Cisco Data Center Unified Fabric Solutions Design · Cisco Data Center Unified Fabric Solutions...

Cisco Data Center Unified Fabric Solutions Design

Number: 642-991Passing Score: 790Time Limit: 120 minFile Version: 1.0

http://www.gratisexam.com/

Cisco 642-991

Cisco Data Center Unified Fabric Solutions

Design(DCUFD)

Version: 5.0Cisco 642-991 Exam

Exam A

QUESTION 1What is one common benefit of U access and inverted U access design topologies for the access layer?

A. They both contain VLANs in switch pairs.B. They are both forms of a looped design model.C. They require no STP blocking; all uplinks are active.D. They both support VLAN extension across aggregation switches.

Correct Answer: CSection: (none)Explanation

Explanation/Reference:Explanation:

QUESTION 2Refer to the exhibit.

Which mechanism is preferred for traffic load balancing in this topology, when fast convergence is the designpriority?

A. Spanning Tree ProtocolB. Layer 3 Equal-Cost MultipathC. Multichassis EtherChannelD. Hot Standby Routing Protocol



"Pass Any Exam. Any Time." - www.actualtests.com 2

QUESTION 3What are three effective ways to service multicast traffic in a data center environment? (Choose three.)

A. deploying VRFs per address familyB. configuring IGMP/PIM in the Cisco Catalyst 6500 Series FWSM

C. configuring IGMP/PIM in the Cisco ACE ModuleD. configuring IGMP/PIM in the MSFC on a Cisco Catalyst 6500 switchE. configuring service modules in transparent or bridged mode

Correct Answer: BDESection: (none)Explanation


QUESTION 4What is a primary technology enabler for server I/O consolidation?

A. Fibre ChannelB. virtual SANC. Converged Network AdapterD. virtual device contexts



QUESTION 5What is a benefit that results from deploying a top-of-rack equipment design?

A. optimal port utilization in the rackB. faster convergence for Layer 2 servicesC. increased cabling simplicityD. security enforced at the access layerE. fewer ports required in the aggregationF. reduced amount of STP instances



QUESTION 6What simplifies troubleshooting and enhances protocol stability for OSPF?


A. using loopback interfaces

B. modifying the SPF delay hold timeC. advertising a default route into the data centerD. utilizing different OSPF process IDs

Correct Answer: ASection: (none)Explanation


QUESTION 7FCoE extends the reach of Fibre Channel throughout the data center by performing which action?

A. encapsulating Fibre Channel frames into Ethernet framesB. aggregating Fibre Channel by using FC trunkingC. multiplexing Fibre Channel and Ethernet on the same physical mediaD. allocating separate EtherChannels for LAN and SAN traffic



QUESTION 8Which two functions enable lossless Ethernet in data center devices? (Choose two.)

A. classical QoSB. multihop FCoEC. priority flow controlD. collision avoidance supportE. CoS-based bandwidth management

Correct Answer: CESection: (none)Explanation



QUESTION 9You have been tasked with designing and implementing a data center network. You are ready to configure aCisco Unified Computing System to Nexus 7000 connection. To ensure active/active forwarding for all VLANson all Cisco Unified Computing System uplinks toward the Cisco Nexus 7000 switches, what is the correctconfiguration?

A. VSS between the two northbound Cisco Nexus 7000 switches and leave the fabric interconnects in theirdefault mode.

B. vPC on the Cisco Nexus 7000 switches with the Cisco Unified Computing System fabric interconnectsrunning in end-host mode.

C. vPC on the Cisco Nexus 7000 switches with the Cisco Unified Computing System fabric interconnects

running in switch mode.D. Nothing specific on the Cisco Nexus 7000 switches but enable switch mode on the Cisco Unified Computing

System fabric interconnects.

Correct Answer: BSection: (none)Explanation


QUESTION 10You are deploying a new rack into your data center. This rack requires 10 x 1-Gb connections and 10 x 10-Gbconnections. Which product would be best suited, and minimize unused ports, to provide networkingconnectivity to this rack?

A. Cisco Nexus 5010 because it supports 10 ports as either 1-Gb or 10-GbB. Cisco Nexus 5010 because it supports 20 ports as either 1-Gb or 10-GbC. Cisco Nexus 5020 because it supports 16 ports as either 1-Gb or 10-GbD. Cisco Nexus 5020 because it supports 32 ports as either 1-Gb or 10-Gb



QUESTION 11Which hardware-based security feature mitigates DDoS attacks against the Cisco Nexus switch itself?


A. ACLsB. CoPPC. IP Source GuardD. IP sanity checks



QUESTION 12How many Cisco Catalyst 6500 Series FWSM modules can be supported in a single Cisco Catalyst 6500chassis?

A. 1B. 2C. 4D. 8

Correct Answer: C

Section: (none)Explanation


QUESTION 13Which three features make the Cisco Catalyst 4948 an ideal data center top-of-rack switch? (Choose three.)

A. NAT/PATB. port securityC. 10-GB uplinksD. SNMP managementE. hot-swappable power supplies

Correct Answer: BCESection: (none)Explanation


QUESTION 14Which type of adapter must be used when connecting a host server to a Cisco SFS Infiniband server switch?


A. HBAB. HCAC. NICD. CNA



QUESTION 15Which two transport layer protocols can the Flexible NetFlow exporter utilize? (Choose two.)

A. GREB. TCPC. UDPD. RSVPE. SCTPF. IP

Correct Answer: CESection: (none)Explanation


QUESTION 16The Cisco Nexus 5500 Series Switches use which operating mode for 10-Gb connections versus 1-Gbconnections?

A. store-and-forward mode for all connection speedsB. cut-through mode for all connection speedsC. store-and-forward mode for 10-Gb connections and cut-through mode for 1-Gb connectionsD. cut-through mode for 10-Gb connections and store-and-forward mode for 1-Gb connections

Correct Answer: DSection: (none)Explanation


QUESTION 17An administrator wants to deploy two different Cisco VSMs to manage two different virtual networks withinVMware vCenter, but wants to use the same control, management, and packet

"Pass Any Exam. Any Time." - www.actualtests.com 7 VLANs. What must the administrator perform to ensurethat the two Cisco VSMs only communicate with their respective VEMs?

A. Configure different domain IDs on each pair of Cisco VSMs.B. Configure different switch UUIDs on each pair of Cisco VSMs.C. Configure the SVS connection on each pair of Cisco VSMs to utilize a different remote port.D. This is not possible. Each Cisco VSM must have different control and packet VLANs.



QUESTION 18What are three fabric virtualization capabilities of the Cisco MDS switch, when consolidating new and existingdata center storage connectivity requirements? (Choose three.)

A. VSANB. vPCC. NIVD. NPIVE. IVR

Correct Answer: ADESection: (none)Explanation


QUESTION 19Which routing protocol represents the more effective choice to accomplish stability at the data center core?

A. EIGRPB. OSPFC. BGPD. RIP




QUESTION 20Which licensing feature set is required on the Cisco Nexus 7010 platform to support the use of VDCs?

A. IP BaseB. Basic ServicesC. Advanced ServicesD. Enterprise Services



QUESTION 21Which two functional areas are covered by the Cisco TrustSec model? (Choose two.)

A. port scansB. IP spoofingC. DDoS attacksD. packet confidentiality and integrityE. access control via security group ACLs

Correct Answer: DESection: (none)Explanation


QUESTION 22Routing protocol authentication is a security feature most likely found at which data center layer?

A. coreB. accessC. distributionD. Internet edge

Correct Answer: ASection: (none)

Explanation




In this situation, the link between aggregation switches fails. What can be done to prevent asymmetrical trafficflows from the core should the link between the aggregation switches fail?

A. Implement RHI.B. Implement RSTP and MST.C. Tune STP costs on access switches.D. Advertise the Agg1 switch as the primary route to the core.



QUESTION 24Cisco DCNM monitoring tools can create and display statistical information and historical trending overviewcharts for a feature or interface. For Ethernet interfaces, which of the following can be charted for viewing?

A. Traffic Stats, Error Stats, SFP Diags, Trunk StatsB. Traffic Stats, PONG, SPAN stats, Port Error statsC. Packets & Frames, Unicast Traffic, Multicast, BroadcastD. Discards, Drops, Lost Carrier, BPDU loss



Explanation/Reference:

Explanation:

QUESTION 25In a Cisco Unified Network design, the core layer could have which two services available? (Choose two.)

A. NPIV featureB. NPV featureC. fabric login servicesD. FCoE FEXE. config-sync

Correct Answer: ACSection: (none)Explanation


QUESTION 26Which two tools can be used to monitor the name server logins of the converged adapters? (Choose two.)

A. Cisco DCNM SANB. Cisco DCNM LANC. Cisco Nexus EEMD. monitor session to WiresharkE. Threshold Manager

Correct Answer: ADSection: (none)Explanation


QUESTION 27Which of the following is the most important consideration of an FCoE design?

A. EvPCB. oversubscriptionC. active/active Converged Network Adapter ports

"Pass Any Exam. Any Time." - www.actualtests.com 11D. fabric pathE. ENPV



QUESTION 28In designing virtual firewalls for a data center environment using the Cisco Nexus 7010 Switch, which two arevalid design options? (Choose two.)

A. Multiple VSSs can be assigned to a different VDC.B. Different VDCs can be deployed for each virtual firewall.C. Multiple VRFs can be used, each of which can allocate a VSS for each virtual firewall.D. A subset of VLANs and VRFs can be assigned to a virtual management domain.E. Multiple VRFs can be associated with each virtual firewall within a single VDC.

Correct Answer: BESection: (none)Explanation


QUESTION 29Refer to the exhibit,

"Pass Any Exam. Any Time." - www.actualtests.com 12 where the green dots represent server default gatewayselection. Which design provides the maximum level of application and security services?

A. AB. BC. CD. A and C



QUESTION 30Which two Cisco service modules can be deployed in redundant pairs with active-active failover? (Choose two.)

A. ACEB. CSMC. NAMD. FWSM

E. SSLSM




"Pass Any Exam. Any Time." - www.actualtests.com 13 What would you recommend to a customer who isalmost out of slots for 10-Gigabit Ethernet connections in the aggregation module?

A. Add WAEs to the aggregation and access layers.B. Move the Content Switching Modules to separate service layer switches.C. Move the Content Switching Modules to the access layer Cisco Catalyst 6506 Switches.D. Upgrade the Cisco Catalyst 6509 Switches in the aggregation layer to Cisco Catalyst 6513 Switches.



QUESTION 32Which Cisco Catalyst 6500 Series FWSM mode of operation results in the least impact to the IP addressingscheme?

A. secondary-ip-addressingB. layer-2-forwardC. transparentD. pass-through



Explanation:



Which two actions can be performed to improve routing between server subnets? (Choose two.)

A. Integrate service modules in the aggregation switches.B. Define separate VLANs for the different server subnets.C. Define different VSSs toward the access and core layers.D. Define different VRFs toward the access and core layers.E. Define different VDCs toward the access and core layers.



QUESTION 34Why is QoS best applied in the aggregation layer of the data center network?

A. It is the only layer that uses VLANs.B. QoS should be applied to the core layer, which is strictly Layer 3.C. Layer 2 statistics collection from the aggregation layer is easier than from the core layer.D. It is usually where Layer 2 and Layer 3 are demarcated.



QUESTION 35Which hardware and feature is used to implement a logical distribution network layer in the data

"Pass Any Exam. Any Time." - www.actualtests.com 15 center?

A. Cisco Nexus 7000 with VDCsB. FEX using vPCC. Cisco Nexus 5000 with Layer 3 modulesD. Cisco Unified Computing System with fabric interconnect



QUESTION 36At which network layer would you likely find features like QoS ACLs?

A. access layerB. aggregation layerC. core layerD. application layer





Which feature helps the default gateway to switch over to the secondary aggregation switch shown?

A. NIC teamingB. EtherChannelC. STP enhancementsD. HSRP interface tracking





Which statement best describes the impact of the STP on this topology?

A. A VLAN can be extended to all access switches.B. All uplinks from the access switches are simultaneously active.C. The density of access switches is higher than in other topologies.D. Uplink failures on access layer switches can break connectivity between servers and service modules in the

aggregation layer.



QUESTION 39Why are server-to-server traffic flows routed through the aggregation layer?

A. They are routed to provide increased fault tolerance and larger STP domains.B. They are routed to provide load-balancing services between web and application servers.C. They are routed because individual access modules cannot scale to large HPC deployments.D. Server-to-server traffic flows should never be routed through the aggregation layer.



QUESTION 40Which two of the following are requirements of FCoE? (Choose two.)

A. FCoE Initialization ProtocolB. use of jumbo framesC. Spanning Tree Protocol

"Pass Any Exam. Any Time." - www.actualtests.com 18D. TCP-driven retransmissions for flow controlE. IEEE 802.3x extensions to enable lossless Ethernet

Correct Answer: BESection: (none)Explanation


QUESTION 41Which access layer design can improve STP stability with the use of enhanced features like UDLD, loop guard,and BPDU guard?

A. top of rack, end of row, or middle of rowB. triangle topologiesC. U and inverted U modelsD. any model using PVST+



QUESTION 42Used in combination with DHCP snooping, which feature helps prevent spoofing attacks in the data centeraccess layer?

A. RPFB. port securityC. IP TrustSecD. Dynamic ARP Inspection



QUESTION 43In a data center environment, which ACL type allows for role-based access control?

A. time-controlled access listsB. VLAN

"Pass Any Exam. Any Time." - www.actualtests.com 19C. security groupD. reflexive



QUESTION 44Which two Cisco Nexus 5500 features position the switch as an effective solution in the data centeraggregation layer? (Choose two.)

A. low latencyB. unified I/O via FCoE

C. Layer 3 capabilitiesD. 10-Gb/s server connections

Correct Answer: BCSection: (none)Explanation


QUESTION 45Which two of the following factors do IT departments need to consider when designing cabling plants? (Choosetwo.)

A. Bandwidth requirements are always increasing.B. Modularity and flexibility.C. I/O connectivity options like top-of-rack or end-of-row are evolving.D. Virtualization is critical when designing cabling plants.



QUESTION 46Which of the following application high-availability options is not configurable using the Cisco ACE solution?

A. tracking and failure detection"Pass Any Exam. Any Time." - www.actualtests.com 20

B. virtual device redundancyC. stateless failoverD. active/active redundancy



QUESTION 47How does the Cisco ACE server get the CPU and memory utilization information for each VM from VMwarevCenter?

A. VMware vCenter sends an email to the Cisco ACE administrator.B. Cisco ACE sends MySQL queries to the VMware View Connection Broker.C. VMware vCenter monitors IP traffic utilization and sends a vMotion request to Cisco ACE to load-balance

VMs.D. Cisco ACE polls the VM server MIBs from VMware vCenter.



QUESTION 48Which three of the following are Cisco GSS global load-balancing algorithms? (Choose three.)

A. ordered listB. static algorithm based on client MAC addressC. round robinD. most loadedE. WRRF. geocaching database

Correct Answer: ACESection: (none)Explanation


QUESTION 49What is the name of the process used by OTV, whereby the traffic flow between source and destination hostMAC addresses is translated in the overlay into an IP flow between the source

"Pass Any Exam. Any Time." - www.actualtests.com 21 and destination IP addresses of the relevant edgedevices?

A. tunnelingB. atmC. broadcastingD. encapsulationE. translation



QUESTION 50Which two of the following are Cisco WAAS WAN optimization features? (Choose two.)

A. multicast and broadcast packet replicationB. TCP flow optimizationC. ISL optimizationD. UDP packet store and forward optimizationE. standby LZ compression and persistent SRE compression expansionF. data redundancy elimination

Correct Answer: BFSection: (none)Explanation


QUESTION 51What are two ways in which the virtual appliance can be deployed to help optimize private cloudinfrastructures? (Choose two.)

A. traditional inline data center deployment with direct-inline interceptionB. cloud-based VMware ESXi redirection using VMware vCenter WCCP interceptionC. traditional WAN edge deployment with out-of-path WCCP interceptionD. vWave appliance deployment deep in the data center with inception Level 3 awarenessE. deep in the data center with innovative vPATH interception

Correct Answer: CDSection: (none)Explanation



QUESTION 52Aside from maximizing application availability, what are two benefits of Cisco Application Networking Services?(Choose two.)

A. It delivers highly adaptable acceleration technologies.B. It provides dependable application response times.C. It provides application virus detection.D. It provides increased productivity, salary, and paid time off for all types of end users-mobile, branch-based,

or external parties.E. It does not work well over a WAN.F. It increases cost and complexity.

Correct Answer: ABSection: (none)Explanation


QUESTION 53What are two benefits of Cisco Application Networking Services solutions, aside from lowering the TCO andimproving IT flexibility? (Choose two.)


A. Performance: Ensures the best service to users in all network locations.B. Security: Will not protect critical applications, infrastructure, and data.

C. Availability: Increases application availability to users throughout your networkD. Complexity: Increases cost and complexity. Provides job security for IT professionals.E. All of the above are Cisco Application Networking Services solutions benefits.

Correct Answer: ACSection: (none)Explanation


QUESTION 54Which three statements about designing security policy for the data center are true? (Choose three.)

A. Many VLANs are used.B. High availability is a must.C. IPsec VPNs are needed.D. The solution should scale because data centers evolve through time.

Correct Answer: ABDSection: (none)Explanation

Explanation/Reference:"Pass Any Exam. Any Time." - www.actualtests.com 23 Explanation:

QUESTION 55Which three technologies are considered access control technologies in the data center? (Choose three.)

A. MAC Authentication BypassB. 802.1x guest VLANC. auth failed VLAND. direct IPsec encapsulationE. restricted VLAN

Correct Answer: ABCSection: (none)Explanation


QUESTION 56Which Cisco product provides complete compliance with the latest Payment Card Industry requirements?

A. Cisco ACE Web Application FirewallB. Cisco ACE XML GatewayC. Cisco ACE Global Site SelectorD. Cisco ASA 5585-X Adaptive Security ApplianceE. Cisco Catalyst 6500 Series FWSM module



QUESTION 57Which statement best describes the TFO feature?

A. TFO is a data compression method.B. TFO streamlines file-locking semantics.C. TFO optimizes TCP connections for client/server traffic.D. TFO optimizes CIFS connections for client/server traffic.




QUESTION 58Regarding network requirements for a Cisco Unified Fabric data center, what are the three best practice datapoints to learn? (Choose three.)

A. application I/OB. NetFlow collection dataC. Cisco Data Center Collection AnalyzerD. third-party analysis toolsE. ROI toolsF. SNMP traps

Correct Answer: ABDSection: (none)Explanation


QUESTION 59Which network tool provides proactive link utilization?

A. SMSB. PongC. NettoolD. RMONE. SPAN



QUESTION 60In a Cisco Unified Fabric network, where is the best data point to gather information to determine congestion?

A. SFP+ transceiver countersB. PFC pause rates and buffer credit usage

"Pass Any Exam. Any Time." - www.actualtests.com 25C. RSCN statisticsD. DCB negotiation parametersE. SCSI acknowledgement delay



QUESTION 61Which logical topology is most appropriate for the core layer?

A. Layer 2 loop-freeB. Layer 3 BGP routingC. Layer 2 looped squareD. Layer 2 looped triangleE. Layer 3 EIGRP routing

Correct Answer: ESection: (none)Explanation


QUESTION 62Which recommendation applies to OSPF in the data center core?

A. Do not permit route distribution with RHI.B. Run OSPF on all VLANs to reduce convergence time.C. Adjust OSPF reference bandwidth for VLANs with 10-Gigabit Ethernet links.D. Advertise all routes into a NSSA and summarize default routes out.



QUESTION 63Which Cisco data center product provides ACLs, virtual partitioning, and SSL termination?

A. Cisco ACE ModuleB. Cisco FWSM

"Pass Any Exam. Any Time." - www.actualtests.com 26C. Cisco PIX 500D. Cisco MDS 9000




This design takes advantage of which Cisco ACE feature?

A. bridged modeB. inline failoverC. HSRP pass-throughD. transparent firewall




QUESTION 65To protect the supervisor of a Cisco Nexus 7000 switch, the CoPP feature performs which two functions?(Choose two.)

A. performs broadcast suppressionB. drops packets with unknown sourcesC. focuses on access and authentication attacksD. separates data plane packets from control plane packetsE. provides DoS protection independent from interface capabilities



QUESTION 66Which two functions are commonly combined to provide load balancing and redundancy in data center servicesacross the data center core? (Choose two.)

A. Cisco ACE Layer 7 policiesB. route health injectionC. global server load balancingD. EIGRP unequal-cost load balancing



QUESTION 67Which two techniques can be used to mitigate DDoS attacks in the data center core, using the Cisco Nexus7000 Family of switches? (Choose two.)

A. uRPFB. NAT/PATC. DHCP snoopingD. control plane policingE. deep packet inspection




QUESTION 68What are two benefits that result from deploying a top-of-rack access layer design? (Choose two.)

A. increased fault toleranceB. improved server densityC. simpler logical topologyD. improved power distribution



Explanation:

QUESTION 69Which two statements best describe the advantages concerning Layer 2 path selection when deploying VDCsin the aggregation layer? (Choose two.)

A. MEC provides Layer 2 load balancing.B. VDCs reduce the size of Layer 2 failure domains.C. The VSL aids in Layer 2 load balancing during failures.D. vPC provides Layer 2 load balancing and loop management without use of STP.

Correct Answer: BDSection: (none)Explanation


QUESTION 70Your customer plans to deploy FWSM and IDSM modules in the aggregation layer. Which design should youavoid?

A. Layer 3B. InfiniBandC. Layer 2 loop-freeD. Layer 2 hub spokeE. Layer 2 looped triangle




Which two configuration methods can be used to achieve this topology? (Choose two.)

A. The core switches will automatically become the root bridges for the noted VLANs.

B. Set the root priority on the aggregation switches to a lower value than that of the core switches.C. Manipulate the STP path priority for the noted VLANs on the desired ports.D. Setting the STP switch priority lower than the default value on the core switches for the noted VLANs.



QUESTION 72Which protocol mitigates man-in-the-middle attacks in the data center access layer?

A. DHCP snoopingB. PVLANsC. Reverse Path ForwardingD. Dynamic ARP Inspection



QUESTION 73Which two solutions scale up to 1.4-Tb/s system bandwidth capacity? (Choose two.)

A. Cisco Nexus 5000B. Cisco Nexus 7010C. Cisco Catalyst 6500 VSS 1440D. VSS-aggregated Nexus 7010E. Cisco Catalyst 6500 with 1.4-Tb/s SFM



QUESTION 74A data center network requires an access control mechanism to prevent unauthorized access at the accesslayer and to provide path confidentiality services. Which Cisco Nexus 7000 feature can be used?

A. AAAB. NACC. 802.1XD. Cisco TrustSec



QUESTION 75What are three important attributes that Cisco Application Networking Services delivers to help meet businesschallenges? (Choose three.)

A. Application superiority: Make your company's applications the best in the industry.B. Unified network services: Connect any person to any resource, with any device.C. Integrated security: Build in protection for access, identity, and data.D. Communication overload: Stay connected with social media and networking like Facebook, "Pass Any

Exam. Any Time." - www.actualtests.com 31 Twitter, and LinkedIn.E. Virtualization: Simplify your network and maximize resource utilization.F. Operational expandability: Add more work so that you can increase staff and resources, provide career

advancement to management, and add routine tasks for efficiency.

Correct Answer: BCESection: (none)Explanation

Explanation/Reference:"Pass Any Exam. Any Time." - www.actualtests.com 32


Cisco Data Center Unified Fabric Solutions Design · Cisco Data Center Unified Fabric Solutions...

Documents

Transcript of Cisco Data Center Unified Fabric Solutions Design · Cisco Data Center Unified Fabric Solutions...