Special Summer Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Cisco 300-620 Implementing Cisco Application Centric Infrastructure (300-620 DCACI) Exam Practice Test

Demo: 74 questions
Total 247 questions

Implementing Cisco Application Centric Infrastructure (300-620 DCACI) Questions and Answers

Question 1

Which feature is used to program policy CAM on a leaf switch without sending traffic from VM to the leaf?

Options:

A.

immediate resolution immediacy

B.

immediate deployment immediacy

C.

on-demand deployment immediacy

D.

on-demand resolution immediacy

Question 2

Refer to the exhibit. Which two configurations enable inter-VRF communication? (Choose two.)

Options:

A.

Set the subnet scope to Shared Between VRFs.

B.

Enable Advertise Externally under the subnet scope.

C.

Export the contract and import as a contract interface.

D.

Change the contract scope to Tenant.

E.

Change the subject scope to VRF.

Question 3

Refer to the exhibit. New e-commerce software is deployed on Cisco ACI fabric. The environment must meet these requirements:

The overall number of contracts must be reduced by reusing the existing contracts within a VRF when possible.

The e-commerce software must communicate only with software EPGs that are part of the same ANP.

The e-commerce software must be prevented from communicating with applications in different ANPs.

Which scope must be selected to meet these requirements?

Options:

A.

Application Profile

B.

Endpoint Group

C.

Tenant

D.

Global

Question 4

Refer to the exhibit.

A customer is deploying a WAN with these requirements: •Routers 1 and 2 must receive only routes 192.168.11.0/24 and 192.168.21.0724 from the Cisco ACI fabric •Reachability to the WAN users must be permitted only for the servers that are located in vrf_prod.

Which settings must be configured to meet these objectives?

Options:

A.

Configure the subnets 192.168.11.0/24 and 192.168.21.0/24 as Private to VRF Configure the subnet 192.168.31.0/24 as Advertised Externally. Configure an EPG subnet 0.0.0.0/0 as External Subnets for External EPG.

B.

Configure the subnets 192.168.11.0/24 and 192.168.21.0/24 as Private to VRF. Configure the subnet 192.168.31.0/24 as Advertised Externally. Configure an EPG subnet 0.0.0.0/0 as Shared Route Control Subnet.

C.

Configure the subnets 192.168.11.0/24 and 192.168.21.0/24 as Advertised Externally.

Configure the subnet 192.168.31.0/24 as Private to VRF.

Configure an EPG subnet 0.0.0.0/0 as Shared Route Control Subnet.

D.

Configure the subnets 192.168.11.0/24 and 192.168.21.0/24 as Advertised Externally.

Configure the subnet 192.168.31.0/24 as Private to VRF.

Configure an EPG subnet 0.0.0.0/0 as External Subnets for External EPG.

Question 5

What represents the unique identifier of an ACI object?

Options:

A.

universal resource identifier (URI)

B.

application programming interface

C.

management information tree

D.

distinguished name

Question 6

Refer to the exhibit.

A systems engineer is implementing the Cisco ACI fabric. However, the Server2 information is missing from the Leaf 101 endpoint table and the COOP database of the spine. The requirement is for the bridge domain configuration to enforce the ACI fabric to forward the unicast packets generated by Server1 destined to Server2. Which action must be taken to meet these requirements?

Options:

A.

Enable ARP Flooding

B.

Set L2 Unknown Unicast to Flood

C.

Set IP Data-Plane Learning to No

D.

Enable Unicast Routing

Question 7

An engineer needs to avoid loops in the ACI network and needs an ACI leaf switch to error-disable an interface if the interface receives an ACI-generated packet. Which action meets these requirements?

Options:

A.

Enable the Loop Indication by MCP event in the Error Disabled Recovery Policy.

B.

Set Rogue EP Control in the Endpoint Controls Policy.

C.

Uncheck the Loop Protection Action check box in MCP Instance Policy.

D.

Change the default administrative state of the global MCP Instance Policy.

Question 8

In-band is currently configured and used to manage the Cisco ACI fabric. The requirement is for leaf and spine switches to use out-of-band management for NTP protocol. Which action accomplishes this goal?

Options:

A.

Select Out-of-Band as Management EPG in the default DateTimePolicy.

B.

Create an Override Policy with NTP Out-of-Band for leaf and spine switches.

C.

Change the interface used for APIC external connectivity to ooband.

D.

Add a new filter to the utilized Out-of-Band-Contract to allow NTP protocol.

Question 9

Refer to the exhibit. What must be configured in the service graph to redirect HTTP traffic between the EPG client and EPG server to go through the Cisco ASA firewall?

Options:

A.

precise filter to allow only HTTP traffic

B.

permit-all contract filter

C.

contract with no filter

D.

contract filter to allow ARP and HTTP.

Question 10

Which table holds IP address, MAC address and VXLAN/VLAN information on a Cisco ACI leaf?

Options:

A.

endpoint

B.

adjacency

C.

RIB

D.

ARP

Question 11

An engineer must deploy Cisco ACI across 10 geographically separated data centers. Which ACI site deployment feature enables the engineer to control which bridge domains contain Layer 2 flooding?

Options:

A.

GOLF

B.

Multi-Site

C.

Multi-Pod

D.

Stretched Fabric

Question 12

What is a characteristic of a Cisco ACI Multi-Pod?

Options:

A.

It eliminates the need to deploy multicast in the Layer 3 network that interconnects the pods.

B.

Spines use BGP peering with IPN to send out the TEP pool prefix for the local pod.

C.

It manages the configuration of different Cisco ACI pods using a single common Cisco APIC cluster.

D.

A VPNv4 address family is used to exchange endpoint information between spines.

Question 13

Cisco ACI fabric is integrated with VMware VDS. The fabric must apply a security policy to check the integrity of traffic out of the network adapter. Which action must be taken to drop the .. when the ESXi host discovers a mismatch between the actual source MAC address transmitted by the guest operating system and the effective MAC address of the virtual machine ….?

Options:

A.

Reject MAC changes.

B.

Accept forged transmits.

C.

Accept MAC changes.

D.

Reject forged transmits.

Question 14

Refer to the exhibit. An engineer connects a Cisco ACI fabric to two different Cisco Nexus 9000 Series Switches. The fabric must be configured to ensure a loop-free topology and N9K1 be configured as the root bridge for VLAN 10. Which action meets these requirements?

Options:

A.

Enable STP on ports between the leaf and spine.

B.

Activate MCP on ports between the leaf and Nexus 9000 Series Switches.

C.

Enable Cisco Discovery Protocol on ports between the leaf and spine.

D.

Set BPDU Guard on ports between the leaf and Nexus 9000 Series Switches.

Question 15

An engineer is extending an EPG out of the ACI fabric using static path binding. Which statement about the endpoints is true?

Options:

A.

Endpoints must connect directly to the ACI leaf port.

B.

External endpoints are in a different bridge domain than the endpoints in the fabric.

C.

Endpoint learning encompasses the MAC address only.

D.

External endpoints are in the same EPG as the directly attached endpoints.

Question 16

Which two protocols are used for fabric discovery in ACI? (Choose two.)

Options:

A.

LLDP

B.

OSPF

C.

CDP

D.

DHCP

E.

ISIS

Question 17

What is the name of the automatically configured VLAN 3600 presented during Cisco ACI fabric discovery?

Options:

A.

Transit VLAN

B.

Infrastructure VLAN

C.

Loopback VLAN

D.

Fabric VLAN

Question 18

Refer to the exhibit. A Cisco ACI fabric displays this fault. Which set of actions modifies the event to be displayed as a warning in the future?

Options:

A.

Navigate to the ACI Events tab.

Create a new record.

B.

Navigate to the ACI Fault tab.

Create a new record.

C.

Navigate to the ACI Events tab.

Change the severity level.

D.

Navigate to the ACI Fault tab.

Change the severity level.

Question 19

What are two requirements for the IPN network when implementing a Multi-Pod ACI fabric? (Choose two.)

Options:

A.

EIGRP routing

B.

PIM ASM multicast routing

C.

BGP routing

D.

VLAN ID 4

E.

OSPF routing

Question 20

What is the purpose of the Overlay Multicast TEP in a Cisco ACI Multi-Site deployment?

Options:

A.

to source and receive unicast VXLAN data plane traffic

B.

to establish MP-BGP EVPN adjacencies with the spine nodes in remote sites

C.

to encapsulate multicast traffic in a common multicast group

D.

to perform head-end replication for BUM traffic

Question 21

When does the Cisco ACI leaf learn a source IP or MAC as a remote endpoint?

Options:

A.

When VXLAN traffic arrives on a leaf fabric port from the spine and outer source IP is in the Layer 3 Out EPG subnet range.

B.

When VXLAN traffic arrives on a leaf fabric port from the spine and outer source IP is in the bridge domain subnets range.

C.

When VXLAN traffic arrives on a leaf fabric port from the spine and inner source IP is in the Layer 3 Out EPG subnet range.

D.

When VXLAN traffic arrives on a leaf fabric port from the spine and inner source IP is in the bridge domain subnets range.

Question 22

Which components must be configured for the BGP Route Reflector policy to take effect?

Options:

A.

spine fabric interface overrides and profiles

B.

access policies and profiles

C.

pod policy groups and profiles

D.

leaf fabric interface overrides and profiles

Question 23

Which two protocols support accessing backup files on a remote location from the APIC? (Choose two.)

Options:

A.

TFTP

B.

FTP

C.

SFTP

D.

SMB

E.

HTTPS

Question 24

An engineer is creating a configuration import policy that must terminate if the imported configuration is incompatible with the existing system. Which import mode achieves this result?

Options:

A.

merge

B.

atomic

C.

best effort

D.

replace

Question 25

Refer to the exhibit. An engineer configured subnets on the external EPG called L3OUT_CORE. The external endpoints in the 10.1.0.0/24 subnet can reach internal endpoints, but the external endpoints in the 172.16.1.0/24 subnet are unreachable. Which set of actions enables the connectivity?

Options:

A.

Delete both external EPG subnets.

Create the 0.0.0.0/1 subnet.

B.

Delete the external EPG subnet 0.0.0.128/1.

Create the 128.0.0.0/1 subnet.

C.

Delete both external EPG subnets.

Create the 0.0.0.0/0 subnet.

D.

Delete the external EPG subnet 0.0.0.0/0.

Create the 0.0.0.0/128 subnet.

Question 26

Refer to the exhibit.

Which two components should be configured as route reflectors in the ACI fabric? (Choose two.)

Options:

A.

Spine1

B.

apic1

C.

Spine2

D.

Leaf1

E.

Leaf2

F.

apic2

Question 27

Which class of ACI object is presented in this output?

Options:

A.

Contract

B.

Bridge Domain

C.

Tenant

D.

Endpoint

Question 28

An engineer must limit management access to me Cisco ACI fabric that originates from a single subnet where the NOC operates. Access should be limited to SSH and HTTPS only. Where should the policy be configured on the Cisco APIC to meet the requirements?

Options:

A.

policy In the management tenant

B.

policy on the management VLAN

C.

ACL on the management interface of the APIC

D.

ACL on the console interface

Question 29

When creating a subnet within a bridge domain, which configuration option is used to specify the network visibility of the subnet?

Options:

A.

limit IP learning to subnet

B.

scope

C.

gateway IP

D.

subnet control

Question 30

The Application team reports that a previously existing port group has disappeared from vCenter. An engineer confirms that the VM domain association for the EPG is no longer present. Which action determines which user is responsible for the change?

Options:

A.

Check the EPG audit logs for the 'deletion' action and compare the affected object and user.

B.

Evaluate the potential faults that are raised for that EPG.

C.

Examine the health score and drill down to an object that affects the EPG combined score.

D.

Inspect the server logs to see who was logging in to the APIC during the last few hours.

Question 31

Refer to the exhibit.

A Cisco ACI fabric is newly deployed, and the security team requires more visibility of all inter-EPG traffic flows. All traffic in a VRF must be forwarded to an existing firewall pair. During fallover, the standby firewall must continue to use the same IP and MAC as the primary firewall. Drag and drop the steps from the left Into the Implementation order on the right to configure the service graph that meets the requirements. (Not all steps are used.)

Options:

Question 32

How is an EPG extended outside of the ACI fabric?

Options:

A.

Create an external bridged network that is assigned to a leaf port.

B.

Create an external routed network that is assigned to an EPG.

C.

Enable unicast routing within an EPG.

D.

Statically assign a VLAN ID to a leaf port in an EPG.

Question 33

An engineer must ensure that Cisco ACI flushes the appropriate endpoints when a topology change notification message is received in an MST domain. Which three steps are required to accomplish this goal? (Choose three.)

Options:

A.

Enable the BPDU interface controls under the spanning tree interface policy.

B.

Configure a new STP interface policy.

C.

Bind the spanning tree policy to the switch policy group.

D.

Associate the STP interface policy to the appropriate interface policy group.

E.

Create a new region policy under the spanning tree policy.

F.

Map VLAN range to MAT instance number.

Question 34

An engineer is configuring a VRF for a tenant named Cisco. Drag and drop the child objects on the left onto the correct containers on the right for this configuration.

Options:

Question 35

On which two interface types should a user configure storm control to protect against broadcast traffic? (Choose two.)

Options:

A.

APIC facing interfaces

B.

port channel on a single leaf switch

C.

all interfaces on the leaf switches in the fabric

D.

endpoint-facing trunk interface

E.

fabric uplink interfaces on the leaf switches

Question 36

Which feature allows firewall ACLs to be configured automatically when new endpoints are attached to an EPG?

Options:

A.

ARP gleaning

B.

dynamic endpoint attach

C.

hardware proxy

D.

network-stitching

Question 37

Refer to the exhibit. The external subnet and internal EPG1 must communicate with each other, and the L3Out traffic must leak into the VRF named "VF1". Which configuration set accomplishes these goals?

Options:

A.

Export Route Control Subnet

Import Route Control Subnet

Aggregate Shared Routes

B.

External Subnets for External EPG

Shared Route Control Subnet

Shared Security Import Subnet

C.

External Subnets for External EPG

Import Route Control Subnet

Shared Route Control Subnet

D.

Export Route Control Subnet

Shared Security Import Subnet

Aggregate Shared Routes

Question 38

An engineer associates EPG-A with a VMM domain and sets the Deployment and Resolution preferences to Immediate. The host that will generate endpoints for EPG-A is attached to Leaf-and Leaf-102 using etht1/1. However, no configuration for EPG-A appears to have been pushed to the leaf switches. Which action must be taken for the configuration to be pushed to f-101 and Leaf-102?

Options:

A.

Enable CDP or LLDP on the host.

B.

Configure both ports for trunking.

C.

Enable LACP on the leaf switch ports.

D.

Disable and enable eth1/1 on both leaf switches

Question 39

An application team tells the Cisco ACI network administrator that it wants to monitor the statistics of the unicast and BUM traffic that are seen in a certain EPG. Which statement describes the collection statistics?

Options:

A.

All EPGs in the Cisco ACI tenant object must be enabled for statistics to be collected.

B.

Cisco ACI does not capture statistics at the EPG level. Only statistics that pass through ACI contracts can be monitored.

C.

EPG statistics can be collected only for VMM domains. If a physical domain exists, statistics are not collected.

D.

The collection of statistics is enabled on the EPG level by enabling the statistics for unicast and BUM traffic.

Question 40

Engineer must configure SNMP inside a Cisco ACI fabric. The engineer has created an SNMP Policy, called SNMP-policy and an SNMP Monitoring Group called SNMP-group1 that Contains five trap receivers. Which configuration set completes the configuration?

Options:

A.

Edit oobbrc to permit traffic using UDP port 16. Associate the client group policy to SNMP-group1.

B.

Permit OOB management traffic using UDP port 161. Associate client group policy with the OOB management EPG.

C.

Allow all OOB management traffic. Configure three trap receivers on SNMP-group1.

D.

Create an OOB management contract. Include the SNMP server in the OOB management EPG.

Question 41

An engineer must connect a new host to port 1 »’1 on Leaf 101. A Cisco ACI fabric has an MOP policy configured but experience excessive Layer 2 loops The engineer wants the Cisco ACI fabric to detect and prevent Layer 2 loops m the fabric Which set of actions accomplishes these goals’?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 42

What is the result of selecting the On Demand attribute in the Deploy Immediacy feature during VMM domain association to an EPG?

Options:

A.

The EPG policy is downloaded to the leaf when a hypervisor is connected, and a VM is placed in a port group.

B.

The EPG policy is programmed in the hardware policy CAM only when the first packet is received through the data path.

C.

The EPG policy is programmed in the hardware policy CAM as soon as the policy is downloaded in the leaf software.

D.

The EPG policy is downloaded to the leaf when a hypervisor is attached to a DVS. and CDP or LLDP adjacency is formed.

Question 43

What are two PBR characteristics of the Cisco ACI Active-Active Across Pods deployment mode in Cisco ACI Multi-Pod design? (Choose two.)

Options:

A.

Traffic is dynamically redirected to the firewall that owns the connection.

B.

Deployment occurs in transparent mode.

C.

The connection state is unsynchronized.

D.

Deployment occurs in go-to mode only.

E.

This mode causes the traffic to flow asymmetrically.

Question 44

A network engineer must allow secure access to the Cisco ACl out-of-band (OOB) management only from external subnets 10 0 0024 and 192.168 20 G'25. Which configuration set accomplishes this goal?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 45

An ACI administrator notices a change in the behavior of the fabric. Which action must be taken to determine if a human intervention introduced the change?

Options:

A.

Inspect event records in the APIC UI to see all actions performed by users.

B.

Inspect /var/log/audit_messages on the APIC to see a record of all user actions.

C.

Inspect audit logs in the APIC UI to see all user events.

D.

Inspect the output of show command history in the APIC CLI.

Question 46

An engineer is implementing a connection that represents an external bridged network. Which two configurations are used? (Choose two.)

Options:

A.

Layer 2 remote fabric

B.

Layer 2 outside

C.

Layers 2 internal

D.

Static path binding

E.

VXLAN outside

Question 47

Cisco ACI fabric contains a tenant called Prod. User_1 must have write access to tenant Prod and full access to the fabric access policy. Which set of actions must be taken to meet these requirements?

Options:

A.

Associate User_1 to the fabric access policy.

Associate the security domain to the fabric access policy.

Create RBAC for the distinguished name of tenant Prod.

B.

Associate User_1 to tenant Prod.

Associate the security domain to the distinguished name of the fabric access policy.

Create RBAC for the distinguished name of security domain.

C.

Associate User_1 to the distinguished name of the fabric access policy.

Associate the security domain to RBAC.

Create RBAC for the distinguished name of User__1.

D.

Associate User_1 to the security domain.

Associate the security domain to tenant Prod.

Create RBAC for the distinguished name of fabric access policy.

Question 48

An engineer configures a Cisco ACI Multi-Pod for disaster recovery. Which action should be taken for the new nodes to be discoverable by the existing Cisco APICs?

Options:

A.

Configure IGMPv3 on the interfaces of IPN routers that face the Cisco ACI spine.

B.

Enable subinterfaces with dot1q tagging on all links between the IPN routers.

C.

Enable DHCP relay on all links that are connected to Cisco ACI spines on IPN devices.

D.

Configure BGP as the underlay protocol in IPN.

Question 49

An engineer configures an L30ut in VRF-1 that was configured for Import Route Control Enforcement. The L30ut uses OSPF to peer with a core switch. The L30ut has one external EPG, it has been configured with a subnet 10.1.0.0/24. Which scope must be set to force 10.1.0.0/24 to populate in the routing table for VRF-1?

Options:

A.

External Subnet for External EPG

B.

Export Route Control Subnet

C.

Shared Route for External EPG

D.

Import Route Control Subnet

Question 50

Refer to the exhibit. Server A is connected to the Cisco ACI fabric using two teamed interfaces. One interface in a team is configured as active and the other remains in standby mode. When a failover occurs and the standby interface becomes active, it uses its built-in MAC address to send traffic. Which bridge domain configuration must be applied to resolve the issue?

Options:

A.

Configure Hardware proxy.

B.

Set L2 Unknown Unicast to Flood.

C.

Enable ARP flooding.

D.

Activate Limit IP Learning to Subnet.

Question 51

Which attribute should be configured for each user to enable RADIUS for external authentication in Cisco ACI?

Options:

A.

cisco-security domain

B.

cisco-auth-features

C.

cisco-aci-role

D.

cisco-av-pair

Question 52

A network engineer must backup the PRODUCTION tenant. The configuration backup should be stored on the APIC using a markup language and contain all secure information. Which export policy must be used to meet these requirement?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option D

D.

Option D

Question 53

An engineer must configure RADIUS authentication with Cisco ACI for remote authentication with out-of-band management access. Drag and drop the RADIUS configuration steps from the left into the required implementation order on the right. Not all steps are used.

Options:

Question 54

Which feature should be disabled on a bridge domain when a default gateway for endpoints is on an external device instead of a Cisco ACI bridge domain SVI?

Options:

A.

unknown unicast flooding

B.

ARP flooding

C.

unicast routing

D.

proxy ARP

Question 55

An engineer must set up a Cisco ACI fabric to send Syslog messages related to hardware events, such as chassis line card failures. The messages should be sent to a dedicated Syslog server. Where in the Cisco APIC should the policy be configured to meet this requirement?

Options:

A.

uni/tn-common/monepg-default

B.

uni/infra/monifra-default

C.

uni/fabric/monfab-default

D.

uni/fabric/moncommon

Question 56

What is a requirement for Cisco ACI IPN to manage multidestination traffic?

Options:

A.

pervasive gateway

B.

unicast routing

C.

anycast gateway

D.

multicast routing

Question 57

A network engineer must design a method to allow the Cisco ACI to redirect traffic to the firewalls. Only traffic that matches specific L4-L7 policy rules should be redirected. The load must be distributed across multiple firewalls to scale the performance horizontally. Which action must be taken to meet these requirements?

Options:

A.

Configure ACI Service Graph with Unidirectional PBR.

B.

Implement ACI Service Graph with GIPo.

C.

Implement ACI Service Graph Two Nodes with GIPo.

D.

Configure ACI Service Graph with Symmetric PBR.

Question 58

A network engineer is implementing a Layer 3 Out in the Cisco ACI fabric. The data center core switches must connect to a pair of leaf switches and exchange routes via a routing protocol. In addition, the implementation must meet these criteria;

• The external switch interface must use 802.1Q tagging.

• Access to the internet for the ACI fabric must be the L30ut.

• The L30ut must use a routing protocol that has rapid convergence time and low CPU usage.

Which configuration set meets these requirements?

Options:

A.

Configure the OSPF Protocol policy with an area of 0.

Set up the Routed External Network object and Node Profile and select OSPF. Create the Switch profile and select VPC with the appropriate interfaces. Create the default network and associate it with the Routed Outside object.

B.

Configure the BGP Protocol policy with the appropriate Autonomous System number. Configure an Interface policy and an External Bridged Domain. Create an External Bridged Network and use the configured VLAN pool. Build the Leaf profile and select the Routed sub-interface with the appropriate VLAN.

C.

Implement the IS-IS Protocol policy with the selected Autonomous System number. Create the Routed Outside object and Node Profile and select IS-IS. Configure the Interface profile and select the Routed Interface with the appropriate interfaces. Create the External Network object.

D.

Implement the EIGRP Protocol policy with the selected Autonomous System number. Create Routed Outside object and Node Profile and select EIGRP as the routing protocol. Build the Interface profile and select SVI and the appropriate VPC. Configure the External Network object with a network of 0.0.0.070.

Question 59

Refer to the exhibit. The 0.0.0.0/0 is configured as a default static route on L3Out-1. Which action should be taken for the 0.0.0.0/0 prefix to advertise out on L3Out-2 OSPF?

Options:

A.

Enable Export Route Control Subnet.

B.

Enable Shared Security Import Subnet.

C.

Enable Shared Route Control Subnet.

D.

Enable Aggregate Export Subnet.

Question 60

Refer to the exhibit. Which two configuration steps are completed before this output is generated? (Choose two.)

Options:

A.

MCP policy for the interface policy group for Port-channel 12 is enabled.

B.

MCP Instance Policy default in the global access policies is enabled.

C.

Error Disabled Recovery Policy for Loop Indication by MCP is set to True.

D.

BPDU Guard is enabled for the interface policy group for Port-channel 12.

E.

Spanning Tree Policy Region STP_4CAF232E48FF20 is added to the spanning-tree policy of the switch.

Question 61

Refer to the exhibit.

A network engineer must improve the configuration backup process and the configuration restore process. The current ACI solution is integrated with VMMs and third-y.. L4-L7 devices. The process requires that no additional information be re-entered when importing the configuration for a fully-functional state. Which configuration configures the port policy?

Options:

A.

Enable the Global AES Encryption Setting.

B.

Select the JSON data format to be used when exporting

C.

Create target DNs for all tenants.

D.

Configure a local snapshot.

Question 62

The company ESXi infrastructure is hosted on the Cisco UCS-B Blade Servers. The company decided to take advantage of ACI VMM integration to enable consistent enforcement of policies across virtual and physical workloads. The requirement is to prevent the packet loss between the distributed virtual switch and the ACI fabric. Which setting must be implemented on a vSwitch policy to accomplish this goal?

Options:

A.

Static Channel

B.

MAC Pinning

C.

LACP

D.

LLDP

Question 63

Which method does the Cisco ACI fabric use to load-balance multidestination traffic?

Options:

A.

PIM routing

B.

spanning trees

C.

shortest-path trees

D.

forwarding tag trees

Question 64

Refer to the exhibit A Cisco ACI fabric is using out-of-band management connectivity The APIC must access a routable host with an IP address of 192 168 11 2 Which action accomplishes this goal?

Options:

A.

Change the switch APIC Connectivity Preference to in-band management

B.

Remove the in-band management address from the APIC.

C.

Add a Fabric Access Policy to allow management connections.

D.

Modify the Pod Profile to use the default Management Access Policy

Question 65

A situation causes a fault to be raised on the APIC. The ACI administrator does not want that fault to be raised because it is not directly relevant to the environment. Which action should the administrator take to prevent the fault from appearing?

Options:

A.

Under System -> Faults, right-click on the fault and select Acknowledge Fault so that acknowledged faults will immediately disappear.

B.

Create a stats threshold policy with both rising and falling thresholds defined so that the critical severity threshold matches the squelched threshold.

C.

Under System -> Faults, right-click on the fault and select Ignore Fault to create a fault severity assignment policy that hides the fault.

D.

Create a new global health score policy that ignores specific faults as identified by their unique fault code.

Question 66

An engineer must advertise a selection of external networks learned from a BGP neighbor into the ACI fabric. Which L3Out subnet configuration option creates an inbound route map for route filtering?

Options:

A.

External Subnets for the External EPG

B.

Shared Route Control Subnet

C.

Import Route Control Subnet

D.

Shared Security Import Subnet

Question 67

Which statement about ACI syslog is true or Which statement describes the ACI syslog?

Options:

A.

Notifications for different scopes of syslog objects can be sent only to one destination.

B.

Syslog messages are sent to the destination through the spine.

C.

All syslog messages are sent to the destination through APIC.

D.

Switches send syslog messages directly to the destinations.

Question 68

An engineer must configure a group of servers with a contract that uses TCP port 80. The EGP that contains the web servers requires an external Layer 3 cloud to initiate communication. Which action must be taken to meet these requirements?

Options:

A.

Configure the EGP as a provider and L3 out as consumer of the contract.

B.

Configure OSPF to exchange routes between the L3 out and EGP.

C.

Configure a taboo contract and apply it to the EPG.

D.

Configure the EPG as a consumer and L3 out as a provider of the contract.

Question 69

A Cisco ACI is integrated with a VMware vSphere environment. The port groups must be created automatically in vSphere and propagated to hypervisors when created in the ACI environment. Which action accomplishes this goal?

Options:

A.

Associate the VMM domain with the EPGs that must be available in vCenter.

B.

Assign the uplinks of the ESXi hosts to the vDS that the APIC created.

C.

Configure contracts for the EPGs that are required on the ESXi hosts.

D.

Create the port groups on the vCenter that reflect the EPG names in the APIC.

Question 70

Engineer resolves an underlying condition of a fault but notices that the fault was not deleted from the Faults view. Which two actions must be taken to remove the fault? (Choose two.)

Options:

A.

The fault is deleted after the retention interval.

B.

Acknowledge the fault as an administrator.

C.

The raised condition ceases.

D.

The soaking timer expires.

Question 71

An engineer must connect Cisco ACI fabric using Layer 2 with external third-party switches. The third-party

switches are configured using 802.1s protocol. Which two constructs are required to complete the task?

(Choose two.)

Options:

A.

spanning tree policy for mapping MST Instances to VLANs

B.

MCP policy with PDU per VLAN enabled

C.

MCP instance policy with administrative slate disabled

D.

dedicated EPG for native VLAN

E.

static binding of native VLAN in all existing EPGs

Question 72

A data center administrator is upgrading an ACI fabric. There are 3 APIC controllers in the fabric and all the servers are dual-homed to pairs of leaf switches configured in VPC mode. How should the fabric be upgraded to minimize possible traffic impact during the upgrade?

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 73

Refer to the exhibit. An engineer configures communication between the EPGs in different tenants. Which action should be taken to create the subnet?

Options:

A.

Change Scope to Shared between VRFs.

B.

Leave Scope set to Private to VRF.

C.

Add the L3Out for Route Profile value.

D.

Change Scope to Advertised Externally.

Question 74

What must be configured to allow SNMP traffic on the APIC controller?

Options:

A.

out-of-band management interface

B.

contract under tenant mgmt

C.

SNMP relay policy

D.

out-of-band bridge domain

Demo: 74 questions
Total 247 questions