1. Home
  2. Cisco
  3. 300-620

Implementing Cisco Application Centric Infrastructure (DCACI)

Exam Details

  • Exam Code
    :300-620
  • Exam Name
    :Implementing Cisco Application Centric Infrastructure (DCACI)
  • Certification
    :CCNP Data Center
  • Vendor
    :Cisco
  • Total Questions
    :309 Q&As
  • Last Updated
    :Mar 28, 2025

Cisco CCNP Data Center 300-620 Questions & Answers

  • Question 141:

    A customer implements RBAC on a Cisco APIC using a Windows RADIUS server that is configured with network control policies. The APIC configuration is as follows: Tenant = TenantX Security Domain = TenantX-SD User = X

    The customer requires User X to have access to TenantX only, without any extra privilege in the Cisco ACI fabric domain. Which Cisco AV pair must be implemented on the RADIUS server to meet these requirement?

    A. shell:domains = TenantX-SD/fabric-admin/,common//read-all

    B. shell:domains = TenantX-SD/tenant-admin

    C. shell:domains = TenantX-SD/tenant-ext-admin/,common//read-all

    D. shell:domains = TenantX-SD/tenant-admin/,common//read-all

  • Question 142:

    An engineer wants to filter the System Faults page and view only the active faults that are present in the Cisco ACI fabric. Which two lifecycle stages must be selected for filtering? (Choose two.)

    A. Raised

    B. Retaining

    C. Soaking, Clearing

    D. Raised, Clearing

    E. Soaking

  • Question 143:

    An engineer must limit management access to the Cisco ACI fabric that originates from a single subnet where the NOC operates. Access should be limited to SSH and HTTPS only. Where should the policy be configured on the Cisco APIC to meet the requirements?

    A. policy in the management tenant

    B. ACL on the console interface

    C. ACL on the management interface of the APIC

    D. policy on the management VLAN

  • Question 144:

    In-band is currently configured and used to manage the Cisco ACI fabric. The requirement is for leaf and spine switches to use out-of-band management for NTP protocol. Which action accomplishes this goal?

    A. Select Out-of-Band as Management EPG in the default DateTimePolicy.

    B. Create an Override Policy with NTP Out-of-Band for leaf and spine switches.

    C. Change the interface used for APIC external connectivity to ooband.

    D. Add a new filter to the utilized Out-of-Band-Contract to allow NTP protocol.

  • Question 145:

    Refer to the exhibit.

    Which action should be taken to ensure authentication if the RADIUS servers are unavailable?

    A. Adjust the priority of server 10.1.1.1 to 1.

    B. Assign the user to the default role.

    C. Set the default login realm to LDAP.

    D. Set the fallback login to local.

  • Question 146:

    A network engineer demonstrates Cisco ACI to a customer. One of the test cases is to validate a disaster recovery event by resetting the ACI fabric to factory and then restoring the fabric to the state it was in before the event. Which setting must be enabled on ACI to export all configuration parameters that are necessary to meet these requirements?

    A. enabled AES encryption

    B. generated a tech-support file

    C. encrypted export destination

    D. enabled JSON format export

  • Question 147:

    A data center administrator is upgrading an ACI fabric. There are 3 APIC controllers in the fabric and all the servers are dual-homed to pairs of leaf switches configured in VPC mode. How should the fabric be upgraded to minimize possible traffic impact during the upgrade?

    A. 1. Create two maintenance groups for the APIC controllers: VPC left and VPC right.

    2.

    Upgrade the first group of controllers.

    3.

    Upgrade the second group of controllers.

    4.

    Upgrade the leaf switches.

    B. 1. Create two maintenance groups for APIC controllers: VPC left and VPC right.

    2.

    Upgrade the leaf switches.

    3.

    Upgrade the first group of controllers.

    4.

    Upgrade the second group of controllers.

    C. 1. Create two maintenance groups for the leaf switches: VPC left and VPC right.

    2.

    Upgrade the APIC controllers.

    3.

    Upgrade the first group of leaf switches.

    4.

    Upgrade the second group of leaf switches.

    D. 1. Create two maintenance groups for the leaf switches: VPC left and VPC right.

    2.

    Upgrade the first group of switches.

    3.

    Upgrade the second group of switches.

    4.

    Upgrade the APIC controllers.

  • Question 148:

    Which attribute should be configured for each user to enable RADIUS for external authentication in Cisco ACI?

    A. cisco-security domain

    B. cisco-auth-features

    C. cisco-aci-role

    D. cisco-av-pair

  • Question 149:

    Which two protocols support accessing backup files on a remote location from the APIC? (Choose two.)

    A. TFTP

    B. FTP

    C. SFTP

    D. SMB E. HTTPS

  • Question 150:

    Which protocol does ACI use to securely sane the configuration in a remote location?

    A. SCP

    B. HTTPS

    C. TFTP

    D. FTP

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-620 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.