Which three authentication protocols can be configured in the Cisco Application Policy
Infrastructure Controller? (Choose three.)
Answer : C,D,G
Reference: http://www.cisco.com/c/en/us/solutions/collateral/data-center- virtualization/unified-fabric/white-paper-c11-730021.html (System Access: Authentication,
Authorization, and RBAC)
The Cisco APIC supports both local and external authentication and authorization
(TACACS+, RADIUS, Lightweight Directory Access Protocol [LDAP]) as well as role-based administrative control (RBAC) to control read and write access for all managed objects and to enforce Cisco ACI administrative and per-tenant administrative separation. The Cisco
APIC also supports domain-based access control, which enforces where (under which subtrees) a user has access permissions.
What is accomplished when you install a bounce entry in a leaf?
Answer : D
Explanation: Under a normal migration, when a VM moves due to vMotion onto a leaf that does not have those EPGs and VLANs programmed, the will be deployed immediately. vCenter/ESXI host will send a GARP to ACI, the old leaf will bounce traffic to the new location of the endpoint and traffic/learning will occur. The bounce entry will stick around for a bit (about 5 minutes) and then be removed. The EPGs, VLANs, and Default Gateway will be deployed as soon as the move is detected and there will be little to no downtime (i usually see 0-1 ping loss, most of the time just increased latency) https://supportforums.cisco.com/discussion/12394516/importance-your-management- network-aci-world
In which two ways can the Cisco Application Policy Infrastructure Controller push policies to the leaf nodes? (Choose two.)
Answer : AB
Reference: http://www.cisco.com/c/en/us/solutions/collateral/data-center- virtualization/application-centric-infrastructure/white-paper-c11-731961.html
When a virtual endpoint is discovered, the policy is pushed and programmed to the leaf nodes based on resolution immediacy and instrumentation immediacy, respectively. In both cases, there is an immediate and on-demand (default) option that is defined when the VMM is associated on Cisco APIC. The on-demand option conserves resources and uses the reserved space in the policy content-addressable memory (CAM) when needed.
Resolution Immediacy -
The first option to push a policy is immediately. All policies (VLAN, NVGRE, and VXLAN), bindings, contracts, and filters are pushed to the leaf node when the hypervisor physical
NIC (pfJIC) is attached. With the on-demand option, policies are pushed to the leaf node when the pPJIC and vNIC are attached to the port group (EPG).
Deployment Immediacy -
Deployment immediacy defines when the policy is programmed in hardware. If the immediate option is chosen, the policies are programmed in the policy CAM after they are received by Cisco APIC. The on-demand option programs policies in the hardware policy
CAM only when reachability is learned through the data path.
A shard is a unit of data. How many copies does each Cisco APIC shard have including the active shard?
Answer : B
Reference: http://www.cisco.com/c/en/us/solutions/collateral/data-center- virtualization/unified-fabric/white-paper-c11-730021.html (effect of replication on reliablity)
Which attribute that is associated to the end point identity does the Cisco ACI fabric use
VxLAN to remove?
Answer : D
Which three encapsulations are normalized by the Cisco ACI fabric? (Choose three.)
Answer : C,D,E
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci- fundamentals/b_ACI-
Fundamentals/b_ACI_Fundamentals_BigBook_chapter_0100.html#concept_713CA5790F
CA40C48564D5BB19640602 -
Which two functions are provided by the Cisco Application Policy Infrastructure Controller?
(Choose two.)
Answer : AB
Reference: http://www.cisco.com/c/en/us/solutions/collateral/data-center- virtualization/unified-fabric/white-paper-c11-730021.html
Which three encapsulations types are normalized by the Cisco Application Centric
Infrastructure leaf? (Choose three.)
Answer : B,C,E
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci- fundamentals/b_ACI-
Fundamentals/b_ACI_Fundamentals_BigBook_chapter_0100.html#concept_713CA5790F
CA40C48564D5BB19640602 -
In the Cisco ACI fabric, which device enforces the policy?
Answer : F
Reference: http://www.cisco.com/c/en/us/solutions/collateral/data-center- virtualization/application-centric-infrastructure/white-paper-c11-731310.html (cisco APIC policy enforcement, see the paragraph below Figure 11)
In the three-node Cisco Application Policy Infrastructure Controller cluster, how much data is lost when two APICs fail?
Answer : C
Where is a packet forwarded if the global station table on an ingress leaf does not contain an entry for destination IP address?
Answer : C
What are the port capabilities of the Cisco Nexus 9564PX line card?
Answer : D
Reference: http://www.cdw.com/shop/products/Cisco-Nexus-X9564PX-expansion- module/3328938.aspx#TS (See technical specification tab)
Which tagging mechanism is used inside the Cisco ACI fabric?
Answer : C
Reference: http://keepingitclassless.net/2013/11/insieme-and-cisco-aci-part-2-aci-and- programmability/ (see the para below the figure)
The ACI fabric supports more than 64,000 dedicated tenant networks. A single fabric can support more than one million IPv4/IPv6 endpoints, more than 64,000 tenants, and more than 200,000 10G ports. The ACI fabric enables any service (physical or virtual) anywhere with no need for additional software or hardware gateways to connect between the physical and virtual services and normalizes encapsulations for Virtual Extensible Local Area
Network (VXLAN) / VLAN / Network Virtualization using Generic Routing Encapsulation
(NVGRE).
rhe ACI fabric decouples the endpoint identity and associated policy from the underlying forwarding graph. It provides a distributed Layer 3 gateway that ensures optimal Layer 3 and Layer 2 forwarding. The fabric supports standard bridging and routing semantics without standard location constraints (any IP address anywhere), and removes flooding requirements for the IP control plane Address Resolution Protocol (ARP) / Generic Attribute
Registration Protocol (GARP). All traffic within the fabric is encapsulated within VXLAN.
The forwarding table on the leaf switch is divided between local and global entries. What is contained in the local station table?
Answer : C
Reference: http://d2zmdbbm9feqrf.cloudfront.net/2014/anz/pdf/BRKDCT-3640.pdf (slide
101)
Which two statements about connecting the Cisco ACI fabric to an outside Layer 3 network are true? (Choose two.)
Answer : AC
Explanation: Reference: http://www.cisco.com/c/en/us/solutions/collateral/data-center- virtualization/application-centric-infrastructure/white-paper-c07-732033.html
Have any questions or issues ? Please dont hesitate to contact us