Cisco CCNP EnterpriseFree Cisco Certified Network Professional practice test

Correct answer: C. Cisco Catalyst Center

For a campus fabric to be classified as SD-Access, it must be managed by Cisco Catalyst Center (formerly Cisco DNA Center). Fabric solutions controlled through CLI or programmatic interfaces like NETCONF are considered campus fabric deployments but do not meet the SD-Access definition.

Correct answer: B. Control Plane

Cisco SD-Access defines three operational planes. The Control Plane uses LISP, where a central Map Server maintains a registry of remote endpoint locations so that fabric nodes only need to manage local routes and query the MS for off-fabric destinations. The Data Plane leverages VXLAN to encapsulate and tunnel Ethernet frames across an IP underlay, supporting both Layer 2 and Layer 3 overlays. The Policy Plane applies Cisco TrustSec Scalable Group Tags to carry group membership information and enforce corporate policy. Management and orchestration are not recognized planes within the SD-Access model.

Correct answer: C. Fabric

A fabric architecture such as Cisco SD-Access decouples logical topology from the physical underlay, enabling identity-based segmentation, consistent policy enforcement, and seamless client roaming without session interruption. Centralized automation through Catalyst Center makes it practical to manage large endpoint populations. A 3-tier design provides a physical hierarchy but offers no built-in segmentation or mobility support. A 2-tier design merges the distribution and core layers and also lacks advanced mobility features. A star topology is a basic physical layout with no native security, automation, or roaming capabilities.

Correct answer: B. SD-WAN

SD-WAN is purpose-built to connect distributed branch sites to cloud applications over diverse transport media while dynamically routing traffic based on real-time performance metrics. Centralized policy management, zero-touch provisioning, and transport-agnostic failover all align directly with the stated requirements. A 3-tier campus design addresses internal LAN hierarchy rather than WAN or cloud connectivity. An autonomous WLAN deployment is a wireless access strategy and has no bearing on inter-site WAN design. Static site-to-site IPsec tunnels do not scale well to 120 sites and provide no dynamic policy or failover capabilities.

Correct answer: B. 3-tier

The 3-tier model creates distinct access, distribution, and core layers. Keeping the distribution and core layers separate improves scalability, fault isolation, and traffic management across interconnected buildings, which directly satisfies the university's requirement. A 2-tier model intentionally collapses the core and distribution into one layer, the opposite of what is needed here. Spine-leaf is optimized for east-west data center traffic and is more expensive than a campus hierarchical design. Hub-and-spoke is a WAN topology describing how remote locations connect to a central hub.

Correct answer: B. TPID

The 802.1Q standard inserts a 4-byte tag between the Source Address and the EtherType fields of an Ethernet frame. The first 2-byte portion is the Tag Protocol Identifier (TPID), which is always set to 0x8100 to signal a tagged frame. The second 2-byte portion is the Tag Control Information (TCI), which carries the 3-bit Class of Service priority value used for QoS marking and the 12-bit VLAN identifier. The Start Frame Delimiter (SFD) is a 1-byte preamble field that indicates the beginning of the frame and is unrelated to 802.1Q tagging. The Frame Check Sequence (FCS) is a 4-byte error-detection trailer appended at the end of the frame.

Correct answer: A. Distribution

The three-tier model separates network functions into the Access layer (where end devices connect), the Distribution layer (which aggregates access switches and enforces policy boundaries and STP domains), and the Core layer (which interconnects distribution blocks for multi-site scale). When a network covers only a single floor, there is no need for a separate core, so the Distribution and Core layers are merged into a single collapsed-core or 2-tier tier. Edge is not a recognized layer in the three-tier hierarchical model.

Correct answer: B. Core

The three-tier hierarchical model consists of the Access layer (where end-user devices attach), the Distribution layer (which aggregates access switches and separates STP domains while providing an IP routing summarization point), and the Core layer (which links multiple distribution blocks for multi-site environments). A two-tier design folds the Core and Distribution layers into a single collapsed tier because the single-floor environment has no need for multi-site core connectivity. Hub and Edge are not layers defined by the three-tier hierarchical model.

Correct answer: D. Data Plane

SD-Access operates across three planes. The Data Plane employs VXLAN to encapsulate original Ethernet frames inside a UDP/IP header for transport across the IP underlay, preserving the original header and enabling both Layer 2 and Layer 3 overlays together with group-based policy. The Control Plane uses LISP with a central Map Server to track endpoint locations without requiring every node to maintain global routing tables. The Policy Plane uses Cisco TrustSec SGTs to carry group membership metadata and enforce access policies. SD-Access does not define an orchestration plane.

Correct answer: B. Viptela

Cisco Catalyst SD-WAN (formerly Cisco SD-WAN) is built on technology from Viptela, which Cisco acquired. Cisco also offers Meraki SD-WAN as a second SD-WAN product line. Aryaka and Huawei are independent SD-WAN vendors with no direct connection to Cisco's SD-WAN portfolio.