Free Cisco 350-501 Practice Exam with Questions & Answers | Set: 8

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/cether/configuration/xe-3s/asr903/16-12-1/b-ce-xe-16-12- asr900/m_ce_802_1ad_900.html

To secure REST APIs, a network administrator should ensure that user sessions are authenticated and that the appropriate privilege level is provided for each user. This means that each API request should come with authentication credentials, and the server should validate these credentials for every request. This approach helps to maintain the stateless nature of REST APIs and ensures that only authorized users can access or modify resources. References: Best practices for securing REST APIs include using HTTPS, token-based authentication, and proper validation of input parameters to prevent common security vulnerabilities.

 The “show cef interface” command is used to display per-interface statistics about Unicast Reverse Path Forwarding (uRPF) drops and suppressed drops. uRPF is a feature that helps to mitigate problems caused by IP address spoofing, and the “show cef interface” command provides detailed information on the interfaces where uRPF is applied, including drop statistics.

To collect the required traffic statistics, the network engineer must configure the router to capture specific data points. The configurations in Option A and Option D align with these requirements. Option A involves configuring the router to collect IPv4 protocol, source address, destination address, application name, interface output, IPv4 source-prefix, IPv4 destination-prefix, counter bytes, flow direction, and transport tcp-flags. Option D involves setting the cache-period timer active to 20 seconds, which aligns with the CPU limit of processing samples that are a maximum of 20 seconds long.

References := Implementing and Operating Cisco Service Provider Network Core Technologies (SPCOR) v1.0

• Configure an IP domain name: An IP domain name is essential for generating RSA keys needed for SSH. The RSA keys are part of the crypto key configuration, which is necessary to enable SSH on the router. This step ensures that users are authenticated via the SSH protocol when accessing the network remotely.
• Configure crypto keys: The crypto keys are crucial for secure communication. The engineer should generate RSA keys using the configured IP domain name. These keys will be used for encryption and authentication during SSH sessions.

The other options (B, D, and E) are not directly related to completing the SSH configuration for secure remote access. Therefore, the correct answers are A and C.

References:

• Implementing and Operating Cisco Service Provider Network Core Technologies

 In this scenario, BGP is used in the core of the service provider network, while OSPF serves as the PE-CE routing protocol. To ensure communication between CE1 and CE2, which are located in different geographical locations, it’s essential for PE1 and PE2 to share routes. This can be achieved by configuring both PEs to mutually redistribute BGP and OSPF routes within the VRF dedicated for that customer, ensuring seamless communication between both customer endpoints. References: Implementing and Operating Cisco Service Provider Network Core Technologies