« 返回题库列表2026 CCNP 300-620考试题库与答案解析|最新学习资料
问题 #1
An engineer wants to monitor all configuration changes, threshold crossing, and link-state transitions in a Cisco ACI fabric. Which action must be taken to receive the required messages?
A. Include Audit Logs and Events in the Syslog source policy.
B. Add Faults and Events to the monitor policy.
C. Add Session Logs and Audit Logs to the monitor policy.
D. Include Events and Session Logs in the Syslog source policy.
问题 #2
The existing network and ACI fabric have been connected to support workload migration. Servers will physically terminate at the Cisco ACI, but their gateway must stay in the existing network. The solution needs to adhere to Cisco's best practices. The eng
A. L2 Unknown Unicast: Flood L3 Unknown Multicast Flooding: Flood Multi Destination Flooding: Flood in BD ARP flooding: Enable
B. L2 Unknown Unicast: Hardware Proxy L3 Unknown Multicast Flooding: Flood Multi Destination Flooding: Flood in BD ARP flooding: Enable
C. L2 Unknown Unicast: Flood L3 Unknown Multicast Flooding: Optimize Flood Multi Destination Flooding: Flood in BD ARP flooding: Disable
D. L2 Unknown Unicast: Hardware Proxy L3 Unknown Multicast Flooding: Optimize Flood Multi Destination Flooding: Flood in BD ARP flooding: Disable
问题 #3
An engineer must securely export Cisco APIC configuration snapshots to a secure, offsite location. The exported configuration must be transferred using an encrypted tunnel and encoded with a platform-agnostic data format that provides namespace support. W
A. Policy: Import Policy Protocol: SCP Format: JSON
B. Policy: Export Policy Protocol: TLS Format: JSON
C. Policy: Import Policy Protocol: TLS Format: XML
D. Policy: Export Policy Protocol: SCP Format: XML
问题 #4
An engineer must advertise a bridge domain subnet out of the ACI fabric to an OSPF neighbor. Which two configuration steps are required? (Choose two.)
A. Add L3Out profile to the bridge domain using Associated L3Outs section.
B. Configure the Subnet under the EPG level.
C. Create Route Control Profile with the export direction under External EPG.
D. Add External Subnet for External EPG flag under External EPG.
E. Configure Subnet scope to Advertised Externally.
问题 #5
A customer must deploy three Cisco ACI based data centers. Each site must be separated from the others. Which characteristic of Cisco ACI Multi-Pod makes it unsuitable for this deployment?
A. places leaf switches in the remote site that belong to the same fabric as at the headquarters site
B. creates a virtual pod in the remote location
C. has distance and scale limitations
D. requires all pods to share the same Cisco APIC cluster
问题 #6
An engineer is in the process of discovering a new Cisco ACI fabric consisting of two spines and four leaf switches. The discovery of leaf 1 has just been completed. Which two nodes are expected to be discovered next? (Choose two.)
A. leaf 2
B. leaf 3
C. leaf 4
D. spine 1
E. spine 2
问题 #7
An engineer is configuring ACI VMM domain integration with Cisco UCS-B Series. Which type of port channel policy must be configured in the vSwitch policy?
A. MAC Pinning
B. LACP Active
C. LACP Passive
D. MAC Pinning-Physical-NIC-load
问题 #8
A customer must upgrade the Cisco ACI fabric to use a feature from the new code release. However, there is no direct path from the current release to the desired one. Based on the Cisco APIC Upgrade/Downgrade Support Matrix, the administrator must go thro
A. 1. Upgrade the APICs directly to the targeted release. 2. Upgrade the switches to an interim release. 3. When all switches are operational, upgrade the leaf switches to the targeted release. 4. Upgrade the spine switches to the targeted release.
B. 1. Upgrade the APICs to an interim release. 2. Upgrade the switches to an interim release. 3. Upgrade the APICs to the targeted release. 4. Upgrade the leaf and spine switches to the targeted release.
C. 1. Upgrade the APICs to an interim release and then switches to an interim release. 2. When all switches are operational, upgrade leaf switches to the targeted release. 3. Upgrade the spine switches to the targeted release. 4. Upgrade the APICs to the targeted release.
D. 1. Upgrade the APICs to an interim release. 2. Upgrade the leaf switches directly to the targeted release. 3. Upgrade the spine switches directly to the targeted release. 4. Upgrade the APICs to the targeted release.
问题 #9
In-band is currently configured and used to manage the Cisco ACI fabric. The requirement is for leaf and spine switches to use out-of-band management for NTP protocol. Which action accomplishes this goal?
A. Change the interface used for APIC external connectivity to ooband.
B. Select Out-of-Band as Management EPG in the default DateTime Policy.
C. Create an Override Policy with NTP Out-of-Band for leaf and spine switches.
D. Add a new filter to the utilized Out-of-Band-Contract to allow NTP protocol.
问题 #10
An engineer deploys a two-pod Cisco ACI Multi-Pod environment. Why should no more than two Cisco APIC controllers be deployed in the same pod?
A. to enable equal capacity to scale in each pod
B. to ensure that all nodes in all pods have local access to a controller
C. to avoid hair-pinning traffic that is destined for the primary APIC controller between pods
D. to avoid losing all replicas of a shard if a pod fails
问题 #11
An engineer must add a group of 70 bare-metal ESXi servers to the Cisco ACI fabric, which is integrated with vCenter. These configuration steps are complete: 1. The configured pool of ESXi hosts is configured with an Attachable Access Entity Profile (AAEP
A. Implement a separate VMM domain for the bare-metal servers by using AEP_VMM.
B. Add the VMM domain under the AEP_BAREMETAL AAEP object.
C. Create a new AAEP container object for policy groups for AEP_VMM.
D. Update AAEP to AEP_VMM on all policy groups that are used toward bare-metal servers.
问题 #12
A network engineer must integrate VMware vCenter cluster with Cisco ACI. The requirement is for the management traffic of the hypervisors and VM controllers to use the virtual switch associated with the Cisco Application Policy. The EPG called "Vmware-MGM
A. Enable Infrastructure VLAN on AAEP used toward VMware hypervisors. Associate the target EPG with the VMM domain with default settings.
B. Enable Infrastructure VLAN on AAEP used toward VMware hypervisors. Create a static binding in the target EPG toward VMware hypervisors with VLAN 300, untagged access VLAN, and Untagged 802.1P mode.
C. Add VLAN 300 with static allocation to the VLAN POOL that is used for VMM integration. Attach the VMM domain to the target EPG with resolution preprovision, mode static, untagged access VLAN, and Port-Encap 300.
D. Associate the target EPG with the VMM domain with default settings. Enable Infrastructure VLAN on AAEP used toward VMware hypervisors.
问题 #13
An engineer must connect a new host to port 1/1 on Leaf 101. A Cisco ACI fabric has an MCP policy configured but experiences excessive Layer 2 loops. The engineer wants the Cisco ACI fabric to detect and prevent Layer 2 loops in the fabric. Which set of a
A. Enable MCP globally. Associate the MCP policy with an interface policy group.
B. Enable MCP globally. Associate the MCP policy with an interface selector.
C. Enable MCP locally. Associate the MCP policy with an interface policy group.
D. Enable MCP locally. Associate the MCP policy with an interface profile.
问题 #14
A network engineer implements an L3Out inside the Cisco ACI fabric. The engineer plans to connect a Cisco ACI leaf switch to a switch outside of the Cisco ACI fabric to exchange routes via a routing protocol. The external switch interface is configured wi
A. Set up the EIGRP Protocol policy with the selected Autonomous System number. Configure an Interface policy and an External Bridged Domain. Create an External Bridged Network using the configured VLAN pool. Build the Leaf profile, selecting Routed Sub-Interface and the appropriate VLAN.
B. Set up the EIGRP Protocol policy with the selected Autonomous System number. Set up the Routed External Network object and Node profile, selecting EIGRP. Create the Switch profile, selecting VPC and the appropriate interfaces. Create the default network and associate it with the Routed Outside object.
C. Set up the BGP Protocol policy with the appropriate Autonomous System number. Create the Routed Outside object and Node profile, selecting BGP as the routing protocol. Build the Interface profile, selecting SV and the appropriate VPC. Configure the 0.0.0.0/32 network as part of the External Network object.
D. Configure the OSPF Protocol policy with an area of 0. Create the Routed Outside object and Node profile, selecting OSPF as the routing protocol. Build the Interface profiles, selecting Routed Interface and the appropriate interface. Set up the External Network object with a network of 0.0.0.0/0.
问题 #15
Which two actions does the Cisco ACI take when a bridge domain is configured with a subnet and unicast routing is enabled? (Choose two.)
A. stops remote endpoint learning
B. learns MAC and IP addresses
C. enables routing to and from that subnet
D. disables the ARP flooding feature
E. discovers endpoints from data plane learning only
问题 #16
An engineer must configure an L3Out to advertise a single summarized address for all Cisco ACI host routes. The summarized address must be advertised to the core switches that are physically attached to the ACI fabric. An external EPG is created with the
A. Set the external EPG subnet scope to Export Route Control Subnet. Associate a route control profile.
B. Set the external EPG subnet scope to Import Route Control Subnet. Associate a route summarization policy.
C. Set the external EPG subnet scope to Import Route Control Subnet. Associate a route control profile.
D. Set the external EPG subnet scope to Export Route Control Subnet. Associate a route summarization policy.
问题 #17
An engineer must configure a new local user inside a Cisco ACI. The new user must meet these criteria: 1. Must be provided with complete read-only access to the tenant. 2. Must be permitted to create and delete EPGs within a specific tenant. 3. Must not b
A. Create a new role with tenant-connectivity privilege. Create the local user and assign it to the tenant-security domain. Add the tenant-security domain to the role access-admin with access privilege type Read. Add the tenant-security domain to the new role with access privilege type Write.
B. Create a new role with tenant-epg privilege. Create the local user and assign it to the tenant-security domain. Add the tenant-security domain to the role read-all with access privilege type Read. Add the tenant-security domain to the new role with access privilege type Write.
C. Create a new role with tenant-security privilege. Create the local user and assign it to the tenant-security domain. Add the tenant-security domain to the role tenant-admin with access privilege type Read. Add the tenant-security domain to the new role with access privilege type Write.
D. Create a new role with tenant-admin privilege. Create the local user and assign it to the tenant-security domain. Add the tenant-security domain to the role admin with access privilege type Read. Add the tenant-security domain to the new role with access privilege type Write.
问题 #18
A recent set of changes by a Cisco ACI administrator corrupted the APIC cluster. The ACI engineer must restore the configuration of the previous day. The APIC nodes in the cluster can communicate but fail to connect with other networks. The administrator
A. Restore using the last configuration on the factory-reset APIC. Use an import policy set to Best-effort.
B. Restore the configuration imported from an FTP server. Use an import policy set to Atomic.
C. Roll back the configuration using a local snapshot. Use an import policy set to Best-effort Merge.
D. Roll back the configuration using a local snapshot. Use an import policy set to Atomic Replace.
问题 #19
An engineer needs to avoid loops in the ACI network and needs an ACI leaf switch to error-disable an interface if the interface receives an ACI-generated packet. Which action meets these requirements?
A. Change the default administrative state of the global MCP Instance Policy.
B. Set Rogue EP Control in the Endpoint Controls Policy.
C. Uncheck the Loop Protection Action check box in MCP Instance Policy.
D. Enable the Loop Indication by MCP event in the Error Disabled Recovery Policy.
问题 #20
A Cisco ACI leaf switch receives an ARP request packet from a host that is attached to a bridge domain with unicast routing enabled. Which information does the leaf switch learn?
A. the local endpoint source IP address
B. the source IP and destination IP addresses
C. the remote endpoint IP address
D. the MAC and IP addresses of the local endpoint
问题 #21
All nodes in a Cisco ACI fabric are raising NTP faults. The Date and Time policy is configured with the IP address of two NTP servers and both servers are reachable via the out-of-band management network. Also, the out-of-band EPG has been selected as the
A. Configure and apply an out-of-band contract to the out-of-band EPG.
B. Directly attach both NTP servers to the Cisco ACI fabric via a leaf switch.
C. Add the NTP server IPs to the external management instance profile.
D. Create a node management address policy that includes all nodes in the fabric.
问题 #22
A Cisco ACI fabric contains a tenant called Prod. User_1 must have write access to tenant Prod and full access to the fabric access policy. Which set of actions must be taken to meet these requirements?
A. Associate User 1 to tenant Prod. Associate the security domain to the distinguished name of the fabric access policy. Create RBAC for the distinguished name of security domain.
B. Associate User 1 to the fabric access policy. Associate the security domain to the fabric access policy. Create RBAC for the distinguished name of tenant Prod.
C. Associate User 1 to the security domain. Associate the security domain to tenant Prod. Create RBAC for the distinguished name of fabric access policy.
D. Associate User_1 to the distinguished name of the fabric access policy. Associate the security domain to RBAC. Create RBAC for the distinguished name of User 1.
问题 #23
A network administrator is configuring a Cisco ACI fabric to automatically take a snapshot of all the configurations once per week. The snapshot must be saved on a server that is located in the data center. Which configuration meets these requirements?
A. Scope: Tenant Action: Take a snapshot Location: Create Remote Location
B. Scope: Tenant Action: Create recurring snapshots Location: APIC
C. Scope: Fabric Action: Take a snapshot Location: APIC
D. Scope: Fabric Action: Create recurring snapshots Location: Create Remote Location
问题 #24
An engineer created a monitoring policy called Test in a Cisco ACI fabric and had to change the severity level of the monitored object Call home source. Which set of actions prevent the event from appearing in event reports?
A. Select Event Severity Assignment Policies. Set severity level to squelched.
B. Select Event Severity Assignment Policies. Set severity level to cleared.
C. Select Faults Severity Assignment Policies. Set severity level to squelched.
D. Select Faults Severity Assignment Policies. Set severity level to cleared.
问题 #25
A network engineer is implementing a Layer 3 Out in the Cisco ACI fabric. The data center core switches must connect to a pair of leaf switches and exchange routes via a routing protocol. In addition, the implementation must meet these criteria: 1. The ex
A. Implement the EIGRP Protocol policy with the selected Autonomous System number. Create Routed Outside object and Node Profile and select EIGRP as the routing protocol. Build the Interface profile and select SVI and the appropriate VPC. Configure the External Network object with a network of 0.0.0.0/0.
B. Configure the BGP Protocol policy with the appropriate Autonomous System number. Configure an Interface policy and an External Bridged Domain. Create an External Bridged Network and use the configured VLAN pool. Build the Leaf profile and select the Routed sub-interface with the appropriate VLAN.
C. Configure the OSPF Protocol policy with an area of 0. Set up the Routed External Network object and Node Profile and select OSPF. Create the Switch profile and select VPC with the appropriate interfaces. Create the default network and associate it with the Routed Outside object.
D. Implement the IS-IS Protocol policy with the selected Autonomous System number. Create the Routed Outside object and Node Profile and select IS-IS. Configure the Interface profile and select the Routed Interface with the appropriate interfaces. Create the External Network object.
问题 #26
An engineer wants to configure Cisco ACI switches to use authenticated ZMQ when communicating with the proxy spine. Which configuration allows MD5 ZMQ messages only?
A. IS-IS password using MD5
B. COOP Group policy in compatible mode
C. COOP Group policy in strict mode
D. BGP password using MD5
问题 #27
A network engineer configures the Cisco ACI fabric to connect to vCenter with these requirements: 1. Port groups must be automatically created on the distributed virtual switch. 2. Port groups must use the VLAN allocation in the range between 20-30. 3. Th
A. Create a dynamic VLAN pool with the VLAN range of 20-30. Create a physical domain and associate it with the VLAN pool. Create the EPG and associate the domain. Set the deployment immediacy to On Demand.
B. Create a static VLAN pool with the VLAN range of 20-30. Create a VMM domain and associate it with the VLAN pool. Create the EPG and associate the domain. Set the deployment immediacy to Immediate.
C. Create a dynamic VLAN pool with the VLAN range of 20-30. Create a VMM domain and associate it with the VLAN pool. Create the EPG and associate the domain. Set the deployment immediacy to On Demand.
D. Create a static VLAN pool with the VLAN range of 20-30. Create a physical domain and associate it with the VLAN pool. Create the EPG and associate the domain. Set the deployment immediacy to Immediate.
问题 #28
A network engineer must allow secure access to the Cisco ACI out-of-band (OOB) management only from external subnets 10.0.0.0/24 and 192.168.20.0/25. Which configuration set accomplishes this goal?
A. Create a PBR service graph in the MGMT tenant. Create a management Profile with the required OOB EPG. Redirect all traffic going into ACI management to the external firewall. Create two subnet entries under the OOB Bridge domain with the required subnets.
B. Create an OOB contract that allows the required ports. Provide the contract from the OOB EPG. Consume the contract by the OOB External Management Network Instance Profile. Create two subnet entries in the External Management Network Profile with the required subnets.
C. Create an EPG and BD in the MGMT tenant in OOB VRF. Set OOB VRF to provide the contract. Set a new EPG to consume the OOB contract.
D. Create a L3Out in the MGMT tenant in OOB VRF. Set External Management Network Instance Profile as a consumer of the OOB contract. Create an External EPG with two subnet entries with the external subnets.
闽公网安备 35012102500533号
|
闽ICP备18010967号-7