Question No : 1
Refer to the exhibit.



Which Adjacency Type value should be set when the client endpoint and the service node interface are in a different subnet?

• A.Routed
• B.Unicast
• C.L3Out
• D.L3

Show Answers

Answer:

Question No : 2
An engineer must perform a Cisco ACI fabric upgrade that minimizes the impact on user traffic and allows only permitted users to perform an upgrade.
Which two configuration steps should be taken to meet these requirements?

• A.Divide Cisco APIC controllers into two or more maintenance groups.
• B.Grant tenant-ext-admin access to a user who performs an upgrade
• C.Combine all switches into an upgrade group.
• D.Divide switches into two or more maintenance groups.
• E.Grant the fabric administrator role to a user who performs an upgrade.

Show Answers

Answer:
Explanation:
Reference: https://www.cisco.com/c/en/us/td/docs/dcn/whitepapers/cisco-application-centric-infrastructure-design-guide.html

Question No : 3
What is the purpose of the Overlay Multicast TEP in a Cisco ACI Multi-Site deployment?

• A.to source and receive unicast VXLAN data plane traffic
• B.to establish MP-BGP EVPN adjacencies with the spine nodes in remote sites
• C.to encapsulate multicast traffic in a common multicast group
• D.to perform head-end replication for BUM traffic

Show Answers

Answer:

Question No : 4
An engineer needs to deploy a leaf access port policy group in ACI Fabric to support the following requirements:
• Control the amount of application data flowing into the system
• Allow the newly connected device to auto-negotiate link speed with the leaf switch.
Which two ACI policies must be configured to achieve these requirements? (Choose two.)

• A.L2 interface policy
• B.link level policy
• C.slow drain policy
• D.ingress control plane policing policy
• E.ingress data plane policing policy

Show Answers

Answer:
Explanation:



Slow Drain handles FCoE packets that are causing traffic congestion on ACI fabric. So, it is wrong.
Ingress control plane is wrong, because the request is for “application data flowing”.
L2 interface policy is concerned about QinQ and VLAN scope.

Question No : 5
What are two requirements for the IPN network when implementing a Multi-Pod ACI fabric? (Choose two.)

• A.EIGRP routing
• B.PIM ASM multicast routing
• C.BGP routing
• D.VLAN ID 4
• E.OSPF routing

Show Answers

Answer:

Question No : 6
Which two components are essential parts of a Cisco ACI Virtual Machine Manager (VMM)
domain policy configuration? (Choose two.)

• A.VMM domain profile
• B.EPG static port binding
• C.Layer 3 outside interface association
• D.IP address pool association
• E.EPG association

Show Answers

Answer:
Explanation:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_01011.html#concept_74EFC437C0AA44A391676F70ACE59DF3

Question No : 7
Refer to the exhibit.



How are the STP BPDUs forwarded over Cisco ACI fabric?

• A.Cisco ACI acts as the STP root for all three external switches.
• B.STP BPDUs that are generated by Switch2 are received by Switch1 and Switch3
• C.STP BPDUs that are generated by Switch1 are received only by Switch3.
• D.Cisco ACI fabric drops all STP BPDUs that are generated by the external switches.

Show Answers

Answer:

Question No : 8
Refer to the exhibit.



An engineer must allow IP mobility between Site1 and Site2 in a Cisco ACI Multi-Site orchestrator. The design must meet these requirements:
A disaster recovery (DR) solution must exist between the sites that do not require vMotion support.
The application must be started at a DR site without having to re-IP the application servers.
The solution must avoid any broadcast storms between the sites.
Which two actions meet these criteria? (Choose two.)

• A.Define a unique bridge domain subnet per site.
• B.Configure STP between Cisco ACI fabrics.
• C.Deploy a local EPG for Site1 and Site2.
• D.Disable Inter-site BUM Traffic.
• E.Apply the L2 Stretch feature.

Show Answers

Answer:

Question No : 9
A customer implements RBAC on a Cisco APIC using a Windows RADIUS server that is configured with network control policies.
The APIC is as follows:
✑ Tenant = TenantX
✑ Security Domain = Tenantx-SD ✑ User = X
The customer requires User X to have access to TenantX only, without any extra privilege in the Cisco ACI fabric domain.
Which Cisco AV pair must be implemented on the RADIUS server to meet these requirement?

• A.shell:domains = TenantX-SD/fabric-admin/,common//read-all
• B.shell:domains = TenantX-SD/tenant-admin
• C.shell:domains = TenantX-SD/tenant-ext-admin/,common//read-all
• D.shell:domains = TenantX-SD/tenant-admin/,common//read-all

Show Answers

Answer:
Explanation:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/2-x/Security_config/b_Cisco_APIC_Security_Guide/b_Cisco_APIC_Security_Guide_chapter_ 0100.html



Graphical user interface, text, application
Description automatically generated

Question No : 10
Which endpoint learning operation is completed on the egress leaf switch when traffic is received from an L3Out?

• A.The source MAC and IP address of the traffic is learned as a local endpoint.
• B.The source MAC address of the traffic is learned as a remote endpoint.
• C.No source MAC or IP address of the traffic is learned as a remote endpoint.
• D.The source IP address of the traffic is learned as a remote endpoint.

Show Answers

Answer:
Explanation:
Reference: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric- infrastructure/white-paper-c11-739989.html