« 返回题库列表通过CCNP 300-710实践问题,以及Cisco Security 300-710 SNCF | 思博网络考试,轻松获得成功。
通过使用CCNP 300-710的练习题,您可以轻松获得成功。同时,Cisco Security 300-710 SNCF的练习题也能帮助您取得进步。 在与CCNP Security以及Cisco Certified Specialist - Network Security Firepower相关的90分钟考试中,思博网络的表现非常出色。 该考试旨在评估考生对Cisco Firepower® Threat Defense和Firepower®的了解程度,涵盖相关配置、集成、部署、管理以及故障排除等方面的内容。 通过高质量的练习测试、考试模拟题、样题以及模拟考试来有效备考,从而巩固所学知识,提高应对考试的能力。 可以获取考试资料、考试答案以及各种试题和解答,从而进行全面的备考。 可以利用免费的测试题和在线历年真题来模拟真实的考试场景,从而更好地进行考试练习。 使用考试模拟器来在真实的考试环境中进行练习,从而增强自己的信心,提高通过考试的可能性。 请充分学习诸如“使用Cisco Firepower来保护网络”以及“使用Cisco Firepower下一代入侵防御系统来保护网络”这样的课程。
问题 #1
An engineer designers a Cisco ACI Multi-Pod solution that requires a pair of active-standby firewalls in different pods for external connectivity. How should the firewalls be implemented?
A. PBR for routed firewalls
B. separate L3Out peerings for routed firewalls
C. routed firewall for the default gateway
D. transparent firewalls
问题 #2
Which feature is available across sites if EPGs are stretched?
A. active-active high-availability firewall clustering
B. Layer 3 routing between sites
C. Layer 2 flooding across sites
D. live virtual machine migration
问题 #3
What is the advantage of implementing an active-active firewall cluster that is stretched across separate pods when anycast services are configured?
A. A different MAC/IP combination can be configured for the firewall in each pod.
B. The local pod anycast node is preferred by the local spines.
C. A cluster can be deployed in transparent mode across pods.
D. Local traffic in a pod is load-balanced between the clustered firewalls.
问题 #4
Which two actions should be taken to ensure a scalable solution when multiple EPGs in a VRF require unrestricted communication? (Choose two.)
A. Configure a taboo contract between the EPGs that require unrestricted communication between each other.
B. Enable Preferred Group Member under the EPG Collection for VRF section.
C. Set the VRF policy control enforcement preference to Unenforced.
D. Set the EPGs that require unrestricted communication between each other as preferred group members.
E. Set the EPGs that require policy enforcement between each other as preferred group members.
问题 #5
An engineer extends a Cisco ACI Multi-Pod setup to a Cisco ACI Multi-Site implementation. Which action allows the interconnection?
A. Configure BIDIR-PIM in the IPN and ISN
B. Use dedicated uplinks on Site 1 spines for ISN connectionsC. Connect all spines to the IPN and ISN
D. Filter the advertisement of the Site 2 TEP pool into the IPN
问题 #6
What must be configured in the service graph to redirect HTTP traffic between the EPG client and EPG server to go through the Cisco ASA firewall?
A. contract filter to allow ARP and HTTP
B. precise filter to allow only HTTP traffic
C. contract with no filter
D. permit-all contract filter
问题 #7
Between Cisco UCS Fls and Cisco ACI leaf switches, CDP is disabled, the LLDP is enabled, and LACP is in Active mode. Which two discovery protocols and load-balancing mechanism combinations can be implemented for the DVS? (Choose two.)
A. CDP enabled, LLDP disabled, and LACP Active
B. CDP disabled, LLDP enabled, and MAC PinningC. CDP enabled, LLDP disabled, and MAC Pinning
D. CDP enabled, LLDP enabled, and LACP Active
E. CDP enabled, LLDP disabled, and LACP PassiveF. CDP disabled, LLDP enabled, and LACP Passive
问题 #8
An engineer creates the objects that must be deployed at each site in Cisco ACI Multi-Site Orchestrator. Which action should be taken before the schema can be associated with the newly configured site?
A. Attach the templates to the newly configured site
B. Configure a provider for the Cisco ACI Multi-Site Orchestrator
C. Import existing policies from an existing tenant to Cisco ACI Multi-Site OrchestratorD. Configure the Infra Site-Specific Settings
问题 #9
An engineer configures a Cisco ACI Multi-Pod for disaster recovery. Which action should be taken for the new nodes to be discoverable by the existing Cisco APICs?
A. Enable subinterfaces with dot1q tagging on all links between the IPN routers.
B. Configure IGMPv3 on the interfaces of IPN routers that face the Cisco ACI spine.
C. Enable DHCP relay on all links that are connected to Cisco ACI spines on IPN devices.
D. Configure BGP as the underlay protocol in IPN.
问题 #10
Which two configurations enable inter-VRF communication? (Choose two.)
A. Set the subnet scope to Shared Between VRFs
B. Enable Advertise Externally under the subnet scope
C. Change the contract scope to Tenant
D. Change the subject scope to VRF
E. Export the contract and import as a contract interface
问题 #11
An existing Cisco ACI Multi-Site setup with default fabric settings contains endpoints that communicate with an MTU of 1500. What is the minimum MTU value that must be supported by the ISN to allow control plane endpoint information exchange between sites?
A. 9000
B. 1554
C. 9100
D. 1600
问题 #12
A network engineer configures a Layer 4 to Layer 7 device for an outside routed firewall that is connected to POD-1 inside a Cisco ACI fabric that consists of two pods. All traffic from POD-1 or POD-2 that uses the L3Out should pass through the routed firewall. Which Function Type must be implemented in the service graph for POD-2 to use L3Out?
A. GoThrough
B. L1
C. GoTo
D. L2
问题 #13
How are the STP BPDUs forwarded over Cisco ACI fabric?
A. STP BPDUs that are generated by Switch2 are received by Switch1 and Switch3.
B. Cisco ACI fabric drops all STP BPDUs that are generated by the external switches.
C. Cisco ACI acts as the STP root for all three external switches.
D. STP BPDUs that are generated by Switch1 are received only by Switch3.
问题 #14
The 0.0.0.0/0 is configured as a default static route on L3Out-1. Which action should be taken for the 0.0.0.0/0 prefix to advertise out on L3Out-2 OSPF?
A. Enable Shared Security Import Subnet
B. Enable Aggregate Export Subnet
C. Enable Shared Route Control Subnet
D. Enable Export Route Control Subnet
问题 #15
An engineer must have communication between EPG1 in VRF1 and External EPG in VRF2. Which three actions should be taken for the defined subnets in the L3Out External EPG to accomplish this goal? (Choose three.)
A. Enable Shared Route Control Subnet
B. Enable External Subnets for External EPG
C. Enable Export Route Control Subnet
D. Enable Shared Security Import Subnet
E. Enable Aggregate Shared Routes
F. Enable Import Route Control Subnet
问题 #16
What is a characteristic of a stretched bridge domain solution between Cisco ACI sites with Layer 2 flood disabled?
A. The application profile that is associated to the bridge domain have local significance in each site.
B. The tenant and VRF that associated to the bridge domain have local significance in each site.
C. Headend replication is used for BUM traffic between sites.
D. IP mobility is ensured between sites for disaster recovery.
问题 #17
What are two characteristics of Cisco ACI and Spanning Tree Protocol interaction? (Choose two.)
A. When a TCN BPDU is received in a VLAN, Cisco ACI flushes the endpoints for the associated encapsulation.
B. STP BPDUs are dropped due to MCP.
C. MST BPDUs are flooded correctly in Cisco ACI fabric without additional configuration.
D. BPDU filter and BPDU guard can be configured on Cisco ACI leaf edge ports.
E. Cisco ACI must be configured as the STP root for all VLANs.
问题 #18
Which firewall connection allows for the integration of service nodes in transparent mode with a Cisco ACI Multi-Pod setup?
A. active-standby mode across pods
B. active-active mode per pods for communication between internal endpoints
C. active-standby mode per pods for communication between endpoints and external networksD. active-active mode across pods
问题 #19
Which configuration must be implemented to allow intra-VRF transit routing between the two external routers?
A. Deploy both areas under the same L3Out policy
B. Change one of the areas to area 0
C. Configure OSPF virtual links
D. Modify L3Out 1 to use the same OSPF area as L3Out 2
问题 #20
An engineer configures a new Cisco ACI Multi-Pod setup. Which action should be taken for fabric discovery to be successful for the nodes in Pod 2?
A. Select the Route Reflector field in Pod Peering
B. Enable the DSCP class-cos translation policy for Layer 3 traffic
C. Configure POD 2 Data Plane TEP under the Pod Connection Profile
D. Add the IPN subnet under the Fabric External Routing Profile
问题 #21
A customer experiences resource overconsumption on one of its border leaf switches. Which action should be taken to reduce the consumption on this switch?
A. Disable VRF Policy Control Enforcement
B. Disable IP Data Plane Learning
C. Migrate L3Outs to another switch
D. Disable Remote EP Learning
问题 #22
Which configuration mode must be selected for the VMM vSwitch Port Channel policy to avoid MAC flapping on the Cisco UCS Fls and Cisco ACI leaf switches?
A. LACP Passive
B. MAC Pinning
C. LACP Active
D. Static Channel – Mode On
问题 #23
Two application profiles are configured in the same tenant and different VRFs. Which contract scope is configured to allow communication between the two application profiles?
A. global
B. VRF
C. application
D. tenant
问题 #24
Which two configuration steps are required in ISN for Cisco ACI Multi-Site setup? (Choose two.)
A. Connect Spine2 to ISN routers.
B. Configure BIDIR-PIM throughout the ISN
C. Increase ISN MTU to support the maximum MTU that is sent by endpoints
D. Configure OSPF between spines and ISN routers
E. Enable IGMPv3 on ISN routers
问题 #25
An engineer wants to avoid connectivity problems for the endpoint EP1 when it reaches an external L3Out network through the gateway 10.2.2.254/24. Which two configurations must be implemented in BD-BD2? (Choose two.)
A. Disable unicast routing
B. Enable IP data plane learning for the VRF
C. Disable ARP flooding
D. Enable ARP flooding
E. Enable unicast routing
问题 #26
Which feature should be disabled on a bridge domain when a default gateway for endpoints is on an external device instead of a Cisco ACI bridge domain SVI?
A. unicast routing
B. ARP flooding
C. unknown unicast flooding
D. proxy ARP
闽公网安备 35012102500533号
|
闽ICP备18010967号-7