Which statement is true if password-strength checking is enabled?
A.
Short, easy-to-decipher passwords will be rejected.
B.
The strength of existing passwords will be checked.
C.
Special characters, such as the dollar sign ($) or the percent sign (%), will not be allowed.
D.
Passwords become case-sensitive.
Explanation:
If a password is trivial (such as a short, easy-to-decipher password), the cisco NX_OS software will
reject your password configuration if password-strength checking is enabled. Be sure to configure a
strong password. Passwords are case sensitive.http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/7-
x/security/configuration/guide/b_Cisco_Nexus_9000_Series_NX-OS_Security_Configuration_Guide_7x/b_Cisco_Nexus_9000_Series_NXOS_Security_Configuration_Guide_7x_chapter_01000.pdf
The 642-997 Exam Has Retired, the New Exam is 300-165 Now!
New 300-165 Exam Questions and Answers Updated Recently (23/Aug/2017):
NEW QUESTION 138
You create a checkpoint on a Cisco Nexus 7700 Series switch. You plan to roll back the running configuration by using the checkpoint. You must ensure that changes are made only if the entire rollback can be applied successfully. Which rollback option should you use?
A. atomic
B. stop-at-first-failure
C. best-effort
D. verbose
Answer: A
NEW QUESTION 139
Which LISP component provides connectivity between LISP and non-LISP sites?
A. a map resolver
B. a proxy ETR
C. a proxy ITR
D. an ALT
Answer: C
NEW QUESTION 140
Which command should you run to limit IS-IS LSP flooding on a network?
A. isis hello-padding
B. isis passive-interface
C. is-type level-1
D. isis mesh-group ISIS-MESH
Answer: C
NEW QUESTION 141
You plan to configure authentication for OSPF. In which mode should you configure OSPF authentication to use a specific key chain?
A. router ospf
B. global configuration
C. vPC
D. interface
Answer: D
NEW QUESTION 142
Which protocol is used to exchange MAC address reachability between OTV-enabled switches?
A. EIGRP
B. IS-IS
C. iBGP
D. RIPv2
Answer: B
NEW QUESTION 143
Which option must be enabled to implement manual MACsec?
A. CTS and dot1x
B. MSDP and dot1x
C. CTS and MSDP
D. CTS and private VLAN
Answer: A
NEW QUESTION 144
Which implicit rules are applied to all IPv6 ACLs?
……
Answer: D
Explanation:
Security Configuration Guide: Access Control Lists, Cisco IOS Release 15SY
NEW QUESTION 145
You have two Cisco Nexus 7700 Series switches named SwitchA and SwitchB. You use the Rapid PVST+ protocol. You must configure the switches as the STP root switches for VLANs 100 to 200. Which command set should you run?
A. SwitchA(config)# spanning-tree vlan 100-200 priority 61440
SwitchB(config)# spanning- tree vlan 100-200 priority 61440
B. SwitchA(config-if)# spanning-tree guard root
SwitchB(config-if)# spanning-tree guard root
C. SwitchA(config-if)# spanning-tree cost 100
SwitchB(config-if)# spanning-tree cost 100
D. SwitchA(config)# spanning-tree vlan 100-200 root primary
SwitchB(config)# spanning- tree vlan 100-200 root secondary
Answer: D
NEW QUESTION 146
Which statement accurately describes the implementation of FSPF on Cisco MDS 9700 Series switches?
A. FSPF is enabled on the Fibre Channel switches but must be enabled manually on a per-VSAN basis.
B. FSPF must be enabled manually on the switch and on each VSAN on the switch.
C. FSPF is enabled, by default, on the Fibre Channel switches for all VSANs.
D. FSPF is enabled on VSANs, but must be enabled manually on a per-FC switch basis.
Answer: A
NEW QUESTION 147
Which option must be configured when you implement a vPC?
A. the CCL link, peer link, and vPC member interfaces
B. the peer keepalive link, peer link, and vPC member interfaces
C. the VSL link, peer link, and vPC member interfaces
D. the VSS link, peer link, and vPC member interfaces
Answer: B
NEW QUESTION 148
Which statement accurately describes MP-BGP EVPN?
A. MP-BGP EVPN is a Layer 3 overlay alternative to VXLANs.
B. The control plane of the VXLAN overcomes the flood-and-learn limitations of MP-BGP EVPN.
C. The MP-BGP EVPN control plane overcomes the flood-and-learn limitations of the VXLAN.
D. MP-BGP EVPN is a Layer 2 overlay alternative to VXLANs.
Answer: B
NEW QUESTION 149
You experience an issue on a Cisco Nexus 7700 Series switch. You must gather detailed information about the system state and the configuration of the switch. Which command should you run?
A. switch# show logging > bootflash:Log.txt
B. switch# show tech-support > bootflash:Log.txt
C. switch# show running-config > bootflash:Log.txt
D. switch# show system > bootflash:Log.txt
Answer: B
NEW QUESTION 150
Which two Nexus family line cards allow the configuration of features regarding LISP, OTV and MPLS? (Choose two.)
A. B1
B. F3
C. F2
D. F1
E. M2
Answer: BC
NEW QUESTION 151
What are two ways to configure the switch ID for Cisco FabricPath? (Choose two.)
A. manually by using the vPC domain configuration
B. manually by using global configuration mode
C. dynamically by using the POAP protocol
D. dynamically by using the DRAP protocol
E. dynamically by using the SNMPv2 protocol
Answer: AB
NEW QUESTION 152
Refer to the exhibit. Which type of port channel was created?
switch# configure terminal
switch (config) # interface ethernet 1/4
switch (config-if) # switchport mode trunk
switch (config-if) # channel-group 1 mode active
A. LACP
B. static
C. PAgP
D. desirable
Answer: A
NEW QUESTION 153
Which GLBL load-balancing method ensures that a client is always mapped to the same virtual MAC address?
A. host-dependent
B. vmac-weighted
C. dedicated-vmac-mode
D. shortest-path and weighting
Answer: A
NEW QUESTION 154
……
P.S. These New 300-165 Exam Questions Were Just Updated From The Real 300-165 Exam, You Can Get The Newest 300-165 Dumps In PDF And VCE From — https://www.passleader.com/300-165.html (174q VCE and PDF)
Good Luck!
Besides, part of that new 174Q 300-165 dumps are available here:
https://drive.google.com/open?id=0B-ob6L_QjGLpMVRmUUJZRWU3cU0
Best Regards!
New 300-165 Exam Questions Updated Recently (11/Oct/2017):
NEW QUESTION 176
Refer to the following codes. Which option is expected outcome on the configured switch?
Switch(config)# snmp-server user all enforcePriv
A. The switch enforces SNMP message encryption for all users
B. The switch responds with an authorization error for any SNMPv3 PDU requests that use a security level parameter
C. SNMP requires encryption for all incoming requests
D. The switch enforces SNMP message encryption for the user all
Answer: C
NEW QUESTION 177
You have a vPC configuration with two functional peers. The peer link is up and the peer-link feature is restricted the spanning-tree operations in the configuration? (Choose two.)
A. The primary and secondary switch generate and process BPDUs
B. vPC imposes a rules that the peer link is always blocking
C. vPC removes some VLANs from the spanning tree form the spanning tree for vPC use
D. vPC requires the peer link to remain in the forwarding states
Answer: AD
NEW QUESTION 178
You have a Cisco MDS switch that uses port channel. You must ensure that frames between the source and the destination follow the same links for a specific flow. Subsequent flows can use a different link, which load-balancing method do you use?
A. Source-destination-ip
B. Source-destioation-port
C. Flow
D. Source id-destination id-oxid
Answer: C
NEW QUESTION 179
Within the vPC configuration of the 7K’s, the command peer switch is configured. What is the result of enabling the command?
A. Both vPC peers use the same STP root ID.
B. The Vpc primary switch (7K-4 in this case) also serves as the STP root to improve vPC convergence.
C. The vPC secondary switch (7K-3 in this case) server as the STP root to improve vPC performance.
D. Allow 7K-3 to act as the active HSRP gateway for packets that are addressed to the MAC address of 7K-4.
E. Automatically disable IP redirects on all interface VLANs mapped over a vPC VLAN to avoid generation of IP redirect messages for packets switched though the vPC peer gateway router.
F. Enable faster convergence of ARP tables after the vPC peer link flaps.
Answer: B
NEW QUESTION 180
Refer to the following codes. Which result of the configuration snippet is true?
Vlan access-map map
Match mac address acl01
Action forward
Statistics per-entry
Vlan filter map vlan-list
A. A VACL map in applied to VLAN 101 and VLAN 200
B. VACL acl is applied to VLAN 100 through 200
C. Acl is applied to all of the VLANs on the switch
D. Global statistics are provided for the ACL map
Answer: A
NEW QUESTION 181
Refer to the following codes. You have a Cisco Nexus 7010 switch named N7k-1.
N7k-1# show runing-config fabricpath
……
Fabricpath switch-id 11
Vpc domain 11
Fabricpath switch-id 1100
Which command set should you run on a neighboring Cisco Nexus 7010 swith to estabish a vPC+ environment that includes N7k-1?
A. Fabricpath switch-id 11 Vpc domain 11 Fabricpath switch-id 1100
B. Fabricpath switch-id 12 Vpc domain 11 Fabricpath switch-id 1100
C. Fabricpath switch-id 12 Vpc domain 11 Fabricpath switch-id 1200
D. Fabricpath switch-id 11 Vpc domain 12 Fabricpath switch-id 1101
Answer: A
NEW QUESTION 182
Refer to the following codes. Which description of the output is true?
……
A. The default map-catch limit is used.
B. PETR is disable.
C. The table output apply to the default VRF.
D. The switch acts as an IPv4 LISP ETR.
Answer: B
NEW QUESTION 183
When configure HSPR on IPv6 enabled interface, which two configuration is correct?
A. switchA(config-if)?standbyt 6 preempt
B. switchA(config-if)?hsrp;
C. switchA(config-if)ff key 6
D. switchA(config-if)?hsrp version 2
E. switchA(config-if)B priority
Answer: B
NEW QUESTION 184
You have a Cisco FabricPath network. You must implement Vpc+ for a downstream switch. Which three actions should you preform? (Choose three.)
A. Configure the upstream switch to use PAgP in EtherChannel
B. Establish a peer link between the peer switch
C. Connect the downstream switch to a 10-Gb port
D. Configure a peer keep alive between the peer switches
E. Configure the switch ID on the peer switches
F. Configure the down switch to use PAgP on EtherChannel
Answer: BCD
NEW QUESTION 185
You have a Cisco Fabric Path network, you must extend the network to support more than 18 million segment, what should you do?
A. Enable the interface feature and configure the VLAN IDs.
B. Enable the nv overlay feature and configure the segment IDs.
C. Enable the vn-segment-vlan-based feature and configure segment IDs.
D. Enable the FabricPath feature and configure the VLAN IDs.
Answer: D
NEW QUESTION 186
……
P.S. These New 300-165 Exam Questions Were Just Updated From The Real 300-165 Exam, You Can Get The Newest 300-165 Dumps In PDF And VCE From — https://www.passleader.com/300-165.html (195q VCE and PDF)
Good Luck!
BTW, part of that new 195Q 300-165 dumps are available here:
https://drive.google.com/open?id=0B-ob6L_QjGLpMVRmUUJZRWU3cU0
Best Regards!