you-books.com
Book menu
  1. Todd Montgomery
  2. CCNA Cloud Complete Study Guide
  3. b01.xhtml
Prev Next

Appendix A Answers to Review Questions

Chapter 1: Fundamentals of Cloud Computing

  1. D. The utility concept of purchasing computing resources enables on-demand access without having to purchase the underlying data center hardware.
  2. D. Scale up refers to adding cloud capacity by increasing the capability of a computing resource.
  3. B, D. Hypervisors and virtual machines implement virtualized network interface cards and Ethernet switches internally for network communications.
  4. C. Hypervisors are virtualization applications that manage virtual machines and manage resource pools for the hosted virtual machines.
  5. B. On-demand server service is a key component of a cloud service offering.
  6. C. Multitenancy is the term that identifies the sharing of a single application between many cloud customers.
  7. A. Data centers must be designed for current and anticipated computing workloads.
  8. C. Memory resource pooling allows for the grouping and allocation of RAM.
  9. A, C, F. The four main cloud deployment models are community, hybrid, private, and public. On-demand, interexchange, and resilient are not valid cloud deployment models.
  10. A, D, E. Common public cloud characteristics include measured or metered service, multitenancy usage, on-demand services resiliency, and ubiquitous access. Tiered service is not valid, and exclusive access is a private cloud attribute.
  11. A, C, F. Infrastructure as a Service, Platform as a Service, and Software as a Service are the three primary cloud service models. The Application, Communications, and Security models may be valid but are not considered primary.
  12. B, D, F. Common cloud characteristics include metered service, elasticity, and ubiquitous access. While interconnectivity, virtualization, and resource pooling help to enable the cloud, they are not considered to be a cloud characteristic.
  13. B. Scale out refers to adding cloud capacity by adding additional virtual machines to spread the workload between a greater number of VMs.
  14. B. Storage area networks (SANs) are high-speed storage communication networks that connect servers to remote storage systems.
  15. C. The hybrid model is a combination of cloud deployment models.
  16. A, C, F. Data center–critical facilities include stable power, cooling systems, and physical security.
  17. A. Interexchange providers offer private interconnects between corporate network and the cloud provider.
  18. C. Virtualization technology was a key enabler of cloud computing by allowing on-demand computing.
  19. B. Public, private, community, and hybrid are common cloud deployment models. Corporate is not considered a cloud deployment model.
  20. A, C. To enable redundancy and high availability, cloud providers structure their data centers into regions and availability zones.

Chapter 2: Defining Cloud Service Models

  1. B. IaaS or Infrastructure as a Service includes the server operating system with the underlying infrastructure but not any applications running on the server.
  2. C. The three primary cloud service models defined by NIST are Infrastructure as a Service, Platform as a Service, and Software as a Service.
  3. C. Public cloud service providers offer geographical areas known as regions for proximity to customers.
  4. B. Software as a Service is a cloud-based service that includes all underlying infrastructure, the operating systems, and the application.
  5. B. An availability zone is a separate and redundant facility in a region that allows for resiliency and failover should another availability zone in the region fail.
  6. B, C, D. Infrastructure is the key word in this question and indicates that hardware, such as memory, storage, and CPUs, is included, but higher-level services such as Linux, domain name services, or object brokers are the responsibility of the customer.
  7. B. IaaS stands for Infrastructure as a Service. All other answers offered are not valid.
  8. C. SaaS or Software as a Service is the NIST service model offering full-stack services up to and including applications such as e-mail and big data.
  9. A, C, E. Isolating virtual machine instances is a security step taken in the shared public cloud, VPNs offer encryption services, and firewalls are network-level security devices.
  10. A, C. Both enterprise resource planning and analytics are considered applications that are included in the Software as a Service model but not as a Platform as a Service offering.
  11. B. IaaS or Infrastructure as a Service is the NIST service model that addresses basic data center infrastructure such as servers, CPUs, memory, routing/switching, and storage.
  12. C. PaaS stands for Platform as a Service. All other answers offered are not valid.
  13. C. Infrastructure as a Service or IaaS is the most prevalent cloud service model that defines the underlying data center infrastructure operations but does not include any operating systems or applications, which remain the responsibility of the cloud customer.
  14. C. SaaS stands for Software as a Service. All other answers offered are not valid.
  15. C. IaaS or Infrastructure as a Service offers the basic data center infrastructure and services that are similar to private data centers and are frequently deployed by corporate IT administrators.
  16. B. CaaS or Communications as a Service would host IP telephones, videoconferencing, and collaboration. While SaaS and XaaS may also apply, CaaS is more specific. PaaS does not include applications.
  17. B. Of the answers offered, only Google Compute Engine is in the PaaS service model category.
  18. C. When implementing the Platform as a Service in the cloud, the application software must be provided by the customer.
  19. D. With so many service models being offered in the market, XaaS, or Anything as a Service is now a defined service model.
  20. B, D, F. Only IaaS, PaaS, and SaaS are primary service models; all others such as CaaS, XaaS, and DRaaS are not the primary service models.

Chapter 3: Understanding Cloud Deployment Models

  1. A. The public deployment model is accessed by the general public and hosted in the service provider’s data center.
  2. C. Cloud bursting is the ability to use cloud services for additional compute capacity on demand.
  3. C. Public, private, community, and hybrid are the four primary cloud deployment models defined by NIST.
  4. A. The public cloud is shared by many customers across a wide spectrum of businesses.
  5. D. Public, hybrid, and community clouds are shared models; the private cloud is exclusive to one company.
  6. C. Cloud bursting is the ability to use cloud services for additional compute capacity on demand.
  7. B, C. Resource pooling allows for the dynamic allocation and sharing of compute resources such as CPU, memory, storage, and networking.
  8. D. Private deployment models are not shared and allow the most end-user control.
  9. C. Cloud bursting refers to the ability to access additional compute capacity in a remote cloud data center.
  10. A, B, E. U.S. regulations such as Sarbanes-Oxley (SOX), Payment Card Industry Data Security Standard (PCI DSS), and the Health Insurance Portability and Accountability Act (HIPAA) are all natural fits for companies wanting to utilize a specialized community cloud deployment model that allows them to meet regulatory requirements.
  11. A. Public cloud deployments follow the pay-as-you-go usage model.
  12. C. The service level agreement is a service provider document that details the metrics to be delivered to the customer.
  13. A. Private, hybrid, and community clouds are well suited for hosting critical applications. The public clouds are orientated towards mainstream applications.
  14. D. A hybrid cloud is the interconnection between two or more cloud deployment models.
  15. C, D. Community and private clouds may exist on or off the premises, as outlined in the NIST definitions.
  16. B. Public cloud deployments offer scalability and on-demand provisioning and prevent the company from purchasing peak server capacity that sits idle most of the year.
  17. B. Public clouds that have provider proprietary implementations may cause vender lock-in and lack of portability to migrate to another cloud provider.
  18. B, D, E. Common customer interfaces used to manage a public cloud deployment include the application programmable interface, command-line interface, and browser’s graphical interface.
  19. B. Of the answers given, elasticity best describes the ability to react to load demands.
  20. D. The hybrid model is the interconnection of two or more cloud models.

Chapter 4: Introducing the Cisco Intercloud Solution

  1. A, C, E. The Cisco Intercloud Fabric interconnects public, private, and Cisco business partner clouds with a single management portal and secure interconnections.
  2. A, D. The Cisco Intercloud Fabric includes a self-service management portal and encrypted interconnections between the private and one or more public clouds.
  3. B, D. The Intercloud solution comes in two unique application models that are designed to work together as a complete solution. Cisco Intercloud for Provider is for end cloud providers that are part of the Intercloud partner cloud offering. These are your commercial cloud providers that offer consumer services through Intercloud. Cisco Intercloud for Business is the traditional model for end consumers and corporations that want to use Cisco Intercloud.
  4. F. Intercloud is designed to support all the major public cloud platforms including AWS, Azure, and the Google cloud platform as well as the cloud offerings of Cisco’s business partners.
  5. A, B, C, F. The Intercloud Fabric Director (ICFD) is a single point of management for end users and IT administrators of hybrid cloud services included with Intercloud Fabric Director including monitoring, user management, service catalog, policy management, VM management, and customized portals.
  6. B, D. The Virtual Security Gateway is a virtual appliance based on the Nexus 1000v that uses Cisco Virtual Path (vPath) technology to abstract the forwarding plane, and it allows inline traffic redirection.
  7. A, C, D. The Intercloud Fabric Extender, Fabric Director, and Virtual Security Gateway are all components of the Intercloud solution.
  8. C. The Intercloud Director is a centralized management portal for hybrid cloud deployments.
  9. D. The CSR is an IOS-XE router running as a virtual machine.
  10. B. The VSG or virtual security gateway provides edge security and firewall services for the Intercloud Fabric to protect VM-to-VM and VM-to-edge security.
  11. B. The Intercloud Fabric Switch (ICS) provides a virtualized layer 2 Ethernet switch for local switching.
  12. C. Having layer 2 extensions between cloud data centers is a feature of the Intercloud Secure Extension or ICX application.
  13. A, D. The Cisco Intercloud Fabric Extender and private clouds are part of the Intercloud product offering. However, community clouds and resource pools are not.
  14. A, C. Cisco Intercloud offers a central management portal, a service catalog, and secure interconnections to public, private, and Cisco partner clouds. Intercloud is not limited to any specific hypervisor system.
  15. A, C. The Intercloud Secure Extension’s primary function is to interact with the private cloud or on-site switch and to initiate the secure tunnel to the far-end public Intercloud Fabric.
  16. A. The Intercloud Secure Extension is the initiator of the secure tunnel, encapsulates Ethernet frames into IP packets, and uses Datagram Transport Layer Security to ensure confidentiality.
  17. B. The public cloud VMs run an agent referred to as the Intercloud Fabric Agent (ICA). This agent provides an overlay in the cloud environment that tunnels to the ICS for VM-to-VM communication. Overlay statistics are also collected via the agent and used for monitoring.
  18. A. The Cisco Secure Intercloud Fabric Shell is the high-level grouping of all Cisco Intercloud Fabric products.
  19. C. Intercloud Fabric for Providers interconnects and communicates directly with Azure and AWS via their own APIs. Any other provider or managed service offering would use Intercloud Fabric for Providers to offer the services to customers.
  20. A. The Cisco Intercloud routing services can be integrated with the ICF components or run as a separate VM image that is referred to as CSR and includes features such as inter-VLAN routing, direct network access to virtual machines, network address translation, and edge firewall services.

Chapter 5: The Cisco Unified Computing System

  1. C. The USC Manager stores server boot configuration information on the Profiles tab.
  2. C. WWNs are a globally unique Fibre Channel address assigned by the host bus adapter manufacturer to uniquely address a Fibre Channel interface in a storage area network.
  3. C. XML APIs allow machine-to-machine automation, configuration, and management from third-party vendors.
  4. D. UCS Central is the global application that manages and monitors one or more UCS domains.
  5. B, C. 6300 series fabric interconnects utilize both 10Gbps and 40Gbps interfaces.
  6. A, C, D. The UCS 6300 series fabric interconnects provide a converged data and storage networking fabric, host the UCSM manager, and act as the interconnect point for the UCS 5108 blade server chassis.
  7. D. UCS Manager is the Cisco-developed application used to manage multiple UCS domains.
  8. B. The UCS Manager application runs on the active/standby model.
  9. B. The UCS 5108 chassis can house either four full-width or eight half-width servers.
  10. A, B, E. The UCS product line features the convergence of compute, networking, and storage technologies into one integrated and centrally managed family of products.
  11. C. The data plane forwarding fabric in the 6300 series fabric interconnects are always in a forwarding mode, or an active/active configuration.
  12. B. The UCS family supports a 10Gb converged switching fabric, a design optimized for virtualized environments, centralized management with the UCSM and UCS Central applications that can support configurations profiles and pools, and a wide selection of device input/output options.
  13. A. An Ethernet layer 3 switched interface is called a switched virtual interface (SVI).
  14. B, C, D. Solid-state drives (SSDs), serial attached storage (SAS), and serial advanced technology attachment (SATA) drives are supported in the C-series product line.
  15. B, D. The unified ports in the 6332-16UP fabric interconnect can be configured to support either native Ethernet or Fibre Channel.
  16. D. UCSM server profiles are assigned to servers in a 5108 chassis to obtain configuration information.
  17. A, B, D, G. UCSM maintains pools of addressing objects that can be dynamically applied to servers in a profile; commonly used pools include UUID, MAC, Mgmt. IP, and WWN.
  18. D. UCS Central manages multiple UCS domains using APIs in the UCS Manager application.
  19. A, B, E, G. The UCS Manager provides objects to configure the 6300 fabric interconnects. Configurations for VSANs, Uplinks, VLAN identifiers, and quality-of-service configurations are stored in UCSM and applied to the fabric interconnect modules.
  20. A, B, D. The primary differences between the B-series and C-series UCS servers are locally connected storage, server, and interface slot density.

Chapter 6: Cisco Data Center Products and Technologies

  1. A, B, F, H. Resiliency, availability, flexibility, scalability, and monitoring are key data center networking attributes.
  2. A. The Nexus 1000 series is a distributed virtual switch and is a software-only product.
  3. C. Fibre Channel storage area networking deployments require a lossless switching fabric.
  4. B. The Nexus 2000 series uses FEX technology and acts as a remote line card connected to a 5000 or 7000 series Nexus switch.
  5. C. The Nexus 5000 series is the parent switch for FEX technology and supports unified ports for converged networking.
  6. B. The data center bridging exchange protocol performs DCB peer discovery, mismatched configuration detection, and peer link configuration.
  7. A. Virtual device contexts logically partition a Nexus 7000 series switch into multiple virtual devices that appear to run their own NX-OS and physical interfaces.
  8. D. The Nexus 9000 series of data center switches was developed to operate in an application-specific infrastructure environment.
  9. D. The Nexus 9000 series of data center switches is designed to support a spine/leaf data center architecture.
  10. D. Software Defined Networking (SDN) replaces manual configurations with a centralized SDN controller that is used to automate network deployments.
  11. A, D, E. The Cisco three-tier network design consists of the access, aggregation, and core layers.
  12. B. Fabric extension (FEX) technology is used to interconnect and control remote Nexus 2000 series switches.
  13. D. FabricPath uses the IS-IS routing protocol to provide a loop-free layer 2 switching fabric that allows for resiliency and a loop-free topology that uses all available interconnecting links.
  14. B. Overlay Transport Virtualization (OTV) is a Nexus feature that interconnects layer 2 VLANS across a router layer 3 network.
  15. D. A virtual port channel enables two Nexus switches to appear as one device when interconnected via a port channel for network resiliency.
  16. D. The Nexus 9000 series, and more specifically the 9200 family, offers multirate high-speed interfaces using SFP+ technology.
  17. A. Software Defined networking (SDN) replaces manual per-device configuration with a centralized controller that allows for network automation.
  18. C. SDN technologies centralize and automate the network control plane.
  19. B. The Application Centric Infrastructure is an SND network and switching fabric developed by Cisco that is a centralized control plane interoperating with a distributed Nexus 9000 network.
  20. A, C. The northbound SDN interface communicates to configuration controllers and uses using a graphical interface or a published application programmable interface (API).
  21. C. The Cisco APIC controller is part of the ACI family and is the central control plane in a Nexus 9000 leaf/spine architecture.

Chapter 7: Server Virtualization in the Cloud

  1. C. A hypervisor is software that allows multiple virtual machines to run on a single server hardware platform.
  2. B. A Type 1 hypervisor runs directly on the server hardware.
  3. B. A Type 2 hypervisor requires an operating system to be installed, and the Type 2 hypervisor runs as an application on the OS.
  4. B, D. VirtualBox and KVM are open source hypervisors.
  5. B, D. The UUID and MAC address are required to be unique on each server and are changed during the cloning process.
  6. A, B, C. A cloned image includes the reference for creating new virtual servers and should include the operating system, service packs, and security configurations.
  7. C. A snapshot is a software copy of a virtual machine at a specific moment in time.
  8. C. A virtual switch is a virtualized Ethernet switch that runs inside a hypervisor and connects the virtual server’s vNICs to the outside Ethernet network.
  9. D. Shared resources, rapid deployment, and portability are all benefits of virtualization.
  10. C. A virtual network interface card (vNIC) is a software representation of a hardware network interface card that virtual machines load to connect to the outside network.
  11. D. Type 1 hypervisors are installed on the computer hardware.
  12. D. Orchestration systems are used to provide self-service cloud operations.
  13. C. The hypervisor control application for EXSi is vCenter.
  14. D. A virtual-to-virtual (V2V) migration is when a virtual machine is migrated from one virtualized server environment to another.
  15. B. Storage volumes can be large, and if there is limited network bandwidth to the cloud provider, an online migration may take a long time.
  16. B. A live migration over the WAN network to the cloud is referred to as an online migration.
  17. A, C, D. Of the answers offered, ESXi, Hyper-V, and KVM are Type 1 hypervisors that are often used in public and private clouds.
  18. A, B, C, F. The bare-metal server supports hardware resources such as NICs, HBAs, RAM, and CPUs.
  19. B, D. The question is asking for hypervisor products. Of the answers offered, KVM and ESXi are both examples of hypervisors.
  20. A. Elasticity is the process of using a pool of computing resources in the cloud to dynamically assign and reclaim resources as needed.

Chapter 8: Infrastructure Virtualization

  1. D. There are more than 16.7 million possible identifiers to be used in the VxLAN format.
  2. B. vPath is a Cisco-developed protocol that can direct the flow of traffic to virtual appliances.
  3. C. Enhanced VxLAN refers to the 1000v’s ability to learn hosts as they come online and distribute MAC addresses to other 1000v VTEPs. This reduces flooding in the environment.
  4. B. EVPN is an address family of BGP and is used to distribute MAC addresses and IP routes throughout the VxLAN fabric.
  5. B, D. The VMware distributed virtual switch and Cisco Nexus 1000v each supports a centralized point of management and does not require host-by-host configuration.
  6. B. Virtual switching operates at the hypervisor level.
  7. C. The 1000v virtual Ethernet module is a line card that connects to vNIC on a virtual server.
  8. A, B, C. Layer 2 connectivity is the prime service of virtual switching. 802.1q trunking and link aggregation control protocol are also supported. DNS is an application, and OSPF is a routing protocol, neither of which is a layer 2 switching function.
  9. D. BGP is a routing protocol and not a switching function. The 1000v supports many protocols including TrustSec, Cisco Discovery Protocol, quality of service, and VM Tracker.
  10. C. The virtual security gateway executes rules and enforces policy from the Prime Services Controller.
  11. B. The cloud services router is a virtualized full-featured Cisco ASR model router with an extensive protocol support list.
  12. A. The Netscaler 1000v is a Citrix virtualized application controller that has an extensive feature list including SSL offload and content switching.
  13. B. Service chains enable service stitching across the virtual environment by redirecting traffic through multiple virtual services before the end device is reached.
  14. C. While D might sound close, SNAT is used to change the source IP address of outgoing packets to something owned by the appliance. An example might be a load balancer. This ensures reply traffic comes back to the load balancer.
  15. A, B, C, D. The CSR supports all of these protocols and more, being a fully functional router and security appliance in the virtual world.
  16. C. VMtracker connects to vCenter to discover the VMs connected and running on the network equipment.
  17. D. While LLDP was true at one point in time, the correct answer here is SPAN. SPAN gives the ability to wire capture traffic as it moves from VM to VM.
  18. B. In 1000v terminology, the Ethernet interface is the representation of the physical connection to the real switch as seen from the 1000v’s perspective.
  19. B. The vmknic is a virtual adapter in the kernel for management, live migrations, IP storage access, and more.
  20. C. The best answer is the configuration group. VMware doesn’t configure or show individual virtual interfaces that connect to each VM. Instead, port groups are used that are assigned to similar VMs. The most common occurrence is the VM identifier.

Chapter 9: Cloud Storage

  1. C. Network-attached storage is available to multiple server systems and clients over a network.
  2. D. Direct-connected storage is the most common connection type in this scenario. Fibre Channel is a remote storage protocol, and RAID is a fault tolerance technique.
  3. C. Pooling is the logical grouping of storage resources to create logical storage volumes for virtualized systems.
  4. C. Tier 3 storage is the correct answer because it is used for low-cost, rarely accessed applications such as data backups.
  5. C. The VMware File System was specifically designed for VM storage deployments.
  6. D. RAID 6 writes two separate parity stripes across the entire array and supports operations when one or two disks in the array fail.
  7. C, D. Microsoft operating systems support both NTFS and FAT.
  8. C. Thick provisioning allows for the maximum volume size at deployment time. Thin provisioning uses less than the maximum, and both Tier 1 and Tier 2 are storage models and not provisioning techniques.
  9. A, C. Both the Extended File System (EXT) and the UNIX File System (UFS) are common in Linux storage environments.
  10. B. Tier 2 storage is less expensive that Tier 1 and is a good solution for many storage requirements such as web, e-mail, and file sharing. Thick and thin are not relevant, and Tier 1 does not meet the requirements of this question because of cost.
  11. B, C. The two primary drive designs found in cloud storage systems are spinning and solid state. NTFS and EXT are both file systems.
  12. A, B, C. Standardized hardware storage interconnects include ATA, SATA, and SCSI. Block and file are not hardware interconnections.
  13. C. Tiering is the process of defining the storage needs of the cloud services consumer and aligning them with the provider’s offerings. RAID is a hardware storage family of redundancy types. Multipathing is a redundant SAN technique, and policies are not related to the question.
  14. B. RAID groups multiple physical disks together for redundancy and performance. Multipathing is a redundancy SAN design, masking is a LUN access process, and tiering is a storage hierarchy technique.
  15. D. RAID 5 allows a drive array to be rebuilt if a single drive in the array fails by recovering the parity data stored across the array. The other offered options do not contain parity data.
  16. C. The UNIX File System (UFS) was developed for UNIX but is not commonly found in many Linux operating systems. FAT, VMFS, and ZTS are all file system types but are not common for UNIX or Linux storage file systems.
  17. D. Thin provisioning allows for a less than maximum volume size at deployment time and dynamically allocates storage capacity as required.
  18. A. Only RAID 0 is the correct answer as the other options offer recovery by writing the same file onto multiple drives, whereas RAID 0 does not.
  19. D. RAID 1 is the correct answer as the other options either do not offer recovery or require more than two disks to be deployed.
  20. B, C. RAID 1+0 and 0+1 combine the striping of RAID 0 and the mirroring of RAID 1.

Chapter 10: Storage Area Networking

  1. C. The host bus adapter (HBA) is a server-based interface card used to connect the server to the storage network.
  2. B, C. A converged network combines LAN and SAN traffic onto a single switching fabric. Ethernet is the standard frame type with Fibre Channel being encapsulated into an Ethernet-based protocol.
  3. B. Network-attached storage is file-based and relies on common file systems such as NFS for Linux and CIFS for Windows.
  4. B, D. iSCSI and FCoE are LAN protocols specifically designed to encapsulate storage traffic for transmission over an Ethernet network.
  5. C. The initiator performs disk requests for functions such as read or write operations.
  6. D, F. Common Internet File System (CIFS) and Network File System (NFS) are standard file systems used in network-attached storage systems.
  7. A. A node port can be an endpoint such as an HBA installed in a server that connects to a SAN switch.
  8. A. An HBA would be defined as a node port, and the SAN switch is a fabric port. So, A is correct. This would be an N_port to F_port SAN connection.
  9. B. A fabric login process is performed when a storage device initially connects to the SAN switch fabric to register its WWN with the SAN fabric.
  10. A. LUN masking is an access control method that can restrict specific initiators’ access to defined SAN storage targets.
  11. C. The iSCSI protocol encapsulates the SCSI protocol into a TCP/IP Ethernet packet.
  12. B. A VSAN logically segments a Fibre Channel SAN switch into multiple logical SANs with each VSAN providing network serveries such as login and initiator to target communications.
  13. A, C. Storage arrays and host bus adapters (HBA) are Fibre Channel–based systems that connect to a SAN.
  14. D, E, H. Fibre Channel, iSCSI, and FCoE are all block-based storage protocols.
  15. A, C, D. SAN permissions allow the cloud administrator to define rights for file operations and access.
  16. B, C. A logical unit number (LUN) is a block of storage that can be created over multiple disks and has a unique identification.
  17. A, B. Network-attached storage systems are file-based and can have authentication and permissions assigned.
  18. A. Fibre Channel over Ethernet (FCoE) encapsulates a Fibre Channel frame into an Ethernet frame so that it can traverse an Ethernet-based switching fabric.
  19. C, E. Converged networks rely on the ability to encapsulate Fibre Channel into an Ethernet frame using standards-based options such as iSCSI or FCoE.
  20. B. The SAN target, which is most commonly a storage array, receives a SAN operation request from the initiator.

Chapter 11: Cisco Storage Product Families and Offerings

  1. D. SAN-OS is the operating system for the MDS product line.
  2. B, D. The UCS fabric interconnect and Nexus products support both storage and LAN converged switch fabrics.
  3. B. The Nexus operating system is based on the MDS SAN switch operating system.
  4. B. The 9222i is a member of the MDS family of SAN switches that supports multiple protocols including iSCSI, FCoE, and FICON.
  5. B. The 9718 MDS SAN switch is a chassis-based product for large-scale deployments.
  6. D. The Nexus 7000 series of chassis-based switches are designed for data center aggregation and core switching.
  7. A. The Nexus Invicta C3124SA offers SSD storage arrays as part of the UCS family.
  8. A, B. Both the MDS 9100 and 9200 series products are used for SAN extension deployments.
  9. C. The MDS 9300 product family is designed for top-of-rack and end-of-row designs.
  10. D. The MDS 9700 products are large-scale high-availability core SAN switches.
  11. A. A SAN interswitch link (ISL) interconnects SAN switches.
  12. B, C. The MDS 9700 and Nexus 7000 series offer redundant supervisors that enable ISSU support.
  13. B, D. The Invicta C3124SA flash storage appliance supports both Fibre Channel and iSCSI communication protocols.
  14. C. The MDS 9300 series switches are designed for medium-size deployments and offer both 48 and 96 ports.
  15. A. The MDS 9100 series switches are designed for small or edge SAN implementation.
  16. B. The Cisco Data Center Network Manager application can be used to configure, monitor, and manage an MDS-based SAN.
  17. D. Fibre Connection or FICON is an IBM mainframe storage interconnect.
  18. C. NX-OS is the operating system for the Nexus product line and is derived from the SAN-OS MDS operating system.
  19. D. Virtual SANs (VSANs) are supported on the complete line of Cisco MDS SAN switches.
  20. C, D. Both the local and remote switchport analyzer ports can be used to mirror traffic for monitoring and troubleshooting.

Chapter 12: Integrated Cloud Infrastructure Offerings

  1. D. Express is one of the FlexPod offerings, along with Select and Datacenter.
  2. D. Dell/EMC is the actual provider of the reference architecture known as VSPEX.
  3. C. POD is a term that refers to a group of devices or infrastructure designed for a certain requirement, network service, or application.
  4. B. 350 is a valid offering of Vblock, along with 240, 340, 540, and 740 as of this writing.
  5. A. Vblock only allows VMware.
  6. A. Red Hat OpenStack uses Ceph storage.
  7. D. FlexPod is the offering from NetApp and Cisco.
  8. B. Vblock AMP or Advanced Management POD refers to the separate management component of Vblock.
  9. A. Select is a FlexPod offering, along with Datacenter and Express.
  10. C. Vblock is known for being an all-in-one integrated solution. FlexRack isn’t a real solution. The others are more reliant on reference architectures.
  11. C. FlexPod Select is especially designed for big data and other select applications.
  12. C. The Cisco UCS blade or B-series is commonly found in several offerings.
  13. A. According to Cisco, one of the goals with OpenBlock is reduced operating costs.
  14. B. Dell/EMC offers support for VSPEX reference architectures. The others aren’t Dell/EMC or aren’t reference architectures.
  15. C, D. Express focuses on both Hyper-V and VMware.
  16. C. VCE is the collaboration between Dell/EMC and Cisco. It also partners with VMware and Intel.
  17. D. Of the options listed, FlexPod works more off a collaboration between Cisco and NetApp. Both vendors work together to troubleshoot. One could call either vendor.
  18. B. Vblock has an option to have Cisco’s Application Centric Infrastructure (ACI) be installed.
  19. B. Of these, Vblock is the correct answer. VSPEX works, but it isn’t an integrated solution out of the box; it is a reference architecture.
  20. D. Of the options given, the Nexus 9000 series is one of the more often used series in the integrated solutions.

Chapter 13: Configuring Roles and Profiles

  1. C. The multirole access user profile capabilities of UCS Director allow a user to perform more than one role.
  2. B. A user account created directly in UCSD is considered to be a local account.
  3. B. Users with matching job requirements can be placed into groups, and then the group can be assigned a role.
  4. B. The Storage Administrator role has storage orchestration rights.
  5. B. The System Administrator has complete access to all role-based objects.
  6. B. Each user is allowed to belong to multiple roles.
  7. A, D. The predefined user roles in UCS Director allow for fast deployments and ease of use.
  8. C. The Cisco ONE application that contains local user accounts is the UCS Director (UCSD).
  9. B. UCSD supports multivendor environments.
  10. B, C. The system administrator and Group admin role have permissions to create additional roles.
  11. B. UCSD supports multirole access profiles if a user has more than one requirement that would necessitate a need to belong to more than one group.
  12. D. Local groups are created or predefined to support specific user functions in UCSD.
  13. B, D. An individual user can be assigned to more than one role based on their requirements in the organization or if they perform more than one role.
  14. A, B, C. When creating a single user account in UCS Director, the username and e-mail address are mandatory fields, with address, phone number, and first/last name being optional fields.
  15. A. The syntax “username profile_name” is the appropriate login for a user with multiple profiles.
  16. C, D, E. Group Name and E-mail Address are mandatory group fields and the rest are optional.
  17. B. In UCSD, users are assigned to roles where access is defined.
  18. C. The Systems Administrator account is the primary management account in UCS Director.
  19. B. The Group Administrator role is intended to allow an end user the right to add end-user accounts.
  20. A, C. UCSD supports local user definitions and can access remote directory services.

Chapter 14: Virtual Machine Operations

  1. D. UCSD currently supports VMware, Hyper-V, and KVM.
  2. D. The Prime Service Catalog is geared toward end users and connects to UCS Director. It is more polished and meant for the end-user experience.
  3. B. End-user self-service policies are one of the many ways you can limit what a user can do in UCS Director.
  4. A. UCS Director requires network, compute, system, and storage policies to be configured before VMs can be provisioned.
  5. A, B. Both the Prime Service Catalog and UCSD provide self-service catalogs.
  6. C. The Prime Service Catalog is largely focused on the GUI experience and is written in HTML5.
  7. A, B. Both the Prime Service Catalog and UCSD can accomplish this task.
  8. A. The Prime Service Catalog has a focus on this.
  9. A. VMware has the most workflows and out-of-the-box integration with UCS Director.
  10. B. The UCSD network policy controls this.
  11. B. While it could be argued that UCSD does some as well, the Prime Service Catalog is more marketed toward this.
  12. B. Of all the choices, the Prime Service Catalog is the one that has a focus on this functionality.
  13. B. The storage policy is the correct answer in this case.
  14. A. The computing policy controls memory.
  15. B. The Prime Service Catalog is considered above UCSD in the suite. The Prime Service Catalog is the overall portal when used in conjunction with UCSD.
  16. B. The Prime Service Catalog is more suited for this than UCSD. As stated previously, UCSD is primarily an engineering tool. The Prime Service Catalog is meant for reporting, self-service, orchestration, and more. The other answers are an OS and a hypervisor and are not valid answers.
  17. C. OpenStack, Fusion, and Xen are not supported. Red Hat is an officially supported hypervisor.
  18. B. Don’t be fooled by option C. UCSD is primarily meant for the engineers working in IT with automation and orchestration tools. Prime is more polished and meant to look like something end-user customers would use.
  19. D. None of the offered options do this, as A and B are focused on Cisco networking and C is not a product.
  20. B. The Prime Service Catalog is exactly that—an end user portal. UCS Director offers this too, but it’s more for automation and IT users.

Chapter 15: Virtual Application Containers

  1. B. One of the primary advantages of deploying containers is the ability to isolate your public cloud architecture into a private grouping of services that you have complete control over.
  2. B. Containers are logical private clouds and can be administered and managed by the container administrator.
  3. C. Templates are a UCS Director application feature used for defining container resources.
  4. B. Virtual Application Container Segmentation services are a logical construct composed of one or more network tiers that contain either virtualized or physical compute resources in a secured private network in a cloud data center that can be ordered, managed, and removed as a single entity.
  5. C. A virtual application container emulates a private cloud.
  6. C. The Cisco Nexus 1000v virtual switch module is required for layer 2 switching support in a VACS deployment.
  7. A, B, D. The following elements are created and defined when working with templates in UCS Director: virtual accounts, network configuration, virtual machine configuration, security information for the container, gateway router policy, and any options for services and end-user needs.
  8. D. The Cisco UCS Director application features full life-cycle support for virtual application containers.
  9. C. The UCS Director features unified licensing management for VACS deployments.
  10. C. Cisco Prime Services Catalog acts as a storefront where end users can obtain approved container configurations.
  11. D. All VM configurations are maintained when a container is powered off, and the VM will power up with its configuration when power is restored.
  12. D, E, F. Containers require UCSD, 1000v VSM, Prime Services Catalog, and the Virtual Switch Update Manager.
  13. D. The fenced container utilizes a virtual load balancer from F5.
  14. C. The virtualized version of the Application Security Appliance is used for firewall services in VACS.
  15. A, D, E. Firewall applications supported natively in UCS Director include Linux, ASAv, and the Cisco Virtual Security Gateway appliance.
  16. A. UCS Director allows containers to be modified after deployment, which would include the addition and deletion of virtual machines inside the VACS.
  17. A, E, F, G, H. Containers supported in UCS Director include APIC, fabric, VACS, fenced virtual, and virtual security.
  18. B. Deployed containers can be modified when in production.
  19. B. Microsegmentation is a benefit of deploying virtual application containers.
  20. C. The Cisco CSR 1000v is a full-featured router that supports access control lists for network security.

Chapter 16: Intercloud Chargeback Model

  1. A, D, E, F. When creating a chargeback summary report, any cost-based object can be selected including CPU, RAM, network traffic, and unused VM resources.
  2. C. The Budget Watch checkbox in the budget policy configuration will provide a hard stop on resource usage when the budget is reached if it is unchecked.
  3. C, D. Object usage data is stored in daily buckets, which allows for weekly and monthly reporting.
  4. B, D. The Chargeback module supports a dashboard interface and includes chargeback templates. Cost replications and cloning are not valid features.
  5. A, C, D. The UCS Director Chargeback module’s report generation tools allow output files in XLS, PDF, and CSV formats.
  6. B, C, D, G. There is a wide range of cost metrics that can be defined in the Chargeback module including CPU speed or number of cores, the amount of memory consumed, and a one-time deployment of fixed charge.
  7. A. The budget policy defined in the Chargeback module can provide a hard limit on a resource that exceeds a budget value of the cost of its usage.
  8. B. Widgets are included with the Chargeback application software that can be used to customize the dashboard output.
  9. B. Cost models are where you create the costs of resources such as CPU, RAM, memory, storage, and networking and use them as building blocks to create a chargeback policy.
  10. B. UCS B-series hardware can be defined in a cost model for resource usage billing and can be defined as either full- or half-slot servers.
  11. C, D. Usage data is collected by the Chargeback module and is stored in daily and weekly buckets.
  12. B. A VM can be included in a cost model, and charges can be applied for both active and inactive consumption.
  13. B. The Budget Watch checkbox in the budget policy configuration enables the use of a resource after its quota has been reached.
  14. B. Charge duration is the time interval used to measure VM usage. The options are Hourly, Daily, Weekly, Monthly, or Yearly.
  15. B, D. The chargeback cost models for storage include storage traffic as measured in gigabytes per hour and the amount of uncommitted storage. Logical units and VSAN assignments are not valid selections.
  16. C. The value associated with objects are created in the cost model definitions. All other options do not pertain to the question.
  17. B. The Chargeback module polls VMs to collect predefined objects to collect resource usage and produce billing and reporting services.
  18. A, B, D, F. The included top five reports generate the highest cost objects for CPU, VMs, memory, and storage.
  19. B. Costs are assigned to each unit when creating a cost model.
  20. B, C, D. Cost models for VM memory offer the option to measure data transfer in gigabyte per hour, total RAM reserved, and total RAM used.

Chapter 17: Cloud Reporting Systems

  1. A. UCSD cloud analytics offers trending and history. Infrastructure reports do not offer historical information beyond snapshots.
  2. A, B. Both network and storage can be used as items in a cost model for UCS Director.
  3. B. The Virtual infrastructure report found under Assessments is for a health check of the entire virtual infrastructure.
  4. A. The showback model doesn’t charge and uses reporting and documents to show what the costs are for using the infrastructure. This way, the costs are still tracked and can be used for reporting purposes. They are generally used when there are no end customers, only internal customers.
  5. C. Tenants are part of ACI and have a report available on the ACI Reporting tab of UCS Director.
  6. A. UCS Director reporting has basic infrastructure reports. In contrast to CloudSense Analytics, infrastructure reports do not have trend history and are mostly based on current data.
  7. C. Map reports use both color coding and heat maps.
  8. A. A budget policy can be used to prevent or allow groups from going over a predefined limit for charges.
  9. A, C. CloudSense Analytics generates reports in HTML or PDF format.
  10. A, B. The UCSD chargeback module has the top-five reports and a dashboard, as well as cost models, overall reporting, and flexibility.
  11. B. The chargeback model is the most often thought of example. It is the method of charging for services used and consumed by customers or internal departments.
  12. A, B. The VM network details and layer 2 neighbors are two basic reports. The MAC address report is a detailed report.
  13. D. Options A, B, and C are all metrics that can be tracked for chargeback. Power is not tracked for the cost model.
  14. B. CloudSense Analytics includes a billing report that can be generated.
  15. B. The basic infrastructure reports do not offer a historical report.
  16. A. The chargeback reports use the cost model and build a report based on the cost model type.
  17. D. VPC information is from the detailed section of the basic network infrastructure reports.
  18. B. Of the given list, CloudSense Analytics is the one type of reporting that can combine metrics from multiple areas. Infrastructure reports and generic reports do not offer this capability.
  19. A. The Report Builder area on the CloudSense tab allows custom reports, including the duration of the metric, such as the last week or day.
  20. C. The assessment report can verify this; one of its features is verifying the physical infrastructure based on the VMware hardware compatibility list.

Chapter 18: UCS Director Service Catalogs

  1. C. The landing page is the default page when users log into the end-user portal.
  2. B, C, D. Red Hat KVM, Microsoft Hyper-V, and VMware are the currently supported hypervisors.
  3. A. The Virtual Application Cloud Segmentation template is used to deploy traditional three-tier containers easily.
  4. B. Prime Service Catalog is a separate application that can be integrated with UCS Director that adds advanced service catalog capabilities and allows for highly customized catalogs. vCenter is a VMware management product, HTML Director is not a valid product, and charge reports do not apply to the question.
  5. B. Powering on the UCS server is a required step of the bare-metal service catalog workflow.
  6. D. The advanced catalog is meant to combine and build more advanced functionality than just the standard catalog. This is accomplished using workflows.
  7. B. Under Policies ➢ Catalogs is where you’ll find the UCS Director catalogs.
  8. C. This feature can be used to run workflows after the VM has been built.
  9. A. Lease options under customization in the standard catalog offer a quick way to deal with billing, but they are not as robust as the chargeback modules and system used outside of the catalog.
  10. D. The end-user portal is a simple portal with UCS Director that is meant to be used if you have nothing else for catalog ordering. Prime Service Catalog is a far better choice for end-user portal building.
  11. A. The standard catalog provides a simple way to select and order virtual machines for your end users. It is only for VMs.
  12. C. One of the features of the UCS Director end-user portal is the ability to upload and deploy OVFs.
  13. B. The advanced catalog offers many predefined workflows and integration into products such as ACI.
  14. A. This is for a code that is used in the VM name for VMware. You can then use this name to refer to the object or group of objects in templates and policies.
  15. A. The service container catalog offers the ability to combine both physical and virtual resources managed as a single service.
  16. B. Publish To End Users is an option that if not selected will make the catalog invisible to end users.
  17. A. As apparent by the name, the bare-metal catalog is for deploying and ordering physical servers, not virtual ones.
  18. B. Share After Password Reset is one of the three options. The others are Share Template Credentials and Do Not Share.
  19. A. The catalog icon is a set of predefined images the user will see when ordering from the end-user portal.
  20. C. Creating, managing, and reviewing service requests are functions of the end-user portal.

Chapter 19: Cisco Prime Service Catalog Templates and Provisioning

  1. C. Categories are the basic unit to organize and put services into.
  2. A, B, C. These are all items you’ll find on the front page.
  3. A. UCS Director integrates and imports into Prime Service Catalog.
  4. A, C, D. The servers menu portal includes VM operations such as creating snapshots, and suspending and cloning Virtual machines.
  5. A. The search portion of the front page allows a search across all services available to the end user.
  6. C. My Products & Services contain many things for the end user. It’s their dashboard and centralized location to gather reports and metrics.
  7. A. Under Service Designer ➢ Categories ➢ Presentation, you can define what category your service appears in and what subcategory.
  8. A. A URL can be used, and you can also use predefined images or load one from your computer.
  9. B. The shopping cart contains all the services that have yet to be ordered. Remember, some services don’t use the shopping cart and immediately will be ordered upon hitting Submit.
  10. A. You can use the Service Designer’s Permissions page to set custom permissions. They can also be inherited through the UCS Director import and further customized.
  11. A, B. You can skip the validation and not import the certificate, or you can import it. The choice is yours.
  12. A. The ordering mode can change how a service is ordered, meaning whether it goes to the shopping cart or is an immediate order.
  13. A. The nickname is the right answer for reference in multiple areas.
  14. A. Browse Categories is a drop-down box on the upper left of the showcase, or front page.
  15. D. My Products contains the main dashboard for end users, including the ability to manage servers with certain commands under Server.
  16. A. If the shortcut on the showcase doesn’t exist, either the search tool or the Browse Categories link can help you find what you need.
  17. B, D. As of this writing, only three are shown in integrations: UCS Director, Performance Manager, and Cloud Center.
  18. C. The notifications icon looks like a mail icon and is in the upper-right corner of the showcase, serving to notify a user of events.
  19. D. There are currently eight customizable areas on the showcase.
  20. A. Configured on import, the identifier field lets Prime Service Catalog keep track of all integrated external connections.

Chapter 20: Cisco Prime Service Catalog Components

  1. C. Tasks are grouped together to build an overall workflow.
  2. A, B. Both Cisco Process Orchestrator and Prime are a part of the IAC. Cisco Server Provisioner is too, but has been deprecated as of this writing. You might still see it on the test, so watch out for it.
  3. B. Stack Designer, a part of UCS Director, helps you build application stacks and containers.
  4. C. Activities allows differing workflows to be triggered on a condition.
  5. B. Simply, the approval process in workflow designer can be used to stop a workflow and ask for an approval before it continues.
  6. A, C. The supported file transfer protocols for PXE booting are HTTP and TFTP.
  7. B. Triggers can be used to watch for a state, and when that state occurs, a workflow is executed.
  8. C, D. Stateful and stateless are the two trigger types.
  9. B. Component groups in UCSM are linked together in the Application Groups section of the console.
  10. A, B. While not all the features, Northbound APIs and Capacity Management are two of the features.
  11. A. You can skip the validation and not import the cert, or you can import it. The choice is yours.
  12. C. The heat orchestration engine; an OpenStack project does this.
  13. B. The RabbitMQ server is responsible for sending requests to the orchestrator service, one of three components for Stack Designer.
  14. A. The OpenStack Keystone server handles identity management.
  15. A. HOT Templates are often but not always written in YAML.
  16. A. The stack in stack designer refers to a collection of resources, mainly VMs and their associated configurations.
  17. D. Performance Manager, a tool with a unified view into multiple areas of the infrastructure including networking, storage and compute. It can also do capacity planning.
  18. C. AMQP is used in RabbitMQ to exchange messages reliably.
  19. A. Puppet is used for building in Stack Designer.
  20. C. The UCS Performance Manager is also offered in an express version. The large difference is it only does physical and virtual compute. It does not monitor or report on storage and network items, making it not as capable as the full version.

Chapter 21: Cloud Monitoring and Remediation

  1. A. Syslog is the standard for local and remote logging.
  2. A. Widgets can be placed on the Dashboard. Widgets are available through multiple summary statistics throughout UCS Director.
  3. C. UCS Manager can manage only 1 domain and 20 chassis or less. Any higher would require UCS Central.
  4. A. The shell is required because services have to stop for the database to be backed up. This cannot be done from the GUI.
  5. A. Servers on the same stratum level are allowed to mutually peer and synchronize in both directions. This is not allowed between other levels.
  6. A. The Bare Metal Agent uses PXE and DHCP to assist in configuring newly booted machines both virtual and physical.
  7. B, C. Options 66 and 67 are Server Name and Bootfile Name, respectively. Both are used to help the server with where to pull the file from and what the filename is.
  8. C. The Infra Manager log can be viewed at the shell when there is a problem with the portal to see system information. The log is also available via the portal.
  9. A, B. Of the options listed, Complete and In Progress are both valid. The other states are Submitted and Failure.
  10. A. The assessment feature of CloudSense provides a health of the overall virtual infrastructure as well as hardware compatibility.
  11. A. The facility is meant to convey the source and category of a message. It has a field of 0 to 23. Its usage heavily varies between vendors.
  12. A, C, D. Failure is not a level. Emergency, Warning, and Notice are.
  13. A. Level 7 is the highest level and is intended for debugging serious problems. In other words, it produces a lot of messages and is not something that would be turned on routinely.
  14. D. SMTP is the standard for sending mail messages between servers.
  15. B. Report Builder is the tool under CloudSense that allows you to customize your own reports.
  16. C. UCS Central can scale to 10,000 endpoints and multiple UCS domains.
  17. A, B. Both discover and offer are valid messages. The final two are not messages in the DHCP spec.
  18. A, C. The performance and host performance reports are both available in CloudSense. The others are not reports in CloudSense.
  19. B. While some of these answers might yield statistics as asked, the best answer is Performance Manager, which is described exactly as the question states. It is meant as a multidomain tool for statistics and monitoring.
  20. B, C. There are only two versions, Express and the normal version, which is simply named UCS Performance Manager. The Express version is smaller and eliminates all but compute statistics and monitoring.
Prev Next
CCNA Cloud Complete Study Guide
fcover.xhtml
ftitle.xhtml
fcopy.xhtml
fdedication.xhtml
toc.xhtml
f01.xhtml
f02.xhtml
f03.xhtml
f04.xhtml
f05.xhtml
c01.xhtml
c02.xhtml
c03.xhtml
c04.xhtml
c05.xhtml
c06.xhtml
c07.xhtml
c08.xhtml
c09.xhtml
c10.xhtml
c11.xhtml
c12.xhtml
c13.xhtml
c14.xhtml
c15.xhtml
c16.xhtml
c17.xhtml
c18.xhtml
c19.xhtml
c20.xhtml
c21.xhtml
b01.xhtml
b02.xhtml
b03.xhtml
badvert.xhtml
eula.xhtml