MEF-SDN/NFV Flashcards by Unknown Unknown

An organization just failed an SEC test audit. Packet flooding and redundancy in an emergency are two problems
cited in the audit. The security staff in the organization is advocating for expensive appliances to be purchased. The
CTO wants the network architect to investigate SDN. Which characteristics of SDN are reasons to adopt the CTO’s
recommendation?

 Security-defined interoperability will deliver routes that leverage the existing infrastructure and optimize
traffic
 Packet-based routing will be providing a better accounting of all traffic in the network through better audit
log information for the auditors
 SDN will deliver better isolation of data plane traffic and will provide more flexibility to address
redundancy needs
 The ability to separate control plane from the data plane automatically makes data management easier and
more secure

SDN will deliver better isolation of data plane traffic and will provide more flexibility to address
redundancy needs

How well did you know this?

Not at all

Perfectly

A Service Provider is upgrading a set of SDN Switches in a given region. The maintenance window for network
upgrades is 2 am to 4 am. The downtime must be minimized as much as possible. What should the network
administrator do to minimize the downtime?

 Reactively program a flow in the controller to redirect traffic toward the region at 1 am
 Proactively program a flow in the controller to redirect traffic away from the region at 1 am
 Proactively program a flow in the SDN Switches to redirect traffic away from the region at 1 am
 Reactively program a flow in the SDN Switches to redirect traffic toward the region at 1 am

 Proactively program a flow in the controller to redirect traffic away from the region at 1 am

How well did you know this?

Not at all

Perfectly

A customer requests its VPN provider to prohibit FTP traffic between its branch offices. The VPN provider’s
network is fully SDN controlled, but does NOT offer a self-service portal to its customers.
Which SDN component does the VPN provider’s SDN support engineer need to interact with?

 The policy/intent interface of the SDN Controller
 The user interface of the OpenFlow instance
 The command line interface (CLI) of the VPN gateways
 The SNMP interface of the optical network EMS

 The policy/intent interface of the SDN Controller

How well did you know this?

Not at all

Perfectly

The network operator is troubleshooting a connection issue for a user TCP/IP connection through the SDN
Network. Which component implements the routing logic for the IP path?

 Control plane in the SDN Switch
 Control plane in the SDN Controller
 Forwarding plane in the SDN Controller
 Forwarding plane in the SDN Switch

 Control plane in the SDN Controller

How well did you know this?

Not at all

Perfectly

A media content provider struggles with data growth on its SDN network and adds an SDN controller to distribute
the load and increase robustness. Which communication interface should the SDN controllers use to synchronize
their operation and provide a single controller view to the applications?

 Eastbound/Westbound interface
 Infrastructure layer interface
 Application layer interface
 Northbound/Southbound interface

 Eastbound/Westbound interface

How well did you know this?

Not at all

Perfectly

A Service Provider plans to provide a service portal to allow customers to interact with an SDN network to be
able to view the status and statistics of their services. Which interface does the service portal use to retrieve this
information?

 The SDN Switches east/west interfaces
 The SDN Controller northbound interface
 The SDN Controller OpenFlow interface
 The SDN Switches southbound interface

 The SDN Controller northbound interface

How well did you know this?

Not at all

Perfectly

A company is evaluating the move to SDN. The CTO fears that the implementation of the OpenFlow protocol
throughout the environment may have a performance impact that affects business operations. How can the
company mitigate risk while still being able to deploy SDN technologies?

 Deploy a separate network for OpenFlow protocol traffic
 Find a network edge use case that would allow an interoperable OpenFlow solution to be deployed for
deep packet inspection
 Find a hybrid networking solution by deploying custom APIs to manage switch traffic from the nonOpenFlow switches
 Deploy an overlay SDN solution like VxLAN.

 Deploy a separate network for OpenFlow protocol traffic

How well did you know this?

Not at all

Perfectly

A customer has an existing network and wants to extend it with new OpenFlow switches. What southbound
protocol must customer use to manage the legacy switches?

 YANG
 OpenFlow
 OF-Config
 NETCONF

 NETCONF

How well did you know this?

Not at all

Perfectly

A Service Provider is implementing an SDN solution. Due to budget constraints, the Service Provider will
implement incremental network upgrades and leverage the legacy switching network. Which southbound protocols
must the SDN Controller support to facilitate this architecture?

 Ansible and NETCONF
 NFV and OpenFlow
 OpenFlow and SNMP
 OpenFlow and YANG

 OpenFlow and SNMP

How well did you know this?

Not at all

Perfectly

A company is planning to roll out all of its new applications to take advantage of SDN. They need to use
OpenFlow 1.3. The new network equipment will be deployed in three phases. The existing network supports 1,200
nodes. Which critical variable should the network architect consider when specifying the new applications to the
development team?

 Whether the application should be data center-based or a cloud-based SDN solution
 The nature of the SDN/Virtualization application and infrastructure
 The ability for OpenFlow 1.3 to support IPv6 and multicast traffic
 The interoperability of the legacy and the OpenFlow 1.3 compatible switches

 The interoperability of the legacy and the OpenFlow 1.3 compatible switches

How well did you know this?

Not at all

Perfectly

There is a recurring connectivity failure between an SDN Controller and one of the switches. A Network
Operator is unable to isolate the issue. How should the operator resolve these issues?

 Upgrade the SDN Controller to the latest software version
 Upgrade the network switch to the latest firmware and OpenFlow protocol version
 Identify the issue through the analytics component and follow a more specific troubleshooting process
 Move the SDN Controller on a new server in a new location

 Upgrade the network switch to the latest firmware and OpenFlow protocol version

How well did you know this?

Not at all

Perfectly

An Enterprise is upgrading a part of its current network of Ethernet switches to SDN with OpenFlow switches.
The Enterprise needs to consider the following:
o The legacy Ethernet part of the network uses VLAN 20
o The new SDN part of the network uses VLAN 10
This file is a study guide in preparation for the MEF-SNCP Exam intended for Globe Telecom employees.
Please do not share outside.
o An OpenFlow-hybrid switch connects the legacy Ethernet part and SDN part to L3 gateway using an IEEE
802.1Q trunk. Which OpenFlow rule should be specified in the hybrid switch to match and forward VLAN
20 traffic to the traditional Ethernet pipeline?

 If VLAN ID = 20, forward to ANY port
 If VLAN ID = 20, forward to CONTROLLER port
 If VLAN ID = 20, forward to IN_PORT port
 If VLAN ID = 20, forward to NORMAL port

 If VLAN ID = 20, forward to NORMAL port

How well did you know this?

Not at all

Perfectly

A Service Provider offers data and voice services to its customers. The Service Provider offers a link with a
capacity of 10 Gbps between two OpenFlow switches. The Service Provider wants to limit the data traffic to 70%
of the link capacity and leave the remaining capacity for voice services. The network administrator created an
OpenFlow queue that was attached to the port and connected to the link. The link directed all data traffic (NOT
voice) to that queue. What is the proper configuration of the queue?

 Minimum rate = 3 Gbps; Maximum rate = 3 Gbps
 Minimum rate = 7 Gbps; Maximum rate = 7 Gbps
 Minimum rate = 3 Gbps; Maximum rate = 10 Gbps
 Minimum rate = 7 Gbps; Maximum rate = 10 Gbps

 Minimum rate = 7 Gbps; Maximum rate = 7 Gbps

How well did you know this?

Not at all

Perfectly

A Service Provider offers a data plan to customers that contains the following SLAs: a guaranteed rate of 1
Mbps and a maximum rate of 2 Mbps. The Service Provider deploys OpenFlow switches in their network and
wants to implement the SLAs using OpenFlow meters. Customer traffic is subject to a meter band with 2 meters.
What is the proper configuration of the 2 meters in the meter band?

 Meter 1: rate = 1 Mbps, type = DSCP remark; Meter 2: rate = 2 Mbps, type = drop
 Meter 1: rate = 1 Mbps, type = drop; Meter 2: rate = 2 Mbps, type = drop
 Meter 1: rate = 1 Mbps, type = DSCP remark; Meter 2: rate = 1.5 Mbps, type = DSCP remark
 Meter 1: rate = 1 Mbps, type = drop; Meter 2: rate = 2 Mbps, type = DSCP remark

 Meter 1: rate = 1 Mbps, type = DSCP remark; Meter 2: rate = 2 Mbps, type = drop

How well did you know this?

Not at all

Perfectly

Network operations wants to confirm that the SDN Controller to SDN Switch communication path is
functional. Which protocol should the operator use to verify latency and continuity?

 UDP Connection
 Hello Messages
 TLS Sequencing
 Echo Request/Reply

 Echo Request/Reply

How well did you know this?

Not at all

Perfectly

In a mobile network, several base stations are attached to the core via a single mobile backhaul wireless link.
Power is available only at the remote end of the backhaul link. The installation of an SDN switch at the remote
end to connect the base stations via the backhaul link to the network core is the first step toward a dynamically
configurable network. Which approach allows the SDN controller located in the core to control the remote SDN
switch?

 The SDN control connection is established in-band and isolated from the data traffic
 The SDN switch at the remote location is equipped with a battery backup unit
 The SDN control connection uses an unreliable transport protocol (such as UDP)
 The SDN control connections are established to both master and slave SDN controller

 The SDN control connection is established in-band and isolated from the data traffic

How well did you know this?

Not at all

Perfectly

The Service Provider is deploying this SDN topology with the following configuration:
• OpenFlow channel used to exchange OF messages between the controller and the OF switches is on a dedicated
network using the out-of-band OF switch interface
• The subnet address of this dedicated network is 192.168.1.0/24; controller IP = 192.168.1.100
• The connection to the SDN controller must be secured
After establishing the above connections and rebooting the switches, the OF switches failed to establish
connection with the SDN controller. The IT Administrator suspected that it is a connection URl configuration
problem in the OF switches. What should the IT administrator verify when troubleshooting this problem?

 The connection URl configured in both OF switches is TLS:192.168.1.100:6653
 The connection URl configured in the first OF switch is TCP:192.168.1.1:6653
 The connection URl configured in both OF switches is TLS:192.168.1.1:6653
 The connection URl configured in both OF switches is TCP:192.168.1.100:6653

 The connection URl configured in both OF switches is TLS:192.168.1.100:6653

How well did you know this?

Not at all

Perfectly

The network engineer wants to design the network to be resilient and be able to continue OpenFlow Switch
forwarding even if communications to the SDN Controller is lost. Which SDN Switch Mode must be enabled?

 Fail normal mode
 Fail secure mode
 Fail switch mode
 Fail secure drop mode

Fail secure mode

How well did you know this?

Not at all

Perfectly

A client wants to create a level of network resilience that prevents dynamic SDN traffic sent from the
controller to continue in the Switch OpenFlow Pipeline processing if the switch loses connectivity to the SDN
Controller. The degraded operation will result in the switch continuing to operate in its native underlying switch
or router mode. Which configuration mode will provide this level of functionality?

 Fail secure mode
 Fail standalone mode
 Fail normal mode
 Fail secure drop mode

 Fail standalone mode

How well did you know this?

Not at all

Perfectly

An SDN network is built using OpenFlow version 1.3 as the Southbound API. Both the master and slave SDN
Controller have experienced a catastrophic failure. The switches are configured in Fail-Secure mode. How will the
forwarding plane behave in this situation?

 The SDN Switches will drop all traffic received through the active physical ports
 The SDN Switches will only forward new flows through the active physical ports
 The SDN Switches will forward all traffic through the active physical ports
 The SDN Switches will forward already configured flows through the active physical ports

 The SDN Switches will forward already configured flows through the active physical ports

How well did you know this?

Not at all

Perfectly

An Operator is trying to create 6,000 virtualized networks that are interconnected through a common Layer 2
closed user group. The Layer 2 networks must support both unicast and broadcast delivery. Because there is a 4K
limitation when using VLANs, which IP-based overlay can accomplish this task?

 VXLAN
 IPv6
 IPSEC
 MPLS

 VXLAN

How well did you know this?

Not at all

Perfectly

An SDN application subscribes to Emergency Alert Systems for the locations where SDN Switches are present.
The application receives an earthquake alert. What should the SDN Controller do to mitigate connectivity loss to
customer-facing traffic?

 Broadcast the traffic to all SDN Switches in the affected areas
 Dispatch a technician to the unaffected area
 Redirect the traffic away from the affected areas
 Configure more ports on the SDN Switches in the affected areas

 Redirect the traffic away from the affected areas

How well did you know this?

Not at all

Perfectly

A user is deploying an SDN solution to upgrade a decade-old legacy routed network. The user prefers to
deploy the SDN network in a mixed mode/hybrid fashion with some devices managed via OpenFlow and other
devices managed via NETCONF/YANG. Which SDN Controller should the user select?

 OpenStack
 OpenDaylight
 Open Source Networking
 Open Software Defined System

 OpenDaylight

How well did you know this?

Not at all

Perfectly

A network is experiencing long delays in acknowledging communication between the network switches and
the SDN Controllers. The use of multiple protocols between the controllers and the switches is causing an
increase in latency. The SDN Controllers were originally Beacon but have been upgraded to Ryu since Beacon
failed to meet the network’s requirements. Which approach addresses this problem?

 Roll back to the Beacon SDN Controller
 Implement high availability functionality for all network elements
 Fix the APIs for each of the applications on the network
 Replace Ryu with two OpenDaylight controllers in active/active mode

 Replace Ryu with two OpenDaylight controllers in active/active mode

How well did you know this?

Not at all

Perfectly

25. Several employees on the same floor report erratic network behavior. The SDN control channel to the switch on that floor is NOT established. What is the first step the SDN engineer should do to troubleshoot the OpenFlow connection?  Reboot the SDN Controller and wait for the problem to resolve automatically  Trigger a connection re-establishment from the SDN Controller  Make sure that the SDN Switch has the correct SDN Controller configured  Unplug all cables from the SDN Switch to avoid a security risk

 Make sure that the SDN Switch has the correct SDN Controller configured

26. The new "Aggregation 2" switch must to be added to handle the traffic growth. The entire network is controlled through the SDN Controller. Which configuration must be performed to integrate the new Aggregation 2 switch into the SDN network?  Configure the flow tables in the new switch so that traffic is forwarded to the appropriate destination  Configure the activation of the spanning tree protocol because it will automatically set up connectivity  Configure the routing protocol parameters and neighboring nodes and next hops  Configure the SDN controller and the control connection parameters such as encryption, protocol, etc.

 Configure the SDN controller and the control connection parameters such as encryption, protocol, etc.

27. An organization has assigned the network architect to design an SDN network in a hybrid switch environment. The network has the following requirements: • The SDN solution should be OpenFlow 1.3 or later with an open source SDN controller solution • There has to be encrypted route traffic information between the SDN controllers What should the architect do to meet the network design requirements?  Replicate the TCAM information in the non-OpenFlow switches to the OpenFlow switches  Mandate that all applications use network overlays to populate the inter-switch links in the network  Recommend that all of the switches meet a tuple-parsing minimum in the packet header that is faster than traditional non-SDN switches  Recommend the ODL Neutron SDN Controller, since it provides the most thorough addressing of the requirements

Recommend the ODL Neutron SDN Controller, since it provides the most thorough addressing of the requirements

28. The Service Provider has deployed SD-WAN software in their network. After a controller upgrade, the system administrator tried to deploy a white box branch device, which failed during the usual deployment procedures. What could be causing the failure of this deployment?  The underlay network needs to be downgraded to the previous software version  The branch device software needs to be supported by the controller software  The controller and all the white box devices need to be rebooted  The white box device needs to be replaced with a new one

The branch device software needs to be supported by the controller software

29. Network Operations wants to be notified whenever a new switch or device is added to the SDN Network. What type of SDN application is needed?  Reactive application  Proactive application  RESTful application  Preemptive application

 Reactive application

30. An Operator is upgrading a legacy network to SDN. The upgrade should be transparent to the legacy networking devices. What should the Operator do to meet this requirement?  Install an SDN Controller supporting OpenFlow and replace the networking devices with devices supporting OpenFlow  Install a NETCONF Agent on the networking devices and install an SDN Controller supporting NETCONF/YANG  Install an SDN Controller that can support the legacy southbound interfaces and install the relevant applications  Install an OpenFlow Agent on the networking devices and install an SDN Controller supporting OpenFlow

 Install an SDN Controller that can support the legacy southbound interfaces and install the relevant applications

31. A network company buys another network company. The engineers and architects must determine how to merge the two networks. Both have an MPLS backbone with the presence of BGP route reflectors and use various routing protocols in their networks such as IS-IS and OSPF. Both have a mixture of traditional equipment and SDN equipment. For certain applications, they both use ODL. It is recommended to use an SDN architecture. Which SDN solution should be used for the merge?  Replace the two local ODL controllers with a central ODL controller using Path Computation Element Protocol (PCEP) and OpenStack  Create a single Network to Network Interface and use BGP  Update the VNF forwarding graph with a new virtual link  Replace the two local ODL controllers with a central ODL controller using BGP-LS and Path Computation Element Protocol (PCEP)

``` Replace the two local ODL controllers with a central ODL controller using BGP-LS and Path Computation Element Protocol (PCEP) ```

32. The CTO and management want the SDN applications introduced into production as soon as possible, even if there is a risk that the hybrid SDN solution may not scale. The architect has the promises of all the different vendors - network switch, SDN controller, and SDN applications - that the solution will work. None of those promises are in writing. What is the most compelling argument for pausing to deploy a formal test lab for SDN applications?  SDN gives greater management control to the network, so it is important to investigate all aspects of that management prior to deployment.  Advocate for an agile framework so that any programming modifications can be swiftly modified in the SDN applications.  As long as the vendors have promised interoperability verbally, what remains is to secure a written SLA from each of the vendors.  SDN reduces operational expense of running the network, so additional resources can be added to apply out-of-band management solutions.

SDN gives greater management control to the network, so it is important to investigate all aspects of that management prior to deployment.

33. A company's network infrastructure has been upgraded to OpenFlow-based white box switches. The network architect is selecting an open-source SDN controller. The architect has several options, but none fully support the planned deployment. They all require some extensions. The goal of the deployment is to implement priority treatment for the network traffic of the company's CEO, who regularly visits branch offices located in many locations around the world. Based on these requirements, which features are most important for this deployment?  Secure north-bound interfaces and automatic conflict detection  Isolation of various tenants and wide-range of accounting and reporting options  Flexible QoS management and a unified network model  Support for multiple SDN control protocols and model-based extensibility

Flexible QoS management and a unified network model

34. An SDN controller is using NETCONF to configure SDN switches. An engineer is attempting to provision a new service that requires configuring multiple switches along the traffic path. However, one of the nodes along the path is NOT responding. What should the SDN controller do?  Configure every other node along the path  Configure the first node along the path and raise an alarm  Configure none of the nodes and raise an alarm  Configure only the non-responsive node

Configure none of the nodes and raise an alarm

35. A Service Provider is building their SDN network using an SDN Controller and OpenFlow Switches. The Service Provider needs to mitigate the following security challenge: attackers may launch a Denial of Service (DoS) attack by sending a high volume of unique flows, which could result in a high volume Packet-In messages from OpenFlow switches to the SDN Controller making the controller inaccessible. Which solution should the network architect select to keep the SDN controller safe from this DoS attack?  Increase link capacity or reserved bandwidth for Packet-In messages  Upgrade hardware with higher CPU power and memory capacity  Install rate limits for Packet-In messages using queue or meter bands  Install more SDN Controllers to form a load-balancing cluster

 Install rate limits for Packet-In messages using queue or meter bands

36. A Service Provider plans to deploy a network made up of 5,000 OpenFlow switches. The switches are partitioned in domains, and each domain is controlled by a separate controller. The controllers are organized in a federated arrangement. Each controller can support up to 1,000 OpenFlow switches, but must be able to completely support another domain if the controller that controls that domain fails. How many controllers must the Service Provider deploy to support this arrangement?  7 controllers  8 controllers  10 controllers  5 controllers

 10 controllers

37. A Service Provider deployed an SDN system to support 100,000 services. The system has the following configuration: • 2 SDN controllers in active/active configuration • Each SDN controller is sized for 100,000 services The system must grow to support 150,000 services with the same level of redundancy. What should the network architect do to support system growth?  Increase the bandwidth between two existing SDN controllers and the available system memory  Increase the disk space on the existing SDN controllers and increase the write cache for better performance  Identify potential services that are duplicative and get permission for them to be removed  Deploy an additional SDN controller of the same capacity as the existing controllers

Deploy an additional SDN controller of the same capacity as the existing controllers

38. The network architect needs to design a native SDN network in a greenfield environment. The network spans 3,000 miles and three data centers. The controllers must be configured in a federated model. Which aspect of the recommended solution must be considered as the top priority in designing both the scalability and resilience of the new SDN network?  The need to increase the interconnect speed and reduce the latency between switches in the data centers of the organization  The key management infrastructure that must be designed to efficiently retrieve performance information from the network  Adopting the OpenDaylight SDN solution that will feature the ability to replicate controller switch information  Addressing the long propagation delays among controllers that can lead to a long response time in the replication of the controllers

Addressing the long propagation delays among controllers that can lead to a long response time in the replication of the controllers

39. As part of the SDN deployment, the SDN Controllers must be secured. The controllers are deployed in a High Availability (HA) configuration. The Linux OS servers are hardened to avoid malware hosts, and the data center has been physically hardened. How can the administrator avoid the insertion of unauthorized controllers ("controller-in-the-middle") that could hijack the controller infrastructure?  Creating an audit log of all controller access to document anomalies in the network  Deploying an authentication protocol between the controllers  Replicating key management systems to the controllers' instruction database to redundant servers  Leveraging DPI for all controller traffic to identify a potential DDoS attack

Deploying an authentication protocol between the controllers

40. A Service Provider deploys SDN Controllers in a hierarchical configuration. The parent SDN Controller interacts with child SDN Controllers. Each child SDN Controller manages the respective networking domain. Which method should be used to minimize network downtime?  High availability configured only for child SDN Controllers because they manage the immediate network  High availability NOT required for either the parent or the child SDN Controllers because they are always stable  High availability configured only for parent SDN Controller because it maintains all global data  High availability configured for both parent SDN Controller and child SDN Controllers

High availability configured for both parent SDN Controller and child SDN Controllers

41. A company considers building an SDN network based on the OpenFlow protocol. The OpenFlow connection setup between an OpenFlow switch and an SDN controller must meet privacy, integrity, and identity security requirements. Which connection setup should the network architect select to meet the requirements?  TLS connection with switch side certificate  TCP connection in a separated control place network/VLAN  TLS connection with certificates from both sides  TLS connection with controller side certificate

TLS connection with certificates from both sides

42. When dealing with third-party proactive SDN applications, a network operator must address the following security challenges: • An error in the third-party application could cause the SDN controller to crash • Third-party applications can gain access into the internal data structures of SDN controllers What is the proper protection mechanism?  Ask the developers of third-party applications to follow security guidelines  Apply an audit check before a third-party application is allowed to run  Run third-party applications in separate processes from the SDN controllers  Run third-party applications as plugins of the SDN controllers

Run third-party applications in separate processes from the SDN controllers

43. A white box server hosting an SDN controller deployed at the customer site fails during an upgrade process. Connectivity to the controller has been lost. How should the network administrator access the device?  Console  FTP  SSH  Telnet

Console

44. A misbehaving VNF is generating too much traffic and consuming too many resources. How can the VNF deployment be modified to address this problem?  Containerization of Virtual Network Functions  Replication of VNF service chains  White-box system deployments  A custom vendor appliance

Containerization of Virtual Network Functions

45. Field trials for an organization's VNF instances have ended with success. Now, VNFs must be deployed across thousands of network segments in the global network. Which organizational goal presents the greatest challenge in the management of the new deployment?  A comprehensive global domain VNF catalogue function  A comprehensive MANO solution  A robust service-chaining solution  A multi-domain VNF replication function

A comprehensive MANO solution

46. System architects are planning a new NFV deployment. The architects decide to group the NFV-MANO functional blocks and design the interfaces to all other functional blocks that are part of the architectural framework based on shared reference points. Based on the NFV architectural framework, which set of functional blocks share reference points with the NFV-MANO?  OSS/BSS, EMS, VNFM, NFVI  EMS, VNF, NFVI, OSS/BSS  NFVO, EMS, NFVI, OSS/BSS  NFVO, VNFM, EMS, VIM

 EMS, VNF, NFVI, OSS/BSS

47. An NFVO system receives a network service instantiation request. Which components does the NFVO need to interact with to execute request?  VNFM and SDN Controller  VNFM and VIM  VIM and SDN Controller  VNFM and EMS

VNFM and VIM

48. An Operator is creating a service using a set of service components located on the customer premises. How should the Operator perform this task?  Instantiate and configure the service to chain between adjacent service components  Instantiate and configure the service using the Service Activation Testing (SAT) function  Instantiate and configure the service using automated Fault Management notifications  Instantiate and configure the service deploying an automated Service Assurance function

Instantiate and configure the service to chain between adjacent service components

49. An organization is deploying a virtualized network over its existing network infrastructure. The CTO has requested that the organization use NFV service chains. The network designer will instantiate resources including compute, memory, and grouping in NFV service chains. Which element of the NFV infrastructure should be used to instantiate these service chains?  The NFV Orchestrator (NFVO)  The VNF Deployment Manager (VDM)  The Virtualized Link Descriptor (VLD)  The VNF Forwarding Graph Manager (VFGM)

 The NFV Orchestrator (NFVO)

50. A customer requests a Service Provider to deploy a VNF that is made up of three Virtual Deployment Units (VDUs). Each VDU requires 4 vCPUs and 8 GB RAM for its operation. Three servers with the following capabilities are identified as NFVI compute resources: Server A: 64 vCPU and 64 GB RAM Server B: 32 vCPU and 48 GB RAM Server C: 12 vCPU and 24 GB RAM The customer requests node anti-affinity policies to be enforced. Which VDU placement is appropriate to meet this requirement?  All three VDUs on Server A  Each VDU on a different server  Two VDUs on Server A and 1 VDU on Server B  Two VDUs on Server B and 1 VDU on Server C

Each VDU on a different server

51. A Service Provider has installed an NFV software framework into their network. An operator needs to view alerts and events from the deployed VNFs. Which component provides this information?  VNF Manager  Analytics/Service Assurance node  Access Manager  NFV Infrastructure

VNF Manager

52. A company is running a simple web service made up of a front-end web server and a back-end database server. Users connect to the front-end web server. The company has 200 customers that generate the given CPU and memory utilization rates. The company plans to expand and the user base and workload is expected to double. The network architect needs to make the existing service capable of scale-out for the upcoming expansion. The architect also needs to identify additional service components required. What should the network architect recommend to achieve a minimum design change while maintaining quality of service?  Add 1 back-end database and deploy 1 load-balancer in front of the database as a new service component  Add 1 front-end web server and deploy 1 load-balancer in front of the web server as a new service component  Add 1 front-end web server and 1 back-end database and deploy a backup server as a new service component  Add 1 back-end database and 3 front-end web servers and deploy load-balancers as a new service component

Add 1 front-end web server and deploy 1 load-balancer in front of the web server as a new service component

53. An administrator needs to modify the Virtualization Domain, Compute Domain, and Infrastructure Networking Domain within a Service Provider's NFV infrastructure. Which component is responsible for managing and controlling these domains within the NFVI functional block?  NFV Infrastructure (NFVI)  Virtual Network Functions (VNFs)  VNF Manager (VNFM)  Virtual Infrastructure Manager (VIM)

 Virtual Infrastructure Manager (VIM)\

54. An Operator plans to deploy an NFV system. The system must be able to manage the VNF infrastructure and orchestrate the workflow of instantiating the VNFs, as well as configure them and manage their lifecycle. Which architectural building block as defined by ETSI NFV Industry Specification Group (ISG) should the Operator use to configure an instantiated VNF?  OSS  VIM  LSO  EMS

EMS

55. A customer subscribes to a Service Provider's managed SDN-based service based on a vCPE that includes a virtual router and virtual firewall. All configuration of the VNFs must be performed by the Service Provider. The customer suffered a security attack and requests that the Service Provider update the firewall policies to address the issue. Which component should be used by the Service Provider to update the firewall policies?  OSS  SDN Controller  NFVO  VIM

SDN Controller

56. An Operator plans to deploy a network service composed of a chain of VNFs. When deploying the service, what should the Operator create and configure?  An intrusion/detection mechanism in front of the first VNF in the service chain  A logical overlay tunnel between adjacent VNFs in the service chain  An OpenStack instance to manage and monitor the service chain  A secure overlay tunnel between each VNF and an SDN Controller

A logical overlay tunnel between adjacent VNFs in the service chain

57. An enterprise customer subscribes for a low-delay 10 Mbps pipe from the Service Provider and requests a network service to allow all traffic to pass through Firewall and IDS functions before reaching their remote sites. The NFV Orchestrator deploys two virtual functions (1 for Firewall and 1 for IDS) to deliver this network service. Each virtual function has two virtual NICs connected to the virtual switches within the hypervisor. The NFVI infrastructure has 10 Gbps and 40 Gbps ports. To enable service to this customer, what operations must be performed by the SDN Controller?  Configure Forwarding and QoS Policies only in the virtual infrastructure because only virtual functions are used  Configure Forwarding Policies only at the entry of the physical network where this customer traffic enters the network  Configure the Forwarding policies only at the exit of physical infrastructure where customer traffic exits the network  Configure Forwarding and QoS policies in both the physical infrastructure and virtual infrastructure for this customer

Configure Forwarding and QoS policies in both the physical infrastructure and virtual infrastructure for this customer

58. An operator is trying to edit a deployment template to make changes to the links between connected VNFs on a TOSCA-enabled NFV architecture. Which NFV component describes the relationship between the VNF links?  Physical Network Function (PNF)  Virtual Network Function (VNF)  Virtual Deployment Units (VDU)  Network Service Descriptor (NSD)

Network Service Descriptor (NSD)

59. The MANO component of an NFV system includes a service catalogue, a VNF image store, a VM deployment function, and an SDN controller. A customer of the NFV system is running a vCPE service made up of several VNFs including a vNAT. The customer wants to replace this vCPE from vendor A with a vCPE from vendor B. Images for the new VNFs were loaded to the image store and triggered to redeploy/update the service. Which step is required for this replacement?  Develop and activate a test plan for the new service  Update the vCPE service descriptor in the catalogue  Upload a new load-balancer VNF to the image store  Remove the old vCPE VNF images from the image store

Update the vCPE service descriptor in the catalogue

60. A Service Provider's NFV infrastructure (NFVI) is hosting VNFs from multiple vendors to support real-time applications like VoLTE. The application requirements need to be hosted in multiple data centers connected through WAN and support deployment of both green-field VNFs and VNFs of existing Physical Network Functions (PNFs). Which three domains can support these requirements within the NFVI architecture?  Compute Domain, Virtualization Domain, Infrastructure Networking Domain  Application Domain, Transport Domain, Physical Domain  Data Center Domain, Service Provider Domain, Enterprise Domain  Virtual Domain, Physical Domain, Orchestration Domain

Compute Domain, Virtualization Domain, Infrastructure Networking Domain

61. An Operator is creating a network service made up of several VNFs in an active NFV system. The Operator's design team needs to execute a set of procedures to create this service. What should the team do to meet this requirement?  Use the EMS to configure each VNF respectively  Use the VIM to plan and deploy the VNFI environment  Request the VIM to install and instantiate the VNFs  Design, onboard, and instantiate the network service

A request to the NFVO to instantiate a network service

62. Troubleshooting of a service interruption identified that suboptimal routing occurred that was caused by one specific application. The Network Service is deployed using NFV technology. The applications are on separate VMs. The VMs run over Open Virtual Switch (OVS). What action should the SDN engineer recommend to immediately address the problem?  Delete the congested virtual link  Create and instantiate a new VNF instance  Route around the congested link using Fast ReRoute  Configure the SDN Controller to bypass the application

Configure the SDN Controller to bypass the application

63. A disaster recovery test revealed insufficient isolation between VNFs and the chance of a security breach affecting a neighboring VNF. How should the isolation of the VNFs be improved?  Increase logging and monitoring of the VNF behavior  Distribute the VNFs across additional NFVI instances  Actively manage the authentication of new VNFs  Replicate the VNF catalogue across domains

Distribute the VNFs across additional NFVI instances

64. A provider is offering services via several VNFs. After a major service outage, engineers find that the outage was due to a bug that caused a few of the VNFs to operate incorrectly. A new software version is available that fixes the problem. The new software also introduces new services that will be used by some of the VNFs. The old services still must be offered to a selected group of VNFs. How should the engineer proceed with the upgrade?  Deploy the new and old version at the same time while directing new service requests to the new software version  Deploy the VNFs as active/standby with the old version on the standby VNF and the new version on the active VNF  Deploy only the new software version and upgrade the other VNFs to be compatible with the new services in the next release  Deploy the VNFs as active/standby with the old version on the active VNF and the new version on the standby VNF

Deploy the new and old version at the same time while directing new service requests to the new software version

65. A Service Provider deploys a cloud center with servers built to run VNFs. The host OS is Linux Ubuntu Server version 16.04 and the Open-vSwitch (OVS) version is 2.7.0. The OVS is managed by an OpenDaylight SDN controller. Each server must be able to monitor each VM's Ingress/Egress traffic. How can each VM's ingress/egress traffic monitoring be done using the NFV architecture?  Add a monitor VNF in a new VM and configure it to communicate with each deployed VNF and get its Ingress / Egress traffic  Replace OVS with monitoring SDN application that will communicate with ODL  Add a monitor VNF in a new VM and configure OVS to mirror each VNF virtual port traffic to the new VNF virtual port  Modify each of the NFVs deployed in the server to collect traffic and send it to ODL

Add a monitor VNF in a new VM and configure OVS to mirror each VNF virtual port traffic to the new VNF virtual port

66. The network test engineer is tasked with developing the optimum test environment for evaluating network elements and services for the organization's NFV environment. Security and usability have already been addressed. The test environment is per ETSI-NFV specification, illustrated above. The primary deliverable is to validate the SLA for high availability in convergence failover times in the simulated environment. What key area needs to be considered in testing to make certain the organization is prepared before these VNFs are introduced in a production context?  Ensuring the SLA provides for multiple service chaining in case of catastrophic failure  Simulating a multiple VNF environment to load balance the network throughput  Running stress traffic rates (150%) over 5 hours for SLA validation  Identifying multiple VNFs that are associated with the same physical server

Identifying multiple VNFs that are associated with the same physical server

67. In a Service Provider NFV deployment, a VM is declared unavailable if it does NOT respond in the following configured periods: • VM supporting VoLTE VNF: 10 ms • VM supporting VoLTE Business Support System (BSS): 2000 ms Live migration of a VM takes 1000 to 1500 ms for any workload. High availability is NOT configured for any of the VMs. The Service Provider plans a live migration of VMs to manage data center resources. Which strategy should be used to support live migration?  Migrate both VoLTE BSS and VoLTE VNF at the same time  Migrate VoLTE VNF but ensure VoLTE BSS is NOT migrated  Migrate the VoLTE BSS but ensure VoLTE VNF is NOT migrated  Migrate both VoLTE BSS and VoLTE VNF in sequence

Migrate the VoLTE BSS but ensure VoLTE VNF is NOT migrated

68. A Service Provider needs to create a network service that contains an Intrusion Detection System (IDS) to detect malicious traffic. The network uses OpenFlow switches. Solution requirements: • Minimize delay for user traffic • Minimize processing load on the IDS system How should the Service Provider implement the IDS system?  Deploy the ISD as bump-in-the-wire network device  Install OpenFlow rules to mirror all user traffic to the IDS system  Use Switched Port Analyzer (SPAN) port to mirror all traffic to the IDS system  Install OpenFlow rules to mirror selected traffic to the IDS system

Install OpenFlow rules to mirror selected traffic to the IDS system

69. A Service Provider deploys VNFs from various vendors to build a single Service Function Chain (SFC). A software upgrade on one of the VNFs (VNF A) is planned. The Service Provider is building a testbed to test the new version of VNF A to minimize interoperability issues. How should the Service Provider build the testbed?  All VNFs in the chain  Only the VNFs adjacent to VNF A in the SFC  VNF A and VNFs adjacent to VNF A in the SFC  VNF A only

All VNFs in the chain

70. A Service Provider is designing a Service Function Chaining (SFC) that includes a DPI VNF and a Load Balancer VNF. The DPI VNF looks into the payload of the subscriber packets to do traffic classification and appends an application ID to be delivered to the Load Balancer VNF using either inband metadata or out-of-band metadata. The Load Balancer VNF will use the application ID to steer a packet into a link that is assigned to that application ID. The following information must be considered: • Total network delay between DPI VNF and Load Balancer VNF for subscriber packets must not exceed 1 ms • Total network delay for out-of-band metadata including the insert of metadata into a local cache at Load Balancer VNF is 2 ms • Total number of possible values of application IDs is 5000 • VLAN tag is 12 bits • MPLS label is 20 bits Which design should the Service Provider use to map the application ID?  Inband metadata mapping into a MPLS label  Inband metadata mapping into a VLAN tag  Out-of-band and inband metadata  Out-of-band metadata

Inband metadata mapping into a MPLS label

71. A Service Provider carries various traffic types: email, voice, video, and web. The Service Provider introduces SDN and NFV service chaining to improve its business model. Each traffic type is routed through its appropriate service chain. For example, the email service chain includes virus, spam, and phishing detection. The web traffic is routed through a chain that includes virus scanning and an Application Delivery Controller (ADC). What should follow the edge router at the customer premises to implement this NFV service chaining?  A DPI service that marks traffic according to the traffic type  A Layer 2 switch that switches the traffic to a different port according to its VLAN  An SDN controller that creates the appropriate service chain according to the traffic type  Virus, spam, phishing detection and then virus scanning and ADC\

A DPI service that marks traffic according to the traffic type

72. The operator wants to deploy the service chain shown. in ---> VNF1 ---(W)---VNF2---(X)---VNF4 ---> out | | | | (Y)---VNF3----(Z) To avoid customer dissatisfaction, the operator defines performance constraints. One constraint is the network delay through the service chain. A processing delay of 3 ms per VNF occurs. Which combination of link delays satisfies a delay limit of 20 ms for the whole service chain?  W: 5 ms, X: 5 ms, Y: 1 ms, and Z: 2 ms  W: 4 ms, X: 4 ms, Y: 3 ms, and Z: 3 ms  W: 8 ms, X: 2 ms, Y: 2 ms, and Z: 3 ms  W: 3 ms, X: 9 ms, Y: 2 ms, and Z: 1 ms

W: 5 ms, X: 5 ms, Y: 1 ms, and Z: 2 ms

73. Why do Service Providers offer SD-WAN services with Quality of Service utilizing MPLS and Public Internet?  Because SD-WAN can steer network traffic over multiple paths  Because Public Internet has the same characteristics as MPLS  Because SD-WAN enables Class of Service over the Public Internet  Because SD-WAN eliminates queuing that exists in traditional WAN networks

Because SD-WAN can steer network traffic over multiple paths

74. An SD-WAN is deployed using different transport technologies: • A low-cost Internet access that provides best-effort transport for traffic (bandwidth of 40 Mbps and expected average delay of 30 ms) • Premium MPLS transport that provides guaranteed traffic (bandwidth of 10 Mbps and delay below 10 ms) The following traffic types are expected to cross the SD-WAN. Each traffic type has SLAs such as bandwidth and packet delay: [1] Business critical applications (packet delay < 5 ms) [2] Voice and video communications (packet delay < 50 ms) [3] Social media and web content (packet delay < 10 ms) [4] Backup of branch-office data (packet delay < 70 ms) [5] Guest WiFi (packet delay < 100 ms) A client must make sure the SD-WAN system uses both transport options. What is the most cost-efficient way to transport the traffic?  Traffic type 1 and 3 to MPLS and the other types to the Internet  Traffic type 2 and 3 to MPLS and the other types to the Internet  Traffic type 3 and 5 to MPLS and the other types to the Internet  Traffic type 2 and 4 to MPLS and the other types to the Internet

 Traffic type 1 and 3 to MPLS and the other types to the Internet

75. Which OpenStack project has orchestration capabilities? a. Heat b. Horizon c. Sahara d. Cinder

A. HEAT

76. There are many initiatives and platforms implementing SDN features. Also, there are now various implementations of SDN in the data center environments. The three main flavors are: Open SDN, SDN by APIs and SDN via overlays. Which of the following describes SDN via APIs? a. SDN implementation where controller programs, control plane of device thru legacy interfaces (SNMP, CLI, RADIUS) or newer interfaces (NETCONF/YANG, REST, XMPP, BGP-LS, PCEP) b. SDN implementation where virtualized networks are erected on top of existing infrastructure c. SDN implementation where network devices are programmable and control is centralized, controller communicates to network devices using only the standard protocol OpenFlow

SDN implementation where controller programs, control plane of device thru legacy interfaces (SNMP, CLI, RADIUS) or newer interfaces (NETCONF/YANG, REST, XMPP, BGP-LS, PCEP)

77. Which role does OpenStack serve in SDN? a. vRouter b. Orchestrator c. Controller d. Gateway

b. Orchestrator

78. In an NFV environment, what is the role of an SDN controller? a. Dynamically controls all of the software components b. Spins up the VMs that are required to build the NFVs c. Dynamically scales up and scales down VM resources d. Connects the virtualized networking devices through a common policy-based model

D. Connects the virtualized networking devices through a common policy-based model

79. What is the function of an NFV Orchestrator (NFVO)? a. It manages the infrastructure. b. It manages the NFVI compute, storage, and network resources in the cloud data center. c. It coordinates the life cycle of VNFs that jointly instantiate a network service. d. It is responsible for service life-cycle management, including instantiating, scaling, upgrading, downgrading, modifying, and terminating VNFs.

d. It is responsible for service life-cycle management, including instantiating, scaling, upgrading, downgrading, modifying, and terminating VNFs.

80. What are the two advantages of SDN? Choose 2. a. Programmability b. Centralized management c. Static networking d. Decentralized management

a. Programmability | b. Centralized management

81. You want to rapidly deploy elastic Layer 3 through Layer 7 services in a data center. What would be used to accomplish this task? a. NFV b. MPLS c. VPLS d. VXLAN

a. NFV

82. Listed below are some descriptions of the relevant efforts made by IETF for network operations in the SDN world: 1) provides mechanisms to install, manipulate, and delete configuration of network devices; use XML-based data encoding; operations realized as RPCs 2) data modeling language used to model configuration and state data 3) provides a programmatic interface over HTTP for accessing data Match the list above with the corresponding protocol. a. 1)NETCONF; 2)YANG; 3)RESTCONF b. 1)YANG; 2)NETCONF; 3)RESTCONF c. 1)NETCONF; 2)RESTCONF; 3)YANG d. 1)RESTCONF; 2)YANG; 3)NETCONF

d. 1)RESTCONF; 2)YANG; 3)NETCONF

83. Which two statements about SDN and NFV are true? Choose two. a. SDN decouples network services from hardware appliances so they can run in software. b. SDN separates network control and forwarding functions and provides a centralized view of the network. c. NFV decouples network services from hardware appliances so they can run in software. d. NFV separates network control and forwarding functions and provides a centralized view of the network

B. SDN separates network control and forwarding functions and provides a centralized view of the network.