Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free Cisco 300-620 Practice Exam with Questions & Answers | Set: 7

Questions 61

An ACI administrator notices a change in the behavior of the fabric. Which action must be taken to determine if a human intervention introduced the change?

Options:
A.

Inspect event records in the APIC UI to see all actions performed by users.

B.

Inspect /var/log/audit_messages on the APIC to see a record of all user actions.

C.

Inspect audit logs in the APIC UI to see all user events.

D.

Inspect the output of show command history in the APIC CLI.

Cisco 300-620 Premium Access
Questions 62

How is broadcast forwarded in Cisco ACI Multi-Pod after ARP flooding is enabled?

Options:
A.

Ingress replication is used on the spines to forward broadcast frames in the IPN infrastructure.

B.

Within a pod, the ingress leaf switch floods the broadcast frame on all fabric ports.

C.

Broadcast frames are forwarded inside the pod and across the IPN using the multicast address that is associated to the bridge domain.

D.

For the specific bridge domain, all spines forward the broadcast frames to IPN routers.

Questions 63

An engineer configures a one-armed policy-based redirect service Insertion for an unmanaged firewall. The engineer configures these Cisco ACI objects:

a contract named All_Traffic_Allowed

a Layer 4 to Layer 7 device named FW-Device

a policy-based redirect policy named FW-1Arm-Policy-Based RedirectPolicy

Which configuration set redirects the traffic to the firewall?

Options:
A.

Configure a policy-based redirect subject.

Associate the policy-based redirect subject with All_Traffic_Allowed.

B.

Configure a firewall bridge domain.

Associate the bridge domain with FW-Device.

C.

Configure a device interface policy.

Associate the device interface policy with FW-Device.

D.

Configure a service graph.

Associate the service graph with All_Traffic_Allowed.

Questions 64

300-620 Question 64

Refer to the exhibit. A client is configuring a new Cisco ACI fabric. All VLANs will be extended during the migration phase using the VPC connections on leaf switches 3. 4 and leaf switches toward the legacy network. The migration phase has these requirements;

* If The legacy switches must be able to transfer BPDUs through the ACI fabric.

* If the legacy switches fail to break a loop. Cisco ACI must break the loop.

Which group settings must be configured on VPC interface policy groups ipg_vpc-legacy_1 and ipg_vpc-legacy_2 to meet these requirements?

Options:
A.

MCP: enabled

BPDU Guard: enabled

BPDU Filter: disabled

B.

MCP: enabled

BPDU Guard: disabled

BPDU Filter: disabled

C.

MCP: disabled

BPDU Guard: disabled

BPDU Filter: enabled

D.

MCP: disabled

BPDU Guard: enabled

BPDU Filter enable

Questions 65

300-620 Question 65

Refer to the exhibit. An engineer created a local user named User on Cisco ACI. The engineer must configure the fabric so that the User can access only common and PROD tenants, ch set of actions accomplishes the goal?

Options:
A.

Add security domain "all" to User.

Associate security domain "all" under PROD tenant.

B.

Add security domain 'Tenant" to User.

Associate security domain "Tenant" under PROD tenant.

C.

Add security domain "common" to User.

Associate security domain "common" under PROD tenant.

D.

Add security domain "mgmt" to User

Associate security domain "mgmt" under PROD tenant.

Questions 66

Refer to the exhibit.

300-620 Question 66

An engineer is integrating a VMware vCenter with Cisco ACI VMM domain configuration. ACI creates port-group names with the format of “Tenant | Application | EPG”. Which configuration option is used to generate port groups with names formatted as “Tenant=Application=EPG”?

Options:
A.

enable tag collection

B.

security domains

C.

delimiter

D.

virtual switch name

Questions 67

An engineer associates EPG-A with a VMM domain and sets the Deployment and Resolution preferences to Immediate. The host that will generate endpoints for EPG-A is attached to Leaf-and Leaf-102 using etht1/1. However, no configuration for EPG-A appears to have been pushed to the leaf switches. Which action must be taken for the configuration to be pushed to f-101 and Leaf-102?

Options:
A.

Enable CDP or LLDP on the host.

B.

Configure both ports for trunking.

C.

Enable LACP on the leaf switch ports.

D.

Disable and enable eth1/1 on both leaf switches

Questions 68

An engineer configures a Multi-Pod system with the default getaway residing outside of the ACI fabric for a

bridge domain. Which setting should be configured to support this requirement?

Options:
A.

disable Limit IP Learning to Subnet

B.

disable IP Data-plane Learning

C.

disable Unicast Routing

D.

disable Advertise Host Routes

Questions 69

Regarding the MTU value of MP-BGP EVPN control plane packets in Cisco ACI, which statement about communication between spine nodes in different sites is true?

Options:
A.

By default, spine nodes generate 9000-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 9000-bytes packets.

B.

By default, spine nodes generate 1500-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 1800-bytes packets.

C.

By default, spine nodes generate 1500-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 1500-bytes packets.

D.

By default, spine nodes generate 9000-bytes packets to exchange endpoints routing information. As a result, the Inter-Site network should be able to carry 9100-bytes packets.

Questions 70

When does the Cisco ACI leaf learn a source IP or MAC as a remote endpoint?

Options:
A.

When VXLAN traffic arrives on a leaf fabric port from the spine and outer source IP is in the Layer 3 Out EPG subnet range.

B.

When VXLAN traffic arrives on a leaf fabric port from the spine and outer source IP is in the bridge domain subnets range.

C.

When VXLAN traffic arrives on a leaf fabric port from the spine and inner source IP is in the Layer 3 Out EPG subnet range.

D.

When VXLAN traffic arrives on a leaf fabric port from the spine and inner source IP is in the bridge domain subnets range.

Exam Code: 300-620
Certification Provider: Cisco
Exam Name: Implementing Cisco Application Centric Infrastructure (300-620 DCACI)
Last Update: Jul 15, 2025
Questions: 247