Which statement about RADIUS configuration distribution using Cisco Fabric Services on a Cisco Nexus 7000 Series Switch is true?

Which statement about RADIUS configuration distribution using Cisco Fabric Services on a Cisco
Nexus 7000 Series Switch is true?

Which statement about RADIUS configuration distribution using Cisco Fabric Services on a Cisco
Nexus 7000 Series Switch is true?

A.
Cisco Fabric Services does not distribute the RADIUS server group configuration or server and
global keys.

B.
Enabling Cisco Fabric Services causes the existing RADIUS configuration on your Cisco NX-OS
device to be immediately distributed.

C.
When the RADIUS configuration is being simultaneously changed on more than one device in a
Cisco Fabric Services region, the most recent changes will take precedence.

D.
Only the Cisco NX-OS device with the lowest IP address in the Cisco Fabric Services region can lock
the RADIUS configuration.

Explanation:
CFS does not distribute the RADIUS server group configuration or server and global keys. The keys
are unique to the Cisco NX-OS device and are not shared with other Cisco NX-OS devices.

http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/6_x/nxos/security/configuration/guide/b_Cisco_Nexus_7000_NXOS_Security_Configuration_Guide__Release_6-x/b_Cisco_Nexus_7000_NXOS_Security_Configuration_Guide__Release_6-x_chapter_0101.html



Leave a Reply 12

Your email address will not be published. Required fields are marked *


roky

roky

These dumps are not valid anymore. hardly 15-20% questions in coming from it.

Chandi

Chandi

I agree with you… I wrote today failed.. only 2 questions came from this dump… please take care…. 🙁

JohnCena

JohnCena

@roky, did you pass the 642-997 or the new 300-165?

brainstorm

brainstorm

642-997 has too many new questions. I took the other day and failed.

NetworkNinja

NetworkNinja

@brainstorm have you re-tried taking the exam since Feb 2017 ?? what resources did you use ?

786DE

786DE

Please help me I tried 3X Times and failed. need some urgent support for this exam.

Faisal Khan

Faisal Khan

The 642-997 Exam Has Retired, the New Exam is 300-165 Now!

New 300-165 Exam Questions and Answers Updated Recently (23/Aug/2017):

NEW QUESTION 138
You create a checkpoint on a Cisco Nexus 7700 Series switch. You plan to roll back the running configuration by using the checkpoint. You must ensure that changes are made only if the entire rollback can be applied successfully. Which rollback option should you use?

A. atomic
B. stop-at-first-failure
C. best-effort
D. verbose

Answer: A

NEW QUESTION 139
Which LISP component provides connectivity between LISP and non-LISP sites?

A. a map resolver
B. a proxy ETR
C. a proxy ITR
D. an ALT

Answer: C

NEW QUESTION 140
Which command should you run to limit IS-IS LSP flooding on a network?

A. isis hello-padding
B. isis passive-interface
C. is-type level-1
D. isis mesh-group ISIS-MESH

Answer: C

NEW QUESTION 141
You plan to configure authentication for OSPF. In which mode should you configure OSPF authentication to use a specific key chain?

A. router ospf
B. global configuration
C. vPC
D. interface

Answer: D

NEW QUESTION 142
Which protocol is used to exchange MAC address reachability between OTV-enabled switches?

A. EIGRP
B. IS-IS
C. iBGP
D. RIPv2

Answer: B

NEW QUESTION 143
Which option must be enabled to implement manual MACsec?

A. CTS and dot1x
B. MSDP and dot1x
C. CTS and MSDP
D. CTS and private VLAN

Answer: A

NEW QUESTION 144
Which implicit rules are applied to all IPv6 ACLs?

……

Answer: D
Explanation:
Security Configuration Guide: Access Control Lists, Cisco IOS Release 15SY

NEW QUESTION 145
You have two Cisco Nexus 7700 Series switches named SwitchA and SwitchB. You use the Rapid PVST+ protocol. You must configure the switches as the STP root switches for VLANs 100 to 200. Which command set should you run?

A. SwitchA(config)# spanning-tree vlan 100-200 priority 61440
SwitchB(config)# spanning- tree vlan 100-200 priority 61440
B. SwitchA(config-if)# spanning-tree guard root
SwitchB(config-if)# spanning-tree guard root
C. SwitchA(config-if)# spanning-tree cost 100
SwitchB(config-if)# spanning-tree cost 100
D. SwitchA(config)# spanning-tree vlan 100-200 root primary
SwitchB(config)# spanning- tree vlan 100-200 root secondary

Answer: D

NEW QUESTION 146
Which statement accurately describes the implementation of FSPF on Cisco MDS 9700 Series switches?

A. FSPF is enabled on the Fibre Channel switches but must be enabled manually on a per-VSAN basis.
B. FSPF must be enabled manually on the switch and on each VSAN on the switch.
C. FSPF is enabled, by default, on the Fibre Channel switches for all VSANs.
D. FSPF is enabled on VSANs, but must be enabled manually on a per-FC switch basis.

Answer: A

NEW QUESTION 147
Which option must be configured when you implement a vPC?

A. the CCL link, peer link, and vPC member interfaces
B. the peer keepalive link, peer link, and vPC member interfaces
C. the VSL link, peer link, and vPC member interfaces
D. the VSS link, peer link, and vPC member interfaces

Answer: B

NEW QUESTION 148
Which statement accurately describes MP-BGP EVPN?

A. MP-BGP EVPN is a Layer 3 overlay alternative to VXLANs.
B. The control plane of the VXLAN overcomes the flood-and-learn limitations of MP-BGP EVPN.
C. The MP-BGP EVPN control plane overcomes the flood-and-learn limitations of the VXLAN.
D. MP-BGP EVPN is a Layer 2 overlay alternative to VXLANs.

Answer: B

NEW QUESTION 149
You experience an issue on a Cisco Nexus 7700 Series switch. You must gather detailed information about the system state and the configuration of the switch. Which command should you run?

A. switch# show logging > bootflash:Log.txt
B. switch# show tech-support > bootflash:Log.txt
C. switch# show running-config > bootflash:Log.txt
D. switch# show system > bootflash:Log.txt

Answer: B

NEW QUESTION 150
Which two Nexus family line cards allow the configuration of features regarding LISP, OTV and MPLS? (Choose two.)

A. B1
B. F3
C. F2
D. F1
E. M2

Answer: BC

NEW QUESTION 151
What are two ways to configure the switch ID for Cisco FabricPath? (Choose two.)

A. manually by using the vPC domain configuration
B. manually by using global configuration mode
C. dynamically by using the POAP protocol
D. dynamically by using the DRAP protocol
E. dynamically by using the SNMPv2 protocol

Answer: AB

NEW QUESTION 152
Refer to the exhibit. Which type of port channel was created?
switch# configure terminal
switch (config) # interface ethernet 1/4
switch (config-if) # switchport mode trunk
switch (config-if) # channel-group 1 mode active

A. LACP
B. static
C. PAgP
D. desirable

Answer: A

NEW QUESTION 153
Which GLBL load-balancing method ensures that a client is always mapped to the same virtual MAC address?

A. host-dependent
B. vmac-weighted
C. dedicated-vmac-mode
D. shortest-path and weighting

Answer: A

NEW QUESTION 154
……

P.S. These New 300-165 Exam Questions Were Just Updated From The Real 300-165 Exam, You Can Get The Newest 300-165 Dumps In PDF And VCE From — https://www.passleader.com/300-165.html (174q VCE and PDF)

Good Luck!

Rauf

Rauf

New 300-165 Exam Questions and Answers Updated Recently (11/Oct/2017):

NEW QUESTION 175
Which option accurately describes the implementation of Fabre Channel domain IDs?

A. Are assigned on a peer-switch basis
B. Are assigned on a per-line card basis
C. Must be the dame on all on the Fabre Channel switch in the fabric
D. Must be unique on all the Fibre Channel switches in the fabric

Answer: A

NEW QUESTION 176
Refer to the following codes. Which option is expected outcome on the configured switch?
Switch(config)# snmp-server user all enforcePriv

A. The switch enforces SNMP message encryption for all users
B. The switch responds with an authorization error for any SNMPv3 PDU requests that use a security level parameter
C. SNMP requires encryption for all incoming requests
D. The switch enforces SNMP message encryption for the user all

Answer: C

NEW QUESTION 177
You have a vPC configuration with two functional peers. The peer link is up and the peer-link feature is restricted the spanning-tree operations in the configuration? (Choose two.)

A. The primary and secondary switch generate and process BPDUs
B. vPC imposes a rules that the peer link is always blocking
C. vPC removes some VLANs from the spanning tree form the spanning tree for vPC use
D. vPC requires the peer link to remain in the forwarding states

Answer: AD

NEW QUESTION 178
You have a Cisco MDS switch that uses port channel. You must ensure that frames between the source and the destination follow the same links for a specific flow. Subsequent flows can use a different link, which load-balancing method do you use?

A. Source-destination-ip
B. Source-destioation-port
C. Flow
D. Source id-destination id-oxid

Answer: C

NEW QUESTION 179
Within the vPC configuration of the 7K’s, the command peer switch is configured. What is the result of enabling the command?

A. Both vPC peers use the same STP root ID.
B. The Vpc primary switch (7K-4 in this case) also serves as the STP root to improve vPC convergence.
C. The vPC secondary switch (7K-3 in this case) server as the STP root to improve vPC performance.
D. Allow 7K-3 to act as the active HSRP gateway for packets that are addressed to the MAC address of 7K-4.
E. Automatically disable IP redirects on all interface VLANs mapped over a vPC VLAN to avoid generation of IP redirect messages for packets switched though the vPC peer gateway router.
F. Enable faster convergence of ARP tables after the vPC peer link flaps.

Answer: B

NEW QUESTION 180
Refer to the following codes. Which result of the configuration snippet is true?
Vlan access-map map
Match mac address acl01
Action forward
Statistics per-entry
Vlan filter map vlan-list

A. A VACL map in applied to VLAN 101 and VLAN 200
B. VACL acl is applied to VLAN 100 through 200
C. Acl is applied to all of the VLANs on the switch
D. Global statistics are provided for the ACL map

Answer: A

NEW QUESTION 181
Refer to the following codes. You have a Cisco Nexus 7010 switch named N7k-1.
N7k-1# show runing-config fabricpath
……
Fabricpath switch-id 11
Vpc domain 11
Fabricpath switch-id 1100
Which command set should you run on a neighboring Cisco Nexus 7010 swith to estabish a vPC+ environment that includes N7k-1?

A. Fabricpath switch-id 11 Vpc domain 11 Fabricpath switch-id 1100
B. Fabricpath switch-id 12 Vpc domain 11 Fabricpath switch-id 1100
C. Fabricpath switch-id 12 Vpc domain 11 Fabricpath switch-id 1200
D. Fabricpath switch-id 11 Vpc domain 12 Fabricpath switch-id 1101

Answer: A

NEW QUESTION 182
Refer to the following codes. Which description of the output is true?
……

A. The default map-catch limit is used.
B. PETR is disable.
C. The table output apply to the default VRF.
D. The switch acts as an IPv4 LISP ETR.

Answer: B

NEW QUESTION 183
When configure HSPR on IPv6 enabled interface, which two configuration is correct?

A. switchA(config-if)?standbyt 6 preempt
B. switchA(config-if)?hsrp;
C. switchA(config-if)ff key 6
D. switchA(config-if)?hsrp version 2
E. switchA(config-if)B priority

Answer: B

NEW QUESTION 184
You have a Cisco FabricPath network. You must implement Vpc+ for a downstream switch. Which three actions should you preform? (Choose three.)

A. Configure the upstream switch to use PAgP in EtherChannel
B. Establish a peer link between the peer switch
C. Connect the downstream switch to a 10-Gb port
D. Configure a peer keep alive between the peer switches
E. Configure the switch ID on the peer switches
F. Configure the down switch to use PAgP on EtherChannel

Answer: BCD

NEW QUESTION 185
You have a Cisco Fabric Path network, you must extend the network to support more than 18 million segment, what should you do?

A. Enable the interface feature and configure the VLAN IDs.
B. Enable the nv overlay feature and configure the segment IDs.
C. Enable the vn-segment-vlan-based feature and configure segment IDs.
D. Enable the FabricPath feature and configure the VLAN IDs.

Answer: D

NEW QUESTION 186
……

P.S. These New 300-165 Exam Questions Were Just Updated From The Real 300-165 Exam, You Can Get The Newest 300-165 Dumps In PDF And VCE From — https://www.passleader.com/300-165.html (195q VCE and PDF)

Good Luck!

Friend

Friend

This new 300-165 exam dumps questions are same as old exam 642-997 dumps question.

Beware before buying..