400-007 Online Practice Questions

Home / Cisco / 400-007

Latest 400-007 Exam Practice Questions

The practice questions for 400-007 exam was last updated on 2025-07-17 .

Viewing page 1 out of 23 pages.

Viewing questions 1 out of 116 questions.

Question#1

Which two protocols are used bv SDN controllers to communicate with switches and routers? (Choose two)

A. OpenFlash
B. OpenFlow
C. NetFlash
D. Open vSwitch Database
E. NetFlow

Question#2

You want to mitigate failures that are caused by STP loops that occur before UDLD detects the failure or that are caused by a device that is no longer sending BPDUs.
Which mechanism do you use along with UDLD?

A. Root guard
B. BPDU guard
C. Loop guard
D. BPDU filtering

Question#3

IPFIX data collection via standalone IPFIX probes is an alternative to flow collection from routers and switches.
Which use case is suitable for using IPFIX probes?

A. performance monitoring
B. security
C. observation of critical links
D. capacity planning

Question#4

Company XYZ is designing the network for IPv6 security and they have these design requirements:
✑ A switch or router must deny access to traffic from sources with addresses that are correct, but are topologically incorrect
✑ Devices must block Neighbor Discovery Protocol resolution for destination addresses that are not found in the binding table.
Which two IPv4 security features are recommended for this company?

A. IPv6 DHCP Guard
B. IPv6 Source Guard
C. IPv6 Destination Guard
D. IPv6 Prefix Guard
E. IPv6 RA Guard

Explanation:
IPv6 Source Guard helps to prevent IP spoofing attacks by verifying the source IP address of a packet. If the source IP address does not have a valid binding in the binding table, the packet is dropped, thereby denying access to traffic from sources with addresses that are correct but topologically incorrect.
IPv6 Prefix Guard works similarly to Source Guard, but operates at the network prefix level. It verifies the source IP address of a packet against the prefix of a legitimate host in the binding table. If there's no match, the packet is dropped. This also helps prevent spoofing attacks where a host might try to use a legitimate IP address, but with an incorrect network prefix.

Question#5

A business customer deploys workloads in the public cloud. Now the customer network faces governance issues with the flow of IT traffic and must ensure the security of data and intellectual property.
Which action helps to identify the issue for further resolution?

A. Set up a secure tunnel from customer routers to ensure that traffic is protected as it travels to the cloud service providers.
B. Send IPFIX telemetry data from customer routers to a centralized collector to identify traffic to cloud service providers
C. Build a zone-based firewall policy on Internet edge firewalls that collects statistics on traffic sent to cloud service providers
D. Apply workload policies that dictate the security requirements to the workloads that are placed in the cloud.

Exam Code: 400-007Q & A: 384 Q&AsUpdated:  2025-07-17

 Get All 400-007 Q&As

Top 20 Exams

CertQuestionsBank doesn't offer Real Microsoft, Amazon, Cisco Exam Questions. All CertQuestionsBank content is sourced from the Internet.

Important Links

Know Us

Follow Us

Copyright © 2025 CertQuestionsBank NETWORK CO.,LIMITED. All Rights Reserved.