Cisco DCCOR / CCNP Data Center Core 350-601 (350-601) — Questions 9761000

1000 questions total · 14pages · All types, answers revealed

Page 13

Page 14 of 14

976
MCQmedium

An engineer is deploying a HyperFlex cluster with three nodes using all-flash storage and replication factor 2 (RF2). What is the minimum number of nodes required to tolerate a single node failure?

A.3
B.2
C.5
D.4
AnswerA

Correct. Three nodes with RF2 can tolerate one failure.

Why this answer

With RF2, data is replicated to two nodes. If one node fails, the other node still holds a copy, so the cluster continues. However, for strict fault tolerance, a witness VM is needed to avoid split-brain.

Three nodes with RF2 can tolerate one node failure.

977
MCQeasy

An administrator configures 'aaa authentication login default group tacacs+ local'. What happens if the TACACS+ server is unreachable?

A.The switch uses no authentication
B.Authentication fails
C.The switch tries the next method in the group
D.Local username database is used
AnswerD

The config includes 'local' as a fallback method after group tacacs+.

Why this answer

The command 'aaa authentication login default group tacacs+ local' configures a method list where the first method is TACACS+ and the second is local. If the TACACS+ server is unreachable (not responding, not rejecting), the switch falls back to the next method in the list, which is local authentication using the local username database. This fallback behavior is defined by Cisco IOS/IOS-XE authentication method lists, where 'local' acts as a backup when the primary method is unavailable.

Exam trap

Cisco often tests the distinction between a server being unreachable (fallback occurs) versus a server rejecting credentials (authentication fails immediately), causing candidates to incorrectly assume that any TACACS+ issue results in authentication failure.

How to eliminate wrong answers

Option A is wrong because the switch does not use 'no authentication'; the 'default' method list requires authentication, and fallback to local ensures authentication still occurs. Option B is wrong because authentication does not fail outright; failure only occurs if all methods in the list are exhausted or if the server explicitly rejects the credentials (e.g., via a 'DENIED' response). Option C is wrong because 'group tacacs+' is a single method group; the switch does not try 'the next method in the group'—it tries the next method in the list, which is 'local', not another server within the same group.

978
MCQeasy

An engineer needs to ensure that only authorized servers can connect to a specific switch port in a data center. The port connects to a critical database server with fixed MAC address 00:1a:2b:3c:4d:5e. Which configuration is most appropriate?

A.switchport port-security switchport port-security mac-address 001a.2b3c.4d5e switchport port-security violation shutdown
B.switchport port-security switchport port-security maximum 1 switchport port-security violation shutdown
C.no switchport port-security spanning-tree portfast
D.switchport port-security switchport port-security maximum 2 switchport port-security violation protect
AnswerA

Statically configures the authorized MAC, exactly meeting the requirement.

Why this answer

Option A is correct because it explicitly binds the specific MAC address 001a.2b3c.4d5e to the port using port security, and sets the violation mode to shutdown, which disables the port if any unauthorized device attempts to connect. This ensures only the authorized database server can use the port, meeting the requirement precisely.

Exam trap

Cisco often tests the distinction between specifying a static MAC address versus relying on dynamic learning with a maximum count, where candidates mistakenly think limiting to one MAC is sufficient without binding the specific authorized address.

How to eliminate wrong answers

Option B is wrong because it only limits the maximum number of MAC addresses to 1 without specifying the allowed MAC address, so the port will learn the first MAC it sees, which could be an unauthorized device if it connects first. Option C is wrong because it disables port security entirely and enables spanning-tree portfast, which provides no MAC-based access control and allows any device to connect. Option D is wrong because it sets the maximum to 2, allowing two MAC addresses, and uses the protect violation mode, which simply drops frames from unauthorized sources without alerting or disabling the port, failing to ensure only the authorized server can connect.

979
MCQeasy

What is the primary function of the Cisco Integrated Management Controller (CIMC) on UCS C-series rack servers?

A.To manage the server's power and cooling via IPMI
B.To provide in-band management through the host OS
C.To provide out-of-band management with KVM, virtual media, and remote firmware update
D.To integrate the rack server into UCS Manager fabric
AnswerC

Correct. CIMC enables remote management even if the host OS is offline.

Why this answer

CIMC provides out-of-band management capabilities such as remote KVM, virtual media, and firmware updates, allowing administrators to manage the server independently of the host OS.

980
MCQeasy

Which management interface is used for out-of-band configuration and remote KVM access to a standalone UCS C-series rack server?

A.UCS Central
B.CIMC
C.Cisco IMC Supervisor
D.UCS Manager
AnswerB

Correct. CIMC is the embedded management controller for rack servers.

Why this answer

Cisco Integrated Management Controller (CIMC) provides out-of-band management, including remote KVM, virtual media, and firmware updates.

981
MCQmedium

In a vPC setup, what is the purpose of the vPC peer-keepalive link?

A.To detect the failure of a vPC peer
B.To exchange routing protocol updates
C.To synchronize MAC address tables
D.To forward data traffic between vPC peers
AnswerA

Keepalive is a heartbeat mechanism.

Why this answer

The peer-keepalive link is a separate Layer 3 path (usually out-of-band) that allows vPC peers to monitor each other's health. If the peer-link fails but keepalive is up, each peer can take appropriate actions (e.g., disabling vPC member ports on one side). It does not carry data traffic or exchange routing updates.

982
Multi-Selectmedium

Which TWO statements correctly describe the difference between synchronous and asynchronous replication?

Select 2 answers
A.Asynchronous replication requires dedicated links
B.Asynchronous replication has lower impact on application performance
C.Synchronous replication provides zero recovery point objective (RPO)
D.Synchronous replication is more tolerant of high latency links
E.Asynchronous replication guarantees zero data loss
AnswersB, C

Asynchronous replication does not wait for remote acknowledgment, reducing latency impact.

Why this answer

Synchronous replication has zero RPO but can impact performance due to latency, while asynchronous replication has a lower performance impact but may have some data loss (nonzero RPO).

983
MCQeasy

A data center switch has multiple access ports configured with spanning-tree portfast. A new server is connected to one of these ports and immediately causes a network loop. What is the most likely cause?

A.The portfast feature is disabled by default on the switch.
B.The server sends BPDUs.
C.The port is not configured with BPDUguard.
D.The switch is running MSTP instead of PVST+.
AnswerC

Without BPDUguard, the port stays up when a BPDU is received, potentially causing a loop.

Why this answer

Option C is correct because Spanning Tree Protocol (STP) PortFast immediately transitions a port to the forwarding state, bypassing the listening and learning phases. However, PortFast alone does not protect against loops if a rogue device (like a server) inadvertently connects two switch ports or sends BPDUs. BPDUguard must be explicitly configured on the port to disable it upon receiving any BPDU, preventing a loop.

Without BPDUguard, the switch will process the BPDU and may re-enter STP convergence, potentially causing a loop if the server is misconfigured or bridging traffic.

Exam trap

Cisco often tests the misconception that PortFast alone prevents loops, but the trap here is that PortFast only speeds up initial convergence; without BPDUguard, a PortFast port can still participate in STP and cause a loop if it receives a BPDU.

How to eliminate wrong answers

Option A is wrong because PortFast is not disabled by default on a switch; it is a per-port feature that must be explicitly enabled with the 'spanning-tree portfast' interface command. Option B is wrong because the server sending BPDUs is the trigger for the loop, not the cause of the loop itself—the root cause is the lack of BPDUguard to protect the PortFast port from those BPDUs. Option D is wrong because MSTP (Multiple Spanning Tree Protocol) and PVST+ (Per-VLAN Spanning Tree Plus) both support PortFast and BPDUguard; the protocol variant does not inherently cause loops when PortFast is enabled without BPDUguard.

984
Multi-Selectmedium

Which TWO of the following are benefits of using Smart Zoning in Cisco MDS switches?

Select 2 answers
A.Reduces number of zone objects
B.Provides faster FLOGI processing
C.Simplifies zone management for large fabrics
D.Eliminates the need for VSANs
E.Allows automatic LUN masking
AnswersA, C

Smart Zoning combines multiple zones into a single object, reducing overhead.

Why this answer

Smart Zoning reduces the number of zone objects by automatically grouping initiator-target pairs into a single zone entry, rather than requiring a separate zone for each pair. This minimizes the size of the zone database and reduces the processing overhead on the switch during fabric reconfigurations.

Exam trap

Cisco often tests the misconception that Smart Zoning improves FLOGI processing speed or eliminates VSANs, when in reality it only optimizes zone object management and does not alter fundamental fabric services.

985
MCQmedium

An engineer is designing a Layer 3 network for a data center using OSPF. The core switches are connected to aggregation switches. To optimize convergence, which OSPF network type should be used on the links between core and aggregation?

A.broadcast
B.non-broadcast
C.point-to-multipoint
D.point-to-point
AnswerD

Eliminates DR election, reduces convergence time.

Why this answer

In a data center spine-leaf architecture, the links between core (spine) and aggregation (leaf) switches are typically point-to-point Layer 3 links. Configuring OSPF network type point-to-point (option D) on these interfaces eliminates the need for DR/BDR election, reduces hello and dead timers (default 10s/40s vs 30s/120s for broadcast), and allows faster convergence because OSPF immediately forms a neighbor adjacency without waiting for election delays.

Exam trap

Cisco often tests the misconception that broadcast is the default and therefore best for Ethernet links, but in a data center spine-leaf design, point-to-point is preferred because it eliminates DR/BDR election overhead and provides faster convergence.

How to eliminate wrong answers

Option A is wrong because broadcast network type requires a Designated Router (DR) and Backup Designated Router (BDR) election, which adds unnecessary convergence delay and overhead on point-to-point links between core and aggregation switches. Option B is wrong because non-broadcast network type is used for NBMA environments (e.g., Frame Relay) where neighbors must be manually configured and DR/BDR election still occurs, making it unsuitable for direct point-to-point Ethernet links. Option C is wrong because point-to-multipoint is designed for hub-and-spoke topologies where a single interface connects to multiple neighbors, not for the direct point-to-point links between core and aggregation switches.

986
MCQmedium

Which NX-OS command is used to display the consistency status of Virtual Port Channel (vPC) parameters across both vPC peers?

A.show vpc peer-keepalive
B.show vpc brief
C.show running-config vpc
D.show vpc consistency-parameters
AnswerD

This command shows consistency checks for vPC.

Why this answer

'show vpc consistency-parameters' displays configuration consistency between vPC peers.

987
Drag & Dropmedium

Sequence the steps for configuring OSPF on a Cisco Nexus switch in a data center fabric.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

OSPF configuration involves creating the process, setting router ID, enabling on interfaces, and verification.

988
MCQhard

Refer to the exhibit. A UCS domain shows a 'Major' NVRAM backup failure alarm in Intersight. What is the best immediate action?

A.Attempt a manual NVRAM configuration backup from the primary Fabric Interconnect to the secondary.
B.Perform a factory reset on both Fabric Interconnects.
C.Reboot the primary Fabric Interconnect.
D.Reclaim the UCS domain from Intersight and register again.
AnswerA

Manual backup can jumpstart the failed backup process and clear the alarm.

Why this answer

A 'Major' NVRAM backup failure alarm in Intersight indicates that the automatic periodic backup of the UCS domain's configuration from the primary Fabric Interconnect (FI) to the secondary FI has failed. The best immediate action is to attempt a manual NVRAM configuration backup from the primary FI to the secondary, as this directly addresses the backup failure without disrupting domain operations or requiring re-registration.

Exam trap

Cisco often tests the distinction between a configuration backup failure and a hardware or connectivity failure, leading candidates to choose disruptive actions like rebooting or factory resetting when a simple manual backup retry is the correct first step.

How to eliminate wrong answers

Option B is wrong because performing a factory reset on both Fabric Interconnects is a drastic, destructive action that would erase all configuration and cause significant downtime, which is unnecessary for a backup failure that can be resolved manually. Option C is wrong because rebooting the primary Fabric Interconnect would disrupt traffic and may not resolve the backup failure; the issue is likely with the backup process or connectivity, not the FI's operational state. Option D is wrong because reclaiming the UCS domain from Intersight and registering again would remove the domain from management and require re-establishing connectivity, which is an overreaction for a backup failure that can be addressed with a manual backup attempt.

989
MCQmedium

A server team reports that after connecting a new server to a switchport, the server can receive traffic but cannot send traffic. The port is configured with port security. What is the most likely cause?

A.The port is in errdisable state
B.The port security violation mode is set to protect
C.The port security maximum is set to 1 and another device is connected
D.The server MAC address is not in the allowed list
AnswerB

Protect mode drops offending frames silently, allowing the server to receive but not send traffic from an unknown MAC.

Why this answer

When port security violation mode is set to 'protect', the switch drops traffic from unauthorized MAC addresses without generating a syslog message or incrementing the violation counter. In this scenario, the server can receive traffic because the switch still forwards broadcast and unknown unicast frames to the port, but the server's transmitted frames are silently dropped because the switch does not learn the server's MAC address or forward its frames. This matches the symptom of one-way communication where the server can receive but not send.

Exam trap

Cisco often tests the distinction between the three port security violation modes (protect, restrict, shutdown) by presenting a symptom of one-way traffic, which candidates mistakenly attribute to a shutdown or restrict mode rather than the silent dropping behavior of protect.

How to eliminate wrong answers

Option A is wrong because an errdisable state would cause the port to be completely shut down, preventing both sending and receiving traffic, not just one-way communication. Option C is wrong because if the maximum MAC count is set to 1 and another device is connected, the violation action would trigger based on the configured mode (shutdown, restrict, or protect), but the symptom described (receive but not send) is specific to the protect mode, not a simple count limit. Option D is wrong because port security does not use an 'allowed list' of MAC addresses by default; it learns MAC addresses dynamically unless a static secure MAC address is configured, and even then, a mismatch would trigger the violation mode, not result in one-way traffic.

990
MCQeasy

A data center automation script uses Python's requests library to call the NX-API for a Nexus 9000 switch. The script works but returns HTTP 400. Which is a likely cause?

A.The request payload is malformed
B.The switch has no management IP
C.The script uses HTTP instead of HTTPS
D.The API is not enabled
AnswerA

400 Bad Request is client error.

Why this answer

HTTP 400 indicates a bad request, which in the context of NX-API typically means the JSON or XML payload sent to the switch does not conform to the expected schema. Common issues include missing required fields (e.g., 'ins_api' version, 'type', 'chunk', 'sid', 'input', 'outputformat'), incorrect JSON syntax, or invalid values for parameters like 'version' or 'type'. The requests library successfully delivered the HTTP request, but the NX-API rejected it due to malformed content.

Exam trap

Cisco often tests the distinction between HTTP status codes (400 vs. 404 vs. connection errors) to see if candidates understand that a 400 specifically points to payload issues, not network or configuration problems.

How to eliminate wrong answers

Option B is wrong because if the switch had no management IP, the script would fail with a connection error (e.g., 'No route to host' or timeout), not an HTTP 400 response. Option C is wrong because using HTTP instead of HTTPS would result in a different error, such as a redirect (301/302) or a connection refused if HTTPS is enforced, but the NX-API can accept HTTP requests if configured; HTTP 400 is unrelated to protocol choice. Option D is wrong because if the API were not enabled, the switch would return an HTTP 404 (Not Found) or a connection reset, not a 400 Bad Request.

991
MCQhard

An engineer is deploying a HyperFlex cluster and needs to ensure that if a disk fails in a hybrid node, the system can rebuild the data from parity. Which RAID configuration is required on the disk controller for the cache SSD and HDDs in a HyperFlex hybrid node?

A.RAID 6 for SSD and RAID 0 for HDDs
B.RAID 0 for SSD and RAID 5 for HDDs
C.RAID 10 for both SSD and HDDs
D.RAID 1 for SSD and RAID 5 for HDDs
AnswerB

RAID 0 on SSD provides maximum performance; RAID 5 on HDDs provides redundancy.

Why this answer

In HyperFlex hybrid nodes, the cache SSD is configured as RAID 0 (striping without parity) for performance, while the HDDs can be configured as RAID 5 or RAID 6 for redundancy. For the SSD cache, RAID 0 is typically used because data is replicated at the cluster level.

992
MCQmedium

A storage administrator needs to isolate traffic between two departments on the same Fibre Channel SAN infrastructure. Each department has its own storage array and hosts. Which technology should be used to create separate logical fabrics without additional hardware?

A.NPV
B.VSANs
C.Zoning
D.PortChannels
AnswerB

VSANs create isolated logical fabrics over a physical infrastructure.

Why this answer

VSANs (Virtual SANs) allow partitioning of a single physical Fibre Channel fabric into multiple isolated logical fabrics, similar to VLANs in Ethernet.

993
MCQmedium

A data center engineer is troubleshooting connectivity issues between two EPGs in the same tenant on a Cisco ACI fabric. The first EPG 'web_epg' is in VLAN 100 and the second EPG 'db_epg' is in VLAN 200. The contract 'web_to_db' allows TCP port 3306 from web_epg to db_epg. The EPGs are in the same VRF. The engineer has verified that the physical connectivity is correct and the endpoints are learning their IP addresses. However, traffic from web_epg to db_epg is not reaching the destination. The engineer checks the contract and sees that the subject 'mysql_access' has filter 'mysql' with direction 'both'. The provider is db_epg and consumer is web_epg. The engineer also notices that the default action in the contract is 'deny'. What is the most likely cause of the issue?

A.The contract direction is reversed: the provider should be the destination of the traffic. Since web_epg initiates to db_epg, web_epg should be the provider.
B.The VRF is not correctly associated with the EPGs.
C.A Layer 3 Outside (L3Out) is required for communication between EPGs in the same VRF.
D.The filter 'mysql' does not match TCP port 3306.
AnswerA

In ACI, the provider offers a service; the consumer initiates. Here web_epg initiates, so web_epg should be provider.

Why this answer

In Cisco ACI, the provider EPG is the one that offers a service (the destination of the traffic), and the consumer EPG is the one that initiates the connection. Since web_epg initiates TCP traffic to db_epg, db_epg should be the provider and web_epg the consumer. The contract is reversed, so the default deny action blocks the traffic because the consumer (web_epg) is not allowed to initiate toward the provider (db_epg) under the reversed roles.

Exam trap

Cisco often tests the provider/consumer directionality in ACI contracts, and the trap here is that candidates assume the provider is the source (initiator) of traffic, when in fact the provider is the destination (service offerer).

How to eliminate wrong answers

Option B is wrong because the VRF association is correct—both EPGs are in the same VRF, and the endpoints are learning IP addresses, indicating the VRF is properly configured. Option C is wrong because an L3Out is only needed for communication with external networks (outside the fabric), not between EPGs in the same VRF; intra-VRF communication uses contracts directly. Option D is wrong because the filter 'mysql' is a predefined filter that matches TCP port 3306, so it correctly permits the required traffic.

994
MCQhard

A Nexus switch experiences high CPU utilization due to excessive ICMP traffic. An engineer applies a CoPP policy that includes a class matching ICMP with a drop action. After applying, legitimate OSPF hello packets are also being dropped. What is the most likely cause?

A.The CoPP policy is applied to the wrong interface
B.The CoPP policy rate-limits all traffic including OSPF below its needed rate
C.OSPF packets match the default class which has a drop action
D.The class-map matches multiple protocols including OSPF
AnswerC

If the default class action is drop, any traffic not explicitly matched (including OSPF) will be dropped. This is a common misconfiguration.

Why this answer

Option C is correct because when a CoPP policy is applied, traffic that does not match any explicit class-map falls into the default class. If the default class has a drop action, all unmatched traffic—including OSPF hello packets (which use IP protocol 89)—will be dropped. The class-map matching ICMP (typically based on protocol or DSCP) does not match OSPF, so OSPF packets are handled by the default class, causing the observed behavior.

Exam trap

Cisco often tests the concept that the default class in CoPP is not automatically 'permit' and must be explicitly configured; the trap here is assuming that only the matched class (ICMP) is affected, while forgetting that unmatched traffic falls to the default class, which can have a drop action.

How to eliminate wrong answers

Option A is wrong because CoPP policies are applied globally to the control plane (via 'control-plane' and 'service-policy input'), not to individual interfaces; applying to the wrong interface would not affect control-plane traffic. Option B is wrong because the policy explicitly drops ICMP traffic, not rate-limits it; OSPF packets are not rate-limited but dropped entirely due to the default class action, not because of insufficient rate. Option D is wrong because the class-map matches only ICMP (e.g., match protocol icmp or match ip dscp cs0), and OSPF uses IP protocol 89, which is distinct; the class-map does not include OSPF.

995
MCQmedium

A storage array supports RAID-5, RAID-6, and RAID-10. The array has 12 disks of equal size. The requirement is to maximize usable capacity while tolerating up to two simultaneous disk failures without data loss. Which RAID level should be chosen?

A.RAID-10
B.RAID-5
C.RAID-6
D.RAID-0
AnswerC

RAID-6 tolerates up to two failures with better capacity efficiency than RAID-10.

Why this answer

RAID-6 can tolerate two disk failures with parity overhead of 2 disks, providing high usable capacity. RAID-5 tolerates only one failure; RAID-10 tolerates multiple failures but capacity is 50%.

996
MCQeasy

Which protocol is recommended by Cisco for network device administration AAA due to its separation of authentication, authorization, and accounting?

A.LDAP
B.RADIUS
C.Kerberos
D.TACACS+
AnswerD

Cisco recommends TACACS+ for device admin.

Why this answer

TACACS+ encrypts the entire packet and separates AAA functions.

997
MCQmedium

An engineer is deploying FCoE on a Cisco Nexus 9000v switch in a converged network. The storage array is connected via native Fibre Channel to an MDS switch, and the MDS is connected to the Nexus using an FCoE link. The engineer creates a virtual Fibre Channel (VFC) interface on the Nexus, binds it to an Ethernet interface, and maps VSAN 200 to VLAN 200. The MDS side has an FCoE port configured and enabled. Servers connected to the Nexus with FCoE initiators can successfully log into the storage targets, but performance is very poor and intermittent. The engineer checks for drops on all interfaces and finds none. The engineer also verifies that the FCoE VLAN is not blocked by spanning tree. What is the most likely cause of the performance issue?

A.The Ethernet interface MTU is set to 1500 instead of 2500.
B.The FCoE VLAN is blocking spanning tree.
C.The MDS has not enabled FCoE on the interface.
D.The VFC interface is not bound to the correct port-channel.
AnswerA

FCoE requires jumbo frames; 1500 MTU causes fragmentation.

Why this answer

FCoE requires a larger MTU (typically 2500 bytes) to encapsulate Fibre Channel frames without fragmentation. An MTU of 1500 causes fragmentation and retransmissions, leading to poor performance. Option B is correct.

Option A would prevent login entirely. Option C is not required for basic connectivity. Option D was already verified as not causing the issue.

998
MCQeasy

Refer to the exhibit. A network engineer has configured a port-channel for OSPF adjacency. What additional configuration is required for the port-channel to operate correctly?

A.Set the OSPF priority.
B.No additional configuration needed.
C.Enable OSPF on the port-channel with `ip router ospf process`.
D.Configure the channel-group mode on member interfaces.
AnswerD

Member interfaces must be assigned to the port-channel using `channel-group`.

Why this answer

Option D is correct because for a port-channel to form an OSPF adjacency, the member interfaces must be configured with a channel-group mode (e.g., 'channel-group 1 mode active') to bundle them into a logical port-channel interface. Without this, the interfaces remain individual Layer 2 or Layer 3 links, and OSPF cannot establish adjacency over the port-channel as a single logical link.

Exam trap

Cisco often tests the misconception that creating the port-channel interface alone is sufficient, when in fact the member interfaces must be explicitly assigned to the port-channel using the channel-group command.

How to eliminate wrong answers

Option A is wrong because OSPF priority is used for Designated Router (DR) and Backup Designated Router (BDR) election on multiaccess networks, not for enabling or operating a port-channel. Option B is wrong because additional configuration is indeed required: the member interfaces must be assigned to the port-channel using the channel-group command; simply creating the port-channel interface does not bundle the physical links. Option C is wrong because 'ip router ospf process' is used to enable OSPF on an interface, but the port-channel interface itself must first exist and be properly formed; the missing step is bundling the member interfaces, not enabling OSPF on the port-channel.

999
MCQmedium

An engineer needs to automate a repetitive configuration task on a Nexus switch. Which method is most suitable for programmatic access?

A.FTP file transfer
B.NX-API
C.CLI scripting with Tcl
D.SNMP v3
AnswerB

NX-API allows JSON/XML-based API calls for configuration and monitoring.

Why this answer

NX-API provides programmatic RESTful API access to Nexus switches for automation.

1000
MCQhard

An engineer observes that ARP packets are being dropped. Based on the exhibit, what is the drop rate percentage for ARP packets?

A.75%
B.25%
C.50%
D.100%
AnswerC

Half of the packets exceed the police rate and are dropped.

Why this answer

The exhibit shows that out of 1000 total ARP packets, 500 were dropped. The drop rate percentage is calculated as (dropped packets / total packets) * 100, which is (500/1000)*100 = 50%. Therefore, option C is correct.

Exam trap

Cisco often tests the ability to correctly compute a percentage from raw drop and total counts, where candidates might misread the exhibit or confuse drop rate with success rate, leading to incorrect answers like 25% or 75%.

How to eliminate wrong answers

Option A is wrong because 75% would require 750 dropped packets out of 1000, not 500. Option B is wrong because 25% would require 250 dropped packets out of 1000, not 500. Option D is wrong because 100% would require all 1000 packets to be dropped, but only 500 were dropped.

Page 13

Page 14 of 14

Practice 350-601 by domain

Target a specific domain to shore up weak areas.

See all domains with question counts →