NEW QUESTION 1
On a Cisco Nexus 7000 Series router, which statement about HSRP and VRRP is true?

• A. When VDCs are in use, only VRRP is supported.
• B. HSRP and VRRP both use the same multicast IP address with different port numbers.
• C. HSRP has shorter default hold and hello times.
• D. The VRRP group IP address can be the same as the router-specific IP addres

Answer: D

Explanation: VRRP allows for transparent failover at the first-hop IP router by configuring a group of routers to share a virtual IP address. VRRP selects a master router in that group to handle all packets for the virtual IP address. The remaining routers are in standby and take over if the master router fails. Reference:
http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nxos/unicast/configuration/guide/l3_cli_nxos/l3_vrrp.html

NEW QUESTION 2
Refer to the exhibit.

You must ensure that the vPC Domain 100 controls the LACP Po1001 link. Which feature do you configure?

• A. peer switch
• B. role priority
• C. system priority
• D. peer gateway

Answer: C

NEW QUESTION 3
DRAG DROP
Drag the security description on the left to the appropriate security feature on the right.

Answer:

Explanation: IP Source guard: IP Source Guard provides source IP address filtering on a Layer 2 port to prevent a malicious host from impersonating a legitimate host by assuming the legitimate host's IP address. The feature uses dynamic DHCP snooping and static IP source binding to match IP addresses to hosts on untrusted Layer 2 access ports.
Initially, all IP traffic on the protected port is blocked except for DHCP packets. After a client receives an IP address from the DHCP server, or after static IP source binding is configured by the administrator, all traffic with that IP source address is permitted from that client. Traffic from other hosts is denied. This filtering limits a host's ability to attack the network by claiming a neighbor host's IP address. IP Source Guard is a port-based feature that automatically creates an implicit port access control list (PACL).
CoPP: Control Plane Policing (CoPP) introduced the concept of early rate-limiting protocol specific traffic destined to the processor by applying QoS policies to the aggregate control-plane interface. Control Plane Protection extends this control plane functionality by providing three additional control-plane subinterfaces under the top-level (aggregate) control-plane interface. Each subinterface receives and processes a specific type of control-plane traffic.
Dynamic Arp Inspection: Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-in-the-middle attacks.
Dynamic ARP inspection ensures that only valid ARP requests and responses are relayed. The switch performs these activities:
• Intercepts all ARP requests and responses on untrusted ports
• Verifies that each of these intercepted packets has a valid IP-to-MAC address binding before updating the local ARP cache or before forwarding the packet to the appropriate destination
• Drops invalid ARP packets
Unicast RPF: The Unicast RPF feature reduces problems that are caused by the introduction of malformed or forged (spoofed) IP source addresses into a network by discarding IP packets that lack a verifiable IP source address. For example, a number of common types of Denial-of-Service (DoS) attacks, including Smurf and Tribal Flood Network (TFN) attacks, can take advantage of forged or rapidly changing source IP addresses to allow attackers to thwart efforts to locate or filter the attacks. Unicast RPF defilects attacks by forwarding only the packets that have source addresses that are valid
and consistent with the IP routing table.
When you enable Unicast RPF on an interface, the device examines all ingress packets received on that interface to ensure that the source address and source interface appear in the routing table and match the interface on which the packet was received. This examination of source addresses relies on the Forwarding Information Base (FIB).
Traffic Storm Control: A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. You can use the traffic storm control feature to prevent disruptions on Layer 2 ports by a broadcast, multicast, or unicast traffic storm on physical interfaces. Traffic storm control (also called traffic suppression) allows you to monitor the levels of the incoming broadcast, multicast, and unicast traffic over a 1-second interval. During this interval, the traffic level, which is a percentage of the total available bandwidth of the port, is compared with the traffic storm control level that you configured. When the ingress traffic reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the interval ends.

NEW QUESTION 4
You have two Fibre Channel switches that are connected via EISL. You discover that the fabrics are isolated. What are two possible causes of the fabric isolation? (Choose two.)

• A. mismatched SAN port channel group modes
• B. mismatched VSANs on either switch
• C. mismatched active zone set databases
• D. mismatched line card types
• E. mismatched switch series

Answer: BC

NEW QUESTION 5
Refer to the exhibit.

You configure two switches named NEXUS1 and NEXUS2. Which two results of implementing the configuration are true? (Choose two.)

• A. NEXUS1 is the spanning-tree root for VLAN 100.
• B. NEXUS1 is the spanning-tree root for VLAN 998.
• C. NEXUS2 is the spanning-tree root for VLAN 100.
• D. Both switches are the spanning-tree root for VLAN 998.
• E. Both switches are the spanning-tree root for VLAN 100.

Answer: BE

NEW QUESTION 6
Which command should you ran to distribute NTP configuration changes by using Cisco Fabric Services?

• A. ntp distribute
• B. ntp server 1.2.3.4
• C. ntp commit
• D. ntp authenticate

Answer: A

NEW QUESTION 7
What are two prerequisite to running the Smart Call Home feature on a Cisco nexus 6000 series switch? (Select two)

• A. The switch must have SMTP access to an email server
• B. The switch must have public management IP address
• C. The switch must have SMTP access to a Cisco.com email server
• D. The switch must have an active service contract
• E. The switch must be configured to use an email address from the @cisco.com

Answer: AD

Explanation: Prerequisites for Smart Call Home
You must have e-mail server connectivity.
You must have access to contact name (SNMP server contact), phone, and street address information.
You must have IP connectivity between the switch and the e-mail server.
You must have an active service contract for the device that you are configuring. https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/system_management/ 6x/b_6k_System_Mgmt_Config_6x/b_6k_System_Mgmt_Config_602N11_chapter_01010.html#con_ 1058068

NEW QUESTION 8
How is a dynamic vNIC allocated?

• A. Dynamic vNICs are assigned to VMs in vCenter.
• B. Dynamic vNICs can only be bound to the service profile through an updating template.
• C. Dynamic vNICs are bound directly to a service profile.
• D. Dynamic vNICs are assigned by binding a port profile to the service profil

Answer: C

Explanation: The dynamic vNIC connection policy determines how the connectivity between VMs and dynamic vNICs is configured. This policy is required for Cisco UCS domains that include servers with VIC adapters on which you have installed VMs and configured dynamic vNICs.
Each dynamic vNIC connection policy includes an Ethernet adapter policy and designates the number of vNICs that can be configured for any server associated with a service profile that includes the policy.
For VM-FEX that has all ports on a blade in standard mode, you need to use the VMware adapter policy.
For VM-FEX that has at least one port on a blade in high-performance mode, use the VMwarePassThrough adapter policy or create a custom policy. If you need to create a custom policy, the resources provisioned need to equal the resource requirements of the guest OS that needs the most resources and for which you will be using high-performance mode.
Reference: http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/vm_fex/vmware/gui/config_gui de/b_GUI_VMware_VM-FEX_UCSM_Configuration_Guide/b_GUI_VMware_VMFEX_ UCSM_Configuration_Guide_chapter_010.html

NEW QUESTION 9
Which two advantages does FabricPath have over Spanning Tree in implementing a loop-free network topology design? (Choose two.)

• A. Blocked links can be brought in to service if active links fail.
• B. Convergence times are faster.
• C. Multipath forwarding is supported for unicast and multicast Layer 2 and Layer 3 traffic.
• D. Unknown unicast addresses are flooded in through the originating por

Answer: BC

NEW QUESTION 10
Which information does the show fcns database command display?

• A. FCID
• B. port name
• C. nWWN
• D. interface

Answer: A

Explanation: https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/n5k/commands/show-fcnsdatabase. html

NEW QUESTION 11
In Any Source Multicast groups which multicast enabled device supports shared trees?

• A. RP
• B. any router in the tree except for the RP
• C. first-hop router
• D. last-hop router

Answer: A

NEW QUESTION 12
When configure HSPR on IPv6 enabled interface, which two configuration is correct.

• A. switchA{config-if)» standbyt 6 preempt
• B. switchA(config-if)» hsrp <group-number>
• C. switchA(config-if)ff key 6
• D. switchA{config-if)» hsrp version 2
• E. switchA{config-if)B priority <level>

Answer: B

NEW QUESTION 13
DRAG DROP
Drag and drop the optional OSPF parameters from the left onto the correct functions on the right.

Answer:

Explanation:

NEW QUESTION 14
What is the status of FCoE license on Cisco Nexus 5548 switch?

• A. FCoE license is not installed
• B. FCoE license is installed, but it is expired
• C. FCoE license is installed and status is enabled
• D. FCoE license does not need to be installed because it is part of ENTERPRISE_PKG

Answer: C

NEW QUESTION 15
Which standard has Cisco used to implement VM-FEX?

• A. IEEE 802.1BR
• B. IEEE 802.1Qbb
• C. IEEE 802.1Qaz
• D. IEEE 802.1p
• E. IEEE 802.1x

Answer: A

NEW QUESTION 16
Refer to the exhibit,

Which description of the output is true?

• A. The default map-cache limit is used.
• B. PETR is disable
• C. The table output apply to the default VRF
• D. The switch acts as an IPv4 LISP ETR

Answer: A

NEW QUESTION 17
Which two options can be used for link aggregation when you configure vPC member interfaces? (Choose two.)

• A. a static EtherChannel
• B. the Cisco Fabric Services protocol
• C. the LACP protocol
• D. the VSL control link
• E. the PAgP protocol

Answer: AC

NEW QUESTION 18
What is the Overlay Transport Virtualization site VLAN used for?

• A. to facilitate communications between OTV edge devices within the site
• B. to allow multiple site AEDs to communicate with each other
• C. to detect devices at the site that are not capable of OTV
• D. to allow the join interfaces at different sites to communicate

Answer: A