Virtualization

Question 1

What does consolidation ratio mean in the context of virtualization?

Answer 1

Consolidation ratio is the ratio of virtual servers to physical servers.

Question 2

Which type of hypervisor is most commonly used in enterprise production deployments?

Answer 2

Type 1, or bare-metal hypervisor

Question 3

From the hypervisor perspective, how is a virtual disk represented?

Answer 3

A virtual disk is represented as a file on the host-attached storage of a hypervisor.

Question 4

In network virtualization, what is the terminology given to the physical enterprise network that supports multiple logical overlay networks?

Answer 4

Underlay network

Question 5

What is the software that makes server virtualization possible?

Answer 5

Hypervisor

Question 6

What acts as the abstraction layer between the physical hardware and the guest operating system, which runs inside a virtual machine (VM)?

Answer 6

Hypervisor

Question 7

A hosted hypervisor is also known as?

Answer 7

Type 2 hypervisor

Question 8

Which type of hypervisor provides better scalability and performance because it runs directly on top of the hardware and not inside another Windows or Linux operating system?

Answer 8

Type 1 hypervisor

Question 9

VMware ESXi, Microsoft Hyper-V, KVM, and Citrix Hypervisor are examples of which type of hypervisor?

Answer 9

Type 1 hypervisor

Question 10

A type 2, or hosted, hypervisor runs inside what exactly?

Answer 10

Windows or Linux operating system installed on a physical host machine.

Question 11

What are some examples of type 2 hypervisors?

Answer 11

VMware Workstation, VMware Fusion, Parallels, and Oracle VirtualBox

Question 12

Which of the following is not an example of a type 1 hypervisor?

A. Citrix Hypervisor
B. VMware ESXi
C. Microsoft Hyper-V
D. VMware Fusion

Answer 12

VMware Fusion is a type 2 hypervisor that is built for use in a macOS environment

Question 13

Which of the following is a benefit of having a higher server consolidation ratio?

A. Higher ROI
B. Higher power consumption
C. Allows for mixing of different hypervisor types
D. Allows for the creation of larger VMs

Answer 13

A. Higher ROI

Question 14

Type 2 hypervisors are commonly deployed in what type of environment?

Answer 14

Test/development environments

Question 15

What is is a logical container that contains all the resources that an operating system requires for normal operation?

Answer 15

Virtual machine (VM)

Question 16

What are the components of a VM?

Answer 16

Its components include virtual CPU (vCPU), virtual memory, a virtual graphic adapter, and a virtual NIC (vNIC), among other resources

Question 17

What is the centralized management server responsible for managing multiple ESXi hosts?

Answer 17

vCenter

Question 18

What typically contains an application and all the dependencies that the application needs to run and is physically smaller and more efficient than a VM?

Answer 18

A container

Question 19

Which of the following cannot be used to manage any VMware vCenter Server environment?

A. Flash-based vSphere Web Client
B. vSphere HTML5 Web Client
C. vSphere C# client
D. Microsoft Remote Desktop Protocol (RDP) client

Answer 19

D. Microsoft Remote Desktop Protocol (RDP) client

Question 20

What term applies to the operating system that is installed within a virtual machine?

Answer 20

Guest operating system

Question 21

True or false: Memory can be overprovisioned in a virtualized environment deployment.

Answer 21

True. Memory can be overprovisioned. You can allocate more memory to VMs than you have installed on a physical host.

Question 22

What does a VM vNIC connect to?

Answer 22

A VM vNIC connects to a virtual port on an internal switch called a virtual switch.

Question 23

Can traffic flow directly from one vSwitch to another?

Answer 23

No. Due to this behavior of a vSwitch, there is no risk of a spanning tree loop within the virtual host.

Question 24

The grouping of ports is termed as what in a VMware ESXi environment?

Answer 24

a port group

Question 25

What is a vSphere Distributed Switch (vDS) used for?

Answer 25

vDS is used for complex vSphere environments with requirements for advanced networking and high availability.

Question 26

What is an architectural approach that seeks to decouple individual network services such as access control lists (ACLs), Network Address Translation (NAT), quality of service (QoS), intrusion prevention systems (IPSs), intrusion detection systems (IDSs), Layer 3 routing, wireless LAN controllers (WLCs), and more from the underlying hardware?

Answer 26

Cisco Enterprise NFV

Question 27

What are some examples of VNFs that are supported in Cisco Enterprise NFV?

Answer 27

Cisco Integrated Services Virtual Router (ISRv) for virtual routing

Cisco Adaptive Security Virtual Appliance (ASAv), which is a firewall

Cisco Firepower Next-Generation Firewall Virtual (NGFWv), which is an integrated virtual firewall with intrusion detection and intrusion prevention

Cisco virtual Wide Area Application Services (vWAAS) for virtualized WAN optimization

Cisco virtual Wireless LAN Controllers (vWLCs) for virtual WLCs

Question 28

What is the term for the grouping of ports with similar properties within a VMware ESXi vSphere Standard Switch (vSS)?

Answer 28

Port group

Question 29

On which of the following virtual switches can the NX-OS CLI be used for administration?

Answer 29

Cisco Nexus 1000V

Question 30

Which Cisco virtual switch is used in a Cisco ACI environment?

Answer 30

Cisco ACI Virtual Edge

Question 31

A virtual switch in a VMware ESXi host has an uplink that maps to what?

Answer 31

Physical NIC or VMNIC

Question 32

Which of the following are benefits of server virtualization? (Choose two.)

A. Hardware resource consolidation

B. Underutilization of CPU

C. Underutilization of memory

D. Reduction of TCO due to a less intense cooling requirement

E. Complete removal of physical networking

Answer 32

A. Hardware resource consolidation
D. Reduction of TCO due to a less intense cooling requirement

Question 33

True or false: NFV infrastructure can be deployed on any general-purpose x86 platform.

Answer 33

True. FV infrastructure can be deployed on any general-purpose x86 platform. There can be a mix of virtual and physical devices and Cisco and third-party devices and network services.

Question 34

Which planes of operation can be virtualized?

Answer 34

Control plane and data plane

Question 35

What feature may need to be adjusted on a link to account for the additional overhead created by GRE?

Answer 35

Maximum transmission unit (MTU)

Question 36

What aspect of security ensures that data has not been altered or modified during transmission?

Answer 36

Data integrity

Question 37

What consists of an IP routing table, a forwarding table, and the interface or interfaces assigned to the instance?

Answer 37

A VRF instance

Question 38

What uses a combination of VRF instances and 802.1Q trunking for hop-by-hop path isolation or Generic Routing Encapsulation (GRE)/Multipoint GRE (mGRE) for multi-hop path isolation?

Answer 38

VRF-Lite

Question 39

Each VRF instance contains all except which of the following components?

A. Routing table
B. Forwarding table
C. Interface assigned to the VRF instance
D. ACL

Answer 39

D. ACL

Question 40

What plane of operation includes protocols, databases, and tables that are involved in making forwarding decisions and maintaining a functional network topology that is loop free?

Answer 40

Control plane

Question 41

What is a tunneling protocol that provides a path for transporting packets over an IP network by encapsulating a packet inside a transport protocol?

Answer 41

Generic Routing Encapsulation (GRE)

Question 42

What is an inner packet that needs to be delivered to a destination network inside an outer IP packet?

Answer 42

payload

Question 43

What is additional control information about the payload that is being carried or the forwarding behavior that needs to be applied to the packets being tunneled at decapsulation—or both?

Answer 43

Encapsulation header

Question 44

What indicates how the encapsulated payload data is transported to the other end of the tunnel?

Answer 44

Delivery or transport header

Question 45

What is a GRE stateless tunnel?

Answer 45

The tunnel endpoint does not keep information about the remote tunnel endpoint’s state or availability.

Question 46

How many bytes of overhead does a GRE tunnel add?

Answer 46

At least 24 bytes of overhead: This includes a new 20-byte IP header, which indicates the source and destination IP addresses of the GRE tunnel. The remaining 4 bytes are for the GRE header itself.

Question 47

Does GRE support multiprotocol and ability to tunnel any OSI Layer 3 protocol?

Answer 47

Yes. It uses a protocol type field in the GRE header to support the encapsulation of any OSI Layer 3 protocol.

Question 48

Does GRE provide security features?

Answer 48

Nope. No strong confidentiality, data source authentication, or data integrity mechanism exists in GRE. GRE can, however, be used with IPsec to provide confidentiality, source authentication, and data integrity.

Question 49

What happens if packets are larger than the interface’s maximum transmission unit (MTU) permits?

Answer 49

the router must fragment the packet.

Question 50

What can fragmentation cause?

Answer 50

Significant CPU overhead on a router, which can affect all packet forwarding.

Question 51

How can you change MTU on an interface?

Answer 51

You change the MTU on an interface by using the command ip mtu mtu.

Question 52

What might have to be done to prevent TCP sessions from being dropped?

Answer 52

Adjust the TCP maximum segment size (MSS) value by using the command ip tcp adjust-mss mss value for the interface.

Question 53

Which of the following is not a characteristic of GRE?

A. GRE has weak security features.

B. GRE can tunnel any Layer 3 protocol.

C. GRE tunnels are stateful.

D. GRE can carry routing protocols within the tunnel.

Answer 53

C. GRE tunnels are stateful.

Question 54

Which of the following is not necessary to create a GRE tunnel?

A. IP address

B. Tunnel source

C. Tunnel destination

D. Routing protocol

Answer 54

Routing protocol

Question 55

Which of the following is performed by the routers in a tunnel path between two GRE router endpoints?

A. Parsing the payload

B. Parsing the IP packet

C. Encapsulating the payload packet

D. Decapsulating the payload packet

Answer 55

B. Parsing the IP packet

Question 56

What is a centralized architecture that provides ease of management and control for VPN deployments? It allows for easier scaling of large and small IPsec VPNs with GRE tunnels, IPsec encryption, and Next Hop Resolution Protocol (NHRP).

Answer 56

Dynamic Multipoint VPN (DMVPN)

Question 57

What is a Cisco VTI?

Answer 57

Cisco IOS VTIs are used to provide a simplified configuration process for connecting remote sites. VTIs provide an alternative to the use of GRE or Layer 2 Tunneling Protocol (L2TP) for encapsulation.

Question 58

What is a unified solution that simplifies the deployment of multiple types of VPNs?

Answer 58

Cisco IOS FlexVPN

Question 59

What is a suite of protocols based on RFC 4301 that provides data confidentiality, data integrity, and data origin authentication of IP packets?

Answer 59

IPsec

Question 60

IPsec uses what three protocols?

Answer 60

IKE, AH, and ESP

Question 61

What provides authentication of IPsec peers, negotiates IPsec security associations, and establishes IPsec keys?

Answer 61

Internet Key Exchange (IKE)

Question 62

What port does IKE use?

Answer 62

UDP port 500

Question 63

What uses protocol number 51 and provides encapsulation for user traffic authentication?

Answer 63

Authentication Header (AH)

Question 64

Does AH provide encryption?

Answer 64

No

Question 65

What uses protocol number 50 and provides encapsulation for user traffic encryption and authentication?

Answer 65

Encapsulating Security Payload (ESP)

Question 66

What command would you use to verify a Site-to-Site IPsec configuration?

Answer 66

show crypto isakmp sa

Question 67

What are one of the downsides of using a GRE tunnel alone?

Answer 67

they transport packets in plaintext and offer no protection for the payload.

Question 68

What does GRE support that IPsec doesn’t?

Answer 68

IP broadcast or IP multicast. It’s best to use them in conjuction.

Question 69

What are the two IPsec modes?

Answer 69

Tunnel and Transport mode

Question 70

What is Tunnel Mode?

Answer 70

Tunnel mode protects the original IP header within a new IPsec IP header. Tunnel mode is the default mode.

Question 71

What is Transport Mode?

Answer 71

Transport mode is used if the original IP header can be exposed. Transport mode is normally sufficient with GRE over IPsec because the GRE and IPsec endpoints are often the same.

Question 72

Is this a tunnel or transport mode packet?

Answer 72

Tunnel mode

Question 73

Is this a tunnel or transport mode packet?

Answer 73

Transport mode

Question 74

What VPN technology is used for the dynamic creation of IPsec tunnels between sites without the need for a permanent connection?

Answer 74

DMVPN

Question 75

VPN technology serves as a unifier for multiple types of VPNs?

Answer 75

Flex VPN

Question 76

What key management protocol introduced support for NAT traversal?

Answer 76

IKEv2

Question 77

Does IKEv1 offer EAP authenication?

Answer 77

No IKEv2 does. IKEv2 specifies that EAP must be used with ­public-key signature-based responder authentication.

Question 78

True or false: VRF-Lite technology provides true routing and forwarding separation.

Answer 78

True

Question 79

Which of the following is a multi-hop technique for data path virtualization?

A. mGRE

B. BGP

C. 802.1Q

D. Forwarding table

Answer 79

A. mGRE

Question 80

Which of the following is a characteristic of GRE?

A. GRE uses IP protocol 43

B. GRE uses IP protocol 47

C. GRE tunnels are stateful

D. GRE provides strong security features

Answer 80

IP protocol 47 defines GRE packets.

Question 81

Which of the following is not one of the protocols used with IPsec?

AH
ESP
IKE
EAP

Answer 81

EAP

Question 82

What routing architecture design separates the device identity, or endpoint identifier (EID), from its location or routing locator (RLOC)?

Answer 82

LISP

Question 83

What is the limitation of LISP?

Answer 83

It only supports Layer 3 overlays. It does not carry MAC addresses because it discards the Layer 2 Ethernet header.

Question 84

Because MAC addresses need to be carried in certain fabric technologies, such as SD-Access, you need what?

Answer 84

VXLAN

Question 85

VXLAN is a tunneling protocol that allows for the tunneling of -____ traffic over an IP network

Answer 85

Ethernet traffic

Question 86

What does Cisco’ SD-Access solution use as its control plane?

Answer 86

LISP

Question 87

What is the name for the VXLAN unique network ID?

Answer 87

VXLAN network identifier (VNI)

Question 88

What is assigned to an end host and is the IP address of the endpoint within the LISP site?

Answer 88

Endpoint identifier (EID)

Question 89

What is a site where LISP routers and EIDs reside?

Answer 89

LISP site

Question 90

What receives packets from endpoints within a LISP site and either encapsulates packets to remote LISP sites or natively forwards packets to non-LISP sites.

Answer 90

Ingress tunnel router (ITR)

Question 91

What receives packets from interfaces facing the network core and either decapsulates LISP packets or natively delivers non-LISP packets to local EIDs at the site?

Answer 91

Egress tunnel router (ETR)

Question 92

What is a router that performs the functions of both an ITR and an ETR?

Answer 92

Tunnel router (xTR)

Question 93

What is a LISP infrastructure device that provides connectivity between non-LISP sites and LISP sites?

Answer 93

Proxy ITR (PITR)

Question 94

What is a LISP infrastructure device that allows IPv6 LISP sites without native IPv6 RLOC connectivity to reach LISP sites that only have IPv6 RLOC connectivity?

Answer 94

Proxy ETR (PETR)

Question 95

It is likely that a LISP interworking device will implement both PITR and PETR functions. When this is the case, the device is referred to as what?

Answer 95

Proxy xTR (PxTR)

Question 96

What is a router that performs the functions of any or all of the following: ITR, ETR, PITR, and/or PETR.

Answer 96

LISP Router

Question 97

What is an IPv4 or IPv6 address assigned to a device (typically a router) in the global routing system?

It is an IPv4 or IPv6 address of an ETR that decapsulates LISP packets.

Answer 97

Routing locator (RLOC)

Question 98

What configures the LISP site policy for LISP ETRs that register to it?

Answer 98

Map server (MS)

Question 99

What receives map requests encapsulated to it from ITRs, and when configured with a service interface to the LISP alternative topology (ALT), it forwards map requests to the ALT?

Answer 99

Map resolver (MR)

Question 100

When the map server and map resolver functions are implemented on the same device, it is referred to as what?

Answer 100

Map server/map resolver (MS/MR)

Question 101

What are the three components of an LISP architecture?

Answer 101

LISP routing architecture, LISP control plane, and LISP data plane

Question 102

What enables LISP to separate the IP addresses into EIDs and RLOCs? This enables endpoints to roam from site to site, and the only thing that changes is their RLOCs. The EIDs remain the same.

Answer 102

LISP routing architecture

Question 103

What component determines where to send LISP traffic? It works similarly to Domain Name System (DNS).

Answer 103

LISP control plane.

As DNS can resolve a name to an IP address, LISP can resolve an EID to an RLOC by sending map requests to the MR. LISP uses map requests and map replies, which are similar to DNS requests and replies. LISP uses a distributed mapping system to map EIDs to RLOCs. When an ITR needs to find an RLOC address, a map request is sent to the mapping system. This makes the system an efficient and scalable on-demand routing protocol because it is based on a pull model instead of the push model used with traditional routing protocols.

Question 104

Which device in a LISP deployment receives map requests that are encapsulated to it from ITRs?

Answer 104

Map resolver (MR)

Question 105

Endpoint identifiers (EIDs)are assigned to what?

Answer 105

EIDs are assigned to end hosts.

Question 106

Can a endpoint identifier (EID) be both IPv4 and IPv6 or only IPv4?

Answer 106

Can be IPv4 or IPv6

Question 107

In environments where you need to preserve Layer 2 header information, you can use what?

Answer 107

VXLAN

Question 108

What provides a Layer 2 extension over a shared Layer 3 underlay infrastructure network, using MAC-in-IP or UDP tunneling encapsulation?

Answer 108

VXLAN

Question 109

VXLAN ID space is how many bits?

Answer 109

24 bits

Question 110

How many VXLAN identifiers can be supported?

Answer 110

16 million unique VXLAN identifiers

Question 111

What type of overlay emulates Layer 2 LAN segments?

Answer 111

Layer 2 overlay

Question 112

What type of overlays are helpful when you want to transport IP packets and you also want to abstract the underlying IP infrastructure?

Answer 112

Layer 3 overlay

Question 113

XLAN provides a unique network ID called a what?

Answer 113

VXLAN (or virtual) network identifier (VNI)

Question 114

What are the three drivers for VXLAN?

Answer 114

greater scalability, isolation for multitenancy, and any-to-any Layer 2 communications

Question 115

What component in VXLAN provides a tunnel for transporting the original payload?

Answer 115

VNI

Question 116

VXLAN uses MAC-in what encapsulation?

Answer 116

VXLAN uses MAC-in-UDP/IP encapsulation.

Question 117

VXLAN uses what to achieve optimal path usage over the transport network?

Answer 117

ECMP

Question 118

What is an entity that originates or terminates a VXLAN tunnel?

Answer 118

VXLAN tunnel endpoints (VTEPs).

Question 119

Each VTEP has two interfaces. What are they used for?

Answer 119

One interface provides a bridging function for local hosts (which can be a trunk port to the access switch).

The other interface has an IP identification in the core network for VXLAN encapsulation and decapsulation.

Question 120

VXLAN is a what plane protocol?

Answer 120

Data plane protocol

Question 121

MP-BGP and multicast are the most popular control planes for which environments?

Answer 121

Data centers and private cloud environments

Question 122

What are the various control planes that are supported with VXLAN?

Answer 122

VXLAN with LISP control plane
VXLAN with MP-BGP EVPN control plane
VXLAN with multicast underlay
VXLAN with static unicast VXLAN tunnels

Question 123

For campus deployment, Cisco’s Software-Defined Access (SD-Access) is an example of an implementation of VXLAN with what control plane?

Answer 123

LISP control plane

Question 124

In a VXLAN header, what is the size of the VXLAN ID field?

Answer 124

24 bits

Question 125

What kind of encapsulation does VXLAN use?

Answer 125

MAC-in-UDP

Question 126

What is the name of the unique network identity provided by VXLAN?

Answer 126

VXLAN network identifier (VNI)

Question 127

Which LISP device provides connectivity when traffic is flowing from a non-LISP site to a LISP site?

Answer 127

PITR is a LISP infrastructure device that provides connectivity between non-LISP sites and LISP sites.

Question 128

Which of the following describes a routing locator (RLOC)?

The IPv4 or IPv6 address of the customer router that is decapsulating a LISP packet

B. A logical topology that is deployed as part of the LISP infrastructure to provide scalable EID prefix aggregation

C. A block of IP addresses that are assigned to a site

D. The name of a site where LISP routers and EIDs reside

Answer 128

A logical topology that is deployed as part of the LISP infrastructure to provide scalable EID prefix aggregation

Question 129

What collective grouping of devices is responsible for transporting packets between network devices for the SD-Access fabric overlay?

Answer 129

Underlay network

Question 130

What SD-Access architecture component is part of the Layer 3 network used for interconnections between border nodes and edge nodes?

Answer 130

Intermediate node

Question 131

SD-Access can be considered an evolution of which of the following network environments?

Data center

Enterprise campus

WAN

Private cloud

Answer 131

Enterprise campus

Question 132

Which component integrates with the SD-Access environment to enable the dynamic mapping of users to scalable groups for end-to-end policy enforcement?

Cisco ISE

Cisco DNA Center

Cisco TrustSec

NMS

Answer 132

Cisco ISE

Question 133

What are the four SD-Access fabric architecture layers?

Answer 133

Physical, Network, Controller, and Management layers

Question 134

Which component of an SD-Access architecture provides a centralized dashboard that hides the complexities and dependencies of configuring the other layers?

Underlay network

Overlay network

Cisco DNA Center

Cisco ISE

Answer 134

Cisco DNA Center

Question 135

Which component of the controller layer in an SD-Access architecture provides the underlay and fabric automation and orchestration services for the physical and network layers?

NCP

NDP

Cisco ISE

LISP

Answer 135

NCP provides all the underlay and fabric automation and orchestration services for the physical and network layers.

Question 136

What are the four planes of operation in SD-Access?

Answer 136

Control, Data, Policy, & Management planes

Question 137

Which SD-Access plane involves the security and segmentation of network devices?

Answer 137

Policy plane

Question 138

Which SD-Access plane involves the orchestration, assurance, visibility, and management of the SD-Access solution?

Answer 138

Management plane

Question 139

What does SD-Access use as the control plane?

Answer 139

LISP

Question 140

What does SD-Access use as the data plane?

Answer 140

VXLAN

Question 141

What does SD-Access use as the policy plane?

Answer 141

Cisco TrustSec

Question 142

What does SD-Access use as the management plane?

Answer 142

DNA Center

Question 143

What technology is used to assign an SGT value to a packet at its ingress point into a network?

Answer 143

Cisco TrustSec

Question 144

The assignment of an SGT value as packets enter a network is associated with which operational plane of the SD-Access architecture?

Control plane

Data plane

Policy plane

Management plane

Answer 144

Policy plane

Question 145

What type of SD-Access node serves as a gateway between the SD-Access fabric site and external networks to the fabric?

Answer 145

Border node

Question 146

What component in an SD-Access architecture is represented as a switched virtual interface (SVI) with a hard-coded MAC address across all edge nodes?

Map resolver

Anycast Layer 3 gateway

EID

PxTR

Answer 146

Anycast Layer 3 gateway

Question 147

True or false: After an edge node detects an endpoint in the endpoint registration process, that endpoint is added to a local database known as the EID table.

Answer 147

True

Question 148

True or false: Cisco SD-Access architecture offers open and standards-based APIs for management.

Answer 148

True

Question 149

Which SD-Access operational plane deals with orchestration, assurance, and visibility in a Cisco SD-Access deployment?

Answer 149

Management plane

Question 150

Fabric-mode APs connect to which of the following component in an SD-Access environment?

Fabric WLC

Edge node

Intermediate mode

Border node

Answer 150

Edge Node

Question 151

What is a container?

A lightweight virtual machine

A software emulation of a physical server without an operating system

An application with its dependencies packaged inside a tarball

An isolated environment where containerized applications run.

Answer 151

An isolated environment where containerized applications run.

Question 152

Which of the following are container engines? (Choose all that apply.)

Rkt

Docker

vSphere hypervisor

LXD

Answer 152

Docker

Question 153

True or false: Only a single vSwitch is supported within a virtualized server.

Answer 153

False

Question 154

Which of the following is the virtual or software version of a network function and typically runs on a hypervisor as a VM?

VNF

NFV

NFVI

NFVIS

Answer 154

VNF

Question 155

Which of the following is an architectural framework created by ETSI that defines standards to decouple network functions from proprietary hardware-based appliances and have them run in software on standard x86 servers?

VNF

NFV

NFVI

NFVIS

Answer 155

NFV

Question 156

Which platform plays the role of the orchestrator in Cisco’s Enterprise NFV solution?

APIC-EM

Cisco DNA Center

Cisco Enterprise Service Automation (ESA)

APIC Controller

Answer 156

Cisco DNA Center

Question 157

Connecting VNFs together to provide an NFV service or solution is known as ______.

daisy chaining

bridging

switching

service chaining

linking

Answer 157

service chaining

Question 158

What is an architectural framework created by the European Telecommunications Standards Institute (ETSI) that defines standards to decouple network functions from proprietary hardware-based appliances and have them run in software on standard x86 servers?

Answer 158

Network functions virtualization (NFV)

Question 159

What is the virtual or software version of an NF, and it typically runs on a hypervisor as a VM?

Answer 159

virtual network function (VNF)

Question 160

What are some examples of Cisco VNFs?

Answer 160

Cisco Cloud Services Router 1000V (CSR 1000V)

Cisco Integrated Services Virtual Router (ISRv)

Cisco NextGen Firewall Virtual Appliance (NGFWv)

Cisco Adaptive Security Virtual Appliance (ASAv)

Question 161

What allows VNFs to have direct access to physical PCI devices, which appear and behave as if they were physically attached to the VNF?

Answer 161

PCI passthrough

Question 162

What maps EIDs to RLOCs?

control plane node
border node
edge node
intermediate node
WLC node

Answer 162

control plane node

Question 163

What connects the fabric to to external networks?

control plane node
border node
edge node
intermediate node
WLC node

Answer 163

border node

Question 164

What connects endpoint devices to the fabric?

control plane node
border node
edge node
intermediate node
WLC node

Answer 164

edge node

Question 165

What provides only underlay transport services?

control plane node
border node
edge node
intermediate node
WLC node

Answer 165

intermediate node

Question 166

What resides outside of the fabric?

control plane node
border node
edge node
intermediate node
WLC node

Answer 166

WLC node

Question 167

How does a VM uniquely identify itself to other virtually and physically networked devices

The administrator can set software and networking identifiers via the VM configuration file.

The operating system will automatically define unique identifiers by incrementing the default hardware addresses as needed.

The VM inherits its identifiers from the operating system and its associated hardware.

The administrator can set software and networking identifiers via the operating system.

Answer 167

The administrator can set software and networking identifiers via the VM configuration file

Question 168

What maps EIDs to RLOCs?

edge node
border node
control plane node
intermediate node
WLC node

Answer 168

control plane node

Question 169

What connects the fabric to external networks?

edge node
border node
control plane node
intermediate node
WLC node

Answer 169

border node

Question 170

What connects endpoint devices to the fabric?

edge node
border node
control plane node
intermediate node
WLC node

Answer 170

edge node

Question 171

What provides only underlay transport services?

edge node
border node
control plane node
intermediate node
WLC node

Answer 171

intermediate node

Question 172

What resides outside the fabric?

Answer 172

WLC node

Question 173

Which of the following are encryption protocols that should be avoided? (Choose two.)

DES
3DES
AES
GCM

Answer 173

DES
3DES

Question 174

Which of the following is the message exchange mode used to establish an IKEv1 IPsec SA?

Main mode
Aggressive mode
Quick mode
CREATE_CHILD_SA

Answer 174

Quick mode

Question 175

What is the destination UDP port used by the LISP data plane?

4341
4143
4342
4142

Answer 175

4341

Question 176

Which of the following UDP ports is the UDP port officially assigned by the IANA for VXLAN?

8947
4789
8472
4987

Answer 176

4789