Free Cisco 300-620 Actual Exam Questions
Dumps Box (DumpsBox) offers up-to-date practice exam questions for DCACI 300-620 certification exam which are developed and validated by Cisco subject domain experts certified in Cisco 300-620 . These practice questions are update regularly as we keep an eye on any recent changes in DCACI 300-620 syllabus, and when there is update our team quickly adjusts the questions. This commitment to providing the best quality exam prep material to certification aspirants is what makes DumpsBox.com the best certification exam prep website. On top of that, our strong, yet strictly moderated, community based feedback keeps the content clean and current. Each question has helpful community discussion that provides it extra perspective and introduces helpful resources for better exam preparation. This also saves students from other outdated practice questions or illicit exam dumps that can have adverse affects on career. Browse through our Cisco 300-620 exam questions and pass your exam on first try.
discovery?
If VLAN 3600 is for fabric discovery, wouldn’t that lean more towards a Fabric VLAN (D) since it’s about the fabric itself? Infrastructure sounds broader, but discovery might be more specific. Anyone remember exact docs on this?
B. It’s known that VLAN 3600 is used for internal fabric communication, so Infrastructure VLAN makes the most sense compared to Transit or Loopback options.
about the endpoints is true?
Maybe C here. Static path binding is pretty specific about the MAC address because the fabric doesn’t rely on dynamic learning for those endpoints. That narrows down to C since endpoint learning really focuses on MACs in this case, not IPs or other details. A and B don’t quite fit because static path binding doesn’t strictly require direct leaf port connections or different bridge domains. D sounds plausible but doesn't capture the key point about how endpoint learning works with static bindings.
Maybe B here since external endpoints often end up in a different bridge domain to isolate traffic, even if they’re in the same EPG logically. So that separation makes sense in practice.
policy configuration? (Choose two.)
It’s A and E. The VMM domain profile (A) sets up the domain, and the EPG association (E) links endpoint groups to that domain, which is crucial for policy enforcement in ACI. IP pools feel more separate from VMM policy.
A, D. The VMM domain profile defines the connection to the hypervisor, and the IP address pool is necessary for assigning addresses within that domain. The other options are more tied to EPG or external routing configurations.
10G fabric extenders. Which physical topology is supported?
A)
B)
C)
D)
Maybe D. The Nexus 2000 series typically supports being connected to two parent switches for redundancy, which looks like what option D shows with multiple uplinks. The other options seem less clear on that dual-parent connection, which is pretty standard in ACI deployments with fabric extenders to avoid a single point of failure. Plus, option D looks like it aligns with Cisco’s recommended best practices for fabric extender topologies in data centers using ACI.
B, simple direct connection fits Nexus 2000 fabric extender design best.
An engineer is configuring a VRF for a tenant named Cisco. Drag and drop the child objects on the left
onto the correct containers on the right for this configuration.
I’m guessing this is Cisco ACI based on the tenant naming and VRF context, so I’d put the bridge domain and subnet inside the VRF container since that’s how ACI organizes those. Route-targets usually go under the VRF too, but not inside the subnet or bridge domain. The tenant contains the VRF, which then contains those child objects. If it was IOS XE, the hierarchy would be different since it’s more flat and less object-oriented. Without explicit platform info, I’d trust the tenant > VRF > bridge domain/subnet ordering here.
The tenant is the highest level, so child objects shouldn’t go directly under it. Route-targets and RD belong inside the VRF container since they configure VRF-specific properties, not the tenant itself.
two.)
D imo. SMB is designed for file sharing and remote access, so it fits the backup file access scenario well. Pair that with FTP (B) since it’s a common protocol for transfers and often supported for backups. SFTP is secure but might not always be enabled on all APIC setups, whereas SMB is more straightforward for network file access. TFTP feels too limited and HTTPS usually handles web traffic rather than file system access in this context. So B and D make sense to me as solid options for remote backup access.
C/D? SMB is often used for file sharing and could support remote backup access, and SFTP is definitely strong for secure transfers. FTP feels less secure, so I’d drop that one.
fabric for a
bridge domain. Which setting should be configured to support this requirement?
B, because disabling IP Data-plane Learning prevents conflicts with external gateway MAC learning.
It’s D for me. When the default gateway lives outside the fabric, you don’t want the ACI fabric advertising host routes that could confuse or conflict with that external routing. Disabling Advertise Host Routes keeps those internal routes from leaking out, which fits the scenario better than messing with MAC learning limits. A might help with learning external MACs, but D directly addresses the routing aspect for an external gateway, which seems more critical here.
Layer 3 gateway and other end hosts. Which ACI bridge domain configuration should be used?
It’s B because flooding unknown unicast and keeping ARP flooding enabled ensures all external hosts and the gateway get proper reachability without relying on hardware proxy support. This is safer for external networks.
Maybe C, since disabling ARP flooding could reduce unnecessary broadcast traffic.
from external subnets 10 0 0024 and 192.168 20 G'25. Which configuration set accomplishes this
goal?
D imo, because it specifically matches those exact subnets and uses an access list applied only to the OOB management interface, which fits the requirement tighter than B or C.
Makes sense to block everything else after allowing those subnets. I think option C nails that with explicit permits and a deny at the end. C
the servers support only Cisco Discovery Protocol with no order link discovery protocol. The engineer
wants the servers to be discovered automatically by the Cisco ACI fabric when connected. Which
action must be taken to meet this requirement?
D seems off since disabling LLDP alone doesn’t guarantee CDP is enabled.
I think B makes sense here. Since CDP isn’t enabled by default when LLDP is active, configuring a higher order interface policy to explicitly enable CDP on those specific leaf switch interfaces would ensure the servers get discovered without messing with the rest of the fabric. It’s more targeted than a global override and fits the requirement to handle just those two servers.
An application called App_1 is hosted on the server called S1. A silent host application. App_2. is
hosted on S2. Both applications use the same VLAN encapsulation, which action forces Cisco ACI
fabric to learn App_2 on ACI leaf 2?
A imo, dropping multi-destination flooding stops broadcasts that would normally help learn App_2, so it won’t be learned. That makes sense since it’s silent and won’t send anything to trigger learning otherwise.
C/D? If App_2 never sends traffic, flooding unknown unicast (C) might not help, but optimized flood for L3 unknown multicast (D) could trigger learning via multicast mechanisms. Both could make sense depending on traffic type.
B/D? COOP syncs endpoints, but overall reachability across pods sounds like MP-BGP EVPN.
D. I think D fits best because COOP is Cisco’s own protocol made for syncing endpoint info specifically in multi-pod ACI environments. MP-BGP EVPN is more general for control plane but doesn’t handle the detailed endpoint sync across pods like COOP does. So while B is commonly used, COOP’s role is more focused here.
requirements:
• Control the amount of application data flowing into the system
• Allow the newly connected device to auto-negotiate link speed with the leaf switch
Which two ACI policies must be configured to achieve these requirements? (Choose two.)
Makes sense to pick A for negotiation and E for controlling data flow. A, E
A and E imo, A covers link negotiation and E handles data flow control.
of the unicast and BUM traffic that are seen in a certain EPG. Which statement describes the
collection statistics?
I think B can be ruled out since ACI definitely tracks EPG-level stats, so saying it only monitors contract traffic stats seems incorrect. C also sounds off because statistics are collected regardless of VMM or physical domains; that distinction doesn’t affect stats collection. A could be tempting, but I don’t recall needing to enable stats tenant-wide first for EPG stats. The question doesn’t mention any license restrictions either, so maybe the stats enabling is really just on the EPG itself as D says. Still, could there be some prerequisite setting hidden in tenant or global scope? That’s w
Maybe A, since tenant-wide settings often control feature enablement in ACI.
An engineer must migrate workloads from the brownfield network to the Cisco ACI fabric. The VLAN
10 default gateway remains in the router located in the brownfield Network. The bridge domain has
already been associated with L20ut. Which two actions must be taken to migrate the workloads?
(Choose two.)
Maybe D and E since ARP flooding helps with gateway traffic inside the fabric.
It’s D and C for me. Mapping the MAC of the default gateway to the bridge domain (D) is crucial since the gateway stays in the brownfield network, so traffic knows where to go. For the second one, setting L2 Unknown Unicast Flood (C) makes sense because without it, unknown traffic from the brownfield side might get dropped inside the fabric. This helps ensure devices can still communicate properly during migration. A feels more about IP learning specifics, but flooding unknown unicast ensures seamless traffic flow during this transition phase.