundaries.

Since CAPWAP broadcast uses UDP port 5246 it must be explicitly forwarded on the router. You have to use “ip forward-protocol udp
<port-no>” CLI command for this.

Reference: https://mrncciew.com/2013/05/04/wlc-discovery-via-broadcast/

Question 69

Refer to the exhibit.

Python 3.10.2 (tags/v3.10.2:a58cbcc, Jan 17 2022, 14:12:15) [HSC v.1929 64 bit (AMD64)] on nin32
Type 'help', 'copyright', 'credits' or 'license' for more information.
>>>
>>>
>>>
>>> customer1 = {
... 'inventory': {
... 'device': [
... {
... 'hostname': 'asr9k-01',
... 'ver': '16.09',
... 'vendor': 'Cisco',
... 'uptime': '39 days',
... 'serial': 'XX123456',
... }
... ]
... }
... }
>>>

Which class type is returned for the command prompt “type(customer1)”?

A. tuple
B. list
C. str
D. dict

Explanation

In the two sections that follow you will see two ways of creating a dictionary. The first way is by using a set of curly braces, {}, and the
second way is by using the built-in dict() function.

Question 70

Refer to the exhibit.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 35/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

Which command or set of commands configures switch B as the primary root for VLANs 10, 15, and 20?
A. SwitchB(config)# interface range g0/0/0-15
SwitchB(config-if)# spanning-tree port-priority 100
SwitchA (config)# interface range g0/0/0-15
SwitchA(config-if)# spanning-tree port-priority 200
B. SwitchB(config)# spanning-tree vlan 10,20 root primary
C. SwitchB(config)# spanning-tree mst 1 root primary
D. SwitchB(config-mst)# instance 1 vlan 10,20

Question 71

Refer to the exhibit.

aaa new-model
!
username admin privilege 15 secret S3cr3tP4ss
!
ip http secure-server
ip http authentication aaa

An administrator must enable RESTCONF access to a router. Which two commands or command sets must be added to the
existing configuration? (Choose two)

A. username restconf privilege 0

B. restconf
C. netconf-yang
D. aaa authentication login default local
aaa authorization exec default local

Explanation

The CLI command to enable RESTCONF is displayed below:

restconf
Once enabled via CLI, all supported operations may be governed through model interfaces, including optional settings for RESTCONF
configuration and operational data settings.

Reference: https://developer.cisco.com/docs/ios-xe/#!enabling-restconf-on-ios-xe/httphttps

Also we enable AAA so we need to configure suitable AAA commands for it.

Question 72

A Cisco Catalyst Center (formerly DNA Center) REST API sends a PUT to the /dna/intent/api/v1/network-device endpoint. A
response code of 504 is received. What does the code indicate?

A. The response timed out based on a configured interval

B. The web server is not available
C. The username and password are not correct
D. The user does not have authorization to access this endpoint

Explanation
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 36/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
This error response (504) is given when the server is acting as a gateway and cannot get a response in time.

Question 73

What is used by vManage to interact with Cisco SD-WAN devices in the fabric?

A. southbound API
B. RESTCONF
C. IPsec
D. northbound API

Explanation

The Southbound API is used to communicate with network devices.

Question 74

Which First Hop Redundancy Protocol maximizes uplink utilization and minimizes the amount of configuration that is necessary?

A. HSRP v2
B. VRRP
C. HSRP v1
D. GLBP

Explanation

The main disadvantage of HSRP and VRRP is that only one gateway is elected to be the active gateway and used to forward traffic whilst
the rest are unused until the active one fails. Gateway Load Balancing Protocol (GLBP) is a Cisco proprietary protocol and performs the
similar function to HSRP and VRRP but it supports load balancing among members in a GLBP group.

Note: Although GLBP is not a topic for this exam but not sure why we still have this question!

Question 75

Drag and drop the definitions in the left to their respective terminology in the right.

Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left.

24 bit segment ID that defines the broadcast domain VNID

does the encapsulation and de-encapsulation VTEP
logical interface where the encapsulation and de-encapsulation occur NVE
provides the same Ethernet Layer 2 network services as VLAN does today, but with greater extensibility and VXLAN
flexibility

Explanation

Answer:

+ 24 bit segment ID that defines the broadcast domain: VNID

+ does the encapsulation and de-encapsulation: VTEP
+ logical interface where the encapsulation and de-encapsulation occur: NVE
+ provides the same Ethernet Layer 2 network services as VLAN does today, but with greater extensibility and flexibility: VXLAN

Explanation

VXLAN (Virtual Extensible LAN) – The technology that provides the same Ethernet Layer 2 network services as VLAN does today, but
with greater extensibility and flexibility.

VNID (Vxlan Network Identifier) – 24 bit segment ID that defines the broadcast domain. Interchangeable with “VXLAN Segment ID”.

VTEP (Virtual Tunnel Endpoint) – This is the device that does the encapsulation and de-encapsulation.
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 37/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
NVE (Network Virtual Interface) – Logical interface where the encapsulation and de-encapsulation occur.

Reference: https://www.cisco.com/c/en/us/support/docs/switches/nexus-9000-series-switches/118978-config-vxlan-00.html

Question 76

Which action occurs during a Layer 3 roam?

A. Client traffic is tunneled back to the original controller after a Layer 3 roam occurs
B. Client database entry is moved from the old controller to the new controller
C. The client is marked as “Foreign” on the original controller
D. The client receives a new ip address after authentication occurs

Explanation

In instances where the client roams between APs that are connected to different WLCs and the WLC WLAN is connected to a different
subnet, a Layer 3 roam is performed, and there is an update between the new WLC (foreign WLC) and the old WLC (anchor WLC)
mobility databases.

If this is the case, return traffic to the client still goes through its originating anchor WLC. The anchor WLC uses Ethernet over IP (EoIP)
to forward the client traffic to the foreign WLC, to where the client has roamed. Traffic from the roaming client is forwarded out the
foreign WLC interface on which it resides; it is not tunneled back. (-> Answer 'Client traffic is tunneled back to the original controller after
a Layer 3 roam occurs' is not correct). But this is contradict to what is said in the Official Cert Guide book:

“A Layer 3 intercontroller roam consists of an extra tunnel that is built between the client’s original controller and the controller it has
roamed to. The tunnel carries data to and from the client as if it is still associated with the original controller and IP subnet.”

The client begins with a connection

to AP B on WLC 1. This creates an ANCHOR entry in the WLC client database. As the client moves away from AP B and makes an
association with AP C, WLC 2 sends a mobility announcement to peers in the mobility group looking for the WLC with the client MAC
address. WLC 1 responds to the announcement, handshakes, and ACKs. Next the client database entry for the roaming client is copied to
WLC 2, and marked as FOREIGN. Included PMK data (master key data from the RADIUS server) is also copied to WLC 2. This provides
fast roam times for WPA2/802.11i clients because there is no need to re-authenticate to the RADIUS server.

After a simple key exchange between the client and AP, the client is added to the WLC 2 database and is similar, except that it is marked as
FOREIGN.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 38/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Reference: https://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/emob30dg/TechArch.html

In Layer 3 roaming, no IP address refresh needed (although client must be re-authenticated and new security session established) ->
Answer 'The client receives a new ip address after authentication occurs' is not correct.

In summary, the “Mobility State” of a client is described below:

+ Before roaming: Mobility State = Local
+ After roaming: Mobility State on Old Database = Anchor; Mobility State on New Database = Foreign

Therefore the client entry on the original controller is not passed to the database totally. The client entry is still on the old controller but it
is marked “Anchor” (not “Foreign”) -> Answer 'The client is marked as “Foreign” on the original controller' is not correct.

Answer 'Client database entry is moved from the old controller to the new controller' is not correct as the “Client database entry is not
moved, but copied to the new controller.

-> Therefore the best choice should be answer 'Client traffic is tunneled back to the original controller after a Layer 3 roam occurs' .

Question 77

When the ”deny” statement is used within a route map that is used for policy-based routing, how is the traffic that matches the
deny route-map line treated?

A. Traffic is routed to the null 0 interface of the router and discarded.

B. An additional sequential route-map line is needed to policy route this traffic.
C. Traffic is returned to the normal forwarding behavior of the router.
D. An additional sequential route-map line is needed to divert the traffic to the router’s normal forwarding behavior.

Explanation

Within a route map used for PBR, you can reference ACLs to match specific types of traffic. The deny statements in these ACLs are
effectively ignored in the context of PBR. This means that when a packet matches a ‘deny’ statement in an ACL referenced by a route map
for PBR, it is not actively denied; rather, it is not matched by the PBR policy and thus is processed using the regular routing table, not the
PBR-defined path.

Question 78

Refer to the exhibit.

Which set of actions is needed to present a user with a welcome message and/or a message that their password will expire after
authentication?
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 39/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
A. On the Security > Layer 2 tab, ensure 802.1x is enabled.
On the Security > Layer 3 tab, ensure Conditional Web Redirect is selected.
B. On the Security > Layer 2 tab, ensure no security is enabled.
On the Security > Layer 3 tab, ensure Passthrough is selected.
C. On the Security > Layer 2 tab, ensure WPA+WPA2 is enabled.
On the Security > Layer 3 tab, ensure Splash Web Redirect is selected.
D. On the Security > Layer 2 tab, ensure WPA+WPA2 is enabled.
On the Security > Layer 3 tab, ensure Authentication is selected.

Explanation

Conditional Web Redirect

If you enable a conditional web redirect, the user is conditionally redirected to a particular web page after 802.1x authentication has
successfully completed.
You can specify the redirect page and the conditions under which the redirect occurs on your RADIUS server.
Conditions can include the password when it reaches the expiration date or when the user needs to pay a bill for continued use/access.

Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/115951-web-auth-wlc-guide-00.html

Question 79

What is a characteristic of VXLAN?

A. It uses TCP for transport.

B. It extends Layer 2 and Layer 3 overlay networks over a Layer 2 underlay.
C. It has a 12-byte packet header.
D. Its frame encapsulation is performed by MAC-in-UDP.

Explanation

VXLAN header consists of 8 bytes and contains the 24-bit VNI -> Answer 'It has a 12-byte packet header' is not correct.

VXLAN uses UDP, not TCP -> Answer 'It uses TCP for transport' is not correct.

VXLAN is often described as an overlay technology because it allows to stretch Layer 2 connections over an intervening Layer 3 network
-> Answer 'It extends Layer 2 and Layer 3 overlay networks over a Layer 2 underlay' is not correct.

VXLAN is a MAC-in-UDP encapsulation method that is used in order to extend a Layer 2 or Layer 3 overlay network over a Layer 3
infrastructure that already exists -> Answer 'Its frame encapsulation is performed by MAC-in-UDP' is correct.

Question 80

What do Chef and Ansible have in common?

A. They rely on a declarative approach.

B. They use YAML as their primary configuration syntax.
C. They rely on a procedural approach.
D. They are clientless architectures.

Explanation

Chef and Ansible use a procedural style language where you write code that specifies, step-by-step, how to achieve the desired end state.

Reference: https://www.ibm.com/cloud/blog/chef-ansible-puppet-terraform

Question 81

What is the architectural difference between the MAC address table and TCAM?

A. TCAM entries consist of VLAN port ID and source MAC Address, and MAC address table entries consist of source MAC
address and port ID

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 40/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
B. TCAM entries are composed of value, mask, and result and MAC address table entries are composed of value and
results
C. TCAM entries are stored for 600 seconds, and MAC address table entries are kept for 200 seconds
D. TCAM entries are populated using the ARP table and the MAC address table is populated dynamically from outgoing frames

Explanation

Each TCAM entry consist of three components: Value, Mask and Result. -> Answer 'TCAM entries consist of VLAN port ID and source
MAC Address, and MAC address table entries consist of source MAC address and port ID ' is not correct.

Reference: https://learningnetwork.cisco.com/s/article/tcam-demystified

MAC address table entries are composted of value, which is an INDEX or key value (MAC) and looks up for a result value (port ID or
VlanID) -> Answer 'TCAM entries are composed of value, mask, and result and MAC address table entries are composed of value and
results' is correct.

The default aging time of MAC address entries is 5 minutes (300 seconds) -> Answer 'TCAM entries are stored for 600 seconds, and MAC
address table entries are kept for 200 seconds ' is correct.

MAC address table is populated by incoming frames -> Answer 'TCAM entries are populated using the ARP table and the MAC address
table is populated dynamically from outgoing frames ' is not correct.

Question 82

Drag and drop the snippets onto the blanks within the code to construct a script that blocks a MAC address.

Please type the corresponding numbers of each item at the bottom to the blank below from top to bottom. For example: 132 (which
means 1 for the first box, 3 for second box and 2 for the last box).

Please type your answer here: 321 (correct answer: 123)

Explanation

Answer:

1. watchdog
2. (Gi…)
3. 1

Explanation

The “watchdog” keyword specifies that an event is triggered when the specified time counts down to zero. The timer automatically resets
to the initial value and continues to count down.

The statement “action 04 regexp “(Gi…)” match Ports” means if any GigabitEthernet interface is found in the “show mac address-table
0050.7966.6800” then save the result in “Ports” variable.

The statement “action 05 if $_regexp_result eq 1” means if a match is found then perform below commands.

Question 83
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 41/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
In Cisco Catalyst Center (formerly DNA Center) Inventory, the Software Version of a network device displays a status of
OUTDATED. What does it mean?
A. There is a later software version available on Cisco Catalyst Center (formerly DNA Center).
B. The current type of software image does not match the type of the network device.
C. There is a later software version available at www.cisco.com website.
D. The current software image does not match the selected Golden Image for this type of network device.

Explanation

Audit results include:

+ Tag Golden: Indicates that a standardized image has not been defined for the device.
+ Outdated: Indicates that there is a standardized image available for the device and that the device is not running the standardized image.
+ No result: The device is using the applicable standardized image.

Reference: https://www.cisco.com/c/dam/en_us/training-events/product-training/dnac-
112/ManagingDeviceSWimages/DNAC112_ManagingDeviceSoftwareImages.pdf

Question 84

What occurs when a Cisco SD-Access fabric is connected to a traditional campus network?

A. Only Layer 3 connectivity is supported between the fabric and the traditional campus network.
B. Traditional campus clients are seen as fabric clients when a Layer 2 border node is used for the VLAN segment.
C. All clients must be migrated to new IP addresses that match the IP pool within the fabric.
D. A fabric intermediate node is used to connect the fabric with the traditional campus network.

Explanation

When a Layer 2 border node is used for the VLAN segment, traditional campus clients are seen as fabric clients in a Cisco SD-Access
fabric connected traditional campus network.

Question 85

Refer to the exhibit.

event manager applet CONFIG_BACKUP
action 1.0 cli command 'enable'
action 3.0 cli command 'end'
action 4.0 cli command 'exit'

write_backup.tcl

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 42/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
set output [exec 'copy run backup']
set fd [open 'flash:/backup.txt' 'w']
puts $fd $output
close $fd

ios_config 'file prompt quiet' 'end'

copy flash:/backup.txt tftp://10.1.1.23/backup.txt
ios_config 'no file prompt quiet' 'end'
file delete -force 'flash:/backup.txt'

Which statement is needed to complete the EEM applet and use the Tcl script to store the backup file?
A. action 2.0 cli command “write_backup.tcl”
B. action 2.0 cli command “write_backup.tcl tcl”
C. action 2.0 cli command “tclsh flash:write_backup.tcl”
D. action 2.0 cli command “flash:write_backup.tcl”

Explanation

In order to run the “write_backup.tcl” file with Tcl script we need to use start the EEM applet with “tclsh …” command. Also notice that
“action 2.0” will be put under “action 1.0” and above “action 3.0” so this Tcl script will be run after “enable” and before “end” command.

For your information, this Tcl script will do the following things:

+ ios_config “file prompt quiet” “end”: This command configures the device to suppress prompts for confirmation when performing file
operations. It sets the device to not prompt the user when it is saving or copying files.

+ copy flash:/backup.txt tftp://10.1.1.23/backup.txt: This command copies a file named “backup.txt” from the device’s flash memory to
a TFTP server located at the IP address 10.1.1.23. This is likely used for backing up configurations or other important files.

+ ios_config “no file prompt quiet” “end”: This command restores the default behavior of the device, enabling prompts for confirmation
during file operations.

+ file delete -force “flash:/backup.txt”: This command deletes the “backup.txt” file from the device’s flash memory. The -force flag is
used to bypass any confirmation prompts and delete the file immediately.

Question 86

Drag and drop the definitions on the left to their respective technological names on the right.

Note: You just need to click on one of the boxes on the right to match it with the corresponding box on the left.

one of many values depending on which wireless standard you are connecting with Data Rate
measurement of power in an RF signal Power level
how much power a WLAN device is using to maintain the connection RSSI
how much stronger the wireless signal is compared to the noise floor surrounding the WLAN client SNR

Explanation

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 43/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Answer:

+ one of many values depending on which wireless standard you are connecting with: Data Rate
+ measurement of power in an RF signal: RSSI
+ how much power a WLAN device is using to maintain the connection: Power level
+ how much stronger the wireless signal is compared to the noise floor surrounding the WLAN client: SNR

Explanation

The power level is measured in mW and depicts how much power a WLAN device is using to maintain the connection. Its typically best
practice to design your WLAN infrastructure so your devices operate at half their max output power. This way if an AP goes down
neighboring AP’s can double their output power and maintain the availability of the WLAN.

Reference: https://ccie-or-null.net/tag/rssi/

SNR is the ratio of received signal power (at wireless client) to the noise power, and its unit of expression is typically decibels (dB). If
your signal power and noise power are already in decibel form, then you can subtract the noise power from the signal power: SNR = S –
N. This is because when you subtract logarithms, it is the equivalent of dividing normal numbers.

Receive Signal Strength Indicator (RSSI) is a measurement of how well your device can hear a signal from an access point or router. It’s
a value that is useful for determining if you have enough signal to get a good wireless connection. RSSI is the measurement of power in an
RF signal, the more power in an RF signal the better the connection quality is.

Question 87

Which element is unique to a Type 2 hypervisor?

A. host hardware
B. VM OS
C. host OS
D. memory

Explanation

"host OS" means "Underlying operating system". In contrast to type 1 hypervisor, a type 2 hypervisor (or hosted hypervisor) runs on top of
an operating system (and this is called host OS) and not the physical hardware directly.

Question 88

What are two benefits of using Cisco TrustSec? (Choose two)

A. simplified management of network access

B. end-to-end traffic encryption
C. advanced endpoint protection against malware
D. unknown file analysis using sandboxing
E. consistent network segmentation

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 44/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Explanation

Cisco TrustSec simplifies the provisioning and management of secure access to network services and applications. Unlike access control
mechanisms that are based on network topology, Cisco TrustSec policies use logical groupings, so access is consistently maintained even
as resources are moved in mobile and virtualized networks.

Reference: https://www.zones.com/images/pdf/cisco-trustsec.pdf

Question 89

What is modularity in network design?

A. ability to scale and accommodate future needs of the network

B. ability to create self-contained, repeatable sections of the network
C. ability to bundle several functions into a single layer of the network
D. ability to self-heal the network to prevent service outages

Explanation

Modularity in network design allows you to create design elements that can be replicated throughout the network. Replication provides an
easy way to scale the network as well as a consistent deployment method.

Reference: https://www.cisco.com/c/en/us/td/docs/solutions/CVD/Campus/cisco-campus-lan-wlan-design-guide.html

Question 90

Using the EIRP formula, what parameter is subtracted to determine the EIRP value?

A. transmitter power
B. antenna cable loss
C. antenna gain
D. signal-to-noise ratio

Explanation

Once you know the complete combination of transmitter power level, the length of cable, and the antenna gain, you can figure out the
actual power level that will be radiated from the antenna. This is known as the effective isotropic radiated power (EIRP), measured in
dBm.

EIRP is a very important parameter because it is regulated by governmental agencies in most countries. In those cases, a system cannot
radiate signals higher than a maximum allowable EIRP. To find the EIRP of a system, simply add the transmitter power level to the
antenna gain and subtract the cable loss.

EIRP = Tx Power – Tx Cable + Tx Antenna

Suppose a transmitter is configured for a power level of 10 dBm (10 mW). A cable with 5-dB loss connects the transmitter to an antenna
with an 8-dBi gain. The resulting EIRP of the system is 10 dBm – 5 dB + 8 dBi, or 13 dBm.

You might notice that the EIRP is made up of decibel-milliwatt (dBm), dB relative to an isotropic antenna (dBi), and decibel (dB) values.
Even though the units appear to be different, you can safely combine them because they are all in the dB “domain”.
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 45/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Reference: CCNA Wireless 640-722 Official Cert Guide

Question 91

Which method requires a client to authenticate and has the capability to function without encryption?

A. open
B. PSK
C. WebAuth
D. WEP

Explanation

WebAuth is an authentication method without encryption.

Reference: https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wlan-security/115951-web-auth-wlc-guide-00.html

Note: WebAuth (Web Authentication) is an authentication method generally used as fallback authentication method. This authentication
method needs a interactive user to enter the username and password to the web browser.

Question 92

Which configuration allows administrators to configure the device through the console port and use a network authentication
server?

Option A Option B

aaa new-model aaa new-model

aaa authentication login default group radius aaa authentication login default local
aaa authorization console aaa authorization console
aaa authorization config-commands aaa authorization config-commands
username netadmin secret 9 $9$vFpMf8elb4RW8$se2LbDAx1uV

Option C Option D

aaa new-model aaa new-model

aaa authentication login default local aaa authentication login default line
aaa authorization console
aaa authorization config-commands

A. Option A
B. Option B
C. Option C
D. Option D

Explanation

We need to use the command “aaa authentication login default group radius” to authenticate via a RADIUS server.

Question 93

What is a difference between OSPF and EIGRP?

A. OSPF uses a default hello timer of 5 seconds. EIGRP uses a default hello timer of 10 seconds.
B. OSPF uses an administrative distance of 115. EIGRP uses an administrative distance of 160.
C. OSPF uses IP protocol number 88. EIGRP uses IP protocol number 89.
D. OSPF uses multicast addresses 224.0.0.5 and 224.0.0.6. EIGRP uses multicast address 224.0.0.10.

Question 94

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 46/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Which JSON syntax is valid?
A. {“switch”:”name”:”dist1″,”interfaces”:[“gig1″,”gig2″,”gig3”]}
B. {/”switch/”:{/”name/”:”dist1″,/”interfaces/”:[“gig1″,”gig2″,”gig3”]}}
C. {“switch”:{“name”:”dist1″,”interfaces”:[“gig1″,”gig2″,”gig3”]}}
D. {‘switch’:(‘name’:’dist1′,’interfaces’:[‘gig1′,’gig2′,’gig3’])}

Explanation

This JSON can be written as follows:

{
'switch': {
'name': 'dist1',
'interfaces': ['gig1', 'gig2', 'gig3']
}
}

Question 95

Which method ensures the confidentiality of data exchanged over a REST API?

A. Use TLS to secure the underlying HTTP session.

B. Use the POST method instead of URL-encoded GET to pass parameters.
C. Encode sensitive data using Base64 encoding.
D. Deploy digest-based authentication to protect the access to the API.

Question 96

How does the Cisco SD-Access control plane simplify traditional routing environments?

A. Full routing tables are shared and ensure that all routers know all paths within the underlay fabric and overlay.
B. Routing adjacencies are no longer required.
C. Separation of EID and RLOC reduces the size of routing tables.
D. Routers query all routes to the map server.

Explanation

In Cisco SD-Access, the control plane simplifies traditional routing environments by separating the Endpoint Identifier (EID) from the
Routing Locator (RLOC). This separation reduces the size of routing tables, as only RLOCs need to be routed within the fabric, rather than
every individual endpoint. This makes routing more scalable and efficient.

Question 97

Which JSON script is properly formatted?

Option A Option B

[ 'paint':[
'Sessions':{ {
'title':'Writing 201', 'type':'indoor',
'grade':'11', 'color':'white',
'location':'Maine', 'sheen':'satin'
} }]
]
]

Option C Option D
{ {
'river': [ 'file':
{ [
'name':'Mississippi', 'name':'File_4782,
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 47/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
'state':'Loussiana', 'location':'User_files',
'ranking':'13' 'bytes':'05007',
} ]
] }
}

A. Option A
B. Option B
C. Option C
D. Option D

Question 98

Why are stateless calls executed by REST API useful in cloud applications?

A. They use HTTPS to implement all calls.

B. They control URL decoding.
C. They rely on data stored on the server for calls.
D. They are easy to redeploy and to scale.

Explanation

Stateless calls in REST APIs do not rely on the server to maintain the state of client interactions, making them ideal for cloud applications.
This architecture allows for easier redeployment and scalability since each API call contains all the information needed to execute,
independent of previous calls or sessions.

Question 99

Drag and drop the characteristics from the left onto the deployment models on the right. Not all options are used.

Please type the corresponding numbers of each item on the left to the blank below and sort them in ascending order. For example:
1324 (which means 13 for first group, 24 for second group).

Please type your answer here: 1234

Explanation

Answer:

FIB:
+ works at the data plane
+ installed on line card

RIB:
+ derived from routing protocols
+ works at the control plane

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 48/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Explanation

Each routing protocol like OSPF, EIGRP has its own Routing information base (RIB) and they select their best candidates to try to install
to global RIB so that it can then be selected for forwarding (-> Therefore global RIB is derived from routing protocols). In order to view
the RIB table, use the command “show ip ospf database” for OSPF, “show ip eigrp topology” for EIGRP or “show ip bgp” for BGP. To
view the Forwarding Information Base (FIB), use the “show ip cef” command. RIB is in Control plane while FIB is in Data plane.

The Forwarding Information Base (FIB) contains destination reachability information as well as next hop information. This information is
then used by the router to make forwarding decisions. The FIB allows for very efficient and easy lookups. Below is an example of the FIB
table:

The FIB maintains next-hop address information based on the information in the IP routing table (RIB). In other words, FIB is a mirror
copy of RIB.

RIB is in Control plane (and it is not used for forwarding) while FIB is in Data plane (and it is used for forwarding).

In summary, if the router uses multiple routing protocols then each protocol would have it own routing table. And the best prefixes of each
protocol are fed into the IP routing table or RIB. From there, the router builds the FIB with the information in needs to forward the packets

Question 100

Which resource must the hypervisor make available to the virtual machines?

A. IP address
B. processor
C. bandwidth
D. secure access

Question 101

Refer to the exhibit.

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 49/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
RouterA(config)#ip nat pool cisco 193.64.64.1
193.64.64.15 netmask 255.255.255.240
RouterA(config)#interface g0/0/0
RouterA(config-if)#ip nat inside
RouterA(config-if)#interface serial0/0/0
RouterA(config-if)#ip nat outside
RouterA(config-if)#exit

An engineer must configure PAT to provide internet access to all users by using one global address for many local addresses.
Which command set completes the configuration?
A. RouterA(config)# ip nat inside source static 172.16.1.1 193.64.64.1
B. RouterA(config)# ip nat inside source list 1 pool cisco
C. RouterA(config)# ip nat inside source list 1 pool cisco overload
D. RouterA(config)# ip nat inside source static 172.16.1.1 172.16.1.2

Explanation

By adding the keyword “overload” at the end of a NAT statement, NAT becomes PAT (Port Address Translation). This is also a kind of
dynamic NAT that maps multiple private IP addresses to a single public IP address (many-to-one) by using different ports.

Question 102

What is the benefit of using TCAM for IP forwarding decisions versus using the CAM table?

A. TCAM finds results based on binary, and CAM uses the longest match to find results
B. TCAM finds results based on masks, and CAM finds results basing on exact match
C. TCAM uses low cost hardware memory to store addresses, and CAM uses expensive hardware memory
D. TCAM processes lookups in a hardware CPU, and CAM relies on binary masks to find results

Explanation

A CAM-based search is the equivalent of comparing against all contents in parallel and then returning the address of the successful
compare -> CAM finds results basing on exact match and CAM does not rely on binary masks.

Each TCAM entry consist of three components: Value, Mask and Result.

TCAMs also allow a third matching state of X or “don’t care” for one or more of the bits in the search word. Where a BCAM has “10010”
as a stored word, a TCAM may have “10XX0” as one of its stored words. The “don’t care” state allows the TCAM to flexibly match any
one of four search words – “10000,” “10010,” “10100,” or “10110.” Adding a “don’t care” state is done by adding a mask bit for each
memory cell and increases complexity even more.

Reference: https://www.synopsys.com/designware-ip/technical-bulletin/introduction-to-tcam.html

For example, a rule could be set up to match all IP addresses in the 10.0.0.0/8 subnet. This could be recorded as
00001010,XXXXXXXX,XXXXXXXX,XXXXXXXXX in TCAM. If the IP address 10.100.20.5 came in, it would be translated to the
binary string 00001010,01100100,00010100,00000101, and it would match the rule.

Reference: https://www.techtarget.com/searchnetworking/definition/TCAM-ternary-content-addressable-memory

-> TCAM finds result based on mask.

1. Adekunle
November 8th, 2024

I shall be taken my exam soon

2. Black
November 16th, 2024

@Digitatut- Not all 102 questions are showing up for practicing. Only 68 questions show up and after submitting, all 102 questions
show up with some questions not being answered. Please take a look and upload all 102 questions for practicing before submitting.
Thanks

3. PikaChew
November 17th, 2024

@black, same problem

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 50/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
4. Black
November 18th, 2024

@Digitaltut. Please review and correct the question below. Digitaltut says the answer ” Its frame encapsulation is performed by
MAC-in-UDP.” is correct but the trial testing says wrong.

What is a characteristic of VXLAN?

A. It uses TCP for transport.

B. It extends Layer 2 and Layer 3 overlay networks over a Layer 2 underlay.
C. It has a 12-byte packet header.
D. Its frame encapsulation is performed by MAC-in-UDP.

5. Ban
November 18th, 2024

@Digitaltut sometimes it shows only 50 questions sometimes 90 etc… randomly

could you take a look please? Thank you in advance!

6. digitaltut
November 18th, 2024

@Ban, @Black: Thank you for your detection, we fixed this issue!

7. Nw~ann~a
January 20th, 2025

First of all Thank you @digitaltut for the provided materials

No new update since November, Please help and update.

My exam is supposed to be this coming weekend, I only have like 5 days now.

People are already testifying of new questions.

8. Anonymous
January 28th, 2025

who is has taken his/her exam of recent? please share your experience

1. No trackbacks yet.
Add a Comment
Nickname (Please don't use real n

Submit Comment
Subscribe to comments feed
New ENCOR v1.1 Questions – Part 5 Question 72 to 92 New ENCOR v1.1 Questions – Part 5 Question 46 to 71

Premium Member Zone

Welcome phani raj!

Welcome Premium Member!

ENCOR v1.1 Questions - Part 1
ENCOR v1.1 Questions - Part 2
ENCOR v1.1 Questions - Part 3
ENCOR v1.1 Questions - Part 4
ENCOR v1.1 Questions - Part 5
ENCOR v1.1 Questions - Part 6
=== Lab Sims for ENCOR v1.1 ===

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 51/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
EVE-NG Guide
Rapid PVST+ and LACP Sim
VRF Configuration Sim
OSPF DR BDR Sim
eBGP Neighbor Sim
OSPF & Prefix-list Sim
OSPF DR & Summarization Sim
Trunk UDLD & LACP Sim
OSPF DR BDR Sim 2
VTY Login Sim (Draft Version)
OSPF Summarization Sim
eBGP Neighbor Sim 2
OSPF Summarization Sim 2
LACP & Root Bridge Sim
NetFlow Sim
NetFlow Sim 2
OSPF Advertised & Summarized Sim
Access-list & CoPP Sim
Time Based ACL Sim (Draft Version)
VRF Configuration Sim 2
=== Old ENCOR Questions Listed Below but please learn them as well ===
ENCOR Questions - Part 4
ENCOR Questions - Part 5
ENCOR Questions - Part 6
ENCOR Questions - Part 7
ENCOR Questions - Part 8
ENCOR Questions - Part 9
ENCOR Questions - Part 10
ENCOR Questions - Part 11
Composite Quizzes
=== Below Sims are old and retired so you do not need to learn them ===
BGP Configuration Sim
HSRP Configuration Sim
GLBP Configuration Sim
EEM Configuration Sim
OSPF Configuration Sim
OSPF Authentication Sim
Logging and NetFlow Sim
SPAN and NetFlow Sim
Port-Channel and Native VLAN Sim
VRRP Configuration Sim
OSPF Authentication with Different Areas Sim
BGP Neighbor Sim

Logout

ENCOR Training
Basic Labs
Lab Challenges
ENCOR Knowledge
Connect Python to GNS3 for Automation in Win10
Python for ENCOR
Point to Point Protocol (PPP) Tutorial
Gateway Load Balancing Protocol GLBP Tutorial
Border Gateway Protocol BGP Tutorial
GRE Tunnel Tutorial
NETCONF tutorial
Use Postman to configure CSR1000v router on Cisco Sandbox with RESTCONF
Embedded Event Manager (EEM) Tutorial
LISP Tutorial
JSON Web Token (JWT) Tutorial
NetFlow Tutorial
VXLAN Tutorial
OSPF LSA Types Tutorial
PPP over Ethernet (PPPoE) Tutorial
https://www.digitaltut.com/all-encor-v1-1-questions-part-5 52/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5

ENCOR 350-401 v1.1

Architecture Questions
Etherchannel Questions
Trunking Questions
SD-WAN & SD-Access Solutions
SD-WAN & SD-Access Solutions 2
SD-WAN & SD-Access Solutions 3
QoS Questions
Switching Mechanism Questions
Virtualization Questions
Virtualization Questions 2
LISP & VXLAN Questions
EIGRP & OSPF Questions
EIGRP & OSPF Questions 2
BGP Questions
Wireless Questions
Wireless Questions 2
Wireless Questions 3
HSRP & VRRP Questions
HSRP & VRRP Questions 2
Network Assurance Questions
IP SLA Questions
NetFlow Questions
SPAN Questions
Troubleshooting Questions
AAA Questions
GRE Tunnel Questions
NAT Questions
STP Questions
DNA Center Questions
Security Questions
Access-list Questions
Access-list Questions 2
Multicast Questions
NTP Questions
CoPP Questions
Automation Questions
Automation Questions 2
Automation Questions 3
Miscellaneous Questions
Drag Drop Questions
Drag Drop Questions 2
ENCOR FAQs & Tips
Share your ENCOR v1.1 Experience

Network Resources
CCNA Website

ENCOR Website

ENSDWI Website

ENARSI Website

DevNet Website

CCIE R&S Website

Security Website

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 53/54
4/5/25, 11:00 PM ENCOR Training » All ENCOR v1.1 Questions – Part 5
Wireless Website

Design Website

Data Center Website

Service Provider Website

Collaboration Website

Top

Copyright © 2015 - 2025 ENCOR Training

Privacy Policy | Disclaimer | Contact Us

https://www.digitaltut.com/all-encor-v1-1-questions-part-5 54/54