Cisco Application Centric Infrastructure for System Engineers v6.4

Page:    1 / 4   
Exam contains 58 questions

Which three authentication protocols can be configured in the Cisco Application Policy
Infrastructure Controller? (Choose three.)

  • A. CHAP
  • B. EAP
  • C. TACACS+
  • E. Kerberos
  • G. LDAP

Answer : C,D,G

Reference: virtualization/unified-fabric/white-paper-c11-730021.html (System Access: Authentication,
Authorization, and RBAC)
The Cisco APIC supports both local and external authentication and authorization
(TACACS+, RADIUS, Lightweight Directory Access Protocol [LDAP]) as well as role-based administrative control (RBAC) to control read and write access for all managed objects and to enforce Cisco ACI administrative and per-tenant administrative separation. The Cisco
APIC also supports domain-based access control, which enforces where (under which subtrees) a user has access permissions.

What is accomplished when you install a bounce entry in a leaf?

  • A. Eliminate loops
  • B. Forward GARP packets
  • C. Redirect traffic to old VTEP destination
  • D. Redirect traffic to new VTEP destination

Answer : D

Explanation: Under a normal migration, when a VM moves due to vMotion onto a leaf that does not have those EPGs and VLANs programmed, the will be deployed immediately. vCenter/ESXI host will send a GARP to ACI, the old leaf will bounce traffic to the new location of the endpoint and traffic/learning will occur. The bounce entry will stick around for a bit (about 5 minutes) and then be removed. The EPGs, VLANs, and Default Gateway will be deployed as soon as the move is detected and there will be little to no downtime (i usually see 0-1 ping loss, most of the time just increased latency) network-aci-world

In which two ways can the Cisco Application Policy Infrastructure Controller push policies to the leaf nodes? (Choose two.)

  • A. On demand (lazy)
  • B. Immediate
  • C. Static
  • D. Programmed
  • E. Scheduled

Answer : A,B

Reference: virtualization/application-centric-infrastructure/white-paper-c11-731961.html
When a virtual endpoint is discovered, the policy is pushed and programmed to the leaf nodes based on resolution immediacy and instrumentation immediacy, respectively. In both cases, there is an immediate and on-demand (default) option that is defined when the VMM is associated on Cisco APIC. The on-demand option conserves resources and uses the reserved space in the policy content-addressable memory (CAM) when needed.

Resolution Immediacy -
The first option to push a policy is immediately. All policies (VLAN, NVGRE, and VXLAN), bindings, contracts, and filters are pushed to the leaf node when the hypervisor physical
NIC (pfJIC) is attached. With the on-demand option, policies are pushed to the leaf node when the pPJIC and vNIC are attached to the port group (EPG).

Deployment Immediacy -
Deployment immediacy defines when the policy is programmed in hardware. If the immediate option is chosen, the policies are programmed in the policy CAM after they are received by Cisco APIC. The on-demand option programs policies in the hardware policy
CAM only when reachability is learned through the data path.

A shard is a unit of data. How many copies does each Cisco APIC shard have including the active shard?

  • A. 5
  • B. 4
  • C. 3
  • D. 1
  • E. 2

Answer : B

Reference: virtualization/unified-fabric/white-paper-c11-730021.html (effect of replication on reliablity)

Which attribute that is associated to the end point identity does the Cisco ACI fabric use
VxLAN to remove?

  • A. Latency
  • B. Operating system
  • C. Scale
  • D. Location
  • E. Payload
  • F. Address

Answer : D

Which three encapsulations are normalized by the Cisco ACI fabric? (Choose three.)

  • A. HTTP
  • B. MPLS
  • C. VLAN
  • D. NVGRE
  • E. VxLAN
  • F. GRE
  • G. STT
  • H. IPsec

Answer : C,D,E

Reference: fundamentals/b_ACI-

CA40C48564D5BB19640602 -

Which two functions are provided by the Cisco Application Policy Infrastructure Controller?
(Choose two.)

  • A. Telemetry data for fabric operations
  • B. Policy repository
  • C. Distributed management plane
  • D. Control plane forwarding
  • E. Data plane forwarding

Answer : A,B

Reference: virtualization/unified-fabric/white-paper-c11-730021.html

Which three encapsulations types are normalized by the Cisco Application Centric
Infrastructure leaf? (Choose three.)

  • A. STT
  • B. VLAN
  • C. VxLAN
  • D. MPLS
  • E. NVGRE
  • F. VRF
  • G. OTV

Answer : B,C,E

Reference: fundamentals/b_ACI-

CA40C48564D5BB19640602 -

In the Cisco ACI fabric, which device enforces the policy?

  • A. VM NIC
  • B. Hypervisor switch
  • C. Spine proxy
  • D. Cisco APIC
  • E. Ingress leaf
  • F. Egress leaf

Answer : F

Reference: virtualization/application-centric-infrastructure/white-paper-c11-731310.html (cisco APIC policy enforcement, see the paragraph below Figure 11)

In the three-node Cisco Application Policy Infrastructure Controller cluster, how much data is lost when two APICs fail?

  • A. 0.66
  • B. 0.1
  • C. 0
  • D. 0.25
  • E. 0.33
  • F. 0.99

Answer : C

Where is a packet forwarded if the global station table on an ingress leaf does not contain an entry for destination IP address?

  • A. The packet is dropped.
  • B. Address contained within the ARP packet
  • C. Spine proxy VTEP
  • D. Leaf VTEP
  • E. Border leaf VTEP
  • F. Leaf vPC VTEP
  • G. Multicast group VTEP

Answer : C

What are the port capabilities of the Cisco Nexus 9564PX line card?

  • A. 36 40G QSFP + ports
  • B. 48 1/10G-T ports and 4 QSFP+ ports
  • C. 96 1/10G-T ports and 8 QSFP+ ports
  • D. 48 1/10G SFP+ ports and 4 QSFP+ ports
  • E. 96 1/1 OG SFP+ ports and 8 QSFP+ ports

Answer : D

Reference: module/3328938.aspx#TS (See technical specification tab)

Which tagging mechanism is used inside the Cisco ACI fabric?

  • A. NVGRE
  • B. MPLE
  • C. VxLAN
  • D. Dot1Q
  • E. STT

Answer : C

Reference: programmability/ (see the para below the figure)
The ACI fabric supports more than 64,000 dedicated tenant networks. A single fabric can support more than one million IPv4/IPv6 endpoints, more than 64,000 tenants, and more than 200,000 10G ports. The ACI fabric enables any service (physical or virtual) anywhere with no need for additional software or hardware gateways to connect between the physical and virtual services and normalizes encapsulations for Virtual Extensible Local Area
Network (VXLAN) / VLAN / Network Virtualization using Generic Routing Encapsulation
rhe ACI fabric decouples the endpoint identity and associated policy from the underlying forwarding graph. It provides a distributed Layer 3 gateway that ensures optimal Layer 3 and Layer 2 forwarding. The fabric supports standard bridging and routing semantics without standard location constraints (any IP address anywhere), and removes flooding requirements for the IP control plane Address Resolution Protocol (ARP) / Generic Attribute
Registration Protocol (GARP). All traffic within the fabric is encapsulated within VXLAN.

The forwarding table on the leaf switch is divided between local and global entries. What is contained in the local station table?

  • A. All hosts attached to the fabric
  • B. Outside routes
  • C. Directly attached endpoints
  • D. Local cache of fabric endpoints (not directly attached)
  • E. Default router to the spine proxy

Answer : C

Reference: (slide

Which two statements about connecting the Cisco ACI fabric to an outside Layer 3 network are true? (Choose two.)

  • A. Inside networks are associated with the external routes for each tenant.
  • B. Inside networks are associated with tenants and bridge domains.
  • C. Outside networks are associated with tenants and bridge domains.
  • D. Outside networks are associated with the external routes for each tenant.

Answer : A,C

Explanation: Reference: virtualization/application-centric-infrastructure/white-paper-c07-732033.html

Page:    1 / 4   
Exam contains 58 questions

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

Certlibrary doesn't offer Real Microsoft Exam Questions.
Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.