[Free] 2019(Nov) EnsurePass Cisco 300-165 Dumps with VCE and PDF 11-20

Get Full Version of the Exam

Question No.11


Drag the network characteristics on the left to the most appropriate design layer on the right.


Correct Answer:


Question No.12

Which three items must be configured in the port profile client in Cisco UCS Manager? (Choose three.)

  1. port profile

  2. DVS

  3. data center

  4. folder

  5. vCenter IP address

  6. VM port group

Correct Answer: BCD


After associating an ESX host to a DVS, you can migrate existing VMs from the vSwitch to the DVS, and you can create VMs to use the DVS instead of the vSwitch. With the hardware-based VN-Link implementation, when a VM uses the DVS, all VM traffic passes through the DVS and ASIC-based switching is performed by the fabric interconnect. In Cisco UCS Manager, DVSes are organized in the following hierarchy:


Folder (optional) Datacenter Folder (required) DVS

At the top of the hierarchy is the vCenter, which represents a VMware vCenter instance. Each vCenter contains one or more datacenters, and optionally vCenter folders with which you can organize the datacenters. Each datacenter contains one or more required datacenter folders. Datacenter folders contain the DVSes.

Reference: http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/gui/config/guide/1-3- 1/b_UCSM_GUI_Configuration_Guide_1_3_1/UCSM_GUI_Configuration_Guide_1_3_1_chapter 28.html

Question No.13

After enabling strong, reversible 128-bit Advanced Encryption Standard password type-6 encryption on a Cisco Nexus 7000, which command would convert existing plain or weakly encrypted passwords to type-6 encrypted passwords?

  1. switch# key config-key ascii

  2. switch(config)# feature password encryption aes

  3. switch# encryption re-encrypt obfuscated

  4. switch# encryption decrypt type6

Correct Answer: C


This command converts existing plain or weakly encrypted passwords to type-6 encrypted passwords.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx- os/security/configuration/guide/b_Cisco_Nexus_7000_NX- OS_Security_Configuration_Guide Release_5-x/b_Cisco_Nexus_7000_NX- OS_Security_Configuration_Guide Release_5-x_chapter_010101.html

Question No.14

Which statement about implementation of Cisco TrustSec on Cisco Nexus 5546 or 5548 switches are true?

  1. Cisco TrustSec support varies depending on Cisco Nexus 5500 Series Switch model.

  2. The hardware is not able to support MACsec switch-port-level encryption based on IEEE 802.1AE.

  3. The maximum number of RBACL TCAM user configurable entries is 128k.

  4. The SGT Exchange Protocol must use the management (mgmt 0) interface.

Correct Answer: B


https://scadahacker.com/library/Documents/Manuals/Cisco –

TrustSec Solution Overview.pdf

Question No.15

Which two security features are only supported on the Cisco Nexus 7000 Series Switches? (Choose two.)

  1. IP source guard

  2. traffic storm control

  3. CoPP

  4. DHCP snooping

  5. Dynamic ARP Inspection

  6. NAC

Correct Answer: BF


A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. You can use the traffic storm control feature to prevent disruptions on Layer 2 ports by a broadcast, multicast, or unicast traffic storm on physical interfaces. Traffic storm control (also called traffic suppression) allows you to monitor the levels of the incoming broadcast, multicast, and unicast traffic over a 10-millisecond interval. During this interval, the traffic level, which is a percentage of the total available bandwidth of the port, is compared with the traffic storm control level that you configured. When the ingress traffic reaches the traffic storm control level that is configured on the port, traffic storm control drops the traffic until the interval ends.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/dcnm/security/configuration/gui de/b_Cisco_DCNM_Security_Configuration_Guide Release_5- x/Cisco_DCNM_Security_Configuration_Guide Release_5-x_chapter17.html http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/dcnm/security/configuration/gui de/b_Cisco_DCNM_Security_Configuration_Guide Release_5- x/Cisco_DCNM_Security_Configuration_Guide Release_5-x_chapter1.html

Question No.16

Which statement about RBAC user roles on a Cisco Nexus switch is true?

  1. If you belong to multiple roles, you can execute only the commands that are permitted by both roles (logical AND).

  2. Access to a command takes priority over being denied access to a command.

  3. The predefined roles can only be changed by the network administrator (superuser).

  4. The default SAN administrator role restricts configuration to Fibre Channel interfaces.

  5. On a Cisco Nexus 7000 Series Switch, roles are shared between VDCs.

Correct Answer: B


If you belong to multiple roles, you can execute a combination of all the commands permitted by these roles. Access to a command takes priority over being denied access to a command. For example, suppose a user has RoleA, which denied access to the configuration commands.

However, the users also have RoleB, which has access to the configuration commands. In this case, the users have access to the configuration commands.


http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guid e/cli/CLIConfigurationGuide/sec_rbac.html

Question No.17

How is a dynamic vNIC allocated?

  1. Dynamic vNICs are assigned to VMs in vCenter.

  2. Dynamic vNICs can only be bound to the service profile through an updating template.

  3. Dynamic vNICs are bound directly to a service profile.

  4. Dynamic vNICs are assigned by binding a port profile to the service profile.

Correct Answer: C


The dynamic vNIC connection policy determines how the connectivity between VMs and dynamic vNICs is configured. This policy is required for Cisco UCS domains that include servers with VIC adapters on which you have installed VMs and configured dynamic vNICs. Each dynamic vNIC connection policy includes an Ethernet adapter policy and designates the number of vNICs that can be configured for any server associated with a service profile that includes the policy.

For VM-FEX that has all ports on a blade in standard mode, you need to use the VMware adapter policy.

For VM-FEX that has at least one port on a blade in high-performance mode, use the VMwarePassThrough adapter policy or create a custom policy. If you need to create a custom policy, the resources provisioned need to equal the resource requirements of the guest OS that needs the most resources and for which you will be using high-performance mode.

Reference: http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/sw/vm_fex/vmware/gui/config_guide

/b_GUI_VMware_VM-FEX_UCSM_Configuration_Guide/b_GUI_VMware_VM- FEX_UCSM_Configuration_Guide_chapter_010.html

Question No.18

Which statement is true if password-strength checking is enabled?

  1. Short, easy-to-decipher passwords will be rejected.

  2. The strength of existing passwords will be checked.

  3. Special characters, such as the dollar sign ($) or the percent sign (%), will not be allowed.

  4. Passwords become case-sensitive.

Correct Answer: A


If a password is trivial (such as a short, easy-to-decipher password), the cisco NX_OS software will reject your password configuration if password-strength checking is enabled. Be sure to configure a strong password. Passwords are case sensitive.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7- x/security/configuration/guide/b_Cisco_Nexus_9000_Series_NX- OS_Security_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NX- OS_Security_Configuration_Guide_7x_chapter_01000.pdf

Question No.19


Drag the description on the left to the most appropriate Nexus product on the right.


Correct Answer:


Question No.20

When a local RBAC user account has the same name as a remote user account on an AAA server, what happens when a user with that name logs into a Cisco Nexus switch?

  1. The user roles from the remote AAA user account are applied, not the configured local user roles.

  2. All the roles are merged (logical OR).

  3. The user roles from the local user account are applied, not the remote AAA user roles.

  4. Only the roles that are defined on both accounts are merged (logical AND).

Correct Answer: C


If you have a user account configured on the local Cisco NX-OS device that has the same name as a remote user account on an AAA server, the Cisco NX-OS software applies the user roles for the local user account to the remote user, not the user roles configured on the AAA server.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx- os/security/configuration/guide/sec_nx-os-cfg/sec_rbac.html

Get Full Version of the Exam
300-165 Dumps
300-165 VCE and PDF