cisco 500-490 Exam Questions

Questions for the 500-490 were updated on : Dec 01 ,2025

Page 1 out of 3. Viewing questions 1-15 out of 35

Question 1

Which is a benefit of a cloud-based SD-WAN deployment?

  • A. instant scale
  • B. security never a n issue
  • C. agility of change dependent only on your own internal IT processes
  • D. controller availability never an issue
  • E. might be required for compliance with industry standards
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 2

Which three options focus of the current digital business era? (Choose three.)

  • A. loT scale
  • B. automation
  • C. connectivity
  • D. centralized enterprise and web applications
  • E. Human scale
  • F. Virtualized services
Answer:

ABF

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 3

Which feature is supported on the Cisco vEdge platform?

  • A. IPv6 transport (WAN)
  • B. license enforcement
  • C. reporting
  • D. non-Ethernet interfaces
  • E. single sign-on
  • F. 2-factor authentication
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 4

Which are two Cisco recommendations that demonstrates SDA? (Choose two.)

  • A. Use the CLI to perform as much of the configuration as possible.
  • B. Keep the demo at a high level.
  • C. Focus on business benefit s.
  • D. Be sure you explain the major technologies such as VXLAN and LISP in depth.
  • E. Show the customer how to integrate ISE into DNA Center at the end of the demo.
Answer:

BE

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 5

Which two statements regarding Cisco SD-WAN vEdge routers can mitigate DoS attacks against the
infrastructure? (Choose two.)

  • A. The vEdge routers run on hardened Linux operating systems.
  • B. Only authorized controllers are allowed to communicate back to the vEdg e router after the vEdge router establishes connection with the controllers.
  • C. In case of direct Internet access, the only traffic allowed back is the traffic matching the state table entries on the vEdge router.
  • D. Open Certificate Authority and automated enrollment feature.
  • E. By default, all incoming traffic is denied at the transport (WAN) side interfaces.
Answer:

BC

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 6

What should you do if you are looking at a strategic win with a customer and the customer wants to
examine Cisco ISE for longer than a few weeks?

  • A. Point them to our dCloud demo library.
  • B. Give them our ISE YouTube videos.
  • C. Set them up with a dCloud account.
  • D. Give them some of our flash files that can be played on any browser.
  • E. Provide them with a downloadable POV kit.
  • F. Set them up with an account on a Cisco UCS server that hosts ISE.
Answer:

E

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 7

Which three ways are SD-Access and ACI Fabric similar? (Choose three.)

  • A. focus on user endpoints
  • B. use of Scalable Group Tags
  • C. use of overlays
  • D. use of group policy
  • E. use of Virtual Network IDs
  • F. use of Endpoint Groups
Answer:

CDE

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 8

Which two statements are true regarding Cisco ISE? (Choose two.)

  • A. In distributed deployments, failover from primary to secondary Policy Administration Nodes happens automatically.
  • B. ISE can detected endpoints whose addresses have been translated via NAT.
  • C. In two-node standalone ISE deployments, failover must be done manually.
  • D. ISE supports IPv6 downloadable ACLs.
  • E. ISE supports up to 100 Policy Services Nodes.
  • F. The number of logs that ISE can retain is determined by your disk space.
Answer:

BC

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 9

Which Cisco vEdge router offers 20 Gb of encrypted throughput?

  • A. Cisco vEdge 1000
  • B. Cisco vEdge 2000
  • C. Cisco vEdge 5000
  • D. Cisco vEdge 100
Answer:

C

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 10

Which two options help you sell Cisco ISE? (Choose two.)

  • A. Showcasing the entire ISE feature set
  • B. Referring to TrustSec as being only supported on Cisco networks
  • C. Discussing the importance of custom profiling
  • D. Explaining ISE support for 3rd party network devices
  • E. Downplaying the value of pxGrid as compared to RESTful APIs
Answer:

AD

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 11

Which are two advantages of a “one switch at a time” approach to integrating SD-Access into an
existing brownfield environment? (Choose two.)

  • A. appropriate for campus and remote site environments
  • B. ideal for protecting recent investment s while upgrading legacy hardware
  • C. involves the least risk of all approaches
  • D. allows simplified roll back
  • E. opens up many new design and deployment opportunities
  • F. allows simplified testing prior to cutover
Answer:

AB

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 12

Which component of the SD-Access fabric is responsible for communicating with networks that are
external to the fabric?

  • A. border nodes
  • B. edge nodes
  • C. control plane nodes
  • D. intermediate nodes
Answer:

A

User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
vote your answer:
A
B
C
D
0 / 1000

Question 13

Which two statements describes Cisco SD-Access? (Choose two.)

  • A. an overlay for the wired infrastructure in which traffic is tunneled via a GRE tunnel to a mobility controller for policy and application visibility
  • B. software-defined segmentation and policy enforcement based on user identity and group membership
  • C. an automated encryption/decryption engine for highly secured transport requirements
  • D. a collection of tools and applications that are a combination of loose and tight couping
  • E. programmable overlays enabling network virtualization across the campus
Answer:

BE

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000

Question 14

Which two options are primary functions of Cisco ISE? (Choose two.)

  • A. allocating resources
  • B. enforcing endpoint compliance with network security policies
  • C. enabling WAN deployment over any type of connection
  • D. automatically enabling, disabling, or reducing allocated power to certain devices
  • E. providing VPN access for any type of device
  • F. providing information about every device that touches the network
Answer:

BF

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
F
50%
Discussions
vote your answer:
A
B
C
D
E
F
0 / 1000

Question 15

Which two activities should occur during an SE's discovery process? (Choose two.)

  • A. Gathering information about the current state of the customer ’s network environment
  • B. Working with the customer to develop a reference architecture
  • C. Referencing the PPDIOO model to effectively facilitate the discussion
  • D. Establishing credibility with the customer
  • E. Mapping Cisco innovation to customer ’s needs
Answer:

AD

User Votes:
A
50%
B
50%
C
50%
D
50%
E
50%
Discussions
vote your answer:
A
B
C
D
E
0 / 1000
To page 2