300-620 DCACI:Implementing Cisco Application Centric Infrastructure

Update：2026年6月2日

Questions and Answers: 245 Q&A

Which two configuration steps are completed before this output is generated? (Choose two.)

A. MCP policy for the interface policy group for Port-channel 12 is enabled.

B. MCP Instance Policy default in the global access policies is enabled.

C. Error Disabled Recovery Policy for Loop Indication by MCP is set to True.

D. BPDU Guard is enabled for the interface policy group for Port-channel 12.

E. Spanning Tree Policy Region STP_4CAF232E48FF20 is added to the spanning-tree policy of the switch.

None

A network engineer is implementing a Layer 3 Out in the Cisco ACI fabric. The data center core switches must connect to a pair of leaf switches and exchange routes via a routing protocol. In addition, the implementation must meet these criteria;

The external switch interface must use 802.1Q tagging.
Access to the internet for the ACI fabric must be the L30ut.
The L30ut must use a routing protocol that has rapid convergence time and low CPU usage.

Which configuration set meets these requirements?

A. Configure the OSPF Protocol policy with an area of 0. Set up the Routed External Network object and Node Profile and select OSPF. Create the Switch profile and select VPC with the appropriate interfaces. Create the default network and associate it with the Routed Outside object.

B. Configure the BGP Protocol policy with the appropriate Autonomous System number. Configure an Interface policy and an External Bridged Domain. Create an External Bridged Network and use the configured VLAN pool. Build the Leaf profile and select the Routed sub-interface with the appropriate VLAN.

C. Implement the IS-IS Protocol policy with the selected Autonomous System number. Create the Routed Outside object and Node Profile and select IS-IS. Configure the Interface profile and select the Routed Interface with the appropriate interfaces. Create the External Network object.

D. Implement the EIGRP Protocol policy with the selected Autonomous System number. Create Routed Outside object and Node Profile and select EIGRP as the routing protocol. Build the Interface profile and select SVI and the appropriate VPC. Configure the External Network object with a network of 0.0.0.070.

None

Cisco ACI fabric contains a tenant called Prod. User_1 must have write access to tenant Prod and full access to the fabric access policy. Which set of actions must be taken to meet these requirements?

Associate User_1 to the fabric access policy.

Associate the security domain to the fabric access policy.

Create RBAC for the distinguished name of tenant Prod.

Associate User_1 to tenant Prod.

Associate the security domain to the distinguished name of the fabric access policy.

Create RBAC for the distinguished name of security domain.

Associate User_1 to the distinguished name of the fabric access policy.

Associate the security domain to RBAC.

Create RBAC for the distinguished name of User__1.

Associate User_1 to the security domain.

Associate the security domain to tenant Prod.

Create RBAC for the distinguished name of fabric access policy

None

The default route is not present in the routing tables of the Cisco ACI leaf switches. All static and direct routes are currently being redistributed and advertised. Which jn must be taken to advertise a default route on the eBGP L30ut?

A. Configure a static default route on the ACI node profiles with next-hop null.

B. Create a Default Route Leak Policy on the L3Qut.

C. Enable a BGP peer prefix policy set to Always.

D. Implement an export route map matching 0.0.0.0/0.

None

In the context of ACI Multi-Site, when is the information of an endpoint (MAC/IP) that belongs to site 1 advertised to site 2 using the EVPN control plane?

A. Endpoint information is not exchanged across sites unless COOP protocol is used.

B. Endpoint information is not exchanged across sites unless a policy is configured to allow communication across sites.

C. Endpoint information is exchanged across sites as soon as the endpoint is discovered in one site.

D. Endpoint information is exchanged across sites when the endpoints are discovered in both sites

None

An engineer is in the process of discovering a new Cisco ACI fabric consisting of two spines and four leaf switches. The discovery of leaf 1 has just been completed. Which two nodes are expected to be discovered next? (Choose two.)

A. spine 1

B. leaf 4

C. spine 2

D. leaf 3

E. leaf 2

None

A network engineer must backup the PRODUCTION tenant. The configuration backup should be stored on the APIC using a markup language and contain all secure information. Which export policy must be used to meet these requirement?

None

Which method does the Cisco ACI fabric use to load-balance multidestination traffic?

A. PIM routing

B. spanning trees

C. shortest-path trees

D. forwarding tag trees

None

A network engineer must configure a new SNMP configuration and syslog servers. The requirement is for all faults and events related to endpoint groups, bridge domains, and VRFs to be sent to it. Which action must be taken to meet the requirements?

A. Enable access monitoring policies on the required endpoint groups, bridge domains, and VRFs.

B. Utilize common tenant monitoring policies in the Cisco APIC.

C. Configure fabric monitoring policies and attach to the spine switch in the fabric.

D. Implement fabric-wide monitoring policies on all nodes.

None

10.

The EPG-100 must be extended to the vCenter as a port group with a tagged VLAN ID of 100. Which set of actions accomplishes this goal?

Define a static VLAN range (from 100-200) under a VLAN pool that is associated with the dc1vcdev domain.

Associate the dc1vcdev domain with EPG and select these settings:

Untagged VLAN Access: unselected

VLAN Mode: Static with Encap: 100

Define a static VLAN range (from 100-200) under a VLAN pool that is associated with the dc1vcdev domain.

Associate the dc2vcdev domain with EPG and select these settings:

Untagged VLAN Access: selected

VLAN Mode: Static with Encap: 100

Define a dynamic VLAN range (from 100-200) under a VLAN pool that is associated with the delvdev domain.

Associate the dc1vcdev domain with EPG and select these settings:

Untagged VLAN Access: unselected

VLAN Mode: Static with Encap: 100

Define a dynamic VLAN range (from 100-200) under a VLAN pool that is associated with the dclvdev domain.

Associate the dc2vcdev domain with EPG and select these settings:

Untagged VLAN Access: selected

VLAN Mode: Static with Encap: 100

None

11.

What does a bridge domain represent?

A. Layer 3 cloud

B. Layer 2 forwarding construct

C. tenant

D. physical domain

None

12.

The Cisco ACI fabric has an egress L3Out from Leaf-101 and Leaf-102 to CORE-1. VLAN 102 is used to form the OSPF adjacency. The workloads must be migrated into EPG-101, and the static port binding is configured to Leaf-103 e1/1 with encap VLAN 101. An engineer completes the port binding and receives an MCP fault. Which action clears the fault?

A. Use VLAN 101 for OSPF adjacency on the egress L3Out.

B. Use VLAN 102 as the encap VLAN on the EPG-101 static port binding.

C. Add VLAN 102 to the VLAN pool that is used by the static port binding.

D. Prune VLAN 101 from the VLAN pool that is used by the egress L3Out.

None

13.

Network engineer configured a Cisco ACI fabric as follows:

An EPG called EPG-A is created and associated with a VMM domain called North.
The EPG-A is associated with BD-A and is in an application profile called Apps-A.
The BD-A is associated with VRF-1 in the Prod tenant.

Which port group must be selected to place VMs in EPG-A?

A. Prod|VRF-1 |Apps-A|EPG-A

B. Prod|Business_Apps|BD-A|EPG-A

C. Prod|Apps-A|North|EPG-A

D. Prod|Apps-A|EPG-A

None

14.

Regarding the MTU value of MP-BGP EVPN control plane packets in Cisco ACI, which statement about communication between spine nodes in different sites is true?

A. By default, spine nodes generate 9000-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 9000-bytes packets.

B. By default, spine nodes generate 1500-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 1800-bytes packets.

C. By default, spine nodes generate 1500-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 1500-bytes packets.

D. By default, spine nodes generate 9000-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 9100-bytes packets.

None

15.

An engineer must divert the traffic between VM-1 and VM-2 by using a MultiNode service graph. The solution should prevent an insufficient number of available Layer 4 to Layer 7 devices in the first cluster. Which configuration set accomplishes this goal?

PBR node tracking
tracking threshold with action bypass
symmetric PBR
resilient hashing

PBR node tracking
tracking threshold with action permit
unidirectional PBR
resilient hashing

PBR node tracking
tracking threshold with action permit
symmetric PBR
resilient hashing

PBR node tracking
tracking threshold with action deny
symmetric PBR
unidirectional PBR

None

16.

An engineer must connect a new host to port 1 »’1 on Leaf 101. A Cisco ACI fabric has an MOP An engineer must connect a new host to port 1 »’1 on Leaf 101. A Cisco ACI fabric has an MOP

A.
Enable MCP globally.
Associate the MCP policy wth an interface selector.

B.
Enable MCP giobaly
Associate the MCP policy with an interface policy group

C.
Enable MCPlocally.
Associare the MCP policy with an interface policy group

D.
Enable MCP locally
Associate the MCP policy with an interface profile.

None

17.

How many ARP requests are sent from leaf switches to perform host tracking for local endpoints?

A. 1

B.2

C.3

D.4

None

18.

What is the result of selecting the On Demand attribute in the Deploy Immediacy feature during VMM domain association to an EPG?

A. The EPG policy is downloaded to the leaf when a hypervisor is connected, and a VM is placed in a port group.

B. The EPG policy is programmed in the hardware policy CAM only when the first packet is received through the data path.

C. The EPG policy is programmed in the hardware policy CAM as soon as the policy is downloaded in the leaf software.

D. The EPG policy is downloaded to the leaf when a hypervisor is attached to a DVS. and CDP or LLDP adjacency is formed.

None

19.

A RADIUS user resolves its role via the Cisco AV Pair. What object does the Cisco AV Pair resolve to?

A. tenant

B. security domain

C. primary Cisco APIC

D. managed object class

None

20.

What is a characteristic of a Cisco ACI Multi-Pod?

A. It eliminates the need to deploy multicast in the Layer 3 network that interconnects the pods.

B. Spines use BGP peering with IPN to send out the TEP pool prefix for the local pod.

C. It manages the configuration of different Cisco ACI pods using a single common Cisco APIC cluster

D. A VPNv4 address family is used to exchange endpoint information between spines.

None

21.

A network engineer is integrating a new Hyperflex storage duster into an existing Cisco ACI fabric The Hyperflex cluster must be managed by vCenter so a new vSphere Distributed switch must be created In addition the hardware discovery must be performed by a vendor-neutral discovery protocol Which set of steps meets these requirements'?

A.
Configure an lnterface Policy group,select CDP,and apply t to the desired interfaces.
Enter the vCenter IP and credentials in the Create vCenter Controler dialog box.
In the Create VMware VMM domain dialog box,select Read-Only Mode

B.
Configure an Interface Policy group,select CDP and apply it to the designated interfaces.
Create a VMware VMM doman,add it to the VLAN pool,and associate it to the designated interfaces.
Select Read Only Mode In the Create VMware VMM domain dialog box

C.
Configure an Interface Policy group.select LLDR and apply it to the selected interfaces.
Create a VLAN pool,add it to the VMware VMM domain,and include the appropriate interfaces
Enter the vCenter IPand credentials in the Create vCenter Controler dialog box.

D.
Configure a Switch Policy group,select LLDP and apply it to the indicated interfaces.
Set up a VMware VMM domain and apply it to the appropnate intertaces.
Enter the APIC management IPand credentials in the Create vCenter Controler dialog box

None

22.

How does Cisco ACI detect the IP address of a silent host that moved from one location to another without notifying a Cisco ACI leaf?

A. ARP requests are flooded in the bridge domain.

B. Bounce entries are installed on the leaf switch.

C. Endpoint announce messages are sent to COOP.

D. Silent hosts are detected by the ACI fabric.

None

23.

An organization has encountered many STP-related issues in the past due to failed hardware components. They are in the process of long-term migration to a newly deployed ACI fabric. Senior engineers are worried that spanning-tree loops in the existing network may be extended to the ACI fabric. Which feature must be enabled on the ACI leaf ports to protect the fabric from spanning-tree loops?

A. BPDU Guard

B. per-VLANMCP

C. Storm Control

D. BPDU Filter

None

24.

A Cisco ACI fabric is using out-of-band management connectivity The APIC must access a routable host with an IP address of 192 168 11 2 Which action accomplishes this goal?

A. Change the switch APIC Connectivity Preference to in-band management

B. Remove the in-band management address from the APIC.

C. Add a Fabric Access Policy to allow management connections.

D. Modify the Pod Profile to use the default Management Access Policy

None

25.

An engineer wants to monitor all configuration changes, threshold crossing, and link-state transitions in a Cisco ACI fabric. Which action must be taken to receive the required messages?

A. Add Faults and Events to the monitor policy.

B. Add Session Logs and Audit Logs to the monitor policy.

C. Include Audit Logs and Events in the Syslog source policy.

D. Include Events and Session Logs in the Syslog source policy.

None

26.

Engineer must configure SNMP inside a Cisco ACI fabric. The engineer has created an SNMP Policy, called SNMP-policy and an SNMP Monitoring Group called SNMP-group1 that Contains five trap receivers. Which configuration set completes the configuration?

A. Edit oobbrc to permit traffic using UDP port 16. Associate the client group policy to SNMPgroup1

B. Permit OOB management traffic using UDP port 161. Associate client group policy with the OOB management EPG.

C. Allow all OOB management traffic. Configure three trap receivers on SNMP-group1.

D. Create an OOB management contract. Include the SNMP server in the OOB management EPG.

None

27.

A network engineer must improve the configuration backup process and the configuration restore process. The current ACI solution is integrated with VMMs and third-y.. L4-L7 devices. The process requires that no additional information be re-entered when importing the configuration for a fully-functional state. Which configuration configures the port policy?

A. Enable the Global AES Encryption Setting.

B. Select the JSON data format to be used when exporting

C. Create target DNs for all tenants.

D. Configure a local snapshot.

None

28.

An engineer must deploy Cisco ACI across 10 geographically separated data centers. Which ACI site deployment feature enables the engineer to control which bridge domains contain Layer 2 flooding?

A. GOLF

B. Multi-Site

C. Multi-Pod

D. Stretched Fabric

None

29.

An Cisco ACI leaf switch learns the source IP address of a packet that enters the front panel port of the switch. Which bridge domain setting is used?

A. Unicast Routing

B. L3 Unknown Multicast Flooding - Flood

C. ARP Flooding

D. Unknown Unicast - Hardware proxy

None

30.

Cisco ACI fabric must send a packet between two pods in a Cisco AC1 Multi-Pod topology where ARP flooding is disabled within the bridge domain. How does a Cisco ACI spine switch .. ARP messages from a leaf switch in POD1 to POD2?

A. The ARP message is dropped and connectivity is lost between the endpoints.

B. ARP optimization is applied and sends ARP to remote anycast.

C. A proxy ARP message is sent to destination group 225.224.0.0.

D. An ARP Glean message is sent to multicast address 239.255.255.240.

None

31.

An engineer wants to configure Cisco ACI switches to use authenticated ZMQ when communicating with the proxy spine. Which configuration allows MD5 ZMQ messages only?

A. IS-IS password using MD5

B. COOP Group policy in strict mode

C. COOP Group policy in compatible mode

D. BGP password using MD5

None

32.

As part of a migration, legacy non-ACI switches must be connected to the Cisco ACI fabric. All non-ACI switches run per-VLAN RSTP. After the non-ACI switches are connected to Cisco ACI,the STP convergence caused a microloop and significant CPU spike on all switches. Which configuration on the interfaces of the external switches that face the Cisco ACI fabric resolves the problem?

A. BPDU guard

B. aggressive STP timers

C. BPDU filtering

D. STP type link shared

None

33.

An engineer configures a Multi-Pod system with the default getaway residing outside of the ACI fabric for a bridge domain. Which setting should be configured to support this requirement?

A. disable Limit IP Learning to Subnet

B. disable IP Data-plane Learning

C. disable Unicast Routing

D. disable Advertise Host Routes

None

34.

A bridge domain for an EPC called “Web Servers” must be created in the Cisco APIC. The configuration must meet these requirements:

Only traffic to known Mac addresses must be allowed to reduce noice.
The multicast traffic must be limited to the ports that are participating in multicast routing.
The endpoints within the bridge domain must be kept in the endpoint table for 20 minultes without any updates.

Which set of steps configures the bridge domain that satisfies the requirements?

Select the ARP Flooding checkbox.

Create an Endpoint Retention Policy with a Remote Endpoint Aging Interval of 20 minutes.

Set L3 Unknown Multicast Flooding to Optimized Flooding

Set L2 Unknown Unicast to Hardware Proxy.

Configure L3 Unknown Multicast Flooding to Optimized Flood.

Create an Endpoint Retention Policy with a Local Endpoint Aging interval of 1200 seconds.

Switch L2 Unknown Unicast to Flood.

Select the default Endpoint Retention Policy and set the Local Endpoint Aging to 20 minutes.

Set Multicast Destination Flooding to Flood in Encapsulation.

Multicast Destination Flooding should be set to Flood in BD.

Set L3 Unknown Multicast Flooding to Flood.

Select the default Endpoint Retention Policy with a Local Endpoint Aging Interval of 1200 seconds.

None

35.

A Cisco ACI fabric is integrated with a Cisco ASA firewall using a service graph under the tenant called Operations. The fabric must permit the firewall used on tenant Operations to be referenced by the tenant called Management. Which export action must be used to accomplish this goal?

A. Layer4-Layer7 device

B. router configurations

C. service graph template

D. device selection policies

None

36.

Which attribute should be configured for each user to enable RADIUS for external authentication in Cisco ACI?

A. cisco-security domain

B. cisco-auth-features

C. cisco-aci-role

D. cisco-av-pair

None

37.

Which type of policy configures the suppression of faults that are generated from a port being down?

A. fault lifecycle assignment

B. event lifecycle assignment

C. fault severity assignment

D. event severity assignment

None

38.

An engineer must migrate workloads from the brownfield network to the Cisco ACI fabric. The VLAN 10 default gateway remains in the router located in the brownfield Network. The bridge domain has already been associated with L20ut. Which two actions must be taken to migrate the workloads? (Choose two.)

A. Select Limit IP Learning to Subnet.

B. Configure Multi-Destination Flooding Flood in Encapsulation.

C. Set L2 Unknown Unicast Flood.

D. Map the MAC address of the default gateway to the bridge domain

E. Enable ARP Flooding

39.

An engineer configures the Cisco ACI fabric for VMM integration with ESXi servers that are to be connected to the ACI leaves. The server team requires the network switches to initiate the LACP negotiation as opposed to the servers. The LAG group consists of two 10 Gigabit Ethernet links. The server learn also wants to evenly distribute traffic across all available links. Which two enhanced LAG policies meet these requirements? (Choose two.)

A. LACP Mode: LACP Standby

B. LB Mode: Destination IP Address and TCP/UDP Port

C. LB Mode: Source and Destination MAC Address

D. LB Mode: Source IP Address and TCP/UDP Port

E. LACP Mode: LACP Active

40.

The company’s Cisco ACI fabric hosts multiple customer tenants. To meet a service level agreement, the company is constantly monitoring the Cisco ACI environment. Syslog is one of the methods used for monitoring. Only events related to leaf and spine environmental information without specific customer data should be logged. To which ACI object must the configuration be applied to meet these requirements?

A. access policy

B. infra tenant

C. switch profil

D. fabric policy

None

41.

How are the STP BPDUs forwarded over Cisco ACI fabric?

A. Cisco ACI acts as the STP root for all three external switches.

B. STP BPDUs that are generated by Switch2 are received by Switch1 and Switch3

C. STP BPDUs that are generated by Switch1 are received only by Switch3.

D. Cisco ACI fabric drops all STP BPDUs that are generated by the external switches.

None

42.

An engineer must configure VMM domain integration on a Cisco UCS B-Series server that is connected to a Cisco ACI fabric. Drag and drop the products used to create VMM domain from the bottom into the sequence in which they should be implemented at the top. Products are used more than once.

None

43.

An engineer configured subnets on the external EPG called L3OUT_CORE. The external endpoints in the 10.1.0.0/24 subnet can reach internal endpoints, but the external endpoints in the 172.16.1.0/24 subnet are unreachable. Which set of actions enables the connectivity?

A. Delete both external EPG subnets. Create the 0.0.0.0/1 subnet

B. Delete the external EPG subnet 0.0.0.128/1. Create the 128.0.0.0/1 subnet.

C. Delete both external EPG subnets. Create the 0.0.0.0/0 subnet.

Delete the external EPG subnet 0.0.0.0/0. Create the 0.0.0.0/128 subnet

None

44.

An application team tells the Cisco ACI network administrator that it wants to monitor the statistics of the unicast and BUM traffic that are seen in a certain EPG. Which statement describes the collection statistics?

A. All EPGs in the Cisco ACI tenant object must be enabled for statistics to be collected.

B. Cisco ACI does not capture statistics at the EPG level. Only statistics that pass through ACI contracts can be monitored.

C. EPG statistics can be collected only for VMM domains. If a physical domain exists, statistics are not collected.

D. The collection of statistics is enabled on the EPG level by enabling the statistics for unicast and BUM traffic.

None

45.

Which two objects are created as a result of the configuration? (Choose two.)

A. application profile

B. attachable AEP

C. bridge domai

D. endpoint group

E. VRF

46.

An engineer created a monitoring policy called Test in a Cisco ACI fabric and had to change the severity level of the monitored object Call home source. Which set of actions prevent the event from appearing in event reports?

A. Select Event Severity Assignment Policies. Set severity level to cleared.

B. Select Faults Severity Assignment Policies. Set severity level to cleared.

C. Select Event Severity Assignment Policies. Set severity level to squelched.

D. Select Faults Severity Assignment Policies. Set severity level to squelched.

None

47.

An engineer is implementing an out-of-band (OOB) management access for the Cisco ACI fabric. The secure access must meet these requirements:

Only GUI and secure shell must be allowed to access the management interfaces of the ACIs.
The only IP ranges that must be permitted to connect the fabric will be 10.10.10.0724 and 192.168.15.0/24.

Which configuration set meets these requirements?

A. Implement HTTPS and SSH protocol filters in the OOB contract. Add the required subnets to the external network instance profile.

B. Create an out-of-band EPG in the external management entity. Associate the management profile with the OOB contract.

C. Set up static IPs on the management interfaces from the required IP range. Add the required subnets to the external network instance profile.

D. Create an out-of-band EPG in the common tenant. Associate the external network instance profile with the OOB contract.

None

48.

Which Cisco APIC configuration prevents a remote network that is not configured on the bridge domain from being learned by the fabric?

A. enable Limit IP Learning to Subnet

B. enable Unicast Routing

C. enable IP Data-plane Learning

D. enable ARP Flooding to BD

None

49.

A Cisco ACI fabric is newly deployed, and the security team requires more visibility of all interEPG traffic flows. All traffic in a VRF must be forwarded to an existing firewall pair. During fallover, the standby firewall must continue to use the same IP and MAC as the primary firewall. Drag and drop the steps from the left Into the Implementation order on the right to configure the service graph that meets the requirements. (Not all steps are used.)

None

50.

What two actions should be taken to deploy a new Cisco ACI Multi-Pod setup? (Choose two.)

A. Configure MP-BGP on IPN routers that face the Cisco ACI spines.

B. Connect all spines to the IPN.

C. Configure anycast RP for the underlying multicast protocol

D. Configure the TEP pool of the new pod to be routable across the IPN.

E. Increase interface MTU for all IPN routers to support VXLAN traffic.

51.

Where is the COOP database located?

A. leaf

B. spine

C. APIC

D. endpoint

None

52.

An engineer must disable the communication between the two backup servers in the backup EPG. Which action accomplishes this goal?

A. Set Preferred Group Member to Excluded.

B. Set the physical domain to None.

C. Set a different static binding for the encap VLAN.

D. Set Intra EPG Isolation to Enforced.

None

53.

What must be configured to redistribute externally learned OSPF routes within the ACI fabric?

A. Route Control Profile

B. BGP Route Reflector

C. BGP Inter-leak Route Map

D. PIM Sparse Mode

None

54.

How is an EPG extended outside of the ACI fabric?

A. Create an external bridged network that is assigned to a leaf port.

B. Create an external routed network that is assigned to an EPG.

C. Enable unicast routing within an EPG.

D. Statically assign a VLAN ID to a leaf port in an EPG.

None

55.

An engineer configured a bridge domain with the hardware-proxy option for Layer 2 unknown unicast traffic. Which statement is true about this configuration?

A. The leaf switch drops the Layer 2 unknown unicast packet if it is unable to find the MAC address in the local forwarding tables.

B. The Layer 2 unknown hardware proxy lacks support of the topology change notification.

C. The leaf switch forwards the Layers 2 unknown unicast packets to all other leaf switches if it is unable to find the MAC address in its local forwarding tables

D. The spine switch drops the Layer 2 unknown unicast packet if it is unable to find the MAC address in the proxy database

None

56.

A company must connect three Cisco ACI data centers by using Cisco ACI Multi-Site. An engineer must configure the Inter-Site Network (ISN) between the existing sites. Which two configuration steps must be taken to implement the ISN? (Choose two.)

A. Configure OSPF on subinterfaces on routers that are directly connected with spine nodes.

B. Configure ISN site extension on Cisco routers in the network.

C. Configure OSPF on all ISN routers.

D. Configure BIDIR-PIM on all ISN routers.

E. Configure encapsulation VLAN-4 between the routers and spine nodes.

57.

An administrator configures inter-VRF route leaking between Production:vrfprod and Non-Production:vrf-nonprod. However, the route in the Non-Production:vrf-nonprod VRF to the production tenant is missing. Which action resolves the VRF route leaking issue?

A. Change the contract scope to Global.

B. Enable the Shared between VRFs option for the BD subnet in the production VRF.

C. Enable the Shared between VRFs option for the EPG subnet in the non-production VRF.

D. Export the contract from provider to consumer tenant.

None

58.

A bridge domain for a new endpoint group in the Cisco ACI fabric must meet these requirements:

The bridge domain must function as the default gateway for the subnet so that routing remains

within the Cisco ACI fabric.

ARP requests must be managed via Layer 3 unicast packets or be dropped to reduce excessive

broadcast traffic.

The impact of misconfigured virtual machines must be kept to a minimum by preventing IP

addresses outside of the configured subnet from being routed.

Which set of actions must be taken?

A.Disable ARP Flooding.
Enable Limit IP Learning to Subnet.
Enable Unicast Routing on the bridge domain and configure a subnet

B.
Enable Limit IP Learning to Subnet.
Enable Unicast Routing on the bridge domain and configure a subnet.
Set Multi-Destination Flooding to Flood in BD

C.
Set Endpoint Retention Policy to default.
Enable ARP Flooding.
Enable Unicast Routing on the bridge domain and configure a subnet.

D.
Enable Unicast Routing on the bridge domain and configure a subnet.
Set L2 Unknown Unicast to Flood.
Disable Endpoint Retention Policy.

None

59.

An engineer must create a backup of the Cisco ACI fabric for disaster recovery purposes. The backup must be transferred over a secure and encrypted transport. The backup file must contain all user and password related information. The engineer also wants to process and confirm the backup file validity by using a Python script. This requires the data structure to have a format similar to a Python dictionary. Which configuration set must be used to meet these requirements?

Under the Create Remote location settings, select Protocol: FTP

Under the Export policy, select

- Format: XML

- Modify Global AES Encryption Settings: Enabled

Under the Create Remote location settings, select Protocol: FTP

Under the Export policy, select

- Format: XML

- Modify Global AES Encryption Settings: Disabled

Under the Create Remote location settings, select Protocol: SCP

Under the Export policy, select

- Format: JSON

- Modify Global AES Encryption Settings: Disabled

Under the Create Remote location settings, select Protocol: SCP

Under the Export policy, select

- Format: JSON

- Modify Global AES Encryption Settings: Enabled

None

60.

Which action should be taken to ensure authentication if the RADIUS servers are unavailable?

A. Adjust the priority of server 10.1.1.1 to 1.

B. Set the fallback login to local.

C. Assign the user to the default role.

D. Set the default login realm to LDAP

None

61.

An engineer needs to deploy a leaf access port policy group in ACI Fabric to support the following requirements:

Control the amount of application data flowing into the system
Allow the newly connected device to auto-negotiate link speed with the leaf switch

Which two ACI policies must be configured to achieve these requirements? (Choose two.)

A. L2 interface policy

B. link level policy

C. slow drain policy

D. ingress control plane policing policy

E. ingress data plane policing policy

1 out of 61

Name

Time is Up!