Title: 350-601 VOL3 Question
1- 350-601 Implementing and Operating Cisco Data
Center Core Technologies (DCCOR) VOL3 - QUESTION NO 1
- Which multicasting method uses to advertise group
memberships through a routing domain by
constructing multicast distribution trees? - Multicast Listener Discovery
- Protocol Independent Multicast
- Source-Specific Multicast
- Any-Source Multicast
- Answer D Explanation
- PIM is used between multicast-capable routers and
advertises group membership across a routing
domain by constructing multicast distribution
trees. PIM builds shared distribution trees on
which packets from multiple sources are forwarded
and source distribution trees on which packets
from a single source are forwarded.
- QUESTION NO 2
- Which Layer 2/Layer 3 protocols increase their
hello timers to maintain adjacency during the In-
Service Software Upgrade (ISSU) process? (Choose
two). - Enhanced Interior Gateway Routing Protocol
(EIGRP) - Border Gateway Protocol (BGP)
- Intermediate System-to-Intermediate System
(IS-IS) - Unidirectional Link Detection (ULD)
- Bidirectional Forwarding Detection (BFD)
- Answer D, E Explanation
- When you perform an ISSU process, some Layer 2
and 3 protocols will extend their values to
accommodate the upgrade. For example,
Unidirectional Link Detection (UDLD) and
Bidirectional Forwarding Detection (BFD) will
increase their hello timers to maintain adjacency
during the ISSU process.
QUESTION NO 3 In which of the following
scenarios Turn on Locator LED action is
unavailable during the renumbering of the Cisco
UCS Chassis using Cisco UCS Manager?
2- When the LED on the chassis starts flashing
- When the Locator LED is turned on already
- When the Locator LED has turned, Amber
- When the Locator LED stops flashing
- Answer B
- Reference https//www.cisco.com/c/en/us/td/docs/u
nified_computing/ucs/ucs-manager/GUI-
User-Guides/Infrastructure-Mgmt/3-
2/b_UCSM_GUI_Infrastructure_Management_Guide_3_2/b
_UCSM_GUI_Infrastructure_Manag
ement_Guide_3_2_chapter_0100.htmltask_7CE3D4DF1CE
F42A2A7BE144FEDF8DAB5
- QUESTION NO 4
- Which configuration files can be imported during
the backup operation procedure in Cisco UCS
Manager? (Choose two). - Full-state backup file
- System backup file
- System configuration
- Logical configuration
- FSM configuration
- Answer C, D Explanation
- Enable the Import Operation
- You cannot import a full-state backup file. You
can import any of the following configuration
files - All Configuration
- System Configuration
- Logical Configuration
- QUESTION NO 5
- What best practices to consider when managing
images to upgrade endpoints in a Cisco UCS
domain? (Choose two). - Images are kept in /bootflash partition in the
Fabric Interconnect - If the /bootflash partition exceeds 70 and 90
capacity, faults are raised - If the /bootflash partition exceeds 97 capacity,
faults are raised - Image packages do not have versions
- Image packages have bifurcated versions
3- F. Cisco publishes image packages only
- Answer B, D Explanation
- The upgrade order for the endpoints in a Cisco
UCS domain depends on the upgrade path. Cisco
maintains a set of best practices for managing
firmware images and updates. - Here are some best practices to consider when you
manage images - Before you perform firmware updates, use the UCS
Manager image management - interfaces to download relevant images to the
fabric interconnect. - The Cisco UCS Manager maintains an inventory of
available firmware images. - Images are stored in the /bootflash partition in
the fabric interconnect. - The /bootflash partition is dedicated solely to
firmware images managed by the UCS - Manager.
- Each fabric interconnect ships preloaded with one
firmware package. - Faults are raised when the /bootflash partition
exceeds 70 percent and 90 percent - capacity.
- Each image represents an individual firmware
package specific to one hardware - componentfor example, I/O module image, BMC
image, and UCS Manager image. - Multiple images are bundled together to form an
image package. - An image package is meant only for ease of
distribution and download. - Unlike an individual image, image packages do not
have versions. - Cisco publishes both individual images and image
packages.
- QUESTION NO 6
- In which circumstances Cisco NX-OS exports a flow
as part of a NetFlow export UDP datagram? - When you force a flow to export
- When the flow is exported without timeout value
- When the flow is exported as per the flow timeout
value that defaults to 20 seconds - When a flow is created by Netflow export
- Answer A Explanation
- Cisco NX-OS exports a flow as part of a NetFlow
export UDP datagram under the following
Circumstances - Flows are exported periodically per the flow
timeout value, which defaults to - ten seconds if not configured.
- You have forced the flow to export.
4- QUESTION NO 7
- Using OSPFv3, what happens if the receiving MTU
is higher than the IP MTU configured on the
incoming interface? - OSPF fails to establish adjacencies
- OSPF establish adjacencies
- OSPF drops the packet as defragment disabled.
- The dead interval will be set to 100 seconds
- Answer A Explanation
- Use the IP OSPF MTU-ignore command for OSPFv2 or
ipv6 OSPF MTU-ignore command for OSPFv3 to
disable MTU mismatch detection on an interface.
By default, OSPF checks whether neighbors use
the same MTU on a common interface. If the
receiving MTU is higher than the IP MTU
configured on the incoming interface, OSPF does
not establish adjacencies.
- QUESTION NO 8
- Which of the following is a configuration
limitation of BFD features? - NX-OS supports BFD version 2 only
- HSRP for IPv6 is supported with BFD
- BFD supports multi-hop iBGP only
- NX-OS supports IPv4 only
- Answer D Reference
- https//images10.newegg.com/UploadFilesForNewegg/i
temintelligence/Cisco/multicast_cli140
2017439965.pdf
- QUESTION NO 9
- You are a network administrator at a local data
center. You are configuring vPC system priority
on LACP to ensure that vPC peer devices are the
primary ones on LACP. Which command is used to
configure vPC priorities on LACP? - Role priority priority
- System-priority priority
- Peer-gateway priority
- System-numbers Priority
5Answer B Reference You should manually configure
the vPC system priority when running LACP to
ensure that the vPC peer devices are the primary
devices on LACP. When you manually configure the
system priority, ensure that you configure the
same priority value on both vPC peer devices. If
these values do not match, vPC will not come up.
- QUESTION NO 10
- As a network administrator, you are configuring
ACI fabric load balancing. You want to use a load
balancing option for a network where each flow
is assigned to an uplink based on a hash of 5-
tuple. The option must provide flow distribution
across available links that are roughly even.
Which load balancing option should be used? - Dynamic load balancing
- Dynamic hash load balancing
- Static hash load balancing
- Static redistribution load balancing
- Answer C Explanation
- The ACI fabric provides several load-balancing
options for balancing the traffic among the
available uplink. Static hash load balancing is
the traditional load-balancing mechanism used in
networks where each flow is allocated to an
uplink based on a hash of its 5-tuple. This load
balancing gives a roughly even distribution of
flows across the available links. Usually, with a
large number of flows, the even distribution of
flows results in an even bandwidth distribution.
However, if a few flows are much larger than the
rest, static load balancing might give suboptimal
results. - Reference https//www.cisco.com/c/en/us/td/docs/s
witches/datacenter/aci/apic/sw/1-x/aci-
fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals
_chapter_010010.html
- QUESTION NO 11
- Which FHRP protocol performs a transparent
failover of the first hop gateway router while
providing first hop routing redundancy for IP
hosts with a gateway or default route on Ethernet
networks? - BGP routing protocol
- Virtual router redundancy protocol
- Gateway load balancing protocol
- Hot Standby router protocol
6Answer D Explanation Hot Standby Router
Protocol (HSRP) is a First Hop Redundancy
Protocol (FHRP) that allows a transparent
failover of the first hop gateway router. HSRP
provides first-hop routing redundancy for IP
hosts on Ethernet networks configured with a
gateway or default route. You can use HSRP in a
group of routers for selecting an active router
and a standby router.
- QUESTION NO 12
- In OSPFv3, Which LSA feature can control and
reduce high CPU and buffer usage and allows OSPF
to pack multiple LSAs into an OSPF update
message? - Network Summary LSA
- Router LSA
- LSA group pacing
- LSA MaxAge pacing
- Answer C Explanation
- You can use the LSA group pacing feature to
control the flooding rate of LSA updates in your
network. LSA group pacing can reduce high CPU or
buffer usage. This feature groups LSAs with
similar link-state refresh times to allow OSPF to
pack multiple LSAs into an OSPF update message.
- QUESTION NO 13
- On a Cisco Nexus switch, the TACACS feature is
disabled is disabled by default. Which of the
following commands must be used to enable this
feature? - Switch feature aaa
- Switch feature tacacs
- Switch(config) feature aaa
- Switch(config) feature tacacs
- Switch(config-aaa) feature aaa
- Switch(config-aaa) feature tacacs
- Answer D
QUESTION NO 14
7- Which of the following security models do Network
File Systems (NFS) utilize? - Zero Trust
- Kerberos
- RBAC
- Mandatory
- Discretionary
- Answer B
- QUESTION NO 15
- Which of the following are true regarding the
scalability of VLANs and VXLANs? (Select all that
apply). - VLANs support approximately 16 million unique
Layer 2 segments. - VLANs support approximately 4000 unique Layer 2
segments. - VXLANs support approximately 16 million unique
Layer 2 segments. - VXLANs support approximately 4000 million unique
Layer 2 segments. - VLANs support approximately 16000 when using QinQ
encapsulation - VXLANs support approximately 16000 when using
QinQ encapsulation - Answer B, C, E
- QUESTION NO 16
- When configuring a Control Plane Policing policy
on a Cisco device, which of the following can be
configured as the matching packet types? (Select
three) - Source IP address
- Destination IP address
- IP Precedence
- DSCP values
- MAC address
- Access-group
- Answer C, D, F
- Reference https//www.cisco.com/c/dam/en/us/td/do
cs/switches/lan/catalyst6500/ios/15-
4SY/cisco-copp-feature-guide.pdf page 6
QUESTION NO 17
8- Which of the following network automation tools
uses a push model and does not require an agent
to be installed on the end node? - Ansible
- Puppet
- Chef
- Saltstack
- Answer A
- Reference https//ipcisco.com/lesson/ansible-vs-p
uppet-vs-chef/
- QUESTION NO 18
- Which of the following can be found in the
/mnt/pss/ directory of a Cisco MDS 9000 series
switch? - Running configuration
- Software system images
- Core dump files
- Kickstart images
- Answer C
- QUESTION NO 19
- You want to make your Cisco MDS 9000 Series
switch Federal Information Processing Standards
(FIPS) compliant by using the fips mode enable
command. Which of the following guidelines need
to be followed prior to doing this? (Select
three) - Configure complex passwords using a minimum of 16
characters. - Disable telnet
- Disable SNMP versions 1 and 2.
- Enable VRRP
- Disable RADIUS and TACACS
- Answer B, C, E Reference
- https//www.cisco.com/c/en/us/td/docs/switches/dat
acenter/mds9000/sw/8_x/config/securit
y/cisco_mds9000_security_config_guide_8x/configuri
ng_fips.html
QUESTION NO 20
9Refer to the following XML code ltpolUnigt ltfvTenan
t name"test1"gt ltvzFilter name"Http"gt ltvzEntry
name"e1" etherT"ipv4" prot"tcp"
dFromPort"80" dToPort"80"/gt lt/vzFiltergt ltvzFilt
er name"Https"gt ltvzEntry name"e1" etherT"ipv4"
prot"tcp" dFromPort"443" dToPort"443"/gt lt/vz
Filtergt ltvzBrCP name"webCtrct"gt ltvzSubj
name"http" revFltPorts"true" provmatchT"All"gt lt
vzRsSubjFiltAtt tnVzFilterName"Http"/gt ltvzRsSubjG
raphAtt graphName"G1" termNodeName"TProv"/gt ltvzP
rovSubjLbl name"openProv"/gt ltvzConsSubjLbl
name"openCons"/gt lt/vzSubjgt ltvzSubj name"https"
revFltPorts"true" provmatchT"All"gt ltvzProvSubjLb
l name"secureProv"/gt ltvzConsSubjLbl
name"secureCons"/gt lt vzRsSubjFiltAtt
tnVzFilterName"Https"/gt ltvzRsOutTermGraphAtt
graphName"G2" termNodeName"TProv"/gt lt/vzSubjgt lt/
vzBrCPgt ltfvCtx name"testctx1"/gt ltfvBD
name"testBD1"gt ltfvRsCtx tnFvCtxName"testctx1"
/gt ltfvSubnet ip"11.22.22.20/24"gt ltfvRsBDSubnetToP
rofile
10tnL3extOutName"rout1" tnRtctrlProfileName"profEx
port"/gt lt/fvSubnetgt ltfvSubnet ip"11.22.22.211/24"
gt ltfvRsBDSubnetToProfile tnL3extOutName"rout1"
tnRtctrlProfileName"profExport"/gt lt/fvSubnetgt lt/f
vBDgt ltfvAp name"sap"gt ltfvAEPg
name"web1"gt ltfvRsBd tnFvBDName"testBD1"
/gt ltfvRsDomAtt tDn"uni/vmmp-VMware/dom-mininet"
/gt ltfvRsProv tnVzBrCPName"webCtrct"
matchT"All"gt ltvzProvSubjLbl name"openProv"/gt ltvz
ProvSubjLbl name"secureProv"/gt ltvzProvLbl
name"green"/gt lt/fvRsProvgt lt/fvAEPggt ltfvAEPg
name"web2"gt ltfvRsBd tnFvBDName"testBD1"
/gt ltfvRsDomAtt tDn"uni/vmmp-VMware/dom-mininet"
/gt ltfvRsProv tnVzBrCPName"webCtrct"
matchT"All"gt ltvzProvSubjLbl name"secureProv"/gt lt
vzProvLbl name"red"/gt lt/fvRsProvgt lt/fvAEPggt ltfvAE
Pg name"app"gt ltfvRsBd tnFvBDName"testBD1"
/gt ltfvRsDomAtt tDn"uni/vmmp-VMware/dom-mininet"
/gt ltfvRsCons tnVzBrCPName"webCtrct"gt ltvzConsSubjL
bl name"openCons"/gt ltvzConsSubjLbl
name"secureCons"/gt ltvzConsLbl name"green"/gt lt/fv
RsConsgt
11- lt/fvAEPggt
- ltfvAEPg name"db"gt
- ltfvRsBd tnFvBDName"testBD1" /gt
- ltfvRsDomAtt tDn"uni/vmmp-VMware/dom-mininet" /gt
- ltfvRsCons tnVzBrCPName"webCtrct"gt
- ltvzConsSubjLbl name"secureCons"/gt
- ltvzConsLbl name"red"/gt
- lt/fvRsConsgt
- lt/fvAEPggt
- lt/fvApgt
- lt/fvTenantgt
- lt/polUnigt
- What is this an example of?
- ACI Tenant Policy
- ACI Security Policy
- VMM Domain Policy
- Fabric Policy
- Access Policy
- Answer A