The Secret Of Cisco 300-620 Testing Material

NEW QUESTION 1
Which attribute should be configured for each user to enable RADIUS for external authentication in Cisco ACI?

• A. cisco-security domain
• B. cisco-auth-features
• C. cisco-aci-role
• D. cisco-av-pair

Answer: D

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/Security_config/b_Cisco_APIC_Security_Configuration_Guide/b_Cisco_APIC_Security_Guide_chapter_01011.html

NEW QUESTION 2
Which two dynamic routing protocols are supported when using Cisco ACI to connect to an external Layer 3 network? (Choose two.)

• A. iBGP
• B. VXLAN
• C. IS-IS
• D. RIPv2
• E. eBGP

Answer: AE

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/ACI_Best_Practices/b_ACI_Best_Practices/b_ACI_Best_Practices_chapter_010010.html

NEW QUESTION 3
How is an EPG extended outside of the ACI fabric?

• A. Create an external bridged network that is assigned to a leaf port.
• B. Create an external routed network that is assigned to an EPG.
• C. Enable unicast routing within an EPG.
• D. Statically assign a VLAN ID to a leaf port in an EPG.

Answer: D

Explanation:
Reference: https://www.dclessons.com/l2-external-network-with-aci

NEW QUESTION 4
When creating a subnet within a bridge domain, which configuration option is used to specify the network visibility of the subnet?

• A. limit IP learning to subnet
• B. scope
• C. gateway IP
• D. subnet control

Answer: C

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/Operating_ACI/guide/b_Cisco_Operating_ACI/b_Cisco_Operating_ACI_chapter_0111.html

NEW QUESTION 5
A RADIUS user resolves its role via the Cisco AV Pair. What object does the Cisco AV Pair resolve to?

• A. tenant
• B. security domain
• C. primary Cisco APIC
• D. managed object class

Answer: D

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/Security_config/b_Cisco_APIC_Security_Configuration_Guide/b_Cisco_APIC_Security_Guide_chapter_01011.html

NEW QUESTION 6
A Solutions Architect is asked to design two data centers based on Cisco ACI technology that can extend L2/L3, VXLAN, and network policy across locations. ACI Multi-Pod has been selected. Which two requirements must be considered in this design? (Choose two.)

• A. ACI underlay protocols, i.
• B. COOP, IS-IS and MP-BGP, spans across pod
• C. Create QoS policies to make sure those protocols have higher priority.
• D. A single APIC Cluster is required in a Multi-Pod desig
• E. It is important to place the APIC Controllers in different locations in order to maximize redundancy and reliability.
• F. ACI Multi-Pod requires an IP Network supporting PIM-Bidir.
• G. ACI Multi-Pod does not support Firewall Clusters across Pod
• H. Firewall Clusters should always be local.
• I. Multi-Pod requires multiple APIC Controller Clusters, one per po
• J. Make sure those clusters can communicate to each other through a highly available connection.

Answer: AE

NEW QUESTION 7
What must be configured to allow SNMP traffic on the APIC controller?

• A. out-of-band management interface
• B. contract under tenant mgmt
• C. SNMP relay policy
• D. out-of-band bridge domain

Answer: B

NEW QUESTION 8
DRAG DROP
Drag and drop the Cisco ACI Layer 4 to Layer 7 service insertion terms on the left to the correct descriptions on the right.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 9
An engineer is extending EPG connectivity to an external network. The external network houses the Layer 3 gateway and other end hosts. Which ACI bridge domain configuration should be used?

• A. Forwarding: CustomL2 Unknown Unicast: Hardware Proxy L3 Unknown Multicast Flooding: Flood Multi Destination Flooding: Flood in BD ARP Flooding: Enabled
• B. Forwarding: Custom L2 Unknown Unicast: FloodL3 Unknown Multicast Flooding: Flood Multi Destination Flooding: Flood in BD ARP Flooding: Enabled
• C. Forwarding: CustomL2 Unknown Unicast: Hardware Proxy L3 Unknown Multicast Flooding: Flood Multi Destination Flooding: Flood in BD ARP Flooding: Disabled
• D. Forwarding: Custom L2 Unknown Unicast: FloodL3 Unknown Multicast Flooding: Flood Multi Destination Flooding: Flood in BD ARP Flooding: Disabled

Answer: D

NEW QUESTION 10
Which two protocols support accessing backup files on a remote location from the APIC? (Choose two.)

• A. TFTP
• B. FTP
• C. SFTP
• D. SMB
• E. HTTPS

Answer: BC

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/troubleshooting/b_APIC_Troubleshooting/b_APIC_Troubleshooting_appendix_010011.html

NEW QUESTION 11
DRAG DROP
An engineer is configuring a VRF for a tenant named Cisco. Drag and drop the child objects on the left onto the correct containers on the right for this configuration.

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 12
An engineer is creating a configuration import policy that must terminate if the imported configuration is incompatible with the existing system. Which import mode achieves this result?

• A. merge
• B. atomic
• C. best effort
• D. replace

Answer: B

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/4-x/aci-fundamentals/Cisco-ACI-Fundamentals-401/Cisco-ACI-Fundamentals-401_chapter_01011.html

NEW QUESTION 13
An engineer is implementing Cisco ACI at a large platform-as-a-service provider using APIC controllers, 9396PX leaf switches, and 9336PQ spine switches. The leaf switch ports are configured as IEEE 802.1p ports. Where does the traffic exit from the EPG in IEEE 802.1p mode in this configuration?

• A. from leaf ports tagged as VLAN 0
• B. from leaf ports untagged
• C. from leaf ports tagged as VLAN 4094
• D. from leaf ports tagged as VLAN 1

Answer: A

NEW QUESTION 14
Regarding the MTU value of MP-BGP EVPN control plane packets in Cisco ACI, which statement about communication between spine nodes in different sites is true?

• A. By default, spine nodes generate 9000-bytes packets to exchange endpoints routing informatio
• B. As a result, the Inter-Site network should be able to carry 9000-bytes packets.
• C. By default, spine nodes generate 1500-bytes packets to exchange endpoints routing informatio
• D. As a result, the Inter-Site network should be able to carry 1800-bytes packets.
• E. By default, spine nodes generate 1500-bytes packets to exchange endpoints routing informatio
• F. As a result, the Inter-Site network should be able to carry 1500-bytes packets.
• G. By default, spine nodes generate 9000-bytes packets to exchange endpoints routing informatio
• H. As a result, the Inter-Site network should be able to carry 9100-bytes packets.

Answer: D

NEW QUESTION 15
Which statement about ACI syslog is true?

• A. Notifications for different scopes of syslog objects can be sent only to one destination.
• B. Syslog messages are sent to the destination through the spine.
• C. All syslog messages are sent to the destination through APIC.
• D. Switches send syslog messages directly to the destinations.

Answer: A

Explanation:
Reference: https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2021/pdf/BRKACI-2303.pdf

NEW QUESTION 16
Which protocol does ACI use to securely sane the configuration in a remote location?

• A. SCP
• B. HTTPS
• C. TFTP
• D. FTP

Answer: A

Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Using_Import_Export_to_Recover_Config_States.html

NEW QUESTION 17
What represents the unique identifier of an ACI object?

• A. universal resource identifier (URI)
• B. application programming interface
• C. management information tree
• D. distinguished name

Answer: D

Explanation:
Reference: https://www.slideshare.net/CiscoDevNet/introduction-to-aci-apis

NEW QUESTION 18
An engineer is implementing a connection that represents an external bridged network. Which two configurations are used? (Choose two.)

• A. Layer 2 remote fabric
• B. Layer 2 outside
• C. Layers 2 internal
• D. Static path binding
• E. VXLAN outside

Answer: AB

NEW QUESTION 19
Which type of port is used for in-band management within ACI fabric?

• A. spine switch port
• B. APIC console port
• C. leaf access port
• D. management port

Answer: C

NEW QUESTION 20
Refer to the exhibit.

An engineer is implementing Cisco ACI – VMware vCenter integration for a blade server that lacks support of bonding. Which port channel mode results in “route based on originating virtual port” on the VMware VDS?

• A. Static Channel – Mode On
• B. MAC Pinning-Physical-NIC-load
• C. LACP Passive
• D. MAC Pinning+
• E. LACP Active

Answer: D

NEW QUESTION 21
......