• Home
  • Articles
  • 194 Q&As in UPDATED 300-620 Exam Questions Certification Test Engine to PDF [Q39-Q62]

194 Q&As in UPDATED 300-620 Exam Questions Certification Test Engine to PDF [Q39-Q62]

Share

194 Q&As in UPDATED 300-620 Exam Questions Certification Test Engine to PDF

Get The Important Preparation Guide With 300-620 Dumps


Cisco 300-620 certification exam is a valuable credential for IT professionals who want to advance their careers in data center networking. It demonstrates to employers that they have the skills and knowledge required to design and deploy Cisco ACI solutions, and that they can troubleshoot complex network issues. Implementing Cisco Application Centric Infrastructure certification is also a prerequisite for other advanced Cisco certifications, such as the CCIE Data Center certification.


Preparing for the Cisco 300-620 certification exam requires a combination of study and hands-on experience. Candidates are encouraged to take advantage of Cisco’s training resources, including the Implementing Cisco Application Centric Infrastructure (DCACI) course. 300-620 course covers all of the topics that are tested on the exam and provides hands-on experience with ACI components. In addition to the course, candidates should also review Cisco’s documentation and practice with a lab environment.

 

NEW QUESTION # 39
An engineer is in the process of discovering a new Cisco ACI fabric consisting of two spines and four leaf switches. The discovery of leaf 1 has just been completed. Which two nodes are expected to be discovered next? (Choose two.)

  • A. leaf 2
  • B. leaf 4
  • C. spine 2
  • D. leaf 3
  • E. spine 1

Answer: C,E


NEW QUESTION # 40
A network engineer must design a method to allow the Cisco ACI to redirect traffic to the firewalls. Only traffic that matches specific L4-L7 policy rules should be redirected. The load must be distributed across multiple firewalls to scale the performance horizontally. Which action must be taken to meet these requirements?

  • A. Implement ACI Service Graph Two Nodes with GIPo.
  • B. Configure ACI Service Graph with Symmetric PBR.
  • C. Implement ACI Service Graph with GIPo.
  • D. Configure ACI Service Graph with Unidirectional PBR.

Answer: B

Explanation:
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739971.html


NEW QUESTION # 41
What are two descriptions of ACI multi-site? (Choose two.)

  • A. ACI Multi-Site is a solution that allows one APIC cluster to manage multiple ACI sites
  • B. ACI Multi-Site is a solution that supports a dedicated APIC cluster per site
  • C. The Multi-Site orchestrator must be directly attached to one ACI leaf.
  • D. The Inter-Site network routers should run OSPF to establish peering with the spines.
  • E. Routers in the inter-Site network must run OSPF. DHCP relay, and MP-BGP

Answer: B,D


NEW QUESTION # 42
An engineer must set up a Cisco ACI fabric to send Syslog messages related to hardware events, such as chassis line card failures. The messages should be sent to a dedicated Syslog server. Where in the Cisco APIC should the policy be configured to meet this requirement?

  • A. uni/fabric/monfab-default
  • B. uni/tn-common/monepg-default
  • C. uni/fabric/moncommon
  • D. uni/infra/monifra-default

Answer: A


NEW QUESTION # 43
Refer to the exhibit.

An engineer configures the Cisco ACI fabric for VMM integration with ESXi servers that are to be connected to the ACI leaves. The server team requires the network switches to initiate the LACP negotiation as opposed to the servers. The LAG group consists of two 10 Gigabit Ethernet links. The server learn also wants to evenly distribute traffic across all available links. Which two enhanced LAG policies meet these requirements? (Choose two.)

  • A. LB Mode: Source and Destination MAC Address
  • B. LACP Mode: LACP Standby
  • C. LB Mode: Destination IP Address and TCP/UDP Port
  • D. LACP Mode: LACP Active
  • E. LB Mode: Source IP Address and TCP/UDP Port

Answer: A,D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/aci_virtual_edge/configuration/2-x/Cisco-ACIVirtual- Edge-Configuration-Guide-202/Cisco-ACI-Virtual-Edge-Configuration-Guide-202_chapter_0100.html


NEW QUESTION # 44
Which two statements regarding ACI Multi-Site are true? (Choose two.)

  • A. Routers in the Inter-Site network must run OSPF, DHCP relay, and MP-BGP.
  • B. ACI Multi-Site is a solution that supports a dedicated APIC cluster per site.
  • C. The Multi-Site orchestrator must be directly attached to one ACI leaf.
  • D. The Inter-Site network routers should run OSPF to establish peering with the spines.
  • E. ACI Multi-Site is a solution that allows one APIC cluster to manage multiple ACI sites.

Answer: D,E


NEW QUESTION # 45
An engineer wants to monitor all configuration changes, threshold crossing, and link-state transitions in a Cisco ACI fabric. Which action must be taken to receive the required messages?

  • A. Include Audit Logs and Events in the Syslog source policy.
  • B. Add Faults and Events to the monitor policy.
  • C. Add Session Logs and Audit Logs to the monitor policy.
  • D. Include Events and Session Logs in the Syslog source policy.

Answer: A


NEW QUESTION # 46
What is a requirement for Cisco ACI IPN to manage multidestination traffic?

  • A. pervasive gateway
  • B. multicast routing
  • C. unicast routing
  • D. anycast gateway

Answer: B


NEW QUESTION # 47
Which feature allows firewall ACLs to be configured automatically when new endpoints are attached to an EPG?

  • A. ARP gleaning
  • B. dynamic endpoint attach
  • C. hardware proxy
  • D. network-stitching

Answer: B


NEW QUESTION # 48
Refer to the exhibit.

Refer to the exhibit. The EPG-100 must be extended to the vCenter as a port group with a tagged VLAN ID of 100. Which set of actions accomplishes this goal?

  • A. Define a static VLAN range (from 100-200) under a VLAN pool that is associated with the dc1vcdev domain.
    Associate the dc1vcdev domain with EPG and select these settings:
    Untagged VLAN Access: unselected
    VLAN Mode: Static with Encap: 100
  • B. Define a dynamic VLAN range (from 100-200) under a VLAN pool that is associated with the del vdev domain.
    Associate the dc1vcdev domain with EPG and select these settings:
    Untagged VLAN Access: unselected
    VLAN Mode: Static with Encap: 100
  • C. Define a dynamic VLAN range (from 100-200) under a VLAN pool that is associated with the dc1vdev domain.
    Associate the dc2vcdev domain with EPG and select these settings:
    Untagged VLAN Access: selected
    VLAN Mode: Static with Encap: 100
  • D. Define a static VLAN range (from 100-200) under a VLAN pool that is associated with the dc1vcdev domain.
    Associate the dc2vcdev domain with EPG and select these settings:
    Untagged VLAN Access: selected
    VLAN Mode: Static with Encap: 100

Answer: C


NEW QUESTION # 49
Drag and drop the Cisco ACI Layer 4 to Layer 7 service insertion terms on the left to the correct descriptions on the right.

Answer:

Explanation:


NEW QUESTION # 50
Refer to the exhibit.

Which action should be taken to ensure authentication if the RADIUS servers are unavailable?

  • A. Assign the user to the default role.
  • B. Set the fallback login to local.
  • C. Adjust the priority of server 10.1.1.1 to 1.
  • D. Set the default login realm to LDAP

Answer: B

Explanation:
Changing the server priority is not logical answer.
The command "aaa user default-role no-login" means that remote users who do not have a user role cannot login. This means that assigning the user to default role will not be able to login.
The "aaa authentication login default" and "aaa authentication login fallback" has identical configuration. The fallback uses RADIUS server. We should change is to local.


NEW QUESTION # 51
Refer to the exhibit.

A Cisco ACI fabric is newly deployed, and the security team requires more visibility of all inter-EPG traffic flows. All traffic in a VRF must be forwarded to an existing firewall pair. During fallover, the standby firewall must continue to use the same IP and MAC as the primary firewall. Drag and drop the steps from the left Into the Implementation order on the right to configure the service graph that meets the requirements. (Not all steps are used.)

Answer:

Explanation:

Reference:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/L4-L7_Services_Deployment/guide/b_L4L7_Deploy_ver201/b_L4L7_Deploy_ver201_chapter_010100.html#id_71564 Create a service bridge domain and a layer 4 to layer 7 device within one cluster interface.


NEW QUESTION # 52
An engineer configured a bridge domain with the hardware-proxy option for Layer 2 unknown unicast traffic. Which statement is true about this configuration?

  • A. The leaf switch drops the Layer 2 unknown unicast packet if it is unable to find the MAC address in the local forwarding tables.
  • B. The leaf switch forwards the Layers 2 unknown unicast packets to all other leaf switches if it is unable to find the MAC address in its local forwarding tables.
  • C. The spine switch drops the Layer 2 unknown unicast packet if it is unable to find the MAC address in the proxy database.
  • D. The Layer 2 unknown hardware proxy lacks support of the topology change notification.

Answer: A


NEW QUESTION # 53
The unicast routing feature is enabled on the bridge domain. Which two conditions enable the Cisco ACI leaf to learn a source IP as a local endpoint? (Choose two.)

  • A. IP traffic routed through an SVI.
  • B. Through ARP received on an SVI.
  • C. Through Ethernet traffic received in a bridge domain.
  • D. Through VXLAN traffic received on the uplink.
  • E. IP traffic routed through a Layer 3 Out.

Answer: A,B

Explanation:
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739989.html


NEW QUESTION # 54
An engineer is configuring a VRF for a tenant named Cisco. Drag and drop the child objects on the left onto the correct containers on the right for this configuration.

Answer:

Explanation:


NEW QUESTION # 55
An engineer is implementing Cisco ACI at a large platform-as-a-service provider using APIC controllers, 9396PX leaf switches, and 9336PQ spine switches. The leaf switch ports are configured as IEEE 802.1p ports. Where does the traffic exit from the EPG in IEEE 802.1p mode in this configuration?

  • A. from leaf ports untagged
  • B. from leaf ports tagged as VLAN 4094
  • C. from leaf ports tagged as VLAN 1
  • D. from leaf ports tagged as VLAN 0

Answer: A


NEW QUESTION # 56
The engineer notices frequent MAC and IP address moves between different leaf switch ports. Which action prevents this problem from occurring?

  • A. Enable endpoint loop protection.
  • B. Enable rogue endpoint control.
  • C. Disable enforce subnet check.
  • D. Disable IP bridge domain enforcement.

Answer: A

Explanation:
enabling endpoint loop protection can prevent frequent MAC and IP address moves between different leaf switch ports.


NEW QUESTION # 57
An engineer configures a Multi-Pod system with the default getaway residing outside of the ACI fabric for a bridge domain. Which setting should be configured to support this requirement?

  • A. disable Limit IP Learning to Subnet
  • B. disable Advertise Host Routes
  • C. disable IP Data-plane Learning
  • D. disable Unicast Routing

Answer: A

Explanation:
Section: ACI Anywhere


NEW QUESTION # 58
An ACI engineer is implementing a Layer 3 out inside the Cisco ACI fabric that must meet these requirements:
The data center core switch must be connected to one of the leaf switches with a single 1G link.
The routes must be exchanged using a link-state routing protocol that supports hierarchical network design.
The data center core switch interface must be using 802.1Q tagging, and each vlan will be configured with a dedicated IP address.
Which set of steps accomplishes these goals?

  • A. Configure the OSPF Protocol policy with an area of 0.
    Create Routed Outside object and Node Profile, selecting OSPF as the routing protocol. Build the Interface profile, selecting Routed Sub-interface and the appropriate VLAN. Configure the External Network object with a network of 0.0.0.0/0.
  • B. Set up the ElGRP Protocol policy with the selected Autonomous System number. Create the Routed Outside object and Node Profile selecting ElGRP Configure the Interface profile selecting Routed Interface and the appropriate interfaces. Create the External Network object with a network of 0.0.0.0/0.
  • C. Set up the BGP Protocol policy with the Autonomous System number of 0.
    Configure an interface policy and an External Bridged Domain.
    Create an External Bridged Network using the configured VLAN pool.
    Build the Leaf profile, selecting Routed sub-interface and the appropriate VLAN.
  • D. Set up the ElGRP Protocol policy with the selected Autonomous System number. Set up the Routed External Network object ana Node Profile, selecting ElGRP Create the Switch profile, selecting Port-channel and the appropriate interfaces Create the default network and associate it with the Routed Outside object.

Answer: A


NEW QUESTION # 59
Which Cisco APIC configuration prevents a remote network that is not configured on the bridge domain from being learned by the fabric?

  • A. enable Unicast Routing
  • B. enable Limit IP Learning to Subnet
  • C. enable ARP Flooding to BD
  • D. enable IP Data-plane Learning

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/ white-paper-c11-739989.html


NEW QUESTION # 60
Refer to the exhibit.

A Cisco ACI fabric is newly deployed, and the security team requires more visibility of all inter-EPG traffic flows. All traffic in a VRF must be forwarded to an existing firewall pair. During fallover, the standby firewall must continue to use the same IP and MAC as the primary firewall. Drag and drop the steps from the left Into the Implementation order on the right to configure the service graph that meets the requirements. (Not all steps are used.)

Answer:

Explanation:


NEW QUESTION # 61
An engineer must securely export Cisco APIC configuration snapshots to a secure, offsite location The exported configuration must be transferred using an encrypted tunnel and encoded with a platform-agnostic data format that provides namespace support Which configuration set must be used?

  • A. Option C
  • B. Option B
  • C. Option A
  • D. Option D

Answer: D


NEW QUESTION # 62
......

Prepare With Top Rated High-quality 300-620 Dumps For Success in Exam: https://www.vcetorrent.com/300-620-valid-vce-torrent.html

Get Totally Free Updates on 300-620 Dumps PDF Questions: https://drive.google.com/open?id=1iYDwIUXMt2Z4tIU2J-_qz0joBNbQdgq3

Related Articles

more
Cisco 300-620 Certification Practice Exam

Contact Us

Our Working Time: ( GMT 0:00-15:00 )   From Monday to Saturday

Contact now

Our high-quality valid VCE PDF materials & dumps torrent files guarantee you pass exam 100% for sure. Our reliable exam torrent will be the best help for your exams and will give you a new start, a new life.

Disclaimer:
VCETorrent doesn't offer Real Lenovo Exam Questions.
VCETorrent does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. VCETorrent does not own or claim any ownership on any of the brands.

Copyright © 2026 VCETorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy