350-601: Implementing and Operating Cisco Data Center Core Technologies (DCCOR)

Question #: 181
Topic #: 1
A network engineer must prevent data corruption due to cross fabric communication in an FCoE environment. Which configuration must be applied to the Cisco
Nexus Unified Switches to achieve this objective?

A. switch(config-if)# shutdown lan
B. switch(config-if)# no fcoe fcf-priority 0
C. switch(config)# fcoe fcmap 0e.fc.2a
D. switch(config)# no fcoe fcf-priority 255

Selected Answer: C

Question #: 182
Topic #: 1
Which NFS version uses the TCP protocol and needs only one IP port to run the service?

A. NFSv1
B. NFSv2
C. NFSv3
D. NFSv4

Selected Answer: D

Question #: 183
Topic #: 1
Refer to the exhibit. A network engineer created a new role to be assigned to the SAN users. The requirement is for users to have these characteristics:
* permitted to show access to the system, SNMP, module, and hardware information.
* permitted to run debug zone and exec fcping commands.
* restricted from accessing show feature environment command.
Which configuration set meets these requirements?

A. MDS-B(config)# role name default-role MDS-B(config-role)# rule 5 deny show feature environment
B. MDS-B(config)# role name default-role MDS-B(config-role)# rule 5 permit show feature module MDS-B(config-role)# rule 6 deny *
C. MDS-B(config)# role name san-users MDS-B(config-role)# rule 3 deny show feature environment
D. MDS-B(config)# role name san-users MDS-B(config-role)# rule 3 permit show feature system MDS-B(config-role)# rule 4 permit show feature hardware MDS-B(config-role)# rule 5 permit show feature module

Selected Answer: A

Question #: 184
Topic #: 1
What is a characteristic of the NFS protocol?

A. It uses remote procedure calls with TCP/IP for transport.
B. It is used for booting Cisco UCS B-Series servers.
C. It is used to access a storage array at a block level.
D. It uses UDP and HTTP as its transport.

Selected Answer: A

Question #: 185
Topic #: 1
A storage array must be connected to port ethernet1/10 on a Cisco MDS 9000 Series Switch. In addition, the array must connect using the FCoE protocol and be single-homed. Which configuration meets these requirements?

A. vsan database vlan 101 vsan 101 fcoe vsan 101 interface vfc 10 interface 1/10 switchport mode e fcoe vfc 10
B. interface vfc 10 switchport mode f bind interface ethernet 1/10 vsan database vsan 101 vlan 101 fcoe vsan 101 vsan 101 interface vfc 10
C. vlan database vlan 101 vsan vsan 101 fcoe vsan 101 interface vfc 10 interface ethernet1/10 switchport mode trunk bind interface vfc 10 fcoe vsan 101
D. vlan database vlan 101 fcoe vsan 101 enable interface vfc 10 vsan 101 interface vfc 10 switchport mode fcoe switchport access vlan 101 bind interface ethernet1/10

Selected Answer: B

Question #: 186
Topic #: 1
What is the impact of an EPLD upgrade on a Cisco MDS 9000 Series Switch?

A. The standby supervisor module reloads multiple times.
B. The active supervisor traffic is disrupted.
C. The upgrade process disrupts only the module that is being upgraded.
D. The upgrade disrupts the management connectivity to the switch.

Selected Answer: C

Question #: 187
Topic #: 1
An engineer must implement the FCoE on the Cisco Nexus 9000 Series Switch-based infrastructure. The deployment will contain dual-homed fabric extenders and must support jumbo frames with port channels. Which two sets of actions complete the configuration? (Choose two.)

A. Create a virtual Fibre Channel Interface. Bind vFC to physical interface.
B. Configure the interface with mtu 9516. Disable the feature NPIV.
C. Create a dedicated VSAN for FEX. Bind VSAN to FEX uplinks.
D. Execute fcoe enable-fex. Configure FEX uplinks with mtu 9216.
E. Create a FCoE switch profile. Enable config sync.

Selected Answer: AD

Question #: 188
Topic #: 1
Refer to the exhibit. A network engineer must configure port E1/31-32 to forward only storage server traffic of VLAN 200 on Cisco fabric interconnects A and B.
Port E1/31-32 is not reserved for any other traffic. Which port type must be configured to accomplish this goal?

A. FCoE storage
B. uplink
C. unified uplink
D. FCoE uplink

Selected Answer: D

Question #: 189
Topic #: 1
What is an advantage of NFS as compared to Fibre Channel?

A. NFS removes the impact of IP overhead.
B. NFS enables thin provisioning for LUNs.
C. NFS provides direct access to the underlying storage hardware.
D. NFS provides the dynamic allocation of storage capacity.

Selected Answer: D

Question #: 190
Topic #: 1
Which statement is true about upgrading the firmware on a Cisco MDS storage switch with dual supervisors?

A. Supervisors can be upgraded independently to test the new firmware.
B. The new firmware is loaded on the standby supervisor first.
C. Both supervisors load the new firmware and then the active supervisor reboots.
D. The standby supervisor must be offline before the firmware upgrade begins.

Selected Answer: B

Question #: 191
Topic #: 1
A Cisco MDS 9000 Series Storage Switch has reloaded unexpectedly.
Where does the engineer look for the latest core dump file?

A. /mnt/recovery
B. /mnt/core
C. /mnt/logs
D. /mnt/pss

Selected Answer: D

Question #: 192
Topic #: 1
An engineer must implement a Cisco UCS system at a customer site. One of the requirements is to implement SAN boot. The storage system maps the source
WWPN to a unique LUN.
Which method does Cisco recommend to configure the SAN boot?

A. Define the vHBAs as bootable and leave the boot target definition empty.
B. Create a SAN boot policy in which every initiator is mapped to a different target LUN.
C. Define the vHBAs as bootable and leave the default values on the boot target definition.
D. Create a SAN boot policy in which every initiator is mapped to the same target LUN.

Selected Answer: B

Question #: 193
Topic #: 1
An engineer is performing a configuration on a Cisco Nexus 5000 Series Switch. The requirement is for the current Fibre Channel IDs in VSAN 120 to be saved across reboots. The Cisco environment also must integrate with a third-party solution that requires persistent Fibre Channel IDs for the VSAN. The WWN of the
Cisco switch must be 33:e8:00:05:30:00:16:df and its Fibre Channel ID 0x070128. Which command set meets these requirements?

A. fcdomain fcid database vsan 120 wwn 33:e8:00:05:30:00:16:df fcid 0x070128 fcdomain fcid persistent vsan 120
B. fabric-binding database vsan 120 vsan 120 wwn 33:e8:00:05:30:00:16:df fcid 0x070128
C. vsan 120 wwn 33:e8:00:05:30:00:16:df fcid 0x070128 fabric-binding activate vsan 120 purge fcdomain fcid vsan 4
D. ysan 120 wwn 33:e8:00:05:30:00:16:df fcid 0x070128 fcdomain fcid preserve vsan 120

Selected Answer: A

Question #: 194
Topic #: 1
Refer to the exhibit. An engineer must configure FCoE between the N9K-A switch and the FCF-A Nexus 9000 core switch. The deployment has these characteristics:
✑ The N9K-A and N9K-B top-of-rack switches share the domain ID of the core switches.
✑ The hosts are equipped with converged network adapters.
✑ The only VSAN that is used is permitted to traverse port-channel 100 is VSAN 20.
Which configuration completes the FCoE configuration on the N9K-A device?

A. N9K-A(config)# feature-set fcoe-npv N9K-A(config)# interface vfc-port-channel 100 N9K-A(config-if)# switchport mode E N9K-A(config-if)# switchport trunk allowed vsan 1, 20
B. N9K-A(config)# feature-set fcoe-npv N9K-A(config)# interface vfc-port-channel 100 N9K-A(config-if)# switchport mode NP N9K-A(config-if)# switchport trunk allowed vsan 20
C. N9K-A(config)# feature fcoe N9K-A(config)# feature npv N9K-A(config)# interface vfc 100 N9K-A(config-if)# bind interface port-channel 100 N9K-A(config-if)# switchport mode N N9K-A(config-if)# switchport trunk allowed vsan 1, 20
D. N9K-A(config)# feature fcoe N9K-A(config)# feature npv N9K-A(config)# interface vfc 100 N9K-A(config-if)# bind interface port-channel 100 N9K-A(config-if)# switchport mode F N9K-A(config-if)# switchport trunk allowed vsan 20

Selected Answer: B

Question #: 195
Topic #: 1
A customer has a requirement for an automation solution that supports periodically acquiring configuration from a centralized server and aligning UCS servers to their desired state.
Which open-source tool meets this requirement?

A. SaltStack
B. Kubernetes
C. Puppet
D. Terraform

Selected Answer: C

Question #: 196
Topic #: 1
An administrator needs to configure an automated policy to shut down a link when a given threshold is exceeded on MDS switch.
Which feature needs to be used?

A. RMON
B. EEM
C. Call Home
D. Scheduler

Selected Answer: B

Question #: 197
Topic #: 1
What is an advantage of using Ansible for automation as compared to Puppet and Chef?

A. Ansible performs automation without installing a software agent on the target node.
B. Ansible abstracts a scenario so that one set of configuration settings can be used across multiple operating systems.
C. Ansible automates the enforcement of configuration settings.
D. Ansible configures a set of CLI commands on a device by using NETCONF.

Selected Answer: A

Question #: 198
Topic #: 1
What is required for using Ansible with HTTP/HTTPS protocol in a Cisco NX-OS environment?

A. XML management interface
B. SSH
C. Open Agent Container
D. NX-API

Selected Answer: D

Question #: 199
Topic #: 1
What is required for using Puppet in a Cisco NX-OS environment?

A. OpenNP
B. XML management interface
C. NX-API
D. Open Agent Container

Selected Answer: D

Question #: 200
Topic #: 1
Refer to the exhibit.

Why does the Python code for Cisco NX-API print an error message?

A. The JSON is not a supported format for the NX-API.
B. The “type” is wrong in the header of the request and should be “cli_conf”
C. NX-API does not allow configuration for features via the requests module.
D. The “type” is wrong in the body of the request and should be “cli_conf”

Selected Answer: D

Question #: 201
Topic #: 1
Which two components should be checked when a Cisco Nexus 9000 Series Switch fails to boot using POAP? (Choose two.)

A. POAP feature license
B. DHCP server to bootstrap IP information
C. image noted in the script file against switch bootflash
D. script signed with security key
E. TFTP server that contains the configuration script

Selected Answer: BE

Question #: 202
Topic #: 1
A POAP-enabled Cisco Nexus switch will not enter POAP mode.
Which two conditions should be verified? (Choose two.)

A. No startup configuration is available.
B. The switch is in bootup process.
C. The license file is missing on the switch.
D. Bootflash must contain a special directory named POAP with poap.py file.
E. No Cisco NX-OS image is present on the bootflash.

Selected Answer: AE

Question #: 203
Topic #: 1
An engineer enters these commands while in EEM on a Cisco Nexus 9000 Series Switch event manager applet Backup-config event timer watchdog time 1800 name timer event cli match “copy running-config startup-config”
What is the result of applying this configuration?

A. It generates an error because no action is mentioned.
B. It executes the copy running-config startup-confing command.
C. It saves the running configuration every 1800 seconds.
D. It blocks the copy running-config startup-config command.

Selected Answer: D

Question #: 204
Topic #: 1
An engineer must modify an overridden policy by changing the number of FCNS database entries to 1500 and then generate a message.
What configuration will accomplish this task?

A. event manager applet fcns_policy event fcns entries max-per-switch 1500 action 1.0 syslog priority warnings msg FCNS DB entries have reached the EEM limit action 2.0 policy-default
B. event manager applet fcns_policy override __fcns_entries_max_per_switch action 1.0 syslog priority errors “CNS DB entries have reached the EEM limit” action 2.0 policy-default
C. event manager applet fcns_policy override __fcns_entries_max_per_switch event fcns entries max-per-switch 1500 action 1.0 syslog priority warnings msg FCNS DB entries have reached the EEM limit
D. event manager applet fcns_policy action 1.0 syslog priority warnings msg FCNS DB entries have reached the EEM limit action 2.0 event-default

Selected Answer: C

Question #: 205
Topic #: 1
Refer to the exhibit.

An engineer configures a new application profile using REST API and receives this error message.
Which method can be used before the application profile can be configured?

A. GET to aaaListDomains
B. POST to aaaRefresh
C. POST to aaaLogin
D. POST to aaaLogout

Selected Answer: C

Question #: 206
Topic #: 1
An engineer is asked to manage a large-scale data center and collect information from multiple Cisco NX-OS devices using Cisco NX-OS Data Management
Engine model.
Which technology should be used to accomplish this goal?

A. NETCONF
B. NX Yang
C. NX-API REST
D. JSON-RPC

Selected Answer: B

Question #: 207
Topic #: 1
A network architect is asked to design and manage geographically distributed data centers across cities and decides to use a Multi-Site Orchestrator deployment.
How many orchestrators should be deployed?

A. 5
B. 3
C. 4
D. 2

Selected Answer: B

Question #: 208
Topic #: 1
Which configuration generates a syslog message when CPU utilization is higher than 60%?

A. event manager applet HIGH-CPU event snmp oid 1.3.6.1.4.1.9.9.109.1.1.1.1.6.1 get-type exact entry-op gt 60 poll-interval 5 action 1.0 syslog priority notifications msg “cpu high”
B. event manager applet HIGH-CPU event snmp oid 1.3.6.1.4.1.9.9.109.1.1.1.1.6.1 get-type exact entry-op lt 60 poll-interval 5 action 1.0 syslog priority notifications msg “cpu high”
C. event manager applet HIGH-CPU event snmp oid 1.3.6.1.4.1.9.9.109.1.1.1.1.6.1 get-type next entry-op gt 60 poll-interval 5 action 1.0 syslog priority notifications msg “cpu high”
D. event manager applet HIGH-CPU event snmp oid 1.3.6.1.4.1.9.9.109.1.1.1.1.6.1 get-type next entry-op lt 60 poll-interval 5 action 1.0 syslog priority notifications msg “cpu high”

Selected Answer: A

Question #: 209
Topic #: 1
Which feature must be enabled to support the use of JSON and XML encodings when a Cisco Nexus 7000 Series Switch is deployed?

A. Bash shell
B. NX-API
C. Open Agent Container
D. LLDP

Selected Answer: B

Question #: 210
Topic #: 1
An engineer needs a utility to translate traditional Nexus CLI inputs and generate Python code using XML and JSON message formats. The solution needs to be available on a Nexus 7700 series switch. Which utility should be used?

A. NX-API Sandbox
B. NX-OS JSON-RPC
C. Guest Shell for NX-OS
D. Open NX-OS

Selected Answer: A

Question #: 211
Topic #: 1
An engineer must use the python module in the guest shell of the Cisco Nexus 9000 Series switch to shutdown port Ethernet 1/4. Which command set will accomplish this?

A. from cli import * cli(”conf t”) cli(”interface eth1/4”) cli(”shutdown”)
B. from cisco import cli cli(”conf t” ; ”interface eth1/4” ; ”shutג€)
C. from cli import * cli(”conf t ; interface eth1/4 ; shut”)
D. from cisco import cli cli(”conf t ; interface eth1/4″) cli(”shutdown”)

Selected Answer: C

Question #: 212
Topic #: 1
DRAG DROP –
An engineer deploys a custom Guest Shell rootfs on a Nexus 9000 Series Switch. Drag and drop the steps from the left into the order required to deploy the solution on the right. Not all options are used.
Select and Place:

Suggestion Answer:

Question #: 213
Topic #: 1
The Cisco Nexus switch Generic Online Diagnostics policy for a PortLoopback test requires 10 consecutive failures to error disable the port. The customer wants to change it to 5 consecutive failures. Which configuration applies the changes for module 1 only?

A. Nexus(config)# event manager applet custom-PortLoopback override __PortLoopback Nexus(config-applet)# event gold mod all test PortLoopback testing-type bootup consecutive-failure 5 Nexus(config-applet)# action 1 publish-event
B. Nexus(config)# event manager applet custom-PortLoopback override __PortLoopback Nexus(config-applet)# event gold mod 1 test PortLoopback testing-type monitoring consecutive-failure 5 Nexus(config-applet)# action 1 publish-default
C. Nexus(config)# event manager applet custom-PortLoopback override __PortLoopback Nexus(config-applet)# event gold mod all test PortLoopback testing-type monitoring consecutive-failure 5 Nexus(config-applet)# action 1 policy-default
D. Nexus(config)# event manager applet custom-PortLoopback override __PortLoopback Nexus(config-applet)# event gold mod 1 test PortLoopback testing-type bootup consecutive-failure 5 Nexus(config-applet)# action 1 policy-event

Selected Answer: C

Question #: 214
Topic #: 1
Refer to the exhibit. Which command needs to be added to the line starting with the `file` keyword to have the generated running-config file with the name ‘fusion- config_’ and current date?

A. str.(‘fusion-config_’) + date
B. (‘fusion-config_’) + date
C. (‘fusion-config_ + date’)
D. string((‘fusion-config_’) + date

Selected Answer: B

Question #: 215
Topic #: 1
DRAG DROP –
An engineer must shut down the Ethernet 1/2 interface when the Ethernet 4/5 interface state is down. Drag and drop the CLI commands from the bottom onto the blanks in the exhibit to implement this EEM. Not all commands are used.
Select and Place:

Suggestion Answer:

Question #: 216
Topic #: 1
Which data interchange format is presented in this output?

A. CSS
B. YAML
C. XML
D. JSON

Selected Answer: D

Question #: 217
Topic #: 1
An engineer requires a solution to automate the configuration and deployment of remote network devices for a customer. The engineer must keep these considerations in mind:
✑ The customer’s environment is based on industry-accepted standards and requires a solution that meets these standards.
✑ The security requirements mandate the use of a secure transport mechanism between the automation software and target devices such as SSH or TLS.
✑ The solution must be implemented using a human-readable language and provide the functionality to format data in XML or JSON.
Which solution must be used to meet these requirements?

A. Ansible
B. REST API
C. NETCONF
D. SNMP

Selected Answer: C

Question #: 218
Topic #: 1
Which data structure results from running this Python code?

A. tuple
B. dictionary
C. set
D. list

Selected Answer: D

Question #: 219
Topic #: 1
Refer to the exhibit. What is the result of executing this Python code?

A. It sends the switch configuration to Cisco TAC
B. It sends a Cisco device backup to a remote destination
C. It schedules a backup on a Cisco switch using EEM
D. It backs up Cisco switches to Cisco Prime Infrastructure

Selected Answer: B

Question #: 220
Topic #: 1
An engineer must use the Embedded Event Manager to monitor events that occur on a Cisco Nexus 9000 Series Switch. An environment variable needs to be created so that several policies use the monitored events in their actions. The external email server is represented by IP address 10.10.10.10. Which command sets the environment variable?

A. n9k2# event manager environment mailserver “10.10.10.10”
B. n9k2(config)# event manager environment mailserver “10.10.10.10”
C. n9k2(config-applet)# environment mailserver “10.10.10.10”
D. n9k2(config)# event manager policy environment mailserver “10.10.10.10”

Selected Answer: B

Question #: 221
Topic #: 1
An engineer is using REST API calls to configure the Cisco APIC. Which data structure must be used within a POST message to receive a login token?

A. {“aaaUser”:{“attributes”:{“name”:”apiuser”,”pwd”:”cisco123″}}}
B.<name=”apiuser”><pwd=”cisco123″></pwd=”cisco123″></name=”apiuser”>
C. {aaaUser:{attributes:{name:apiuser,pwd:cisco123}}}
D. apiusercisco123

Selected Answer: A

Question #: 222
Topic #: 1
An engineer evaluates a UI-based infrastructure management system capable of monitoring and deploying standalone VXLAN BGP EVPN deployments. The storage administrators also need the solution to manage the Cisco MDS 9000 Series Switches. Which solution meets these requirements?

A. Cisco DCNM
B. Cisco Tetration
C. Cisco UCS Director
D. Cisco Intersight

Selected Answer: A

Question #: 223
Topic #: 1
An engineer must implement an automation solution to allow the backup of the configuration of Cisco Nexus Series Switches to a centralized location. The solution must:
* support the team-developed custom monitoring scripts that are packaged using RPM packaging that the framework must support.
* be decoupled from the underlying Cisco Nexus operating system.
* have no impact on the operating system of the underlying switch if the resource contention occurs.
* use Python to expand the existing automation framework.
Which solution meets these requirements?

A. Guest Shell
B. Vegas Shell
C. Bash Shell
D. TCL Shell

Selected Answer: A

Question #: 224
Topic #: 1
A company is investigating different options for IT automation tools. The IT team has experience with Python programming language and scripting using a declarative language. The proposed tool should be easy to set up and should not require installing an agent on target devices. The team will also need to build custom modules based on the Python programming language to extend the tool’s functionality. Which automation tool should be used to meet these requirements?

A. Ansible
B. Chef
C. Puppet
D. NX-API

Selected Answer: D

Question #: 225
Topic #: 1
An administrator is implementing DCNM so that events are triggered when monitored traffic exceeds the configured percent utilization threshold. The requirement is to configure a maximum limit of 39913690 bytes that applies directly to the statistics collected as a ratio of the total link capacity. Which DCNM performance monitoring configuration parameter must be implemented to achieve this result?

A. Absolute Values
B. Baseline
C. Util%
D. Per Port Monitoring

Selected Answer: A

Question #: 226
Topic #: 1
An engineer must design an automation solution for the Cisco ACI Fabric to speed up the deployment of logical network elements for tenant provisioning. When creating a solution, the engineer must keep in mind that the tool must support these requirements:
* Allow the rapid creation and removal of logical containers.
* Support the creation of custom modules and data structures.
* Be extensible with external libraries and modules.
* Allow rapid testing of code using an on-demand execution environment.
Which automation tool meets these requirements?

A. SaltStack
B. YAML
C. Chef
D. Python

Selected Answer: D

Question #: 227
Topic #: 1
DRAG DROP –
Drag and drop the keywords onto the URL request to collect all the subnets configured under tenant Production using a REST API. Not all options are used.
Select and Place:

Suggestion Answer:

Question #: 228
Topic #: 1
An engineer must create an EPG called “Test”. The configuration request should succeed if the Tenant called “Tenant” and the application profile called “Test” exist. The firewall policy allows only the HTTP connectivity to APIC from the user’s computer. Which action accomplishes this goal?

A. Send to APIC payload using HTTP PUT to the Cisco APIC.
B. Send to APIC payload using HTTP POST to the Cisco APIC.
C. Send to APIC payload using HTTP POST to the Cisco APIC.
D. Send to APIC payload using HTTP PUT to the Cisco APIC.

Selected Answer: B

Question #: 229
Topic #: 1
Which two methods are available to manage an ACI REST API session authentication when a user is unauthenticated? (Choose two.)

A. POST to aaaUserLogin
B. GET to aaaListDomains
C. GET aaaRefresh
D. DELETE to aaaLogout
E. POST to aaaLogin

Selected Answer: BE

Question #: 230
Topic #: 1
DRAG DROP –
A network administrator must automate the process of pinging all the IP addresses from the 10.0.0.0/8 subnet. The subnet is already present on the ARP table of the Cisco Nexus switch. Drag and drop the bash commands to generate the desired output. Not all commands are used.
Select and Place:

Suggestion Answer:

Question #: 231
Topic #: 1
A customer asks an engineer to develop a framework that will be used to replace the process of the manual device configuration of Cisco NX-OS devices. The engineer plans to use the programmatic interface that meets these requirements:
✑ The development team is familiar with Windows-based scripting environment using PowerShell.
✑ The customer’s security requirements mandate the use of HTTPS transport.
Which solution must be used to meet these requirements?

A. NETCONF-YANG
B. NX-API
C. VISORE
D. Open Agent Container

Selected Answer: B

Question #: 232
Topic #: 1
Refer to the exhibit. Which information must be added to the script to complete the POAP operation on the Cisco Nexus 9000 Series Switch?

A. MD5SUM d41d8cd98f00b20449800998ecf8427e of the script file.
B. MD5SUM d41d8cd98f00b204e9800998ecf8427e of the Python code.
C. API token d41d8cd98f00b77986331998ecf8427e of the Cisco Nexus 9000 Series Switch.
D. API token d41d8cd98f00b41051968198ecf8427e of the Cisco APIC.

Selected Answer: A

Question #: 233
Topic #: 1
Refer to the exhibit. A network engineer is configuring the Smart Call Home feature on a Cisco Nexus Series Switch. An email must be generated that contains the last 100 lines of the log every time a new piece of hardware is inserted into the chassis. Which command must be added to the configuration to receive the email?

A. destination-profile Operations alert-group Inventory
B. destination-profile Operations message-level 2
C. alert-group Linecard-Hardware user-def-cmd show logging last 100
D. alert-group Operations user-def-cmd show logging last 100

Selected Answer: A

Question #: 234
Topic #: 1
What is a feature of NFS?

A. zone-based access control
B. Kerberos-based security model
C. block-based file access
D. role-based access control

Selected Answer: B

Question #: 235
Topic #: 1
Port security is enabled on a Cisco MDS 9000 Series Switch.
Which statement is true?

A. Port security can be enabled only globally and affects all VSANs.
B. Any devices currently logged in must be added manually to the device database.
C. Auto-learning is always enabled automatically when port security is enabled.
D. Cisco Fabric Services must be disabled before enabling port security.

Selected Answer: C

Question #: 236
Topic #: 1
When a strict CoPP policy is implemented, which statement describes an event during which packets are dropped?

A. A large system image is copied to a switch by using the default VRF.
B. Fifteen SSH sessions remain connected to the switch.
C. A ping sweep is performed on a network that is connected through a switch.
D. A web server that is connected to a switch is affected by a DDoS attack.

Selected Answer: A

Question #: 237
Topic #: 1
A host in EPG Client wants to talk to a webserver in EPG Web. A contract with default settings is defined between EPG Client and EPG Web, which allows TCP communication initiated by the client toward the webserver with TCP destination port 80.
Which statement describes this scenario?

A. If EPG Web is made a preferred group member, a contract between EPG Client and EPG Web is no longer required for the host in EPG Client to reach the webserver in EPG Web.
B. If vzAny is configured to consume and provide a “deny all” contract, traffic between EPG Client and EPG Web is no longer allowed.
C. The host in EPG Client is allowed to connect to TCP destination port 80 on the webserver in EPG Web. The webserver will not be allowed to initiate a separate TCP connection to a host port with TCP source port 80.
D. The host in EPG Client is allowed to connect to TCP destination port 80 on the webserver in EPG Web. The webserver is allowed to initiate a separate TCP connection to a host port with TCP source port 80.

Selected Answer: D

Question #: 238
Topic #: 1
An engineer is running an ACI fabric, has VMM integration with VMware vCenter, and wants to enable microsegmentation based on vCenter VM attributes.
Which statement describes microsegmentation in this scenario?

A. ACI does not support microsegmentation based on vCenter VM attributes. The network attributes should be used for microsegmentation.
B. When enabled, microsegmentation performs distributed switching and routing on the ESXi hosts.
C. Microsegmentation is supported only using AVE or AVS.
D. An ACI microsegmented EPG automatically creates a port group with a private VLAN configured on a VMware vCenter distributed virtual switch.

Selected Answer: D

Question #: 239
Topic #: 1
DRAG DROP –
Drag and drop the technologies from the left onto the correct descriptions on the right.
Select and Place:

Suggestion Answer:

Question #: 240
Topic #: 1
Which two authentication types does Cisco UCS Manager support when configuring authentication? (Choose two.)

A. PAM
B. local
C. 802.1X
D. Kerberos
E. LDAP

Selected Answer: BE