Question 1
Which feature allows firewall ACLs to be configured automatically when new endpoints are attached
to an EPG?
- A. ARP gleaning
- B. dynamic endpoint attach
- C. hardware proxy
- D. network-stitching
Answer:
A
Explanation:
The feature that allows firewall ACLs to be configured automatically when new endpoints are
attached to an EPG is ARP gleaning.
This feature helps in identifying the endpoints and applying the
necessary ACLs to them as they are discovered
Comments
Question 2
An engineer is implementing Cisco ACI at a large platform-as-a-service provider using APIC
controllers, 9396PX leaf switches, and 9336PQ spine switches. The leaf switch ports are configured as
IEEE 802.1p ports. Where does the traffic exit from the EPG in IEEE 802.1p mode in this
configuration?
- A. from leaf ports tagged as VLAN 0
- B. from leaf ports untagged
- C. from leaf ports tagged as VLAN 4094
- D. from leaf ports tagged as VLAN 1
Answer:
B
Explanation:
In a Cisco ACI configuration with IEEE 802.1p ports, the traffic exits from the EPG untagged from leaf
ports.
This means that when the port is configured in Access (802.1p) mode and the access VLAN is
the only VLAN deployed on the port, then traffic will be untagged on egress56
.
Comments
Question 3
How is an EPG extended outside of the ACI fabric?
- A. Create an external bridged network that is assigned to a leaf port.
- B. Create an external routed network that is assigned to an EPG.
- C. Enable unicast routing within an EPG.
- D. Statically assign a VLAN ID to a leaf port in an EPG.
Answer:
D
Explanation:
An EPG is extended outside of the ACI fabric by statically assigning a VLAN ID to a leaf port in an
EPG.
This method maps the traffic received on the leaf port to the EPG, and the policy for this EPG is
enforced
Reference: https://www.dclessons.com/l2-external-network-with-aci
Comments
Question 4
DRAG DROP
Drag and drop the Cisco ACI filter entry options from the left onto the correct categories on the right
indicating what are required or optional parameters.
Answer:
None
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/Operating_ACI/guide/b_Cisco_Operating_ACI/b_Cisco_Operating_ACI_chapter_01000.html
Comments
Question 5
Where is the COOP database located?
- A. leaf
- B. spine
- C. APIC
- D. endpoint
Answer:
B
Explanation:
The COOP (Council Of Oracle Protocol) database is located on each spine switch within the Cisco ACI
fabric.
The COOP database is responsible for maintaining a consistent copy of endpoint address and
location information across the fabric
Reference: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739989.html
Comments
Question 6
Which description regarding the initial APIC cluster discovery process is true?
- A. The APIC uses an internal IP address from a pool to communicate with the nodes.
- B. Every switch is assigned a unique AV by the APIC.
- C. The APIC discovers the IP address of the other APIC controllers by using Cisco Discovery Protocol.
- D. The ACI fabric is discovered starting with the spine switches.
Answer:
A
Explanation:
The initial APIC cluster discovery process involves each APIC using an internal private IP address from
a pool to communicate with the nodes and other APICs in the cluster.
The APICs discover the IP
addresses of other APIC controllers through an LLDP-based discovery process
Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_010011.html
Comments
Question 7
Refer to the exhibit.
Which two components should be configured as route reflectors in the ACI fabric? (Choose two.)
- A. Spine1
- B. apic1
- C. Spine2
- D. Leaf1
- E. Leaf2
- F. apic2
Answer:
A, C
Explanation:
In a Cisco ACI fabric, the spine switches are typically configured as route reflectors. This is because
spine switches are central to the fabric’s architecture and are responsible for interconnecting all the
leaf switches, making them ideal for reflecting BGP routes within the fabric. Therefore, the
components that should be configured as route reflectors are:
Spine1 (Option A)
Spine2 (Option C)
Comments
Question 8
When creating a subnet within a bridge domain, which configuration option is used to specify the
network visibility of the subnet?
- A. limit IP learning to subnet
- B. scope
- C. gateway IP
- D. subnet control
Answer:
B
Explanation:
When creating a subnet within a bridge domain in Cisco ACI, the configuration option used to
specify the network visibility of the subnet is the scope12
.
The scope can be set to private, public, or
shared, determining how the subnet is advertised and accessed within and outside of the ACI
fabric12
.
Comments
Question 9
What does a bridge domain represent?
- A. Layer 3 cloud
- B. Layer 2 forwarding construct
- C. tenant
- D. physical domain
Answer:
B
Explanation:
A bridge domain in Cisco ACI represents a Layer 2 forwarding construct345
. It defines a unique Layer
2 MAC address space and can include one or more subnets.
Bridge domains are associated with a
VRF and can contain multiple EPGs345
.
Comments
Question 10
Which table holds IP address, MAC address and VXLAN/VLAN information on a Cisco ACI leaf?
- A. endpoint
- B. adjacency
- C. RIB
- D. ARP
Answer:
A
Explanation:
The table that holds IP address, MAC address, and VXLAN/VLAN information on a Cisco ACI leaf is
the endpoint table6
. This table is essential for the ACI fabric’s ability to track and apply policies to
endpoints.
Comments
Page 1 out of 24
Viewing questions 1-10 out of 247
page 2