Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

300-620Free trial

By cisco

Verified

25Q per page

Question 1

An engineer is implementing a Cisco ACI data center network that includes Cisco Nexus 2000 Series 10G fabric extenders. Which physical topology is supported?
A.

—

Question 2

Which feature dynamically assigns or modifies the EPG association of virtual machines based on their attributes?

A: vzAny contracts
B: standard contracts
C: application EPGs
D: uSeg EPGs

—

Question 3

An engineer must allow multiple external networks to communicate with internal ACI subnets. Which action should the engineer take to assign the prefix to the class ID of the external Endpoint Group?

A: Enable the Export Route Control Subnet for the External Endpoint Group flag.
B: Enable an L3Out with Shared Route Control Subnet.
C: Configure subnets with the External Subnets for External EPG flag enabled.
D: Configure subnets with the Import Route Control Subnet flag enabled.

—

Question 4

An engineer must ensure that Cisco ACI flushes the appropriate endpoints when a topology change notification message is received in an MST domain. Which three steps are required to accomplish this goal? (Choose three.)

A: Enable the BPDU interface controls under the spanning tree interface policy.
B: Configure a new STP interface policy.
C: Bind the spanning tree policy to the switch policy group.
D: Associate the STP interface policy to the appropriate interface policy group.
E: Create a new region policy under the spanning tree policy.
F: Map VLAN range to MST instance number.

—

Question 5

A Cisco ACI bridge domain and VRF are configured with a default data-plane learning configuration. Which two endpoint attributes are programmed in the leaf switch when receiving traffic? (Choose two.)

A: Remote MAC, IP
B: Remote Subnet
C: Local IP, not MAC
D: Local MAC, IP
E: Local Subnet
F: Remote IP

—

Question 6

Refer to the exhibit. An engineer wants to initiate an ICMP ping from Server1 to Server2. The requirement is for the BD1 to enforce ICMP replies that follow the expected path. The packets must be prevented from taking the direct path from Leaf1 to Server1. Which action must be taken on BD1 to meet these requirements?

A: Set L2 Unknown Unicast to Flood.
B: Set L2 Unknown Unicast to Hardware Proxy.
C: Disable Unicast Routing.
D: Enable ARP Flooding.

—

Question 7

A network engineer must configure a Cisco ACI system to detect network loops for untagged and tagged traffic. The loop must be detected and stopped by disabling an interface within 4 seconds. Which configuration must be used?

—

Question 8

An engineer must configure a group of servers with a contract that uses TCP port 80. The EPG that contains the web servers requires an external Layer 3 cloud to initiate communication. Which action must be taken to meet these requirements?

A: Configure the EPG as a provider and L3 out as consumer of the contract.
B: Configure OSPF to exchange routes between the L3 out and EPG.
C: Configure a taboo contract and apply it to the EPG.
D: Configure the EPG as a consumer and L3 out as a provider of the contract.

—

Question 9

The unicast routing feature is enabled on the bridge domain. Which two conditions enable the Cisco ACI leaf to learn a source IP as a local endpoint? (Choose two.)

A: Through Ethernet traffic received in a bridge domain.
B: IP traffic routed through an SVI.
C: Through VXLAN traffic received on the uplink.
D: IP traffic routed through a Layer 3 Out.
E: Through ARP received on an SVI.

—

Question 10

When does the Cisco ACI leaf learn a source IP or MAC as a remote endpoint?

A: When VXLAN traffic arrives on a leaf fabric port from the spine and outer source IP is in the Layer 3 Out EPG subnet range.
B: When VXLAN traffic arrives on a leaf fabric port from the spine and outer source IP is in the bridge domain subnets range.
C: When VXLAN traffic arrives on a leaf fabric port from the spine and inner source IP is in the Layer 3 Out EPG subnet range.
D: When VXLAN traffic arrives on a leaf fabric port from the spine and inner source IP is in the bridge domain subnets range.

—

Question 11

Refer to the exhibit. An engineer is deploying a Cisco ACI environment but experiences a STP loop between SW1 and SW2. Which configuration step is needed to break the STP loop?

A: Configure a Layer 2 external bridged network on the interfaces facing the MST switches.
B: Enable the native VLAN on the interfaces facing the MST switches using static ports in a dedicated EPG.
C: Enable BPDU filter under the STP interface policy on the interfaces facing the MST switches.
D: Configure the STP instance to VLAN mapping under the switch STP policy.

—

Question 12

What is MP-BGP used for in Cisco ACI fabric?

A: MP-BGP VPNv4 AF is used as protocol on L3Out between a border leaf and an external router
B: MP-BGP Layer 2 VPN EVPN AF is used to propagate L3Out routes that are received from a border leaf
C: MP-BGP VPNv4 AF is used to propagate L3Out routes that are received from a border leaf to the fabric
D: MP-BGP VPNv4 AF is used between spines in an ACI Multi-Pod fabric to propagate the endpoint

—

Question 13

Which feature allows firewall ACLs to be configured automatically when new endpoints are attached to an EPG?

A: ARP gleaning
B: dynamic endpoint attach
C: hardware proxy
D: network-stitching

—

Question 14

What are two descriptions of ACI Multi-Site? (Choose two.)

A: Routers in the Inter-Site network must run OSPF, DHCP relay, and MP-BGP
B: ACI Multi-Site is a solution that allows one APIC cluster to manage multiple ACI sites
C: The Multi-Site orchestrator must be directly attached to one ACI leaf
D: ACI Multi-Site is a solution that supports a dedicated APIC cluster per site
E: The Inter-Site network routers should run OSPF to establish peering with the spines

—

Question 15

DRAG DROP

An engineer must configure VMM domain integration on a Cisco UCS B-Series server that is connected to a Cisco ACI fabric. Drag and drop the products used to create VMM domain from the bottom into the sequence in which they should be implemented at the top. Products are used more than once.

—

Question 16

The company ESXi infrastructure is hosted on the Cisco UCS-B Blade Servers. The company decided to take advantage of ACI VMM integration to enable consistent enforcement of policies across virtual and physical workloads. The requirement is to prevent the packet loss between the distributed virtual switch and the ACI fabric. Which setting must be implemented on a vSwitch policy to accomplish this goal?

A: Static Channel
B: MAC Pinning
C: LACP
D: LLDP

—

Question 17

An engineer is configuring ACI VMM domain integration with Cisco UCS-B Series. Which type of port channel policy must be configured in the vSwitch policy?

A: LACP Active
B: MAC Pinning
C: LACP Passive
D: MAC Pinning-Physical-NIC-load

—

Question 18

A Cisco ACI is integrated with a VMware vSphere environment. The port groups must be created automatically in vSphere and propagated to hypervisors when created in the ACI environment. Which action accomplishes this goal?

A: Create the port groups on the vCenter that reflect the EPG names in the APIC
B: Assign the uplinks of the ESXi hosts to the vDS that the APIC created
C: Configure contracts for the EPGs that are required on the ESXi hosts
D: Associate the VMM domain with the EPGs that must be available in vCenter

—

Question 19

A network engineer is integrating a new Hyperflex storage duster into an existing Cisco ACI fabric. The Hyperflex cluster must be managed by vCenter, so a new vSphere Distributed switch must be created. In addition, the hardware discovery must be performed by a vendor-neutral discovery protocol. Which set of steps meets these requirements?

A: Configure an Interface Policy group, select CDP, and apply it to the desired interfaces. Enter the vCenter IP and credentials in the Create vCenter Controller dialog box. In the Create VMware VMM domain dialog box, select Read-Only Mode.
B: Configure an Interface Policy group, select LLDP, and apply it to the selected interfaces. Create a VLAN pool, add it to the VMware VMM domain, and include the appropriate interfaces. Enter the vCenter IP and credentials in the Create vCenter Controller dialog box.
C: Configure a Switch Policy group, select LLDP, and apply it to the indicated interfaces. Set up a VMware VMM domain and apply it to the appropriate interfaces. Enter the APIC management IP and credentials in the Create vCenter Controller dialog box.
D: Configure an Interface Policy group, select CDP, and apply it to the designated interfaces. Create a VMware VMM domain, add it to the VLAN pool, and associate it to the designated interfaces. Select Read Only Mode in the Create VMware VMM domain dialog box.

—

Question 20

In-band is currently configured and used to manage the Cisco ACI fabric. The requirement is for leaf and spine switches to use out-of-band management for NTP protocol. Which action accomplishes this goal?

A: Select Out-of-Band as Management EPG in the default DateTimePolicy.
B: Create an Override Policy with NTP Out-of-Band for leaf and spine switches.
C: Change the interface used for APIC external connectivity to ooband.
D: Add a new filter to the utilized Out-of-Band-Contract to allow NTP protocol.

—

Question 21

DRAG DROP

An engineer must configure RADIUS authentication with Cisco ACI for remote authentication with out-of-band management access. Drag and drop the RADIUS configuration steps from the left into the required implementation order on the right. Not all steps are used.

—

Question 22

An administrator must migrate the vSphere Management VMkernel of all ESXi hosts in the production cluster from the standard default virtual switch to a VDS that is integrated with APIC in a VMM domain. Which action must be completed in this scenario?

A: The Management VMkernel EPG resolution must be set to Pre-Provision.
B: The administrator must create an in-band VMM Management EPG before performing the migration.
C: The administrator must set the Management VMkernel BD resolution immediacy to On-Demand.
D: The VMkernel Management BD must be located under the Management Tenant.

—

Question 23

A customer implements RBAC on a Cisco APIC using a Windows RADIUS server that is configured with network control policies. The APIC configuration is as follows:
• Tenant = TenantX
• Security Domain = TenantX-SD
• User = X

The customer requires User X to have access to TenantX only, without any extra privilege in the Cisco ACI fabric domain. Which Cisco AV pair must be implemented on the RADIUS server to meet these requirement?

A: shell:domains = TenantX-SD/fabric-admin/,common//read-all
B: shell:domains = TenantX-SD/tenant-admin
C: shell:domains = TenantX-SD/tenant-ext-admin/,common//read-all
D: shell:domains = TenantX-SD/tenant-admin/,common//read-all

—

Question 24

An engineer is implementing Cisco ACI at a large platform-as-a-service provider using APIC controllers, 9396PX leaf switches, and 9336PQ spine switches. The leaf switch ports are configured as IEEE 802.1p ports. Where does the traffic exit from the EPG in IEEE 802.1p mode in this configuration?

A: from leaf ports tagged as VLAN 0
B: from leaf ports untagged
C: from leaf ports tagged as VLAN 4094
D: from leaf ports tagged as VLAN 1

—

Question 25

A network engineer must backup the PRODUCTION tenant. The configuration backup should be stored on the APIC using a markup language and contain all secure information. Which export policy must be used to meet these requirement?

—

Page 1 of 13 • Questions 1-25 of 316

1 2 3 4 5

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!