Virtualization questions on this certification test your ability to deploy and manage virtualization concepts in scenario-based situations.
Start practicing
Virtualization — choose a session length
Free · No account required
Domain overview
Use this page to practise Virtualization questions for this certification. Focus on how the exam tests virtualization in scenario format — understanding the why behind each answer builds more durable knowledge than memorising options.
Exam objectives
Core Virtualization concepts and how they apply in real-world cloud scenarios.
How to deploy virtualization correctly and verify the outcome.
Troubleshooting virtualization issues by interpreting error output and system state.
Cloud best practices and Virtualization design trade-offs tested by this certification.
Selecting the most expensive service when a simpler managed option meets the requirement.
Forgetting that cloud resources must be explicitly secured — defaults are rarely secure.
Choosing a global service fix when the issue is region-specific.
Overlooking cost implications of cross-region data transfer in architecture questions.
Click any question to see the full explanation and answer options, or start a focused practice session above.
A network engineer is troubleshooting a Cisco IOS-XE router that hosts multiple virtual routing and forwarding (VRF) instances. Users in VRF-A report they cannot reach a server in VRF-B. The engineer verifies that both VRFs have the correct routes and that the router has a route leaking configuration using route-target import/export. However, connectivity still fails. What is the most likely cause?
2A data center uses Cisco Nexus 9000 switches with VXLAN EVPN to provide network virtualization. The operations team notices that VLAN 100 (mapped to VNI 10100) is not reachable across the fabric, although other VLANs work fine. The NVE interface is up, and the EVPN address-family is configured. Which two actions should the engineer take to isolate the issue?
3A network engineer is deploying a Cisco Catalyst 9300 switch as a virtual switch using StackWise Virtual. The switch will connect to two upstream routers for redundancy. What is the best practice for connecting the uplinks?
4A cloud provider uses Cisco ACI to automate provisioning of tenant networks. A new tenant requires a Layer 2 bridge domain that extends to an external Layer 2 network via a VPC. The engineer creates a bridge domain with the settings: Type: Regular, L2 Unknown Unicast: Flood, L3 Unknown Multicast Flood: Flood, and Multi-Destination Flooding: Flood. The VPC is configured as a virtual port channel. The tenant reports that broadcast traffic is not reaching the external network. What is the most likely cause?
5An enterprise uses VMware vSphere to host multiple virtual machines (VMs). The network team wants to implement a virtual firewall on the hypervisor to inspect traffic between VMs on the same ESXi host. Which technology should be used?
6A network engineer configured three interfaces on a switch as shown. A host connected to Ethernet1/2 sends an untagged frame. Which VLAN will this frame be placed into when it reaches Ethernet1/3?
7An engineer configures VXLAN EVPN on a Nexus 9000 switch. The configuration is shown. The switch does not advertise any EVPN routes for VNI 10100. Which configuration change is required to fix this issue?
8Which TWO of the following are benefits of using network virtualization with VXLAN? (Choose two.)
9Which THREE of the following are components of a Cisco ACI fabric? (Choose three.)
10A financial services company has deployed Cisco UCS servers with VMware vSphere 7.0 to host critical trading applications. The network uses Cisco Nexus 9000 switches in a VXLAN EVPN fabric with BGP as the underlay. The environment includes 50 ESXi hosts, each connected via two 40G interfaces to two different leaf switches in a VPC. The VMs are spread across multiple hosts and communicate over VXLAN. Recently, the operations team migrated a set of VMs from an old VLAN-based network to a new VXLAN segment (VNI 50000). After the migration, users report intermittent connectivity issues and packet loss. The engineering team captures traffic and notices that some VMs send ARP requests that are not being replied to, even though the target VM is active. Further analysis shows that the ARP requests are being flooded to all VTEPs, but the replies are not reaching the source. The team checks the underlay and finds no issues with BGP or routing. The NVE interfaces are up, and the VNI is configured. Which of the following is the most likely cause of the issue?
11A network engineer is troubleshooting connectivity issues in a multi-tenant environment where each tenant's traffic is isolated using VRF-Lite. The engineer notices that tenants in the same VRF cannot communicate with each other across different access switches. Which design change should be implemented to enable inter-switch VRF communication?
12An organization is migrating from a traditional three-tier architecture to a leaf-spine fabric using VXLAN EVPN. The design requires that virtual machines can move between racks without IP address changes. Which technology must be enabled at the leaf switches to support this mobility?
13Which TWO statements correctly describe characteristics of virtual device contexts (VDCs) in Cisco Nexus switches?
14A network engineer configured VRF TENANT_A and moved the subinterfaces into the VRF. After the change, the CEF table shows the prefixes but the next-hop addresses are unreachable. What is the most likely cause?
15A service provider uses a Cisco ASR 1000 router to provide MPLS L3VPN services to multiple customers. Each customer has their own VRF. Recently, a new customer was added with VRF CUSTOMER_C. After configuration, the customer reports that they can reach some remote sites but not others. The network engineer checks the VRF configuration and finds that the route targets for CUSTOMER_C are correctly configured. The engineer also verifies that BGP sessions to the PE routers are up. The missing routes are from a site that uses a different PE router. Which action should the engineer take to resolve the issue?
16Which TWO statements about virtual switching in a hypervisor environment are correct?
17Refer to the exhibit. A network engineer has configured VRFs on a router. A packet arrives on Gi0/1/0 with destination IP 10.1.1.2. Which VRF is used for routing this packet?
18A financial company runs a critical trading application in a virtualized environment on VMware vSphere. The application consists of two VMs: App-1 (web server) and App-2 (database server). Both VMs are on the same ESXi host. Recently, users report intermittent slowness during peak trading hours. Monitoring shows that App-1 experiences high CPU ready time (up to 15%) and App-2 has high disk latency (average 50 ms). The ESXi host has 16 vCPUs total (2 sockets, 8 cores each) and 128 GB RAM. The host runs 10 VMs total. App-1 has 4 vCPUs and 16 GB RAM; App-2 has 8 vCPUs and 32 GB RAM. The storage is a shared NFS datastore connected via 1 Gbps Ethernet. The network is 10 Gbps. What is the MOST effective course of action to resolve the performance issues?
19Drag and drop the steps to configure OSPF on a Cisco router in the correct order.
20Drag and drop the steps to configure a site-to-site IPsec VPN on a Cisco router in the correct order.
21Match each network device to its primary function.
22Match each Cisco switch security feature to its function.
Virtualization questions on this certification test your ability to deploy and manage virtualization concepts in scenario-based situations.
The Courseiva 350-401 question bank contains 22 questions in the Virtualization domain, covering the 10% of the exam attributed to this domain in the official Cisco blueprint. Click any question to see the full explanation and answer breakdown.
Start with a 10-question focused session to identify your baseline accuracy in this domain. Read every explanation — even for questions you answer correctly — to understand the reasoning. Once you score consistently above 80%, move to a 20–30 question session to confirm depth before moving to the next domain.
Yes — the session launcher on this page draws questions exclusively from the Virtualization domain. Choose 10, 20, 30, or 50 questions for a focused session, or click individual questions to review them one by one.
Save your results, see per-domain analytics, and get readiness scores — free, for every certification.
Sign Up FreeFree forever · Every certification included