Page: 1
/ 14
Total 212 questions
What must be configured to allow SNMP traffic on the APIC controller?
- A. out-of-band management interface
- B. contract under tenant mgmt
- C. SNMP relay policy
- D. out-of-band bridge domain
Answer : B
Which type of port is used for in-band management within ACI fabric?
- A. spine switch port
- B. APIC console port
- C. leaf access port
- D. management port
Answer : C
Refer to the exhibit. A client reports that the ACI domain connectivity to the fiber channel storage is experiencing a B2B credit oversubscription. The environment has a SYSLOG server for state collection messages. Which value should be chosen to clear the critical fault?
- A. 300
- B. 410
- C. 350
- D. 510
Answer : B
Which statement about ACI syslog is true?
- A. Notifications for different scopes of syslog objects can be sent only to one destination.
- B. Syslog messages are sent to the destination through the spine.
- C. All syslog messages are sent to the destination through APIC.
- D. Switches send syslog messages directly to the destinations.
Answer : A
Reference:
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2016/pdf/BRKACI-2303.pdf
A data center administrator is upgrading an ACI fabric. There are 3 APIC controllers in the fabric and all the servers are dual-homed to pairs of leaf switches configured in VPC mode. How should the fabric be upgraded to minimize possible traffic impact during the upgrade?
- A. 1. Create two maintenance groups for the APIC controllers: VPC left and VPC right. 2. Upgrade the first group of controllers. 3. Upgrade the second group of controllers. 4. Upgrade the leaf switches.
- B. 1. Create two maintenance groups for APIC controllers: VPC left and VPC right. 2. Upgrade the leaf switches. 3. Upgrade the first group of controllers. 4. Upgrade the second group of controllers.
- C. 1. Create two maintenance groups for the leaf switches: VPC left and VPC right. 2. Upgrade the APIC controllers. 3. Upgrade the first group of leaf switches. 4. Upgrade the second group of leaf switches.
- D. 1. Create two maintenance groups for the leaf switches: VPC left and VPC right. 2. Upgrade the first group of switches. 3. Upgrade the second group of switches. 4. Upgrade the APIC controllers.
Answer : D
Which protocol does ACI use to securely sane the configuration in a remote location?
- A. SCP
- B. HTTPS
- C. TFTP
- D. FTP
Answer : A
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Using_Import_Export_to_Recover_Config_States.html
Which two protocols support accessing backup files on a remote location from the APIC? (Choose two.)
- A. TFTP
- B. FTP
- C. SFTP
- D. SMB
- E. HTTPS
Answer : BC
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/troubleshooting/b_APIC_Troubleshooting/ b_APIC_Troubleshooting_appendix_010011.html
Which attribute should be configured for each user to enable RADIUS for external authentication in Cisco ACI?
- A. cisco-security domain
- B. cisco-auth-features
- C. cisco-aci-role
- D. cisco-av-pair
Answer : D
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/Security_config/b_Cisco_APIC_Security_Configuration_Guide/ b_Cisco_APIC_Security_Guide_chapter_01011.html
Refer to the exhibit. Which action should be taken to ensure authentication if the RADIUS servers are unavailable?
- A. Adjust the priority of server 10.1.1.1 to 1.
- B. Assign the user to the default role.
- C. Set the default login realm to LDAP.
- D. Set the fallback login to local.
Answer : D
A network engineer demonstrates Cisco ACI to a customer. One of the test cases is to validate a disaster recovery event by resetting the ACI fabric to factory and then restoring the fabric to the state it was in before the event. Which setting must be enabled on ACI to export all configuration parameters that are necessary to meet these requirements?
- A. enabled AES encryption
- B. generated a tech-support file
- C. encrypted export destination
- D. enabled JSON format export
Answer : A
An engineer wants to filter the System Faults page and view only the active faults that are present in the Cisco ACI fabric. Which two lifecycle stages must be selected for filtering? (Choose two.)
- A. Raised
- B. Retaining
- C. Soaking, Clearing
- D. Raised, Clearing
- E. Soaking
Answer : AD
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/all/faults/guide/b_APIC_Faults_Errors/b_IFC_Faults_Errors_chapter_01.html
An engineer must limit management access to the Cisco ACI fabric that originates from a single subnet where the NOC operates. Access should be limited to SSH and HTTPS only. Where should the policy be configured on the Cisco APIC to meet the requirements?
- A. policy in the management tenant
- B. ACL on the console interface
- C. ACL on the management interface of the APIC
- D. policy on the management VLAN
Answer : A
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/cli/nx/cfg/b_APIC_NXOS_CLI_User_Guide/ b_APIC_NXOS_CLI_User_Guide_chapter_01000.html
In the context of ACI Multi-Site, when is the information of an endpoint (MAC/IP) that belongs to site 1 advertised to site 2 using the EVPN control plane?
- A. Endpoint information is not exchanged across sites unless COOP protocol is used.
- B. Endpoint information is not exchanged across sites unless a policy is configured to allow communication across sites.
- C. Endpoint information is exchanged across sites as soon as the endpoint is discovered in one site.
- D. Endpoint information is exchanged across sites when the endpoints are discovered in both sites.
Answer : A
Reference:
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-
739609.html#CiscoACIMultiSiteoverlaydataplane
Which statement regarding ACI Multi-Pod and TEP pool is true?
- A. The IP addresses used in the IPN network can overlap TEP pool of the APIC.
- B. A different TEP pool must be assigned to each Pod.
- C. The Pod1 TEP pool must be split and a portion of the TEP pool allocated to each Pod.
- D. The same TEP pool is used in all Pods.
Answer : B
Reference:
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739714.html
Which two statements regarding ACI Multi-Site are true? (Choose two.)
- A. The Multi-Site orchestrator must be directly attached to one ACI leaf.
- B. Routers in the Inter-Site network must run OSPF, DHCP relay, and MP-BGP.
- C. ACI Multi-Site is a solution that supports a dedicated APIC cluster per site.
- D. ACI Multi-Site is a solution that allows one APIC cluster to manage multiple ACI sites.
- E. The Inter-Site network routers should run OSPF to establish peering with the spines.
Answer : AE