• Home
  • Articles
  • [May-2023] Updated CCNP Data Center 300-620 Exam Questions BUNDLE PACK [Q78-Q97]

[May-2023] Updated CCNP Data Center 300-620 Exam Questions BUNDLE PACK [Q78-Q97]

Share

[May-2023] Updated CCNP Data Center 300-620 Exam Questions BUNDLE PACK

Master The Cisco Content 300-620 EXAM DUMPS WITH GUARANTEED SUCCESS!


Understanding functional and technical aspects of Implementing Cisco Application Centric Infrastructure (300-620 DCACI) Security Monitoring

The following will be discussed in CISCO 300-620 exam dumps:

  • Cisco ACI External Connectivity Options
  • Implement bridge domain configuration knob (unicast routing, Layer 2 unknown hardware proxy, ARP flooding)
  • Service Graph PBR Introduction
  • Cisco ACI Access Policies
  • Basic Bridge Domain Configuration Knob
  • Endpoint Group
  • Introducing External Network Connectivity
  • Collect Tech Support
  • Describing Layer 4 to Layer 7 Integrations
  • Introducing Cisco ACI Fabric Infrastructure and Basic Concepts
  • Tenant
  • Simple Network Management Protocol
  • Describing Cisco ACI Policy Model Logical Constructs
  • External Layer 3 Network Connectivity
  • Explaining Cisco ACI Management
  • Resolution Immediacy in VMM
  • Syslog
  • Configuration Backup
  • Contracts
  • Bridge Domain
  • Cisco ACI Object Model
  • Service Appliance Insertion via ACI L4-L7 Service Graph
  • VMware vCenter VDS Integration
  • Service Graph Configuration Workflow
  • Cisco ACI Fabric Discovery
  • Tenant Components Review
  • Authentication, Authorization, and Accounting
  • Alternative VMM Integrations
  • Endpoint Learning
  • Describe endpoint learning
  • Virtual Routing and Forwarding
  • In-Band Management

 

NEW QUESTION # 78
An engineer must connect Cisco ACI fabric using Layer 2 with external third-party switches. The third-party switches are configured using 802.1s protocol. Which two constructs are required to complete the task?
(Choose two.)

  • A. spanning tree policy for mapping MST Instances to VLANs
  • B. static binding of native VLAN in all existing EPGs
  • C. MCP instance policy with administrative slate disabled
  • D. dedicated EPG for native VLAN
  • E. MCP policy with PDU per VLAN enabled

Answer: A,D

Explanation:
https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2019/pdf/BRKACI-3101.pdf
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c07-732033.html



NEW QUESTION # 79
What represents the unique identifier of an ACI object?

  • A. application programming interface
  • B. distinguished name
  • C. management information tree
  • D. universal resource identifier (URI)

Answer: B

Explanation:
Reference:
https://www.slideshare.net/CiscoDevNet/introduction-to-aci-apis


NEW QUESTION # 80
An engineer must deploy Cisco ACI across 10 geographically separated data centers. Which ACI site deployment feature enables the engineer to control which bridge domains contain Layer 2 flooding?

  • A. Stretched Fabric
  • B. GOLF
  • C. Multi-Pod
  • D. Multi-Site

Answer: D

Explanation:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/aci_multi-site/sw/2x/fundamentals/Cisco-ACI-Multi-Site-Fundamentals-Guide-211/Cisco-ACI-Multi-Site-Fundamentals-Guide-211_chapter_011.html#id_51188 From the web page, we see that multi-site has control over:
Stretched Bridge Domain with Layer 2 Broadcast Extension.
Stretched Bridge Domain with no Layer 2 Broadcast Extension.


NEW QUESTION # 81
Refer to the exhibit.

An engineer must configure an L3Out peering with the backbone network. The L3Out must forward unicast and multicast traffic over the link. Which two methods should be used to configure L3Out to meet these requirements? (Choose two.)

  • A. VPC with SVI
  • B. Layer 3 routed port
  • C. port channel with SVI
  • D. Layer 3 routed subinterface
  • E. Layer 3 floating SVI

Answer: B,D

Explanation:
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centricinfrastructure/ guide-c07-743150.html#_L3Out_sStatic_rRoutes
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/4-x/L3-configuration/Cisco-APIC-Layer-3-Networking-Configuration-Guide-401/Cisco-APIC-Layer-3-Networking-Configuration-Guide-401_chapter_010010.html


NEW QUESTION # 82
Drag and drop the Cisco ACI Layer 4 to Layer 7 service insertion terms on the left to the correct descriptions on the right.

Answer:

Explanation:


NEW QUESTION # 83
Which two actions extend a Layer 2 domain beyond the ACI fabric? (Choose two.)

  • A. extending the routed domain out of the ACI fabric
  • B. creating an external physical network
  • C. extending the EPG out of the ACI fabric
  • D. creating a single homed Layer 3 Out
  • E. extending the bridge domain out of the ACI fabric

Answer: A,C

Explanation:
Section: External Network Connectivity
Explanation/Reference:


NEW QUESTION # 84
Which endpoint learning operation is completed on the egress leaf switch when traffic is received from an L3Out?

  • A. The source MAC address of the traffic is learned as a remote endpoint.
  • B. The source IP address of the traffic is learned as a remote endpoint.
  • C. No source MAC or IP address of the traffic is learned as a remote endpoint.
  • D. The source MAC and IP address of the traffic is learned as a local endpoint.

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric- infrastructure/white-paper-c11-739989.html


NEW QUESTION # 85

Refer to the exhibit. An engineer is implementing Cisco ACI - VMware vCenter integration for a blade server that lacks support of bonding. Which port channel mode results in "route based on originating virtual port" on the VMware VDS?

  • A. MAC Pinning-Physical-NIC-load
  • B. LACP Active
  • C. MAC Pinning+
  • D. LACP Passive
  • E. Static Channel - Mode On

Answer: C

Explanation:
Section: Integrations


NEW QUESTION # 86
Which endpoint learning operation is completed on the ingress leaf switch when traffic is received from a Layer 3 Out?

  • A. The source MAC address of the traffic is learned as a local endpoint.
  • B. The source MAC address of the traffic is learned as a remote endpoint.
  • C. The source IP address of the traffic is learned as a remote endpoint.
  • D. The source IP address of the traffic is learned as a local endpoint.

Answer: B


NEW QUESTION # 87
What must be enabled in the bridge domain to have the endpoint table learn the IP addresses of endpoints?

  • A. L2 unknown unicast: flood
  • B. subnet scope
  • C. GARP based detection
  • D. unicast routing

Answer: D

Explanation:
Section: ACI Packet Forwarding
Explanation/Reference: https://hsvglobalschool.in/dhkycw/cisco-aci-bridge-domain.html


NEW QUESTION # 88
Which feature dynamically assigns or modifies the EPG association of virtual machines based on their attributes?

  • A. standard contracts
  • B. vzAny contracts
  • C. application EPGs
  • D. uSeg EPGs

Answer: D


NEW QUESTION # 89
The unicast routing feature is enabled on the bridge domain. Which two conditions enable the Cisco ACI leaf to learn a source IP as a local endpoint? (Choose two.)

  • A. Through ARP received on an SVI.
  • B. IP traffic routed through a Layer 3 Out.
  • C. IP traffic routed through an SVI.
  • D. Through Ethernet traffic received in a bridge domain.
  • E. Through VXLAN traffic received on the uplink.

Answer: A,C


NEW QUESTION # 90
An ACI administrator notices a change in the behavior of the fabric. Which action must be taken to determine if a human intervention introduced the change?

  • A. Inspect /var/log/audit_messages on the APIC to see a record of all user actions.
  • B. Inspect event records in the APIC UI to see all actions performed by users.
  • C. Inspect the output of show command history in the APIC CLI.
  • D. Inspect audit logs in the APIC UI to see all user events.

Answer: B

Explanation:
Section: ACI Fabric Infrastructure


NEW QUESTION # 91
Which attribute should be configured for each user to enable RADIUS for external authentication in Cisco ACI?

  • A. cisco-av-pair
  • B. cisco-auth-features
  • C. cisco-security domain
  • D. cisco-aci-role

Answer: A

Explanation:
Section: ACI Management
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/Security_config/ b_Cisco_APIC_Security_Configuration_Guide/b_Cisco_APIC_Security_Guide_chapter_01011.html


NEW QUESTION # 92
An engineer must connect Cisco ACI fabric using Layer 2 with external third-party switches. The third-party switches are configured using 802.1s protocol. Which two constructs are required to complete the task?
(Choose two.)

  • A. spanning tree policy for mapping MST Instances to VLANs
  • B. static binding of native VLAN in all existing EPGs
  • C. MCP instance policy with administrative slate disabled
  • D. dedicated EPG for native VLAN
  • E. MCP policy with PDU per VLAN enabled

Answer: A,D

Explanation:
https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2019/pdf/BRKACI-3101.pdf
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c07-732033.html



NEW QUESTION # 93
A Solutions Architect is asked to design two data centers based on Cisco ACI technology that can extend L2/ L3, VXLAN, and network policy across locations. ACI Multi-Pod has been selected. Which two requirements must be considered in this design? (Choose two.)

  • A. Multi-Pod requires multiple APIC Controller Clusters, one per pod. Make sure those clusters can communicate to each other through a highly available connection.
  • B. ACI Multi-Pod requires an IP Network supporting PIM-Bidir.
  • C. ACI underlay protocols, i.e. COOP, IS-IS and MP-BGP, spans across pods. Create QoS policies to make sure those protocols have higher priority.
  • D. A single APIC Cluster is required in a Multi-Pod design. It is important to place the APIC Controllers in different locations in order to maximize redundancy and reliability.
  • E. ACI Multi-Pod does not support Firewall Clusters across Pods. Firewall Clusters should always be local.

Answer: A,C

Explanation:
Section: ACI Anywhere
Explanation/Reference:


NEW QUESTION # 94
Refer to the exhibit.

Which Adjacency Type value should be set when the client endpoint and the service node interface are in a different subnet?

  • A. Unicast
  • B. Routed
  • C. L3
  • D. L3Out

Answer: B


NEW QUESTION # 95
An engineer must limit management access to me Cisco ACI fabric that originates from a single subnet where the NOC operates. Access should be limited to SSH and HTTPS only. Where should the policy be configured on the Cisco APIC to meet the requirements?

  • A. ACL on the console interface
  • B. policy In the management tenant
  • C. policy on the management VLAN
  • D. ACL on the management interface of the APIC

Answer: B

Explanation:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/Operating_ACI/guide/b_Cisco_Operating_ACI/b_Cisco_Operating_ACI_chapter_0111.html


NEW QUESTION # 96
Refer to the exhibit.

Refer to the exhibit. The EPG-100 must be extended to the vCenter as a port group with a tagged VLAN ID of 100. Which set of actions accomplishes this goal?

  • A. Define a dynamic VLAN range (from 100-200) under a VLAN pool that is associated with the del vdev domain.
    Associate the dc1vcdev domain with EPG and select these settings:
    Untagged VLAN Access: unselected
    VLAN Mode: Static with Encap: 100
  • B. Define a dynamic VLAN range (from 100-200) under a VLAN pool that is associated with the dc1vdev domain.
    Associate the dc2vcdev domain with EPG and select these settings:
    Untagged VLAN Access: selected
    VLAN Mode: Static with Encap: 100
  • C. Define a static VLAN range (from 100-200) under a VLAN pool that is associated with the dc1vcdev domain.
    Associate the dc2vcdev domain with EPG and select these settings:
    Untagged VLAN Access: selected
    VLAN Mode: Static with Encap: 100
  • D. Define a static VLAN range (from 100-200) under a VLAN pool that is associated with the dc1vcdev domain.
    Associate the dc1vcdev domain with EPG and select these settings:
    Untagged VLAN Access: unselected
    VLAN Mode: Static with Encap: 100

Answer: B


NEW QUESTION # 97
......

Pass Cisco 300-620 Exam – Experts Are Here To Help You: https://evedumps.testkingpass.com/300-620-testking-dumps.html

Related Articles

more
Cisco 300-620 Certification Practice Exam