CCNA Data Center DCII 300-165 study guide|CertTree provide you the gateway to success in actual 300-165 Certification Exam.CertTree provides you with the real environment as these products are built by IT examiners so you experience the real exam features in our products. CertTree coverage and accuracy are both excellent. We guarantee that using our CCNA Data Center DCII 300-165 study guide|CertTree will adequately prepare you for your 300-165 exam. There will be hundreds of IT professional who have enough experience in the required domain and looking ahead their career growth.

Share some CCNP Data Center 300-165 exam questions and answers below.
Topic 2, Data Center Infrastructure Security

Which statement about RBAC user roles on a Cisco Nexus switch is true?
A. If you belong to multiple roles, you can execute only the commands that are permitted by both roles (logical AND).
B. Access to a command takes priority over being denied access to a command.
C. The predefined roles can only be changed by the network administrator (superuser).
D. The default SAN administrator role restricts configuration to Fibre Channel interfaces.
E. On a Cisco Nexus 7000 Series Switch, roles are shared between VDCs.
Answer: B


Which statement is true if password-strength checking is enabled?
A. Short, easy-to-decipher passwords will be rejected.
B. The strength of existing passwords will be checked.
C. Special characters, such as the dollar sign ($) or the percent sign (%), will not be allowed.
D. Passwords become case-sensitive.
Answer: A


Which two statements about Cisco Nexus 7000 line cards are true? (Choose two.)
A. M1, M2, and F1 cards are allowed in the same VDC.
B. M line cards are service-oriented and likely face the access layer and provide Layer 2 connectivity.
C. F line cards are performance-oriented and likely connect northbound to the core layer for Layer 3 connectivity.
D. M line cards support Layer 2, Layer 3, and Layer 4 with large forwarding tables and a rich feature set.
E. The F2 line card must reside in the admin VDC.
Answer: A, D


On a Cisco Nexus 7000 Series router, which statement about HSRP and VRRP is true?
A. When VDCs are in use, only VRRP is supported.
B. HSRP and VRRP both use the same multicast IP address with different port numbers.
C. HSRP has shorter default hold and hello times.
D. The VRRP group IP address can be the same as the router-specific IP address.
Answer: D


Which statement about the implementation of Cisco TrustSec on Cisco Nexus 7000 Series Switches is true?
A. While SGACL enforcement and SGT propagation are supported on the M and F modules, 802.1AE (MACsec) support is available only on the M module.
B. SGT Exchange Protocol is required to propagate the SGTs across F modules that lack hardware support for Cisco TrustSec.
C. AAA authentication and authorization is supported using TACACS or RADIUS to a Cisco Secure Access Control Server.
D. Both Cisco TrustSec and 802.1X can be configured on an F or M module interface.
Answer: A


Which GLBP load-balancing algorithm ensures that a client is always mapped to the same VMAC address?
A. vmac-weighted
B. dedicated-vmac-mode
C. shortest-path and weighting
D. host-dependent
Answer: D


By default it will take 10 seconds for authentication to fail due to an unresponsive RADIUS server before a Cisco Nexus series switch reverts to another RADIUS server or local authentication. What is one efficient way to improve the reaction time to a RADIUS server failure?
A. Decrease the global RADIUS retransmission count to 1.
B. Decrease the global RADIUS timeout interval to 5 seconds.
C. Configure the RADIUS retransmission count and timeout interval per server, versus globally.
D. Configure per server a test idle timer, along with a username and password.
Answer: D

Which of the following Cisco Nexus features is best managed with DCNM-LAN?
A. VSS
B. Domain parameters
C. Virtual switches
D. AAA
Answer: C


Which two security features are only supported on the Cisco Nexus 7000 Series Switches? (Choose two.)
A. IP source guard
B. traffic storm control
C. CoPP
D. DHCP snooping
E. Dynamic ARP Inspection
F. NAC
Answer: B, F


Which three items must be configured in the port profile client in Cisco UCS Manager? (Choose three.)
A. port profile
B. DVS
C. data center
D. folder
E. vCenter IP address
F. VM port group
Answer: B, C, D

CertTree is a convenient website to provide training resources for IT professionals to participate in the certification exam. CertTree have different training methods and training courses for different candidates. With these CertTree's targeted training, the candidates can pass the exam much easier. A lot of people who participate in the IT professional certification exam was to use CertTree CCNA Data Center DCII 300-165 study guide|CertTree to pass the exam, so CertTree got a high reputation in the IT industry.


CertTree CCNA Data Center DCII 300-165 study guide|CertTree are the best training materials for this exam. With it you will have a key to success. CertTree CCNA Data Center DCII 300-165 study guide|CertTree are absolutely reliable materials. You should believe that you can pass the exam easily, too. CertTree CCNA Data Center DCII 300-165 study guide|CertTree are bring the greatest success rate to all the candicates who want to pass the exam.