DumpsBox
Home/cisco/Free Cisco 350-601 Actual Exam Questions/Question 15
← Back to Exam

Free Cisco 350-601 Actual Exam Questions - Question 15 Discussion

Question No. 15Drag & Drop

DRAG DROP Refer to the exhibit The VSAN 4041 and 4042 are exchanged between two Cisco MDS 9000 Series Switches called MDS-1 and MDS-2 The objective is to deploy a security mechanism on MDS-1 to allow MDS-2 to join the fabric exclusively Drag and drop the code snippets from the bottom onto the boxes in the code to complete the MDS-1 configuration Not all code snippets are used.

Options
A20:01:00:38:90:54:21:8
B20:01:00:de:fb:fd:db:7
C20:0a:00:38:90:54:21:8
D32
E103
F11
Drag an item to a target. Click × to remove.
Answer Area
awwn
Drop item here
domain
Drop item here
awwn
Drop item here
domain
Drop item here
US
SB
Sam B.
2026-02-14

I think it’s crucial to not just set the switch names and enable VSAN security but also to explicitly deny unknown switches from joining. So any snippet related to “switchname MDS-2” and “vsan security enable” should be there, plus something like “deny unknown switch” or similar. That way, you prevent any other switches from sneaking in. Without that, you might allow undesired devices to join the fabric. The question probably wants a tight control mechanism, not just basic naming and enabling.

0
MX
Michael X.
2026-02-02

I’d say disabling unknown switch joining is important too, so besides naming MDS-2, the config should include a command to block any other switches from joining the VSANs. That’s a good extra layer of security.

0
PM
Paul M.
2026-02-02

Seems like the key is enabling vsan security on MDS-1 and explicitly defining an allowed switch name or ID for MDS-2, so unauthorized switches get blocked. The code snippets probably include commands like “switchname MDS-1” and “vsan security enable” plus some ACL or allowed switch name list. If we drop any snippet that doesn’t directly restrict or identify MDS-2, it’s likely not needed. The absence of certain commands might confirm that only a basic enforcement on MDS-1 is required here. Not sure if fabric binding or zoning plays in this specific drag-drop though.

0
LF
Liam F.
2026-01-31

Also consider the use of VSAN ACLs to restrict membership; that could be a second layer.

0
SC
Shoaib C.
2026-01-30

I think it’s key to focus on enforcing VSAN security on MDS-1 to restrict fabric access specifically to MDS-2. Setting MDS-1’s switch name correctly is a must since the security features often rely on identifying peers by name. After that, enabling VSAN security on the relevant VSANs (4041 and 4042) should lock down the fabric join permissions. Some code snippets might just be noise, so best to skip those without explicit VSAN or switch name commands. Also, confirming that both switches support the security commands for your FOS version helps avoid config errors.

0
MF
Michael F.
2026-01-22

MDS-1 needs the switch name set and vsan security enabled, so pick snippets matching those.

0
AU
Andre U.
2026-01-20

I think the key is setting the switch name on MDS-1 to match the one MDS-2 expects, plus defining VSAN security on that specific VSAN. The code snippets that do this should fill the security part properly.

0
AU
Andre U.
2026-01-18

You gotta use zone vsan command to tie zoning to the right VSAN.

0
OD
Osama D.
2026-01-15

Looks like this is about setting up VSAN security to restrict access. I'd start with zoning config and switch name settings to lock MDS-2 in.

0