Implementing Cisco Data Center Infrastructure (DCII): 300-165 exam. Share the latest 300-165 dumps and Practice test questions for free. Real and effective exam questions and answers. 300-165 pdf online Download, 300-165 YouTube video online learning to improve skills! Examthings share 22 Practice test questions for FREE! Get the full 300-165 exam dumps: https://www.leads4pass.com/300-165.html (Total questions:281 Q&A)
[PDF] Free Cisco 300-165 pdf dumps download from Google Drive: https://drive.google.com/open?id=1KZD6eDPlmL4obEBSreeEf5IK7TMoVtZF
[PDF] Free Full Cisco pdf dumps download from Google Drive: https://drive.google.com/open?id=1CMo2G21nPLf7ZmI-3_hBpr4GDKRQWrGx
300-165 DCII – Cisco: https://www.cisco.com/c/en/us/training-events/training-certifications/exams/current-list/dcii.html
Latest effective Cisco 300-165 Exam Practice Tests
QUESTION 1
Which two security features are only supported on the Cisco Nexus 7000 Series Switches? (Choose two.)
A. IP source guard
B. traffic storm control
C. CoPP
D. DHCP snooping
E. Dynamic ARP Inspection
F. NAC
Correct Answer: BF
A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. You
can use the traffic storm control feature to prevent disruptions on Layer 2 ports by a broadcast, multicast, or unicast
traffic storm on physical interfaces. Traffic storm control (also called traffic suppression) allows you to monitor the levels
of the incoming broadcast, multicast, and unicast traffic over a 10-millisecond interval. During this interval, the traffic
level, which is a percentage of the total available bandwidth of the port, is compared with the traffic storm control level
that you configured. When the ingress traffic reaches the traffic storm control level that is configured on the port, traffic
storm control drops the traffic until the interval ends.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/dcnm/security/configurati
on/guide/b_Cisco_DCNM_Security_Configuration_Guide__Release_5-
x/Cisco_DCNM_Security_Configuration_Guide__Release_5x_chapter17.html
And http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/dcnm/security/configurati
on/guide/b_Cisco_DCNM_Security_Configuration_Guide__Release_5-
x/Cisco_DCNM_Security_Configuration_Guide__Release_5-x_chapter1.html
QUESTION 2
Which statement about the implementation of Cisco TrustSec on Cisco Nexus 7000 Series Switches is true?
A. While SGACL enforcement and SGT propagation are supported on the M and F modules, 802.1AE (MACsec)
support is available only on the M module.
B. SGT Exchange Protocol is required to propagate the SGTs across F modules that lack hardware support for Cisco
TrustSec.
C. AAA authentication and authorization is supported using TACACS or RADIUS to a Cisco Secure Access Control
Server.
D. Both Cisco TrustSec and 802.1X can be configured on an F or M module interface.
Correct Answer: A
The M-Series modules on the Nexus 7000 support 802.1AE MACSEC on all ports, including the new M2-series
modules. The F2e modules will have this feature enabled in the future.
It is important to note that because 802.1AE MACSEC is a link-level encryption, the two MACSEC-enabled endpoints,
Nexus 7000 devices in our case, must be directly L2 adjacent. This means we direct fiber connection or one facilitated
with
optical gear is required. MACSEC has integrity checks for the frames and intermediate devices, like another switch,
even at L2, will cause the integrity checks to fail. In most cases, this means metro-Ethernet services or carrier-provided
label
switched services will not work for a MACSEC connection.
Reference: http://www.ciscopress.com/articles/article.asp?p=2065720
QUESTION 3
Which command should you run to limit IS-IS LSP flooding on a network?
A. isis hello-padding
B. isis passive-interface
C. is-type level-1
D. isis mesh-group ISIS-MESH
Correct Answer: D
QUESTION 4
Refer to the exhibit,Which description of the output is true?
A. The default map-catch limit is used.
B. PETR is disable
C. The table output apply to the default VRF
D. The switch acts as an IPv4 LISP ETR
Correct Answer: A
QUESTION 5
Which three VDC resources can be constrained with a resource template? (Choose three.)
A. ACLs
B. NAT entries
C. IPv4 routes
D. IPv6 routes
E. SPAN sessions
F. RBAC users
Correct Answer: CDE
VDC resource templates set the minimum and maximum limits for shared physical device resources when you create
the VDC. The Cisco NX-OS software reserves the minimum limit for the resource to the VDC. Any resources allocated
to the VDC beyond the minimum are based on the maximum limit and availability on the device. You can explicitly
specify a VDC resource template, or you can use the default VDC template provided by the Cisco NX-OS software.
VDC templates set limits on the following resources: IPv4 multicast route memory IPv6 multicast route memory IPv4
unicast route memory IPv6 unicast route memory Port channels Switch Port Analyzer (SPAN) sessions VLANs Virtual
routing and forwarding instances (VRFs)
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-
os/virtual_device_context/configuration/guide/b-7k-Cisco-Nexus-7000-Series-NX-OS- Virtual-Device-Context-
Configuration-Guide/vdc-res-template.html
QUESTION 6
Refer to the exhibit.
What is the consequence of configuring peer-gateway on the two vPC peers N7K-1 and N7K-2?
A. Nothing, this is the standard vPC configuration to make the feature work.
B. The downstream device detects only one of the vPC peers as its gateway.
C. The downstream device can use DMAC of N7K-1 on the link to N7K-2, and N7K-2 forwards the packet.
D. This configuration enables the downstream device to use DHCP to obtain its default gateway.
Correct Answer: C
Beginning with Cisco NX-OS 4.2(1), you can configure vPC peer devices to act as the gateway even for packets that
are destined to the vPC peer device\\’s MAC address. Use the peer-gateway command to configure this feature. Some
network-attached storage (NAS) devices or load-balancers may have features aimed to optimize the performances of
particular applications. Essentially these features avoid performing a routing-table lookup when responding to a request
that originated form a host not locally attached to the same subnet. Such devices may reply to traffic using the MAC
address of the sender Cisco Nexus 7000 device rather than the common HSRP gateway. Such behavior is non-
complaint with some basic Ethernet RFC standards. Packets reaching a vPC device for the non-local router MAC
address are sent across the peer-link and could be dropped by the built in vPC loop avoidance mechanism if the final
destination is behind another vPC. The vPC peer-gateway capability allows a vPC switch to act as the active gateway
for packets that are addressed to the router MAC address of the vPC peer. This feature enables local forwarding of such
packets without the need to cross the vPC peer-link. In this scenario, the feature optimizes use of the peer-link and
avoids potential traffic loss. Configuring the peer-gateway feature needs to be done on both primary and secondary vPC
peers and is non-disruptive to the operations of the device or to the vPC traffic. The vPC peer-gateway feature can be
configured globally under the vPC domain submode. When enabling this feature it is also required to disable IP redirects
on all interface VLANs mapped over a vPC VLAN to avoid generation of IP redirect messages for packets switched
through the peer gateway router. When the feature is enabled in the vPC domain, the user is notified of such a
requirement through an appropriate message. Packets arriving at the peer-gateway vPC device will have their TTL
decremented, so packets carrying TTL = 1 may be dropped in transit due to TTL expire. This needs to be taken into
account when the peer-gateway feature is enabled and particular network protocols sourcing packets with TTL = 1
operate on a vPC VLAN.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_2/nx-
os/interfaces/configuration/guide/if_nxos/if_vPC.html
QUESTION 7
Which two options are limitations of NetFlow Version 5? (Choose two.)
A. no support for IPv6, Layer 2, or MPLS fields
B. fixed field specifications
C. excessive network utilization
D. analyzes all packets on the interface
Correct Answer: AB
QUESTION 8
Which two statements are true when performing a SPAN capture of traffic reaching the Supervisor CPU in order to
troubleshoot control plane protocols in the tenant VDC? (Choose two.)
A. The destination interface will also receive control plane traffic from other VDCs.
B. The SPAN configuration must be added to the default or administrative VDC.
C. SPAN only supports monitoring of ingress traffic to the supervisor.
D. Captured traffic from the supervisor can be shown directly on the terminal.
E. Only monitoring of egress traffic from the supervisor is possible.
Correct Answer: BD
QUESTION 9
You have a Cisco MDS switch that uses port channel. You must ensure that frames between the source and the
destination follow the same links for a specific flow. Subsequent flows can use a different link, which load-balancing
method do you use?
A. Source-destination-ip
B. Source-destioation-port
C. Flow
D. Source id-destination id-oxid
Correct Answer: C
QUESTION 10
Scenario:
The following four questions concern the Nexus 7010\\’ s which are configured as a vPC pair at the core of a Data
Center network. You can utilize all the available show commands to answer the Questions Access to the running-
configuration
is not allowed.
Instructions:
Enter NX-OS commands on 7K-3 and 7K-4 to verity network operation and answer four multiple-choice questions
THIS TASK DOES NOT REQUIRE DEVICE CONFIGURATION.
Click on the switch to gain access to the console of the switch. No console or enable passwords are required.
To access the multiple-choice questions, click on the numbered boxes on the loft of the top panel.
There are four multiple-choice questions with this task Be sure to answer all four questions before selecting the Next
button
Topology: Within the vpc configuration of the 7K\\’s. the command peer-gateway is configured as confirmed with the
command show vpc. What is the result of enabling this command? A. Enables 7K-3 to act as the active gateway for packets received on VLAN 101 that are addressed to the MAC address
of 7K-4
B. Enables 7K-4 to use of the vpc peer link for forwarding packets received on VLAN 100 that are addressed to the
MAC address of 7K-3
C. Generates IP redirect messages for packets switched through the peer-gateway router
D. Causes the HSRP active router to update the ARP table on the standby router for faster convergence after the vPC
peer link has flapped
E. Allows the vpc peers to coordinate the LACP ID which must be the same on all links on the port-channel
Correct Answer: D
QUESTION 11
In the dynamic vNIC creation wizard, why are choices for Protection important?
A. They allow reserve vNICs to be allocated out of the spares pool.
B. They enable hardware-based failover.
C. They select the primary fabric association for dynamic vNICs.
D. They allow dynamic vNICs to be reserved for fabric failover.
Correct Answer: C
Number of Dynamic vNICs This is the number of vNICs that will be available for dynamic assignment to VMs.
Remember that the VIC has a limit to the number of vNICs that it can support and this is based on the number of uplinks
between the IOM and the FI. At least this is the case with the 2104 IOM and the M81KR VIC, which supports ((# IOM
Links * 15) ?2)). Also remember that your ESXi server will already have a number of vNICs used for other traffic such as
Mgmt, vMotion, storage, etc, and that these count against the limit.
Adapter Policy ?This determines the vNIC adapter config (HW queue config, TCP offload, etc) and you must select
VMWarePassThru to support VM-FEX in High Performance mode.
Protection ?This determines the initial placement of the vNICs, either all of them are placed on fabric A or Fabric B or
they are alternated between the two fabrics if you just select the “Protected” option. Failover is always enabled on these
vNICs and there is no way to disable the protection.
Reference: http://infrastructureadventures.com/2011/10/09/deploying-cisco-ucs-vm-fex-for-
vsphere-%E2%80%93-part-2-ucsm-config-and-vmware-integration/
QUESTION 12
Refer to the exhibit.What is the result of the configuration?
A. A MAC address of 11c0.adaa.3213 is denied.
B. The MAC ACL is applied to VLANs 10-120.
C. The MAC ACL denies a MAC address of 1122.2847.4591 on VLAN 101.
D. A MAC address of 11c0.adaa.3213 is permitted.
Correct Answer: A
QUESTION 13
Which four options are capabilities of the Cisco Nexus 5000 and 5500 Series Switch? (Choose four.)
A. line rate
B. managed by a parent switch
C. lossless 10 Gigabit Ethernet
D. lossless 100 Gigabit Ethernet
E. low latency
F. extremely low latency
G. hosts a virtual supervisor module
Correct Answer: ACEG
QUESTION 14
Refer to the exhibit.Which two outcomes occur when the state is Other? (Choose two.)
A. The VSAN on each end of the connection does not match.
B. The interface is not an E Port.
C. The interface is not an F Port.
D. The interface is administratively shut down.
E. Cisco Fabric Services is not enabled.
F. NPIV should be disabled.
G. The interface is functioning, but may have errors.
H. Encryption is not enabled.
Correct Answer: CD
QUESTION 15
Which three options are capabilities of the Cisco Nexus 7000 Series Supervisor Module? (Choose three.)
A. hardware forwarding on the supervisor module
B. fully decoupled control plane and data plane with no forwarding on the supervisor module
C. Sup2 requires Cisco NX-OS 5.1 or later.
D. Sup2 requires Cisco NX-OS 6.1 or later.
E. Sup2E supports 8+1 VDC with the N7K-VDC1K9 license per chassis.
F. Sup2 supports 8+1 VDCs with the N7K-VDC1K9 license per chassis.
Correct Answer: BDE
QUESTION 16
You experience an issue on a Cisco Nexus 7700 Series switch. You must gather detailed information about the system
state and the configuration of the switch. Which command should you run?
A. switch# show logging > bootflash:Log.txt
B. switch# show tech-support > bootflash:Log.txt
C. switch# show running-config > bootflash:Log.txt
D. switch# show system > bootflash:Log.txt
Correct Answer: B
QUESTION 17
Which statement about SNMP support on Cisco Nexus switches is true?
A. Cisco NX-OS only supports SNMP over IPv4.
B. Cisco NX-OS supports one instance of the SNMP per VDC.
C. SNMP is not VRF-aware.
D. SNMP requires the LAN_ENTERPRISE_SERVICES_PKG license.
E. Only users belonging to the network operator RBAC role can assign SNMP groups.
Correct Answer: B
Cisco NX-OS supports one instance of the SNMP per virtual device context (VDC). By default, Cisco NX-OS places you
in the default VDC. SNMP supports multiple MIB module instances and maps them to logical network entities. SNMP is
also VRF aware. You can configure SNMP to use a particular VRF to reach the SNMP notification host receiver. You
can also configure SNMP to filter notifications to an SNMP host receiver based on the VRF where the notification
occurred.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-
os/system_management/configuration/guide/sm_nx_os_cg/sm_9snmp.html
QUESTION 18
Which two Nexus family line cards allow the configuration of features regarding LISP, OTV and MPLS? (Choose two.)
A. B1
B. F3
C. F2
D. F1
E. M2
Correct Answer: BE
QUESTION 19
You are connecting a Cisco Nexus 2300 Series FEX to a Cisco Nexus 5600 Series parent switch. Which command
should you use to configure the interfaces on the Nexus switch that connects to the FEX?
A. switch(config-if)# switchport mode f
B. switch(config-if)# switchport mode fex-fabric
C. switch(config-if)# switchport mode fabricpath
D. switch(config-if)# switchport mode vntag
Correct Answer: B
Explanation: References:
QUESTION 20
Which policy-map action performs congestion avoidance?
A. priority
B. bandwidth
C. queue-limit
D. random-detect
Correct Answer: D
Congestion avoidance techniques monitor network traffic loads in an effort to anticipate and avoid congestion at
common network bottlenecks. Congestion avoidance is achieved through packet dropping. Among the more commonly
used congestion avoidance mechanisms is Random Early Detection (RED), which is optimum for high-speed transit
networks. Cisco IOS QoS includes an implementation of RED that, when configured, controls when the router drops
packets. If you do not configure Weighted Random Early Detection (WRED), the router uses the cruder default packet
drop mechanism called tail drop.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/configuration/guide/fqos_c/qcfconav.ht ml
QUESTION 21
Which topology is not supported when using vPC?
A. a single-homed server to a single FEX that is connected to two Cisco Nexus 5500 Series Switches
B. a dual-homed server to two FEXs, each connected to two Cisco Nexus 5500 Series Switches
C. a dual-homed server to two FEXs that are connected to one Cisco Nexus 5500 Series Switch
D. a dual-homed server to a single FEX that is connected to two Cisco Nexus 5500 Series Switches
Correct Answer: C
The figure shows unsupported topology where a vPC is between hosts and two FEXs that are connected to one Cisco
Nexus 5500 Series device. This topology does not provide a good high availability solution because the server loses the
connectivity to the network when the Cisco Nexus 5000 Series device fails.
Figure: Unsupported Topology–Host vPC With One Cisco Nexus 5000 Series Device
If you need to connect a multi-homing server to a pair of FEXs when there is only one Cisco Nexus 5000 Series device,
you have the option to run active or standby NIC teaming from the server.
Reference:
http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/mkt_ops_guides/513
_n1_1/n5k_enhanced_vpc.html
QUESTION 22
Which command allows a Cisco Nexus 7000 Series Switch to receive NTP configuration updates by using Cisco Fabric
Services?
A. N7k (config) # feature ntp
B. N7k (config) # ntp distribute
C. N7k
We offer more ways to make it easier for everyone to learn, and YouTube is the best tool in the video.Follow channels: https://www.youtube.com/channel/UCXg-xz6fddo6wo1Or9eHdIQ/videos get more useful exam content.
Latest Cisco 300-165 YouTube videos:
Share 22 of the latest and effective 300-165 exam dumps and Practice test questions for free,100% real and effective exam questions and answers! Get the full 300-165 dumps:https://www.leads4pass.com/300-165.html
(Total questions:281 Q&A)
[PDF] Free Cisco 300-165 pdf dumps download from Google Drive: https://drive.google.com/open?id=1KZD6eDPlmL4obEBSreeEf5IK7TMoVtZF
[PDF] Free Full Cisco pdf dumps download from Google Drive: https://drive.google.com/open?id=1CMo2G21nPLf7ZmI-3_hBpr4GDKRQWrGx
Lead4pass Promo Code 12% Off
related: https://www.examthings.com/cisco-global-gold-certification/