300-620 Exam Questions Get Updated [2023] with Correct Answers [Q12-Q35]

300-620 Exam Questions Get Updated [2023] with Correct Answers

Practice 300-620 Questions With Certification guide Q&A from Training Expert ValidTorrent

Vital Exam Domains: A Detailed Overview

In order to deliver result–oriented learning, the content of 300-620 test assesses the candidates’ knowledge with the help of six domains. They fabricate the entire exam structure and include minute concepts that are also disclosed below.

• ACI Management

  The second last domain talks about the detailed understanding of out-of-band along with in-band deployment. Besides, it assesses that test-takers’ abilities in utilizing syslog, snmp services, handling configuration back-up, performing AAA & RBAC implementation, and setting up an upgrade.

• Integration

  Under this exam domain, the applicants will have a chance to demonstrate their knowledge of viable ways to deploy VMware vCenter DVS setup along with a service graph. This section also validates the understanding of resolution immediacy in VMM.

• ACI Packet Forwarding

  This section checks the applicants’ knowledge of endpoint learning and skills in the implementation of the bridge domain configuration. This includes the concepts such as Layer 2 unknown hardware proxy, unicast routing, and ARP flooding.

Prerequisites

Thus, the Cisco 300-620 exam is intended for network and security practitioners, including network engineers, network designers, and systems engineers. This professional-level certification test authenticates one’s skills in working with data center solutions and allows them to keep up the pace with the ever-changing trends using advanced data center technologies as well as implement them in their daily tasks. Before sitting for this exam, you should deal with the core test and also prepare for the content that will be covered in it.

The whole path covers the details of core technologies and proves your ability to use best practices in designing, troubleshooting, and implementing the infrastructure of a modern data center, configuration of series switches, or usage of the automation for data center solutions. Therefore, you need to be ready for these topics.

How to Prepare for Implementing Cisco Application Centric Infrastructure (300-620 DCACI)

Preparation Guide for Implementing Cisco Application Centric Infrastructure (300-620 DCACI)

Introduction for Implementing Cisco Application Centric Infrastructure (300-620 DCACI)

The Implementing Cisco Application Centric Infrastructure v1.0 (DCACI 300-620) exam is a 90-minute exam that is associated with the CCNP Data Center Certification and Cisco Certified Specialist - Data Center ACI Implementation certifications. This exam tests a candidate's knowledge of Cisco switches in ACI mode including configuration, implementation, and management. You will learn the essential skills, concepts, and technologies to be a contributing member of a cybersecurity operations center (SOC) including understanding the IT infrastructure, operations, and vulnerabilities.

Cisco ACI delivers an intent-based networking framework to enable agility in the data center. It captures higher-level business and user intent in the form of a policy and translates this intent into the network constructs necessary to dynamically provision the network, security, and infrastructure services. It uses a holistic systems-based approach, with tight integration between hardware and software and physical and virtual elements, an open ecosystem model, and innovative Cisco customer Application-Specific Integrated Circuits (ASICs) to enable unique business value for modern data centers. This unique approach uses a common policy-based operating model across the network, drastically reducing the cost and complexity of operating your network.

Before taking this exam, you should have the following knowledge and skills:

• ACI Management
• ACI Packet Forwarding
• Integrations
• ACI Fabric Infrastructure

The following candidates can enroll for this exam:

• Network Engineers
• Cisco Integrators/Partners
• Data Center Engineers
• Server Administrators
• Network Administrators
• Systems Engineers
• Network Designers
• Field Engineers
• Cisco integrators and partners

 

NEW QUESTION 12
A Solutions Architect is asked to design two data centers based on Cisco ACI technology that can extend L2/ L3, VXLAN, and network policy across locations. ACI Multi-Pod has been selected. Which two requirements must be considered in this design? (Choose two.)

• A. ACI underlay protocols, i.e. COOP, IS-IS and MP-BGP, spans across pods. Create QoS policies to make sure those protocols have higher priority.
• B. Multi-Pod requires multiple APIC Controller Clusters, one per pod. Make sure those clusters can communicate to each other through a highly available connection.
• C. ACI Multi-Pod requires an IP Network supporting PIM-Bidir.
• D. ACI Multi-Pod does not support Firewall Clusters across Pods. Firewall Clusters should always be local.
• E. A single APIC Cluster is required in a Multi-Pod design. It is important to place the APIC Controllers in different locations in order to maximize redundancy and reliability.

Answer: A,B

 

NEW QUESTION 13
The existing network and ACI fabric have been connected to support workload migration. Servers will physically terminate at the Cisco ACI, but their gateway must stay in the existing network. The solution needs to adhere to Cisco's best practices. The engineer started configuring the relevant Bridge Domain and needs to complete the configuration. Which group of settings are required to meet these requirements?

• A. L2 Unknown Unicast: Flood
  L3 Unknown Multicast Flooding: Optimize Flood
  Multi Destination Flooding: Flood in BD
  ARP Flooding: Disable
• B. L2 Unknown Unicast: Flood
  L3 Unknown Multicast Flooding: Flood
  Multi Destination Flooding: Flood in BD
  ARP Flooding: Enable
• C. L2 Unknown Unicast: Hardware Proxy
  L3 Unknown Multicast Flooding: Optimize Flood
  Multi Destination Flooding: Flood in BD
  ARP Flooding: Disable
• D. L2 Unknown Unicast: Hardware Proxy
  L3 Unknown Multicast Flooding: Flood
  Multi Destination Flooding: Flood in BD
  ARP Flooding: Enable

Answer: B

Explanation:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/migration_guides/migrating_existing_networks_to_aci.html

 

NEW QUESTION 14
A data center administrator is upgrading an ACI fabric. There are 3 APIC controllers in the fabric and all the servers are dual-homed to pairs of leaf switches configured in VPC mode. How should the fabric be upgraded to minimize possible traffic impact during the upgrade?

• A. Option C
• B. Option A
• C. Option B
• D. Option D

Answer: B

 

NEW QUESTION 15
A network administrator configures AAA inside the Cisco ACI fabric. The authentication goes through the local users if the TACACS+ server is not reachable. If the Cisco APIC is out of the cluster, the access must be granted through the fallback domain. Which configuration set meets these requirements?

• A. Ping Check: False
  Default Authentication Realm: TACACS+
  Fallback Check: True
• B. Ping Check: True
  Default Authentication Realm: TACACS+
  Fallback Check: False
• C. Ping Check: True
  Default Authentication Realm: Local
  Fallback Check: True
• D. Ping Check: False
  Default Authentication Realm: Local
  Fallback Check: False

Answer: A

 

NEW QUESTION 16
Which tenant is used when configuring in-band management IP addresses for Cisco APICs, leaf nodes, and spine nodes?

• A. mgmt
• B. common
• C. infra
• D. default

Answer: C

 

NEW QUESTION 17
Refer to the exhibit.

Which Adjacency Type value should be set when the client endpoint and the service node interface are in a different subnet?

• A. L3Out
• B. Routed
• C. L3
• D. Unicast

Answer: B

 

NEW QUESTION 18
Drag and drop the Cisco ACI filter entry options from the left onto the correct categories on the right indicating what are required or optional parameters.

Answer:

Explanation:

Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/Operating_ACI/guide/ b_Cisco_Operating_ACI/b_Cisco_Operating_ACI_chapter_01000.html

 

NEW QUESTION 19
An engineer is implementing a Cisco ACI data center network that includes Cisco Nexus 2000 Series 10G fabric extenders. Which physical topology is supported?

• A.
• B.
• C.
• D.

Answer: A

 

NEW QUESTION 20
An engineer is implementing a connection that represents an external bridged network. Which two configurations are used? (Choose two.)

• A. Layer 2 remote fabric
• B. VXLAN outside
• C. Static path binding
• D. Layers 2 internal
• E. Layer 2 outside

Answer: A,E

 

NEW QUESTION 21
Which new construct must a user create when configuring in-band management?

• A. VLAN pool
• B. bridge domain
• C. management contract
• D. management tenant

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/ b_KB_Configuring_Static_Management_Access.html

 

NEW QUESTION 22
In the context of VMM, which protocol between ACI leaf and compute hosts ensures that the policies are pushed to the leaf switches for immediate and on demand resolution immediacy?

• A. VXLAN
• B. LLDP
• C. ISIS
• D. STP

Answer: A

Explanation:
Section: Integrations
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/ACI_Best_Practices/ b_ACI_Best_Practices/b_ACI_Best_Practices_chapter_0101.html

 

NEW QUESTION 23
Refer to the exhibit.

Which two objects are created as a result of the configuration? (Choose two.)

• A. attachable AEP
• B. VRF
• C. application profile
• D. bridge domain
• E. endpoint group

Answer: B,D

 

NEW QUESTION 24
Refer to the exhibit. The external subnet and internal EPG1 must communicate with each other, and the L3Out traffic must leak into the VRF named "VF1". Which configuration set accomplishes these goals?

• A. External Subnets for External EPG
  Shared Route Control Subnet
  Shared Security Import Subnet
• B. External Subnets for External EPG
  Import Route Control Subnet
  Shared Route Control Subnet
• C. Export Route Control Subnet
  Shared Security Import Subnet
  Aggregate Shared Routes
• D. Export Route Control Subnet
  Import Route Control Subnet
  Aggregate Shared Routes

Answer: B

 

NEW QUESTION 25
An engineer must limit management access to me Cisco ACI fabric that originates from a single subnet where the NOC operates. Access should be limited to SSH and HTTPS only. Where should the policy be configured on the Cisco APIC to meet the requirements?

• A. policy In the management tenant
• B. policy on the management VLAN
• C. ACL on the console interface
  https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/Operating_ACI/guide/b_Cisco_Operating_ACI/b_Cisco_Operating_ACI_chapter_0111.html
  
• D. ACL on the management interface of the APIC

Answer: A

 

NEW QUESTION 26
A data center administrator is upgrading an ACI fabric. There are 3 APIC controllers in the fabric and all the servers are dual-homed to pairs of leaf switches configured in VPC mode. How should the fabric be upgraded to minimize possible traffic impact during the upgrade?

• A. 1. Create two maintenance groups for the leaf switches: VPC left and VPC right.
  2. Upgrade the first group of switches.
  3. Upgrade the second group of switches.
  4. Upgrade the APIC controllers.
• B. 1. Create two maintenance groups for the APIC controllers: VPC left and VPC right.
  2. Upgrade the first group of controllers.
  3. Upgrade the second group of controllers.
  4. Upgrade the leaf switches.
• C. 1. Create two maintenance groups for APIC controllers: VPC left and VPC right.
  2. Upgrade the leaf switches.
  3. Upgrade the first group of controllers.
  4. Upgrade the second group of controllers.
• D. 1. Create two maintenance groups for the leaf switches: VPC left and VPC right.
  2. Upgrade the APIC controllers.
  3. Upgrade the first group of leaf switches.
  4. Upgrade the second group of leaf switches.

Answer: A

 

NEW QUESTION 27
Refer to the exhibit.

A Cisco ACI fabric is newly deployed, and the security team requires more visibility of all inter-EPG traffic flows. All traffic in a VRF must be forwarded to an existing firewall pair. During fallover, the standby firewall must continue to use the same IP and MAC as the primary firewall. Drag and drop the steps from the left Into the Implementation order on the right to configure the service graph that meets the requirements. (Not all steps are used.)

Answer:

Explanation:

Explanation
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/L4-L7_Services_Deployment/guide/b
* Create a service bridge domain and a layer 4 to layer 7 device within one cluster interface.

 

NEW QUESTION 28
What do Pods use to allow Pod-to-Pod communication in a Cisco ACI Multi-Pod environment?

• A. over Layer 3 IPN connectivity via border leafs
• B. over Layer 3 directly connected back-to-back spines
• C. over Layer 3 Out connectivity via border leafs
• D. over Layer 3 IPN connectivity via spines

Answer: D

Explanation:
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-737855.html

 

NEW QUESTION 29
A data center administrator is upgrading an ACI fabric. There are 3 APIC controllers in the fabric and all the servers are dual-homed to pairs of leaf switches configured in VPC mode. How should the fabric be upgraded to minimize possible traffic impact during the upgrade?

• A. Option C
• B. Option A
• C. Option B
• D. Option D

Answer: B

 

NEW QUESTION 30
An engineer is configuring a VRF for a tenant named Cisco. Drag and drop the child objects on the left onto the correct containers on the right for this configuration.

Answer:

Explanation:

 

NEW QUESTION 31
An engineer must allow multiple external networks to communicate with internal ACI subnets. Which action should the engineer take to assign the prefix to the class ID of the external Endpoint Group?

• A. Enable the Export Route Control Subnet for the External Endpoint Group flag.
• B. Enable an L30ut with Shared Route Control Subnet.
• C. Configure subnets with the External Subnets for External EPG flag enabled.
• D. Configure subnets with the Import Route Control Subnet flag enabled.

Answer: C

Explanation:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/ACI_Best_Practices/b_ACI_Best_Practices/b_ACI_Best_Practices_chapter_01001.html

 

NEW QUESTION 32
On which two interface types should a user configure storm control to protect against broadcast traffic? (Choose two.)

• A. endpoint-facing trunk interface
• B. port channel on a single leaf switch
• C. all interfaces on the leaf switches in the fabric
• D. APIC facing interfaces
• E. fabric uplink interfaces on the leaf switches

Answer: A,B

 

NEW QUESTION 33
Refer to the exhibit.

Refer to the exhibit, An engineer is deploying a Cisco ACI environment but experiences a STP loop between switch1 and switch2. Which configuration step is needed to break the STP loop?

• A. Enable BPDU filter under the STP interface policy on the Interfaces lacing the MST switches.
• B. Configure the STP instance to VLAN mapping under the switch STP policy.
• C. Configure a Layer 2 external bridged network on the interfaces facing the MST switches.
• D. Enable the native VLAN on the interfaces facing the MST switches using static pons in a dedicated EPG.

Answer: D

 

NEW QUESTION 34
An engineer must configure RADIUS authentication with Cisco ACI for remote authentication with out-of-band management access. Drag and drop the RADIUS configuration steps from the left into the required implementation order on the right. Not all steps are used.

Answer:

Explanation:

 

NEW QUESTION 35
......

Prepare Top Cisco 300-620 Exam Audio Study Guide Practice Questions Edition: https://passguide.validtorrent.com/300-620-valid-exam-torrent.html