Cisco 300-620 Online Practice Questions and Exam Preparation

Cisco 300-620 Online Questions & Answers

• Question 191:

  An engineer is configuring ACI VMM domain integration with Cisco UCS-B Series. Which type of port channel policy must be configured in the vSwitch policy?

  A. LACP Active
  B. MAC Pinning
  C. LACP Passive
  D. MAC Pinning-Physical-NIC-load
  B. MAC Pinning

  ---

  Explanation/Reference:

  https://www.cisco.com/c/en/us/support/docs/cloud-systems-management/application-policy-infrastructure-controller-apic/118965-config-vmm-aci-ucs-00.html

• Question 192:

  Which ACI import mode processes each managed object individually and skips the invalid MO?

  A. replace
  B. atomic
  C. best-effort
  D. merge
  C. best-effort

• Question 193:

  Refer to the exhibit.

  

  An engineer created a local user named User on Cisco ACI. The engineer must configure the fabric so that the User can access only common and PROD tenants.

  Which set of actions accomplishes the goal?

  A. Add security domain “mgmt.” to User. Associate security domain “mgmt.” under PROD tenant.
  B. Add security domain “Tenant” to User. Associate security domain “Tenant” under PROD tenant.
  C. Add security domain “all” to User. Associate security domain “all” under PROD tenant
  D. Add security domain “common” to User. Associate security domain “common” under PROD tenant.
  B. Add security domain “Tenant” to User. Associate security domain “Tenant” under PROD tenant.

  ---

  Explanation/Reference:

• Question 194:

  Refer to the exhibit.

  

  An engineer is implementing Cisco ACI ?VMware vCenter integration for a blade server that lacks support of bonding. Which port channel mode results in "route based on originating virtual port" on the VMware VDS?

  A. Static Channel ?Mode On
  B. MAC Pinning-Physical-NIC-load
  C. LACP Passive
  D. MAC Pinning+
  E. LACP Active
  D. MAC Pinning+

  ---

  Explanation/Reference:

  https://www.cisco.com/c/en/us/td/docs/dcn/aci/apic/6x/virtualization/cisco-aci-virtualization-guide-60x/ACI-Virtualization-Guide-60x-aci-with-vmware-vds.pdf

• Question 195:

  An endpoint called EP1 is connected to Cisco ACI compute leaf1. The engineer must replace EP1 with EP2 on the same leaf switch. Which set of actions forces all remote leaves to delete EP1 before timer expiration?

  A. Set L2 Unknown Unicast to Hardware proxy. Select Clear remote MAC entries.
  B. Set L2 Unknown Unicast to Flood. Select Clear remote MAC entries.
  C. Set L2 Unknown Unicast to Hardware Proxy. Select Clear remote IP entries.
  D. Set L2 Unknown Unicast to Flood. Select Clear remote IP entries.
  B. Set L2 Unknown Unicast to Flood. Select Clear remote MAC entries.

  ---

  Explanation/Reference:

  When the bridge domain has L2 Unknown Unicast set to Flood, if an endpoint is deleted the system deletes it from both the local leaf switches as well as the remote leaf switches where the bridge domain is deployed, by selecting Clear Remote MAC Entries. Without this feature, the remote leaf continues to have this endpoint learned until the timer expires. https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/L2_config/b_Cisco_APIC_Layer_2_Configuration_Guide/b_Cisco_APIC_Layer_2_Configuration_Guide_chapter_010.html#:~:text=When%20the%20bridge,the% 20timer%20expires.

• Question 196:

  DRAG DROP

  Refer to the exhibit.

  

  A Cisco ACI fabric is newly deployed, and the security team requires more visibility of all inter EPG traffic flows. All traffic in a VRF must be forwarded to an existing firewall pair. During failover, the standby firewall must continue to use the same IP and MAC as the primary firewall. Drag and drop the steps from the left into the implementation order on the right to configure the service graph that meets the requirements. (Not all steps are used.)

  Select and Place:

  

  

  ---

  Explanation/Reference:

  Reference:

  https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/L4-L7_Services_Deployment/guide/b_L4L7_Deploy_ver201/b_L4L7_Deploy_ver201_chapter_010100.html#id_71564

  Create a service bridge domain and a layer 4 to layer 7 device within one cluster interface.

• Question 197:

  Which two IP address types are available for transport over the ISN when they are configured from Cisco ACI Multi-Site Orchestrator? (Choose two.)

  A. Management IP of APICs
  B. Management IP of the MSO Node
  C. Anycast Overlay Multicast TEP
  D. MP-BGP EVPN Router-ID
  E. Common Pervasive Gateway
  C. Anycast Overlay Multicast TEP
  D. MP-BGP EVPN Router-ID

  ---

  Explanation/Reference:

  As shown in Figure 60, the EVPN-RID, O-UTEP, and O-MTEP addresses are the only prefixes that must be exchanged across sites to enable the intersite EVPN control plane and the VXLAN data plane. Consequently, they are the only prefixes that should be learned in the ISN routing domain. This implies that those IP addresses must be globally routable across the ISN, which should normally not be a problem, because they are independent of the original TEP pools associated to each fabric and assigned separately on Cisco Nexus Dashboard Orchestrator at the time of Multi-Site deployment.

• Question 198:

  What is MP-BGP used for in Cisco ACI fabric?

  A. MP-BGP VPNv4 AF is used as protocol on L3Out between a border leaf and an external router
  B. MP-BGP Layer 2 VPN EVPN AF is used to propagate L3Out routes that are received from a border leaf
  C. MP-BGP VPNv4 AF is used to propagate L3Out routes that are received from a border leaf to the fabric
  D. MP-BGP VPNv4 AF is used between spines in an ACI Multi-Pod fabric to propagate the endpoint
  C. MP-BGP VPNv4 AF is used to propagate L3Out routes that are received from a border leaf to the fabric

  ---

  Explanation/Reference:

  https://unofficialaciguide.com/2017/09/25/configuring-aci-fabric-bgp-route-reflector/

• Question 199:

  Which tenant is used when configuring in-band management IP addresses for Cisco APICs, leaf nodes, and spine nodes?

  A. default
  B. infra
  C. common
  D. mgmt
  D. mgmt

  ---

  Explanation/Reference:

  Reference:

  https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/ b_KB_Configuring_Static_Management_Access.html#concept_CFF63FEBE947424291B0F10E6F23DA7D

• Question 200:

  An engineer must perform a Cisco ACI fabric upgrade that minimizes the impact on user traffic and allows only permitted users to perform an upgrade. Which two configuration steps should be taken to meet these requirements? (Choose two.)

  A. Grant tenant-ext-admin access to a user who performs an upgrade
  B. Divide Cisco APIC controllers into two or more maintenance groups
  C. Combine all switches into an upgrade group
  D. Grant the fabric administrator role to a user who performs an upgrade
  E. Divide switches into two or more maintenance groups
  D. Grant the fabric administrator role to a user who performs an upgrade
  E. Divide switches into two or more maintenance groups