Sample Questions and Answers
What is the purpose of Cisco DNA Center’s Policy feature?
A) To centrally define and enforce network access and segmentation policies across the fabric
B) To perform packet captures
C) To assign IP addresses manually
D) To upgrade device firmware only
Answer: A) To centrally define and enforce network access and segmentation policies across the fabric
Explanation: Policies provide centralized, consistent control of user and device access.
Which telemetry transport protocol is used by Cisco DNA Center for real-time network data streaming?
A) gRPC
B) FTP
C) SMTP
D) HTTP
Answer: A) gRPC
Explanation: gRPC is a high-performance RPC framework used for streaming telemetry data.
How do Cisco NSO service models benefit network automation?
A) They abstract complex device configurations into reusable, standardized services for automated provisioning
B) They only provide device inventory
C) They replace the operating system on devices
D) They monitor wireless client signal strength
Answer: A) They abstract complex device configurations into reusable, standardized services for automated provisioning
Explanation: Service models allow network services to be deployed consistently and rapidly.
Which of the following best describes Cisco DNA Center’s Device Inventory?
A) A comprehensive database of all network devices managed by DNA Center, including status and metadata
B) A list of connected wireless clients only
C) A manual inventory system without automation
D) A file storage system
Answer: A) A comprehensive database of all network devices managed by DNA Center, including status and metadata
Explanation: Device Inventory provides real-time data on all managed network infrastructure.
Which open-source automation tool integrates well with Cisco devices using RESTCONF and NETCONF?
A) Ansible
B) Microsoft Excel
C) Adobe Photoshop
D) Wireshark
Answer: A) Ansible
Explanation: Ansible uses modules for Cisco devices to automate configuration via RESTCONF/NETCONF.
What is the significance of the “Southbound API” in a network automation context?
A) It connects the network controller to the managed devices for configuration and telemetry
B) It connects end-users to the network
C) It monitors wireless client usage
D) It controls email filtering
Answer: A) It connects the network controller to the managed devices for configuration and telemetry
Explanation: Southbound APIs are responsible for communicating with devices to implement automation.
How does Cisco DNA Center’s “Site Profiles” feature simplify network management?
A) By applying consistent device configurations and policies across similar sites automatically
B) By managing wireless client connections only
C) By scheduling firmware downloads manually
D) By providing CLI access
Answer: A) By applying consistent device configurations and policies across similar sites automatically
Explanation: Site Profiles streamline deployment and management of multiple sites with standardized settings.
What kind of data format do Cisco automation tools commonly use for configuration and telemetry?
A) JSON and XML based on YANG models
B) Plain text only
C) CSV exclusively
D) Binary only
Answer: A) JSON and XML based on YANG models
Explanation: JSON and XML are used to encode structured data defined by YANG for configuration and telemetry.
What benefit does Zero-Touch Provisioning (ZTP) offer in Cisco automation?
A) Devices can be provisioned automatically with minimal manual intervention during initial deployment
B) It enables manual CLI configuration only
C) It disables device access until manually configured
D) It only works for wireless access points
Answer: A) Devices can be provisioned automatically with minimal manual intervention during initial deployment
Explanation: ZTP allows devices to self-register and download configurations automatically.
How does Cisco DNA Center enhance network troubleshooting with its assurance features?
A) By using AI and machine learning to proactively identify network issues and suggest fixes
B) By providing packet capture only
C) By rebooting devices automatically
D) By monitoring email traffic
Answer: A) By using AI and machine learning to proactively identify network issues and suggest fixes
Explanation: DNA Center’s Assurance offers predictive analytics to reduce downtime.
In Cisco automation, what does the term “intent” refer to?
A) The high-level business or operational goals that the network should achieve
B) The command line interface commands
C) The IP address of a device
D) The version of device firmware
Answer: A) The high-level business or operational goals that the network should achieve
Explanation: Intent is the desired state or policy that automation platforms aim to enforce.
Which protocol does Cisco DNA Center use for device discovery and inventory?
A) SNMP and CDP
B) FTP only
C) SMTP only
D) ICMP exclusively
Answer: A) SNMP and CDP
Explanation: Cisco DNA Center uses SNMP and Cisco Discovery Protocol (CDP) to discover devices and collect inventory data.
What is the function of a “Device Adapter” in Cisco NSO?
A) To translate device-specific configurations and commands into a common data model for automation
B) To physically connect devices
C) To filter email messages
D) To monitor wireless clients only
Answer: A) To translate device-specific configurations and commands into a common data model for automation
Explanation: Device Adapters abstract vendor-specific details to enable multi-vendor orchestration.
What role does the “Image Repository” in Cisco DNA Center serve?
A) Stores and manages software images for network devices, enabling automated upgrades and rollbacks
B) Hosts user manuals only
C) Monitors network traffic
D) Sends email alerts
Answer: A) Stores and manages software images for network devices, enabling automated upgrades and rollbacks
Explanation: The Image Repository simplifies managing and deploying firmware across the network.
Which programming language is most commonly used for Cisco network automation scripts?
A) Python
B) Java
C) C++
D) HTML
Answer: A) Python
Explanation: Python is widely used for network automation due to its simplicity and powerful libraries.
What is the main advantage of using RESTCONF over traditional CLI-based automation?
A) It allows standardized, programmatic, and scalable network management using HTTP-based APIs
B) It requires manual CLI commands
C) It only works for Cisco ASA firewalls
D) It cannot be automated
Answer: A) It allows standardized, programmatic, and scalable network management using HTTP-based APIs
Explanation: RESTCONF provides modern, RESTful API access for automation scripts.
How does Cisco DNA Center support multi-vendor environments?
A) Primarily through integration with Cisco NSO and device adapters that handle vendor-specific models
B) It only supports Cisco devices, no others
C) It uses SNMP exclusively for all devices
D) It requires manual CLI configuration for non-Cisco devices
Answer: A) Primarily through integration with Cisco NSO and device adapters that handle vendor-specific models
Explanation: Cisco NSO enables multi-vendor orchestration by abstracting device specifics.
Which of the following best describes the concept of “Network Assurance” in Cisco automation?
A) Continuous validation and verification of network health and compliance with intent
B) One-time network configuration only
C) Physical inspection of cables
D) Only used for wireless networks
Answer: A) Continuous validation and verification of network health and compliance with intent
Explanation: Network Assurance continuously ensures the network behaves as intended, detecting deviations early.
Set 3
Cisco DNA Center Architecture
Cisco DNA Center acts as a centralized platform that brings together multiple network management functions — automation, assurance (monitoring & analytics), and policy enforcement — into a single system. It abstracts the complexities of underlying hardware and software, allowing network admins to operate the network based on business intent rather than device-specific configurations.
Fabric in SD-Access
The SD-Access fabric creates a virtual overlay network that separates user traffic from physical infrastructure. It uses technologies like VXLAN to encapsulate traffic and allows segmentation, meaning you can enforce policies at scale without touching every device manually. This overlay is key for intent-based networking.
YANG Models
YANG is a data modeling language that defines how configuration and state data are structured on network devices. It provides a standardized, hierarchical, machine-readable format so automation tools can interact with devices consistently regardless of vendor differences.
NETCONF Transport
NETCONF is designed to manage device configurations in a transactional manner — changes can be applied atomically, ensuring either all changes succeed or none do, preventing partial, inconsistent states. It uses SSH over TCP for secure and reliable communications.
Cisco NSO Device Adapters
Cisco NSO uses device adapters (drivers) to communicate with different vendors’ devices. These adapters translate the device-specific commands and CLI into a common data model based on YANG, enabling network engineers to automate heterogeneous networks seamlessly.
Model-Driven Telemetry
Traditional SNMP-based monitoring uses polling, which can cause latency and overhead. Model-driven telemetry is a push-based method where devices continuously stream real-time structured data, reducing network traffic and providing instant insight into network state and health.
Assurance in DNA Center
DNA Center’s Assurance uses machine learning and AI to analyze telemetry data and identify performance issues or security threats proactively. It helps IT teams solve problems before users even notice them, improving network reliability and experience.
Cisco Plug and Play
Plug and Play (PnP) lets network devices auto-register and download their configuration profiles from Cisco DNA Center or NSO when first connected. This eliminates manual initial setups and speeds up device onboarding with consistent configurations.
Intent-Based Networking (IBN)
IBN allows network admins to express business or operational goals (“intent”) at a high level, such as “Only allow finance department access to accounting servers,” and the system automatically translates this into detailed network policies and configurations, maintaining compliance continuously.
RESTful API in DNA Center
DNA Center exposes RESTful APIs to external applications and developers, using HTTP methods and JSON data format. This modern API framework enables automation scripts and integrations to interact programmatically with the platform.
DNA Center and ISE Integration
Cisco DNA Center integrates with Cisco Identity Services Engine (ISE) to enforce policies based on user identity, device type, and security posture dynamically, ensuring only authorized users and devices access certain network resources, enhancing security.
NETCONF Protocol
NETCONF is the preferred protocol for device configuration in modern network automation because it supports transactional changes, enabling safe updates with rollback if errors occur, unlike older CLI-based manual approaches.
Policy in DNA Center
DNA Center’s policy feature lets you create and enforce network access rules centrally — e.g., who can access what — and automatically deploys these policies across the SD-Access fabric or the whole network, reducing complexity and errors.
Telemetry Transport – gRPC
gRPC is a modern, efficient, and scalable transport protocol that supports streaming telemetry data in real-time from devices to management platforms like DNA Center, making monitoring faster and more reliable.
Cisco NSO Service Models
Service models in NSO abstract the complex commands needed for configuring devices into simple, reusable service definitions. This lets network engineers deploy entire network services consistently across multiple devices quickly.
Device Inventory
DNA Center maintains a real-time database of all devices it manages, including device status, software versions, and configurations, providing a single pane of glass for network inventory management and troubleshooting.
Ansible Integration
Ansible, a popular open-source automation tool, uses modules designed specifically for Cisco devices, allowing it to push configurations and retrieve data via RESTCONF, NETCONF, or SSH, facilitating network automation without complex programming.
Southbound API
The southbound API is the interface through which a network controller communicates with the devices it manages. It uses protocols like NETCONF, RESTCONF, or CLI wrappers to push configurations and gather telemetry.
Site Profiles
Site Profiles let you create standardized configurations and policies for a group of similar sites (e.g., branch offices). This way, when you deploy a new site, the profile can be applied automatically, ensuring consistency and saving time.
Data Formats JSON & XML
Network automation uses JSON and XML to represent device configuration and telemetry data in a structured way defined by YANG models, enabling tools and scripts to parse and manipulate network data easily.
Zero-Touch Provisioning
ZTP eliminates manual setup during device deployment. Devices automatically contact a controller or server, download their configuration, and become operational without needing hands-on configuration, speeding up large-scale deployments.
Troubleshooting with Assurance
DNA Center uses AI/ML-driven analytics on streaming telemetry data to detect anomalies, predict failures, and suggest root causes and remediation steps, enabling faster resolution compared to manual troubleshooting.
Network Intent
Intent refers to the desired state or business goal that the network should fulfill — e.g., “Provide high-priority access to video conferencing for executives.” Automation platforms translate this into actual configurations and continuously validate that intent is met.
Device Discovery
DNA Center discovers devices using SNMP to query device information and Cisco Discovery Protocol (CDP) to understand network topology, allowing it to build an accurate inventory and map device relationships.
Device Adapter in NSO
Device adapters serve as translation layers between vendor-specific command-line or API interfaces and the NSO service models. This abstraction allows NSO to interact uniformly with diverse devices.
Image Repository
The Image Repository stores firmware and software images for network devices in DNA Center, facilitating scheduled upgrades, rollbacks, and compliance checks, reducing manual tasks in image management.
Python for Network Automation
Python’s extensive libraries (e.g., Netmiko, Nornir, pyATS) and easy syntax make it the go-to language for network automation scripting, allowing integration with APIs, parsing outputs, and managing device configurations.
RESTCONF vs CLI Automation
RESTCONF provides a standardized, RESTful API for configuration, enabling automation tools to programmatically manage devices at scale, whereas CLI automation is less structured, more error-prone, and harder to scale.
Multi-vendor Support
Cisco DNA Center itself focuses mainly on Cisco devices, but Cisco NSO extends automation to multi-vendor networks by using device adapters that translate different vendor-specific configurations into unified models.
Network Assurance Concept
Network Assurance is the continuous process of validating that the network is operating according to defined intent and policies. It includes proactive monitoring, anomaly detection, and compliance checks to maintain network health.
Reviews
There are no reviews yet.