NPDESI

Ace your homework & exams now with Quizwiz!

14 RESTCONF supports which two resources? (Choose two.) A. /restconf/data B. /restconf/operations C. /restconf/diagnostic D. /restconf/performance E. /restconf/fault

AB Section: (none) Explanation Explanation/Reference: Reference: https://yumaworks.freshdesk.com/support/solutions/articles/1000229884-what-restconf-features-are-supported-by-yumapro-sdk

28 Which two parts are required for a RESTful API call? (Choose two.) A. resource B. parameter C. method D. query E. fragment

AB Section: (none) Explanation Explanation/Reference: Reference: http://stackoverflow.com/questions/4024271/rest-api-best-practices-where-to-put-parameters

6 Which two statements about the NX-API are true? (Chose two.) A. NX-API supports XML-RPC B. NX-API is enabled by default C. NX-API supports JSON-RPC D. The nxapi_auth cookie expires in 30 minutes. E. NX-API maps to NX-OS NETCONF.

AC Section: (none) Explanation Explanation/Reference: Explanation: NX-API supports JSON-RPC, JSON, and XML formats. Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus7000/sw/programmability/guide/b_Cisco_Nexus_7000_Series_NXOS_Programmability_Guide/b_Cisco_Nexus_7000_Series_NX-OS_Programmability_Guide_chapter_0101.html

27 Which concept should you use whet trying to improve a frequently repeated and predictable manual process? A. scalability B. lifecycle management C. deployment D. orchestration E. automation

E Section: (none) Explanation Explanation/Reference: Explanation: Manual processes often result in delays in locating archived specimens for add-on or reflex testing. One way to reduce or eliminate potential workflow disruptions is to automate storage and retrieval. Reference: http://www.mlo-online.com/the-lean-lab-automation-workflow-and-efficiency.php

40 You want to implement a new feature in a home-grown network automation tool. Because your development team uses the Agile development methodology, which documentation must you create for them, in order to put this feature on the roadmap? A. ROI analysis B. case study C. user story D. SCIPAB breakdown E. enhancement request

C Section: (none) Explanation Explanation/Reference: Explanation: With the development team to define and prioritize granular units of functionality referred to as "User Stories". The development team estimates, plans, and delivers the highest priority user stories in the form of working, tested software on an iteration-by-iteration basis. In order to maximize productivity, the practices provide a supportive, lightweight framework to guide a team and ensure high-quality software. Reference: https://www.versionone.com/agile-101/agile-methodologies/

64 Which two data representation formats are used in RESTCONF? (Choose two.) A. HTML B. YAML C. HML D. GML E. ASN.1 F. JSON

DF Section: (none) Explanation Explanation/Reference:

operation/api-entry/path/query/fragment Mandatory/Mandatory/Optional/Optional/Ignored

21 Management protocols like NETCONF access network elements on well-known ports. Which design practice hardens a network device implementation? A. Specify the source interface for SSH B. Limit access to port 830, well-known clients, and SSH VTY. C. Enable CoPP. D. Configure ip http secure-server.

A Section: (none) Explanation Explanation/Reference: Explanation: The management plane is used in order to access, configure, and manage a device, as well as monitor its operations and the network on which it is deployed. The management plane is the plane that receives and sends traffic for operations of these functions. You must secure both the management plane and control plane of a device, because operations of the control plane directly affect operations of the management plane. This list of protocols is used by the management plane: Simple Network Management Protocol Telnet Secure Shell Protocol Reference: http://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html

25 A web service returns a JSON object to your Python script. What is the most logical object in which to store the JSON response? A. an integer B. a dictionary C. a tuple D. a string E. a list

A Section: (none) Explanation Explanation/Reference: Reference: http://www.tutorialspoint.com/json/json_quick_guide.htm

46 Which statement about NX-API REST is true? A. Configuration and state information is stored in the MIT. B. NX-API REST requires a commercial license to enable. C. Partial commits are supported. D. Fault objects may be queried, but event objects cannot be queried.

A Section: (none) Explanation Explanation/Reference: Explanation: NX-API REST provides access to objects stored in the MIT. Managed objects (MOs) are associated with a well-defined REST URI, and can be queried or configured from NX-API REST using their URI. Reference: https://opennxos.cisco.com/static/nexus/getting_started/programmability/chapters/cisco_nx-api_rest_interface1898.xhtml

19 Visore uses which protocol to retrieve information from the Cisco APIC? A. REST API B. OpFlex C. gRPC D. Visore API E. MongoDB

A Section: (none) Explanation Explanation/Reference: Explanation: The Cisco APIC software development kit (SDK) uses the REST API to read and write the configuration of Cisco APIC, using the object model to describe the current and desired states. Reference: http://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-733105.html

58 Refer to the exhibit. Which effect does the parameter ?session=test have in this VIRL API call? curl -X POST -u guest:guest -- header "Content-Type/text/xml; charset=UTF-"-data @API.virl http://virl-host:19399/simengine/rest/launch?session=test A. The API call is parsed and validated by VIRL, but no simulation is started. B. The topology file "APIvirl" is validated for proper structure content. C. The simulation is started in a special "test" mode that protects it from adversely affecting other simulations D. The simulation is started with the name "test".

A Section: (none) Explanation Explanation/Reference:

63 The network operator asks you to change the config setting on one specific host. All 300 hosts are managed with Puppet. Which action results in the requested change? A. This is an unsupported feature of Puppet, and Chef or Ansible must be used to make this change. B. Go to that host and make the config change. Puppet sees the local override and skips that part. C. Add an if statement to the Puppet manifest, and add specific config settings, in case Puppet is running on that host. D. Add a node-based variable lookup override in Hiera, so that if Puppet runs on that host, it takes the variable from Hiera.

A Section: (none) Explanation Explanation/Reference:

3 Where is the node-ui.log stored on the Cisco APIC-EM appliance? A. in the /var/log/grapevine/services/node-ui directory within the container that is running the node-ui instance B. in the Cassandra database instance that is running within the container that is running the node-ui instance C. in the /opt/CSCOapicem/logs/node-ui directory within the Cisco APIC-EM appliance root D. in the /var/log/grapevine/services/node-ui directory within the Cisco APIC-EM appliance root E. in the Cisco APIC-EM Cassandra database instance

A Section: (none) Explanation Explanation/Reference: Explanation: A host can be either an appliance, server or virtual machine where Cisco APIC-EM has been installed. Within the hosts are the Linux containers running instances of the Grapevine clients. The Grapevine clients run the different services. The Grapevine root runs as an application on the host itself and not in any Linux containers.

31 Which statement about Cisco ASA REST API calls is true? A. GET and POSR methods are supported, whereas PUT is not supported. B. Calls block other security management protocols, such as Cisco ADSM. C. Changes to the configuration are automatically written to the startup configuration.

A Section: (none) Explanation Explanation/Reference: Explanation: GET- Retrieves data from the specified object. PUT - Adds the supplied information to the specified object; returns a 404 Resource Not Found error if the object does not exist. POST - Creates the object with the supplied information. Reference: http://www.cisco.com/c/en/us/td/docs/security/asa/api/qsg-asa-api.html

15 Which ACI object is used to divide two applications that use the same IP address? A. bridge domain B. EPG C. VRF D. tenant

A Section: (none) Explanation Explanation/Reference: Explanation: One or more bridge domains are associated with a context. All of the endpoints within the Layer 3 domain must have unique IP addresses because it is possible to forward packets directly between these devices if the policy allows it. A tenant can contain multiple contexts. Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/b_ACI-Fundamentals_chapter_010001.html

42 Refer to the exhibit. Based on the YANG data model snippet, which RESTCONF URI should you use to retrieve data from the interfaces container? A. /restconf/data/my-interfaces:interfaces B. /restconf/data/my-interfaces:container:interfaces C. /restconf/operations/my-interfaces:interfaces D. /restconf/data/com.my-interfaces:interfaces

A Section: (none) Explanation Explanation/Reference: Reference: https://www.iab.org/wp-content/IAB-uploads/2016/04/IoT-IAB-workshop-terminology-bclaise.pdf (See the page no 8, first line in the right corner)

Which two data representation formats are used in RESTCONF? (Choose two.) A. HTML B. YAML C. XML D. GML E. ASN.1 F. JSON

A, B

35 <operation> /<api-entry>/<path>?<query>#<fragment> Refer to the exhibit. Which two URI entries are optional and functional in the RESTCONF URI structure that is shown? (Choose two.) A. path B. query C. operation D. fragment E. api-entry

AC Section: (none) Explanation Explanation/Reference: Reference: http://ftp.bme.hu/documents/internet-drafts/draft-bierman-netconf-restconf-02.txt

69 Which two tools help you to program against Nexus APIs? (Choose two.) A. Jenkins B. Cisco Nexus 1000v C. VIRL D. DevNet sandboxes E. Cisco Open SDN Controller

AD Section: (none) Explanation Explanation/Reference:

36 Which two initial actions should you take when exploring automation for ACI? (Choose two.) A. Develop an open-source package or SDK B. Look for an open-source package or SDK C. Write scripts that leverage the Python standard library D. Use the API inspector and test API calls. E. Use the ncclient command to explore the NETCONF capabilities of the Cisco APIC.

AD Section: (none) Explanation Explanation/Reference:

11 Which two network configuration protocols use XML as a data representation format? (Choose two.) A. NETCONF B. CORBA C. TOSCA D. SNMP E. RESTCONF

AD Section: (none) Explanation Explanation/Reference: Explanation: Data modeling language for the definition of data sent over the NETCONF network configuration protocol. Many network management protocols have associated data modeling languages. The first widely deployed Internet standard for network management was the Simple Network Management Protocol (SNMP). Reference: https://en.wikipedia.org/wiki/YANG

38 Which two queries are supported to access objects within the ACI Management Information Tree? (Choose two.) A. DN query B. fabric query C. RN query D. class query E. property query

AD Section: (none) Explanation Explanation/Reference: Explanation: Visore is a read-only management information tree (MIT) browser. It enables distinguished name (DN) and class queries with optional filters. Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/aci-fundamentals/b_ACI-Fundamentals/ b_ACI_Fundamentals_BigBook_chapter_01001.pdf

47 Which two northbound protocols are supported by the Cisco NSO Controller? (Choose two.) A. REST B. SOAP C. OpenFlow D. NETCONF E. PCEP

AD Section: (none) Explanation Explanation/Reference: Explanation: Which northbound interfaces does NSO support? The following interfaces are auto-rendered for all services and devices: CLI: for network engineers that prefer a Juniper or Cisco style command-line interface Web interface: for network engineers that prefer a graphical interface (the Web interface is highly customizable) REST: for programmatic access (exactly the same feature set as the CLI and Web interface) Java/C: for building custom applications and service provisioning logic JavaScript: for embedding NSO functions in portals NETCONF: for importing and exporting XML configurations SNMP: for reading status and receiving NSO alarms Python: for scripting network wide configuration changes Reference: https://developer.cisco.com/site/nso/help/faq/

9 An organization leverages a multivendor network to sell connectivity services using Layer 3 VPN and VPLS. Where possible, the organization wants to use common APIs across vendors, in order to automate the configuration of network services. Which technology should be organization consider for the southbound interface? A. BGP-LS B. OpFlex C. OpenFlow D. NETCONF E. PCEP

ADE Section: (none) Explanation Explanation/Reference: Explanation: Other technologies for southbound interfaces, such as NETCONF, YANG, PCEP, and BGP-LS, also allow controllers to centrally control networks. Reference: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ahUKEwiw1-vLu7nOAhXBAxoKHZUrCp4QFggcMAA&url=http%3A%2F%2Fwwwfile.huawei.com%2F~%2Fmedia%2FCNBG%2FDownloads%2FTechnical%2520Topics%2FFixed%2520Network%2FWP-SDN%2520WAN%2520V12EN&usg=AFQjCNHnjUfA7rYGbt2g4W5Kni1gJDyNnw&sig2=h9HG66D_RfmkWb0zw_7uZQ&bvm=bv.129422649,d.bGs&cad=rja

48 The Cisco APIC REST API supports which two methods? (Choose two.) A. POST B. PATCH C. PUT D. OPTIONS E. GET F. RESET

AE Section: (none) Explanation Explanation/Reference: Explanation: The API supports HTTP POST, GET, and DELETE request methods Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/api/rest/b_APIC_RESTful_API_User_Guide/ b_IFC_RESTful_API_User_Guide_chapter_010.html

2 Which two statements about OpenFlow are true? (Choose two.) A. The OpenFlow flow table contains header fields, counters, and actions B. OpenFlow automatically determines network forwarding rules. C. OpenFlow interfaces with the management plane D. OpenFlow is a southbound protocol E. OpenFlow is an agentless technology, like Ansible F. OpenFlow is a northbound protocol

AF Section: (none) Explanation Explanation/Reference: Reference: http://archive.openflow.org/documents/openflow-spec-v1.0.0.pdf

The network operator asks you to change the config setting on one specific host. All 300 hosts are managed with Puppet. Which action results m the requested Change? A. This is an unsupported feature of Puppet, and Chef or Ansible must be used to make this change. B. Go to that host and make the config change. Puppet sees the local override and skips that part. C. Add an if statement to the Puppet manifest, and add specific config settings, in case Puppet is running on that host. D. Add a node-based variable lookup override in Hiera, so that if Puppet runs on that host, it takes the variable from Hiera.

Answer: B

How is a service ticket used when constructing a Cisco APIC-EM API request? A. to identify the service type B. to identify a service on the controller C. to determine the request type D. as a security token

Which statement indicates that an element in a YANG data model contains data that describes operational state information about the device or service? A. state true B. config false C. mode state D. state enabled

B - All data nodes in "ietf-module-revision-management" are "config false", and thus accessible in the operational state datastore.

44 Which authentication method can be used to access the ACI APIC controller? A. REST API using HTTP and header-based authentication B. REST API using HTTPS and JSON-formatted username/password payload C. SOAP API using header-based authentication D. REST API using SSL and header-based authentication

B Section: (none) Explanation Explanation/Reference: Explanation: The primary authentication method uses a username and password and the APIC REST API returns an authentication token that can be used for future access to the APIC. Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_KB_Signature_Based_Transactions.html

55 How many Cisco APIs must fail, in order for a customer running an ACI fabric with a cluster of five APICs to experience data loss? A. 4 B. 3 C. 1 D. 2 E. 5

B Section: (none) Explanation Explanation/Reference: Reference: http://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/unified-fabric/white-paper-c11-730021.html

66 Refer to the exhibit. Which action effectively secures the controller? A. Enable HTTP to HTTPS redirect. B. Require complex passwords. C. Use NUT on the router before the controller. D. Blacklist the public WAN. E. Whitelist the Admins network and block all others.

B Section: (none) Explanation Explanation/Reference:

1 How are authentication credentials sent in a Cisco APIC REST API authorization request? A. by using OAuth B. in a token in the header C. by using Basic Auth D. in JSON in the payload

B Section: (none) Explanation Explanation/Reference: Explanation: Authentication to the REST API for username/password-based authentication uses a special subset of request URIs, including aaaLogin, aaaLogout and aaaRefresh as the Dn target of a POST operation. Their payloads contain a simple XML or JSON payload containing the MO representation of an aaaUser object with attributes name and pwd defining the username and password, for example: <aaaUser name='admin' pwd='insieme'/>. The response to the POSTs will contain an authentication token as both a Set-Cookie header as well as an attribute to the aaaLogin object in the response named token, for which the XPath is / imdata/aaaLogin/@token if encoded as XML. Subsequent operations on the REST API can use this token value as a Cookie named "APIC-cookie" to have future requests authenticated. Reference: http://aci-troubleshooting-book.readthedocs.io/en/latest/rest.html

45 What is the best way to specify the location of Python within a script? A. #!usr/bin/env bash B. #!usr/bin/env python C. #!usr/local/bin/python D. #!usr/bin/python E. #!/scriptname

B Section: (none) Explanation Explanation/Reference: Explanation: If you have several versions of Python installed, /usr/bin/env will ensure the interpreter used is the first one on your environment's $PATH. The alternative would be to hardcode something like #!/usr/bin/python; that's ok, but less flexible. Reference: http://stackoverflow.com/questions/2429511/why-do-people-write-usr-bin-env-python-on-the-first-line-of-a-python-script

49 Which tool streamlines the development of network applications? A. Java Runtime Engine B. software development kit C. command-line interface D. General Public License E. package management system

B Section: (none) Explanation Explanation/Reference: Explanation: Streamlines software development and integration effort required for advanced imaging and vision applications Imagine software developers could run their entire imaging / vision project on the (more familiar) CPU environment, while the code automatically gets translated and optimized on the (more power-efficient) DSP - With the CEVA Application Developer Kit (ADK) it is now possible Reference: http://www.ceva-dsp.com/Application-Developer-Kit

54 Which field in Visore can you use to find a unique instance of a managed object? A. IcOwn B. dn C. class name D. classld

B Section: (none) Explanation Explanation/Reference: Explanation: To query for a particular class, enter the class name in the Class or DN field and click Run Query. Visore sends aconfigResolveClass method to Cisco IMC and the requested MO is displayed in a tabular format Reference: http://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/c/sw/api/2-0/b_Cisco_IMC_api_2_0/b_Cisco_IMC_api_2_0_appendix_01000.html

30 What is the top-level object for the MIT in ACI? A. home B. root C. uni D. top

B Section: (none) Explanation Explanation/Reference: Reference: http://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/aci-fabric-controller/white-paper-c11-729999.html (See the Figure 2).

39 Refer to the exhibit. A network engineer created a Bash script to automate some network device tasks. What are two potential risks when a network operator runs this script as written? (Choose two.) A. The script results in network devices losing connectivity. B. The script executes too slowly. C. The script configures unintended commands. D. The script exposes users' passwords. E. The script passes configuration data in cleartext.

BC Section: (none) Explanation Explanation/Reference:

61 Which two protocols use YANG as an underlying data modeling language? (Choose two.) A. SOAP B. NETCONF C. RESTCONF D. REST E. HTTP F. SSH

BC Section: (none) Explanation Explanation/Reference: Explanation: One result of the popularity of YANG is that now operators wanting to develop their own protocol for management use YANG as the data modeling language. This includes CoMI, which defines a management interface for constrained devices. Even among existing protocols NETCONF and RESTCONF, there are different encoding Reference: https://www.internetsociety.org/publications/ietf-journal-november-2015/yang-netconf

59 Which two protocols can the Cisco APIC-EM use to communicate with supported platforms? (Choose two.) A. OpFlex B. SNMPv2c C. SSH D. HTTPS E. RPC F. OpenFlow

BC Section: (none) Explanation Explanation/Reference: Explanation: The Cisco APIC-EM communicates with its supported platforms using the following protocols: • SNMPv2c or SNMPv3 • Telnet or SSH Reference: http://www.cisco.com/c/en/us/td/docs/cloud-systems-management/application-policy-infrastructure-controller-enterprise-module/1-0-x/deploy-guide/b_apicem_deploy_guide_v_1_0_0_x/b_apic-em_deploy_guide_v_1_0_0_x_chapter_01.pdf

13 What are two node types in a YANG data model? (Choose two.) A. grouping B. leaf C. container D. module E. instance

BC Section: (none) Explanation Explanation/Reference: Explanation: The nodes types (for data modeling) are: leaf node - contains a single value of a specific type container node - contains a grouping of related nodes containing only child nodes, which can be any of the four node types Reference: http://www.cisco.com/c/en/us/td/docs/iosxr/ncs5000/DataModels/b-Datamodels-cg-ncs5000/b-Datamodels-cg-ncs5000_chapter_00.html

26 After completing the Open SDN Controller setup wizard, the configuration does not get applied. Which two log files should you check to determine the errors that occurred? (Choose two.) A. /var/log/node_config_state.log B. /var/log/platform_services.log C. /var/log/ansible.log D. /var/log/messages.log E. /var/log/controller.log

BC Section: If configuration does not complete: Check ansible.log and platform_services.log (located in the /var/log/ directory) to determine the errors that took place and make the necessary fixes. Source - https://www.cisco.com/c/en/us/td/docs/net_mgmt/open_sdn_controller/1-2/install/guide/b_OSC12_Install_Guide/b_OSC12_Install_Guide_chapter_01.html

50 Which two installable packages does the Cisco API Python SDK require? (Choose two.) A. ciscoasi B. acimodel C. modpy-aci D. acicobra E. ciscopython F. aci-toolkit

BD Section: (none) Explanation Explanation/Reference: Explanation: Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/api/python/install/b_Install_Cisco_APIC_Python_SDK_Standalone.html

12 Which two security techniques are important to implement a secured management network that is used to access the management plane of a Cisco APIC cluster? (Choose two.) A. VRFs B. NAT C. ipfilter D. ACLs E. route maps

BD Section: (none) Explanation Explanation/Reference: Explanation: The Cisco APIC-EM should never be directly connected to the Internet. It should not be deployed outside of a NAT configured or protected datacenter environment. Each contract is defined by a name and by filters (ACLs). Filters are a collection of layer 4 protocol and ports. Reference: http://www.cisco.com/c/en/us/td/docs/cloud-systems-management/application-policy-infrastructure-controller-enterprise-module/1-0-x/deploy-guide/ b_apic-em_deploy_guide_v_1_0_0_x/b_apic-em_deploy_guide_v_1_0_0_x_chapter_0100.pdf http://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-731960.html

Answer: A, C QUESTION: 70 Which statement about sharding in ACI is true? A. Sharding is the technology that is designed to prevent "split-brain" scenarios in ACI B. Sharding is the service that presents the API on a Cisco APIC C. Sharding is the mechanism for distributing the database and configuration changes on a Cisco APIC cluster. D. Sharding is the distributed topology that is used in ACI (also referred to as spine-leaf

5 Which network configuration protocol uses JSON as a data representation format? A. NETCONF B. SOAP C. RESTCONF D. HTML

C - REST was created to address the problems of SOAP. Therefore it has a more flexible architecture. It consists of only loose guidelines and lets developers implement the recommendations in their own way. It allows different messaging formats, such as HTML, JSON, XML, and plain text, while SOAP only allows XML

23 Which network is used by default for cluster sync between Cisco APICs? A. out of band management network B. VXLAN overlay network C. in-band management network D. infra-VTEP network

C Section: (none) Explanation Explanation/Reference:

60 Refer to the exhibit. To make this code work properly, which line of code should you insert at the blank line? A. r = requests.get(url, headers=header, verify=False) B. r = requests.post(url, data:payload, headers:header, verify:False) C. r = requests.post(url, data=payload, headers=header, verify=False) D. r = requests(method="POST", url, data=payload, headers=header, verify=False)

C Section: (none) Explanation Explanation/Reference:

53 In ACI, where is a concrete object in the MIT most often located? A. hypervisor DB B. integrated Layer 4 to Layer 7 device C. switch ASIC D. leaf or spine

C Section: (none) Explanation Explanation/Reference: Explanation: • Resolved = created by the APIC as a unit/object to communicate and pass information to the switches • Concrete = objects used by the switches to program hardware Reference: https://clnv.s3.amazonaws.com/2015/usa/pdf/BRKACI-2101.pdf

34 Refer to the exhibit. Which Linux command provides output that is similar to the output in the exhibit? A. cat/etc/hosts B. tcpdump -a C. ifconfig -av D. netstat -an

C Section: (none) Explanation Explanation/Reference: Explanation: One of the most dearest commands to every linux admin is 'ifconfig'.Linux ifconfig command provides a convenient way to view or modify the network settings of a network interface. Most of the time, ifconfig command is used to get the information about network interface configurations. However, ifconfig also reports many other useful information related to the status of network interface. Reference: http://blmrgnn.blogspot.com/2014/01/linux-ifconfig-command-output-explained.html

56 Which command tests a REST API? A. nc B. tcpdump C. curl D. telnet

C Section: (none) Explanation Explanation/Reference: Explanation: Test your REST api from the command line, you can use curl. Reference: http://www.codingpedia.org/ama/how-to-test-a-rest-api-from-command-line-with-curl/

10 Which statement is used to associate a submodule and a parent module in a YANG data model? A. import B. namespace C. include D. belongs-to

C Section: (none) Explanation Explanation/Reference: Explanation: The "include" statement is used to make content from a submodule available to that submodule's parent module, or to another submodule of that parent module. Reference: https://tools.ietf.org/html/rfc6020

70 Which statement about sharding in ACI is true? A. Sharding is the technology that is designed to prevent "split-brain" scenarios in ACI. B. Sharding is the service that presents the API on a Cisco APIC. C. Sharding is the mechanism for the distributing the database and configuration changes on a Cisco APIC cluster. D. Sharding is the distributed topology that is used in ACI (also referred to as spine-leaf).

C Section: (none) Explanation Explanation/Reference: Explanation: The Cisco APIC cluster uses a technology from large databases called sharding to distribute data among the nodes of the cluster. Data stored in the APIC is portioned to shards. Each shard has three replicas that are stored in the three controller nodes. For each shard, one controller is elected as leader and the rest are followers. Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/kb/b_kb-aci-stretched-fabric.html

Which two tools help you to program against Nexus APIs? (Choose two.) A. Jenkins B. Cisco Nexus 1000v C. VIRL D. DevNet sandboxes E. Cisco Open SDN Controller

C,D

57 Which two statements about IOS XE on a Cisco CSR1000v Router programmatic interface are true? (Choose two.) A. It supports I2RS. B. It supports open YANG data models C. It supports BGP-LS/PCEP as a southbound interface D. It supports RESTCONF E. It supports OpFlex

CE Section: (none) Explanation Explanation/Reference:

29 Which two protocols are examples of southbound APIs? (Choose two.) A. VXLAN-GPE B. LLDP C. NETCONF D. IPFIX E. SYSLOG F. OpFlex

CF Section: (none) Explanation Explanation/Reference: Explanation: Communication between the controller and network devices, ACI supports OpFlex and RESTful API for the southbound protocols. Reference: http://www.networkcomputing.com/networking/understanding-openflow-vxlan-and-ciscos-aci/551182896

Which feature enables service function chaining to steer traffic to virtual network functions? A. GRE B. VXLAN C. EH D. NSH E. REST

33 Which statement about agentless configuration management system is true? A. It requires managed hosts to have an interpreter for a high-level language such as Python or Ruby. B. It uses existing protocols to interface with the managed host. C. It uses compiled languages as the basis on the domain-specific language to interface with managed hosts. D. It requires managed hosts to connect to a centralized host to receive updated configurations. E. It requires a software package to be installed on the managed host.

D Section: (none) Explanation Explanation/Reference: Explanation: Adding the managed hosts to Management Server using an agentless configuration Reference: https://www.veritas.com/support/en_US/article.DOC6776

67 Which statement indicates that an element in a YANG data model contains data that describes operational state information about the device or service? A. state true B. config false C. mode state D. state enabled

D Section: (none) Explanation Explanation/Reference:

62 How is a service ticket used when constructing a Cisco APIC-EM API request? A. to identify the service type B. to identify a service on the controller C. to determine the request type D. as a security token

D Section: (none) Explanation Explanation/Reference: APIC-EM uses token based authentication. So the first request that we need to make is to create a token which in APIC-EM is called a service ticket. This service ticket is used to both allow and control access to the APIs, and is required for all API calls other than the one made to create the ticket.

8 Which computer security concept is violated when a web server is written that uses the "root" account for all interactions with a Linux system? A. RBAC B. PermitRootLogin C. certificate-based authentication D. principle of least privilege

D Section: (none) Explanation Explanation/Reference: Explanation: Least privilege: This principle applies a need-to-know approach to trust relationships between security domains. The idea, which originated in military and intelligence operations, is that if fewer people know about certain information, the risk of unauthorized access is diminished. In network security, this results in restrictive policies, where access to and from a security domain is allowed only for the required users, application, or network traffic. Everything else is denied by default.

20 Which communication mechanism does NETCONF use? A. SOAP over HTTPS B. YAML over SSH C. YAML over HTTPS D. RPC over SSH

D Section: (none) Explanation Explanation/Reference: Explanation: NETCONF uses a simple RPC-based mechanism to facilitate communication between a client and a server. The client can be a script or application typically running as part of a network manager. The server is typically a network device. The terms "device" and "server" are used interchangeably in this document, as are "client" and "application". Reference: https://tools.ietf.org/html/rfc6241

51 What is the main benefit of having an out-of-band management network for an infrastructure controller? A. Data plane disruption is less likely. B. It provides separation on the management and data planes. C. Configuration of the controller is faster and simpler D. It is less expensive.

D Section: (none) Explanation Explanation/Reference: Explanation: Out-of-band management is presented as a more efficient way to cut costs and improve service levels and productivity. Reference: http://www.it-administrator.de/download/whitepapers/Avocent_OutofBandManagement_WP.pdf

16 You can use Visore to accomplish which task? A. Monitor faults and events by using a subscription model B. Read object properties and information C. Update any properties of an object that are not read-only D. Update any properties of an object

D Section: (none) Explanation Explanation/Reference: Explanation: The Managed Object Browser, or Visore, is a utility built into the APIC that provides a graphical view of the managed objects (MOs) using a browser. Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/aci/apic/sw/1-x/api/rest/b_APIC_RESTful_API_User_Guide/ b_IFC_RESTful_API_User_Guide_chapter_0100.html

17 Cisco APIC-EM is used to add network-wide making policy for Cisco Spark users who are connected to a Cisco Catalyst 6500 device. After this change, wireless users complain about a delay in over applications. What is a possible reason for this delay? A. The DSCP-to-CoS mappings were configured incorrectly B. The policy was also deployed to the WLAN controller and overrode C. You cannot automate policy for more than one real-time application at a time D. Policy automation cannot be deployed for wireless and wired elements at the same time

D Section: (none) Explanation Explanation/Reference: Explanation: This value gets plumbed into the policy created on the wireless controller. Based on the user authentication, a configured policy and profile are applied to a specific user on the same WLAN. Reference: http://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-0/WLAN-Bonjour-DG.html

37 Which service does a VIRL host use to validate a license? A. Puppet B. Ansible C. Chef D. SaltStack

D Section: (none) Explanation Explanation/Reference: Explanation: Until you successfully connect to Cisco's SaltStack infrastructure and validate your VIRL license you can expect to encounter a number Reference: http://virl-dev-innovate.cisco.com/workstation.php

41 Which YANG statement defines a block of other statements that can be easily referenced in other areas of a data model? A. grouping B. container C. submodule D. module

D Section: (none) Explanation Explanation/Reference: Explanation: module: A YANG module defines a hierarchy of nodes that can be used for NETCONF-based operations. With its definitions and the definitions it imports or includes from elsewhere, a module is self-contained and "compilable". Reference: https://tools.ietf.org/html/rfc6020

7 Which two statements about YANG are true? (Choose two.) A. YANG was conceptualized by Jerry Yang, former CEO of Yahoo B. YANG provides security beyond SSL 3.0. C. YANG can be executed similarly to a Python script. D. YANG is used by NETCONF to define objects and data in requests and replies E. YANG represents configuration? Operational, and RPC data.

D, E - YANG [1] (Yet Another Next Generation)[2] is a data modeling language for the definition of data sent over the NETCONF network configuration protocol. The YANG data modeling language was developed by the NETMOD [3] working group in the Internet Engineering Task Force (IETF) and was published as RFC 6020 in October 2010. The data modeling language can be used to model both configuration data as well as state data of network elements.

24 YANG modeling supports which two comment styles? (Choose two.) A. A block comment is enclosed within "<--"and"-->". B. A single-line comment starts with "#" and ends at the end of the line. C. A single-line comment starts with "!" and ends at the end of the line. D. A block comment is enclosed within "/*" and "*/". E. A single-line comment starts with "//" and ends at the end of the line.

DE Section: (none) Explanation Explanation/Reference: Explanation: Comments are C++ style. A single line comment starts with "//" and ends at the end of the line. A block comment is enclosed within "/*" and "*/". Reference: https://tools.ietf.org/html/draft-ietf-netmod-yang-00

22 You are developing a YANG data model to represent the functionality of a new network application. Which two YANG statements do you use to organize the model into a hierarchy? (Choose two.) A. module B. grouping C. submodule D. augment E. container

DE Section: (none) Explanation Explanation/Reference: Reference: https://tools.ietf.org/html/rfc6244

65 Which feature enables service function chaining to steer traffic to virtual network functions? A. GRE B. VXLAN C. EH D. NSH E. REST

NSH - A Network Service Header (NSH) is introduced to address market needs for service chaining Offers new functionality and a dedicated service plane The network service header is used to create the service plane Provides traffic steering capabilities AND metadata passing Provides path identification, loop detection, service hop awareness, and service specific OAM capabilities

18 DRAG DROP Drag and drop the network automation protocol on the left to the transport protocol that it supports on the right. Some options are used more than once. Select and Place: