Free preview mode
Enjoy the free questions and consider upgrading to gain full access!
300-620
Free trial
Verified
Question 51
Refer to the exhibit. An engineer must divert the traffic between VM-1 and VM-2 by using a Multi-Node service graph. The solution should prevent an insufficient number of available Layer 4 to Layer 7 devices in the first cluster. Which configuration set accomplishes this goal?
- A: • PBR node tracking • tracking threshold with action bypass • symmetric PBR • resilient hashing
- B: • PBR node tracking • tracking threshold with action permit • unidirectional PBR • resilient hashing
- C: • PBR node tracking • tracking threshold with action permit • symmetric PBR • resilient hashing
- D: • PBR node tracking • tracking threshold with action deny • symmetric PBR • unidirectional PBR
Question 52
An engineer must add a group of 70 bare-metal ESXi servers to the Cisco ACI fabric, which is integrated with vCenter. These configuration steps are complete:
• The configured pool of ESXi hosts is configured with an Attachable Access Entity Profile (AAEP) called AEP_VMM.
• The new group uses the AAEP called AEP_BAREMETAL.
Which action extends functional VMM integration to the new nodes?
- A: Update AAEP to AEP_VMM on all policy groups that are used toward bare-metal servers.
- B: Create a new AAEP container object for policy groups for AEP_VMM.
- C: Implement a separate VMM domain for the bare-metal servers by using AEP_VMM.
- D: Add the VMM domain under the AEP_BAREMETAL AAEP object.
Question 53
Which two protocols are used for fabric discovery in ACI? (Choose two.)
- A: LLDP
- B: OSPF
- C: CDP
- D: DHCP
- E: ISIS
Question 54
What is the purpose of the Overlay Multicast TEP in a Cisco ACI Multi-Site deployment?
- A: to source and receive unicast VXLAN data plane traffic
- B: to establish MP-BGP EVPN adjacencies with the spine nodes in remote sites
- C: to encapsulate multicast traffic in a common multicast group
- D: to perform head-end replication for BUM traffic
Question 55
Refer to the exhibit. A network engineer must complete the Cisco ACI implementation based on the logical system design created by the systems architect. Which Cisco ACI object is required where the dotted line indicates to complete the task?
- A: contract
- B: application profile
- C: context
- D: attachable Access Entity Profile
Question 56
When a pre-provision immediacy is used, when is the policy downloaded to the Cisco ACI leaf switch?
- A: The policy is downloaded and programmed in the hardware policy CAM when the change is implemented on the Cisco APIC.
- B: The policy is programmed in the hardware policy CAM when the policy is downloaded in the leaf software.
- C: The policy is programmed in the hardware policy CAM when the first packet is received through the data path.
- D: The policy is downloaded to the associated leaf switch software when the ESXi host is attached to a DVS.
Question 57
Where is the COOP database located?
- A: leaf
- B: spine
- C: APIC
- D: endpoint
Question 58
As part of a migration, legacy non-ACI switches must be connected to the Cisco ACI fabric. All non-ACI switches run per-VLAN RSTP. After the non-ACI switches are connected to Cisco ACI, the STP convergence caused a microloop and significant CPU spike on all switches. Which configuration on the interfaces of the external switches that face the Cisco ACI fabric resolves the problem?
- A: BPDU guard
- B: aggressive STP timers
- C: BPDU filtering
- D: STP type link shared
Question 59
Which two IP address types are available for transport over the ISN when they are configured from Cisco ACI Multi-Site Orchestrator? (Choose two.)
- A: Management IP of APICs
- B: Management IP of the MSO Node
- C: Anycast Overlay Multicast TEP
- D: MP-BGP EVPN Router-ID
- E: Common Pervasive Gateway
Question 60
A network engineer must integrate VMware vCenter cluster with Cisco ACI. The requirement is for the management traffic of the hypervisors and VM controllers to use the virtual switch associated with the Cisco Application Policy. The EPG called "Vmware-MGMT" with VLAN 300 has been created for this purpose. Which set of steps must be taken to complete the configuration?
- A: • Add VLAN 300 with static allocation to the VLAN POOL that is used for VMM integration. • Attach the VMM domain to the target EPG with resolution preprovision, mode static, untagged access VLAN, and Port-Encap 300.
- B: • Associate the target EPG with the VMM domain with default settings. • Enable Infrastructure VLAN on AAEP used toward VMware hypervisors.
- C: • Enable Infrastructure VLAN on AAEP used toward VMware hypervisors. • Associate the target EPG with the VMM domain with default settings.
- D: • Enable Infrastructure VLAN on AAEP used toward VMware hypervisors. • Create a static binding in the target EPG toward VMware hypervisors with VLAN 300, untagged access VLAN, and Untagged 802.1P mode.
Question 61
Refer to the exhibit. A Cisco ACI fabric displays this fault. Which set of actions modifies the event to be displayed as a warning in the future?
- A: Navigate to the ACI Events tab. Create a new record.
- B: Navigate to the ACI Fault tab. Create a new record.
- C: Navigate to the ACI Events tab. Change the severity level.
- D: Navigate to the ACI Fault tab. Change the severity level.
Question 62
A bridge domain for a new endpoint group in the Cisco ACI fabric must meet these requirements:
• The bridge domain must function as the default gateway for the subnet so that routing remains within the Cisco ACI fabric.
• ARP requests must be managed via Layer 3 unicast packets or be dropped to reduce excessive broadcast traffic.
• The impact of misconfigured virtual machines must be kept to a minimum by preventing IP addresses outside of the configured subnet from being routed.
Which set of actions must be taken?
- A: Disable ARP Flooding. Enable Limit IP Learning to Subnet. Enable Unicast Routing on the bridge domain and configure a subnet.
- B: Enable Limit IP Learning to Subnet. Enable Unicast Routing on the bridge domain and configure a subnet. Set Multi-Destination Flooding to Flood in BD.
- C: Set Endpoint Retention Policy to default. Enable ARP Flooding. Enable Unicast Routing on the bridge domain and configure a subnet.
- D: Enable Unicast Routing on the bridge domain and configure a subnet. Set L2 Unknown Unicast to Flood. Disable Endpoint Retention Policy.
Question 63
An engineer configures a one-armed policy-based redirect service insertion for an unmanaged firewall. The engineer configures these Cisco ACI objects:
• a contract named All_Traffic_Allowed
• a Layer 4 to Layer 7 device named FW-Device
• a policy-based redirect policy named FW-1Arm-Policy-Based RedirectPolicy
Which configuration set redirects the traffic to the firewall?
- A: Configure a policy-based redirect subject. Associate the policy-based redirect subject with All_Traffic_Allowed.
- B: Configure a firewall bridge domain. Associate the bridge domain with FW-Device.
- C: Configure a device interface policy. Associate the device interface policy with FW-Device.
- D: Configure a service graph. Associate the service graph with All_Traffic_Allowed.
Question 64
Refer to the exhibit. The Cisco ACI fabric has an egress L3Out from Leaf-101 and Leaf-102 to CORE-1. VLAN 102 is used to form the OSPF adjacency. The workloads must be migrated into EPG-101, and the static port binding is configured to Leaf-103 e1/1 with encap VLAN 101. An engineer completes the port binding and receives an MCP fault. Which action clears the fault?
- A: Use VLAN 101 for OSPF adjacency on the egress L3Out.
- B: Use VLAN 102 as the encap VLAN on the EPG-101 static port binding.
- C: Add VLAN 102 to the VLAN pool that is used by the static port binding.
- D: Prune VLAN 101 from the VLAN pool that is used by the egress L3Out.
That’s the end of your free questions
You’ve reached the preview limit for 300-620Consider upgrading to gain full access!
Free preview mode
Enjoy the free questions and consider upgrading to gain full access!