Labour Day Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Login / Register

Question # 4

Which feature allows firewall ACLs to be configured automatically when new endpoints are attached to an EPG?

A.

ARP gleaning

B.

dynamic endpoint attach

C.

hardware proxy

D.

network-stitching

Full Access
Question # 5

An engineer must implement management policy and data plane separation in the Cisco ACI fabric. Which ACI object must be created in Cisco APIC to accomplish this goal?

A.

Application profile

B.

Tenant

C.

Contract

D.

Bridge domain

Full Access
Question # 6

Which two actions extend a Layer 2 domain beyond the ACI fabric? (Choose two.)

A.

extending the routed domain out of the ACI fabric

B.

creating a single homed Layer 3 Out

C.

creating an external physical network

D.

extending the bridge domain out of the ACI fabric

E.

extending the EPG out of the ACI fabric

Full Access
Question # 7

An engineer configures a Cisco ACI Multi-Pod for disaster recovery. Which action should be taken for the new nodes to be discoverable by the existing Cisco APICs?

A.

Configure IGMPv3 on the interfaces of IPN routers that face the Cisco ACI spine.

B.

Enable subinterfaces with dot1q tagging on all links between the IPN routers.

C.

Enable DHCP relay on all links that are connected to Cisco ACI spines on IPN devices.

D.

Configure BGP as the underlay protocol in IPN.

Full Access
Question # 8

When a pre-provision immediacy is used, when is the policy downloaded to the Cisco ACI leaf switch?

A.

The policy is downloaded and programmed in the hardware policy CAM when the change is implemented on the Cisco APIC.

B.

The policy is programmed in the hardware policy CAM when the policy is downloaded in the leaf software.

C.

The policy is programmed in the hardware policy CAM when the first packet is received through the data path.

D.

The policy is downloaded to the associated leaf switch software when the ESXi host is attached to a DVS.

Full Access
Question # 9

A customer is deploying a new application across two ACI pods that is sensitive to latency and jitter. The application sets the DSCP values of packets to AF31 and CS6, respectively. Which configuration changes must be made on the APIC to support the new application and prevent packets from being delayed or dropped between pods?

A.

disable DSCP mapping on the IPN devices

B.

disable DSCP translation policy

C.

align the ACI QoS levels and IPN QoS policies

D.

align the custom QoS policy on the EPG site in the customer tenant

Full Access
Question # 10

What is the advantage of implementing an active-active firewall cluster that is stretched across separate pods when anycast services are configured?

A.

A cluster is capable to be deployed in transparent mode across pods.

B.

A different MAC/IP configuration combination is configurable for the firewall in each pod.

C.

Local traffic in a pod is load-balanced between the clustered firewalls.

D.

The local pod anycast node is preferred by the local spines.

Full Access
Question # 11

Refer to the exhibit. An engineer must allow IP mobility between Site1 and Site2 in a Cisco ACI Multi-Site orchestrator. The design must meet these requirements:

A disaster recovery (DR) solution must exist between the sites that do not require vMotion support.

The application must be started at a DR site without having to re-IP the application servers.

The solution must avoid any broadcast storms between the sites.

Which two actions meet these criteria? (Choose two.)

A.

Define a unique bridge domain subnet per site.

B.

Configure STP between Cisco ACI fabrics.

C.

Deploy a local EPG for Site1 and Site2.

D.

Disable Inter-site BUM Traffic.

E.

Apply the L2 Stretch feature.

Full Access
Question # 12

Refer to the exhibit.

Which action should be taken to ensure authentication if the RADIUS servers are unavailable?

A.

Adjust the priority of server 10.1.1.1 to 1.

B.

Set the fallback login to local.

C.

Assign the user to the default role.

D.

Set the default login realm to LDAP

Full Access
Question # 13

An engineer created two interface protocol policies called Pol_CDP40275332 and Pol_LLDP46783451. The policies must be used together in a single policy. Which ACI object must be used?

A.

interface policy group

B.

switch policy group

C.

switch profile

D.

interface profile

Full Access
Question # 14

A network engineer must backup the PRODUCTION tenant. The configuration backup should be stored on the APIC using a markup language and contain all secure information. Which export policy must be used to meet these requirement?

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option D

D.

Option D

Full Access
Question # 15

Refer to the exhibit. An administrator configures inter-VRF route leaking between Production:vrf-prod and Non-Production:vrf-nonprod. However, the route in the Non-Production:vrf-nonprod VRF to the production tenant is missing. Which action resolves the VRF route leaking issue?

A.

Change the contract scope to Global.

B.

Enable the Shared between VRFs option for the BD subnet in the production VRF.

C.

Enable the Shared between VRFs option for the EPG subnet in the non-production VRF.

D.

Export the contract from provider to consumer tenant.

Full Access
Question # 16

An ACI administrator notices a change in the behavior of the fabric. Which action must be taken to determine if a human intervention introduced the change?

A.

Inspect event records in the APIC UI to see all actions performed by users.

B.

Inspect /var/log/audit_messages on the APIC to see a record of all user actions.

C.

Inspect audit logs in the APIC UI to see all user events.

D.

Inspect the output of show command history in the APIC CLI.

Full Access
Question # 17

Which method does the Cisco ACI fabric use to load-balance multidestination traffic?

A.

PIM routing

B.

spanning trees

C.

shortest-path trees

D.

forwarding tag trees

Full Access
Question # 18

A network engineer must configure a Cisco ACI system to detect network loops for untagged and tagged traffic The loop must be detected and slopped by disabling an interface within 4 seconds Which configuration must be used?

A.

Option A

B.

Option B

C.

Option C

Full Access
Question # 19

An engineer must connect Cisco ACI fabric using Layer 2 with external third-party switches. The third-party

switches are configured using 802.1s protocol. Which two constructs are required to complete the task?

(Choose two.)

A.

spanning tree policy for mapping MST Instances to VLANs

B.

MCP policy with PDU per VLAN enabled

C.

MCP instance policy with administrative slate disabled

D.

dedicated EPG for native VLAN

E.

static binding of native VLAN in all existing EPGs

Full Access
Question # 20

Refer to the exhibit. A Cisco ACI environment hosts two e-commerce applications. The default contract from a common tenant between different application tiers is used, and the applications work as expected. The customer wants to move to more specific contracts to prevent unwanted traffic between EPGs. A network administrator creates the app-to-db contract to meet this objective for the application and database tiers. The application EPGs must communicate only with their respective database EPGs. How should this contract be configured to meet this requirement?

A.

Set the app-to-db scope to Global.

B.

Set the app-to-db scope to Application Profile.

C.

Implement the app-to-db scope as VRF.

D.

Implement the app-to-db as a Taboo contract.

Full Access
Question # 21

Refer to the exhibit. A company merges three of its departments: CORP, HR, and SERVICES, Currently, the connectivity between departments is achieved by using VRF route leaking. The requirement is to redesign the Cisco ACI networking architecture to communicate between EPGs and BDs from any tenant without configuring contracts or VRF route leaking. Which configuration meets these criteria?

A.

Configure an unenforced VRF in the user tenant and map all required EPGs to it.

B.

Implement an enforced VRF in the common tenant and map all required BDs to it.

C.

Configure an enforced VRF in the user tenant and map all required EPGs to it.

D.

Implement an unenforced VRF in the common tenant and map all required BDs to it.

Full Access
Question # 22

What two actions should be taken to deploy a new Cisco ACI Multi-Pod setup? (Choose two.)

A.

Configure MP-BGP on IPN routers that face the Cisco ACI spines.

B.

Connect all spines to the IPN.

C.

Configure anycast RP for the underlying multicast protocol

D.

Configure the TEP pool of the new pod to be routable across the IPN.

E.

Increase interface MTU for all IPN routers to support VXLAN traffic.

Full Access
Question # 23

The company ESXi infrastructure is hosted on the Cisco UCS-B Blade Servers. The company decided to take advantage of ACI VMM integration to enable consistent enforcement of policies across virtual and physical workloads. The requirement is to prevent the packet loss between the distributed virtual switch and the ACI fabric. Which setting must be implemented on a vSwitch policy to accomplish this goal?

A.

Static Channel

B.

MAC Pinning

C.

LACP

D.

LLDP

Full Access
Question # 24

Refer to the exhibit.

Which Adjacency Type value should be set when the client endpoint and the service node

interface are in a different subnet?

A.

Routed

B.

Unicast

C.

L3Out

D.

L3

Full Access
Question # 25

How is broadcast forwarded in Cisco ACI Multi-Pod after ARP flooding is enabled?

A.

Ingress replication is used on the spines to forward broadcast frames in the IPN infrastructure.

B.

Within a pod, the ingress leaf switch floods the broadcast frame on all fabric ports.

C.

Broadcast frames are forwarded inside the pod and across the IPN using the multicast address that is associated to the bridge domain.

D.

For the specific bridge domain, all spines forward the broadcast frames to IPN routers.

Full Access
Question # 26

Refer to the exhibit. A company decided to decrease its routing footprint and remove RT-2 and RT-3 devices from its data center. Because of that, the exit point must be created from all the tenants by using the common tenant. Which two configuration tasks must be completed to meet these requirements? (Choose two.)

A.

Move subnets from all the bridge domains to the EPG level and mark them with flag Shared between VRFs.

B.

Update the L3Out ExtEPG subnet in the common tenant with flag Shared Route Control Subnet and Aggregate Shared Routes.

C.

Mark all subnets with flag Shared between VRFs and attach contract Ctr-3 as a provider to all the EPGs.

D.

Change contract Ctr-3 scope to Global, consume it by all EPGs, and flag all subnets with flag Shared between VRFs.

E.

Export contract Ctr-2 into the tenant TN-1 and attach it as a consumer to all the EPGs in the tenant TN-1.

Full Access
Question # 27

A company must connect three Cisco ACI data centers by using Cisco ACI Multi-Site. An engineer must configure the Inter-Site Network (ISN) between the existing sites. Which two configuration steps must be taken to implement the ISN? (Choose two.)

A.

Configure OSPF on subinterfaces on routers that are directly connected with spine nodes.

B.

Configure ISN site extension on Cisco routers in the network.

C.

Configure OSPF on all ISN routers.

D.

Configure BIDIR-PIM on all ISN routers.

E.

Configure encapsulation VLAN-4 between the routers and spine nodes.

Full Access
Question # 28

Which tenant is used when configuring in-band management IP addresses for Cisco APICs, leaf nodes, and spine nodes?

A.

default

B.

infra

C.

common

D.

mgmt

Full Access