642-991 - Cisco Data Center Unified Fabric Solutions Design (DCUFD)

Go back to Cisco

Example Questions

In designing virtual firewalls for a data center environment using the Cisco Nexus 7010 Switch, which two are valid design options? (Choose two.) Different VDCs can be deployed for each virtual firewall. Multiple VRFs can be associated with each virtual firewall within a single VDC. Which of the following is the most important consideration of an FCoE design? oversubscription In a data center environment, which ACL type allows for role-based access control? security group Which two solutions scale up to 1.4-Tb/s system bandwidth capacity? (Choose two.) Cisco Nexus 7010 Cisco Catalyst 6500 VSS 1440 Why are server-to-server traffic flows routed through the aggregation layer? They are routed to provide load-balancing services between web and application servers. What are three effective ways to service multicast traffic in a data center environment? (Choose three.) configuring IGMP/PIM in the Cisco Catalyst 6500 Series FWSM configuring IGMP/PIM in the MSFC on a Cisco Catalyst 6500 switch configuring service modules in transparent or bridged mode What simplifies troubleshooting and enhances protocol stability for OSPF? using loopback interfaces Which two techniques can be used to mitigate DDoS attacks in the data center core, using the Cisco Nexus 7000 Family of switches? (Choose two.) uRPF control plane policing Routing protocol authentication is a security feature most likely found at which data center layer? core Which hardware and feature is used to implement a logical distribution network layer in the data 15 center? Cisco Nexus 7000 with VDCs Which routing protocol represents the more effective choice to accomplish stability at the data center core? OSPF Which Cisco Catalyst 6500 Series FWSM mode of operation results in the least impact to the IP addressing scheme? transparent What are two ways in which the virtual appliance can be deployed to help optimize private cloud infrastructures? (Choose two.) traditional WAN edge deployment with out-of-path WCCP interception vWave appliance deployment deep in the data center with inception Level 3 awareness Which two Cisco Nexus 5500 features position the switch as an effective solution in the data center aggregation layer? (Choose two.) unified I/O via FCoE Layer 3 capabilities Which licensing feature set is required on the Cisco Nexus 7010 platform to support the use of VDCs? Advanced Services Which three statements about designing security policy for the data center are true? (Choose three.) Many VLANs are used. High availability is a must. The solution should scale because data centers evolve through time. An administrator wants to deploy two different Cisco VSMs to manage two different virtual networks within VMware vCenter, but wants to use the same control, management, and packet 7 VLANs. What must the administrator perform to ensure that the two Cisco VSMs only communicate with their respective VEMs? Configure different domain IDs on each pair of Cisco VSMs. Which two statements best describe the advantages concerning Layer 2 path selection when deploying VDCs in the aggregation layer? (Choose two.) VDCs reduce the size of Layer 2 failure domains. vPC provides Layer 2 load balancing and loop management without use of STP. Which protocol mitigates man-in-the-middle attacks in the data center access layer? Dynamic ARP Inspection At which network layer would you likely find features like QoS ACLs? aggregation layer Which network tool provides proactive link utilization? RMON Which three features make the Cisco Catalyst 4948 an ideal data center top-of-rack switch? (Choose three.) port security 10-GB uplinks hot-swappable power supplies What are two benefits of Cisco Application Networking Services solutions, aside from lowering the TCO and improving IT flexibility? (Choose two.) Performance: Ensures the best service to users in all network locations. Availability: Increases application availability to users throughout your network Which hardware-based security feature mitigates DDoS attacks against the Cisco Nexus switch itself? CoPP Used in combination with DHCP snooping, which feature helps prevent spoofing attacks in the data center access layer? Dynamic ARP Inspection You have been tasked with designing and implementing a data center network. You are ready to configure a Cisco Unified Computing System to Nexus 7000 connection. To ensure active/active forwarding for all VLANs on all Cisco Unified Computing System uplinks toward the Cisco Nexus 7000 switches, what is the correct configuration? vPC on the Cisco Nexus 7000 switches with the Cisco Unified Computing System fabric interconnects running in end-host mode. Which of the following application high-availability options is not configurable using the Cisco ACE solution? stateless failover What is a primary technology enabler for server I/O consolidation? Converged Network Adapter Which two functional areas are covered by the Cisco TrustSec model? (Choose two.) packet confidentiality and integrity access control via security group ACLs Which two functions enable lossless Ethernet in data center devices? (Choose two.) priority flow control CoS-based bandwidth management Which two functions are commonly combined to provide load balancing and redundancy in data center services across the data center core? (Choose two.) route health injection global server load balancing Which access layer design can improve STP stability with the use of enhanced features like UDLD, loop guard, and BPDU guard? triangle topologies What are two benefits that result from deploying a top-of-rack access layer design? (Choose two.) simpler logical topology improved power distribution Which statement best describes the TFO feature? TFO optimizes TCP connections for client/server traffic. The Cisco Nexus 5500 Series Switches use which operating mode for 10-Gb connections versus 1-Gb connections? cut-through mode for 10-Gb connections and store-and-forward mode for 1-Gb connections Which recommendation applies to OSPF in the data center core? Adjust OSPF reference bandwidth for VLANs with 10-Gigabit Ethernet links. What is the name of the process used by OTV, whereby the traffic flow between source and destination host MAC addresses is translated in the overlay into an IP flow between the source 21 and destination IP addresses of the relevant edge devices? encapsulation In a Cisco Unified Fabric network, where is the best data point to gather information to determine congestion? PFC pause rates and buffer credit usage 25 Which three technologies are considered access control technologies in the data center? (Choose three.) MAC Authentication Bypass 802.1x guest VLAN auth failed VLAN Which two tools can be used to monitor the name server logins of the converged adapters? (Choose two.) Cisco DCNM SAN monitor session to Wireshark Why is QoS best applied in the aggregation layer of the data center network? It is usually where Layer 2 and Layer 3 are demarcated. FCoE extends the reach of Fibre Channel throughout the data center by performing which action? encapsulating Fibre Channel frames into Ethernet frames How does the Cisco ACE server get the CPU and memory utilization information for each VM from VMware vCenter? Cisco ACE polls the VM server MIBs from VMware vCenter. Which two Cisco service modules can be deployed in redundant pairs with active-active failover? (Choose two.) ACE FWSM Which two of the following are requirements of FCoE? (Choose two.) use of jumbo frames IEEE 802.3x extensions to enable lossless Ethernet Cisco DCNM monitoring tools can create and display statistical information and historical trending overview charts for a feature or interface. For Ethernet interfaces, which of the following can be charted for viewing? Traffic Stats, Error Stats, SFP Diags, Trunk Stats To protect the supervisor of a Cisco Nexus 7000 switch, the CoPP feature performs which two functions? (Choose two.) separates data plane packets from control plane packets provides DoS protection independent from interface capabilities Which two of the following factors do IT departments need to consider when designing cabling plants? (Choose two.) Modularity and flexibility. I/O connectivity options like top-of-rack or end-of-row are evolving. Which Cisco product provides complete compliance with the latest Payment Card Industry requirements? Cisco ACE Web Application Firewall Which Cisco data center product provides ACLs, virtual partitioning, and SSL termination? Cisco ACE Module