Sample Questions and Answers
What component holds the logical definitions of applications in Cisco ACI?
A. Application Profile
B. Fabric Access Policy
C. Subnet
D. L3Out
Answer: A. Application Profile
Explanation: Application Profiles define the logical application architecture using EPGs and contracts.
What is the function of a Bridge Domain’s subnet in ACI?
A. Assign interface roles
B. Define the Layer 3 gateway IP for EPGs
C. Provide endpoint security
D. Manage VRF allocation
Answer: B. Define the Layer 3 gateway IP for EPGs
Explanation: Subnets within a Bridge Domain define gateway addresses used by endpoints.
In Cisco ACI, where is multicast routing typically configured?
A. Spine switches
B. Bridge Domains
C. L3Out interfaces
D. VRF
Answer: D. VRF
Explanation: Multicast routing (PIM settings, etc.) is configured at the VRF level in ACI.
What happens when a leaf switch receives a packet with an unknown destination MAC?
A. It is dropped
B. It is sent to the APIC
C. It is flooded using ingress replication
D. It is sent to the spine
Answer: C. It is flooded using ingress replication
Explanation: Unknown unicast packets are flooded to interested ports using ingress replication.
What is the role of an EPG in ACI architecture?
A. Provides Layer 3 routing
B. Maps applications to VLANs
C. Groups endpoints and applies policy
D. Manages spine switch configurations
Answer: C. Groups endpoints and applies policy
Explanation: EPGs are fundamental to grouping endpoints and associating them with contracts and policies.
What protocol is used by the ACI fabric to tunnel traffic between leaf switches?
A. GRE
B. VXLAN
C. OTV
D. LISP
Answer: B. VXLAN
Explanation: ACI uses VXLAN as the overlay protocol to encapsulate traffic between fabric endpoints.
What is required to create a VMM domain in Cisco ACI?
A. Fabric Access Policy and DHCP Pool
B. VLAN Pool and AEP
C. OSPF LSA Type 5
D. Subnet Profile
Answer: B. VLAN Pool and AEP
Explanation: A VMM domain is formed by combining a VLAN Pool and an AEP for host association.
Which ACI object is used to allow or block inter-EPG communication?
A. VRF
B. Application Profile
C. Contract
D. Leaf Policy Group
Answer: C. Contract
Explanation: Contracts control which EPGs can communicate and what type of traffic is allowed.
Which of the following is true about Cisco ACI contracts?
A. They are only required for external traffic
B. They define VRF mapping
C. They must include filters
D. They replace VRFs
Answer: C. They must include filters
Explanation: Contracts use filters to define permitted traffic (e.g., TCP port 80) between EPGs.
What does the Policy-Based Redirect (PBR) feature allow in ACI?
A. Direct traffic to specific interfaces
B. Route traffic based on MAC address
C. Enforce loopback routing
D. Redirect traffic to service appliances based on policy
Answer: D. Redirect traffic to service appliances based on policy
Explanation: PBR enables redirection of specific flows to service devices such as firewalls or IDS.
Which tool can be used to automate fabric provisioning in Cisco ACI?
A. Prime Infrastructure
B. APIC GUI
C. Ansible
D. ACI Fabric Builder
Answer: C. Ansible
Explanation: Ansible modules exist for ACI and can be used to automate fabric configuration via APIs.
Which component in ACI is responsible for defining Layer 2 flood domains?
A. Application Profile
B. VRF
C. Bridge Domain
D. AEP
Answer: C. Bridge Domain
Explanation: Bridge Domains control Layer 2 boundaries and flood behavior.
What is the default behavior of intra-EPG communication in ACI?
A. Blocked unless contract is applied
B. Forwarded freely
C. Forwarded with rate limiting
D. Requires shared services VRF
Answer: B. Forwarded freely
Explanation: Endpoints within the same EPG can communicate freely unless micro-segmentation is used.
Which feature in ACI facilitates multi-hypervisor integration?
A. OTV
B. VMM Domain
C. VRF Contract Export
D. iBGP peering
Answer: B. VMM Domain
Explanation: VMM domains support various hypervisors (VMware, Hyper-V, etc.) for policy enforcement.
What is the role of the Global BGP ASN in Cisco ACI?
A. Assigns route maps to all tenants
B. Configures spine IS-IS adjacency
C. Enables MP-BGP EVPN
D. Identifies the ACI fabric in BGP peerings
Answer: D. Identifies the ACI fabric in BGP peerings
Explanation: The BGP ASN identifies the ACI fabric when peering with external BGP neighbors.
What type of NAT is supported in Cisco ACI L3Out configurations?
A. Static NAT only
B. Dynamic NAT with PAT
C. Source NAT and Destination NAT
D. Transparent NAT
Answer: C. Source NAT and Destination NAT
Explanation: ACI supports both source and destination NAT in L3Out configurations.
Which ACI element maps logical policy to physical network ports?
A. EPG
B. Interface Policy Group
C. AEP
D. Access Policy Chain
Answer: A. EPG
Explanation: EPGs map policies (contracts, filters, etc.) to physical or virtual interfaces.
Which configuration enables inter-VRF routing in Cisco ACI?
A. Inter-Tenant Contract
B. Export Route Control
C. Route Leaking via L3Out
D. Shared Bridge Domain
Answer: C. Route Leaking via L3Out
Explanation: Inter-VRF communication is supported via route leaking using L3Out and route maps.
How are static paths configured in ACI?
A. Within the VRF
B. Under L3Out
C. Inside the EPG configuration
D. In the AEP
Answer: C. Inside the EPG configuration
Explanation: Static paths bind EPGs to specific ports or interfaces for endpoint connectivity.
What is the function of a Contract Scope in ACI?
A. Assigns tenants to VRFs
B. Determines if contract is global or per VRF
C. Defines NAT policies
D. Specifies filter length
Answer: B. Determines if contract is global or per VRF
Explanation: Contract Scope controls whether a contract applies within a VRF or across multiple VRFs or tenants.
Reviews
There are no reviews yet.