[Free] 2019(Nov) EnsurePass Cisco 300-465 Dumps with VCE and PDF 11-20

Get Full Version of the Exam
http://www.EnsurePass.com/300-465.html

Question No.11

An engineer is designing a multitenant data center using Cisco validated design practices. The engineer must ensure that traffic is security segregated between tenants at the core layer and aggregation layers. Which design must be implemented to accomplish this task?

  1. VRF-Lite on the core and aggregation layer routing infrastructure

  2. strict core and aggravation level QoS traffic shaping

  3. strict core and aggregation level QoS policing

  4. disparate VLANs across the core and aggregation layer switching infrastructure

Correct Answer: A

Question No.12

An engineer is designing an infrastructure for storage, networking, and compute. The engineer chooses a NetApp storage solution, in addition to Cisco Nexus 5000 Series and 2000 Series

Switches, Cisco Fabric Interconnects, and a Cisco UCS platform for networking and compute. Which solution must the engineer use to accomplish these design requirements?

  1. Data Center 2.0 design

  2. FlexPod

  3. Vblock

  4. VSPEX

Correct Answer: B

Question No.13

A cloud administrator is considering storage for a deployment. The admin needs a solution that is durable and reliable and fits the need for storing media, web assets, and backups. Which solution meets this need the best?

  1. cloud file storage

  2. cloud block storage

  3. cloud hybrid storage

  4. cloud NFS storage

Correct Answer: C

Question No.14

An engineer is constructing a hybrid cloud solution for a customer and wants to ensure cloud visibility. Which two components are part of identification? (Choose two.)

  1. network management

  2. firewall/deep packet inspection

  3. event analysis and correlation

  4. digital certificates

  5. network flow data collection

Correct Answer: BC

Question No.15

Which two ports are used by Intercloud fabric tunnel ports? (Choose two.)

  1. TCP 6644 and 6646

  2. TCP 6000 and 7010

  3. UDP 6644 and 6646

  4. TCP 7000 and 7010

Correct Answer: AC

Question No.16

A security architect wants to prevent the introduction of a rogue DHCP server. Prevention of this issue occurs at which layer of the Cisco VMDC Cloud Security solution framework?

  1. aggregation layer

  2. virtual access layer

  3. access layer

  4. services layer

  5. WAN/edge layer

Correct Answer: C

Question No.17

A cloud architect is designing a new cloud infrastructure and wants to employ security best practices in the environment. Which Cisco best practice must the engineer consider?

  1. Ensure that AAA is enforced

  2. Minimize vulnerabilities

  3. Minimize the total security cost

  4. Simplify use access to the environment

Correct Answer: A

Question No.18

A system administrator must use Cisco UCS Director to migrate several virtual machines from one host to another without disrupting the workload. In which two ways can the administrator accomplish this task?

  1. migrate VM policy

  2. migrate VM wizard

  3. hot VM migration wizard

  4. hot VM workflow task

  5. migrate VM workflow task

Correct Answer: BE

Question No.19

Which three options describe how isolation can be achieved for VMDC data center security? (Choose three.)

  1. access control lists

  2. intrusion prevention appliances that inspect traffic and detect security events on a -VLAN basis

  3. proper infrastructure hardening

  4. role-based access and authentication

  5. application redundancy

  6. policy enforcement and access control

  7. virtual routing and forwarding tables

Correct Answer: ABG

Explanation:

Isolation provides a secure foundation for multi-tenant data centers and server farms. Depending on the design goals, isolation can be achieved using firewalls; access control lists (ACLs); virtual LANs (VLANs), Virtual Routing and Forwarding tables (VRFs), virtualization, storage networks, and physical separation. In addition, Intrusion Prevention appliances that can inspect traffic and detect security events on a per-VLAN basis can provide an additional level of threat isolation between different tenants. When combined, these can provide appropriate levels of security enforcement to server applications and services for multiple tenants.

Question No.20

To best leverage Cisco UCS stateless computing, the server manager has decided to boot from an existing storage array. Which type of storage must be provisioned for the boot LUNs?

  1. block

  2. hybrid

  3. object

  4. file

Correct Answer: A

Get Full Version of the Exam
300-465 Dumps
300-465 VCE and PDF