Cisco 300-620 DCACI Exam Questions Instant Access

Question 1

An engineer configures SNMP for an ACI fabric and created an SNMP Monitoring Destination Group called snmp_dgroup1. Snmp_dgroup1 is configured with the server hostname and Community password. An SNMP policy called snmp_podpolicy1 is configured to enable SNMP and add an SNMP Client Group Profile called snmp_clgroup1. Snmp_podpolicy1 is associated default pod profile via a pod policy group named podl. Which configuration set must the engineer enable to complete the SNMP configuration?

AConfigure an SNMP management contract to permit all traffic. Associate snmp_podpolicy1 with an SNMP pod profile.

BConfigure the OOB management contract to permit all traffic. Associate snmp_clgroup1 with the SNMP management EPG.

CConfigure the OOB management contract to permit UDP 162. Associate snmp_dgroupl with the OOB management EPG.

DConfigure an SNMP management contract to permit UDP 162. Associate the SNMP Source to snmp_clgroup1.

Answer : C

https://community.cisco.com/t5/documentos-data-center/configuraci%C3%B3n-snmp-para-aci/ta-p/4680520

Question 2

Which two statements regarding ACI Multi-Site are true? (Choose two.)

AThe Multi-Site orchestrator must be directly attached to one ACI leaf.

BRouters in the Inter-Site network must run OSPF, DHCP relay, and MP-BGP.

CACI Multi-Site is a solution that supports a dedicated APIC cluster per site.

DACI Multi-Site is a solution that allows one APIC cluster to manage multiple ACI sites.

EThe Inter-Site network routers should run OSPF to establish peering with the spines.

Answer : C, D

The two true statements regarding ACI Multi-Site are:

ACI Multi-Site is a solution that supports a dedicated APIC cluster per site1.

ACI Multi-Site is a solution that allows one APIC cluster to manage multiple ACI sites1.

Question 3

An engineer must advertise a bridge domain subnet out of the ACI fabric to an OSPF neighbor. Which two configuration steps are required? (Choose two.)

AConfigure Subnet scope to Advertised Externally

BAdd External Subnet for External EPG flag under External EPG.

CCreate Route Control Profile with the export direction under External EPG.

DAdd L30ut profile to the bridge domain using Associated L30uts section

EConfigure the Subnet under the EPG level.

Answer : A, D

To advertise a bridge domain subnet out of the ACI fabric to an OSPF neighbor, the following configuration steps are required:

Configure Subnet scope to Advertised Externally: This step involves setting the scope of the subnet within the bridge domain to be advertised externally, which allows the subnet to be propagated to external routing entities3.

Add L30ut profile to the bridge domain using Associated L30uts section: This step involves associating the bridge domain with an L3Out profile, which is necessary for the bridge domain subnet to be advertised to OSPF neighbors4.

Question 4

Refer to the exhibit.

Refer to the exhibit. A tenant is configured with a single L30ut and a single-homed link to the core router called Core-1. An engineer must add a second link to the L30ut that connects to Core-2 router. Which action allows the traffic from Core-2 to BL-1002 to have the same connectivity as the traffic from Core-1 to BL-1001?

AAdd a second path to the logical interface profile of the existing L30ut

BAdd a second subnet to the external EPG to the existing L30ut.

CAdd a second OSPF interface profile to the logical interface profile.

DAdd a second interface to the external domain to the existing L30ut.

Answer : A

The scenario involves a tenant configured with a single L3Out and a single-homed link from the ACI fabric (via border leaf BL-1001) to a core router (Core-1). The engineer must add a second link to the L3Out, connecting to Core-2 via BL-1002, ensuring that traffic from Core-2 to BL-1002 has the same connectivity as traffic from Core-1 to BL-1001. The exhibit shows a single-homed setup with BL-1001 and BL-1002 as potential border leaves, with a dashed line indicating a planned second link.

Requirement Analysis

The existing L3Out is single-homed to Core-1 via BL-1001, and the goal is to extend it to a multi-homed configuration with Core-2 via BL-1002.

'Same connectivity' implies that the second link must be integrated into the existing L3Out configuration, sharing the same routing policies, external EPG, and subnet reachability.

The solution must leverage ACI's L3Out framework to add the new path without creating a separate L3Out or altering the current routing setup unnecessarily.

Option Evaluation

A . Add a second path to the logical interface profile of the existing L3Out:

The logical interface profile in an L3Out defines the interfaces (e.g., routed ports or sub-interfaces) and their associations with nodes (border leaves). Adding a second path to this profile allows the inclusion of the new link from BL-1002 to Core-2, ensuring it operates under the same L3Out configuration (e.g., routing protocol, external EPG). This maintains consistent connectivity and leverages ACI's multi-homing support.

B . Add a second subnet to the external EPG to the existing L3Out:

Adding a subnet to the external EPG defines additional networks advertised or learned via the L3Out, but it does not address the addition of a new physical link or path. This is irrelevant to the connectivity requirement for the second link.

C . Add a second OSPF interface profile to the logical interface profile:

While the L3Out uses OSPF (implied by the context), adding a second OSPF interface profile would create a separate routing instance, which is unnecessary and could disrupt consistency. The existing OSPF configuration can be extended via the logical interface profile.

D . Add a second interface to the external domain to the existing L3Out:

The external domain associates VLAN pools, but it does not define paths or interfaces for L3Out connectivity. This option is incorrect as it confuses domain configuration with interface path management.

Final Answer Justification

A is correct because adding a second path to the logical interface profile of the existing L3Out integrates the new link from BL-1002 to Core-2 into the same routing and policy framework, ensuring equivalent connectivity to the Core-1 to BL-1001 link. This aligns with ACI's support for multi-homed L3Outs.

Primary Cisco Reference:

Cisco APIC Layer 3 Networking Configuration Guide, 'L3Out Multi-Homing.'

Cisco ACI Best Practices, 'Expanding L3Out Connectivity.'

Question 5

The customer is looking for redundant interconnection of the existing network to the new ACI fabric. Unicast and multicast traffic must be routed between the two networks. Which L3Out implementation meets these requirements?

AOption A

BOption B

COption C

DOption D

Answer : A

For a redundant interconnection that routes both unicast and multicast traffic, the L3Out (Layer 3 Outside) implementation in Cisco ACI should include the following:

Redundant Connections: Ensure there are at least two connections from the ACI fabric to the external network for redundancy. These connections should be to different leaf switches if possible.

Routing Protocols: Configure a routing protocol that supports both unicast and multicast routing. OSPF or EIGRP can be used for unicast, and PIM (Protocol Independent Multicast) should be configured for multicast.

Route Redistribution: Set up route redistribution between the ACI fabric and the external network to ensure that routes are shared across both networks.

Multicast Configuration: Enable multicast routing within the ACI fabric and configure the necessary multicast policies.

Contract and Policy Configuration: Define contracts and policies that allow the required unicast and multicast traffic to flow between the ACI fabric and the external network.

Cisco documentation on configuring L3Outs in ACI

Cisco white paper on ACI Multicast Routing

Question 6

The Application team reports that a previously existing port group has disappeared from vCenter. An engineer confirms that the VM domain association for the EPG is no longer present. Which action determines which user is responsible for the change?

ACheck the EPG audit logs for the 'deletion' action and compare the affected object and user.

BEvaluate the potential faults that are raised for that EPG.

CExamine the health score and drill down to an object that affects the EPG combined score.

DInspect the server logs to see who was logging in to the APIC during the last few hours.

Answer : A

To determine which user is responsible for the disappearance of a previously existing port group from vCenter, the engineer should check the EPG audit logs for any 'deletion' actions.By comparing the affected object and the user who performed the action, the engineer can identify the responsible individual2.

Question 7

Which method does the Cisco ACI fabric use to load-balance multidestination traffic?

APIM routing

Bspanning trees

Cshortest-path trees

Dforwarding tag trees

Answer : D

The method that the Cisco ACI fabric uses to load-balance multidestination traffic isforwarding tag trees3.This method involves assigning a forwarding tag (FTAG) to the traffic when it is forwarded within the fabric, ensuring efficient load balancing of multi-destination traffic3.

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_010010.html

Cisco Implementing Cisco Application Centric Infrastructure 300-620 DCACI Exam Questions