Cisco Data Center Architecture Set 3

When creating a role in a Cisco Nexus 7000 Series Switch, rules are used to define the type of operations that a role will allow the user to perform. Which two of these parameters cannot be applied as a rule?


Options are :

  • feature-group
  • port-profile
  • command
  • access-list
  • OID

Answer : port-profile access-list

The vPC peer-gateway capability allows a vPC switch to act as the active gateway for packets that are addressed to the router MAC address of the vPC peer. This feature enables local forwarding of such packets without the need to cross the vPC peer link. Which statements are true about the vPC peer-gateway?


Options are :

  • The vPC peer-gateway feature is enabled by default.
  • The vPC peer-gateway feature can be configured globally under the vPC domain submode.
  • Enabling the peer-gateway feature automatically disables IP redirects on all interface VLANs mapped over a vPC VLAN to avoid generation of IP redirect messages for packets switched through the peer gateway router.
  • The vPC peer-gateway feature only works with HSRP protocol.

Answer : The vPC peer-gateway feature can be configured globally under the vPC domain submode. Enabling the peer-gateway feature automatically disables IP redirects on all interface VLANs mapped over a vPC VLAN to avoid generation of IP redirect messages for packets switched through the peer gateway router.

When using Overlay Transport Virtualization (OTV), how do L2 multicast frames traverse the overlay?


Options are :

  • The L2 multicast frames are encapsulated in an OTV packet using the configured control-group multicast address for transport
  • The L2 multicast frames are forwarded natively across the overlay based on their multicast IDs
  • The L2 multicast frames are dropped because multicast cannot be carried across the overlay
  • The L2 multicast frames are encapsulated in an OTV packet using the configured data-group multicast address for transport

Answer : The L2 multicast frames are encapsulated in an OTV packet using the configured data-group multicast address for transport

210-260 Implementing Cisco Network Security Practice Exam Set 1

FabricPath brings the benefits of routing protocols to layer 2 network Ethernet environments. What are the advantages of using FabricPath technology?


Options are :

  • Loop mitigation with TTL in the frame field
  • FabricPath provides MAC address scalability with conversational learning
  • Layer 2 extensions between data centers
  • STP independence
  • 10 Gbps bandwidth

Answer : Loop mitigation with TTL in the frame field FabricPath provides MAC address scalability with conversational learning STP independence

Which three statements best describe multicast operation on Cisco Nexus switches in a data center?


Options are :

  • The default PIM operational mode on the Cisco Nexus 7000 switch is SSM.
  • Cisco NX-OS Software does not support PIM dense mode.
  • PIM CLI configuration and verification commands are not available until you enable the PIM feature with the feature pim command.
  • The command ip multicast-routing must be enabled in Cisco NX-OS Software before any multicast configuration is possible on the switch.
  • Cisco NX-OS Software supports multicast routing per Layer 3 VRF instance.

Answer : Cisco NX-OS Software does not support PIM dense mode. PIM CLI configuration and verification commands are not available until you enable the PIM feature with the feature pim command. Cisco NX-OS Software supports multicast routing per Layer 3 VRF instance.

Cisco FabricPath uses what as a common bridge ID to connected Spanning Tree Protocol bridges?


Options are :

  • 0100.5E11.02FD
  • C84C.75FA.6000
  • 4000.0000.0001
  • C84C.76FA.6000

Answer : C84C.75FA.6000

ICND1 100-105 Certification Practice Tests Set 4

Which description is correct for a private VLAN community port with respect to Layer 2 communications?


Options are :

  • It communicates only with other community ports in the same community and associated promiscuous ports.
  • It communicates only with associated promiscuous and isolated ports.
  • It communicates with only isolated ports in the private VLAN domain.
  • It communicates with all other community ports in the private VLAN domain.

Answer : It communicates only with other community ports in the same community and associated promiscuous ports.

Overlay Transport Virtualization (OTV) join interface is used to source the OTV encapsulated traffic and send it to the Layer 3 domain of the data center network. Which statements are true about OTV join interface?


Options are :

  • The join interface is a Layer 3 entity that can be defined as a physical interface but not as a logical one.
  • A single join interface can be defined and associated with a given OTV overlay.
  • Multiple overlays can also share the same join interface.
  • Join interface can be a loopback interface.
  • Join interface is a Layer 3 entity, and with the Cisco NX-OS release 6.0, it can only be defined as a physical interface, physical subinterface, Layer 3 port channel, or Layer 3 port channel subinterface.

Answer : A single join interface can be defined and associated with a given OTV overlay. Multiple overlays can also share the same join interface. Join interface is a Layer 3 entity, and with the Cisco NX-OS release 6.0, it can only be defined as a physical interface, physical subinterface, Layer 3 port channel, or Layer 3 port channel subinterface.

Overlay Transport Virtualization (OTV) uses the Authoritative Edge Device (AED) to perform which tasks?


Options are :

  • The AED is responsible for MAC address dispute contention for a given VLAN.
  • The AED is responsible for sending all unicast traffic in a site, while either node in a site can transmit multicast and broadcast.
  • The AED is responsible for load balancing all traffic for all VLANs across the transport network.
  • The AED is responsible for handling all unicast, broadcast, and multicast traffic for a given VLAN within a site.

Answer : The AED is responsible for handling all unicast, broadcast, and multicast traffic for a given VLAN within a site.

400-101 CCIE Routing and Switching Written Practice Exam Set 12

Which three concepts influenced the evolution of data centers?


Options are :

  • Economics
  • Consolidation
  • Expansion
  • Commoditization
  • Automation
  • Virtualization

Answer : Consolidation Automation Virtualization

Which statement describes the XML management interface in Cisco NX-OS Software?


Options are :

  • NX-OS Software supports up to a maximum of 16 concurrent XML sessions.
  • The NX-OS implementation of the XML-based NETCONF requires SSH to be used for communication with the device.
  • Only show commands are supported via the XML management interface in NX-OS Software.
  • The following XML-based NETCONF operations are supported in NX-OS SoftwarE. Close- session, copy-config, delete-config, and edit-config.
  • The following XML-based NETCONF operations are supported in NX-OS SoftwarE. Close- session, copy-config, edit-config, and kill-session.

Answer : The NX-OS implementation of the XML-based NETCONF requires SSH to be used for communication with the device.

Which two statements about SAN port channels configured on Cisco Nexus 5000 Series switches are true?


Options are :

  • The port channel protocol uses the exchange fabric parameters command to communicate across peer ports in an ISL.
  • The port channel protocol ensures that a set of ports is eligible to be part of the same SAN port channel.
  • Changes in configuration to the SAN port channel interface must also be made to all members of the channel group.
  • The bring up protocol automatically detects and overrides any misconfiguration.
  • You can manually configure channel groups, or they can be automatically created.

Answer : The port channel protocol ensures that a set of ports is eligible to be part of the same SAN port channel. You can manually configure channel groups, or they can be automatically created.

200-310 Designing for Cisco Inter network Solutions Exam Set 4

A network administrator has installed an N7K-F248-25XP module into an existing chassis. The module is powered on, but the interfaces are all in VDC0. What is the reason for this?


Options are :

  • The chassis needs an EPLD upgrade to support the new module type.
  • The module has failed GOLD diagnostics, and the switch has isolated the ports to protect the integrity of the system.
  • The default VDC cannot support F2 modules.
  • The interfaces must be allocated into a VDC for F2 modules only.

Answer : The interfaces must be allocated into a VDC for F2 modules only.

On Cisco Nexus 5000 Series Switches, where are the virtual output queues implemented, and what is the main purpose of virtual output queues?


Options are :

  • on all egress interfaces; to be able to use EEE 802.1p CoS
  • on all egress interfaces; to prevent head-of-line blocking by utilizing multiple virtual output queues
  • on all ingress interfaces; to ensure maximum throughput on a per-egress, per-CoS basis
  • on all ingress interfaces; to provide independent congestion management and 16 queues
  • on all egress interfaces; so that a congested egress port does not affect traffic directed to other egress ports

Answer : on all ingress interfaces; to ensure maximum throughput on a per-egress, per-CoS basis

Which three capabilities make the Cisco Nexus 7010 switch an effective solution for the data center core?


Options are :

  • virtualization
  • support for 48-port Gb/s line card
  • unified I/O
  • high performance
  • support for Data Center Service Modules
  • high availability

Answer : unified I/O high performance high availability

Cisco 210-060 Implement Collaboration Device Practice Exam Set 7

Which capabilities are not supported in DCNM device manager?


Options are :

  • configure VLANs and Ethernet port channels
  • manage SNMPv3 security access to switches
  • save and copy configuration files and software images
  • manage 2148T FEX, 2232PP FEX, and 2248TP FEX
  • configure FCoE

Answer : configure VLANs and Ethernet port channels

Which statement best describes ACL configuration using configuration session mode on Cisco Nexus switches?


Options are :

  • The network administrator can perform a dry-run ACL configuration by verifying the configuration against the hardware and software resources available before applying it.
  • The verify command will validate commands entered for syntax errors.
  • Configuration sessions can be saved and resumed at any time, even after upgrading NX-OS Software on the switch with ISSU.
  • Configuration sessions are global for all VDCs on the Nexus 7000.
  • The save command will save the commands entered to the startup configuration.

Answer : The network administrator can perform a dry-run ACL configuration by verifying the configuration against the hardware and software resources available before applying it.

Where is a typical request in the Cisco UCS XML API placed in the data management engine, and, after the request is confirmed, what is updated?


Options are :

  • The request is placed in the replicator and persistifier and the store is updated.
  • The request is placed in the transactor queue in FIFO order and the management information tree is updated.
  • The request is placed in the buffer queue and the commit buffer queue is updated.
  • The request is placed in the data management engine and the application gateway is updated.

Answer : The request is placed in the transactor queue in FIFO order and the management information tree is updated.

200-125 Cisco Certified Network Associate Practice Exam Set 12

Which statement describes SNMP functionality in Cisco NX-OS Software?


Options are :

  • SNMP always uses the default VRF on the Cisco Nexus 7000 Series Switches.
  • NX-OS Software supports one instance of SNMP globally for all VDCs; however, MIB counters are collected and reported individually per VDC.
  • NX-OS Software supports 3DES and AES for SNMPv3 message encryption.
  • SNMP is always enabled by default in NX-OS Software and cannot be disabled.
  • SNMP must be enabled with the feature snmp command before any SNMP configuration is possible.

Answer : NX-OS Software supports 3DES and AES for SNMPv3 message encryption.

Cisco DCNM-LAN supports the configuration and monitoring of many Cisco NX-OS features, including which two of these Ethernet protocols?


Options are :

  • VRRP
  • IRDP
  • GLBP
  • HSRP

Answer : GLBP HSRP

Which two statements about authentication settings for DCNM-LAN are true?


Options are :

  • If none of the authentication servers that are configured for the current authentication mode responds to an authentication request, the DCNM-LAN server falls back to local authentication.
  • Administering DCNM-LAN authentication settings require an authentication license.
  • DCNM-LAN only supports TACACS+.
  • DCNM-LAN server users are local to the DCNM-LAN server.
  • Each DCNM-LAN server will have the same device credentials.

Answer : If none of the authentication servers that are configured for the current authentication mode responds to an authentication request, the DCNM-LAN server falls back to local authentication. DCNM-LAN server users are local to the DCNM-LAN server.

200-105 Inter connecting Cisco Networking Devices Exam Set 3

Cisco NX-OS Software supports SNMPv1, SNMPv2c, and SNMPv3. Both SNMPv1 and SNMPv2c use a community-based form of security. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting frames over the network. Which security features are provided in Cisco NXOS SNMPv3?


Options are :

  • encryption--scrambles the packet contents to prevent them from being seen by unauthorized sources
  • message integrity--ensures that a packet has not been tampered with while it was in transit
  • user--to determine if user authentication is used instead of community strings
  • authentication--determines that the message is from a valid source
  • password--a password (community string) sent in clear text between a manager and agent for added protection

Answer : encryption--scrambles the packet contents to prevent them from being seen by unauthorized sources message integrity--ensures that a packet has not been tampered with while it was in transit authentication--determines that the message is from a valid source

Which statement describes OTV configuration on the Cisco Nexus 7000 Series Switches?


Options are :

  • OTV uses an SSM group range for neighbor discovery and to exchange MAC reachability with other OTV edge peers.
  • The OTV internal interface encapsulates the site Layer 2 frames in IP unicast or multicast packets that are then sent to the other sites.
  • The OTV join interface is a routed uplink interface on the edge device used to physically join the overlay network.
  • The OTV control-plane protocol uses the IS-IS protocol to establish adjacencies and exchange MAC reachability across the overlay network. You must enable IS-IS with the feature isis command before OTV adjacencies can be established.

Answer : The OTV join interface is a routed uplink interface on the edge device used to physically join the overlay network.

In a Cisco Nexus 7000 platform configured with GLBP, which GLBP timer can be tuned to prevent unnecessary GLBP state changes during a switchover or ISSU?


Options are :

  • GLBP redirect timer
  • GLBP forwarder pre-empt delay minimum timer
  • GLBP pre-empt delay minimum timer
  • GLBP extended hold timer
  • GLBP hold timer
  • GLBP nonstop forwarding timer

Answer : GLBP extended hold timer

Cisco 210-060 Implement Collaboration Device Practice Exam Set 7

Which statement describes the graceful restart capability in Cisco NX-OS Software?


Options are :

  • If the restarting OSPFv2 interface does not come back up before the end of the grace period, or if the network experiences a topology change, the OSPFv2 neighbors tear down adjacency with the restarting OSPFv2 interface and treat it as a normal OSPFv2 restart.
  • In NX-OS Software, the OSPFv2 graceful restart extension is Cisco proprietary and is only compatible with other Cisco routers.
  • OSPFv3 graceful restart must be disabled before doing an ISSU.
  • Graceful restart helps keep an NX-OS system forwarding traffic transparently even if it experiences a cold reboot.
  • A graceful restart allows OSPFv2 to remain in the data forwarding path through a process restart. When OSPFv2 needs to restart, it first sends a type 8 LSA, which includes a grace period that tells NSF helpers to keep all LSAs that originated from the restarting interface.

Answer : If the restarting OSPFv2 interface does not come back up before the end of the grace period, or if the network experiences a topology change, the OSPFv2 neighbors tear down adjacency with the restarting OSPFv2 interface and treat it as a normal OSPFv2 restart.

If the default VDC is configured to limit resources to a specific module type, what happens when a module that does not match the resource type is installed?


Options are :

  • The module is denied power, and a syslog message is generated.
  • The module is powered up, and interfaces are allocated to VDC100.
  • The module is powered up, and interfaces are allocated to VDC0.
  • The module is powered up, and interfaces are in an "admin down" state.

Answer : The module is powered up, and interfaces are allocated to VDC0.

What is the default Time to Live (TTL) value in Cisco FabricPath?


Options are :

  • 64
  • 128
  • Dependent on the number of switch IDs in the topology
  • 32

Answer : 32

100-105 Net Cert Interconnecting Cisco Networking Exam Set 6

SNMPv3 authorizes management operations only by configured users and encrypts SNMP messages. Which authentication protocols does Cisco NX-OS Software use for SNMPv3?


Options are :

  • NMAC-SHA-96 authentication protocol
  • HMAC-SHA-96 authentication protocol
  • Community String Match protocol
  • HMAC-MD5-96 authentication protocol
  • NMAC-MD5-96 authentication protocol

Answer : HMAC-SHA-96 authentication protocol HMAC-MD5-96 authentication protocol

After configuring FabricPath, the following appears in the syslog:

%STP-2-L2GW_BACKBONE_BLOCK: L2 Gateway Backbone port inconsistency blocking port portchannel100 on VLAN0010. What is the cause of this message?


Options are :

  • An inferior BPDU is received on a Cisco FabricPath edge port.
  • STP must be disabled; message indicates that STP is enabled.
  • STP is misconfigured; root guard must be disabled.
  • A superior BPDU is received on a Cisco FabricPath edge port.

Answer : A superior BPDU is received on a Cisco FabricPath edge port.

Which three statements describe the configuration change management feature in DCNM LAN?


Options are :

  • You can archive a maximum of 50 configuration versions per managed device.
  • Managed devices must be licensed in DCNM LAN before they can be used with configuration change management.
  • DCNM LAN can archive configurations from devices even if they are not managed by the DCNM server, and the administrator can supply the device management IP address and credentials.
  • Switch profiles allow configurations to be synchronized between switches and are supported with any Cisco NX-OS Software managed device.
  • Device-running configuration will be archived only if it differs from the last archived version.

Answer : You can archive a maximum of 50 configuration versions per managed device. Managed devices must be licensed in DCNM LAN before they can be used with configuration change management. Device-running configuration will be archived only if it differs from the last archived version.

200-125 CCNA Cisco Certified Network Associate Test Set 3

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions