CCNP Dccor

Download as pdf or txt
Download as pdf or txt
You are on page 1of 216

CCNP Data Center 350-601 - updated

Number: 350-601
Passing Score: 800
Time Limit: 120 min
File Version: 1.0

Exam : 350-601

Title : Implementing and Operating Cisco Data Center Core Technologies

Vendor : Cisco

Version : V14.35
Mix Question1

QUESTION 1
Port security is enabled on a Cisco MDS 9000 Series Switch.
Which statement is true?

A. Cisco Fabric Services must be disabled before enabling port security.


B. Port security can be enabled only globally and affects all VSANs.
C. Auto-learning is always enabled automatically when port security is enabled.
D. Any devices currently logged in must be added manually to the device databased.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/config/security/
cisco_mds9000_security_config_guide_8x/configuring_port_security.html
QUESTION 2
In an FCoE environment, for which two sets of data must an interface that implements the PAUSE
mechanism always provision sufficient ingress buffer? (Choose two.)

A. frames that were sent with high credit


B. frames that were processed and transmitted by the transmitter before the PAUSE frame left the sender
C. frames that were sent on the link but not yet received.
D. frames that were sent on the link and received.
E. frames that were processed and transmitted by the transmitter after the PAUSE frame left the sender.

Correct Answer: BC
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus7000/sw/fcoe/config/
cisco_nexus7000_fcoe_config_guide_8x/configuring_fcoe.html

QUESTION 3
A small remote office is set to connect to the regional hub site via NSSA ASBR. Which type of LSA is sent
to the remote office OSPF area?

A. type 7 LSA
B. type 3 LSA
C. type 1 LSA
D. type 5 LSA

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
The answer is "type 7 LSA", because the question states that the Remote site is connected to the Hub site
via an ASBR router. Hence, an ASBR router redistributes a non OSPF or an External route into the NSSA
area which is a Type 7. There is no ABR router in the question.

https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13703-8.html

QUESTION 4
Refer to the exhibit. Which statement about the ERSPAN configuration in this environment is true.

A. Host A is the source of ERSPAN spanned traffic and host B is the traffic analyzer.
B. Host B is the source of ERSPAN spanned traffic and host A is the traffic analyzer.
C. The session number of the source of ERSPAN spanned traffic must have a session ID of 48 for the
traffic analyzer to receive the traffic.
D. The session number of the source of ERSPAN spanned traffic must have a session ID of 47 for the
traffic analyzer to receive the traffic.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.ciscozine.com/how-to-analyze-traffic-with-span-feature/
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/4_0/system_management/
configuration/guide/n1000v_sys_manage/system_7span.html#wp1251071

QUESTION 5
Refer to the exhibit.
What is configured as a result of running these commands?

A. reverse lookup for outbound packets


B. strict unicast RPF
C. loose unicast RPF
D. IP Source Guard

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://tools.cisco.com/security/center/resources/unicast_reverse_path_forwarding
https://networklessons.com/cisco/ccie-routing-switching/unicast-reverse-path-forwarding-urpf

QUESTION 6
An engineer needs to Implement a solution that prevents loops from occurring accidentally by connecting a
switch to interface Ethemet1/1. The port Is designated to be used tor host connectivity. What configuration
should be implemented?

A.

B.

C.

D.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.josemariagonzalez.es/video-tutoriales-trucos/buenas-practicas-de-bpdu-guard-y-bpdu-filter-en-
un-entorno-con-esxi.html
https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/10586-65.html

QUESTION 7
What happens to the default host firmware policy after a Cisco UCS Manager upgrade?

A. It is updated to contain the firmware entries of all the components


B. It is replaced by a new default policy without any firmware entries.
C. It is assigned to all the service profiles that include a host firmware policy.
D. It is set to match the host firmware policy.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
From “Cisco UCS Manager Firmware Management Guide, Release 3.1”
Recommendations for the Default Host Firmware Policy
“After you upgrade Cisco UCS Manager, a new host firmware policy named “default” is created, and
assigned to all services profiles that did not already include a host firmware policy. The default host
firmware policy is blank. It does not contain any firmware entries for any components. The default policy is
also configured for an immediate reboot rather than waiting for user acknowledgment before rebooting the
servers.

After you upgrade Cisco UCS Manager, a new host firmware policy named "default" is created, and is
assigned to all service profiles that did not already include a host firmware policy. The default host firmware
policy is blank. It does not contain any firmware entries for any components

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Firmware-
Mgmt/3-1/b_UCSM_GUI_Firmware_Management_Guide_3_1/
b_UCSM_GUI_Firmware_Management_Guide_3_1_chapter_0111.html

QUESTION 8
Refer to the exhibit.

A network engineer is setting up a multihomed OTV network. The first site has been set up with a primary
and secondary adjacency server.
Which configuration must be added on the remote OTV AEDs site?
A. interface Overlay200
otv join-interface Ethernet1/2
otv extend-vlan 178, 2500-2563
otv use-adjacency-server 20.1.1.1 unicast-only
B. interface Overlay200
otv join-interface Ethernet1/2
otv extand-vlan 178, 2500-2563
otv adjacency-server unicast-only
C. interface Overlay200
otv join-interface Ethernet1/2
otv extend-vlan 178, 2500-2563
D. interface Overlay200
otv join-interface Ethernet1/2
otv extend-vlan 178, 2500-2563
otv use-adjacency-server 20.1.1.1 20.2.1.1 unicast-only

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
we need to setup primary and secondary adjacency server on unicast-only design.
https://www.cisco.com/c/en/us/products/collateral/routers/asr-1000-series-aggregation-services-routers/
guide-c07-735942.html
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/DCI/whitepaper/DCI3_OTV_Intro/
DCI_1.html

QUESTION 9
What are two recommended design choices in a topology for multipathing iSCSI traffic? (Choose two.)

A. two NICs bonded together on the initiator


B. dual initiators to a single target with bonded interfaces
C. initiators and targets in separate subnets
D. dual initiators to dual targets
E. single initiator to dual targets

Correct Answer: BC
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/5_x/sys_mgmt_config/
b_Cisco_N1KV_VMware_Sys_Mgmt_Config_5x/
b_Cisco_N1KV_VMware_Sys_Mgmt_Config_5x_chapter_01110.html

QUESTION 10
Which adjacency server configuration makes two OTV edge devices located in the same site bring up the
dual-site adjacency?
A.

B.
C.

D.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
we need to setup a primary adjacency and a secondary adjacency. On primary, we need to setup ‘otv-
adjacency-server unicast-only’ and on secondary besides that, we need to configure ‘otv use-adjacency-
server <IP address from primary join interface> unicast only. My reference was CCNA Data Center 200-155
page 178
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/OTV/config_guide/
b_Cisco_Nexus_7000_Series_NX-OS_OTV_Configuration_Guide-RI/adv-otv.html

QUESTION 11
An engineer is asked to use SaaS to manage Cisco computing.
Which two items are needed to accomplish the task? (Choose two.)

A. UCS Manager
B. Node name/Serial Number
C. Device/Claim ID
D. UCS Central
E. Intersight

Correct Answer: AE
Section: (none)
Explanation

Explanation/Reference:
https://intersight.com/help/getting_started#cisco_intersight_overview
https://intersight.com/help/getting_started#device_claim_using_intersight_assist

QUESTION 12
A server engineer wants to control power usage on a Cisco UCS C-Series rack server down to the
component level.
Which two components support specific power limits? (Choose two.)

A. memory
B. graphic card
C. processor
D. network controller
E. storage controller

Correct Answer: AC
Section: (none)
Explanation

Explanation/Reference:
From the CIMC of an APIC (which is a C-series), I can change: CPU, memory, and platform.
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/sw/gui/config/guide/4_1/b_Cisco_UCS_C-
series_GUI_Configuration_Guide_41/b_Cisco_UCS_C-
series_GUI_Configuration_Guide_41_chapter_0100.html

QUESTION 13
What are two requirements when planning a Cisco HyperFlex All Flash standard cluster installation using
three HX240c M5 servers? (Choose Two)

A. If the Jumbo MTU option in the HyperFlex installer is enabled, then jumbo frames must also be allowed
on the upstream switches.
B. The hypervisors must be installed on Cisco FlexFlash SD cards.
C. If the Jumbo MTU option in the HyperFlex installer is enabled, then jumbo frames do not have to be
enabled on the upstream switches.
D. The servers must be discovered, unassociated, and connected to each fabric interconnect.
E. This cluster deployment type must support a mix of HDD and SSD.

Correct Answer: AD
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/hyperconverged_systems/HyperFlex_HX_DataPlatformSoftware/
AdminGuide/3_5/ b_HyperFlexSystems_AdministrationGuide_3_5/
b_HyperFlexSystems_AdministrationGuide_3_5_chapter_01111.html

QUESTION 14
Refer to the exhibit.

The servers must be discovered, unassociated, and connected to each fabric


interconnect.
Which two Cisco UCS components are upgraded as a result of the configuration?
(Choose two.)

A. adapters
B. board controller
C. IOMs
D. BIOS
E. Cisco UCS Manager

Correct Answer: CE
Section: (none)
Explanation
Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/firmware-mgmt/gui/2-2/
b_GUI_Firmware_Management_22/b_GUI_Firmware_Management_22_chapter_0101.html

Infrastructure software bundle—This bundle is also called the A bundle. It contains the firmware images that
the fabric interconnects, IO Modules, and Cisco UCS Manager require to function.
Board controller is a server component included in the server bundle not the infrastructure bundle

QUESTION 15
Refer to the exhibit.
An engineer is implementing zoning on two Cisco MDS switches. After the
implementation is finished, E Ports that connect the two Cisco MDS switches become
isolated.
What is wrong with the implementation?

A. E Ports on both MDS switches must be configured as F ports for the zoning to
function.
B. Zones are local to the MDS switch and name service must be used to activate the
connection between E ports.
C. Different zone set names must be configured on both MDS switches.
D. Zones must have the same name on both MDS switches for the E ports to function.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
When two switches in a fabric are merged using a TE or E port, these TE and E ports may become isolated
when the active zone set databases are different between the two switches or fabrics."

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/configuration/guides/fabric/nx-
os/nx_os_fabric/zone.html

QUESTION 16
The Cisco Nexus switch Generic Online Diagnostics policy for a PortLoopback test
requires 10 consecutive failures to error disable the port. The customer wants to change
it to 5 consecutive failures. Which configuration applies the changes for module 1 only?

A. Nexus(config)# event manager applet custom-PortLoopback override __PortLoopback


Nexus(config-applet)# event gold mod all test PortLoopback testing-type bootup consecutive-failure 5
Nexus(config-applet)# action 1 publish-event
B. Nexus(config)# event manager applet custom-PortLoopback override __PortLoopback
Nexus(config-applet)# event gold mod 1 test PortLoopback testing-type bootup consecutive-failure 5
Nexus(config-applet)# action 1 publish-event
C. Nexus(config)# event manager applet custom-PortLoopback override __PortLoopback
Nexus(config-applet)# event gold mod all test PortLoopback testing-type monitoring consecutive-failure
5
Nexus(config-applet)# action 1 policy-default
D. Nexus(config)# event manager applet custom-PortLoopback override __PortLoopback
Nexus(config-applet)# event gold mod 1 test PortLoopback testing-type monitoring consecutive-failure 5
Nexus(config-applet)# action 1 policy-default

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
“mod all” is incorrect. “mod 1test” is incorrect. “publish event” is incorrect.
“mod 1 test” is correct. It is with “policy-default”.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus7000/sw/system-management/guide/
b_Cisco_Nexus_7000_Series_NX-OS_System_Management_Configuration_Guide-RI/
configuring_online_diagnostics.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/93x/system-management/b-
cisco-nexus-9000-series-nx-os-system-management-configuration-guide-93x/b-cisco-nexus-9000-series-
nx-os-system-management-configuration-guide-93x_chapter_011010.html
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2017/pdf/BRKDCN-3234.pdf
QUESTION 17
What is an advantage of NFS as compared to Fibre Channel?

A. NFS enable thin provisioning for LUNs.


B. NFS provides the dynamic allocation of storage capacity.
C. NFS removes the impact of IP overhead.
D. NFS provides direct access to the underlying storage hardware.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.ciscolive.com/c/dam/r/ciscolive/apjc/docs/2018/pdf/BRKINI-1011.pdf

QUESTION 18
Refer to the exhibit. Cisco Fabric Services is enabled in the network. Which type of IP
address is used by the Cisco Fabric Services protocol?

A. IPv4 unicast address


B. IPv4 multicast address
C. IPv4 gateway address
D. IPv4 anycast address

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/fm/
FabricManager/cfs.pdf

QUESTION 19
Which two statements about modifying Cisco UCS user accounts are true? (Choose
two.)

A. The password of the user account must contain a minimum of 10 characters.


B. Disabling a user account maintains all of the data in the Cisco UCS Fabric
Interconnect.
C. Local user accounts override the same account on a remote authentication server,
such as TACACS, RADIUS, or LDAP.
D. The password of the user account expires in 30 days.
E. The admin account can be used to log on by using SSH only.

Correct Answer: BC
Section: (none)
Explanation

Explanation/Reference:
If a user maintains a local user account and a remote user account simultaneously, the roles defined in the
local user account override those maintained in the remote user account."
Troubleshooting auth, if you loose access to the remote user e.g. "user1", and you have a "user1" local, you
can still use that account to login

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-
Management/3-1/b_Cisco_UCS_Admin_Mgmt_Guide_3_1/
b_UCSM_Admin_Mgmt_Guide_chapter_01.html

QUESTION 20
Refer to the exhibit.

Which command needs to be added to the line starling with the "file" keyword to have the
generated running-config file with the name 'fusion-config_' and current date?

A. ('fusion-config_ + date')
B. str.('fusion-config_') + date
C. string(('fusion-config_') + date)
D. ('fusion-config_') + date

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
("fusion-config_") + date

nxos9kv# python
Python 2.7.11 (default, Feb 26 2018, 03:34:16)
[GCC 4.6.3] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import time
>>> import cli
>>> date = time.strftime('%Y%m%d')
>>> file = ("fusion-config_") + date
>>> print(file)
fusion-config_20210329
>>> print('copy running-config ftp://10.183.249.182/FusionSW/' + file)
copy running-config ftp://10.183.249.182/FusionSW/fusion-config_20210329

QUESTION 21
Refer to the exhibit.

The STP priority of N7K-1 and N7K-2 are the lowest in the network.
Which statement describes STP on the vPC?

A. N7K-1 appears as the STP root.


B. N7K-2 appears as the STP root.
C. N7K-1 and N7K-2 appear as a single STP root.
D. N7K-1 preempts N7K-2 as the STP root.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/support/docs/routers/7000-series-routers/116140-config-nexus-peer-00.html

QUESTION 22
Which statement about monitoring Fibre Channel traffic on a Cisco UCS 6332 Fabric
Interconnect is true?

A. The monitoring of Fibre Channel traffic is limited to the default VSAN.


B. Fibre Channel traffic can be monitored only on one vHBA per server.
C. The destination port for monitoring must be an unassigned Fibre Channel port.
D. Fibre Channel traffic can be monitored as it is encapsulated as FCoE.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/System-
Monitoring/3-2/b_UCSM_GUI_System_Monitoring_Guide_3_2/
b_UCSM_GUI_System_Monitoring_Guide_3_2_chapter_01101.html

QUESTION 23
Which two settings must be configured before enabling a Cisco UCS Manager domain
for Cisco Intersight connectivity? (Choose two.)

A. syslog redirection
B. DNS servers
C. SMTP servers
D. NTP servers
E. SMTP reply-to-address

Correct Answer: BD
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-
Management/4-1/b_Cisco_UCS_Admin_Mgmt_Guide_4-1/m_gui_cisco_intergight_management.html

QUESTION 24
An engineer wants to create a backup of Cisco UCS Manager for disaster recovery
purposes.
What are two characteristics of a full state backup of a Cisco UCS Manager database?
(Choose two.)

A. contains all of the runtime states and statuses but not the configurations
B. performs a complete binary dump of the database as a .bin file
C. performs a complete binary dump of the database as a .sql file
D. performs a complete binary dump of the database as a .txz file
E. contains all of the configurations

Correct Answer: DE
Section: (none)
Explanation

Explanation/Reference:
File: compressed file in .tar.gz format
https://www.virtual-odyssey.com/2019/10/31/its-the-little-stuff-cisco-ucs-backups/
the file extension for bin in a cisco context is usually the OS.
tar files are used for backup.

https://peazip.github.io/tar-file-format.html

QUESTION 25
A UCS B-Series server located in B5108 chassis 1 slot 1 is currently unavailable. The
server needs to be associated with a specific service profile when it becomes available.
Which associate service profile option should be selected to accomplish this goal?

A. server pool
B. server
C. custom server
D. restrict migration

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/141/
UCSM_GUI_Configuration_Guide_141_chapter28.html
Custom Server: "Specifies the chassis and slot that contains the server that will be assigned to the service
profile. If the server is not in the slot or is otherwise unavailable, the service profile will be associated with
the server when it becomes available."

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Server-
Mgmt/3-1/b_Cisco_UCS_Manager_Server_Mgmt_Guide_3_1/service_profiles.html

QUESTION 26
The engineer must configure SPAN on a Cisco Nexus 5000 Series Switch to get a
capture of the traffic from these applications for an in-depth packet analysis.
Which two SPAN characteristics must be considered? (Choose two.)

A. The Ethernet, FC, vFC, port channel, SAN port channel can be used as SPAN source
ports.
B. The rx/tx option is available for VLAN or VSAN SPAN sessions.
C. SPAN source port can be monitored in multiple SPAN sessions.
D. Only Ethernet, FC, vFC, port channel port types can be a destination SPAN port.
E. A SPAN source port cannot be a destination SPAN port.
Correct Answer: AE
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750x_3560x/software/release/12-2_55_se/
configuration/guide/3750xscg/swspan.html

QUESTION 27
What is an advantage of streaming telemetry over SNMP?

A. MD-5based authentication on polling


B. periodic polling of the device status
C. periodic push-based subscription messages
D. on-change traps sent to a receiver

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide/enabling-streaming-
telemetry

QUESTION 28
What is the benefit of adding Cisco HyperFlex Hardware Acceleration Cards to a
HyperFlex deployment?

A. offline encryption acceleration


B. increased network throughput
C. GPU acceleration
D. Increased compression efficiency

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/hyperconverged_systems/HyperFlex_HX_DataPlatformSoftware/
Installation_VMWare_ESXi/3_5/b_HyperFlexSystems_Installation_Guide_for_VMware_ESXi_3_5/
b_HyperFlexSystems_Installation_Guide_for_VMware_ESXi_3_5_chapter_01100.html#:~:text=Overview%
20of%20HyperFlex%20Hardware%20Acceleration%20Cards,-This%20chapter%20provides&text=These%
20cards%20provide%20improved%20performance%20and%20compression%20efficiency%20for%20most
%20storage%20workloads.

QUESTION 29
Refer to the exhibit.

A flapping link issue has been reported on the vPC keepalive link. A packet capture has
been activated on the Cisco Nexus switch.
What is the destination IP address of the vPC keepalive packets that are sent by the
switch?

A. 192.168.254.4
B. 239.255.70.83
C. 192.168.254.1
D. 192.168.254.2

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/troubleshooting/guide/
N5K_Troubleshooting_Guide/n5K_ts_vpc.pdf

QUESTION 30
An engineer enters these commands while in EEM on a Cisco Nexus 9000 Series
Switch.
event manager applet Backup-config event timer watchdog time 1800 name timer event
cli match "copy running-config startup-config" What is the result of applying this
configuration?

A. It saves the running configuration every 1800 seconds.


B. It generates an error because no action is mentioned.
C. It executes the copy running-config startup-config command.
D. It blocks the copy running-config startup-config command.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
switch# show run | i event
event manager applet Backup-config
event cli match "copy running-config startup-config"
action 1 event-default
switch#
switch# copy run start
[########################################] 100%
Copy complete, now saving to disk (please wait)...
Copy complete.
switch# conf t
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)# event manager applet Backup-config
switch(config-applet)# no action 1
switch(config-applet)# end
switch# show run | i event
event manager applet Backup-config
event cli match "copy running-config startup-config"
switch# copy run start
% Command blocked by event manager policy
switch#

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/93x/system-management/b-
cisco-nexus-9000-series-nx-os-system-management-configuration-guide-93x/b-cisco-nexus-9000-series-
nx-os-system-management-configuration-guide-93x_chapter_0100010.html

QUESTION 31
Refer to the exhibit.
Which setting must be configured to prevent the reuse of passwords?

A. No Change Interval
B. Change Interval
C. History Count
D. Change Count

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-
Management/3-1/b_Cisco_UCS_Admin_Mgmt_Guide_3_1/
b_Cisco_UCS_Admin_Mgmt_Guide_3_1_chapter_011.html

QUESTION 32
Which two actions should be taken before an upgrade is started on a Cisco MDS switch?
(Choose two.)

A. check the impact of the upgrade using the show install all impact command
B. disable Cisco Fabric Services
C. back up the configuration
D. free up space on the USB3 device by deleting old Cisco NX-OS image files
E. make the primary supervisor the active supervisor

Correct Answer: AC
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/5_2/upgrade/guides/nx-os/
upgrade.html

QUESTION 33
An engineer is configuring AAA authentication on an MDS 9000 switch. The LDAP server
is located under the IP 10.10.2.2. The data sent to the LDAP server should be encrypted.
Which command should be used to meet these requirements?

A. Idap-server host 10.10.2.2 enable-ssl


B. Idap-server 10.10.2.2 port 443
C. Idap server host 10.10.2.2 key SSL_KEY
D. Idap-server 10.10.2.2 key SSL_KEY

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/sec/nxos/
sec/cradtac1.html

QUESTION 34
Multiple roles are applied to a user on the Cisco MDS 9000 Series Switch.
Which statement describes the result of this configuration?

A. Any commands that have conflicting settings between roles are denied.
B. Access to a command takes priority over being denied access to a command.
C. The first role assigned takes precedence over subsequent roles.
D. The last role assigned takes precedence over previous roles.
Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/sec/nxos/
sec/clicfgur.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/config/security/
cisco_mds9000_security_config_guide_8x/configuring_users_and_common_roles.html

QUESTION 35

Refer to the exhibit. Which action is taken to ensure that the relay agent forwards the
DHCP BOOTREQUEST packet to a DHCP server?

A. Configure the interface of the DHCP server as untrusted.


B. Configure the IP address of the DHCP server.
C. Enable the DHCP relay agent.
D. Verify the DHCP snooping bindings.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_0/dcnm/security/configuration/guide/
sec_dcnm_config/sec_dhcpsnoop.pdf

QUESTION 36
Which configuration statically assigns VSAN membership to a virtual Fibre Channel
interface?

A. switch(config-vsan-cb># vsan 100 bind interface fc 3/1


B. switch<config-vsan-db)# vsan 100 bind interface vfc 31
C. switch(config-vsan-db># vsan 100 fc 3/1
D. switch(config-vsan-db)# vsan 100 interface vfc 31

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/
CLIConfigurationGuide/vsan.html

QUESTION 37
Which configuration generates a syslog message when CPU utilization is higher than
60%?

A. event manager applet HIGH-CPU


event snmp oid 1.3.6.1.4.1.9.9.109.1.1.1.1.6.1 get-type exact entry-op gt 60 poll-
interval 5
action 1.0 syslog priority notifications msg "cpu high"

B. event manager applet HIGH-CPU


event snmp oid 1.3.6.1.4.1.9.9.109.1.1.1.1.6.1 get-type exact entry-op lt 60 poll-
interval 5
action 1.0 syslog priority notifications msg "cpu high"

C. event manager applet HIGH-CPU


event snmp oid 1.3.6.1.4.1.9.9.109.1.1.1.1.6.1 get-type next entry-op gt 60 poll-
interval 5
action 1.0 syslog priority notifications msg "cpu high"

D. event manager applet HIGH-CPU


event snmp oid 1.3.6.1.4.1.9.9.109.1.1.1.1.6.1 get-type next entry-op lt 60 poll-interval
5
action 1.0 syslog priority notifications msg "cpu high"

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/support/docs/ip/internet-protocol-ip/200931-EEM-Subsystem-in-Order-to-
Monitor-CPU-Tr.pdf
https://blog.ipspace.net/2008/06/generate-snmp-trap-on-high-cpu-load.html

QUESTION 38
Refer to the exhibit.
Which action must be taken before the maintenance policy can be committed?

A. Set the soft shutdown timer to a specific time.


B. Associate a service profile to the maintenance policy.
C. Set the policy to apply the change on the next reboot.
D. Specify a maintenance time by selecting a schedule.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/CLI-User-Guides/Admin-
Management/3-1/b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_3_1/
b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_3_1_chapter_01100.html

QUESTION 39
A network engineer is adding a Cisco HyperFlex data platform to the Cisco Intersight
management portal.
Which two components are required for Intersight to claim the Cisco HyperFlex data
platform? (Choose two.)

A. device FQDN
B. device public IP address
C. device claim code
D. device ID
E. device serial number

Correct Answer: CD
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/hyperconverged_systems/HyperFlex_HX_DataPlatformSoftware/
HyperFlex_Installation_Guide_for_Intersight/b_HyperFlex_Installation_Guide_for_Intersight/
b_HyperFlex_Installation_Guide_for_Intersight_chapter_011.html
https://www.cisco.com/c/en/us/support/docs/hyperconverged-infrastructure/hyperflex-hx-data-
platform/214268-cisco-intersight-hyperflex-installatio.html

QUESTION 40
Refer to the exhibit. An engineer is configuring a VSAN on the network. Which option
must be selected to create the VSAN?

A. Fabric B
B. FC Zoning Enabled
C. Fabric A
D. Common/Global

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/nx-os/configuration/guides/fabric/
fabric_fm_4_2_published/fm_fabric/vsan.html

QUESTION 41
An engineer is enabling port security on a Cisco MDS 9000 Series Switch.
Which feature of enabling port security on a Cisco MDS 9000 Series Switch must be
considered?

A. It always learns about switches that are logging in.


B. It can be distributed by using Cisco Fabric services.
C. It authorizes only the configured sWWN to participate in the fabric.
D. It binds the fabric at the switch level.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/configuration/guides/security/
nx-os/sec_cli_6-x/sec_overview.html

QUESTION 42
Which product includes prebuilt templates that are available to be used to customize
fabric deployments?

A. Cisco Tetration
B. Cisco Data Center Network Manager
C. Cisco ACI
D. Cisco UCS Manager

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/prime-data-center-network-
manager/datasheet-c78-740978.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/11_2_1/config_guide/lanfabric/
b_dcnm_fabric_lan/template_usage.html

QUESTION 43
An engineer is running an ACI fabric, has VMM integration with VMware vCenter, and
wants to enable microsegmentation based on vCenter VM attributes.
Which statement about microsegmentation is true?

A. ACI does not support microsegmentation based on vCenter VM attributes. You should
use network attributes for mircosegmentation.
B. An ACI microsegmented EPG automatically creates a port group with a private VLAN
configured on a VMware vCenter distributed virtual switch.
C. When enabled, microsegmentation performs distributed switching and routing on the
ESXi hosts.
D. Microsegmentation is supported only using AVE or AVS.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/4-x/virtualization/Cisco-ACI-
Virtualization-Guide-42x/Cisco-ACI-Virtualization-Guide-421_chapter_0100.html

QUESTION 44
Which command reduces the amount of time it takes to complete the ISSU on a Cisco
Nexus 7000 Series Switch that has dual supervisor modules and two I/O modules?

A. install all kickstart <image>system<image>parallel


B. install all epld bootflash:<image>
C. install all epld bootflash:<image>
D. install all kickstart<image>system<image>

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus7000/sw/upgrade/guide/
cisco_nexus7000_software_upgrade_and_downgrade_guide_8x.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/7_x/nx-os/upgrade/guide/
b_Cisco_Nexus_7000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide_Release_7-
x.html#d54e307a1635
QUESTION 45

Refer to the exhibit. An engineer configures FCIP on a Cisco MDS 9000 Series switch.
What is the result of implementing the configuration?

A. The switch attempts to make two TCP connections


B. Compression is performed by using hardware
C. Mode2 is enabled by default.
D. Compression is performed by using software.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/config/ip_services/ipsvc/
cfcip.html

QUESTION 46
Which two hypervisors does Cisco HyperFlex support? (Choose two.)

A. VMware vSphere
B. Microsoft Hyper-V
C. OpenStack
D. Citrix XenServer
E. RedHat KVM

Correct Answer: AB
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/dam/en/us/products/collateral/hyperconverged-infrastructure/hyperflex-hx-series/
solution-overview-c22-736815.pdf

QUESTION 47

Refer to the exhibit. Which two statements about the routing table of the leaf switch are
true? (Choose two.)

A. 10.20.1.0/24 is a BD subnet in ACI.


B. The next hop 10.0.1.14 for route 172.16.99.0/24 is the TEP address of a border leaf
in ACI.
C. 172.16.100.0/24 is a BD subnet in ACI.
D. The next hop 10.1.168.95 for route 172.16.100.0/24 is the TEP address of a border
leaf in ACI.
E. The next hop 10.0.8.65 for route 10.20.1.0/24 is the TEP address of a border leaf in
ACI.

Correct Answer: AE
Section: (none)
Explanation

Explanation/Reference:

QUESTION 48
An engineer changed a configuration and must perform a rollback.
Which statement applies to a Cisco Nexus 5600 Series Switch?

A. Errors are skipped when an atomic rollback type is triggered.


B. A user who is assigned to the network-operator user role can perform a rollback.
C. The configuration rollback functionality is disabled when FCoE is enabled.
D. A system checkpoint is generated automatically when the running configuration is
saved to NVRAM.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/system_management/503_n1_1/
cisco_n5k_system_mgmt_cg_rel_503_n1_1_chapter11.pdf
https://www.google.com/url?sa=t&source=web&rct=j&url=https://www.cisco.com/c/en/us/td/docs/switches/
datacenter/nexus5000/sw/system_management/503_n1_1/
cisco_n5k_system_mgmt_cg_rel_503_n1_1_chapter11.pdf&ved=2ahUKEwjQ8ubTuK3xAhWm3jgGHZ9gB
0oQFjAAegQIBRAC&usg=AOvVaw2j0nnvXiChAoVooxX2Qx0g

QUESTION 49
An engineer is implementing an import operation in Cisco UCS Manager.
What is the impact of performing this operation?

A. A configuration can be imported from a higher release to a lower release.


B. Information can be modified on the management plane only.
C. Only a configuration file that was exported from the same Cisco UCS Manager can be
imported.
D. An import operation can be scheduled.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
The import function is available for all configuration, system configuration, and logical configuration files.
You can perform an import while the system is up and running. An import operation modifies information on
the management plane only. Some modifications caused by an import operation, such as a change to a
vNIC assigned to a server, can cause a server reboot or other operations that disrupt traffic.
https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/141/
UCSM_GUI_Configuration_Guide_141_chapter43.html#concept_D789E16C90724AEFB99D565574E45AD
5
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-
Management/3-1/b_Cisco_UCS_Admin_Mgmt_Guide_3_1/
b_Cisco_UCS_Admin_Mgmt_Guide_3_1_chapter_01001.html

QUESTION 50
An engineer must configure RBAC in Cisco UCS Manager in an existing data center
environment.
Which two roles can be used to configure LAN connectivity policies? (Choose two.)

A. operations
B. server-profile
C. enable
D. admin
E. network-admin

Correct Answer: DE
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/gui/config/guide/1-4/
UCSM_GUI_Configuration_Guide_1_4_chapter9.html
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucsm_privileges/3-2/UCSM-Privileges-3_2/
UCSM-Privileges-3_2_chapter_01.html

QUESTION 51
Which configuration implements static ingress replication?

A. interface nve 1
member vni 3716135
ingress-replication protocol bgp
B. interface nve 1
member vni 3716135
peer vtep 10.0.0.4
C. interface nve 1
member vni 3716135
peer vtep 10.0.0.4
ingress-replication protocol static
peer-ip 10.0.0.4
D. interface nve 1
member vni 3716135
ingress-replication protocol static
peer-ip 10.0.0.4

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
QUESTION 52
What is required for using puppet in a Cisco NX-OS environment?

A. Open Agent Container


B. XML management interface
C. NX-API
D. OpenNP

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/programmability/guide/
b_Cisco_Nexus_5K6K_Series_NX-OS_Programmability_Guide/using_puppet_agent_with_nx_os.pdf
uppetagents cannotrun nativelyon Cisco Nexus 5600 and Cisco Nexus 6000. Instead,they run in
aspecialvirtual environmentcalled the Open Agent Container(OAC).
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/programmability/guide/
b_Cisco_Nexus_5K6K_Series_NX-OS_Programmability_Guide/using_puppet_agent_with_nx_os.pdf

QUESTION 53
Which two components are used by the Cisco Nexus switches telemetry process?
(Choose two)

A. data encoding
B. data manipulation
C. telemetry agent
D. telemetry compression
E. data collection

Correct Answer: AE
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/programmability/guide/
b_Cisco_Nexus_9000_Series_NX-OS_Programmability_Guide_7x/b_Cisco_Nexus_9000_Series_NX-
OS_Programmability_Guide_7x_chapter_011000.html

QUESTION 54
An engineer must configure Cisco IMC server management NIC for autonegotiation.
Which setting should be selected?

A. Cisco card
B. shared LOM
C. dedicated
D. shared LOM EXT

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/sw/cli/config/guide/4_0/b_Cisco_UCS_C-
Series_CLI_Configuration_Guide_40/b_Cisco_UCS_C-
Series_CLI_Configuration_Guide_40_chapter_01000.html
https://www.cisco.com/c/en/us/support/docs/servers-unified-computing/unified-computing-system/200221-
Auto-negotiation-not-enabling-by-default.html

QUESTION 55
Which statement describes the MAC address that the FCoE Initialization Protocol
chooses for use by an E-Node in an FCoE implementation?

A. The FCoE Initialization Protocol uses the burned-in MAC address of the converged network adapter for
all FCoE operations.
B. The FCoE Initialization protocol uses a 24-bit FC-MAP and concatenates a 24-bit Fibre Channel ID to
create a fibric-provided MAC address.
C. The FCoE Initialization Protocol uses 01.00.0C as the first 24 bits of the MAC address and appends a
24-bit Fibre Channel ID to derive a full 48-bit FCoE MAC address.
D. FCoE does not use a MAC address. The FCoE Initialization Protocol is used to acquire a Fibre Channel
ID, and the address is used for all FCoE communications in the same way as Fibre Channel Protocol.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Data_Center/UF_FCoE_final.html#wp1154912

QUESTION 56
An engineer is enabling port security on a Cisco MDS 9000 Series Switch.
Which feature of enabling port security on a Cisco MDS 9000 Series Switch must be
considered?

A. It authorizes only the configured sWWN to participate in the fabric.


B. It binds the fabric at the switch level.
C. It always learns about switches that are logging in.
D. It can be distributed by using Cisco Fabric services.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/configuration/guides/security/
nx-os/sec_cli_6-x/psec.html#92130

QUESTION 57
Refer to the exhibit.
Service degradation is reported on a VM that is deployed on a Cisco UCS blade server.
The traffic from the vNIC is required to SPAN in both directions to a packet analyzer that
is connected to UCS-A slot 2 port 12. Which two commands are needed to complete the
configuration? (Choose two.)

A. UCS-A /org/service-profile/vnic/mon-src* # set direction both


B. UCS-A /eth-traffic-mon/fabric/eth-mon-session' # create dest-interface 2 12
C. UCS-A /org/service-profile/vnic/mon-src* # set direction receive transmit
D. UCS-A /eth-traffic-mon/fabric/eth-mon-session # activate
E. UCS-A /eth-traffic-mon/fabric/eth-mon-session* # create eth-mon-session/dest-
interface 2 12

Correct Answer: AB
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/cli/config/guide/1.4.1/
CLI_Config_Guide_1_4_1_chapter42.html

QUESTION 58
An engineer is configuring a backup operation on the existing Cisco UCS environment
using a logical configuration.
Which configuration is expected to be saved by using this backup type?

A. systems
B. roles
C. service profiles
D. servers

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/141/
UCSM_GUI_Configuration_Guide_141_chapter43.html

QUESTION 59
What occurs when running the command install deactivate <filename> while a software
maintenance upgrade is performed on a Cisco Nexus 9000 Series switch?

A. The current set of packages is committed.


B. The package features for the line card are disabled.
C. The package is removed from the switch.
D. The current upgrade stops.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/system_management/
configuration/guide/b_Cisco_Nexus_9000_Series_NX-
OS_System_Management_Configuration_Guide/
sm_smu.html#task_B8B0F5BA80BE41AEA93197F560665648
QUESTION 60
A customer has a requirement for an automation solution that supports periodically
acquiring configuration from a centralized server and aligning UCS servers to their
desired state.
Which open-source tool meets this requirement?

A. SaltStack
B. Terraform
C. Puppet
D. Kubemetes

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
"Overview of Puppet architecture: [...] After it receives a catalog, the Puppet agent applies the catalog by
checking each resource that the catalog describes. If it finds any resources that are not in their desired
state, it makes any changes necessary to correct them."

https://www.cisco.com/c/dam/en/us/products/collateral/servers-unified-computing/ucs-c-series-rack-
servers/whitepaper_c11-740103.pdf

QUESTION 61
An engineer is asked to manage a large-scale data center and collect information from
multiple Cisco NX-OS devices using Cisco NX-OS Data Management Engine model.
Which technology should be used to accomplish this goal?

A. NX-API REST
B. NETCONF
C. JSON-RPC
D. NX Yang

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/programmability/guide/
b_Cisco_Nexus_9000_Series_NX-OS_Programmability_Guide_7x/b_Cisco_Nexus_9000_Series_NX-
OS_Programmability_Guide_7x_chapter_010001.pdf

QUESTION 62
A customer has a requirement to deploy a cloud service and needs to have full control
over the underlying OS, data and applications.
Which cloud model meets this requirement?

A. PaaS
B. MaaS
C. IaaS
D. SaaS

Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
https://www.ibm.com/cloud/learn/iaas-paas-saas

Infrastructure-as-a-Service (IaaS) is a cloud-computing offering in which a vendor provides users access to


computing resources such as servers, storage and networking. Organizations use their own platforms and
applications within a service provider’s infrastructure.

Key features

Instead of purchasing hardware outright, users pay for IaaS on demand.

Infrastructure is scalable depending on processing and storage needs.

Saves enterprises the costs of buying and maintaining their own hardware.

Because data is on the cloud, there can be no single point of failure.

Enables the virtualization of administrative tasks, freeing up time for other work.

QUESTION 63
An engineer is duplicating an existing Cisco UCS setup at a new site.
What are two characteristics of a logical configuration backup of a Cisco UCS Manager
database? (Choose two.)

A. contains the AAA and RBAC configurations


B. contains a file with an extension.tgz that stores all of the configurations
C. contains the configuration organizations and locales
D. contains all of the configurations
E. contains the VLAN and VSAN configurations

Correct Answer: CE
Section: (none)
Explanation

Explanation/Reference:
Logical configuration—An XML file that includes all logical configuration settings such as service profiles,
VLANs, VSANs, pools, and policies. You can use the file generated from this backup to import these
configuration settings to the original fabric interconnect or to a different fabric interconnect. You cannot use
this file for a system restore.

QUESTION 64
A network engineer must configure a Fibre Channel port monitoring for the local port.
The source port should be monitored in the ingress direction. which configuration should
be implemented to achieve this objective?

A. interface Fa1/15
switchport mode switchport
switchport speed 2000
no shutdown

span session 1
destination interface fa1/15
source interface fa1/16 tx

B. interface Fa1/15
switchport mode SD
switchport speed 2000
no shutdown

span session 1
destination interface fa1/15
source interface fa1/16 rx

C. interface Fa1/15
switchport mode SD
switchport speed 2000
no shutdown

span session 1
destination interface fa1/15
source interface fa1/16 tx

D. interface Fa1/15
switchport mode fex-fabric
switchport speed 2000
no shutdown

span session 1
destination interface fa1/15
source interface fa1/16 rx

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 65
Which two components should be checked when a Cisco Nexus 9000 Series Switch fails
to boot using POAP? (Choose two.)

A. image noted in the script file against switch bootflash


B. DHCP server to bootstrap IP information
C. script signed with security key
D. TFTP server that contains the configuration script
E. POAP feature license

Correct Answer: BD
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/troubleshooting/guide/
b_Cisco_Nexus_9000_Series_NX-OS_Troubleshooting_Guide_7x/b_Cisco_Nexus_9000_Series_NX-
OS_Troubleshooting_Guide_7x_chapter_01100.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/fundamentals/configuration/
guide/b_Cisco_Nexus_9000_Series_NX-OS_Fundamentals_Configuration_Guide_7x/
b_Cisco_Nexus_9000_Series_NX-OS_Fundamentals_Configuration_Guide_7x_chapter_0100.html

QUESTION 66
Which three firmware packages are included in the Cisco UCS C-Series Rack-Mount
UCSManaged Server Software bundle? (Choose three.)

A. CIMC
B. board controller
C. system
D. third-party
E. BIOS
F. adapter

Correct Answer: AEF


Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Firmware-
Mgmt/3-1/b_UCSM_GUI_Firmware_Management_Guide_3_1/
b_UCSM_GUI_Firmware_Management_Guide_3_1_chapter_011.html

QUESTION 67
An engineer is implementing OTV on a transport that supports multicast. The solution
needs to meet the following requirements:
✑ Establish adjacency to the remote peer by using multicast.
✑Enable OTV advertisements for VLAN 100 to the other site.
Which two commands should be configured to meet these requirements? (Choose two.)

A. otv site-vlan 100


B. otv data-group 232.2.2.0/28
C. otv use-adjacency-server 172.27.255.94
D. otv extend-vlan 100
E. otv control-group 232.1.1.1

Correct Answer: BE
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/OTV/config_guide/
b_Cisco_Nexus_7000_Series_NX-OS_OTV_Configuration_Guide-RI/basic-otv.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/OTV/config_guide/
b_Cisco_Nexus_7000_Series_NX-OS_OTV_Configuration_Guide-RI/adv-otv.html
https://www.ciscopress.com/articles/article.asp?p=2999385&seqNum=2

QUESTION 68
An administrator needs to configure an automated policy to shut down a link when a
given threshold is exceeded on MDS switch.
Which feature needs to be used?
A. Scheduler
B. RMON
C. EEM
D. Call Home

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/configuration/guides/
interfaces/nx-os/cli_interfaces/intf.html

QUESTION 69
Which feature must be enabled to support the use of JSON and XML encodings when a
Cisco Nexus 7000 Series Switch is deployed?

A. NX-API
B. LLDP
C. Open Agent Container
D. Bash shell

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus7000/sw/programmability/guide/
cisco_nexus7000_programmability_guide_8x/b-cisco-nexus7000-programmability-guide-
8x_chapter_011.html

QUESTION 70

Refer to the exhibit. An engineer implements SPAN configuration on an Nexus 5000


series switch. Which two commands are necessary to complete the SPAN session
configuration?
A. Configure the switchport monitor under interface fc2/2
B. Configure the switchport mode SD under interface tc2/1.
C. Configure switchport speed 4000 under interface fc2/2.
D. Configure session type fc under monitor session 1.
E. Configure the switchport mode SD under interface fc2/2.

Correct Answer: CE
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/
CLIConfigurationGuide/Span.html

QUESTION 71
Refer to the exhibit.

What must be connected to clear the HA NOT READY status?

A. server chassis
B. network uplinks
C. management ports
D. Layer 1-Layer 2 ports

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2015/pdf/BRKCOM-2020.pdf
https://community.cisco.com/t5/unified-computing-system/ucs-6248-ha-not-ready/td-p/2949070

QUESTION 72
Which two statements describe the process of performing an EPLD upgrade on a Cisco
MDS 9000 Series Switch? (Choose two.)

A. The upgrade is performed from the standby supervisor module


B. The upgrade process disrupts only the module that is being upgraded.
C. The upgrade is performed on the active supervisor.
D. If an upgrade is interrupted, the upgrade continues after a connection is restored.
E. Modules must be online to be upgraded.

Correct Answer: BE
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/release_notes/epld/
epld_rn_8x.html

"On a Cisco Nexus 9500 platform switch that has two supervisor modules, upgrade the EPLDs for the
standby supervisor and then switch the active supervisor to the standby mode to upgrade its EPLDs. The
supervisor switchover is not disruptive to traffic on Cisco Nexus 9500 platform switches. On a switch that
has only one supervisor module, you can upgrade the active supervisor, but this will disrupt its operations
during the upgrade."

Under Installation guidelines.


https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/92x/epld-rn/
nxos_n9K_epldRN_924.html

QUESTION 73
Which two methods are available to Manage an ACI REST API session authentication
when a user is unauthenticated?

A. POST to aaaLogin
B. POST to aaaUserLogin
C. GET aaaRefresh
D. GET to aaaListDomains
E. DELETE to aaaLogout

Correct Answer: AC
Section: (none)
Explanation

Explanation/Reference:
These API methods enable you to manage session authentication:

aaaLogin —Sent as a POST message, this method logs in a user and opens a session. The message body
contains an aaa:User object with the name and password attributes, and the response contains a session
token and cookie. If multiple AAA login domains are configured, you must prepend the user's name with
apic: domain\\ .

aaaRefresh —Sent as a GET message with no message body or as a POST message with the aaaLogin
message body, this method resets the session timer. The response contains a new session token and
cookie.
aaaLogout —Sent as a POST message, this method logs out the user and closes the session. The
message body contains an aaa:User object with the name attribute. The response contains an empty data
structure.

aaaListDomains —Sent as a GET message, this method returns a list of valid AAA login domains. You can
send this message without logging in.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/rest_cfg/2_1_x/
b_Cisco_APIC_REST_API_Configuration_Guide/
b_Cisco_APIC_REST_API_Configuration_Guide_chapter_01.html

QUESTION 74
What are two capabilities of the Cisco Network Assurance Engine? (Choose two.)

A. It verifies the speed of network packet flows by using telemetry.


B. It predicts the network load on a data center.
C. It validates that devices comply with network security policies.
D. It ensures that network performance meets an SLA.
E. It predicts the impact of changes to the network.

Correct Answer: CE
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/products/collateral/data-center-analytics/network-assurance-engine/
datasheet-c78-740234.html
QUESTION 75
A POAP-enabled Cisco Nexus switch will not enter POAP mode.
Which two conditions should be verified? (Choose two.)

A. Bootflash must contain a special directory named POAP with poap.py file.
B. The switch is in bootup process.
C. No startup configuration is available.
D. The license file is missing on the switch.
E. No Cisco NX-OS image is present on the bootflash.

Correct Answer: BC
Section: (none)
Explanation

Explanation/Reference:
POAP is an automatic provisioning and zero-touch deployment feature that assists device owners in the
initial deployment and configuration of Nexus switches.

The feature works by checking for a local configuration script. If the script has been deleted, the switch has
been reset to factory settings, or this is the first boot-up, the POAP daemon will connect to a preset list of
servers to download an initial configuration file.

To perform this operation, the switch must first obtain an IP address from a local DHCP server. POAP
configuration settings can also be passed through the DHCP response.

Which conditions should be verified, so they need to be TRUE. Like no startup (A) and bootup (B). C means
that it needs to miss a license file and E means it needs to miss an NX-OS image.

QUESTION 76
An engineer is configuring a vHBA template in UCS Manager. The engineer needs to
specify the logical addresses used by the vHBA and the path through which the SAN
traffic flows. Which two resources must be specified in the vHBA template? (Choose
two.)

A. MAC addresses
B. WWPN Pool
C. WWNN
D. VLAN ID
E. Fabric ID

Correct Answer: BE
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/products/collateral/servers-unified-computing/ucs-manager/whitepaper_c11-
697337.html

QUESTION 77
An engineer must ensure fabric redundancy when implementing NPV mode on a Cisco
MDS 9000 Series Switch.
Which action enables fabric redundancy?

A. Connect the NPV devices to multiple upstream switches.


B. Add a port channel to upstream switches.
C. Configure the NPV devices to use on external FLOGI database.
D. Use TE ports to connect to upstream switches.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/int/nxos/
cli_interfaces/pc.html

QUESTION 78
Where is the witness deployed in a two-node Cisco HyperFlex Edge deployment?

A. to the HyperFlex Edge two-node cluster


B. to an additional server with network access to HyperFlex Edge
C. to a third-party cloud provider
D. to Cisco Intersight

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
The Cisco HyperFlex Edge invisible cloud witness is only required for 2-node HX Edge deployments.
correct, it has to connect to Intersight as it is a CLOUD invisible witness as per the document shared:

The Cisco HyperFlexEdge invisiblecloud witnessis only requiredfor 2-nodeHX Edge deployments. The
witness does not require any additional infrastructure, setup, configuration, backup, patching ,or
management of any kind. This feature is automatically configured as part of a 2-node Hyper Flex Edge
installation. Outbound access at the remote site must be present for connectivity to Intersight
(eitherIntersight.com or to the Intersight Virtual Appliance). HyperFlexEdge 2-nodeclusters cannot operate
without this connectivity in place

https://www.cisco.com/c/en/us/td/docs/hyperconverged_systems/HyperFlex_HX_DataPlatformSoftware/
Edge_Deployment_Guide/b_HyperFlex_Edge_Deployment_Guide_4_0.pdf

QUESTION 79
An engineer is implementing NPV mode on a Cisco MDS 9000 Series Switch.
Which action must be taken?

A. The FCNS database must be disabled in the fabric.


B. A port channel must be configured to the upstream switch.
C. All switches in the fabric must be Cisco MDS switches.
D. NPIV must be enabled on the upstream switch.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/int/nxos/
cli_interfaces/npv.html

QUESTION 80
Refer to Exhibit:

An engineer must use the python module in the guest shell of the Cisco Nexus 9000
Series switch to shutdown port Ethernet 1/4.
Which command set will accomplish this?

A.

B.

C.

D.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/programmability/guide/
b_Cisco_Nexus_9000_Series_NX-OS_Programmability_Guide_7x/Python_API.html
https://www.ciscolive.com/c/dam/r/ciscolive/apjc/docs/2016/pdf/DEVNET-1077.pdf

QUESTION 81
A network engineer repeatedly saves a configuration on Catalyst switches to NVRAM
using the write memory command. Which action should be taken to implement the same
action on Nexus switches?

A. Use the write memory command to save the configuration.


B. Use the alias command to use the write memory command.
C. Use the exit command to leave the configuration mode and save the configuration
automatically.
D. Use the wri command to use the copy running-config startup-config command.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://community.cisco.com/t5/switching/write-command-on-nexus-switchs/td-p/1958386

QUESTION 82
Which virtual MAC address is the default for HSRP version 2 group 10?

A. 0000.5E00.0110
B. 0000.0C9F.F010
C. 3719.0351.1C0A
D. 0000.0C9F.F00A

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/unicast/configuration/guide/
l3_cli_nxos/l3_hsrp.html
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-3s/fhp-xe-3s-book/fhp-hsrp-
v2.html

QUESTION 83
What is a feature of NFS?

A. role-based access control


B. Kerberos-based security model
C. block-based file access
D. zone-based access control

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/support/docs/conferencing/meeting-server/214691-configure-nfs-share-to-
use-as-storage-fo.html
https://www.cisco.com/c/en/us/support/docs/security-vpn/kerberos/16087-1.html#modifiednfs
https://docs.oracle.com/cd/E26502_01/html/E28997/rfsintro-101.html#rfsintro-15

QUESTION 84
Which statement describes the rolling EPLD upgrade on a Cisco MDS 9000 Series
Switch?

A. All modules on the switch are disrupted.


B. An EPLD upgrade is nondisruptive.
C. Only the modules that are being upgraded are disrupted.
D. The standby supervisor module is capable of performing the upgrade.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/release/notes/epld/
epld_rn.html#pgfId-241919

QUESTION 85
An engineer must ensure fabric redundancy when implementing NPV mode on a Cisco
MDS 9000 Series Switch. Which action enables fabric redundancy?

A. Add a port channel to upstream switches.


B. Configure the NPV devices to use on external FLOGI database.
C. Connect the NPV devices to multiple upstream switches.
D. Use TE ports to connect to upstream switches.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 86
An engineer has a primary fabric that is named UCS-A and a secondary fabric that is
named UCS-B. A certificate request that has a subject name of sjc2016 for a keyring that
is named kr2016 needs to be created. The cluster IP address is 10.68.68.68.
Which command set creates this certificate request?

A. UCS-A# scope keyring kr2016


UCS-A/keyring # create certreq 10.68.68.68 sjc2016
UCS-A /keyring* # commit-buffer

B. UCS-B # scope keyring kr2016


UCS-B /keyring # create certreq ip 10.68.68.68 subject-name sjc2016
UCS-B /keyring* # commit-both

C. UCS-B# scope security


UCS-B /security # scope keyring kr2016
UCS-B /security/keyring # set certreq 10.68.68.68 sjc2016
UCS-B /security/keyring* # commit-both

D. UCS-A# scope security


UCS-A /security # scope keyring kr2016
UCS-A /security/keyring # create certreq ip 10.68.68.68 subject-name sjc2016
UCS-A /security/keyring* # commit-buffer

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/CLI-User-Guides/Admin-
Management/4-0/b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_4-0/
b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_4-0_chapter_0110.html

QUESTION 87
An engineer needs to create a new user in the local user database on Cisco UCS Fabric
Interconnect. The user needs permissions to change the following configuration inside
UCS Manager version 3.1:
✑ vNIC and vHBA profiles
✑ Fan speed and power redundancy profile of UCS Manager
Which two roles must be assigned to a user to achieve this goal? (Choose two.)

A. server-compute
B. facility-manager
C. operations
D. server-equipment
E. server-profile

Correct Answer: AD
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-
Management/3-1/b_Cisco_UCS_Admin_Mgmt_Guide_3_1/
b_UCSM_Admin_Mgmt_Guide_chapter_01.html

QUESTION 88
An engineer is implementing FCoE.
Which aspect of DCBXP on a Cisco Nexus switch affects this implementation?

A. It uses the Cisco Fabric Services protocol to exchange parameters between two peer
links.
B. It always is enabled on 10/100-Mbps native Ethernet ports.
C. It provides the authentication of peers on the Cisco Nexus switch.
D. It requires that LLDP transmit and LLDP receive are enabled on the FCoE interface.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 89
Refer to the exhibit.
What is the outcome of this command when the EPLD is updated on a Cisco Nexus
9000 Series Switch?

A. displays the compatibility of the EPLD upgrade and the image in the bootflash
B. shows a simulated upgrade of the EPLD
C. upgrades the EPLD on the switch disruptively
D. displays the impact of the upgrade on the operation of the switch

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/93x/epld-rn/
nxos_n9K_epldRN_936.html

You can use the show install impact epld bootflash: command to determine whether the EPLDs can be
upgraded for all the modules or for specific modules on a switch. This command indicates the current EPLD
images, new EPLD images, and whether the upgrades would be disruptive to switch operations.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/epld/n9k-epld-rn-61.html
QUESTION 90
Refer to the exhibit.

What is the result of implementing this configuration?

A. The TACACS+ server uses the type-6 encrypted format.


B. The switch queries the TACACS+ server by using a clear text PAP login.
C. The timeout value on the TACACS+ server is 10 seconds.
D. The switch queries the TACACS+ server by using an encrypted text PAP login.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
tacacs-server key

To configure a global TACACS+ shared secret key, use the tacacs-server key command. To remove a
configured shared secret, use the no form of this command.

tacacs-server key [0 | 7] shared-secret

Syntax Description

7 (Optional) Configures a preshared key specified in encrypted text to authenticate communication between
the TACACS+ client and server.

QUESTION 91
When the default firmware package is set to a new version, which type of policy
determines the timing of server reboots during the firmware upgrade?

A. maintenance
B. local disk
C. BIOS
D. diagnostics
Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/firmware-mgmt/gui/2-2/
b_GUI_Firmware_Management_22/b_GUI_Firmware_Management_22_chapter_0111.html

QUESTION 92
Which two statements about the process at upgrading an EPLD on a Cisco MDS 9000
Series Switch are correct? (Choose two.)

A. EPLDs are only capable to be upgraded to the latest EPLD image.


B. EPLD upgrades are capable to be completed without powering down the module
during the upgrade.
C. An upgrade verification identifies the impact of each EPLD upgrade.
D. The EPLDs for all the modules on a switch must be upgraded at the same time.
E. EPLDs are capable to be upgraded without replacing the hardware.

Correct Answer: CE
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/7_3/upgrade/upgrade.html

QUESTION 93
A network engineer must configure a Cisco MDS switch to use the local user database
for console access if all AAA servers are unreachable. Which configuration should be
applied to complete this task?

A. aaa authentication login default fallback error local


B. aaa authentication login default local
C. aaa authentication login console local
D. aaa authentication login console fallback error local

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/sec/nxos/
sec/cradtac1.html

QUESTION 94
An engineer needs to install a new package on a Cisco Nexus 9000 Series Switch. What
is the impact of running the install commit <filename> command on the switch?

A. The switch is restarted after the upgrade is complete.


B. The package is used after the switch is restarted
C. The package is used in the running configuration.
D. The previous package that was in use is deleted from bootflash.

Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:

QUESTION 95
When a strict CoPP policy is implemented, which statement describes an event during
which packets are dropped?

A. Fifteen SSH sessions remain connected to the switch.


B. A large system image is copied to a switch by using the default VRF.
C. A ping sweep is performed on a network that is connected through a switch.
D. A web server that is connected to a switch is affected by a DDoS attack.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
A large image upload is more probable to generate that level of traffic.

15 SSH session would mean an average of 200pps per session, and they simply mention that the session
remain connected, if there are no inputs in them they have 0pps and even a full config push would probably
not require 200 packets total.

class copp-system-p-class-management
set cos 2
police cir 3000 pps bc 32 packets conform transmit violate drop

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/security/configuration/guide/
b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide/b_Cisco_Nexus_9000_Series_NX-
OS_Security_Configuration_Guide_chapter_010001.html

QUESTION 96
What is required for using Ansible with HTTP/HTTPS protocol in a Cisco NX-OS
environment?

A. SSH
B. Open Agent Container
C. XML management interface
D. NX-API

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://docs.ansible.com/ansible/2.5/modules/nxos_nxapi_module.html
https://docs.ansible.com/ansible/latest/network/user_guide/platform_nxos.html

QUESTION 97
What are two types of FC/FCoE oversubscription ratios? (Choose two.)

A. server storage to end-node count


B. port bandwidth to uplink bandwidth
C. edge ISL bandwidth to core ISL bandwidth
D. host bandwidth to storage bandwidth
E. switch processing power to end-node processing power

Correct Answer: CD
Section: (none)
Explanation

Explanation/Reference:
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2017/pdf/BRKDCN-1121.pdf
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/operations/n5k_fcoe_ops.html

QUESTION 98
Refer to the exhibit.

An engineer configures a new application profile using REST API and receives this error
message.
Which method can be used before the application profile can be configured?

A. POST to aaaLogin
B. POST to aaaRefresh
C. POST to aaaLogout
D. GET to aaaListDomains

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/rest_cfg/2_1_x/
b_Cisco_APIC_REST_API_Configuration_Guide/
b_Cisco_APIC_REST_API_Configuration_Guide_chapter_01.html

QUESTION 99
The FCoE technology is used in a data center and the MDS switches are configured as
Fibre Channel Forwarders.
What configuration should be applied to an MDS switch in order to be used as the best
switch to connect by the CNAs in the fabric?

A. fcoe fcf-priority 1024


B. fcoe fcf-priority 512
C. fcoe fcf-priority 0
D. no fcoe fcf-priority

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/fcoe/521n11/
b_5k_FCoE_Config_521N11/ b_5k_FCoE_Config_521N11_chapter_011.pdf

QUESTION 100
Refer to the exhibit.

What is a characteristic presented in the service profile of the UUID?

A. based on the hardware


B. vendor assigned
C. unique system generated
D. allocated from a UUID pool

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
there is no parameter for 'set identity dynamic-uuid' to specify a pool name - you can only state "derived" or
a 32 hex character string (128-bits, therefore full UUID).
ucspe /org/service-profile # set identity dynamic-uuid
derived Derived
FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF Dynamic UUID
The documentation, as usual for Cisco, is poor. Shagua references old v1.4.1 documentation but it's the
same in 4.1. It's inaccurate as uuid-pool should now read uuid-suffix-pool. You can use UCSPE to check
the CLI with contextual help.
ucspe /org/service-profile # set identity
dynamic-uuid Dynamic UUID
dynamic-wwnn Dynamic WWNN
uuid-suffix-pool UUID Suffix Pool
wwnn-pool WWNN Pool
If set identity dynamic-uuid only gives us the option of a static UUID or the parameter "derived", and set
identity uuid-suffix-pool is the option to assign a pool... I would suggest that the most logical answer here is
- derived from the hardware.

QUESTION 101
Port security is statically configured on a Cisco Nexus 7700 Series switch and F3 line
card. The switch is configured with an Advanced Services license. Which two actions
delete secured MAC addresses from the interface? (Choose two.)

A. The address must be removed from the configuration.


B. The address must reach the age limit that is configured for the interface.
C. The interface must be converted to a routed port.
D. The device must be restarted manually.
E. Shutdown and then no shutdown must be run on the interface.

Correct Answer: AC
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/6_x/nx-os/security/configuration/guide/
b_Cisco_Nexus_7000_NX-OS_Security_Configuration_Guide__Release_6-x/b_Cisco_Nexus_7000_NX-
OS_Security_Configuration_Guide__Release_6-x_chapter_010001.html

QUESTION 102
Which event is expected during direct upgrade of Cisco UCS Manager firmware?

A. The I/O Module reboots immediately after the firmware is activated.


B. All users logged in to the UCSM are logged out, and their sessions end.
C. Data traffic is disrupted for a single fabric interconnect setup.
D. IPMI polling is interrupted.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
QUESTION 103
An engineer needs a utility to translate traditional Nexus CLI inputs and generate Python
code using XML and JSON message formats. The solution needs to be available on a
Nexus 7700 series switch. Which utility should be used?

A. NX-OS JSON-RPC
B. NX-API Sandbox
C. Guest Shell for NX-OS
D. Open NX-OS

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://developer.cisco.com/docs/nx-os/#!nx-api-cli-developer-sandbox

QUESTION 104

Refer to the exhibit. What is the result of implementing the configuration?

A. RADIUS traffic is sourced from the VLAN 200 interface.


B. The RADIUS server timeout value is 15 milliseconds.
C. Only the RADIUS server is used for authentication.
D. Users specify the RADIUS server when they log in.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 105
An engineer is converting a Cisco MDS switch to support NPIV mode.
What should be considered when implementing the solution?

A. It must be enabled on VSAN 1 only.


B. It must be enabled globally on all VSANs.
C. It requires mapping of external interface traffic.
D. It requires the FLOGI database to be disabled.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/int/nxos/
cli_interfaces/npv.html

QUESTION 106
A network architect is asked to design and manage geographically distributed data
centers across cities and decides to use a Multi-Site Orchestrator deployment.
How many orchestrators should be deployed?

A. 3
B. 5
C. 4
D. 2

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-
infrastructure/white-paper-c11-739609.html

QUESTION 107
Which statement describes monitoring Fibre Channel traffic on a Cisco UCS 6332 Fabric
Interconnect?

A. Fibre Channel traffic is monitored only on one vHBA per server.


B. The destination port for monitoring must be an unassigned Fibre Channel port.
C. The monitoring of Fibre Channel traffic is limited to the default VSAN.
D. Fibre Channel traffic is capable to be monitored as it is encapsulated as FCoE.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
You can monitor Fibre Channel traffic using either a Fibre Channel traffic analyzer or an Ethernet traffic
analyzer. When Fibre Channel traffic is monitored with an Ethernet traffic monitoring session, at an Ethernet
destination port, the destination traffic is FCoE. The Cisco UCS 6300 Fabric Interconnect supports FC
SPAN only on the ingress side. A Fibre Channel port on a Cisco UCS 6248 Fabric Interconnect cannot be
configured as a source port.
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/System-
Monitoring/3-2/b_UCSM_GUI_System_Monitoring_Guide_3_2/
b_UCSM_GUI_System_Monitoring_Guide_3_2_chapter_01101.pdf

QUESTION 108
Refer to the exhibit.
What is the result of implementing this configuration?

A. The Fibre Channel interface is configured for synchronization distribution.


B. The Fibre Channel interface is configured for SPAN.
C. The Fibre Channel interface is configuration for source distribution.
D. The Fibre Channel interface is configured for FSPF.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/san_switching/421_n1_1/
b_Cisco_n5k_nxos_sanswitching_config_guide_rel421_n1_1/
Cisco_n5k_nxos_sanswitching_config_guide_rel421_n1_1_chapter3.html
https://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli_rel_4_1/
Cisco_Nexus_5000_Series_Switch_CLI_Software_Configuration_Guide_chapter50.html

QUESTION 109
Which action must be performed before renumbering a Cisco UCS chassis?

A. Move the chassis to new ports on fibric interconnect.


B. Re-acknowledge the chassis.
C. Decommission the chassis.
D. Run the shut and no shut command on the connected ports.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/
Infrastructure-Mgmt/3-2/b_UCSM_GUI_Infrastructure_Management_Guide_3_2/
b_UCSM_GUI_Infrastructure_Management_Guide_3_2_chapter_0100.html

QUESTION 110
A Cisco MDS 9000 Series Storage Switch has reloaded unexpectedly.
Where does the engineer look for the latest core dump file?

A. /mnt/core
B. /mnt/pss
C. /mnt/logs
D. /mnt/recovery

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/configuration/guides/
system_management/nx-os/sysmgmt_cli_6-x/sys.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/configuration/guides/
system_management/nx-os/sysmgmt_cli_6-x/sys.html#37039

QUESTION 111
A network engineer must determine the cooling requirements for a Cisco UCS C-Series
Rack Server. The server with PCIe cards is configured with a fan configuration policy.
Which configuration should be used for the fan policy of the server?

A.
B.

C.

D.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 112
An engineer must modify an overridden policy by changing the number of FCNS
database entries to 1500 and then generate a message.
What configuration will accomplish this task?

A. event manager applet fcns_policyevent fens entries max-per-switch 1500


action 1.0 syslog priority warnings msg FCNS DB entries have reached the EEM limit
action 2.0 policy-default

B. event manager applet fcns_policy override _fcns_entries_max_per_switch


action 1.0 syslog priority errors "CNS DB entries have reached the EEM limit"
action 2.0 policy-default

C. event manager applet fcns_policy override _fcns_entries_max_per_switch


event fens entries max-per-switch 1500
action 1.0 syslog priority warnings msg FCNS DB entries have reached the EEM limit

D. event manager applet fcns_policy action 1.0 syslog priority warnings msg FCNS DB entries have
reached the EEM limit
action 2.0 event-default

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

The following example modifies an overridden policy by changing the number of FCNS database entries to
1500. It also generates both the configured and the default syslog messages of the default system policy

event manager applet fcns_policy override __fcns_entries_max_per_switch


event fcns entries max-per-switch 1500
action 1.0 syslog priority warnings msg FCNS DB entries have reached the EEM limit

Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/config/system-
management/cisco_mds9000_system_management_config_guide_8x/
configuring_the_embedded_event_manager.html

QUESTION 113
Refer to the exhibit.

Which type of backup is required to restore a Cisco UCS configuration?

A. system configuration
B. all configuration
C. logical configuration
D. full state

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/cli/config/guide/1-0-2/
b_CLI_Config_Guide_1-0-2/CLI_Config_Guide_1-0-2_chapter29.pdf

QUESTION 114
Which mroute state is created when Bidirectional PIM is deployed at a site?

A. MVPN Type-6
B. *,G
C. MVPN Type-7
D. S,G

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/dam/en/us/products/collateral/ios-nx-os-software/multicast-enterprise/
prod_white_paper0900aecd80310db2.pdf
https://networklessons.com/multicast/multicast-bidirectional-pim
https://www.juniper.net/documentation/en_US/junos/topics/topic-map/mcast-pim-bidirectional.html

QUESTION 115
A Cisco UCS C-Series server is installed at a data center. The server should be
managed by the Cisco UCS Manager by using a single cable for management and data
traffic. Which configuration should be applied after the physical connection is
established?

A. UCS-A# scope server 1


UCS-A /server# scope cimc
UCS-A /server/cimc # scope mgmt-conn sideband
UCS-A /server/cimc # mgmt-conn-state enabled
UCS-A /server/cimc/mgmt-conn* # commit-buffer
B. UCS-A# scope chassis 1
UCS-A /chassis# scope cimc
UCS-A /chassis/cimc # scope mgmt-conn sideband
UCS-A /chassis/cimc/mgmt-conn # mgmt-conn-state enabled
UCS-A /chassis/cimc/mgmt-conn* # commit-buffer
C. UCS-A# scope chassis 1
UCS-A /chassis# scope cimc
UCS-A /chassis /cimc # set mgmt-conn-state enabled
UCS-A /chassis /cimc/mgmt-conn* # commit-buffer
D. UCS-A# scope server 1
UCS-A /server# scope cimc
UCS-A /server/cimc # scope mgmt-conn sideband
UCS-A /server/cimc/mgmt-conn #set mgmt-conn-state enabled
UCS-A /server/cimc/mgmt-conn* # commit-buffer

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
Example
UCS-A# scope server 1
UCS-A /server # scope cimc
UCS-A /server/cimc # scope mgm
UCS-A /server/cimc # scope mgmt-conn
UCS-A /server/cimc # scope mgmt-conn sideband
UCS-A /server/cimc/mgmt-conn # set mgmt-conn-state enabled
UCS-A /server/cimc/mgmt-conn* # commit-buffer
UCS-A /server/cimc/mgmt-conn

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c-series_integration/ucsm3-1/b_C-Series-
Integration_UCSM3-1/b_C-Series-Integration_UCSM3-1_chapter_010.html

QUESTION 116
An engineer installed a new Nexus switch with the mgm0 interface in vrf management.
Connectivity to the rest of the network needs to be tested from the guest shell of the NX-
OS. Which command tests connectivity from the guest shell of the NX-OS?

A.
B.
C.
D.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/programmability/guide/
b_Cisco_Nexus_9000_Series_NX-OS_Programmability_Guide_7x/Guest_Shell.html

QUESTION 117
Refer to the exhibit.

What is the result of this series of commands?

A. It reboots the server immediately.


B. It verifies the firmware update on the server.
C. It activates the firmware on the next adapter boot.
D. It updates the firmware on adapter 1/1/1 immediately.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucsmanager/CLI-User-Guides/Firmware-
Mgmt/4-0/b_UCSM_CLI_Firmware_Management_Guide_4-0/
b_UCSM_CLI_Firmware_Management_Guide_4-0_chapter_011.html
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/firmware-mgmt/cli/2-2/
b_CLI_Firmware_Management_22/b_CLI_Firmware_Management_22_chapter_0111.html

QUESTION 118
APIC EPG Resolution Immediacy is set to "Immediate".
Which statement is true about the Deployment Immediacy for VMM domains associated
to EPGs?

A. The "Immediate" and "On demand" options require a port group to be created on the
VDS.
B. If "On demand" is selected, the policy is programmed in the hardware only when the
APIC detects a VM created in the EPG.
C. If "On demand" is selected the policy is programmed in the hardware only when the
first packet is received through the data path.
D. If "immediate" is selected the policy is programmed in the hardware as soon as the
leaf is booted.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
Deployment Immediacy
Once the policies are downloaded to the leaf software, deployment immediacy can specify when the policy
is pushed into the hardware policy content-addressable memory (CAM).

Immediate—Specifies that the policy is programmed in the hardware policy CAM as soon as the policy is
downloaded in the leaf software.

On demand—Specifies that the policy is programmed in the hardware policy CAM only when the first packet
is received through the data path. This process helps to optimize the hardware space.
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/4-x/aci-fundamentals/Cisco-ACI-
Fundamentals-401/Cisco-ACI-Fundamentals-401_chapter_01001.html

QUESTION 119
A DNS server with IP address 192.168.1.1 is deployed in a data center A network
engineer must configure a Cisco UCS Fabric Interconnect to use this DNS. Which
configuration should be applied?

A. ficl-mgmt-A# scope system


ficl-mgmt-A/system# create dns 192.168.1.1
ficl-mgmt-A/system*# commit-buffer
B. ficl-mgmt-A# scope fabric-interconnect a
ficl-mgmt-A/fabric-interconnect# set name 192.168.1.1
ficl-mgmt-A/fabric-interconnect# scope system
ficl-mgmt-A/system#commit-buffer
C. ficl-mgmt-A# scope fabric-interconnect a
ficl-mgmt-A/fabric-interconnect# set name 192.168.1.1
ficl-mgmt-A/fabric-interconnect*# commit-buffer
D. ficl-mgmt-A# scope system
ficl-mgmt-A/system# scope services
ficl-mgmt-A/system/services# create dns 192.168.1.1
ficl-mgmt-A/system/services*# commit-buffer

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/cli/config/guide/1-3-1/
b_CLI_Config_Guide_1_3_1/CLI_Config_Guide_1_3_1_chapter11.pdf

QUESTION 120
An engineer updated firmware on Fabric Interconnects and activates it. However, the
endpoint fails to boot from the new firmware image.
What is expected to occur in this case?

A. The system defaults to the backup image version


B. The system defaults to and boots into GOLD firmware image
C. The system defaults to the GOLD firmware image
D. The system defaults to and boots into kickstart image

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/CLI-User-Guides/Firmware-
Mgmt/4-0/ b_UCSM_CLI_Firmware_Management_Guide_4-0/
b_UCSM_CLI_Firmware_Management_Guide_4-0_chapter_011.html

QUESTION 121

Refer to the exhibit. Which VLANs are capable to be assigned on vPC interfaces?

A. 100-103
B. 100-104
C. 100-102
D. 100-105

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
QUESTION 122
Refer to the exhibit.
Which statement about the default gateway configuration of the vPC is true?

A. N7K-1 acts as the default gateway for all traffic.


B. N7K-2 forwards traffic that is destined for the default gateway by using the peer link.
C. N7K-2 acts as the default gateway for all traffic.
D. Either switch can act as the active default gateway.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
The vPC peer-gateway functionality allows a vPC switch to act as the active gateway for packets that are
addressed to the router MAC address of the vPC peer.
This feature enables local forwarding of such packets without the need to cross the vPC peer-link

https://community.cisco.com/t5/networking-documents/peer-gateway-feature-on-the-nexus-7000/ta-
p/3113290

QUESTION 123
Refer to the exhibit.

An engineer must configure FCoE on a Cisco Nexus switch. Which two command sets
complete this configuration? (Choose two.)

A. interface vfc 10
bind interface fcoe-vfc 1/3
no shut
B. vsan database
vsan 10 interface ethernet 1/3
C. interface fcoe 10
bind interface ethernet 1/3
no shut
D. interface vfc 10
bind interface ethernet 1/3
no shut
E. vsan database
vsan 10 interface vfc 10
Correct Answer: DE
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/fcoe/421_n1_1/
b_Cisco_n5k_fcoe_config_gd_re_421_n1_1/Cisco_n5k_fcoe_config_gd_re_421_n1_1_chapter4.html

QUESTION 124
Due to a major version change, an engineer must perform a software upgrade on a
Cisco Nexus Series switch.
Which two technologies should be implemented to reduce disruptions to the network
during the upgrade? (Choose two.)

A. MLAG
B. HSRP
C. PAgP
D. VDC
E. vPC

Correct Answer: BE
Section: (none)
Explanation

Explanation/Reference:
NO- VDC cause if you upgrade the NXOS it will be in the whole system
NO- MLAG is not supported in Nexus
NO- Pagp is an etherchannel
HSRP and vPC will minimize disruptions because of redundancy.
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/7_x/nx-os/upgrade/guide/
b_Cisco_Nexus_7000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide_Release_7-x.html

QUESTION 125
An engineer must configure a Nexus 7000 series switch for HSRP on VLAN 100. When fully functional, the
router must be the active master. Which set of commands must be used to implement the scenario?
A.

B.

C.

D.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 126
What is an advantage of using Ansible for automation as compared to Puppet and Chef?

A. Ansible automates the enforcement of configuration settings.


B. Ansible perform automation without installing a software agent on the target node.
C. Ansible configures a set of CLI commands on a device by using NETCONF.
D. Ansible abstracts a scenario so that set of configuration setting can be used across
multiple operating systems.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 127
Which two authentication types does Cisco UCS Manager support when configuring
authentication? (Choose two.)

A. local
B. LDAP
C. 802.1X
D. Kerberos
E. PAM

Correct Answer: AB
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-
Management/3-2/b_Cisco_UCS_Admin_Mgmt_Guide_3_2/
b_Cisco_UCS_Admin_Mgmt_Guide_3_2_chapter_0101.html

QUESTION 128
Which server policy is used to install new Cisco IMC software on a server?

A. host firmware policy


B. hypervisor firmware policy
C. BIOS software policy
D. Cisco IMC software policy

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/CLI-User-Guides/Firmware-
Mgmt/4-0/b_UCSM_CLI_Firmware_Management_Guide_4-0/
b_UCSM_CLI_Firmware_Management_Guide_4-0_chapter_01.html#

You can use host firmware packages by defining a host firmware policy as an attribute of a service profile
template, which is an updating template. Any change made to the service profile template is automatically
made to its instantiated service profiles. Subsequently, the servers associated with the service profiles are
also upgraded in parallel with the firmware version.
QUESTION 129
Refer to the exhibit.
Why does the Python code for Cisco NX-API print an error message?
A. The "type" is wrong in the header of the request and should be "cli_ conf".
B. NX-API does not allow configuration for features via the requests module.
C. The "type" is wrong is the body of the request and should be "cli_ conf".
D. The JSON is not a supported format for the NX-API.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
"Commands that belong to different message types should not be mixed. For example, show commands
are cli_show message type and are not supported in cli_conf mode."

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus7000/sw/programmability/guide/
cisco_nexus7000_programmability_guide_8x/b-cisco-nexus7000-programmability-guide-
8x_chapter_011.html

QUESTION 130
Refer to the exhibit.

Which backup operation type does not include the Preserve Identities feature?

A. logical configuration
B. system configuration
C. full state
D. all configuration

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
This checkbox remains selected for All Configuration and System Configuration. Full State backup does not
have Preserver Identity feature.

All configs, logical and system backups seem to allow “preserve identities”:

https://books.google.pt/books?id=5VXUDwAAQBAJ&pg=PT699&lpg=PT699&dq=Preserve+Identities
+feature+backup+ucs&source=bl&ots=daWx-
ti4DV&sig=ACfU3U3X8UlPtS8EewzRIqTxqpyNVqOaNQ&hl=es-
419&sa=X&ved=2ahUKEwiYhtaxyMDqAhXFzIUKHXl8CzoQ6AEwC3oECAoQAQ#v=onepage&q=Preserve
%20Identities%20feature%20backup%20ucs&f=false

QUESTION 131
Host1 is in VLAN100 located in DataCenter1 and Host2 is in VLAN200 located in
DataCenter2.
Which OTV VLAN mapping configuration allows Layer 2 connectivity between these two
hosts?

A.

B.

C.
D.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/support/docs/switches/nexus-7000-series-switches/200998-Nexus-7000-
OTV-VLAN-Mapping-on-Overlay.htm

QUESTION 132
An engineer is seeking the most optimal on demand CPU performance while configuring
the BIOS settings of UCS C-series rack mount server.

A. C0/C1 state
B. C6 Retention
C. C2 state
D. C6 non-Retention

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/products/collateral/servers-unified-computing/ucs-b-series-blade-servers/
white-paper-c11-744678.html
"Whether the BIOS sends the C6 report to the operating system. When the OS receives the report, it can
transition the processor into the lower C6 power state to decrease energy usage while maintaining optimal
processor performance""

QUESTION 133
Which MAC address is an HSRP version 2?

A. 0100.5E7F.FFFF
B. 3799.9943 3000
C. 0000.0C9F.F0C8
D. 0000.OC07.AC1H

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp_fhrp/configuration/xe-3s/fhp-xe-3s-book/fhp-hsrp-
v2.html
QUESTION 134
An engineer must implement a Cisco UCS system at a customer site. One of the
requirements is to implement SAN boot. The storage system maps the source WWPN to
a unique LUN.
Which method does Cisco recommend to configure the SAN boot?

A. Create a SAN boot policy in which every initiator is mapped to the same target LUN.
B. Define the vHBAs as bootable and leave the default values on the target definition.
C. Define the vHBAs as bootable and leave the boot target definition empty.
D. Create a SAN boot policy in which every initiator is mapped to a different target LUN.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
While you have multiple zones consisting of FC vHBAs and storage target wwpns for SAN Fabrics A and B,
you are ultimately booting off of the same boot LUN. Multiple paths to get to the same boot device which
correspond with the same LUN ID.

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ts/guide/UCSTroubleshooting/
UCSTroubleshooting_chapter_0110.html#r_sanarrayconfigurationchecklist

QUESTION 135
Which statement is true about upgrading the firmware on a Cisco MDS storage switch
with dual supervisors?

A. The standby supervisor must be offline before the firmware upgrade begins.
B. Both supervisors load the new firmware and then the active supervisor reboots.
C. Supervisors can be upgraded independently to test the new firmware.
D. The new firmware is load on the standby supervisor first.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/support/docs/storage-networking/mds-9000-nx-os-san-os-software/118952-
technote-mds9k-00.html#:~:text=On%20a%2095xx%20or%2097xx,becomes%20the%20new%20standby%
20supervisor.

QUESTION 136
An engineer must create a backup file of the entire Cisco UCS system before the
maintenance window starts. The backup file must include these attributes:
* all logical configuration settings such as service profiles. VLANs. and VSANs
* all Cisco UCS usernames. roles, and locales
* all Cisco UCS system settings
Which backup type must be selected to achieve this goal?

A. All Configuration
B. Full State
C. System Configuration
D. Logical Configuration

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 137
An engineer must configure a named VSAN when the fabric interconnect is in Fibre
Channel switch mode The VSAN must meet these requirements:
* Named VSAN must be called "VSAN 10".
* VSAN ID must be 10.
* FCoE ID must be 20.
* VSAN 10 must be attached to port 2 in slot 1.
Which command set configures a VSAN when the fabric interconnect is in Fibre Channel
switch mode?

A.

B.

C.

D.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 138
Refer to the exhibit.

Which result of running the command is true?


A. The PIM database is deleted.
B. Multicast traffic forwarding is suspended.
C. PIM join messages are suspended.
D. MRIB is flushed

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
When you restart PIM, the following tasks are performed:
The PIM database is deleted.
The MRIB and MFIB are unaffected and forwarding of traffic continues.
The multicast route ownership is verified through the MRIB.
Periodic PIM join and prune messages from neighbors are used to repopulate the database.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/multicast/configuration/guide/
b_Cisco_Nexus_9000_Series_NX-OS_Multicast_Routing_Configuration_Guide/
b_Cisco_Nexus_9000_Series_NX-OS_Multicast_Routing_Configuration_Guide_chapter_011.html

QUESTION 139
Refer to the exhibit. An engineer needs to implement a monitoring session that should
meet the following requirements:
✑ Monitor traffic from leaf to leaf switches on a Cisco ACI network
✑ Support filtering traffic from Bridge Domain or VRF
Which configuration must be added to meet these requirements?

A. interface eth 1/2 switch 101


B. interface eth 1/2 leaf 101
C. application app1 epg epg1
D. application epg epg1 app1

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
It's correct (application app1 epg epg1) but the answer is incomplete.
The full command is "filter tenant t1 application app1 epg epg1" and it needs to be added under "source
interface eth 1/1 switch 101"
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/troubleshooting/
b_APIC_Troubleshooting/b_APIC_Troubleshooting_chapter_0110.html

QUESTION 140
Refer to the exhibit.
What is the reason the system-fm-vrrp checkpoint was created?

A. The VRRP service restarted and the checkpoint was automatically created.
B. The network administrator manually created it.
C. The VRRP process crashed and the checkpoint was automatically created.
D. The VRRP-enabled feature has been disabled.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
automatically created by the Nexus when the vrrp feature is disabled
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/system_management/
configuration/guide/sm_nx_os_cg/sm_7rollback.html

QUESTION 141
Which method must a network engineer use to upgrade the BIOS firmware or a Cisco
UCS standalone C-Series rack-mount server?

A. Use the Cisco host upgrade utility.


B. Use the Cisco hardware upgrade utility.
C. Use the Cisco host firmware policy.
D. Use the U-ACPI Interface.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/sw/bios/
b_Upgrading_BIOS_Firmware.html#task_FE0506DF43B9401981C0148F9F49FD09

QUESTION 142
Which statement describes the MAC address that the FCoE Initialization Protocol chooses for use by an E-
Node in an FCoE implementation?

A. The FCoE Initialization Protocol uses the burned-in MAC address of the converged network adapter for
all FCoE operations.
B. The FCoE Initialization Protocol uses a 24-bit FC-MAP and concatenates a 24-bit Fibre Channel
ID to create a fabric-provided MAC address.
C. The FCoE Initialization Protocol uses 01.00.0C as the first 24 bits of the MAC address and appends a
24-bit Fibre Channel ID to derive a full 48-bit FCoE MAC address.
D. FCoE does not use a MAC address. The FCoE Initialization Protocol is used to acquire a Fibre Channel
ID, and the address is used for all FCoE communications in the same way as Fibre Channel Protocol.

Correct Answer: AB
Section: (none)
Explanation

Explanation/Reference:
Validate!

QUESTION 143
An engineer is running an ACI fabric, has VMM integration with VMware vCenter, and wants to enable
microsegmentation based on vCenter VM attributes.
Which statement describes microsegmentation in this scenario?

A. ACI does not support microsegmentation based on vCenter VM attributes. You should use network
attributes for mircosegmentation.
B. An ACI microsegmented EPG automatically creates a port group with a private VLAN configured on a
VMware vCenter distributed virtual switch.
C. When enabled, microsegmentation performs distributed switching and routing on the ESXi hosts.
D. Microsegmentation is supported only using AVE or AVS.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 144
A host in EPG Client wants to talk to a webserver in EPG Web. A contract with default settings is defined
between EPG Client and EPG Web, which allows TCP communication initiated by the client toward the
webserver with TCP destination port 80.
Which statement describes this scenario?

A. If EPG Web is made a preferred group member, a contract between EPG Client and EPG Web is no
longer required for the host in EPG Client to reach the webserver in EPG Web.
B. If vzAny is configured to consume and provide a "deny all" contract, traffic between EPG Client and EPG
Web is no longer allowed.
C. The host in EPG Client is allowed to connect to TCP destination port 80 on the webserver in EPG Web.
The webserver will not be allowed to initiate a separate TCP connection to a host port with TCP source
port 80.
D. The host in EPG Client is allowed to connect to TCP destination port 80 on the webserver in EPG Web.
The webserver is allowed to initiate a separate TCP connection to a host port with TCP source port 80.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
Apply Both Direction and Reverse Filter Port in the subject for the filter. These two options are by default
enabled...This means that if the provider EPG initiates traffic toward the consumer EPG, the Cisco ACI
fabric allows it for any destination ports if the source port is 80.
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/Operating_ACI/guide/
b_Cisco_Operating_ACI/b_Cisco_Operating_ACI_chapter_01000.html

Reverse filter and apply in both directions is default.


If a filter allows traffic from any consumer port to a provider port (e.g. 8888), if reverse port filtering is
enabled and the contract is applied both directions (say for TCP traffic), either the consumer or the provider
can initiate communication. The provider could open up a TCP socket to the consumer using port 8888,
whether the provider or consumer sent traffic first.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/Operating_ACI/guide/
b_Cisco_Operating_ACI/b_Cisco_Operating_ACI_chapter_01000.html

QUESTION 145
Which of the following FabricPath components provides access layer connectivity?

A. a leaf switch
B. the APIC
C. a spine switch
D. a CE network

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
Explanation:

Of the available choices, a leaf switch is the Cisco FabricPath component that provides access layer
connectivity. Cisco FabricPath is a means of constructing a scalable Open Systems Interconnection (OSI)
networking model Layer 2 network from both Layer 2 and Layer 3 components. End hosts and classic
Ethernet (CE) networks are typically directly connected to leaf switches by using edge ports.
Spine switches do not provide access layer connectivity. Spine switches are the Cisco FabricPath
component that form the backbone of the FabricPath's switching fabric. Typically, leaf switches are
connected to every spine switch along the backbone so that the spine switches provide connectivity
between the leaf switches. Leaf switches connect to spine switches by using core ports.

The Cisco Application Policy Infrastructure Controller (APIC) is a means of managing the Cisco Application
Centric Infrastructure (ACI). A Cisco ACI architecture requires both the APIC and the spine switches and
leaf switches of FabricPath to complete the architecture. The APIC communicates with the spine and leaf
nodes and provides policy distribution as well as centralized management.

A CE network, which is a traditional Ethernet network that uses Spanning Tree Protocol (STP) and
transparent bridging, is not technically part of Cisco FabricPath.

However, Cisco Nexus switches can connect to a CE network and Cisco FabricPath simultaneously.

https://www.cisco.com/c/dam/en/us/products/collateral/switches/nexus-7000-series-switches/
white_paper_c07-728188.pdf

QUESTION 146
Which of the following is Cisco software that can be used to manage multiple UCS domains across
geographical boundaries?

A. Cisco UCS Director


B. Cisco IMC Supervisor
C. Cisco UCS Manager
D. Cisco UCS Central
Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
Cisco Unified Computing System (UCS) Central is software that can be used to manage multiple UCS
domains, including domains that are separated by geographical boundaries. Cisco UCS Central can be
used to deploy standardized configurations and policies from a central virtual machine (VM).

Cisco UCS Director is software that can automate actions and be used to construct a private cloud. Cisco
UCS Director creates a basic Infrastructure as a Service (IaaS) framework by using hardware abstraction to
convert hardware and software into programmable actions that can then be combined into an automated
custom workflow. Thus Cisco UCS Director enables administrators to construct a private cloud in which
they can automate and orchestrate both physical and virtual components of a data center. Cisco UCS
Director is typically accessed by using a web-based interface.

Cisco UCS Manager is web-based software that can be used to manage a single UCS domain. The
software is typically embedded in Cisco UCS fabric interconnects rather than installed in a VM or on
separate physical servers.

Cisco Integrated Management Controller (IMC) Supervisor is software that can be used to centrally manage
multiple standalone Cisco C-Series and E-Series servers. The servers need not be located at the same
site. Cisco IMC Supervisor uses a web-based interface and is typically deployed as a downloadable virtual
application.

QUESTION 147
Which of the following is true of the default VRF on a Cisco router?

A. It includes only the mgmt 0 interface.


B. No routing protocols are allowed to run there.
C. It is similar to a router's global routing table.
D. It is used only for management.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
A Cisco router's default virtual routing and forwarding (VRF) instance is similar to a router's global routing
table. The default VRF includes all Layer 3 interfaces until you assign those interfaces to another VRF.
Similarly, the default VRF runs any routing protocols that are configured unless those routing protocols are
assigned to another VRF. All show and exec commands that are issued in the default VRF apply to the
default routing context.

VRFs are used to logically separate Open Systems Interconnection (OSI) networking model Layer 3
networks. Therefore, it is possible to have overlapping Internet Protocol version 4 (IPv4) or Internet Protocol
version 6 (IPv6) addresses in environments that contain multiple tenants. However, an interface that has
been assigned to a given VRF cannot be simultaneously assigned to another VRF. The address space,
routing process, and forwarding table that are used within a VRF are local to that VRF. By default, a Cisco
router is configured with two VRFs: the management VRF and the default VRF.

The management VRF, not the default VRF, is used only for management. No routing protocols are allowed
to run in the management VRF. All routing is static. The management VRF includes only the mgmt 0
interface, which cannot be assigned to any other VRF. However, the mgmt 0 interface is shared among
virtual device contexts (VDCs).

QUESTION 148
You are configuring a service profile for a Cisco UCS server that contains two physical HBAs and no NICs.
How many vNICs can be configured for this server?

A. four
B. eight
C. six
D. none
E. two

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
No virtual network interface cards (vNICs) can be configured for a Cisco Unified Computing System (UCS)
server that contains two physical host bus adapters (HBAs) and no network interface cards (NICs). Cisco
UCS server can be configured with the number of vNICs that corresponds to available physical NICs on the
server. Similarly, a Cisco UCS can be configured with the number of virtual HBAs (vHBAs) that corresponds
to available physical HBAs on the physical adapters that are installed in the device. In this scenario, it is
possible to configure the server with two VHBAs.

It is not possible to configure two vNICs for the Cisco UCS server in this scenario. In order to configure two
NICs, the server would need to be configured with one or more adapters that each contains one or more
physical NICs. For example, a Cisco converged network adapter typically contains two physical ports.
Therefore, a Cisco UCS server that is configured with a single converged network adapter could be
configured with two NICs. A converged network adapter is a single unit that combines a physical HBA and a
physical Ethernet NIC. A Cisco converged network adapter typically contains two of these types of ports.

It is not possible to configure four vNICs for the Cisco UCS server in this scenario. To configure four vNICs,
the UCS server would need to be configured with adapters that contain up to four physical NICs.

It is not possible to configure eight VNICs for the Cisco UCS server in this scenario. To configure eight
vNICs, the UCS server would need to be configured with adapters that contain up to eight physical NICs.

QUESTION 149
Which of the following Cisco UCS servers is most likely to require a special version of Cisco UCS
Manager?

A. C-Series servers
B. B-Series servers
C. E-Series servers
D. UCS Mini servers

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
Of the available options, Cisco Unified Computing System (UCS) Mini servers are most likely to require a
special version of Cisco UCS Manager. Cisco UCS Mini servers are a compact integration of a Cisco UCS
5108 blade chassis, Cisco UCS 6324 Fabric Interconnects, and Cisco UCS Manager. Unlike other Cisco
UCS servers, the UCS Mini server requires a special version of Cisco UCS Manager for management. It is
possible to connect Cisco UCS C-Series servers to Cisco UCS Mini servers in order to expand their
abilities.

Cisco UCS C-Series servers do not require a UCS fabric, nor do they require Cisco UCS Manager. Cisco
UCS C-Series servers are rack-mount standalone servers that can operate either with or without integration
with Cisco UCS Manager. For administrators who are more familiar with traditional Ethernet networks than
UCS Fabric Interconnect, C-Series servers will most likely be simpler to deploy and feel more familiar than
other Cisco UCS server products.

Cisco UCS B-Series servers require a UCS fabric and use a standard version of Cisco UCS Manager.
Cisco UCS B-Series servers are blade servers that are installed in a UCS blade chassis. These blade
servers can connect only to Cisco UCS Fabric Interconnect, not directly to a traditional Ethernet network.
Blade servers in a chassis are typically hot-swappable, unlike the components of a rack-mount server.
Therefore, blade server configurations are less likely to result in prolonged downtime if hardware fails.
Cisco UCS E-Series servers are blade servers that can use a standard version of Cisco UCS Manager.
However, Cisco UCS E-Series servers have similar capabilities to the standalone C-Series servers and do
not require connectivity to a UCS fabric. In a small office environment, Cisco UCS E-Series servers are
capable of providing the network connectivity and capabilities of a C-Series server along with the availability
of B-Series servers.

QUESTION 150
Which of the following are true about Cisco UCS Director workflow templates? (Choose three.)

A. They contain task names, a workflow structure, and input names.


B. They can be executed like normal workflows.
C. They can be used to schedule workflows.
D. They can be used to instantiate new workflows.
E. Some templates are predefined in the system.

Correct Answer: ADE


Section: (none)
Explanation

Explanation/Reference:
Cisco Unified Computing System (UCS) Director workflow templates can be used to instantiate new
workflows. Workflow templates are used as blueprints to create new workflows. In addition, you can create
a new workflow and then export that workflow as a template in order to create other workflows built around
the same tasks.

Cisco UCS Director workflow templates contain task names, a workflow structure, and input names. Task
names are literally the string names of the tasks that are to be executed in the workflow. The tasks
themselves are already built into the system in which the workflow template is defined. A workflow structure
defines how the tasks are connected in the series. Input names define the details about the variables that
are used to store the workflow’s user input.

Some Cisco UCS Director workflow templates are predefined in the system. Predefined workflow templates
can be accessed by using the Workflow Templates tab in Cisco UCS Director Orchestration.

Cisco UCS Director workflow templates cannot be executed like normal workflows. In addition, workflow
templates cannot be used to schedule workflows. Cisco UCS Director is a resource automation and
orchestration tool. UCS Director workflows are task sequences that accept user input and then
automatically perform a series of tasks to complete a complex operation. Workflow templates simplify the
creation of workflows based on a set of predefined tasks and therefore cannot themselves be executed.
Workflows can be executed in several ways, including by using service requests, the Execute Now action, a
virtual machine (VM) Action policy, a trigger, a schedule, or the rollback feature.

QUESTION 151
Which of the following is least likely to be used to construct or access a cloud-based API?

A. a SOAP API
B. GraphQL
C. the Java API
D. a REST API

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
Of the available choices, the Java Application Programming Interface (API) is least likely to be used to
construct or access a cloud-based API. The Java API is typically accessed by Java applications that are
running in the Java virtual machine (VM), which is the Java component that executes compiled Java
programs. The Java API is a collection of Java classes that developers can use for data collection or to
build interfaces. Open APIs can be used to enable services such as billing automation and centralized
management of cloud infrastructure.
Representational state transfer (REST) is an API architecture that uses Hypertext Transfer Protocol (HTTP)
or HTTP Secure (HTTPS) to enable external resources to access and make use of programmatic methods
that are exposed by the API. Therefore, it is possible to construct or access a cloud-based API from REST.
For example, a web application that retrieves user product reviews from an online marketplace for display
on third-party websites might obtain those reviews by using methods provided in an API that is developed
and maintained by that marketplace. REST APIs can return data in Extensible Markup Language (XML)
format or in JavaScript Object Notation (JSON) format.

Simple Object Access Protocol (SOAP) APIs can be used to construct or access cloud-based APIs. SOAP
is an older API messaging protocol that uses HTTP and XML to enable communication between devices.
SOAP APIs are typically more resource-intensive than REST APIs and, therefore, slower. Unlike REST
APIs, SOAP APIs do not return JSON-formatted output.

Graph Query Language (GraphQL) can be used to access cloud-based APIs. GraphQL is an API query
language and a runtime that is intended to lower the burden of making multiple API calls to obtain a single
set of data. For example, data that requires three or four HTTP GET requests when constructed from a
standard REST API might take only one request when using GraphQL. Similar to REST API, GraphQL
output is in JSON format. Although GraphQL can use HTTP or HTTPS, it is not limited to those protocols.

QUESTION 152
You connect an FC link to unified port 1/31 on a new Cisco Nexus 5548UP switch and receive the following
error messages:
ERROR: Ethernet range starts from first port of the module ERROR: FC range should end on last port of
the module
Which of the following is most likely true?

A. The link you connected should have been to unified port 1/32.
B. The link you connected was actually Ethernet, not FC.
C. The link you connected should have been to unified port 1/17.
D. The link you connected was FC but should have been Ethernet.
E. The link you connected should have been to unified port 1/1.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
Of the available choices, it is most likely that the link you connected should have been to unified port 1/32
on the Cisco Nexus 5548UP switch in this scenario. Unified ports are ports that can be either Ethernet or
Fibre Channel (FC) ports. Cisco Nexus switches that support unified ports require that Ethernet links be
connected from the beginning of the port range forward and that FC links be connected from the end of the
port range backward. Slot 1 of a Cisco Nexus 5548UP switch contains 32 unified ports. Therefore, in this
scenario, the FC link on the new switch would need to be connected to port 1/32 before any other FC links
could be connected in the FC range.

As a further example, if you were to connect a single Ethernet link and a single FC link to slot 1 of a Cisco
Nexus 5548UP switch that has no other links connected, you must connect the Ethernet link to port 1/1 and
the FC link to port 1/32. If you were to then connect an additional Ethernet link to slot 1, that link must be
connected to port 1/2. If you were to connect an additional FC link to slot 1, that link must be connected to
port 1/31. Link additions should continue in that way until the Ethernet range ends where the FC range
begins and no more ports are available in the slot.

The link in this scenario should not have been connected to unified port 1/17. Unified port 1/17 on a Cisco
Nexus 5548UP switch falls in the middle of the 32-port range of slot 1. This port could be the end of an
Ethernet port range if it were preceded by 16 other Ethernet links or the beginning of an FC port range if it
were succeeded by 15 other FC links.

The link in this scenario should not have been connected to unified port 1/1. In addition, there is nothing in
this scenario to indicate that the link was or should have been an Ethernet link.

QUESTION 153
A user retrieves data in XML format from a Cisco APIC device by submitting a GET request on TCP port
443.
Which of the following technologies are most likely in use? (Choose two.)

A. JSON
B. REST API
C. HTTP
D. SOAP API
E. HTTPS

Correct Answer: BE
Section: (none)
Explanation

Explanation/Reference:
Most likely, representational state transfer (REST) Application Programming Interface (API) and Hypertext
Transfer Protocol Secure (HTTPS) are in use if a user retrieves data in Extensible Markup Language (XML)
format from an application by submitting a GET request on Transmission Control Protocol (TCP) port 443.
REST is an API architecture that uses Hypertext Transfer Protocol (HTTP) or HTTPS to enable external
resources to access and make use of programming methods that are exposed by the API. In this way,
users can interact with specific portions of a data structure from a remote system. By default, HTTPS
operates on TCP port 443. A GET request is an HTTP method of retrieving information from an HTTP
server.

It is not likely that HTTP is in use in this scenario, because the TCP port on which the GET request is being
made is the HTTPS port. If unencrypted HTTP was being used in this scenario, the TCP port on which the
request is being made would most likely be TCP port 80. By default, HTTP servers listen for traffic on TCP
port 80. On Cisco Application Policy Infrastructure Controller (APIC) devices, HTTPS, not HTTP, is enabled
by default. It is possible to enable HTTP on an APIC device. However, HTTP is less secure than HTTPS
and is therefore not recommended for that purpose.

It is not likely that Simple Object Access Protocol (SOAP) API is being used in this scenario, because the
user is retrieving data from a Cisco APIC device. Cisco APIC does not support SOAP, which is an older API
messaging protocol that uses HTTP and XML to enable communication between devices. SOAP APIs are
typically more resource-intensive than more modern APIs and, therefore, slower. Open APIs can be used to
enable services such as billing automation and centralized management of cloud infrastructure.

JavaScript Object Notation (JSON) is not in use in this scenario. JSON is an output format that is supported
by REST API. However, in this scenario, the user has retrieved data from the Cisco APIC device in XML
format.

QUESTION 154
During the APIC cluster discovery process, LLDP is used for which of the following tasks?

A. assignment of VTEP addresses


B. discovering MAC addresses
C. discovering private IP addresses
D. serving the APIC GUI

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
Link-Layer Discovery Protocol (LLPD) is used for discovering private Internet Protocol (IP) addresses during
the Cisco Application Policy Infrastructure Controller (APIC) cluster discovery process. LLDP is used by
APIC controllers to discover the private IP addresses and other information assigned to other APIC
controllers in the cluster. LLDP is a standard protocol that detects neighboring devices of any type.

LLDP is not used to assign virtual extensible local area network (VXLAN) tunnel endpoints (VTEPs).
However, a Cisco Application Centric Infrastructure (ACI) fabric uses LLDP along with Dynamic Host
Configuration Protocol (DHCP) to discover switch nodes and to assign IP addresses to VTEPs. LLDP is
also used by APIC to detect virtual switches, although it is possible to use Cisco Discovery Protocol (CDP)
for that purpose.
LLDP is not used to serve the APIC graphical user interface (GUI). The APIC GUI is constructed in
Hypertext Markup Language (HTML) 5. Therefore, Hypertext Transfer Protocol (HTTP), not LLDP, serves
the APIC GUI.

LLDP is not used to discover Media Access Control (MAC) addresses. A switched network uses Address
Resolution Protocol (ARP) to map MAC addresses to IP addresses.

QUESTION 155
In which of the following formats does a REST API produce output? (Choose two.)

A. XML
B. CSV
C. HTML
D. JSON
E. HTTP

Correct Answer: AD
Section: (none)
Explanation

Explanation/Reference:
Representational state transfer (REST) produces output in either JavaScript Object Notation (JSON) or
Extensible Markup Language (XML) format. REST is an Application Programming Interface (API)
architecture that uses Hypertext Transfer Protocol (HTTP) or HTTP Secure (HTTPS) to enable external
resources to access and make use of programming methods that are exposed by the API. For example, a
web application that retrieves user product reviews from an online marketplace for display on third-party
websites might obtain those reviews by using methods provided in an API that is developed and maintained
by the marketplace. The JSON or XML output that is returned by the API is parsed by the third-party
website for display.

A REST API does not produce output in Hypertext Markup Language (HTML) format. Although HTML is
similar to XML, which uses tags like HTML does, XLM requires a strict syntax and is typically used to
structure data, not format and render data in a web browser. HTML, on the other hand, is designed to
inform a web browser about how given information should be displayed.

A REST API does not produce output in HTTP format. HTTP is the Open Systems Interconnection (OSI)
networking model Application layer protocol that is used to transfer information from a web server to a web
browser. A REST API uses HTTP to transmit requests for information to a web server, which is not the
same as producing the formatted output that is returned from the server.

A REST API does not produce output in comma separated values (CSV) format. The CSV format is a
common tabular format that is supported by spreadsheet applications and other business reporting
applications. CSV files are plain-text files that segregate the fields of a table by using a combination of
quotation marks, symbolic delimiters such as a comma or a semicolon, and line breaks.

QUESTION 156
You manage the Cisco ACI fabric in the following exhibit:
S2 has just been discovered by APIC1. Only one leaf switch has been discovered and registered with
APIC1 so far. No other spine switches have been discovered. Which of the following switches will most
likely be discovered next?

A. L5
B. S1
C. L1, L2 and L3
D. L4 and L6
E. L1, L2, L3, L4 and L6

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
Most likely, S1 will be discovered next because of the way that Cisco Application Policy Infrastructure
Controllers (APICs) discover and register leaf and spine switches in a Cisco Application Centric
Infrastructure (ACI) fabric. In this scenario, APIC1 Has just discovered S2. This means that L5, the leaf
switch to which APIC1 is directly connected, has already been discovered as well. L5 is directly connected
to both spine switches in the topology. Because S2 was just discovered and no other spine switches have
yet been discovered, it is likely that APIC1 will next discover S1.

APIC1 will not discover L5 next, because APIC1 has already discovered and registered L5. When a Cisco
APIC begins the switch discovery process, it first detects only the leaf switch to which it is connected. After
that leaf switch is registered, the APIC discovers each of the spine switches to which the leaf switch is
connected. Spine switches do not automatically register with the APIC. When a spine switch is registered
with the APIC, the APIC will discover all the leaf switches that are connected to that spine switch. Therefore,
APIC1 will not discover all the leaf switches in this scenario until each spine switch is registered with the
APIC. APIC1 will not discover L1, L2, L3, L4, or L6 next. All these switches are leaf switches that are
directly connected to both S1 and S2. Although APIC1 in this scenario will eventually discover L1, L2, and
L3, it will first discover all the spine switches to which L5 is directly connected.

QUESTION 157
Which of the following is best described as the atomic units of work in Cisco UCS Director Orchestrator?

A. rollbacks
B. approvals
C. service requests
D. workflows
E. tasks
Correct Answer: E
Section: (none)
Explanation

Explanation/Reference:
Of the available choices, tasks are best described as the atomic units of work in Cisco Unified Computing
System (UCS) Director Orchestrator. Cisco UCS Director uses hardware abstraction to convent hardware
and software into programmable actions that can then be combined into an automated custom workflow.
Cisco UCS Director Orchestrator is the Cisco UCS Director engine that enables this automation. A task is a
single action and is therefore the smallest unit of work. A workflow is a series of tasks and is therefore not
the atomic unit of work in Cisco UCS Director Orchestrator. A workflow is a container that defines the order
in which tasks should be performed. However, it is possible for a workflow to contain a single task.
Workflows can be created and deployed from workflow templates. Service requests are created when a
workflow is executed and are therefore not the atomic unit of work in Cisco UCS Director Orchestrator.
Service requests are Cisco UCS Director processes that can be exist in one of several states. For example,
a service request that has not run yet might exist in a scheduled state. A service request that has been
successfully executed exists in a completed state. A service request that was attempted but not
successfully executed might exist in a failed state.

Approvals are points in a workflow that require user intervention. For example, a service request might exist
in a blocked state if the request cannot complete until an administrator approves the service request.
Approvals enable administrators to provide input values that can affect the product of a given workflow.

Rollbacks can be used to undo the results of workflows. For example, a workflow that creates unintended
objects or components in a system can be rolled back so that those objects or components are removed.
Cisco UCS Director Orchestrator rollbacks are different from relational database rollbacks in that they are
not transactional. Instead, tasks in the workflow are executed in reserve order when a workflow is rolled
back.

QUESTION 158
Which of the following are most likely to operate in the data plane of a Nexus switch? (Choose two.)

A. BGP
B. EIGRP
C. OSPF
D. store-and-forward switching
E. SNMP
F. cut-through switching

Correct Answer: DF
Section: (none)
Explanation

Explanation/Reference:
Of the available choices, cut-through switching and store-and-forward switching are most likely to operate in
the data plane of a Nexus switch. A Nexus switch consists of three operational planes: the data plane,
which is also known as the forwarding plane, the control plane, and the management plane. Of the three,
the data plane is where traffic forwarding occurs. Cut-through switching allows a switch to begin forwarding
a frame before the frame has been received in its entirety. Store-and-forward switching receives an entire
frame and stores it in memory before forwarding the frame to its destination.

Enhanced Interior Gateway Routing Protocol (EIGRP), Open Shortest Path First (OSPF), and Border
Gateway Protocol (BGP) all operate in the control plane of a Nexus switch. The control plane is responsible
for gathering and calculating the information required to make the decisions that the data plane needs for
forwarding. Routing protocols operate in the control plane because they enable the collection and transfer of
routing information between neighbors. This information is used to construct routing tables that he data
plane can then use for forwarding.

Simple Network Management Protocol (SNMP) is an Internet Protocol (IP) network management protocol
that operates in the management plane of a Nexus switch. The management plane is responsible for
monitoring and configuration of the control plane. Therefore, network administrators typically interact directly
with protocols running in the management plane.
QUESTION 159
An engineer must configure a Nexus 7000 series switch for HSRP on VLAN 100. When fully functional, the
router must be the active master.
Which set of commands must be used to implement the scenario?

A.

B.

C.

D.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 160
What is a recommended design choice in a topology for multipathing iSCSI traffic?

A. single initiator to dual targets


B. initiators and targets in separate subnets
C. dual initiators to a single target with bonded interfaces
D. two NICs bended together on the initiator

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/sw/4_2_1_s_v_1_5_1/
system_management/configuration/guide/n1000v_system/n1000v_system_13iscsi.html#wp1052813
Mix Question2

QUESTION 1
What is a characteristic of electronic programmable logic device (EPLD) software upgrades?

A. EPLD software should be upgraded only when instructed by Cisco TAC


B. ELPD module upgrades are nondisruptive
C. ELPD upgrades are available for fabric and power supply modules.
D. EPLD software must be upgraded when Cisco MDS NX-OS is upgraded.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/release/notes/epld/
epld_rn.html

QUESTION 2
An engineer needs to perform a backup of user roles and locales from Cisco UCS Manager to replicate the
setting to a different fabric interconnect. The engineer wants to review the file before importing it to a target
fabric interconnect.
Which backup type must be selected to meet these requirements?

A. all configuration
B. system configuration
C. logical configuration
D. full state

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-
Management/3-1/b_Cisco_UCS_Admin_Mgmt_Guide_3_1/
b_Cisco_UCS_Admin_Mgmt_Guide_3_1_chapter_01001.html
https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/141/
UCSM_GUI_Configuration_Guide_141_chapter43.html

QUESTION 3
Refer to the exhibit. Which command is run from the Guest Shell to set the description on the first five
interfaces of the Cisco Nexus switch?

A.

B.

C.
D.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/programmability/guide/
b_Cisco_Nexus_9000_Series_NX-
OS_Programmability_Guide_7x/Guest_Shell.html

QUESTION 4
An engineer configures a storage environment for a customer with high-security standards. The secure
environment is configured in vsan 50. The customer wants to maintain a configuration and active databases
and prevent unauthorized switches from joining the fabric. Additionally, the switches must prevent rogue
devices from connecting to their ports by automatically learning the WWPNs of the ports connected to them
for the first time.
Which two configuration sets must be used to meet these requirements? (Chose two.)

A.

B.

C.

D.

E.
Correct Answer: AC
Section: (none)
Explanation

Explanation/Reference:

QUESTION 5
An engineer must start a software upgrade on a Cisco Nexus 5000 Series Switch during a zone merge.
What is the result of this action?

A. The zone merge stops.


B. The zone merge pauses until the upgrade completes
C. The upgrade stops
D. The zone merge executes and then the upgrade completes.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/upgrade/602_N2_2/
n5500_upgrade_downgrade_602_n2_2.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/upgrade/503_N1_1/
n5000_upgrade_downgrade_503_n1_1.html

QUESTION 6
The Cisco Nexus 5600 Series Switch experiences occasional packet drops on interface ethernet 1/16. An
engineer wants to implement a SPAN session to investigate the issue further. The network analyzer to
which the packets must be directed is located on interface 1/3. The analyzer is limited on disk space
available for traffic capture, so the Nexus switch should send only the relevant data.
Which two command sets configure the SPAN session that meets these requirements? (Choose two.)

A.

B.

C.

D.
E.

Correct Answer: AE
Section: (none)
Explanation

Explanation/Reference:
The information to be sent is regarding dropped packets only.

https://www.cisco.com/c/en/us/products/collateral/switches/nexus-5000-series-switches/white-paper-c11-
733022.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/system_management/6x/
b_6k_System_Mgmt_Config_6x/ b_6k_System_Mgmt_Config_602N11_chapter_01111.pdf

QUESTION 7
A customer wants to offload some of its order processing to a public cloud environment. The customer
environment is based on Cisco ACI and uses Puppet with containenzed applications. The operations team
requires a solution to orchestrate and optimize the cost of the new solution.
Which product must be used to meet these requirements?

A. Cisco Intersight
B. Cisco Workload Optimization Manager
C. Cisco CloudCenter
D. Cisco Data Center Network Manager

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/dam/en/us/products/collateral/cloud-systems-management/cloudcenter/white-
paper-c11-737224.pdf

QUESTION 8
Refer to the Exhibit.

An engineer is connecting a Cisco MDS 9700 series multilayer director to a downstream Cisco Nexus
5672UP switch.
Which command set must be used to complete the configuration?
A.

B.

C.

D.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 9
A Cisco MDS 9000 Series Switch is configured for SAN Analytics and SAN Telemetry Streaming. An
engineer must enable analytics for NVMe on interfaces in the range of fc1/1-12. Due to a large amount of
traffic generated in the SAN environment, the data must be collected at regular intervals of 60 seconds from
ports fc1/1-12 and then for ports fc1/13-24 for the next 60 seconds. Ports in the range fc1/13-24 were
already enabled for analytics.
Which set of commands must be used to meet these requirements?
A.

B.

C.

D.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/config/san_analytics/cisco-
mds9000-san-analytics-telemetry-streaming-config-guide-
8x/configuring_san_telemetry-streaming.html

QUESTION 10
An engineer must build a lab replica of a Cisco UCS production environment. The file must be imported into
a new Cisco UCS cluster using a Cisco UCS manager GUI. The file must be in XML format and be
exported from Cisco UCS Manager using encrypted method.
Which two configuration parameters should be selected to meet these requirements? (Choose two.)

A. Type: Logical configuration


B. Protocol SCP
C. Type Full state
D. Protocol TFTP
E. Type All configuration

Correct Answer: BE
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/141/
UCSM_GUI_Configuration_Guide_141_chapter43.html

QUESTION 11
A network engineer must deploy a configuration backup policy to the cisco UCS manager. The file
generated from this backup must have a snapshot of the entire system that should be used to restore the
system during disaster recovery. The backup file must be transferred insecurely by using the TCP protocol.
Which configuration backup settings meet these requirements?

A.

B.
C.

D.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 12
Which two firmware packages are included in the Cisco UCS C-Series Rack-Mount UCS-Managed Server
Software bundle? (Choose two.)

A. system
B. third-party
C. PSU
D. CIMC
E. BIOS

Correct Answer: DE
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucsmanager/GUI-User-Guides/Firmware-
Mgmt/4-0/b_UCSM_GUI_Firmware_Management_Guide_4-0/
b_UCSM_GUI_Firmware_Management_Guide_4-0_chapter_0100.html
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Firmware-
Mgmt/3-1/ b_UCSM_GUI_Firmware_Management_Guide_3_1/
b_UCSM_GUI_Firmware_Management_Guide_3_1_chapter_011.html

QUESTION 13
Which service profile is affected if the default host firmware policy in Cisco UCS Manager is changed?

A. any service profile that has no host firmware policy defined


B. any service profile that uses a user-created host firmware policy
C. any service profile that is not in the root sub-org
D. any service profile that uses the global-default host firmware policy
Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Firmware-
Mgmt/3-1/b_UCSM_GUI_Firmware_Management_Guide_3_1/
b_UCSM_GUI_Firmware_Management_Guide_3_1_chapter_011.html

QUESTION 14
An engineer is implementing the Cisco ACI fabric and must create two different vPCs from leaf switches A
and B.
The vPCs are deployed as follows:
• vPC 1 encompasses ports Eth 1 /1 on leaf A and B and connects to server 1.
• vPC 2 encompasses port Eth1/2 on leaf A and B and connects to server 2.
A leaf switch profile listing leaves A and B is already configured.
Which ACI object must be created to meet these requirements?

A. two vPC interface policy groups


B. one access port interface policy group
C. two PortChannel interface policy groups
D. one vPC interface policy group

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 15
A network architect wants to propose a scalable network monitoring solution in which data is repeatedly
acquired from network devices. The solution must use a push model and provide close to realtime access
to operational data.
Which technology must be used to meet these requirements?

A. streaming telemetry
B. logging
C. SNMPv3
D. CLI-based scripting

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

https://blogs.cisco.com/developer/its-time-to-move-away-from-snmp-and-cli-and-use-model-driven-
telemetry
QUESTION 16
Which solution provides remote and direct file-level access to users and systems?

A. direct-attached storage
B. Fibre Channel over Ethernet
C. storage area network
D. network-attached storage

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 17

Refer to the exhibit. A network engineer plans to upgrade the current software images of a Cisco Nexus
switch. What is the impact of starting the EPLD upgrade?

A. The switch reboots multiple times for the new EPLD versions to take effect.
B. The switch reboots one time for the new EPLD versions to take effect.
C. The switch skips the EPLD upgrade for MIFPGA and proceeds with the other EPLD devices.
D. The switch skips the EPLD upgrade for each EPLD device of the switch.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/92x/epld-rn/
nxos_n9K_epldRN_924.html

QUESTION 18
A network engineer must create an EEM script that saves a copy of the running configuration on bootflash
and writes a message to syslog when a user saves the configuration to a Cisco Nexus switch.
Which configuration set should be applied to complete this task?

A.

B.

C.

D.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
Event-default would be needed if there wasn't the action 1 cli that does the command
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/system_management/
configuration/guide/b_Cisco_Nexus_9000_Series_NX-
OS_System_Management_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX-
OS_System_Management_Configuration_Guide_7x_chapter_01110.html

QUESTION 19

Refer to the exhibit. An engineer must monitor all LAN traffic on Fabric A from a blade server. Which source
should be configured in the test-span monitor session to complete this task?
A. all vHBAs from the service profile that correspond to this server
B. all uplink FCoE ports
C. all uplink Ethernet ports
D. all vNICs from the service profile that correspond to this server

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/cli/config/guide/1.4.1/
CLI_Config_Guide_1_4_1_chapter42.html#task_9A3E1CA213EB4291A6B9056C887A337C
https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/141/
UCSM_GUI_Configuration_Guide_141_chapter45.html

QUESTION 20
An engineer must connect a Cisco UCS appliance port directly to NFS and iSCSI storage devices.
Which action should be taken to achieve this goal?

A. Configure NFS and iSCSI to use the same VLAN tag on the appliance port
B. Configure the appliance ports in access mode and apply VLAN tagging on the storage
C. Configure the appliance ports in trunk mode and apply VLAN tagging on the storage
D. Configure VLAN tagging on the storage and the Cisco UCS simultaneously

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 21
An engineer must configure SAN connectivity in Cisco UCS manager. The requirement is to specify the
WWPN of the storage array and set the zoning type to single initiator multiple targets. The engineer must
also configure interrupt handling and queues of the vHBA interface.
Which two Cisco UCS policies should be used to configure the settings? (Choose two.)

A. SAN connectivity policy


B. Fibre Channel adapter policy
C. vHBA policy
D. boot policy
E. storage connection policy

Correct Answer: BE
Section: (none)
Explanation

Explanation/Reference:

QUESTION 22
A network engineer must configure a power redundancy policy on a Cisco UCS C-Series Rack Server. The
power redundancy must support two power sources being used to power the server.
Which configuration should be applied to meet the requirement?

A. server# scope org /


server/org# scope psu-policy
server/org/psu-policy# set redundancy N+1
server/org/psu-policy*# commit-buffer
B. server# scope org /
server/org# scope psu-policy
server/org/psu-policy# set psu-redundancy-policy grid
server/org/psu-redundancy-policy*# commit-buffer
C. server# scope org /
server/org# scope psu-policy
server/org/psu-policy# set psu-redundancy-policy N+1
server/org/psu-redundancy-policy*# commit-buffer
D. UCS-A# scope org /
UCS-A/org# scope psu-policy
UCS-A/org/psu-policy# set redundancy grid
UCS-A/org/psu-policy*# commit-buffer

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/cli/config/guide/1.4.1/
CLI_Config_Guide_1_4_1_chapter28.html

QUESTION 23
An engineer must suggest a deployment model for a newly developed application. The engineer has a small
starting budget and lacks technical knowledge and infrastructure to implement store, operating system and
database services to support the application deployment. The engineer also needs usage data related to
the service and the ability to elastically scale the deployment as customer demands grow.
Which two models must be used to meet the requirements? (Choose two)

A. infrastructure as a service
B. private cloud
C. public cloud
D. software as a service
E. platform as a service

Correct Answer: AC
Section: (none)
Explanation

Explanation/Reference:

QUESTION 24
An engineer is implementing Cisco Intersight in a secure environment. The environment must use LDAP
directory service and ensure information integrity and confidentiality.
Which two steps must be taken to implement the solution? (Choose two.)

A. Enable Encryption for LDAP.


B. Add a self-signed LDAP certificate to Cisco Intersight.
C. Enable Certificate Signing Request in Cisco Intersight.
D. Add a trusted root LDAP certificate to Cisco Intersight.
E. Add a trusted OAuth token to Cisco Intersight.

Correct Answer: AD
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/unified_computing/Intersight/
b_Cisco_Intersight_Appliance_Getting_Started_Guide/
b_Cisco_Intersight_Appliance_Install_and_Upgrade_Guide_chapter_0110.html

QUESTION 25
A new employee must be granted access to add VLANs into an existing Cisco UCS Manager and configure
NTP synchronization with date and time zone settings.
Which two privileges must be granted to the employee to complete the task? (Choose two.)

A. Service Profile Compute (Is-compute)


B. Ext LAN Config (ext-lan-security)
C. Service Profile Network Policy (Is-network-policy)
D. Service Profile Config (Is-config)
E. Ext LAN Policy (ext-lan-policy)

Correct Answer: BE
Section: (none)
Explanation

Explanation/Reference:
NTP can be configured only with EXT LAN Security.
VLAN can be added using the following privileges:
- Ext Lan Config (ext-lan-config)
- Ext Lan Policy (ext-lan-policy)
service profiles will add VLANs to vNICs only if they are configured to UCS manager. So
service profile is not valid solution.

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/Reference-Docs/Privileges/4-1/
b-UCSM-Privileges-4_1.pdf
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/Reference-Docs/Privileges/4-0/
UCSM-Privileges-4_0/UCSM-Privileges-4_0_chapter_01.html

QUESTION 26
Which two actions should be performed before upgrading the infrastructure and firmware of multiple UCS
blades? (Choose two)

A. Verify if the bootflash on the fabric interconnects in the Cisco UCS has at least 15% available space
B. Enable Smart Call Home feature during the firmware upgrade process
C. Verify if the bootflash on the fabric interconnects in the Cisco UCS has at least 10% available space
D. Run the Check Conformance feature to verify that all your components are running the compatible
firmware version after the upgrade
E. Get Full State and All Configuration backup files before beginning the upgrade

Correct Answer: DE
Section: (none)
Explanation

Explanation/Reference:

QUESTION 27
An engineer must configure two Cisco Nexus 7000 series switches in the same data center to support OTV.
Which command set completes the join interface configuration?
A.

B.

C.

D.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 28
An engineer must configure multiple EPGs on a single access port in a large Cisco ACI fabric without using
VMM integration. The relevant access policies and tenant policies have been created. A single AAEP is
used to configure the access ports in the fabric.
Which two additional steps must be taken to complete the configuration? (Choose two.)

A. A contract must be defined between the EPGs


B. The EPGs must be linked to the correct physical domain
C. The EPGs must link directly to the corresponding AAEP
D. The corresponding bridge domains must be configured in legacy mode
E. The EPGs must be configured as static ports

Correct Answer: BE
Section: (none)
Explanation

Explanation/Reference:
Attach EPG to Physical Domain (to AAEP through it) and add static ports to EPG, Contract is needed to
allow communication between two EPGs, or EPG and L3out or between two L3out

QUESTION 29
Which two actions are needed to configure a single Cisco APIC controller for Cisco ACI fabric for the first
time? (Choose two.)

A. Register the APIC that is connected to the switch.


B. Configure the first Cisco APIC controller
C. Configure the leaf switch where the Cisco APIC is connected, using CLI to allow APIC connectivity
D. Register the switches that are discovered through LLDP.
E. Register all leaf and spine switches

Correct Answer: DE
Section: (none)
Explanation

Explanation/Reference:
Please provide exact snap shot of this question.

QUESTION 30
Due to new regulatory requirements from a third party, organization ABC must enable two-factor
authentication for the Cisco UCS environment. The requirement is also to provide redundancy if the
authentication server goes offline.
Which three authentication components must be enabled to meet this requirement? (Choose three.)

A. provider group
B. authentication domain
C. TACACS+
D. LDAP
E. local

Correct Answer: ABC


Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-Ma
nagement/3-/b_Cisco_UCS_Admin_Mgmt_Guide_3_2/
b_Cisco_UCS_Admin_Mgmt_Guide_3_2_chapter_0101.html#concept_13D7B9B6F03E498A8E425BCF6C
28CE59
QUESTION 31
An engineer configures a role for a new user in Cisco UCS Manager The role should allow the user to
configure vHBAs, vNICs, and server port types.
Which role should be assigned to allow the engineer to complete this task?

A. network administrator
B. operations
C. server-compute
D. AAA administrator

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/gui/config/guide/1-4/
UCSM_GUI_Configuration_Guide_1_4_chapter9.html
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucsm_privileges/3-1/UCSM-Privileges-
3_1.pdf
QUESTION 32
A connect network engineer connects the CAN interface of a server to a switch. The switch must bring
down all the vlans on the interface that are not enabled for FCoE, but the Vlans that are enabled for FCoE
should continue to carry SAN traffic without interruption.
Which configuration should be applied to the switch to achieve this objective?

A.

B.

C.

D.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 33
An engineer must perform a nondisruptive software upgrade on a dual supervisor Cisco Nexus 7000 series
switch.
What is the cause of the upgrade being disruptive?

A. The show install all impact command is not issued Before the upgrade
B. The kickstart image is installed by using the install all kickstart image system image command
C. Attempt to simultaneously upgrade more than three cards
D. Change of the configuration settings or the network connections during the upgrade process

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 34
An engineer needs to monitor ingress traffic that arrives at interface Ethernet 1/3 that belongs to a Cisco
Nexus 5600 Series Switch. The traffic analyzer machine located at interface Ethernet 1/5 is already
monitoring other production, and the traffic analyzer must not be impacted by the traffic captured from the
interface Eth1/3. The operations team allocated a traffic budget for the new monitoring session of 1 Gbps to
meet this requirement.
Which set of commands configures the SPAN session?

A.

B.
C.

D.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5600/sw/system_management/7x/
b_5600_System_Mgmt_Config_7x/configuring_span.html

QUESTION 35
An engineer is implementing a Cisco UCS system with directly connected Fibre channel storage array.
Which two actions should be taken to accomplish this task? (Choose two.)

A. Create a new vHBA that is dedicated to the array


B. Configure the Fibre Channel port as a Fibre channel storage port
C. Configure a storage connection policy
D. Configure a new VSAN
E. Configure a Fibre Channel port channel

Correct Answer: BD
Section: (none)
Explanation

Explanation/Reference:

QUESTION 36
Which Cisco network assurance engine feature helps reduce the need for Tier 1 network operation centers
to escalate issues?

A. detailed TCAM optimization


B. DVR audit trails
C. operator playbooks
D. detailed runbooks

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/products/collateral/data-centeranalytics/network-assurance-engine/at-a-
glance-c45-740230.html
QUESTION 37
An engineer must generate a checkpoint of the running configuration on a Cisco Nexus Switch. The
checkpoint file name must be called "before_maintenance' and should be used for recovering the switch to
its pre-maintenance state. The rollback of the checkpoint to running configuration should only occur if no
errors occur.
Which two configuration commands must be used to meet these requirements? (Choose two.)

A. rollback checkpoint file before_maintenance stop-at-first-failure


B. checkpoint file before_maintenance
C. checkpoint before_maintenance
D. rollback running-config file before_maintenance atomic
E. rollback running-config checkpoint before_maintenance

Correct Answer: BD
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/command/reference/security/
n5k-sec-cr/n5k-sec_cmds_r.html
rollback checkpoint is invalid command. Rollback should be to running configuration, not a checkpoint
rollback can be selected by a name or file name. the difference between them is using the "file" keyword.

QUESTION 38
An engineer creates a service profile in Cisco UCS Manager and must assign a policy that reboots blades
when changes are applied. The changes must be applied only after user acknowledgment.
Which two policies must be configured to meet these requirements? (Choose two.)

A. Boot Policy
B. Global Policy
C. Power Control Policy
D. Maintenance Policy
E. Reboot Policy

Correct Answer: DE
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucsmanager/GUI-User-Guides/Admin-
Management/3-1/b_Cisco_UCS_Admin_Mgmt_Guide_3_1/
b_Cisco_UCS_Admin_Mgmt_Guide_3_1_chapter_01011.html

QUESTION 39
What is an advantage of NAS compared to SAN?
A. It provides lossless throughput
B. It functions in an existing IP environment
C. It offers enhanced NFS features
D. It offers enhanced security features.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 40
A network engineer an EPLD update on the fan modules of a Cisco Nexus 7000 series switch.

What is the impact if “y is selected to continue?

A. The switch is power cycled for the fan modules to start running the code and it is auto reloaded.
B. The update is completed because it is nondisruptive and a power cycle is not required alter the upgrade.
C. The switch is power cycled for the fan modules to start running the new code and prompts before each
module is reloaded.
D. The update does not complete successfully and the switch needs to power cycle.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 41
What is a benefit of using the Cisco UCS Lightweight upgrade feature?

A. Security updates are scheduled with the next reboot of the fabric interconnects.
B. The firmware version of a component is updated only when it has been modified
C. All servers are rebooted to push the latest updates.
D. A soft reboot is available for the fabric interconnects.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-central/GUI-User-Guides/
Administration/2-0/b_CiscoUCSCentral_AdministrationGuide-2-0/
b_CiscoUCSCentral_AdministrationGuide-2-0_chapter_01000.pdf

QUESTION 42
A network architect considers a Cisco HyperFlex design solution for a company. The proposed solution is
for a virtual environment that is not performance- sensitive, but the solution must have high storage capacity
and a low cost.
Which Cisco HyperFlex storage configuration should be used?

A. All-Flash
B. Hybrid
C. All-SAN
D. All-NVMe

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/UCS_CVDs/hx_4_vsi_vmware_esxi.html
https://www.cisco.com/c/en/us/products/collateral/hyperconverged-infrastructure/hyperflex-hx-series/white-
paper-c11-744026.html Hybrid contains HDD for capacity.

QUESTION 43
An engineer created a service profile in Cisco UCS Manager and associated it to a server. The engineer
must create a policy if there is a disruptive change applied to the service profile.
Which policy type must be used to accomplish this goal?

A. administration
B. BIOS
C. maintenance
D. reboot

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://community.cisco.com/t5/data-center-documents/understanding-and-configuring-cisco-ucs-
maintenance-policy/ta-p/3141490

QUESTION 44
A network engineer must create a Python application to replace the process of manual Cisco ACI
configuration. The engineer requires a tool to assist the engineer with the development process that must
support a graphical user interface and allow a user to browse the Cisco ACI object model. For security
reasons, the tool must prevent a user from making configuration changes to the target system.
Which two tools must be used to meet these requirements? (Choose two.)

A. ACI Toolkit
B. ACI Model
C. API Inspector
D. NX-API REST
E. Visore

Correct Answer: BE
Section: (none)
Explanation

Explanation/Reference:
QUESTION 45
An engineer needs to implement a solution that will provide telemetry of MDS 9000 switches in a SAN
fabric. The solution should use Cisco Data Center Network Manager (DCNIM) with SAN insights feature.
Which three steps are required to deploy the solution? (Choose Three.)

A. Select a target Fabric to be monitored.


B. Activate ENTERPRISE_PKG license on target switches
C. Select the target ports to be monitored for telemetry data
D. Configure name resolution between the devices
E. Select a target VSAN to be monitored
F. Activate SAN_ANALYTICS_PKG license on target switches

Correct Answer: ACF


Section: (none)
Explanation

Explanation/Reference:

QUESTION 46
An engineer requires a solution to automate the configuration and deployment of remote network for a
customer. The engineer must keep these considerations in mind:
✑ The customer's environment is based on industry-accepted standards and requires a solution that meets
these standards.
✑ The security requirements mandate the use of a secure transport mechanism between the automation
software and target devices such as SSH or TLS.
✑ The solution must be based on a human-readable and easy to parse format such as XML or JSON.
Which solution must be used to meet these requirements?

A. SNMP
B. REST API
C. Ansible
D. NETCONF

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 47
An engineer must configure OSPF routing on Cisco Nexus 9000 Series Switches. The IP subnet of the Eth1/2 interfaces for both
switches must be advertised via
OSPF. However, these interfaces must not establish OSPF adjacency or send routing updates. The current OSPF adjacency over
the interfaces Eth1/1 on SW1 and Eth1/1 on SW2 must remain unaffected. Which configuration must be applied to both Nexus
switches to meet these requirements?

A.

B.
C.

D.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/unicast/configuration/guide/
l3_cli_nxos/l3_ospf.html

QUESTION 48
A network engineer must perform a backup and restore of the Cisco Nexus 5000 Series Switch
configuration. The backup must be made to an external backup server. The only protocol permitted
between the Cisco Nexus switch and the backup server is UDP. The backup must be used when the
current working configuration of the switch gets corrupted.
Which set of steps must be taken to meet these requirements?

A. 1. Perform a running-config backup to an SFTP server.


2. Copy backup-config from the SFTP server to the running-config file.
B. 1. Perform a startup-config backup to a TFTP server.
2. Copy backup-config from the backup server to the running-config file.
C. 1. Perform a running-config backup to an SCP server.
2. Copy running-config in the boot flash to the running-config file.
D. 1. Perform a startup-config backup to an FTP server.
2. Copy startup-config in the boot flash to the running-config file.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 49
Several production and development database servers exist in the same EPG and IP subnet. The IT
security policy is to prevent connections between production and development.
Which attribute must be used to assign the servers to different microsegments?

A. data center
B. VM name
C. IP address
D. VMM domain

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/4-x/virtualization/Cisco-ACI-
Virtualization-Guide-42x/Cisco-ACI-Virtualization-Guide-421_chapter_0100.html
concept_D527CF389D4440E69A288093516B3643

QUESTION 50
An environment consists of a Cisco MDS 9000 Series Switch that uses port channels. An engineer must
ensure that frames between the source and the destination follow the same links for a specific flow.
Subsequent flows are allowed to use a different link.
Which load balancing method should be used to accomplish this goal?

A. src-id/dst-id
B. src-dst-oui
C. src-dst-port
D. src-id/dst-id/oxid

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
Exchange based—The first frame in an exchange picks a link and subsequent frames in the exchange
follow the same link. However, subsequent exchanges can use a different link. This provides more granular
load balancing while preserving the order of frames for each exchange.
Source: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/5_0/configuration/guides/
int/nxos/cli_interfaces/pc.html

Load balancing attributes indicate the use of the source-destination ID (src-dst-id) or the originator
exchange OX ID (src-dst-ox-id, the default) for load balancing path selection.

Source: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/configuration/guides/
fabric/nx-os/nx_os_fabric/vsan.html?bookSearch=true

QUESTION 51
An engineer is implementing an import operation in Cisco UCS Manager.
What is the impact of performing this operation?

A. Information is modified on the management plane only.


B. A configuration is imported from a higher release to a lower release.
C. It is possible to schedule an import operation.
D. Only a configuration file that was exported from the same Cisco UCS Manager is allowed to be
imported.

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
The import function is available for all configuration, system configuration, and logical configuration files.
You can perform an import while the system is up and running. An import operation modifies information on
the management plane only. Some modifications caused by an import operation, such as a change to a
vNIC assigned to a server, can cause a server reboot or other operations that disrupt traffic.
https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/141/
UCSM_GUI_Configuration_Guide_141_chapter43.html
#concept_D789E16C90724AEFB99D565574E45AD5

QUESTION 52
An engineer must configure HTTPS secure management for Cisco UCS Manager using a key ring named
kr2016 and a key size of 1024 bits. The environment consists of a primary fabric interconnect named UCS-
A and a secondary fabric interconnect named UCS-B .

Which command sequence must be used to accomplish this goal?

A. UCS-B# scope security


UCS-B/security# keyring kr2016
UCS-B/security/keyring*# set mod mod1024
UCS-A/security/keyring*# commit-buffer
B. UCS-A# scope security
UCS-A/security# create keyring kr2016
UCS-A/security/keyring*# set modulus mod1024
UCS-A/security/keyring*# commit-buffer
C. UCS-B# scope security
UCS-B/security# create keyring kr2016
UCS-B/security/keyring*# set size mod1024
UCS-A/security/keyring*# commit-buffer
D. UCS-A# scope security
UCS-A/security# keyring name kr2016
UCS-A/security/keyring*# set size 1024
UCS-A/security/keyring*# commit-buffer

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/cli/config/guide/1.4.1/CLI_Co
nfig_Guide_1_4_1_chapter6.html

QUESTION 53
Due to a domain name change at a customer site, a Cisco UCS cluster must be renamed. An engineer
must recommend a solution to ensure that the Cisco UCS
Manager is available over HTTPS.
Which action accomplishes this goal?

A. Regenerate the default key ring certificate manually


B. Reinstall the cluster to generate the default key ring certificate
C. Reboot the SSO component of the Cisco UCS Manager
D. Generate a new default key ring certificate from the Cisco UCS Manager

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/cli/config/guide/2-0/
b_UCSM_CLI_Configuration_Guide_2_0/ b_UCSM_CLI_Configuration_Guide_2_0_chapter_0110.pdf

QUESTION 54
An engineer needs to make an XML backup of Cisco UCS Manager. The backup should be transferred
using an authenticated and encrypted tunnel, and it should contain all system and service profiles
configuration. Which command must be implemented to meet these requirements?

A. copy running-config scp://user@host35/backups/all-config9.bak all-configuration


B. create backup scp://user@host35/backups/all-config9.bak all-configuration
C. create file scp://user@host35/backups/all-config9.bak all-configuration
D. copy startup-config scp://user@host35/backups/all-config9.bak all-configuration

Correct Answer: B
Section: (none)
Explanation
Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/CLI-User-Guides/Admin-
Management/3-1/b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_3_1/
b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_3_1_chapter_01010.html

QUESTION 55
A network engineer plans to upgrade the firmware of a Cisco UCS B-Series chassis by using the Auto
Install feature. Which component is upgraded during the infrastructure firmware upgrade stage?

A. Adapter
B. Cisco IMC
C. I/O Modules
D. BIOS

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/firmware-mgmt/gui/2-2/
b_GUI_Firmware_Management_22/
b_GUI_Firmware_Management_22_chapter_0101.html#task_8F47F9CA290F447589F9384E0B55DC30

QUESTION 56
A Cisco UCS user called "Employee1" accidentally changed the boot policy of the Cisco UCS server at the
Cisco UCS Manager root level. This change impacted all service profiles, and their storage connectivity was
lost. The system administrator wants to prevent this issue from recurring in the future. The new security
policy mandates that access must be restricted up to the organization level and prevent other users from
modifying root policies. Which action must be taken to meet these requirements?

A. Modify the privilege level assigned to the user


B. Assign users to a specific Cisco UCS locale
C. Assign the user "Employee1" the network-operator role
D. Define a custom user role and assign it to users

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
User Locales
You can assign a user to one or more locales. Each locale defines one or more organizations (domains) to
which a user can access. Access is usually limited to the organizations specified in the locale.

https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-
Management/4-1/b_Cisco_UCS_Admin_Mgmt_Guide_4-1/m_role-
based_access_control_conflguration.html#d18994e1993a1635

QUESTION 57
Refer to the exhibit. All switches are configured with the default OSPF priority. Which configuration should
be applied to ensure that the SW2 Cisco Nexus switch controls the LSA floods and advertises the network
to the remaining nodes in the OSPFv2 area?

A. SW2#configure terminal
SW2(config)# interface ethernet 1/1
SW2(config-if)# ip ospf priority 255
B. SW2#configure terminal
SW2(config)#interface ethernet 1/1
SW2(config-if)#ip ospf priority 1
C. SW2#configure terminal
SW2(config)# router ospf 1
SW2(config-router)#router-id 10.10.10.22
D. SW2#configure terminal
SW2(config)#interface ethernet 1/1
SW2(config-if)#ip ospf priority 0

Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
0 - Does not become DR or BDR.
1 to 255 - The higher the priority value, the more likely the router will become the DR or BDR of the networ

https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/nxos/commands/ospf/ip-ospf-priority.html

QUESTION 58
An engineer need to implement a solution that prevents loops from occurring accidentally by connecting a
switch to interface Ethernet1/1. The port is designated to be used for host connectivity. Which configuration
should be implemented?

A. switch# configure terminal


switch(config)# interface Ethernet1/1
switch(config-if)# spanning-tree bpduguard enable
B. switch# configure terminal
switch(config)# interface Ethernet1/1
switch(config-if)# spanning-tree guard loop
C. switch# configure terminal
switch(config)# interface Ethernet1/1
switch(config-if)# spanning-tree loopguard default
D. switch# configure terminal
switch(config)# interface Ethernet1/1
switch(config-if)# spanning-tree bpdufilter enable

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/nxos/commands/l2/spanning-tree-
bpduguard.html#:~:text=To%20enable%20bridge%20protocol%
20data,no%20form%20of%20this%20command

QUESTION 59
Which behavior defines streaming telemetry as a push model in Cisco devices?

A. Events and network changes generate telemetry data


B. Monitoring clients are pulling data from the network to see real-time statistics
C. JSON encoded telemetry data is transported using the gRPC protocol
D. The network devices send data in JSON or GPB format to configure endpoints

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://developer.cisco.com/docs/ios-xe/#!streaming-telemetry-quick-start-guide/streaming-telemetry

QUESTION 60
After a Cisco Nexus 7000 Series Switch chassis replacement, the administrator discovers that all vPC-
enabled LACP port channels are reinitialized. The administrator wants to prevent this issue the next time
the chassis is replaced. Which two actions must be taken to meet this requirement before the isolated
device is reloaded? (Choose two.)

A. Change the vPC system-priority of the replacement chassis to a higher value than the peer
B. Set the vPC MAC address to a higher value than the peer
C. Configure auto-recovery to the disable state on both peers
D. Set the vPC MAC address to a lower value than the peer
E. Change the vPC system-priority of the replacement chassis to a lower value than the peer
Correct Answer: AC
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/support/docs/interfaces-modules/nexus-7000-series-supervisor-1-
module/119033-technote-nexus-00.html

QUESTION 61

Refer to the exhibit. VLAN 10 is experiencing delays and packet drops when the traffic is forwarded through
the switch. The destination flow analyzer accepts traffic captures of not more than 30 seconds. Which
configuration implements the traffic capture that meets the requirements?

A.

B.

C.
D.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/system_management/
configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_System_Management_Configuration_Guide_7x/
b_Cisco_Nexus_9000_Series_NX-
OS_System_Management_Configuration_Guide_7x_chapter_011100.htm

QUESTION 62
An engineer performs a set of configuration changes for the vPC domain using Session Manager. Which
two commands are used to verify the configuration and apply the device changes when no errors are
returned? (Choose two.)

A. commit
B. verify
C. apply
D. checkpoint
E. write

Correct Answer: AB
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guide/cli/
CLIConfigurationGuide/sm_rollback.html
QUESTION 63
An engineer configured an environment that contains the vPC and non-vPC switches. However, it was
noticed that the downstream non-vPC switches do not receive the same STP bridge ID from the upstream
vPC switch peers. Which vPC feature must be implemented to ensure that vPC and non-vPC switches
receive the same STP bridge ID from the upstream vPC switch peers?

A. vpc local role-priority 4000


B. peer-switch
C. system-mac 0123.4567.89ab
D. peer-gateway

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/interfaces/configuration/
guide/b_Cisco_Nexus_9000_Series_NX-
OS_Interfaces_Configuration_Guide/b_Cisco_Nexus_9000_Series_NX-
OS_Interfaces_Configuration_Guide_chapter_0111.html

QUESTION 64
A customer needs a tool to take advantage of the CI/CD model to streamline its operations and optimize
cost. The customer wants to integrate the solution with the Cisco products it currently uses, including Cisco
ACI networking and Cisco UCS servers. The solution should also provide on-premises Kubernetes and
AppDynamics performance monitoring. Because of the security requirements, the solution should not install
a local client on products under management. Which orchestration solution meets these requirements?

A. Cisco UCS Director


B. Cisco CloudCenter
C. Cisco APIC
D. Cisco DCNM

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 65
Which storage protocol reduces file locks by using leasing?

A. SMB
B. NFS 3
C. NFS 4
D. CIFS

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
https://www.ciscolive.com/c/dam/r/ciscolive/apjc/docs/2016/pdf/BRKCOM-1211.pdf

QUESTION 66
A customer data center is configured for distribution of user roles, call home, and NTP. The data center was
split into two geographically separate locations called
DC1 and DC2. The requirement is for the user role configurations to be distributed in DC1 and for NTP and
call home features to be constrained to DC2. Which two configuration sets must be used to meet these
requirements? (Choose two.)

A.

B.

C.

D.

E.

Correct Answer: CD
Section: (none)
Explanation

Explanation/Reference:
This is a confusing question actually. But I selected DE because they have "cfs region x". configuration
without keyword region should not be accepted on the switch. Please test that on a nexus switch.
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_2/nx-os/system_management/
configuration/guide/sm_nx_os_cli/sm_2cfs.html

QUESTION 67

Refer to the exhibit. An engineer must distribute all the host ports to use all eight configured FEX uplinks.
The solution must minimize disruption if an uplink fails.
Which action accomplishes this objective?

A. Set the pinning max-links value to 8


B. Configure the eight uplinks in a port channel
C. Change the supported FEX type
D. Statically assign each host interface to a fabric uplink

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
Answer is "Configure the eight uplinks in a port channel" - question states that traffic disruption should be
minimised when an uplink fails. If pinning was used and an uplink failed, then traffic associated with the
failed link would be disrupted until it could be re-routed. Using a port-channel is much less disruptive.

QUESTION 68
A network engineer needs to upgrade the EPLDs of the fabric modules for a Cisco MDS director-class
switch. In which order are components reloaded during the process?

A. one fabric module at the time


B. all fabric modules followed by the entire switching platform
C. all fabric modules in parallel
D. one module and one supervisor at the time

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:
"To update all EPLDs sequentially with a single command, use the install all epld command with the module
all fan-module all xbar all options. After each module is upgraded, it is power cycled to load the EPLD
update."

To ensure that the data traffic performance is not affected while the module is reloading, check the fabric
bandwidth utilization by using the show hardware fabric-utilization detail command

==> implies that not all are reloaded at the same time

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/release_notes/epld/
epld_rn_8_4_1a.html#pgfId-321469

QUESTION 69
What is a characteristic of EPLD updates on Cisco MDS 9000 Series Switches?

A. EPLD bundles are released separately from a Cisco MDS NX-OS release
B. EPLD packages update hardware functionality on a device
C. EPLD updates are nondisruptive to traffic flow
D. EPLD updates are installed only via the Cisco DCNM GUI

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/92x/epld-rn/
nxos_n9K_epldRN_924.html

QUESTION 70
Which data interchange format is presented in this output?

A. CSS
B. YAML
C. XML
D. JSON

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 71
Which data structure results from running this Python code?

A. tuple
B. dictionary
C. set
D. list

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.geeksforgeeks.org/read-json-file-using-python/

QUESTION 72

Refer to the exhibit. What is the result of executing this Python code?

A. It sends the switch configuration to Cisco TAC


B. It sends a Cisco device backup to a remote destination
C. It schedules a backup on a Cisco switch using EEM
D. It backs up Cisco switches to Cisco Prime Infrastructure

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 73
Refer to the exhibit. A network engineer requires remote access via SSH to a Cisco MDS 9000 Series
Switch. The solution must support secure access using the local user database when the RADIUS servers
are unreachable from the switches.
Which command meets these requirements?

A. aaa authentication none


B. aaa authentication login default group radius
C. aaa authentication login default fallback error local
D. aaa authentication login default group local

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/config/security/
cisco_mds9000_security_config_guide_8x/configuring_security_features_on_external_aaa_server.html

QUESTION 74
A network administrator must configure an extra keyring in Cisco UCS Manager. The key must provide a
high level of encryption and secure authentication when users use the web interface.
Which configuration command set must be applied to meet these requirements?
A.

B.

C.

D.

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/CLI-User-Guides/Admin-
Management/3-1/ b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_3_1/
b_Cisco_UCS_Manager_CLI_Administration_Mgmt_Guide_3_1_chapter_0110.html

QUESTION 75
A network engineer needs to configure system logging on the MDS switch. The messages must be
displayed with the severity level of "warning" and above. For security reasons, the users must be logged out
of the console after 5 minutes of inactivity.
Which configuration must be applied to meet these requirements?

A. MDS-A(config)# logging console 5


MDS-A(config-console)# exec-timeout 300
B. MDS-A(config)# line console
MDS-A(config-console)# speed 38400
MDS-A(config-console)# exec-timeout 5
MDS-A(config)# logging console 4
C. MDS-A(config)# logging line 4
MDS-A(config-console)# session-limit 300
D. MDS-A(config)# console
MDS-A(config-console)# speed 38400
MDS-A(config-console)# session-limit 5
MDS-A(config)# logging console 5

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/configuration/guides/
fundamentals/b_Cisco_MDS_9000_Series_NX-
OS_Fundamentals_Configuration_Guide/b_Cisco_MDS_9000_Series_NX-
OS_Fundamentals_Configuration_Guide_Release_6_chapter_0100.html

QUESTION 76
A network engneer configures a converged network adapter (CNA) and must associate a virtual fiber
Channel 7 interface to VSAN 7. The CAN connected to the interface Eth1/7, and VLAN 700 is mapped to
the VSNA.
Which configuration must be appled to create the virtual Fiber Channel interface and associate it with the
Ethernet physical interface?

A. switch(config)#vlan 700
switch(config-vlan)#fcoe vsan 7
B. switch(config)#vsan databsase
switch(config-vsan)#vsan 7 interface vfc 7
C. switch(config)#interface ethernet 1/7
switch(config-if)#vfc 7 attach vlan 1,700
D. switch(config)#interface vfc 7
switch(config-if)#bind interface ethernet 1/7

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 77
An engineer must use the Embedded Event Manager to monitor events that occur on a cisco Nexus 9000
seres switch. An environment variable needs to be created so that several policies use the monitored
events in in their actions. The external email server is represented by IP address 10.10.10.10.
Which command sets the environment variable?

A. N9k2(confg)# event manager policy environment mailserver "10.10.10.10"


B. N9k2# evert marager environment mailserver "10.10.10.10"
C. N9k2(config-apple1)# environment mailserver "10.10.10.10"
D. N9k2(config)# evert manager environment mailserver "10.10.10.10"

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 78
Which Communication method does NFS use for requests between servers and clients?

A. XDR
B. SSC
C. PRC
D. SMB

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www-uxsup.csx.cam.ac.uk/pub/doc/redhat/WS2.1/rhl-rg-en-7.2/ch-nfs.html

QUESTION 79
A customer reports Fibre Channel login requests to a cisco MDS 9000 series Switch from an unauthorized
source. The customer requires a feature that will allow all devices already logged in and learned in and
learned to be adaed to the Fibre channel active database. Which two features must be enabled to
accomplish this goal? (Choose two)

A. Auto-learning
B. Port security
C. Enhanced zoning
D. Device aliases
E. Smart aliases

Correct Answer: CD
Section: (none)
Explanation

Explanation/Reference:

QUESTION 80
An engineer evaluates a UI-based infrastructure management system capable of monitoring and deploying
standarized VXLAN BGP EVPN deployments. The storage administrator else need the solution to manage
the cisco MDS 9090 sonos Switches.
Which solution meets these requirements?

A. Intersight
B. UCSD
C. Tetration
D. SCNM

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 81

Rofer to the exhibit. Which configuration ensure that the cisco Nexus 7000 series switches are the primary
devices for LACP?

A. N7K_A(config-vpc-domain)#system-priority 4000
N7K_B(config-vpc-domain)#system-priority 4000
B. N7K_A(config-vpc-domain)#system-priority 100
N7K_B(config-vpc-domain)#system-priority 200
C. N7K_A(config-vpc-domain)#system-priority 32768
N7K_B(config-vpc-domain)#system-priority 32768
D. N7K_A(config-vpc-domain)#role priority 1
N7K_B(config-vpc-domain)#role priority 2

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 82
A network engineer must enable port security on all cisco MDS series switches in the fabric. The
requirement is to avoid the extensive manual configuration of the switch ports.
Which action must be taken to meet these requirements?

A. Activate CFS distribution and the auto-learning port security feature.


B. Activate CFS distribution and file auto-leaming port security feature on a per-VSAN basis.
C. Enable the auto-learning port security feature on a per-VSAN basis.
D. Enable the auto-learning port security feature.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 83
A network engineer is deploying a cisco ALL-flash hyperflex solution. Which local storage configuration is
required for the operating system and persistent logging?

A. Two solid state drives


B. Two SATA drives
C. One SATA drive
D. One solid state drive

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 84
An engineer configures the properties of a cisco UCS cisco integrated Management controller network
adapter for a standalone cisco C-Series server. The Fallback Timeout in the vNIC was set to 600. When the
failure occurs. The secondary must be used and then fallback when the primary interface becomes
available again.
Which action be taken to meet these requirements?

A. Set default VLAN on the adapters.


B. Increase Cos to 6.
C. Disable VNTAG mode.
D. Enable Uplink failover.
Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 85
A network engineer must prevent data corruption due to cross fabric communication in an FCoE
environment. Which configuration must be applied to the Cisco Nexus Unified Switches to achieve this
objective?

A. switch(config)#fcoe fcmap 0e,fc,2a


B. switch(config-if)# no fcoe fcf-priority 0
C. switch(config-if) # shutdown Ian
D. switch(config) # no fcoe fcf-priority

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/fcoe/
b_Cisco_Nexus_5000_Series_NX-OS_Fibre_Channel_over_Ethernet_Configuration_Guide_/
Cisco_Nexus_5000_Series_NX-OS_Fibre_Channel_over_Ethernet_Configuration_Guide__chapter3.html

QUESTION 86
Which component is disrupted when the cisco integrated Management controller is upgraded on a cisco
UCS series server?
A. Cisco UCS Manager
B. SAN traffic
C. KVM sessions
D. Data traffic

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/en/US/docs/unified_computing/ucs/sw/cli/config/guide/1.4.1/
CLI_Config_Guide_1_4_1_chapter10.html

QUESTION 87
A company is investigating different options for IT automation tools. The IT team has experience with
python programming language and scripting using a declarative language. The proposed tool should be
easy to set up and should not require installing an agent on target devices. The team will also need to build
custom modules based on the python programming language to extend the tools functionality.
Which automation tool should be used to meet these requirements?

A. Puppet
B. Ansible
C. NX-API
D. Chef

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 88

Refer to the exhibit. An engineer needs to implement streaming telemetry on a cisco MDS 9000 series
switch. The requirement is for the show command data to be collected every 30 seconds and sent to
receivers. Which command must be added to the configuration meet this requirement?

A. sensor-grp 100 sample-period 30000


B. snsr-grp 100 sample-interval 30
C. sensor-grp 100 sample-period 30
D. snsr-grp 100 sample-interval 30000

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/config/san_analytics/cisco-
mds9000-san-analytics-telemetry-streaming-config-guide-8x/configuring-san-telemetry-streaming.html

QUESTION 89
A cisco Nexus 9000 series switch experiences a startup configuration corruption. The engineer must
implement a procedure to recover configuration file from the switch. Which command set must be used?

A.

B.

C.

D.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/fundamentals/configuration/
guide/b_Cisco_Nexus_9000_Series_NX-OS_Fundamentals_Configuration_Guide_7x/
b_Cisco_Nexus_9000_Series_NX-OS_Fundamentals_Configuration_Guide_7x_chapter_01001.html

QUESTION 90
What is a characteristic of the install all command on the cisco Nexus series switch?

A. Upgrades only certain modules


B. Automatically checks the image integrity
C. Impact data plan traffic
D. Continues the upgrade process if any step in the sequence fails

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/upgrade/guide/
b_Cisco_Nexus_9000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide_Release_7x/
b_Cisco_Nexus_9000_Series_NX-
OS_Software_Upgrade_and_Downgrade_Guide_Release_7x_chapter_010.html

QUESTION 91
An engineer is using REST API calls to configure the cisco APIC. Which data structure must be used within
a post message to receive a login token?

A.

B.

C.

D.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/rest_cfg/2_1_x/
b_Cisco_APIC_REST_API_Configuration_Guide/
b_Cisco_APIC_REST_API_Configuration_Guide_chapter_01.html

QUESTION 92
The EPLD update of the supervisor module has been scheduled for several cisco MDS 9000 switches.
What will be the impact of the update?

A. All control plane traffic is stopped for the duration of the EPLD update and the switch remain operational
for the duration of the upgrade.
B. The redundant supervisor lakes over while the EPLD update is in progress and there is no service
disruption.
C. All traffic is stopped for the duration of the EPLD update and the switch is rebooted after the upgrade is
completed.
D. The redundant supervisor lakes while the EPLD update is in progress and the switch is rebooted after
the upgrade is completed.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 93
An engineer configures an intersight virtual application and must claim over 200 targets. The engineer
starts the Claim target procedure. The engineer has prepared this initial comma- separated value file to
provision the targets:
Which Information must be included In the comma-separated value flit to provision the
targets?

A. FQDN, AD name, IP address, email


B. location, address, name, password
C. certificate, user name, password, email
D. target type, hostname or P address, user name, password

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 94
What is an advantage of NFSv4 over Fibre Channel protocol?

A. Improved security
B. Lossless throughout
C. Congestion management
D. Uses IP transport

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 95
Which two configuration settings are available in the in the cisco UCS flmware Auto sync server policy?

A. User Notification
B. User Acknowledge
C. No Action
D. Delayed Action
E. Immediate Action

Correct Answer: BC
Section: (none)
Explanation

Explanation/Reference:

QUESTION 96
An administrator is implementing DCNM so that events are triggered when monitored traffic exceeds the
configured present utilization threshold. The requirement is to configuration a maximum limit of 39860437
bytes that applies directly to the statistics collected as a ratio of the
total link capacity. Which DCNM performance monitoring configuration parameter must be implemented to
achieve this result?

A. Absolution Values
B. Baseline
C. Utill%
D. Per port Monitoring
Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 97
A network architect must redesign a data center on OSPFv2. The network must perform fast
reconvergence between directly connected switches. Which two actions must be taken to meet the
requirement? (Choose two)

A. Configure all links on AREA 0.


B. Implement a virtual link between the switches.
C. Use OSPF point-to-point links only.
D. Set low OSPF hello and DEAD timers.
E. Enable BFD for failure detection.

Correct Answer: CD
Section: (none)
Explanation

Explanation/Reference:

QUESTION 98

Refer to the exhibit. A host with source address 10.10.10.10. sends traffic to multicast group 239.1.1.1. how
do the vPC switches forward the multicast traffic?

A. If multicast traffic is received on Po11 Switch2, the traffic is forwarded out only one Po20.
B. If multicast traffic is received on Po10 Switch 1, the traffic is forwarded out on Po1 and Po20.
C. If multicast traffic is received on Po11 and Switch2, the traffic is dropped.
D. If multicast traffic is received on Switch over the vPC peer-link, the traffic is dropped.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:
QUESTION 99
An engineer configured an environment that contains the vPC and non-vPC switches. However, it was
noticed that the downstream non-vPC switches do not receive the upstream vPC switch peers. Which vPC
feature must be implement to ensure that vPC and non-vPC switches receive same STP bridge ID from the
upstream vPC switch peers?

A. system-mac 0123.4567.89ab
B. peer-switch
C. vPC local role-priority 4000
D. peer-Gateway

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 100
A company is running a pair of cisco Nexus 7706 series switches as part of a data center segment. All
network engineers have restricted read-Write access to the core switches. A network engineer must a new
FCoE VLAN to allow traffic from services toward FCoE storage. Which set of actions must be taken to meet
these requirements?

A. 1. Create a user defined role and add the required privileges.


2. Assign a role to a user.
B. 1. Add the required privilege to the VDC-admin role.
2. Commit the changes to the active user database.
C. 1. Modify a network-operator role and add the required privileges.
2. Assign a VDC-operator role to a user.
D. 1. Assign the network-admin role to a user.
2. Commit the role to the switch to the active user database

Correct Answer: B
Section: (none)
Explanation

Explanation/Reference:

QUESTION 101
Refer to the exhibit. Esxi-server is associated to the blade server. A VLAN added to trunk-a. the VLAN is
missing on the vNIC of ESXI-server. Which action should be taken to add the VLAN to the cNIC?

A. Change the template type of ESXI-Server to an updating template.


B. Change the template type of Trunk-A to an updating template.
C. Remove both template and recreate them as updating templates.
D. Remove the VLAN from the Trunk-A template and add the VLAN again.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 102
An engineer must implement an automation solution to allow the backup of the configuration of cisco Nexus
series switches to a centralized location. The solution must:
• Support the team-developed custom monitoring scripts that are packaged using RPM packaging that the
framework must support.
• Be developed from the underlying cisco Nexus operating system.
• Have no impact on the operating system of the underlying switch if the resource contention occurs.
• Use Python to expand the existing automation framework.

Which solution meets these requirements?

A. Guest Shell
B. Bash Shell
C. TCL Shell
D. Vegas Shell

Correct Answer: A
Section: (none)
Explanation

Explanation/Reference:

QUESTION 103
Refer to the exhibit. What is the result of executing this python code?

A. It backs up Cisco switches to Cisco Prime infrastructure.


B. It sends the switch configuration to Cisco TAC.
C. It sends a Cisco device backup to a remote destination.
D. It schedules a backup on a Cisco switch using EEM.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 104

Refer to the exhibit. An engineer must monitor ingress traffic from SW1 and SW2 port-
channel interfaces from SW3. Which configuration must be implemented to accomplish
this goal?

A.
B.

C.

D.

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 105
An engineer implements an ACI fabric and must implement microsegmentation of endpoints within the
same The attribute mapping must allow IP subnet independence.
Which attribute must be selected?

A. MAC address
B. Custom
C. Tag
D. IP

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:

QUESTION 106
An engineer is configuring a vHBA template in Cisco UCS Manager. The engineer needs to specify the
logical addresses used by the vHBA and the path through which the SAU Traffic flows.
Which two resources must be specified in the vHBA template? (Choose two)

A. WWIN
B. VLAN ID
C. Fabric ID
D. MAC addresses
E. WWVPN Pool

Correct Answer: AE
Section: (none)
Explanation

Explanation/Reference:

QUESTION 107
An engineer must configure a VXLAN routing on a cisco Nexus 9000 series Switch. The engineer requires
a solution where all the leaf switches have the same gateway MAC and IP address.
Which configuration set accomplishes this task?

A.

B.

C.

D.

Correct Answer: C
Section: (none)
Explanation

Explanation/Reference:

QUESTION 108
An engineer must configure OSPF in the data center. The external routes have already been redistributed
OSPF. The network must meet these criteria:

The data centre servers must reach services in the cloud and the services behind the redistributed
routes.
The exit point toward the internet should be propagated only when there is a dynamically learned default
route from the upstream router.

Which feature is required?

A. default-information originate
B. stubby area
C. totally stubby area
D. default-information originate always

Correct Answer: D
Section: (none)
Explanation

Explanation/Reference:
Drag and Drop

QUESTION 1
DRAG DROP -
An engineer is configuring VNTag between a virtualized server and a Cisco Nexus 5500 Series switch.
Drag and drop the configuration steps from the left into the correct order on the right.
Select and Place:

Exhibit:
Select and Place:
Correct Answer:

Section: (none)
Explanation

Explanation/Reference:
Explanation
install the virtualization feature set
Enable the virtualization feature set
Configure the port profile
Configure support for VNTag mode on the interface that connects to the server.
Configure the server to support NIV mode
Configure the vNICs of the server

https://www.cisco.com/c/en/us/support/docs/switches/nexus-5000-series-switches/117691-config-
5500switch-00.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5500/sw/adapter-fex/6x/
b_5500_Adapter_FEX_Config_6x/ b_5500_Adapter_FEX_Config_602N11_chapter_010.html

QUESTION 2
DRAG DROP -
An engineer is implementing NetFlow on a Cisco Nexus 7000 Series Switch.
Drag and drop the NetFlow commands from the left into the correct order they must be
entered on the right.
Select and Place:
Select and Place:

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
Explanation
1- feature netflow
2- flow exporter
3- flow monitor
4- interface<interface>
https://www.cisco.com/c/en/us/support/docs/switches/nexus-7000-series-
switches/112213-netflow-nexus7000-nsox-configex.html
QUESTION 3
A network engineer must implement RBAC on Cisco MDS 9000 Series Multilayer
Switches. Drag and drop the Cisco MDS 9000 Series roles from the left onto the correct
categories on the right.
Select and Place:
Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/ucs-manager/GUI-User-Guides/Admin-
Management/3-1/ b_Cisco_UCS_Admin_Mgmt_Guide_3_1/
b_UCSM_Admin_Mgmt_Guide_chapter_01.html
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/8_x/config/security/
cisco_mds9000_security_config_guide_8x/configuring_users_and_common_roles.html#con_1422305

QUESTION 4
DRAG DROP -
Drag and drop the characteristics from the left onto the correct storage systems on the
right.
Select and Place:
Select and Place:
Correct Answer:
Section: (none)
Explanation

Explanation/Reference:

QUESTION 5
DRAG DROP -
An engineer is implementing security on the Cisco MDS 9000 switch.
Drag and drop the descriptions from the left onto the correct security features on the
right.
Select and Place:
Select and Place:

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
Reference: https://www.cisco.com/en/US/docs/switches/datacenter/nexus5500/sw/
san_switching/7x/
b_5500_SAN_Switching_Config_7x_chapter_010010.html#con_1170967
QUESTION 6
DRAG DROP -

Refer to the exhibit. In a bidirectional PIM network using Phantom RP as an RP


redundancy mechanism, two Cisco NX-OS routers have these requirements:
✑ R1 must be the active RP.
R2 must be the backup RP that is used only if R1 is not reachable.

Drag and drop the configuration steps to complete the configuration for Router 2. Not all
configuration steps are used.
Select and Place:

Select and Place:


Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
https://community.cisco.com/t5/networking-documents/rp-redundancy-with-pim-bidir-phantom-rp/ta-
p/3117191

QUESTION 7
DRAG DROP -
Drag and drop the characteristics from the left onto the NAS protocols on the right. Some
characteristics are used more than once.
Select and Place:
Select and Place:
Correct Answer:
Section: (none)
Explanation

Explanation/Reference:

QUESTION 8
DRAG DROP -
Drag and drop the storage technologies from the left onto the correct descriptions on the
right.
Select and Place:
Select and Place:

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
based on: 18.8.1.2. Using NFSv4
The release of NFSv4 brought a revolution to authentication and security to NFS exports. NFSv4 mandates
the implementation of the RPCSEC_GSS kernel module, the Kerberos version 5 GSS-API mechanism,
SPKM-3, and LIPKEY. With NFSv4, the mandatory security mechanisms are oriented towards
authenticating individual users, and not client machines as used in NFSv2 and NFSv3.
https://web.mit.edu/rhel-doc/5/RHEL-5-manual/Deployment_Guide-en-US/s1-nfs-security.html

QUESTION 9
DRAG DROP -
An engineer deploys a custom Guest Shell rootfs on a Nexus 9000 Series Switch. Drag
and drop the steps from the left into the order required to deploy the solution on the right.
Not all options are used.
Select and Place:
Select and Place:
Correct Answer:
Section: (none)
Explanation

Explanation/Reference:

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-x/
programmability/guide/b_Cisco_Nexus_9000_Series_NX-
OS_Programmability_Guide_7x/Guest_Shell.html
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2018/pdf/BRKDCN-2015.pdf
QUESTION 10
DRAG DROP -
An engineer must recover configuration on a Cisco MDS 9000 Series switch from a
previous version that was backed up to bootflash and then verify the restoration.
Drag and drop the commands on the left to the correct order on the right.
Select and Place:

Select and Place:

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/nx-os/configuration/guides/fund/
fund_nx-os_5-x/b_Cisco_MDS_9000_Series_NX-OS_Fundamentals_Configuration_Guide_Release_5-x/
b_Cisco_MDS_9000_Series_NX-OS_Fundamentals_Configuration_Guide_Release_5-
x_chapter_01000.html

QUESTION 11
DRAG DROP -
A storage engineer must configure zoning on a Cisco MDS 9000 Series switch. Drag and
drop the actions from the left into the order on the right.
Select and Place:
Select and Place:

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/6_2/
configuration/guides/fabric/nx-os/nx_os_fabric/zone.html
QUESTION 12
DRAG DROP -
Drag and drop the NAS features from the left onto the NAS descriptions on the right. Not all features are
used.
Select and Place:
Select and Place:
Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
https://en.wikipedia.org/wiki/Network-attached_storage

QUESTION 13
DRAG DROP
Refer to the exhibit. Drag and drop each traffic flow type from the left onto the corresponding number on the
right. Not all traffic flow types are used.
Select and Place:
Select and Place:
Correct Answer:
Section: (none)
Explanation

Explanation/Reference:
https://blogs.cisco.com/security/trends-in-data-center-security-part-1-traffic-trends

QUESTION 14
DRAG DROP
Drag and drop the steps on the left onto the order that they must be implemented on the right to recover a
fabric interconnect when there is no working image on the bootflash.

Select and Place:


Correct Answer:

Section: (none)
Explanation

Explanation/Reference:

QUESTION 15
DRAG DROP
An engineer configures the netflow feature on a Cisco NX-OS device. The requirement is to reduce the
amount of export data collected by using a sampler.
Drag and drop the netflow configuration steps from the left onto implemented needed to meet these
requirements on the right. Not all steps are used.
Select and Place:

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:

QUESTION 16
DRAG DROP
A network engineer must configure FCoE on an interface of a cisco MDS 9000 series switch. It should be
used for mapping between Vlan 600 and Vsan 6. Drag and drop the commands from the bottom into their
implementation order in the FCoE configuration. Not all commands are used.

Select and Place:


Correct Answer:

Section: (none)
Explanation

Explanation/Reference:

QUESTION 17
DRAG DROP
An engineer must shut down the Ethernet 1/2 interface when the Ethernet 4/5 interface state is down.
Drag and drop the CLI commands from the bottom onto the blanks in the exhibit to implement this EEM.
Not all commands are used.
Select and Place:

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:

QUESTION 18
DRAG DROP
An engineer must upgrade a Cisco Nexus 9500 Series Switch. The requirement is for all switch
components to be upgraded in batches.
Drag and drop the components from the left into the order in which they should be upgraded, on the right,
for the upgrade process to complete successfully Not all components are used.

Select and Place:


Correct Answer:

Section: (none)
Explanation

Explanation/Reference:

QUESTION 19
DRAG DROP
Drag and drop the mechanisms to collect data from a network from the left onto their characteristics on the
right
Select and Place:

Correct Answer:

Section: (none)
Explanation

Explanation/Reference:

QUESTION 20
DRAG DROP -
A network engineer is asked to describe the cloud infrastructure models from the perspective of their
operation and access to resources. Drag and drop the descriptions from the left onto the appropriate
characteristics on the right.
Select and Place:

Select and Place:


Correct Answer:

Section: (none)
Explanation

Explanation/Reference:

QUESTION 21
DRAG DROP -
Drag and drop the fields for configuring a full state backup file of the Cisco UCS Manager from the left onto
the descriptions on the right.
Select and Place:

Select and Place:

Correct Answer:
Section: (none)
Explanation

Explanation/Reference:

You might also like