New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: best70

300-620 Implementing Cisco Application Centric Infrastructure (300-620 DCACI) Questions and Answers

Questions 4

A situation causes a fault to be raised on the APIC. The ACI administrator does not want that fault to be raised because it is not directly relevant to the environment. Which action should the administrator take to prevent the fault from appearing?

Options:

A.

Under System -> Faults, right-click on the fault and select Acknowledge Fault so that acknowledged faults will immediately disappear.

B.

Create a stats threshold policy with both rising and falling thresholds defined so that the critical severity threshold matches the squelched threshold.

C.

Under System -> Faults, right-click on the fault and select Ignore Fault to create a fault severity assignment policy that hides the fault.

D.

Create a new global health score policy that ignores specific faults as identified by their unique fault code.

Buy Now
Questions 5

Which description regarding the initial APIC cluster discovery process is true?

Options:

A.

The APIC uses an internal IP address from a pool to communicate with the nodes.

B.

Every switch is assigned a unique AV by the APIC.

C.

The APIC discovers the IP address of the other APIC controllers by using Cisco Discovery Protocol.

D.

The ACI fabric is discovered starting with the spine switches.

Buy Now
Questions 6

The Application team reports that a previously existing port group has disappeared from vCenter. An engineer confirms that the VM domain association for the EPG is no longer present. Which action determines which user is responsible for the change?

Options:

A.

Check the EPG audit logs for the 'deletion' action and compare the affected object and user.

B.

Evaluate the potential faults that are raised for that EPG.

C.

Examine the health score and drill down to an object that affects the EPG combined score.

D.

Inspect the server logs to see who was logging in to the APIC during the last few hours.

Buy Now
Questions 7

A network engineer must backup the PRODUCTION tenant. The configuration backup should be stored on the APIC using a markup language and contain all secure information. Which export policy must be used to meet these requirement?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option D

D.

Option D

Buy Now
Questions 8

What is a requirement for Cisco ACI IPN to manage multidestination traffic?

Options:

A.

pervasive gateway

B.

unicast routing

C.

anycast gateway

D.

multicast routing

Buy Now
Questions 9

Which endpoint learning operation is completed on the ingress leaf switch when traffic is received from a Layer 3 Out?

Options:

A.

The source MAC address of the traffic is learned as a local endpoint.

B.

The source MAC address of the traffic is learned as a remote endpoint.

C.

The source IP address of the traffic is learned as a remote endpoint.

D.

The source IP address of the traffic is learned as a local endpoint.

Buy Now
Questions 10

Which routing protocol is supported between Cisco ACI spines and IPNs in a Cisco ACI Multi-Pod environment?

Options:

A.

OSPF

B.

ISIS

C.

BGP

D.

EIGRP

Buy Now
Questions 11

An engineer must configure VMM domain integration on a Cisco UCS B-Series server that is connected to a Cisco ACI fabric. Drag and drop the products used to create VMM domain from the bottom into the sequence in which they should be implemented at the top. Products are used more than once.

Options:

Buy Now
Questions 12

Which two components are essential parts of a Cisco ACI Virtual Machine Manager (VMM) domain policy configuration? (Choose two.)

Options:

A.

VMM domain profile

B.

EPG static port binding

C.

Layer 3 outside interface association

D.

IP address pool association

E.

EPG association

Buy Now
Questions 13

Which type of profile needs to be created to deploy an access port policy group?

Options:

A.

attachable entity

B.

Pod

C.

module

D.

leaf interface

Buy Now
Questions 14

Refer to the exhibit. Which two configurations enable inter-VRF communication? (Choose two.)

Options:

A.

Set the subnet scope to Shared Between VRFs.

B.

Enable Advertise Externally under the subnet scope.

C.

Export the contract and import as a contract interface.

D.

Change the contract scope to Tenant.

E.

Change the subject scope to VRF.

Buy Now
Questions 15

A bridge domain for an EPC called “Web Servers” must be created in the Cisco APIC. The configuration must meet these requirements:

    Only traffic to known Mac addresses must be allowed to reduce noice.

    The multicast traffic must be limited to the ports that are participating in multicast routing.

    The endpoints within the bridge domain must be kept in the endpoint table for 20 minultes without any updates.

Which set of steps configures the bridge domain that satisfies the requirements?

Options:

A.

Select the ARP Flooding checkbox.

Create an Endpoint Retention Policy with a Remote Endpoint Aging Interval of 20 minutes.

Set L3 Unknown Multicast Flooding to Optimized Flooding

B.

Set L2 Unknown Unicast to Hardware Proxy.

Configure L3 Unknown Multicast Flooding to Optimized Flood.

Create an Endpoint Retention Policy with a Local Endpoint Aging interval of 1200 seconds.

C.

Switch L2 Unknown Unicast to Flood.

Select the default Endpoint Retention Policy and set the Local Endpoint Aging to 20 minutes.

Set Multicast Destination Flooding to Flood in Encapsulation.

D.

Multicast Destination Flooding should be set to Flood in BD.

Set L3 Unknown Multicast Flooding to Flood.

Select the default Endpoint Retention Policy with a Local Endpoint Aging Interval of 1200 seconds.

Buy Now
Questions 16

New ESXi hosts are procured in a data center compute expansion project. An engineer must update the

configuration on the Cisco APIC controllers to support the addition of the new servers to the existing VMM

domain. Which action should be taken to support this change?

Options:

A.

Create a range of internal VLANs in the associated VLAN pool.

B.

Set the encapsulation mode as VXLAN.

C.

Enable infrastructure VLAN in the associated AEP.

D.

Map the leaf interface selector to the AEP that is associated with the VMM domain.

Buy Now
Questions 17

Refer to the exhibit. What must be configured in the service graph to redirect HTTP traffic between the EPG client and EPG server to go through the Cisco ASA firewall?

Options:

A.

precise filter to allow only HTTP traffic

B.

permit-all contract filter

C.

contract with no filter

D.

contract filter to allow ARP and HTTP.

Buy Now
Questions 18

Refer to the exhibit. A Cisco ACI environment hosts two e-commerce applications. The default contract from a common tenant between different application tiers is used, and the applications work as expected. The customer wants to move to more specific contracts to prevent unwanted traffic between EPGs. A network administrator creates the app-to-db contract to meet this objective for the application and database tiers. The application EPGs must communicate only with their respective database EPGs. How should this contract be configured to meet this requirement?

Options:

A.

Set the app-to-db scope to Global.

B.

Set the app-to-db scope to Application Profile.

C.

Implement the app-to-db scope as VRF.

D.

Implement the app-to-db as a Taboo contract.

Buy Now
Questions 19

Which new construct must a user create when configuring in-band management?

Options:

A.

VLAN pool

B.

management contract

C.

management tenant

D.

bridge domain

Buy Now
Questions 20

How is an EPG extended outside of the ACI fabric?

Options:

A.

Create an external bridged network that is assigned to a leaf port.

B.

Create an external routed network that is assigned to an EPG.

C.

Enable unicast routing within an EPG.

D.

Statically assign a VLAN ID to a leaf port in an EPG.

Buy Now
Questions 21

What do Pods use to allow Pod-to-Pod communication in a Cisco ACI Multi-Pod environment?

Options:

A.

over Layer 3 directly connected back-to-back spines

B.

over Layer 3 Out connectivity via border leafs

C.

over Layer 3 IPN connectivity via spines

D.

over Layer 3 IPN connectivity via border leafs

Buy Now
Questions 22

Refer to the exhibit A Cisco ACI fabric is using out-of-band management connectivity The APIC must access a routable host with an IP address of 192 168 11 2 Which action accomplishes this goal?

Options:

A.

Change the switch APIC Connectivity Preference to in-band management

B.

Remove the in-band management address from the APIC.

C.

Add a Fabric Access Policy to allow management connections.

D.

Modify the Pod Profile to use the default Management Access Policy

Buy Now
Questions 23

What is MP-BGP used for in Cisco ACl fabric?

Options:

A.

MP-BGP VPNv4 AF is used to propagate L3Out routes that are received from a border leaf to the fabric.

B.

MP-BGP VPNv4 AF is used between spines in an ACI Multi-Pod fabric to propagate the endpoint

C.

MP-BGP VPNv4 AF is used as protocol on L3Out between a border leaf and an external router

D.

MP-BGP Layer 2 VPN EVPN AF is used to propagate L30ut routes that are received from a border leaf.

Buy Now
Questions 24

A packet is routed between two endpoints on different Cisco ACI leaf switches. Which VXLAN VNID is applied to the packet?

Options:

A.

FD

B.

EPG

C.

VRF

D.

BD

Buy Now
Questions 25

Refer to the exhibit. The 0.0.0.0/0 is configured as a default static route on L3Out-1. Which action should be taken for the 0.0.0.0/0 prefix to advertise out on L3Out-2 OSPF?

Options:

A.

Enable Export Route Control Subnet.

B.

Enable Shared Security Import Subnet.

C.

Enable Shared Route Control Subnet.

D.

Enable Aggregate Export Subnet.

Buy Now
Questions 26

Which feature should be disabled on a bridge domain when a default gateway for endpoints is on an external device instead of a Cisco ACI bridge domain SVI?

Options:

A.

unknown unicast flooding

B.

ARP flooding

C.

unicast routing

D.

proxy ARP

Buy Now
Questions 27

What are two descriptions of ACI multi-site? (Choose two.)

Options:

A.

The Inter-Site network routers should run OSPF to establish peering with the spines.

B.

The Multi-Site orchestrator must be directly attached to one ACI leaf.

C.

Routers in the inter-Site network must run OSPF. DHCP relay, and MP-BGP

D.

ACI Multi-Site is a solution that allows one APIC cluster to manage multiple ACI sites

E.

ACI Multi-Site is a solution that supports a dedicated APIC cluster per site

Buy Now
Questions 28

Refer to the exhibit.

Which two objects are created as a result of the configuration? (Choose two.)

Options:

A.

application profile

B.

attachable AEP

C.

bridge domain

D.

endpoint group

E.

VRF

Buy Now
Questions 29

Which action sets Layer 2 loop migration in an ACI Fabric with a Layer 2 Out configured?

Options:

A.

Enable MCP on the ACI fabric.

B.

Disable STP in the external network.

C.

Disable STP on the ACI fabric.

D.

Enable STP on the ACI fabric.

Buy Now
Questions 30

A RADIUS user resolves its role via the Cisco AV Pair. What object does the Cisco AV Pair resolve to?

Options:

A.

tenant

B.

security domain

C.

primary Cisco APIC

D.

managed object class

Buy Now
Questions 31

Refer to the exhibit, An engineer is deploying a Cisco ACI environment but experiences a STP loop between switch1 and switch2. Which configuration step is needed to break the STP loop?

Options:

A.

Configure the STP instance to VLAN mapping under the switch STP policy.

B.

Configure a Layer 2 external bridged network on the interfaces facing the MST switches.

C.

Enable the native VLAN on the interfaces facing the MST switches using static pons in a dedicated EPG.

D.

Enable BPDU filter under the STP interface policy on the Interfaces lacing the MST switches.

Buy Now
Questions 32

A Cisco ACI environment consists of multiple silent hosts that are often relocated between leaf switches. When the host is relocated, the bridge domain takes more than a few seconds to relearn the host’s new location. The requirement is to minimize the relocation impact and make the ACI fabric relearn the new location of the host faster. Which action must be taken to meet these requirements?

Options:

A.

Set Unicast Routing to Enabled.

B.

Configure ARP Flooding to Enabled.

C.

Set L2 Unknown Unicast to Hardware Proxy.

D.

Configure IP Data-Plane Learning to No.

Buy Now
Questions 33

Refer to the exhibit. An engineer configures communication between the EPGs in different tenants. Which action should be taken to create the subnet?

Options:

A.

Change Scope to Shared between VRFs.

B.

Leave Scope set to Private to VRF.

C.

Add the L3Out for Route Profile value.

D.

Change Scope to Advertised Externally.

Buy Now
Questions 34

In a Cisco ACI Multi-Site fabric, the Inter-Site BUM Traffic Allow option is enabled in a specific stretched bridge domain. What is used to forward BUM traffic to all endpoints in the same broadcast domain?

Options:

A.

ingress replication on the spines in the source site

B.

egress replication on the destination leaf switches

C.

egress replication on the source leaf switches

D.

ingress replication on the spines in the destination site

Buy Now
Questions 35

A network administrator configures AAA inside the Cisco ACI fabric. The authentication goes through the local users if the TACACS+ server is not reachable. If the Cisco APIC is out of the cluster, the access must be granted through the fallback domain. Which configuration set meets these requirements?

Options:

A.

Ping Check: True

Default Authentication Realm: Local

Fallback Check: True

B.

Ping Check: True

Default Authentication Realm: TACACS+

Fallback Check: False

C.

Ping Check: False

Default Authentication Realm: Local

Fallback Check: False

D.

Ping Check: False

Default Authentication Realm: TACACS+

Fallback Check: True

Buy Now
Questions 36

An engineer must limit management access to me Cisco ACI fabric that originates from a single subnet where the NOC operates. Access should be limited to SSH and HTTPS only. Where should the policy be configured on the Cisco APIC to meet the requirements?

Options:

A.

policy In the management tenant

B.

policy on the management VLAN

C.

ACL on the management interface of the APIC

D.

ACL on the console interface

Buy Now
Questions 37

Refer to the exhibit.

An engineer is integrating a VMware vCenter with Cisco ACI VMM domain configuration. ACI creates port-group names with the format of “Tenant | Application | EPG”. Which configuration option is used to generate port groups with names formatted as “Tenant=Application=EPG”?

Options:

A.

enable tag collection

B.

security domains

C.

delimiter

D.

virtual switch name

Buy Now
Questions 38

The customer is looking for redundant interconnection of the existing network to the new ACI fabric. Unicast and multicast traffic must be routed between the two networks. Which L3Out implementation meets these requirements?

Options:

A.

B.

C.

D.

Buy Now
Questions 39

A customer must deploy three Cisco ACI based data centers. Each site must be separated from the others. Which characteristic of Cisco ACI Multi-Pod makes it unsuitable for this deployment?

Options:

A.

creates a virtual pod in the remote location

B.

requires all pods to share the same Cisco APIC cluster

C.

has distance and scale limitations

D.

places leaf switches in the remote site that belong to the same fabric as at the headquarters site

Buy Now
Questions 40

An application team tells the Cisco ACI network administrator that it wants to monitor the statistics of the unicast and BUM traffic that are seen in a certain EPG. Which statement describes the collection statistics?

Options:

A.

All EPGs in the Cisco ACI tenant object must be enabled for statistics to be collected.

B.

Cisco ACI does not capture statistics at the EPG level. Only statistics that pass through ACI contracts can be monitored.

C.

EPG statistics can be collected only for VMM domains. If a physical domain exists, statistics are not collected.

D.

The collection of statistics is enabled on the EPG level by enabling the statistics for unicast and BUM traffic.

Buy Now
Questions 41

Regarding the MTU value of MP-BGP EVPN control plane packets in Cisco ACI, which statement about communication between spine nodes in different sites is true?

Options:

A.

By default, spine nodes generate 9000-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 9000-bytes packets.

B.

By default, spine nodes generate 1500-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 1800-bytes packets.

C.

By default, spine nodes generate 1500-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 1500-bytes packets.

D.

By default, spine nodes generate 9000-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 9100-bytes packets.

Buy Now
Questions 42

A Solutions Architect is asked to design two data centers based on Cisco ACI technology that can extend L2/ L3, VXLAN, and network policy across locations. ACI Multi-Pod has been selected. Which two requirements must be considered in this design? (Choose two.)

Options:

A.

ACI underlay protocols, i.e. COOP, IS-IS and MP-BGP, spans across pods. Create QoS policies to make sure those protocols have higher priority.

B.

A single APIC Cluster is required in a Multi-Pod design. It is important to place the APIC Controllers in different locations in order to maximize redundancy and reliability.

C.

ACI Multi-Pod requires an IP Network supporting PIM-Bidir.

D.

ACI Multi-Pod does not support Firewall Clusters across Pods. Firewall Clusters should always be local.

E.

Multi-Pod requires multiple APIC Controller Clusters, one per pod. Make sure those clusters can communicate to each other through a highly available connection.

Buy Now
Questions 43

Refer to the exhibit.

Which two components should be configured as route reflectors in the ACI fabric? (Choose two.)

Options:

A.

Spine1

B.

apic1

C.

Spine2

D.

Leaf1

E.

Leaf2

F.

apic2

Buy Now
Questions 44

An engineer must ensure that Cisco ACI flushes the appropriate endpoints when a topology change notification message is received in an MST domain. Which three steps are required to accomplish this goal? (Choose three.)

Options:

A.

Enable the BPDU interface controls under the spanning tree interface policy.

B.

Configure a new STP interface policy.

C.

Bind the spanning tree policy to the switch policy group.

D.

Associate the STP interface policy to the appropriate interface policy group.

E.

Create a new region policy under the spanning tree policy.

F.

Map VLAN range to MAT instance number.

Buy Now
Questions 45

Which two statements regarding ACI Multi-Site are true? (Choose two.)

Options:

A.

The Multi-Site orchestrator must be directly attached to one ACI leaf.

B.

Routers in the Inter-Site network must run OSPF, DHCP relay, and MP-BGP.

C.

ACI Multi-Site is a solution that supports a dedicated APIC cluster per site.

D.

ACI Multi-Site is a solution that allows one APIC cluster to manage multiple ACI sites.

E.

The Inter-Site network routers should run OSPF to establish peering with the spines.

Buy Now
Questions 46

An engineer is implementing Cisco ACI at a large platform-as-a-service provider using APIC controllers, 9396PX leaf switches, and 9336PQ spine switches. The leaf switch ports are configured as IEEE 802.1p ports. Where does the traffic exit from the EPG in IEEE 802.1p mode in this configuration?

Options:

A.

from leaf ports tagged as VLAN 0

B.

from leaf ports untagged

C.

from leaf ports tagged as VLAN 4094

D.

from leaf ports tagged as VLAN 1

Buy Now
Questions 47

When Cisco ACI connects to an outside Layers 2 network, where does the ACI fabric flood the STP BPDU frame?

Options:

A.

within the bridge domain

B.

within the APIC

C.

within the access encap VLAN

D.

between all the spine and leaf switches

Buy Now
Questions 48

An engineer must connect Cisco ACI fabric using Layer 2 with external third-party switches. The third-party

switches are configured using 802.1s protocol. Which two constructs are required to complete the task?

(Choose two.)

Options:

A.

spanning tree policy for mapping MST Instances to VLANs

B.

MCP policy with PDU per VLAN enabled

C.

MCP instance policy with administrative slate disabled

D.

dedicated EPG for native VLAN

E.

static binding of native VLAN in all existing EPGs

Buy Now
Questions 49

Which statement about ACI syslog is true or Which statement describes the ACI syslog?

Options:

A.

Notifications for different scopes of syslog objects can be sent only to one destination.

B.

Syslog messages are sent to the destination through the spine.

C.

All syslog messages are sent to the destination through APIC.

D.

Switches send syslog messages directly to the destinations.

Buy Now
Questions 50

An engineer is implementing a Cisco ACI data center network that includes Cisco Nexus 2000 Series 10G fabric extenders. Which physical topology is supported?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Buy Now
Questions 51

When configuring Cisco ACI VMM domain integration with VMware vCenter, which object is created in vCenter?

Options:

A.

datacenter

B.

VMware vSphere Standard vSwitch

C.

VMware vSphere Distributed Switch

D.

cluster

Buy Now
Questions 52

An engineer must advertise a bridge domain subnet out of the ACI fabric to an OSPF neighbor. Which two configuration steps are required? (Choose two.)

Options:

A.

Configure Subnet scope to Advertised Externally

B.

Add External Subnet for External EPG flag under External EPG.

C.

Create Route Control Profile with the export direction under External EPG.

D.

Add L30ut profile to the bridge domain using Associated L30uts section

E.

Configure the Subnet under the EPG level.

Buy Now
Questions 53

A customer is deploying a new application across two ACI pods that is sensitive to latency and jitter. The application sets the DSCP values of packets to AF31 and CS6, respectively. Which configuration changes must be made on the APIC to support the new application and prevent packets from being delayed or dropped between pods?

Options:

A.

disable DSCP mapping on the IPN devices

B.

disable DSCP translation policy

C.

align the ACI QoS levels and IPN QoS policies

D.

align the custom QoS policy on the EPG site in the customer tenant

Buy Now
Questions 54

A Cisco ACI endpoint group must have its gateway address migrated out of the ACI fabric. An engineer configures EPG-TEST with a static port binding and configures the encap VLAN with the required VLAN. Which configuration set must be used on the bridge domain to meet these requirements?

Options:

A.

L2 Unknown Unicast: Hardware Proxy

Unicast Routing: Disabled

ARP Flooding: Enabled

B.

L2 Unknown Unicast: Hardware Proxy

Unicast Routing: Disabled

ARP Flooding: Disabled

C.

L2 Unknown Unicast: Flood

Unicast Routing: Disabled

ARP Flooding: Enabled

D.

L2 Unknown Unicast: Flood

Unicast Routing: Enabled

ARP Flooding: Enabled

Buy Now
Questions 55

Which class of ACI object is presented in this output?

Options:

A.

Contract

B.

Bridge Domain

C.

Tenant

D.

Endpoint

Buy Now
Questions 56

An engineer is troubleshooting fabric discovery in a newly deployed Cisco ACI fabric and analyzes this output:

Which ACI fabric address is assigned to interface lo1023?

Options:

A.

Dynamic tunnel endpoint

B.

Physical tunnel endpoint

C.

Fabric tunnel endpoint

D.

VXLAN tunnel endpoint

Buy Now
Questions 57

In the context of ACI Multi-Site, when is the information of an endpoint (MAC/IP) that belongs to site 1 advertised to site 2 using the EVPN control plane?

Options:

A.

Endpoint information is not exchanged across sites unless COOP protocol is used.

B.

Endpoint information is not exchanged across sites unless a policy is configured to allow communication across sites.

C.

Endpoint information is exchanged across sites as soon as the endpoint is discovered in one site.

D.

Endpoint information is exchanged across sites when the endpoints are discovered in both sites.

Buy Now
Exam Code: 300-620
Exam Name: Implementing Cisco Application Centric Infrastructure (300-620 DCACI)
Last Update: Dec 22, 2024
Questions: 192

PDF + Testing Engine

$144.99

Testing Engine

$109.99

PDF (Q&A)

$94.99