Back to ENCOR 350-401 questions

Scenario-based practice

Hard Difficulty Questions

Practise ENCOR 350-401 practice questions — original exam-style scenarios covering every exam domain, with detailed explanations, wrong-answer analysis, and common exam traps.

20
scenario questions
350-401
exam code
Cisco
vendor

Scenario guide

How to approach hard difficulty questions

These are the questions most candidates get wrong. They require connecting multiple concepts, reading tricky output, or knowing edge-case behaviour that isn't on most study cards. Practising them trains you to operate under uncertainty — a necessary skill on the real exam.

Quick answer

Hard Difficulty Questions questions test whether you can apply the concept in context, not just recognise a definition.

How the topic appears in realistic exam-style scenarios.

Which detail in the question changes the correct answer.

How to eliminate plausible but wrong options.

How to connect the question back to the wider exam objective.

Related practice questions

Related 350-401 topic practice pages

Scenario questions usually connect to one or more exam topics. Use these links to review the underlying concepts behind the scenario.

Practice set

Practice scenarios

Question 1hardmultiple choice
Study the full EIGRP explanation →

Refer to the exhibit. A network engineer is troubleshooting a routing issue. The route for 10.0.0.0/8 is learned via EIGRP with metric 2560512. Which change would most likely cause the metric to increase?

Exhibit

Refer to the exhibit.
```
router# show ip route 10.0.0.0
Routing entry for 10.0.0.0/8
  Known via "eigrp 100", distance 170, metric 2560512, type internal
  Redistributing via eigrp 100
  Last update from 192.168.1.1 on GigabitEthernet0/0, 00:00:05 ago
  Routing Descriptor Blocks:
  * 192.168.1.1, from 192.168.1.1, 00:00:05 ago, via GigabitEthernet0/0
      Route metric is 2560512, traffic share count is 1
      Total delay is 2000 microseconds, minimum bandwidth is 10000 Kbit
      Reliability 255/255, minimum MTU 1500 bytes
      Loading 1/255, Hops 3
```
Question 2hardmultiple choice
Review the full OSPF breakdown →

Refer to the exhibit. R1 has two equal-cost OSPF E2 routes to 10.1.1.0/24 via two different next hops. However, when tracing to 10.1.1.1, all traffic uses the path through 10.0.1.2. What is the most likely reason?

Exhibit

Refer to the exhibit.
R1# show ip route | include 10.1.1.0
O E2 10.1.1.0/24 [110/20] via 10.0.1.2, 00:00:34, GigabitEthernet0/0
O E2 10.1.1.0/24 [110/20] via 10.0.2.2, 00:00:34, GigabitEthernet0/1
R1# show ip ospf interface GigabitEthernet0/0 | include Cost
  Process ID 1, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 10
R1# show ip ospf interface GigabitEthernet0/1 | include Cost
  Process ID 1, Router ID 1.1.1.1, Network Type BROADCAST, Cost: 100
R1# traceroute 10.1.1.1 source Loopback0
Type escape sequence to abort.
Tracing the route to 10.1.1.1
  1 10.0.1.2 4 msec 4 msec 4 msec
  2 10.0.3.2 8 msec 8 msec 8 msec
Question 3hardmultiple choice
Open the full VLAN trunking answer →

Your company has deployed a Cisco Catalyst 9300 switch stack as the distribution layer for a campus network. The network uses VLANs 10 (data), 20 (voice), and 30 (management). The switch stack is configured with DHCP snooping, Dynamic ARP Inspection (DAI), and IP Source Guard (IPSG) on access ports. Recently, users in VLAN 10 report intermittent connectivity issues. You notice that some users receive duplicate IP addresses from the DHCP server. The DHCP server is connected to a trunk port on the switch stack. After reviewing logs, you see that DHCPACK messages are being dropped on the trunk port. The DHCP snooping binding table shows entries for legitimate clients, but also some entries with MAC addresses from a different vendor. Which action should you take to resolve the issue?

Question 4hardmulti select
Read the full REST/YANG explanation →

Which TWO statements are true about RESTCONF and NETCONF in a Cisco IOS XE environment? (Choose two.)

Question 5hardmultiple choice
Read the full VPN explanation →

An organization is migrating from a traditional three-tier architecture to a leaf-spine fabric using VXLAN EVPN. The design requires that virtual machines can move between racks without IP address changes. Which technology must be enabled at the leaf switches to support this mobility?

Question 6hardmultiple choice
Study the full SD-Access breakdown →

A global enterprise is transitioning from a traditional three-tier campus architecture to a software-defined access (SD-Access) fabric. Which architectural consideration is most critical for the underlay network?

Question 7hardmultiple choice
Study the full QoS explanation →

A network administrator is deploying a new QoS policy to prioritize voice traffic across a WAN link. The policy must ensure that voice packets are not dropped even during congestion, and that bandwidth is guaranteed for voice. Which queuing mechanism should be used for the voice class?

Question 8hardmulti select
Review the full OSPF breakdown →

Which THREE conditions are required for OSPF routers to become fully adjacent? (Choose three.)

Question 9hardmultiple choice
Full question →

Based on the exhibit, which traffic will be permitted outbound on GigabitEthernet0/0?

Exhibit

Refer to the exhibit.

! Running-config on R1
ip access-list extended FILTER
 permit tcp 192.168.1.0 0.0.0.255 any eq www
 permit tcp 192.168.1.0 0.0.0.255 any eq https
!
interface GigabitEthernet0/0
 ip access-group FILTER out
!
Question 10hardmultiple choice
Full question →

A network engineer is designing a data center network using Cisco ACI. The design must support multiple tenants with isolated policies. The engineer needs to ensure that traffic between endpoints in different tenants is blocked by default. Which ACI construct provides this isolation?

Question 11hardmultiple choice
Read the full VRF explanation →

A network engineer configured VRF TENANT_A and moved the subinterfaces into the VRF. After the change, the CEF table shows the prefixes but the next-hop addresses are unreachable. What is the most likely cause?

Exhibit

Refer to the exhibit.

CEF table snippet:
Prefix          Next Hop     Interface
10.1.1.0/24     192.168.1.2  Ethernet0/0
10.2.2.0/24     192.168.2.2  Ethernet0/1

CEF table after VRF configuration:
VRF: TENANT_A
Prefix          Next Hop     Interface
10.1.1.0/24     192.168.1.2  Ethernet0/0.100
10.2.2.0/24     192.168.2.2  Ethernet0/1.200
Question 12hardmultiple choice
Study the full QoS explanation →

A company is implementing QoS in a campus network. Voice traffic must be prioritized over data traffic, and all traffic should be marked at Layer 2 and Layer 3. Which combination of marking values should be used on access ports to achieve this?

Question 13hardmultiple choice
Open the full BGP breakdown →

An engineer is troubleshooting a BGP routing issue. The router is not receiving routes from an eBGP neighbor. The neighbor is reachable via ping. The BGP session is established and in the Established state. What is the most likely cause?

Question 14hardmultiple choice
Review the full OSPF breakdown →

A network administrator is troubleshooting an issue where OSPF routes are not being learned from a neighbor. The administrator checks the OSPF configuration and sees that both routers are in the same area. The neighbor state is stuck in EXSTART. What is the most likely cause?

Question 15hardmultiple choice
Study the full virtualization explanation →

A service provider wants to deploy a virtualized firewall as a VNF in a service chain. The VNF must be inserted transparently into the traffic path without requiring changes to the existing IP addressing. Which service chaining method should the architect choose?

Question 16hardmultiple choice
Open the full VLAN trunking answer →

A network administrator is troubleshooting a DHCP snooping issue on a Cisco switch. The switch is configured with DHCP snooping globally and on VLAN 10. The trusted interface is GigabitEthernet0/1 connected to the DHCP server. However, clients on VLAN 10 are not receiving IP addresses from the DHCP server. What is the most likely cause?

Question 17harddrag order
Review the full OSPF breakdown →

Drag and drop the steps of OSPF route redistribution into a different autonomous system into the correct order, from first to last.

Question 18harddrag order
Open the full BGP breakdown →

Drag and drop the steps of BGP best path selection process into the correct order, from first to last.

Question 19hardmultiple choice
Study the full EIGRP explanation →

A network engineer is configuring EIGRP on a router that connects to a service provider network. The engineer wants to advertise a default route to internal routers. The engineer configures 'ip default-network 0.0.0.0' and redistributes a static default route into EIGRP. However, internal routers are not receiving the default route. The engineer checks the EIGRP topology table and sees the default route with a metric of 1. What is the most likely reason?

Question 20hardmulti select
Read the full REST/YANG explanation →

Which TWO statements about NETCONF and YANG are true?

These 350-401 practice questions are part of Courseiva's free Cisco certification practice question bank. Courseiva provides original exam-style 350-401 questions with detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics.