CCNA Devnet Apis Questions

24 of 99 questions · Page 2/2 · Devnet Apis topic · Answers revealed

76
MCQmedium

An application uses OAuth 2.0 client credentials grant to authenticate with a Cisco API. Which of the following best describes this flow?

A.The application uses a username and password in the request body.
B.The application sends its client ID and secret to obtain a token directly.
C.The user provides their credentials via a consent screen.
D.A device code is displayed for the user to enter on a separate device.
AnswerB

Client credentials grant uses the application's own credentials.

Why this answer

Client credentials grant is used for server-to-server authentication without user involvement.

77
MCQmedium

A developer is writing a Postman test to verify that a Meraki API response returns HTTP status 200 and contains a list of networks. Which code snippet correctly implements this test?

A.pm.response.to.have.status(200);
B.pm.test("Status 200", function() { pm.response.to.have.status(200); });
C.pm.test("Check networks", function() { pm.expect(pm.response.json()).to.have.property('networks'); pm.response.to.have.status(200); });
D.pm.test("Success", function() { pm.expect(pm.response.code).to.equal(200); });
AnswerC

Correctly checks both status and body.

Why this answer

pm.test with pm.response.to.have.status and pm.expect checks the status and response body.

78
MCQhard

A Cisco Catalyst Center API uses OAuth 2.0 with the client credentials grant for server-to-server communication. Which token endpoint parameter should the client include to identify itself?

A.scope=admin
B.grant_type=client_credentials
C.response_type=token
D.grant_type=authorization_code
AnswerB

Client credentials grant uses this grant type.

Why this answer

In client credentials, the client sends client_id and client_secret (often as Basic auth or form parameters) to authenticate.

79
MCQmedium

In Postman, you want to run a collection of API requests automatically and test responses. Which feature should you use?

A.Postman Workspaces
B.Postman Monitors
C.Postman Interceptor
D.Collection Runner
AnswerD

This runs collections with tests.

Why this answer

The Collection Runner runs all requests in a collection sequentially and allows tests to be evaluated.

80
MCQeasy

In Cisco DNA Center's intent API, which endpoint would you use to retrieve the list of all network devices?

A.GET /dna/intent/api/v1/topology
B.GET /dna/intent/api/v1/network-device
C.GET /dna/intent/api/v1/site
D.GET /dna/intent/api/v1/issues
AnswerB

Returns a list of network devices.

Why this answer

The correct endpoint is GET /dna/intent/api/v1/network-device. Other options are incorrect or refer to other areas like topology or site hierarchy.

81
MCQmedium

A developer is building a script to retrieve a list of network devices from Cisco DNA Center. The API response includes a 'nextToken' field in the body to indicate more results. What pagination method is being used?

A.Cursor-based pagination
B.Page-based pagination
C.Offset/Limit pagination
D.Link header pagination
AnswerA

A token like 'nextToken' indicates cursor-based pagination.

Why this answer

Cursor-based pagination uses a token (e.g., nextToken) to point to the next set of results, unlike offset/limit which uses page numbers.

82
MCQmedium

A Webex API request returns a 401 Unauthorized error. The developer has already obtained an access token. What is the most likely cause?

A.Invalid access token or expired token
B.Resource not found
C.Rate limit exceeded
D.Server internal error
AnswerA

401 indicates authentication failure.

Why this answer

A 401 error typically indicates an invalid or expired token, or missing Authorization header.

83
MCQmedium

A developer is using the Webex API to create a webhook that triggers when a new message is posted in a room. What information is typically included in the webhook payload sent by Webex to the callback URL?

A.The full message content and all room members
B.The OAuth token for the bot
C.The resource type, event type, and relevant IDs (e.g., message ID, room ID)
D.The complete list of webhooks configured on the account
AnswerC

Webhooks notify about events with IDs to retrieve details via API.

Why this answer

Webhook payloads contain event details such as resource, event type, and relevant data like message ID and room ID. The full message content is not included; the application must fetch it via API.

84
Multi-Selecthard

Which THREE of the following are characteristics of RESTCONF compared to NETCONF? (Select three.)

Select 3 answers
A.Uses HTTP as the transport protocol
B.Supports JSON encoding for YANG data
C.Employs XML Remote Procedure Calls (RPCs)
D.Uses SSH for secure transport
E.Uses YANG data models
AnswersA, B, E

RESTCONF is HTTP-based.

Why this answer

RESTCONF uses HTTP and supports JSON encoding, while NETCONF uses SSH and XML RPCs. Both use YANG data models.

85
Multi-Selecteasy

Which TWO of the following are HTTP methods used for creating or updating resources in REST APIs? (Select TWO)

Select 3 answers
A.DELETE
B.PUT
C.POST
D.GET
E.PATCH
AnswersB, C, E

PUT is used to replace a resource entirely.

Why this answer

POST is used to create, PUT to fully replace, and PATCH to partially update. GET retrieves, DELETE removes.

86
MCQmedium

When using the Cisco Meraki Dashboard API with pagination, the Link header in the response contains <https://api.meraki.com/api/v1/organizations?perPage=10&startingAfter=123>; rel="next". What does this indicate?

A.The API uses offset-based pagination and the next offset is 123.
B.The request should be retried after 123 seconds.
C.The response is limited to 10 items, and 123 items remain.
D.The API uses cursor-based pagination; the next page can be retrieved using the provided URL.
AnswerD

Link header with next indicates next page URL.

Why this answer

The Link header with rel="next" provides the URL for the next page of results; cursor-based pagination is used via startingAfter.

87
MCQeasy

Which HTTP method should be used to replace an entire existing resource in a RESTful API?

A.POST
B.PUT
C.PATCH
D.DELETE
AnswerB

PUT replaces the entire resource at the target URL.

Why this answer

PUT is the correct HTTP method for replacing an entire existing resource in a RESTful API because it is defined as idempotent in RFC 7231, meaning the client sends a full representation of the resource to replace the current state at the target URI. Unlike POST, PUT is intended for full updates where the client specifies the URI and the server replaces the resource entirely with the provided payload.

Exam trap

Cisco often tests the distinction between PUT and PATCH, trapping candidates who confuse 'update' with 'replace' and incorrectly choose PATCH for full resource replacement.

How to eliminate wrong answers

Option A is wrong because POST is used to create a new subordinate resource or trigger a non-idempotent action, not to replace an existing resource. Option C is wrong because PATCH applies a partial modification to a resource using a diff or set of changes, not a full replacement. Option D is wrong because DELETE removes the resource entirely, which is the opposite of replacing it.

88
MCQmedium

Which OAuth 2.0 grant type is most appropriate for a server-to-server integration where no user interaction is required?

A.Implicit Grant
B.Client Credentials Grant
C.Authorization Code Grant
D.Password Grant
AnswerB

Used for machine-to-machine communication.

Why this answer

Client credentials grant is used for server-to-server authentication without user consent.

89
MCQeasy

A network automation script uses the Python ncclient library to modify a device configuration. Which NETCONF operation should be used to apply configuration changes?

A.<close-session>
B.<get-config>
C.<get>
D.<edit-config>
AnswerD

edit-config modifies configuration.

Why this answer

The <edit-config> operation is used to modify configuration in NETCONF.

90
MCQmedium

When using RESTCONF to configure a network device, which URL path prefix and content-type header should be used?

A./restconf/operations/ and Content-Type: application/xml
B./restconf/data/ and Content-Type: application/yang-data+json
C./restconf/data/ and Content-Type: application/json
D./restconf/ and Content-Type: text/plain
AnswerB

This is the standard for RESTCONF.

Why this answer

RESTCONF uses /restconf/data/ and content-type application/yang-data+json.

91
MCQeasy

A developer wants to use Postman to test a REST API that requires a Bearer token. Where should the token be placed in the request?

A.In the Authorization header
B.As a query parameter
C.In a custom header like X-Auth-Token
D.In the request body
AnswerA

Bearer tokens are sent in the Authorization header.

Why this answer

The Bearer token is placed in the Authorization header using the format 'Bearer <token>'. The request body is used for data, not authentication.

92
MCQmedium

A developer needs to retrieve a list of network devices from Cisco DNA Center. Which API endpoint should be used?

A.GET /dna/intent/api/v1/network-device
B.GET /dna/intent/api/v1/topology
C.POST /dna/intent/api/v1/network-device
D.GET /dna/intent/api/v1/site
AnswerA

This endpoint retrieves network devices.

Why this answer

The intent API endpoint /dna/intent/api/v1/network-device retrieves network devices.

93
Multi-Selectmedium

Which two authentication methods are commonly used with Cisco REST APIs? (Choose two.)

Select 2 answers
A.API key in header
B.Basic authentication with username/password
C.Session cookie
D.SAML assertion
E.OAuth 2.0 token
AnswersA, E

Used by Meraki and others.

Why this answer

API key and OAuth 2.0 are common; Basic auth is less common; session cookie and SAML are not typical for REST APIs.

94
MCQhard

An IoT device streams telemetry data to a collector using gNMI. Which mode allows the collector to initiate the subscription?

A.gRPC streaming
B.Dial-in mode
C.Dial-out mode
D.NETCONF telemetry
AnswerB

Dial-in is collector-initiated.

Why this answer

In dial-in mode, the collector (client) initiates the gNMI subscription to the device (server).

95
MCQmedium

A Webex bot needs to receive real-time notifications when a new message is posted in a Webex space. Which Webex API feature should the bot implement?

A.Long polling
B.Polling the messages API every second
C.Webhooks
D.Server-Sent Events
AnswerC

Webhooks provide real-time event notifications.

Why this answer

Webhooks allow the bot to receive HTTP callbacks for events like message creation.

96
MCQmedium

When using the Meraki Dashboard API, what is the correct method to authenticate requests?

A.Include an API key in the Authorization header as a Bearer token
B.Use a session token obtained from a login endpoint
C.Use Basic authentication with username and password
D.Include an API key in the X-Cisco-Meraki-API-Key header
AnswerD

This is the correct Meraki authentication method.

Why this answer

The Meraki Dashboard API uses a unique API key for authentication, which must be included in the `X-Cisco-Meraki-API-Key` header. This key is generated per user in the Meraki Dashboard and identifies the request without requiring a session or password. Option D correctly specifies this custom header, which is the only supported method for authenticating requests to the Meraki API.

Exam trap

Cisco often tests the misconception that all REST APIs use standard Bearer tokens or OAuth, but the Meraki API deliberately uses a custom header to emphasize vendor-specific authentication patterns that candidates must memorize.

How to eliminate wrong answers

Option A is wrong because the Meraki API does not use Bearer tokens in the Authorization header; it uses a custom header (`X-Cisco-Meraki-API-Key`) instead of the standard `Authorization: Bearer` format. Option B is wrong because the Meraki API does not have a login endpoint or session tokens; authentication is stateless and key-based. Option C is wrong because Basic authentication with username and password is not supported; the API key is a static, pre-generated token that does not involve credentials in the request.

97
MCQmedium

Which NETCONF operation is used to retrieve the entire configuration datastore from a network device?

A.<edit-config>
B.<get>
C.<get-config>
D.<commit>
AnswerC

<get-config> specifically retrieves the configuration datastore.

Why this answer

<get-config> retrieves configuration datastore. <get> retrieves state and config data. <edit-config> modifies configuration. <commit> confirms a candidate configuration.

98
MCQmedium

A Cisco Catalyst Center application needs to retrieve a list of network device issues. Which API endpoint should be used?

A.GET /dna/intent/api/v1/site-health
B.GET /dna/intent/api/v1/topology
C.GET /dna/intent/api/v1/network-device
D.GET /dna/intent/api/v1/issues
AnswerD

This endpoint retrieves issues for network devices.

Why this answer

The Cisco Catalyst Center (DNA Center) uses /dna/intent/api/v1/network-device for device list, but for issues, specific issue endpoints exist. The correct endpoint is /dna/intent/api/v1/network-device-issue?issueType=... or similar, but the question likely expects the issues endpoint. However, based on common DevNet materials, the issue endpoint is /dna/intent/api/v1/issues.

The correct answer is the endpoint for issues.

99
Multi-Selectmedium

Which TWO of the following are valid OAuth 2.0 grant types? (Select TWO)

Select 2 answers
A.Client credentials
B.Authorization code
C.API key
D.Basic authentication
E.Implicit grant
AnswersA, B

Standard OAuth 2.0 grant for server-to-server.

Why this answer

Authorization code and client credentials are standard grant types. Basic is not OAuth 2.0. API key is a different authentication method.

Implicit is deprecated.

← PreviousPage 2 of 2 · 99 questions total

Ready to test yourself?

Try a timed practice session using only Devnet Apis questions.