642-991 - Cisco Data Center Unified Fabric Solutions Design (DCUFD)
Go back to Cisco
In designing virtual firewalls for a data center environment using the Cisco Nexus 7010 Switch, which two are valid design options? (Choose two.)
Different VDCs can be deployed for each virtual firewall.
Multiple VRFs can be associated with each virtual firewall within a single VDC.
Which of the following is the most important consideration of an FCoE design?
In a data center environment, which ACL type allows for role-based access control?
Which two solutions scale up to 1.4-Tb/s system bandwidth capacity? (Choose two.)
Cisco Nexus 7010
Cisco Catalyst 6500 VSS 1440
Why are server-to-server traffic flows routed through the aggregation layer?
They are routed to provide load-balancing services between web and application servers.
What are three effective ways to service multicast traffic in a data center environment? (Choose three.)
configuring IGMP/PIM in the Cisco Catalyst 6500 Series FWSM
configuring IGMP/PIM in the MSFC on a Cisco Catalyst 6500 switch
configuring service modules in transparent or bridged mode
What simplifies troubleshooting and enhances protocol stability for OSPF?
using loopback interfaces
Which two techniques can be used to mitigate DDoS attacks in the data center core, using the Cisco Nexus 7000 Family of switches? (Choose two.)
control plane policing
Routing protocol authentication is a security feature most likely found at which data center layer?
Which hardware and feature is used to implement a logical distribution network layer in the data 15 center?
Cisco Nexus 7000 with VDCs
Which routing protocol represents the more effective choice to accomplish stability at the data center core?
Which Cisco Catalyst 6500 Series FWSM mode of operation results in the least impact to the IP addressing scheme?
What are two ways in which the virtual appliance can be deployed to help optimize private cloud infrastructures? (Choose two.)
traditional WAN edge deployment with out-of-path WCCP interception
vWave appliance deployment deep in the data center with inception Level 3 awareness
Which two Cisco Nexus 5500 features position the switch as an effective solution in the data center aggregation layer? (Choose two.)
unified I/O via FCoE
Layer 3 capabilities
Which licensing feature set is required on the Cisco Nexus 7010 platform to support the use of VDCs?
Which three statements about designing security policy for the data center are true? (Choose three.)
Many VLANs are used.
High availability is a must.
The solution should scale because data centers evolve through time.
An administrator wants to deploy two different Cisco VSMs to manage two different virtual networks within VMware vCenter, but wants to use the same control, management, and packet 7 VLANs. What must the administrator perform to ensure that the two Cisco VSMs only communicate with their respective VEMs?
Configure different domain IDs on each pair of Cisco VSMs.
Which two statements best describe the advantages concerning Layer 2 path selection when deploying VDCs in the aggregation layer? (Choose two.)
VDCs reduce the size of Layer 2 failure domains.
vPC provides Layer 2 load balancing and loop management without use of STP.
Which protocol mitigates man-in-the-middle attacks in the data center access layer?
Dynamic ARP Inspection
At which network layer would you likely find features like QoS ACLs?
Which network tool provides proactive link utilization?
Which three features make the Cisco Catalyst 4948 an ideal data center top-of-rack switch? (Choose three.)
hot-swappable power supplies
What are two benefits of Cisco Application Networking Services solutions, aside from lowering the TCO and improving IT flexibility? (Choose two.)
Performance: Ensures the best service to users in all network locations.
Availability: Increases application availability to users throughout your network
Which hardware-based security feature mitigates DDoS attacks against the Cisco Nexus switch itself?
Used in combination with DHCP snooping, which feature helps prevent spoofing attacks in the data center access layer?
Dynamic ARP Inspection
You have been tasked with designing and implementing a data center network. You are ready to configure a Cisco Unified Computing System to Nexus 7000 connection. To ensure active/active forwarding for all VLANs on all Cisco Unified Computing System uplinks toward the Cisco Nexus 7000 switches, what is the correct configuration?
vPC on the Cisco Nexus 7000 switches with the Cisco Unified Computing System fabric interconnects running in end-host mode.
Which of the following application high-availability options is not configurable using the Cisco ACE solution?
What is a primary technology enabler for server I/O consolidation?
Converged Network Adapter
Which two functional areas are covered by the Cisco TrustSec model? (Choose two.)
packet confidentiality and integrity
access control via security group ACLs
Which two functions enable lossless Ethernet in data center devices? (Choose two.)
priority flow control
CoS-based bandwidth management
Which two functions are commonly combined to provide load balancing and redundancy in data center services across the data center core? (Choose two.)
route health injection
global server load balancing
Which access layer design can improve STP stability with the use of enhanced features like UDLD, loop guard, and BPDU guard?
What are two benefits that result from deploying a top-of-rack access layer design? (Choose two.)
simpler logical topology
improved power distribution
Which statement best describes the TFO feature?
TFO optimizes TCP connections for client/server traffic.
The Cisco Nexus 5500 Series Switches use which operating mode for 10-Gb connections versus 1-Gb connections?
cut-through mode for 10-Gb connections and store-and-forward mode for 1-Gb connections
Which recommendation applies to OSPF in the data center core?
Adjust OSPF reference bandwidth for VLANs with 10-Gigabit Ethernet links.
What is the name of the process used by OTV, whereby the traffic flow between source and destination host MAC addresses is translated in the overlay into an IP flow between the source 21 and destination IP addresses of the relevant edge devices?
In a Cisco Unified Fabric network, where is the best data point to gather information to determine congestion?
PFC pause rates and buffer credit usage 25
Which three technologies are considered access control technologies in the data center? (Choose three.)
MAC Authentication Bypass
802.1x guest VLAN
auth failed VLAN
Which two tools can be used to monitor the name server logins of the converged adapters? (Choose two.)
Cisco DCNM SAN
monitor session to Wireshark
Why is QoS best applied in the aggregation layer of the data center network?
It is usually where Layer 2 and Layer 3 are demarcated.
FCoE extends the reach of Fibre Channel throughout the data center by performing which action?
encapsulating Fibre Channel frames into Ethernet frames
How does the Cisco ACE server get the CPU and memory utilization information for each VM from VMware vCenter?
Cisco ACE polls the VM server MIBs from VMware vCenter.
Which two Cisco service modules can be deployed in redundant pairs with active-active failover? (Choose two.)
Which two of the following are requirements of FCoE? (Choose two.)
use of jumbo frames
IEEE 802.3x extensions to enable lossless Ethernet
Cisco DCNM monitoring tools can create and display statistical information and historical trending overview charts for a feature or interface. For Ethernet interfaces, which of the following can be charted for viewing?
Traffic Stats, Error Stats, SFP Diags, Trunk Stats
To protect the supervisor of a Cisco Nexus 7000 switch, the CoPP feature performs which two functions? (Choose two.)
separates data plane packets from control plane packets
provides DoS protection independent from interface capabilities
Which two of the following factors do IT departments need to consider when designing cabling plants? (Choose two.)
Modularity and flexibility.
I/O connectivity options like top-of-rack or end-of-row are evolving.
Which Cisco product provides complete compliance with the latest Payment Card Industry requirements?
Cisco ACE Web Application Firewall
Which Cisco data center product provides ACLs, virtual partitioning, and SSL termination?
Cisco ACE Module