CCNA Storage Network Questions

75 of 154 questions · Page 2/3 · Storage Network · Answers revealed

76
MCQhard

A storage network using Cisco MDS 9700 switches has two VSANs (100 and 200). The engineer wants to share a physical ISL between both VSANs while maintaining traffic isolation. Which feature should be used?

A.VSAN trunking
B.PortChannel with trunk mode on
C.Inter-VSAN Routing (IVR)
D.FSPF metric manipulation
AnswerA

VSAN trunking allows multiple VSANs over a single link with isolation.

Why this answer

VSAN trunking allows multiple VSANs over a single ISL, maintaining isolation. PortChannel aggregates bandwidth, not VSANs. FSPF is routing, and IVR routes between VSANs, not sharing a link.

77
Multi-Selecthard

A Cisco MDS switch is configured for NPV mode. An upstream NPIV-enabled switch is connected. The administrator notices that the NPV switch is not logging in to the NPIV switch. The NPV switch shows the following: 'show npv status' indicates NPV is enabled but no traffic. Which three conditions could cause this issue?

Select 3 answers
A.FSPF is not enabled on the NPV switch.
B.The uplink interface on the NPV switch is not configured as an NP port.
C.The upstream switch is not configured for NPIV mode.
D.The NPV switch does not have the proper license for NPV mode.
E.The VSAN on the NPV uplink does not match the VSAN on the core switch.
AnswersB, C, E

NPV uplinks must be configured as NP ports to connect to the core NPIV switch.

Why this answer

Option B is correct because in NPV mode, the uplink interface on the NPV switch must be explicitly configured as an NP port (np). If the interface is left as a default F port or another port type, it cannot establish a connection to the upstream NPIV-enabled switch. The 'show npv status' output showing NPV enabled but no traffic indicates that the NPV switch is operational but the uplink is not properly configured to initiate the FLOGIN process.

Exam trap

Cisco often tests the misconception that NPV requires a license or that FSPF must be enabled, when in fact NPV is license-free and does not use FSPF; the real issue is typically an incorrect port mode or VSAN mismatch.

78
MCQhard

Refer to the exhibit. An engineer notices that traffic is not load-balanced across all four links. What is the most likely cause?

A.The minimum links set to 2 prevents load balancing.
B.LACP is not supported on Fibre Channel.
C.The load-balancing algorithm is based on source-dest-id, which may not evenly distribute traffic.
D.The port channel is in admin down state.
E.The links are not in the same VSAN.
AnswerC

Source-dest-id can lead to polarization if many flows share the same pair; other algorithms like source-dest-ox-id provide better distribution.

Why this answer

Option C is correct because the load-balancing algorithm for Fibre Channel port channels uses source-dest-id (SID and DID) by default. If the traffic flows are between a small number of source-destination pairs, the hash results will map most flows to the same link, preventing even distribution across all four links. This is a common cause of perceived load imbalance even when all links are operational.

Exam trap

Cisco often tests the misconception that load imbalance is always due to a configuration error or link failure, when in fact the default hash algorithm's behavior with limited source-destination pairs is the root cause.

How to eliminate wrong answers

Option A is wrong because the minimum-links setting (e.g., 2) only prevents the port channel from coming up if fewer than that number of links are active; it does not affect load balancing once the channel is up. Option B is wrong because LACP (IEEE 802.3ad) is not used on Fibre Channel; Fibre Channel port channels use the Fibre Channel standard (FC-BB-5/6) or Cisco's proprietary PAgP for FCoE, but LACP is irrelevant here. Option D is wrong because if the port channel were in admin down state, no traffic would pass at all, not just uneven load balancing.

Option E is wrong because all links in a Fibre Channel port channel must be in the same VSAN; if they were not, the port channel would not form or would have errors, but the exhibit shows the channel is up.

79
MCQmedium

An engineer is configuring intelligent zoning and wants to use device aliases to simplify zone membership. What is a characteristic of device aliases compared to zone aliases?

A.Device aliases require a specific DNS entry.
B.Device aliases are restricted to a single VSAN.
C.Device aliases are automatically assigned to the default zone.
D.Device aliases can be used in multiple zones across different VSANs.
AnswerD

Device aliases are global and can be reused across VSANs.

Why this answer

Option B is correct. Device aliases are fabric-wide (or switch-wide) and can be used across multiple zones and VSANs. Zone aliases are per-zone.

80
MCQeasy

An engineer notices that the CPU utilization on a Cisco Nexus 5548UP switch is consistently above 80%. The switch is used for FCoE storage traffic. Which action is most likely to reduce CPU utilization?

A.Configure DCBx will-say mode
B.Enable FCoE NPV mode
C.Disable FIP snooping
D.Reduce the number of FCoE VLANs
AnswerD

Fewer VLANs means less FIP snooping processing, reducing CPU load.

Why this answer

Reducing the number of FCoE VLANs decreases the amount of FIP snooping processing, which is a common cause of high CPU. Disabling FIP snooping would break FCoE. Enabling NPV or changing DCBx does not directly reduce CPU.

81
MCQeasy

A storage administrator reports that a new host cannot log into the SAN. The host is connected to a Cisco MDS switch. The switch interface shows up/up but the host is not in the active zone. What is the most likely cause?

A.The zone set is not activated.
B.The switch port is in an isolated state.
C.The FC cable is faulty.
D.The host's WWPN is not in the zone configuration.
E.The host's driver is not installed.
AnswerA

If the zone set is not activated, even if the WWPN is in the zone, it won't be effective. The host is not in the active zone because the active zone set may not include the zone.

Why this answer

The host cannot log into the SAN despite the interface showing up/up because the zone set is not activated. In Cisco MDS Fibre Channel SANs, zone configurations are stored in the zone database but only take effect when the zone set is activated (using the 'zone activate' command). Without an active zone set, no zoning is enforced, and the host's WWPN is effectively invisible to other devices, preventing login even though the physical link is operational.

Exam trap

Cisco often tests the distinction between configuring a zone (adding WWPNs) and activating the zone set; candidates mistakenly assume that simply adding a WWPN to a zone is sufficient, overlooking the mandatory activation step that enforces the zoning policy.

How to eliminate wrong answers

Option B is wrong because an isolated state occurs in PortChannel configurations when ports are incompatible (e.g., speed or mode mismatch), not due to zoning issues, and the interface shows up/up, ruling out isolation. Option C is wrong because a faulty FC cable would cause the interface to be down/down or flap, not up/up. Option D is wrong because the host's WWPN not being in the zone configuration would still allow the host to log into the fabric (FLOGI) and appear in the active zone database; the issue is that no zone set is active, so even if the WWPN were configured, it would not be enforced.

Option E is wrong because the host's driver not being installed would prevent the host from initiating a fabric login (FLOGI), but the switch interface shows up/up, indicating physical and link-level connectivity is present.

82
MCQeasy

An engineer needs to design a resilient Fibre Channel SAN that eliminates single points of failure between two MDS switches and a storage array with two controllers. What is the minimum number of FC port channels required to achieve this goal?

A.Three
B.Two
C.One
D.Four
AnswerB

Two port channels allow each controller to connect to both switches.

Why this answer

For redundancy, each storage controller connects to both switches. Two port channels (each from a controller to a switch) are needed. Option A (1) provides only one link per controller.

Option C (3) and D (4) are overkill. Option B is correct.

83
MCQmedium

A company is consolidating its storage network into a single fabric using a Cisco MDS 9509. They want to use VSANs to isolate different departments. The VSANs will be 10, 20, and 30. They have a single ISL between two MDS switches. The engineers want to carry all three VSANs over the ISL. They configure both ends of the ISL as E ports and enable trunking. After configuration, they notice that only VSAN 10 traffic passes over the ISL. The other VSANs appear isolated. The show vsan membership shows all three VSANs are present on both switches. The show interface trunk on the ISL shows that the trunk is up but only VSAN 10 is allowed. What is the most likely cause?

A.The other VSANs are not configured on the trunk interface
B.The allowed VSAN list on the trunk port is limited to only VSAN 10
C.The trunk mode is set to 'on' instead of 'desirable'/'auto'
D.The ISL is in an error-disabled state for VSAN 20 and 30
AnswerB

The allowed VSAN list must be explicitly configured to include VSAN 20 and 30.

Why this answer

The show interface trunk output indicates that only VSAN 10 is in the allowed list. The allowed VSAN list on the trunk port must be configured to include all three VSANs. The trunk mode (on/desirable) does not limit VSANs.

Error-disabled would show in different status. VSAN membership on the interface is not applicable for trunk ports.

84
MCQmedium

A Cisco MDS switch is configured with two VSANs. Hosts in VSAN 1 cannot communicate with hosts in VSAN 2. What is the most likely reason?

A.The IVR is not configured.
B.The VSANs are not connected through an IVR zone.
C.The FC domain ID is conflicting.
D.The switch does not support multi VSAN.
E.The hosts are on different switches.
AnswerB

IVR zones define which devices can communicate across VSANs. Without these zones, traffic is isolated.

Why this answer

By default, VSANs are isolated from each other, meaning traffic cannot cross VSAN boundaries. Inter-VSAN Routing (IVR) must be explicitly configured to allow communication between hosts in different VSANs. Without IVR, hosts in VSAN 1 and VSAN 2 remain in separate fabrics and cannot communicate, even if they are connected to the same switch.

Exam trap

Cisco often tests the misconception that VSANs are like VLANs and can communicate by default, but in Fibre Channel fabrics, VSANs are fully isolated unless IVR is explicitly configured.

How to eliminate wrong answers

Option A is wrong because IVR not being configured is not the most likely reason; the question asks for the most likely reason, and the absence of an IVR zone is a more specific and direct cause. Option C is wrong because conflicting FC domain IDs would cause issues within a single VSAN or between switches in the same VSAN, not between different VSANs. Option D is wrong because the Cisco MDS switch supports multiple VSANs natively; the inability to communicate between VSANs is by design, not a lack of support.

Option E is wrong because hosts on different switches can still communicate if they are in the same VSAN or if IVR is configured; the issue here is the VSAN boundary, not the physical switch location.

85
MCQhard

An engineer is designing a SAN for a virtualized environment with 20 hosts and 4 storage arrays. Each host requires a separate zone per storage array for security. What is the minimum number of zones required?

A.40
B.20
C.80
D.100
AnswerC

20 hosts * 4 arrays = 80 zones.

Why this answer

Each host needs a zone per array, so 20 hosts * 4 arrays = 80 zones. However, if using single initiator zones (best practice), each zone has one host and one target, so indeed 80 zones. Option A assumes one zone per host, which would include all arrays in one zone, violating security.

Option B is too low. Option D is too high.

86
MCQhard

Refer to the exhibit. An engineer is troubleshooting poor FCoE performance. The exhibit shows output from the FCoE interface. Which observation indicates a potential issue?

A.PFC frames received is high compared to PFC frames sent
B.The CRC error count is zero
C.Data frames are 1500 bytes, which is too small for FCoE
D.The admin port mode is F instead of NP
AnswerA

Receiving many pause frames implies the peer is congested or PFC mismatch.

Why this answer

PFC frames received (152) with zero sent suggests the interface is receiving pause frames from the peer, possibly due to congestion or a PFC configuration mismatch. Option B is correct. Option A (CRC errors) none.

Option C (mode) is fine. Option D (MTU) default 1500 for data frames is consistent.

87
MCQmedium

In an FCoE deployment, a storage administrator needs to ensure that FCoE traffic is carried over a dedicated VLAN. Which configuration is required on a Cisco Nexus switch?

A.Configure the VLAN as a private VLAN.
B.Assign the VLAN as an access VLAN to the interface.
C.Enable FIP snooping and map the FCoE VLAN to a VSAN.
D.Configure the VLAN as a native VLAN on the FCoE interface.
AnswerC

FIP snooping is needed for FCoE; mapping FCoE VLAN to VSAN isolates traffic.

Why this answer

Option B is correct. FIP snooping and VSAN mapping are required for FCoE VLAN. Other options are incorrect.

88
MCQhard

A storage administrator is troubleshooting FCoE performance issues between a Cisco UCS FI and a storage array. The fabric is configured with FIP snooping and DCB. The administrator checks the FCoE interface counters and sees many dropped frames due to 'no buffer space'. What is the most likely root cause?

A.Jumbo frames are disabled on the switch ports
B.The FCoE VLAN is not trunked to the storage array
C.FIP snooping is not enabled on the FCoE VLAN
D.Priority flow control settings are mismatched between the upstream switch and the storage array
AnswerD

PFC mismatch can cause buffer exhaustion and drops.

Why this answer

The 'no buffer space' drops on FCoE interfaces indicate that the receive buffers are being exhausted, which is a classic symptom of Priority Flow Control (PFC) being misconfigured or mismatched between the upstream switch and the storage array. PFC (IEEE 802.1Qbb) is essential for lossless FCoE transport; if one side sends pause frames that the other does not honor, or if the PFC priorities are not aligned, buffers overflow and frames are dropped. This directly explains the observed counter behavior.

Exam trap

Cisco often tests the distinction between 'no buffer space' drops (caused by PFC/flow control mismatches) and other drop types like 'output drops' or 'CRC errors', leading candidates to incorrectly blame jumbo frames or VLAN issues.

How to eliminate wrong answers

Option A is wrong because jumbo frames (typically 9216 bytes) are required for FCoE to encapsulate large SCSI data payloads, but disabling them would cause frame oversize drops, not 'no buffer space' drops. Option B is wrong because the FCoE VLAN not being trunked would result in no connectivity or VLAN mismatch errors, not buffer exhaustion drops. Option C is wrong because FIP snooping is a security feature that prevents unauthorized FCoE devices from joining the fabric; its absence could allow rogue devices but does not cause buffer drops due to PFC mismatches.

89
MCQhard

An engineer is configuring FCoE on a Cisco Nexus 5000 switch. The switch connects to a Fibre Channel storage array. The FCoE Initialization Protocol (FIP) snooping must be enabled. What is the effect of enabling FIP snooping?

A.It enables the switch to terminate FCoE VLANs.
B.It provides FC-BB_6 compliant FCoE traffic forwarding.
C.It enables the switch to act as an FCoE forwarder.
D.It constructs a database of ENode MAC addresses and FC-MAPs.
E.It allows the switch to enforce zone-based policy for FCoE traffic.
AnswerD

FIP snooping monitors FIP frames to build a database of authorized devices.

Why this answer

FIP snooping on a Cisco Nexus 5000 switch constructs a database of ENode MAC addresses and FC-MAPs by inspecting FIP discovery, advertisement, and login frames. This database is used to enforce FCoE traffic only between authorized ENodes and FCFs, preventing rogue devices from injecting FCoE traffic. It does not terminate FCoE VLANs, act as an FCoE forwarder, or enforce zone-based policies directly.

Exam trap

Cisco often tests the distinction between FIP snooping (a security feature that builds a database of MAC-to-FC-MAP bindings) and FCoE forwarding (which requires an FCF), leading candidates to mistakenly think snooping enables forwarding or termination.

How to eliminate wrong answers

Option A is wrong because FIP snooping does not terminate FCoE VLANs; VLAN termination is a function of an FCoE forwarder (FCF) or a bridge, not a snooping feature. Option B is wrong because FC-BB_6 compliance is a standard for FCoE operation, but FIP snooping itself does not provide compliant forwarding; it only monitors and filters FIP frames to secure the fabric. Option C is wrong because FIP snooping does not enable the switch to act as an FCoE forwarder; an FCoE forwarder is a separate entity that performs encapsulation and forwarding, while snooping is a passive security mechanism.

Option E is wrong because zone-based policy enforcement for FCoE traffic is handled by the Fibre Channel zoning configuration on the FCF or SAN fabric, not by FIP snooping on the switch.

90
MCQmedium

A company is deploying a new storage network using Cisco MDS 9700 switches. They have multiple host servers and storage arrays. The security policy requires that each host can only access its own LUNs. The solution must be efficient and not require reconfiguration when new hosts are added. Which approach best meets these requirements?

A.Traditional zone-based zoning with pWWNs
B.VSAN zoning
C.FSPF metric tuning
D.Smart Zoning
AnswerD

Smart Zoning reduces zone objects and simplifies management by automatically handling LUN masking.

Why this answer

Smart Zoning reduces the number of zone objects and simplifies management by automatically handling LUN masking based on initiator-target pairs. Traditional zoning would require manual zone creation for each new host. VSAN zoning is not a real concept, and FSPF is a routing protocol.

91
MCQhard

An iSCSI SAN is experiencing performance issues. The storage array and initiators are connected via a dedicated VLAN. The network team notices high jitter. What is the most effective mitigation?

A.Use multiple iSCSI sessions per initiator
B.Configure link aggregation between switches
C.Enable jumbo frames on all switches
D.Implement QoS to give iSCSI traffic higher priority
AnswerD

Correct: QoS reduces jitter by prioritizing iSCSI traffic.

Why this answer

Option A is correct because iSCSI depends on TCP; jitter causes retransmissions. QoS can prioritize iSCSI traffic to reduce jitter. Option B is incorrect because jumbo frames help throughput, not jitter.

Option C is incorrect because LAGs improve bandwidth, not jitter. Option D is incorrect because multipathing is for redundancy, not jitter.

92
Multi-Selecteasy

A storage network engineer is designing a Fibre Channel SAN with two Cisco MDS switches in a single VSAN. The design requires that if one switch fails, the storage traffic continues to flow without manual intervention. Which two technologies should be implemented?

Select 2 answers
A.NPV
B.Port channels
C.VSAN trunking
D.IVR
E.Fibre Channel multipathing
AnswersB, E

Port channels provide link redundancy but not switch-level redundancy.

Why this answer

Fibre Channel multipathing (E) is correct because it enables multiple physical paths between initiators and targets, allowing storage traffic to continue automatically if one switch fails. This is typically implemented using multipathing software (e.g., EMC PowerPath, native OS MPIO) that load-balances and fails over across redundant SAN fabrics without manual intervention.

Exam trap

Cisco often tests the misconception that Port channels (B) provide switch-level redundancy, but they only protect against link failures, not a complete switch failure, which requires multipathing across separate fabrics.

93
MCQhard

An engineer is troubleshooting a SAN performance issue. The MDS switch shows high CRC errors on an F port. The host is connected via a 16 Gbps FC link. The errors increase when the host sends large I/O. What is the most likely cause?

A.The host's HBA firmware is outdated.
B.The zone configuration is incorrect.
C.The host is experiencing buffer credit starvation.
D.The switch port is configured for 8 Gbps.
E.The cable length exceeds the supported distance for 16 Gbps.
AnswerE

16 Gbps FC has shorter reach; long cables cause CRC errors, especially under heavy load.

Why this answer

At 16 Gbps Fibre Channel, signal integrity degrades over long cable distances, causing bit errors that manifest as CRC errors on the F port. The error increase with large I/O is characteristic of marginal signal quality, as larger frames are more likely to encounter corrupted bits. Option E correctly identifies that the cable length exceeds the supported distance for 16 Gbps, typically 10 meters for OM3 multimode fiber or 100 meters for OM4, depending on the transceiver type.

Exam trap

Cisco often tests the distinction between physical-layer errors (CRC, running disparity) and higher-layer issues (buffer credits, zoning), so the trap here is that candidates confuse buffer credit starvation (a flow-control problem) with CRC errors (a signal-integrity problem).

How to eliminate wrong answers

Option A is wrong because outdated HBA firmware typically causes link instability or negotiation failures, not CRC errors that scale with I/O size. Option B is wrong because zone configuration errors cause connectivity or login issues, not CRC errors on an established link. Option C is wrong because buffer credit starvation causes performance degradation (e.g., reduced throughput) due to lack of credits, not CRC errors; CRC errors indicate physical-layer issues.

Option D is wrong because if the switch port were configured for 8 Gbps, the link would negotiate to 8 Gbps and CRC errors would not increase with large I/O at 16 Gbps; the symptom would be a speed mismatch, not CRC errors.

94
Multi-Selecthard

Which THREE statements accurately describe FCIP (Fibre Channel over IP) configurations on Cisco MDS switches?

Select 3 answers
A.FCIP uses VE_port (Virtual E_port) interfaces to connect to the FC fabric
B.FCIP requires IPsec for security over public networks
C.FCIP can be used in conjunction with Fibre Channel port channels
D.FCIP compression reduces the latency of the IP transport
E.FCIP can be configured on a GigabitEthernet interface
AnswersA, C, E

VE_ports terminate FCIP tunnels.

Why this answer

Options B, D, and E are correct. FCIP can operate over Gigabit Ethernet interfaces (B). FCIP can be combined with FC port channels to provide redundancy and load balancing (D).

FCIP uses Virtual E_ports (VE_ports) to connect to the FC fabric (E). Option A is wrong: Compression reduces bandwidth usage, not reduces bandwidth. Option C is wrong: IPsec is optional, not required.

95
Multi-Selecthard

An engineer is troubleshooting a performance issue on a Cisco MDS 9700 switch. The 'show interface fc1/1' output shows CRC errors incrementing slowly. The interface is connected to a storage array. Which two actions should the engineer take to resolve the issue?

Select 2 answers
A.Increase the MTU size on the interface.
B.Replace the fiber optic cable and SFP.
C.Enable BB_credit recovery on the interface.
D.Clear the interface counters.
E.Change the interface speed from auto to a fixed value.
AnswersB, C

Faulty cables or SFPs are common causes of CRC errors.

Why this answer

CRC errors on a Fibre Channel interface typically indicate physical-layer issues such as faulty cabling, damaged SFPs, or dirty optical connectors. Replacing the fiber optic cable and SFP (Option B) directly addresses the most common root cause of CRC errors. Additionally, enabling BB_credit recovery (Option C) helps mitigate performance degradation caused by buffer credit starvation, which can manifest as CRC-like symptoms in some scenarios.

Exam trap

Cisco often tests the distinction between physical-layer errors (CRC) and flow-control issues (BB_credit), tempting candidates to choose a single answer when both a physical fix and a protocol-level tuning are required.

96
Drag & Dropmedium

Sequence the steps to configure a VXLAN with BGP EVPN on a Cisco Nexus switch.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

VXLAN EVPN requires overlay feature, VNI mapping, VTEP loopback, BGP peering, and verification.

97
MCQhard

A large enterprise data center has a disaster recovery site 100 km away. The SAN uses two MDS 9700 series switches at each site, connected via a dedicated dark fiber. Each link operates at 16 Gbps with a round-trip time of 2 ms. Recently, backup jobs to the remote storage array have been failing with timeout errors. The backup server is local to Site A, but the backup target is in Site B. The link utilization never exceeds 40%, and no errors are reported on the interfaces. The engineer suspects the issue is related to buffer credits. The current buffer credit count on the ISL is 16. The engineer calculates that for 16 Gbps over 100 km (2 ms RTT), they need at least 200 credits to maintain full throughput. Which action is most appropriate to resolve the issue?

A.Enable NPIV on the ISL ports to allow multiple logins.
B.Increase the buffer-to-buffer credit count to 300 on the ISL interfaces.
C.Configure the ISL to operate at 8 Gbps to reduce the buffer credit requirement.
D.Implement FCIP over the existing dark fiber to offload buffer credit management.
AnswerB

More credits allow more frames in flight, avoiding timeout and maintaining throughput.

Why this answer

Increasing buffer credits resolves the timeout issue due to credit starvation. Option D is correct. Option A is wrong because the links are physically direct; FCIP is not needed.

Option B is wrong because NPIV is not related to buffer credits. Option C is wrong because reducing speed lowers performance.

98
MCQeasy

A data center architect is designing a SAN with two MDS switches using VSANs. Which method ensures traffic isolation between departments while allowing sharing of a tape library?

A.Use FCIP tunnels for each department.
B.Create separate VSANs and merge them for the tape library.
C.Create separate VSANs for each department and a shared VSAN for the tape library with inter-VSAN routing (IVR).
D.Use one VSAN for all departments and one zone for each department.
AnswerC

IVR allows selective sharing between VSANs.

Why this answer

Multiple VSANs isolate traffic, and a shared tape library can be placed in a common VSAN with appropriate zones. Option D is correct. Option A is wrong because a single VSAN does not isolate.

Option B is wrong because merging VSANs loses isolation. Option C is wrong because FCIP is for distance.

99
MCQeasy

An NFS client is unable to write to a mounted export. The client can read files. What is the most likely cause?

A.Export permissions are read-only for the client
B.Network latency causing timeouts
C.Incorrect mount options (e.g., ro instead of rw)
D.NFS version mismatch
AnswerA

Correct: Read-only export allows reads but denies writes.

Why this answer

Option C is correct because write access requires proper permissions on both the export and the user. Option A is incorrect because NFS version does not affect read/write. Option B is incorrect because mount options affect mounting, not file operations.

Option D is incorrect because network issues would prevent both read and write.

100
MCQmedium

A Cisco MDS switch is configured with fabric binding to restrict which switches can join the fabric. A new switch is added, but it fails to establish an E-port connection. What is the most likely cause?

A.Incompatible SFP modules between the switches
B.Incorrect zoning configuration on the existing switch
C.The new switch has a higher priority than the principal switch
D.The new switch's WWN is not included in the fabric binding configuration
AnswerD

Fabric binding rejects unauthorized switches.

Why this answer

Option B is correct: Fabric binding uses the switch WWN to allow or deny switches. If the new switch's WWN is not in the allowed list, the E-port will not come up. Option A is wrong: Incompatible SFP would cause link issues regardless of fabric binding.

Option C is wrong: Zoning does not affect E-port formation. Option D is wrong: Switch priority affects principal switch selection, not E-port formation.

101
MCQhard

A data center deployment uses NPV mode on a Cisco MDS switch to connect to a core Fibre Channel switch. After configuration, the NPV switch does not register with the core. What is the most likely cause?

A.Fibre Channel ports are in trunk mode.
B.The core switch has NPV mode enabled.
C.NPIV is not enabled on the core switch.
D.The NPV switch has an incorrect domain ID.
AnswerC

Core must have NPIV enabled for NPV.

Why this answer

NPV (N_Port Virtualization) mode requires NPIV (N_Port ID Virtualization) to be enabled on the core Fibre Channel switch. NPIV allows a single physical N_Port to register multiple FCIDs (Fibre Channel IDs) for multiple virtual initiators behind the NPV switch. Without NPIV on the core, the NPV switch cannot complete the FLOGI (Fabric Login) process and will not register with the fabric.

Exam trap

Cisco often tests the distinction between NPV and NPIV, trapping candidates who confuse the two or assume that enabling NPV on both sides is required.

How to eliminate wrong answers

Option A is wrong because trunk mode on Fibre Channel ports (E_Port or TE_Port) is used for ISL (Inter-Switch Link) connections between core switches, not for NPV uplinks, which use NP_Ports. Option B is wrong because enabling NPV mode on the core switch would break the NPV architecture; NPV is only enabled on the edge switch (the NPV switch), while the core must operate in standard Fibre Channel switch mode (with NPIV enabled). Option D is wrong because domain IDs are assigned by the principal switch in the fabric and are not configured manually on NPV switches; NPV switches do not participate in domain ID distribution as they are not full switches in the fabric.

102
MCQeasy

Which FCoE component is responsible for encapsulating Fibre Channel frames into Ethernet frames?

A.FCoE module on the switch or adapter
B.FCoE Forwarder (FCF)
C.Virtual Fibre Channel interface (VFC)
D.VN interface
AnswerA

The FCoE module performs encapsulation/decapsulation.

Why this answer

The FCoE module on the switch or adapter is the component that performs the encapsulation of native Fibre Channel frames into Ethernet frames. This module handles the conversion by adding an Ethernet header, including the EtherType 0x8906 for FCoE, and managing the mapping of Fibre Channel constructs (e.g., VSANs) to VLANs. Without this module, Fibre Channel traffic cannot traverse an Ethernet network.

Exam trap

Cisco often tests the distinction between the component that performs encapsulation (FCoE module) and the logical interfaces or forwarding entities (VFC, VN, FCF) that rely on that encapsulation, leading candidates to confuse the control-plane role of the FCF or the logical nature of VFC/VN interfaces with the actual encapsulation function.

How to eliminate wrong answers

Option B (FCoE Forwarder or FCF) is wrong because the FCF is a control-plane device that provides Fibre Channel forwarding services (e.g., fabric login, name server) and connects FCoE VLANs to Fibre Channel SANs, but it does not perform the actual encapsulation of frames; that is done by the FCoE module. Option C (Virtual Fibre Channel interface or VFC) is wrong because a VFC is a logical interface that binds to an Ethernet interface and represents a Fibre Channel port in software, but it does not encapsulate frames; it relies on the underlying FCoE module for encapsulation. Option D (VN interface) is wrong because a VN interface is a virtual N_port (node port) that appears to the Fibre Channel stack as a standard N_port, but it is a logical construct that uses the FCoE module for encapsulation; it does not perform the encapsulation itself.

103
MCQhard

A company is deploying a multi-tenant environment with several virtualized hosts using NPIV. Each virtual machine requires its own WWPN. During testing, some VMs cannot log into the SAN. The MDS switch logs show 'FLOGI rejected: no available resources'. What is the most likely cause?

A.The maximum FC frame size is set incorrectly on the switch
B.The VSAN maximum number of devices has been reached
C.The zone set is full and cannot accept more members
D.The NPIV limit or the number of allowed logins has been exceeded on the upstream switch
AnswerD

By default, NPIV max logins may be hit with many VMs.

Why this answer

The error 'FLOGI rejected: no available resources' on an MDS switch in an NPIV environment indicates that the switch has exhausted its allocated resources for handling fabric logins (FLOGIs) from N_Port ID Virtualization (NPIV) initiators. NPIV allows multiple virtual WWPNs to share a single physical FC port, but each virtual login consumes a login resource on the upstream switch. When the NPIV limit or the maximum number of allowed logins per interface or per VSAN is exceeded, the switch rejects new FLOGIs, preventing VMs from logging into the SAN.

Exam trap

Cisco often tests the distinction between resource exhaustion (NPIV login limits) and configuration errors (zoning or VSAN device limits) by using the specific error message 'FLOGI rejected: no available resources', which candidates mistakenly attribute to zoning or VSAN device limits instead of NPIV login resource depletion.

How to eliminate wrong answers

Option A is wrong because the maximum FC frame size (e.g., 2112 bytes vs. 1024 bytes) affects data transmission efficiency and fragmentation, not the ability to perform a fabric login (FLOGI), which is a control-plane operation. Option B is wrong because the VSAN maximum number of devices (configurable via 'fabric-limit device-login-limit') would cause a different error, such as 'device not allowed' or 'login denied', not a resource exhaustion error for FLOGI. Option C is wrong because a full zone set prevents new zone members from being added or activated, but it does not block an existing zone member's FLOGI; the error 'FLOGI rejected: no available resources' is a login resource issue, not a zoning configuration issue.

104
MCQeasy

A small business has a Cisco MDS 9148S switch with a single fabric. Two hosts are connected to ports fc1/1 and fc1/2, and a storage array is connected to ports fc1/3 and fc1/4. The administrator wants to ensure that each host can only see its own assigned LUNs on the array. They have configured a zone for each host containing the host pWWN and the target pWWN for the respective LUNs. However, Host A is able to see Host B's LUNs. What is the most likely cause?

A.The zone is not active
B.The zones are not in the same VSAN
C.The target ports are using soft zoning
D.The zoning configuration is using a zone alias that includes both hosts
AnswerD

A zone alias containing both hosts would place them in the same zone, allowing cross-access.

Why this answer

The most likely cause is that the zoning configuration uses a zone alias that includes both hosts, causing unintended access. If zones were not active, no access would occur. Soft zoning is not a concept in MDS (hard zoning is used), and VSAN misconfiguration would isolate at a higher level.

105
MCQeasy

An engineer is configuring a Fibre Channel over Ethernet (FCoE) SAN. Which statement about FCoE Initialization Protocol (FIP) is true?

A.FIP operates only over lossless Ethernet.
B.FIP uses Ethernet MAC addresses for communication.
C.FIP is used only for FCoE initialization, not for maintenance.
D.FIP requires IP addresses to establish FCoE sessions.
AnswerB

FIP uses MAC addresses for discovery and login.

Why this answer

FCoE Initialization Protocol (FIP) uses Ethernet MAC addresses for communication during the discovery, initialization, and maintenance phases of an FCoE session. FIP frames are encapsulated in standard Ethernet frames with a specific EtherType (0x8914), allowing FCoE-capable endpoints to discover each other and establish virtual links without relying on IP addresses.

Exam trap

Cisco often tests the misconception that FIP requires IP addresses or that it is only used during initialization, when in fact FIP uses MAC addresses and also handles ongoing session maintenance like keep-alives.

How to eliminate wrong answers

Option A is wrong because FIP operates over lossless Ethernet (using priority flow control, PFC), but it is not limited to lossless Ethernet; FIP can also run over lossy Ethernet for discovery and initialization, though data traffic requires lossless Ethernet. Option C is wrong because FIP is used not only for initialization but also for ongoing maintenance, such as keep-alive messages (FIP VLAN request, FIP keep-alive) to monitor and maintain the FCoE session. Option D is wrong because FIP does not require IP addresses; it uses Ethernet MAC addresses and FCoE-specific EtherTypes to establish and manage FCoE sessions, avoiding the IP layer entirely.

106
MCQmedium

Refer to the exhibit. A server connected to interface fc1/3 on the MDS switch cannot log in to the fabric. The server's HBA WWPN is 10:00:00:00:c9:2b:1a:62. What is the most likely reason for the login failure?

A.NPIV is disabled on the port
B.The server's WWPN is not in the active zone set
C.Interface fc1/3 is not assigned to VSAN 100
D.The link speed is mismatched between switch and HBA
AnswerC

Without correct VSAN, the port cannot participate.

Why this answer

The FLOGI database shows logins on fc1/1, fc1/2, and fc1/4, but no entry for fc1/3. The WWPN is not listed, indicating it never logged in. The most common cause is that the port is not in the same VSAN (100) or not configured correctly.

Since other ports on the same switch show VSAN 100, likely fc1/3 is in a different VSAN or not enabled. Option C is correct. Option A (zoning) would show FLOGI but then reject.

Option B (NPIV) not relevant. Option D (speed) would cause errors but not missing FLOGI.

107
MCQeasy

An engineer notices that the LED of an FC interface is off on a Cisco MDS switch. The interface is up/up. What is the most likely cause?

A.The port LED firmware is corrupted.
B.The interface is administratively down.
C.The link is up but the LED is disabled in software configuration.
D.The SFP is faulty.
AnswerC

On some MDS switches, the LED can be turned off via 'no led enable' interface command.

Why this answer

On Cisco MDS switches, the interface LED can be administratively disabled via the `no led` command in interface configuration mode, even when the interface is fully operational (up/up). This allows operators to selectively turn off LEDs for troubleshooting or to reduce visual noise in a data center, without affecting traffic. The LED being off while the interface shows up/up directly points to this software-based LED disablement.

Exam trap

Cisco often tests the misconception that an LED off always indicates a hardware or link issue, when in fact the LED can be software-disabled independently of the interface operational state.

How to eliminate wrong answers

Option A is wrong because LED firmware corruption would typically cause erratic behavior (e.g., blinking incorrectly or staying stuck in one state) rather than a consistent off state with a fully functional interface. Option B is wrong because an administratively down interface would show as 'down/down' in the show interface output, not 'up/up'. Option D is wrong because a faulty SFP would cause the link to be down (e.g., 'down/down' or 'up/down' with CRC errors), not an up/up state with the LED off.

108
Matchingmedium

Match each Cisco storage protocol to its characteristic.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Lossless, high-speed block storage over dedicated fabric

Block storage over TCP/IP networks

High-performance flash storage over RDMA

Fibre Channel frames encapsulated in Ethernet

File-level storage access over network

Why these pairings

Understanding storage protocols is critical for data center design.

109
Multi-Selecthard

Which THREE factors should be considered when designing an FCoE SAN to avoid traffic loss? (Choose three.)

Select 3 answers
A.Use standard Ethernet cut-through switching for all FCoE traffic.
B.Enable priority flow control (PFC) on all FCoE-enabled interfaces.
C.Use a dedicated FCoE VLAN that is not used for any other traffic.
D.Disable the FIP snooping feature to reduce latency.
E.Ensure that the FCoE Maximum Transmission Unit (MTU) is set to 2500 bytes.
AnswersB, C, E

PFC is essential to prevent frame loss due to congestion.

Why this answer

Options A, B, D are correct. C and E are incorrect.

110
MCQmedium

An administrator notices that a new server connected to a Fibre Channel switch cannot log in. The 'show flogi database' command does not show the server's WWPN. What is the most likely cause?

A.Trunking mode not enabled on the port
B.Incorrect zoning configuration
C.Speed mismatch between the server and switch
D.Port security enabled with WWN mismatch
AnswerD

Correct: Port security restricts which WWNs can log in.

Why this answer

The 'show flogi database' command lists all devices that have successfully completed the Fabric Login (FLOGI) process. If the server's WWPN is absent, it indicates that the FLOGI request was rejected by the switch. Port security with a WWN mismatch is the most likely cause because the switch is configured to allow only specific WWPNs, and the server's WWPN does not match the allowed list, causing the switch to silently drop the FLOGI request without logging the device.

Exam trap

Cisco often tests the distinction between FLOGI rejection (port security, fabric binding) and post-login restrictions (zoning, VSAN membership), so candidates mistakenly choose 'incorrect zoning' because they confuse zoning with port-level authentication.

How to eliminate wrong answers

Option A is wrong because trunking mode (E_port or TE_port) is used for inter-switch links (ISL), not for server-facing F_ports; a server connected to an F_port does not require trunking to perform FLOGI. Option B is wrong because incorrect zoning configuration would allow the server to log in (appear in 'show flogi database') but then prevent communication with other devices; zoning does not block the FLOGI process itself. Option C is wrong because a speed mismatch between the server and switch would prevent link initialization (the port would be in a non-operational state), but the 'show flogi database' command would not show the WWPN because the link would never come up; however, the question states the server is connected, implying link is up, and speed negotiation (auto-negotiation) typically handles mismatches without silently dropping FLOGI.

111
MCQhard

Based on the exhibited FLOGI database, what is the state of the interface fc1/1?

A.It is an F port with a hub attached.
B.It is an NP port (proxy FW) because multiple FCIDs appear on the same interface.
C.It is a trunking E port.
D.It is a disabled port because there are two WWNs.
AnswerB

Multiple FCIDs from different WWNs on a single interface indicate NPIV, which is typical for NPV uplink or FCoE.

Why this answer

The FLOGI database shows multiple FCIDs (0x010000, 0x010001) associated with the same interface fc1/1, which is characteristic of an NP port (proxy FW) in NPV mode. An NP port acts as a proxy for multiple end devices behind it, such as in a Fibre Channel NPV switch or a converged network adapter (CNA) in FCoE NPV mode, allowing multiple FCIDs to share a single physical link.

Exam trap

The trap here is that candidates often assume multiple FCIDs on one interface indicate a trunking E port or a misconfiguration, but in NPV mode, an NP port legitimately proxies multiple FCIDs, which is a key distinguishing feature tested in the 350-601 exam.

How to eliminate wrong answers

Option A is wrong because an F port connects to a single N port (end device) and would show only one FCID per interface; a hub attached to an F port would still present a single FCID from the hub's perspective, not multiple distinct FCIDs. Option C is wrong because a trunking E port connects two switches and would show multiple FCIDs only if multiple VSANs are trunked, but the FLOGI database would list the same FCID across different VSANs, not multiple FCIDs on the same interface within a single VSAN. Option D is wrong because having two WWNs does not disable a port; a disabled port would not appear in the FLOGI database at all, and multiple WWNs are normal for NP ports or multi-homed devices.

112
MCQmedium

A Cisco MDS switch is configured in NPV mode. A host connected to this switch fails to log into the SAN. Which command should be used to verify the host's FLOGI status?

A.show zone
B.show fcns database
C.show flogi database module <module>
D.show flogi database
E.show port-channel summary
AnswerC

This command shows FLOGIs on a specific module, which is more precise when troubleshooting a host on a known module.

Why this answer

In NPV mode, the MDS switch acts as a passthrough and does not maintain its own FLOGI database; instead, it forwards FLOGI requests to the upstream NPIV-capable switch. The 'show flogi database module <module>' command is used on the NPV switch to verify the host's FLOGI status because it displays the FLOGI entries learned from the upstream switch for the specific module where the host is connected, which is essential for troubleshooting login failures.

Exam trap

Cisco often tests the distinction between NPV mode and standard switch mode, where candidates mistakenly use 'show flogi database' without the module parameter, not realizing that NPV switches require the module keyword to display FLOGI entries.

How to eliminate wrong answers

Option A is wrong because 'show zone' displays zone configurations and members, not FLOGI or login status. Option B is wrong because 'show fcns database' shows the Fibre Channel Name Server database (registered FC-4 types and WWNs), which is populated after successful FLOGI and login, not the FLOGI status itself. Option D is wrong because 'show flogi database' without the module keyword is not valid on an NPV switch; the command requires the module parameter to specify the line card or port module.

Option E is wrong because 'show port-channel summary' displays port-channel interface status and load-balancing, not FLOGI or host login information.

113
MCQhard

A storage administrator notices that a host is unable to see a LUN after zoning is configured. The zone contains the host WWPN and the target WWPN. The LUN is not masked at the storage array. What is the most likely cause?

A.LUN masking is not configured on the storage array.
B.The host requires NPIV to be enabled.
C.The host is in a different VSAN.
D.The zone is incorrectly configured.
AnswerA

LUN masking is required to present LUNs to specific hosts.

Why this answer

The host cannot see the LUN because LUN masking is not configured on the storage array. Even with correct zoning (host WWPN to target WWPN), the storage array must explicitly grant access to specific LUNs for a given initiator WWPN. Without LUN masking, the target will not present the LUN to the host, regardless of zone membership.

Exam trap

Cisco often tests the distinction between fabric-level zoning (which controls which ports can communicate) and storage-array-level LUN masking (which controls which LUNs are visible to an initiator), leading candidates to incorrectly assume zoning alone grants LUN access.

How to eliminate wrong answers

Option B is wrong because NPIV (N_Port ID Virtualization) is used to allow multiple virtual initiators to share a single physical port, which is unrelated to LUN visibility after zoning. Option C is wrong because if the host were in a different VSAN, the zone would not be effective at all (zones are VSAN-specific), but the question states zoning is configured and the host cannot see the LUN, not that zoning fails. Option D is wrong because the zone is correctly configured (contains host WWPN and target WWPN), so incorrect zone configuration is not the cause.

114
MCQeasy

Based on the exhibited output, what is the status of the interface?

A.The interface is up but has no license.
B.The interface is in trunk mode and licensed.
C.The interface is operational and licensed.
D.The interface is down due to no license.
AnswerA

The interface is up but lacks a license; it may be using grace period.

Why this answer

The interface is up (line protocol is up) but the output shows 'license not installed' or similar, meaning the port is administratively up but lacks the required license for full functionality. In Cisco MDS/Nexus storage networks, interfaces can be in an 'up' state without a license, but they will not pass traffic or operate in the licensed mode until the license is installed.

Exam trap

Cisco often tests the distinction between an interface being 'up/up' and being fully licensed, leading candidates to assume that an up interface is automatically operational and licensed, when in fact it may be in a 'no-license' state that prevents data forwarding.

How to eliminate wrong answers

Option B is wrong because the interface is not in trunk mode (the output shows access mode or no trunking) and it is not licensed. Option C is wrong because the interface is not operational in the sense of passing traffic; it is up but unlicensed, so it cannot forward data. Option D is wrong because the interface is not down; it is up (line protocol up) but lacks a license, which is a different state from being administratively or protocol down.

115
MCQeasy

Which FCoE feature allows multiple VLANs to be carried over a single physical link when using FIP snooping?

A.NPV
B.VSANs
C.FIP snooping
D.Port channels
AnswerC

FIP snooping enables multiple FCoE VLANs on a link.

Why this answer

FIP snooping (Fibre Channel over Ethernet Initialization Protocol snooping) is used in FCoE environments to enable multiple FCoE VLANs on a single link. Option A is wrong because VSANs are for Fibre Channel. Option B is wrong because NPV is for Fibre Channel.

Option D is wrong because port channels are for link aggregation, not VLAN support.

116
MCQmedium

Refer to the exhibit. After applying this configuration, the engineer activates the zoneset with 'zoneset activate name ZONESET1 vsan 10'. The host with pwwn 10:00:00:00:c9:aa:bb:01 can communicate with the target with pwwn 10:00:00:00:c9:aa:bb:02. However, the host reports that it cannot see a third target with pwwn 10:00:00:00:c9:aa:bb:03. What is the most likely reason?

A.The third target is in a different VSAN.
B.The third target is not a member of ZONE1.
C.The zone name is case-sensitive and does not match.
D.The zoneset was not activated successfully.
AnswerB

Zoning restricts access; only members of the same zone can communicate.

Why this answer

The host can communicate with the target in ZONE1 (pwwn 10:00:00:00:c9:aa:bb:02) but not with the third target (pwwn 10:00:00:00:c9:aa:bb:03). This indicates that the zoneset activation was successful and the host is in the correct VSAN. The most likely reason is that the third target is not a member of ZONE1; in Fibre Channel zoning, only members of the same zone can communicate, and a device not in the zone will be invisible to other zone members.

Exam trap

The trap here is that candidates may assume the third target is in a different VSAN or that the zoneset activation failed, but the key is that successful communication with one target proves the zoneset is active and the host is in the correct VSAN, so the issue must be that the third target is simply not a member of the zone.

How to eliminate wrong answers

Option A is wrong because the host can already communicate with one target in VSAN 10, and the zoneset was activated on VSAN 10; if the third target were in a different VSAN, it would not be part of the same zoneset and would be invisible, but the question states the host cannot see it, implying it might be in the same VSAN but not zoned. Option C is wrong because zone names in Cisco NX-OS are case-sensitive, but the exhibit shows the zone name as 'ZONE1' and the zoneset activation command uses 'ZONESET1' — the mismatch is between the zoneset name and the zone name, not a case issue; the zone name itself is correctly referenced in the zoneset membership. Option D is wrong because the host can communicate with the first target, which proves the zoneset was activated successfully; if activation had failed, no communication would occur.

117
Multi-Selecteasy

Which TWO are required for FCoE communication on a Nexus switch configured as an FCF? (Choose two.)

Select 2 answers
A.Jumbo frame support on the VLAN
B.VSAN configuration for the FCoE VLAN
C.NPV enabled on the switch
D.A dedicated FCoE VLAN
E.DCBX exchange to enable priority flow control
AnswersD, E

Correct: FCoE traffic is mapped to a specific VLAN.

Why this answer

In an FCoE FCF (Fabric Connect) configuration on a Nexus switch, a dedicated FCoE VLAN is required to carry FCoE traffic. This VLAN must be separate from standard Ethernet VLANs to prevent FCoE frames from being processed as regular Ethernet frames. Additionally, DCBX (Data Center Bridging Exchange) must be used to negotiate and enable Priority Flow Control (PFC) on the link, ensuring lossless behavior for FCoE traffic.

Exam trap

Cisco often tests the distinction between a dedicated FCoE VLAN (required) and jumbo frame support (optional), leading candidates to mistakenly select jumbo frames as a requirement when they are not mandatory for basic FCoE operation.

118
MCQhard

In a Cisco MDS switch, what is the effect of the command 'fcdomain restart vsan 100'?

A.It enables NPV mode on VSAN 100.
B.It clears the zone configuration for VSAN 100.
C.It reboots the switch.
D.It causes a fabric reconfiguration, which may disrupt traffic.
AnswerD

Domain restart disrupts traffic.

Why this answer

The 'fcdomain restart vsan 100' command triggers a fabric reconfiguration (RCF) on VSAN 100. This process resets the principal switch selection and domain ID distribution, causing all switches in the VSAN to renegotiate their roles and domain IDs, which disrupts existing Fibre Channel traffic during the reconfiguration.

Exam trap

Cisco often tests the distinction between fabric-level commands (like 'fcdomain restart') and switch-level commands (like 'reload'), leading candidates to mistakenly think a fabric reconfiguration is equivalent to a switch reboot.

How to eliminate wrong answers

Option A is wrong because enabling NPV mode requires the 'feature npv' command and 'npv enable' on the interface, not 'fcdomain restart'. Option B is wrong because clearing the zone configuration is done with 'zone commit' or 'no zone' commands, not 'fcdomain restart', which only affects the fabric domain parameters. Option C is wrong because 'fcdomain restart' only restarts the fabric domain service for the specified VSAN, not the entire switch; a switch reboot would require the 'reload' command.

119
Multi-Selectmedium

Which TWO of the following are characteristics of NPV (N-Port Virtualization) in a Cisco MDS fabric?

Select 2 answers
A.It enables multiple hosts to share the same physical uplink.
B.It reduces the number of domain IDs required.
C.It allows the edge switch to appear as a virtual host to the core switch.
D.It requires FC-SP authentication.
E.It is only supported on 8 Gbps or higher ports.
AnswersA, B

NPIV allows multiple FLOGIs over a single NP port.

Why this answer

NPV (N-Port Virtualization) allows multiple hosts to share a single physical uplink from an NPV switch to a core NPIV-enabled switch. This is achieved by multiplexing multiple Fibre Channel N-Port IDs over the same physical link, reducing the number of domain IDs required in the fabric because the NPV switch does not participate in principal switch selection or domain ID distribution. The core switch sees each host as a separate virtual N_Port, but the NPV switch itself does not consume a domain ID.

Exam trap

Cisco often tests the misconception that NPV requires the edge switch to appear as a virtual host to the core, when in fact it is the hosts that appear as virtual N_Ports, not the switch itself.

120
MCQeasy

In a Fibre Channel SAN, a technique is used to allow multiple initiators to share a single physical FC port by assigning multiple N-port IDs. What is this technique called?

A.N_Port ID Virtualization (NPIV)
B.NPIV is exclusive to FCoE environments
C.NPIV is only available on initiator HBAs
D.N_Port Virtualization (NPV)
AnswerA

NPIV allows multiple FCIDs per physical port.

Why this answer

Option B is correct: NPIV (N_Port ID Virtualization) assigns multiple FCIDs per physical port, enabling virtualized initiators. Option A is wrong because NPV (N_Port Virtualization) reduces domain IDs but does not allocate multiple N-port IDs per port. Option C is wrong because NPIV works on native FC, not just FCoE.

Option D is wrong because NPIV is supported on both switches and HBAs.

121
MCQeasy

A storage administrator has been tasked with integrating a new Cisco MDS 9706 switch into an existing Fibre Channel SAN. The existing SAN consists of two Cisco MDS 9148S switches configured in a VSAN 100 with a single zone set that contains all initiator and target WWPNs. The administrator connects the new switch to one of the existing switches using an ISL and configures the new switch with VSAN 100 and the same zone configuration. The administrator activates the zone set on the new switch and verifies that the ISL is up and both switches see each other's Fibre Channel IDs. However, servers attached to the existing switches still cannot discover the storage targets that are connected to the new switch. The administrator has confirmed that the ISL is operational and that the zone set on the new switch is activated with the correct WWPNs. What should the administrator check next?

A.Confirm that the zone set on the new switch is activated and contains correct WWPNs.
B.Ensure that the trunk protocol is enabled on the ISL and that allowed VSANs include VSAN 100.
C.Check that the new switch's domain ID is unique and not conflicting.
D.Verify that the new switch's target-facing interfaces are not in shutdown state.
AnswerD

Interfaces must be administratively enabled to allow login.

Why this answer

The most likely cause is that the target-facing interfaces on the new switch are in administrative shutdown. The first logical next step is to verify that the interfaces to the storage targets are not shutdown (Option A). Option B is already confirmed.

Option C is not necessary in a single VSAN environment. Option D is unlikely because the ISL is operational, indicating no domain ID conflict.

122
MCQmedium

Refer to the exhibit. An engineer sees this error on a Cisco MDS switch. What is the best action to resolve the issue?

A.Reload both switches to reset domain IDs.
B.Shut and no shut the ISL between the switches.
C.Assign a different domain ID to one of the switches.
D.Change the VSAN on one of the switches.
AnswerC

Each switch in a fabric must have a unique domain ID.

Why this answer

The error indicates a domain ID conflict between two switches in the same VSAN. In Fibre Channel fabrics, each switch must have a unique domain ID to build a correct forwarding table. Assigning a different domain ID to one of the switches resolves the conflict without disrupting the fabric.

Exam trap

Cisco often tests the misconception that a link flap or reboot will fix a domain ID conflict, when in fact the root cause is a duplicate domain ID that must be manually changed on one switch.

How to eliminate wrong answers

Option A is wrong because reloading both switches would temporarily clear the conflict but does not prevent it from recurring once the switches come back up with the same domain IDs. Option B is wrong because shutting and no shutting the ISL only resets the link state; it does not address the underlying domain ID duplication, so the conflict will persist. Option D is wrong because changing the VSAN would isolate the switches into different fabrics, which is an overly disruptive solution and not necessary when a simple domain ID reassignment resolves the issue.

123
MCQmedium

An organization has four Cisco MDS 9700 directors connected in a full-mesh topology. They use VSANs to separate production, backup, and management traffic. The backup VSAN is experiencing high latency and occasional timeouts. The engineer runs the 'show fcspf routes' command and notices that the path from the backup host to the backup target has an uneven hop count across different paths. The links are all 16 Gbps. The engineer also notes that the backup target is connected to a different director than the backup host. Which action is most likely to improve performance?

A.Configure IVR to route backup traffic over a dedicated path
B.Decrease the FSPF cost on the direct links
C.Increase the FSPF cost on the direct links
D.Implement load balancing using multiple PortChannels
AnswerB

Lowering cost makes the direct path more preferred, reducing hop count and latency.

Why this answer

Decreasing the FSPF cost on the direct links encourages traffic to take shorter paths, reducing hop count and latency. Increasing cost would push traffic away, making it worse. IVR is for inter-VSAN routing, not intra-VSAN.

Load balancing via PortChannels increases bandwidth but does not directly reduce latency from long paths.

124
MCQmedium

A network engineer is deploying FCoE in a top-of-rack design. Which statement about the required lossless Ethernet fabric is correct?

A.Data Center Bridging Exchange (DCBX) automatically enables PFC when FCoE is configured
B.FCoE uses VLAN 1002 by default for all traffic
C.FCoE frames are limited to 1500 bytes to avoid fragmentation
D.Priority Flow Control (PFC) must be enabled to create lossless CoS
AnswerD

PFC ensures lossless behavior for FCoE frames.

Why this answer

Option A is correct: Priority Flow Control (PFC) is mandatory for FCoE to ensure no frames are dropped due to congestion. Option B is wrong because DCBX is used to negotiate PFC, but PFC itself is the mechanism. Option C is wrong: FCoE uses a dedicated VLAN (typically 1002–1003 but can be assigned).

Option D is wrong: FCoE maximum frame size is 2240 bytes (or 2500 with jumbo).

125
MCQhard

During a fabric reconfigure event, which behavior is expected if all switches are running the same Cisco SAN-OS version and have the same domain ID configuration?

A.The principal switch selection will re-elect based on highest WWN.
B.The principal switch will force a new domain ID assignment.
C.A domain ID conflict will cause a segmentation of the fabric.
D.The fabric will merge without any issues as long as VSANs match.
AnswerC

Duplicate domain IDs cause fabric segmentation; the switches will not merge.

Why this answer

Option B is correct. Duplicate domain IDs cause fabric segmentation. Options A, C, D are incorrect.

126
MCQhard

An organization uses FCIP to extend their SAN between two data centers over a 100 Mbps WAN link with 80 ms latency. The storage traffic includes large sequential writes. Which statement best describes the benefit of enabling compression on the FCIP tunnel?

A.Compression reduces end-to-end latency
B.Compression improves effective throughput over the WAN link
C.Compression is recommended only when the link has high packet loss
D.Compression eliminates the need for jumbo frames
AnswerB

Reduces data volume, so more data can be sent within the limited bandwidth.

Why this answer

Option C is correct: Compression reduces the amount of data sent over the WAN, effectively improving throughput when bandwidth is limited. Option A is wrong: Compression adds latency due to processing. Option B is wrong: While compression reduces bandwidth usage, the benefit here is throughput improvement, not latency reduction.

Option D is wrong: Compression is not recommended on lossy links because it can cause issues.

127
Multi-Selecthard

Which TWO statements about NPV (N_Port Virtualization) mode in FC networks are correct?

Select 2 answers
A.NPV is commonly used in top-of-rack (ToR) deployments to simplify SAN cabling.
B.An NPV switch connects to the core switch using E-ports.
C.NPV switches can be used to connect FC and FCoE devices without a separate FCoE VLAN.
D.NPV reduces the number of FC domain IDs required in the fabric.
E.NPV switches perform fabric login (FLOGI) on behalf of attached devices.
AnswersA, D

NPV switches are placed at the top of the rack to aggregate server connections.

Why this answer

Option A is correct because NPV is specifically designed for top-of-rack (ToR) deployments to reduce the number of physical cables and simplify SAN cabling. In NPV mode, the ToR switch acts as a transparent proxy, forwarding FLOGI requests from end devices to the core NPV-enabled switch, which handles all fabric services. This eliminates the need for each ToR switch to have its own domain ID, reducing management complexity.

Exam trap

Cisco often tests the distinction between NP-ports and E-ports, and the trap here is that candidates mistakenly think NPV switches use E-ports for uplinks, when in fact they use NP-ports to avoid introducing additional domain IDs.

128
MCQmedium

A SAN administrator notices intermittent connectivity issues between an initiator and target. The Fibre Channel link shows CRC errors. What is the most likely cause?

A.Incorrect domain ID.
B.Faulty SFP or fiber optic cable.
C.Buffer credit starvation.
D.Incorrect zone configuration.
AnswerB

Physical layer issues cause CRC errors.

Why this answer

CRC errors on a Fibre Channel link indicate physical-layer issues such as signal degradation, dirty connectors, or faulty hardware. The most common cause is a faulty SFP module or damaged fiber optic cable, which introduces bit errors that the CRC check detects. This is the first component to verify when troubleshooting intermittent connectivity with CRC errors.

Exam trap

Cisco often tests the distinction between physical-layer errors (CRC) and higher-layer issues (zoning, domain ID, buffer credits) to see if candidates can map symptoms to the correct OSI layer.

How to eliminate wrong answers

Option A is wrong because an incorrect domain ID would cause fabric segmentation or routing issues, not physical-layer CRC errors. Option C is wrong because buffer credit starvation results in frame drops and credit recovery delays, not CRC errors. Option D is wrong because an incorrect zone configuration would cause access control failures (e.g., frames being discarded at the switch), not CRC errors on the link.

129
Multi-Selecteasy

Which TWO statements about NPV (N_Port Virtualization) are correct? (Choose two.)

Select 2 answers
A.NPV allows a NPV switch to forward traffic from multiple host ports to the core switch via a few uplinks.
B.NPV helps scale the fabric by reducing the number of FC domain IDs required.
C.NPV uses Inter-VSAN Routing (IVR) to forward traffic between VSANs.
D.NPV requires FCoE encapsulation.
E.NPV allows a single physical port to have multiple N-port IDs.
AnswersA, B

NPV aggregates multiple ports to uplinks.

Why this answer

NPV allows a switch to act as a proxy for N-port login to a core switch. Option A is correct: NPV reduces the number of domain IDs. Option B is wrong: NPV does not require FCoE; it works with native FC.

Option C is correct: NPV is used in edge switches to connect many hosts to a core fabric. Option D is wrong: NPIV is for multiple N-port IDs on a single physical port, not NPV. Option E is wrong: NPV does not need IVR; it uses a single uplink.

130
MCQmedium

Based on the exhibited output, what can be concluded about the fabric?

A.The fabric contains a domain ID conflict.
B.The device with FCID 0x010002 is a disk array.
C.There are three initiators and one target.
D.The device with FCID 0x010003 is a loop-attached device.
AnswerD

The 'NL' type indicates a loop-attached node (public loop).

Why this answer

Option B is correct. 'NL' indicates loop-attached. Others are incorrect based on output.

131
Multi-Selectmedium

Which TWO commands are used to verify Fibre Channel connectivity issues on a Cisco MDS switch? (Choose two.)

Select 2 answers
A.show ip interface brief
B.show mac address-table
C.show vlan
D.show interface fc <slot/port>
E.show flogi database
AnswersD, E

Shows interface status, errors.

Why this answer

Option D is correct because the 'show interface fc <slot/port>' command displays detailed status, errors, and operational state of a specific Fibre Channel interface, which is essential for diagnosing physical or link-level connectivity issues on a Cisco MDS switch. Option E is correct because the 'show flogi database' command lists all N-port (host) logins registered with the fabric via the Fabric Login (FLOGI) process, verifying that end devices have successfully established a session with the switch and are visible in the Fibre Channel fabric.

Exam trap

Cisco often tests the distinction between Ethernet-based troubleshooting commands (like 'show ip interface brief' or 'show mac address-table') and Fibre Channel-specific commands, leading candidates to mistakenly apply familiar IP/Ethernet commands to a storage networking context.

132
MCQmedium

An administrator needs to configure a Fibre Channel SAN to support two separate departments that must not see each other's storage. Each department has its own set of initiators and targets. Which technology should be used?

A.VSANs (Virtual SANs)
B.Port channels
C.NPV
D.IVR (Inter-VSAN Routing)
AnswerA

VSANs isolate traffic.

Why this answer

VSANs (Virtual SANs) provide isolation within a single Fibre Channel fabric by partitioning the physical SAN into multiple logical SANs. Each department's initiators and targets are placed in separate VSANs, ensuring they cannot see each other's storage traffic or devices, which meets the requirement for complete separation without additional physical hardware.

Exam trap

Cisco often tests the distinction between VSANs and IVR, where candidates mistakenly think IVR is needed for isolation, but IVR actually enables controlled sharing between VSANs, not isolation.

How to eliminate wrong answers

Option B (Port channels) is wrong because port channels aggregate multiple physical links into a single logical link for increased bandwidth and redundancy, but they do not provide any isolation or segmentation between different departments' storage traffic. Option C (NPV) is wrong because NPV (N_Port Virtualization) is used to reduce the number of Fibre Channel domain IDs in a SAN by allowing a switch to proxy logins for multiple initiators, but it does not create separate logical SANs or prevent inter-department visibility. Option D (IVR) is wrong because IVR (Inter-VSAN Routing) is specifically designed to selectively route traffic between different VSANs, which would allow the departments to see each other's storage, directly violating the requirement that they must not see each other's storage.

133
MCQhard

A Fibre Channel switch is experiencing high latency on a specific ISL. The link is operating at 16 Gbps and has high utilization. Which action will most likely reduce latency?

A.Reduce the buffer credit count.
B.Enable trunking on the ISL.
C.Disable flow control on the ISL.
D.Add an additional ISL and configure a port channel.
AnswerD

Load balancing reduces latency.

Why this answer

Adding an additional ISL and configuring a port channel increases the aggregate bandwidth between the two switches, reducing per-link utilization and thus lowering queuing latency. This directly addresses the root cause—high utilization on a single 16 Gbps link—by distributing traffic across multiple physical links, which also provides load balancing and redundancy.

Exam trap

Cisco often tests the misconception that trunking or flow control adjustments can solve bandwidth-related latency, when in fact only increasing aggregate bandwidth (via port channels) reduces queuing delay caused by high utilization.

How to eliminate wrong answers

Option A is wrong because reducing the buffer credit count would actually decrease the number of frames that can be in transit, potentially increasing latency due to credit starvation, especially on long-distance links. Option B is wrong because enabling trunking on the ISL (typically via VSAN trunking) does not increase bandwidth; it only allows multiple VSANs to share the same link, which does not reduce utilization or latency. Option C is wrong because disabling flow control (e.g., buffer-to-buffer credit flow control) would remove the mechanism that prevents frame loss, leading to retransmissions and higher latency, not lower.

134
MCQeasy

A storage administrator notices that a newly deployed Fibre Channel initiator cannot log in to the SAN switch. The switch is configured for NPV mode. Which condition is most likely causing the issue?

A.NPIV is disabled on the upstream switch.
B.The initiator is not using a device alias.
C.The switch is configured for NPIV mode instead of NPV.
D.The switch port is configured as an E port.
AnswerA

NPIV must be enabled on upstream switches for NPV mode to work.

Why this answer

In NPV mode, the switch acts as a transparent proxy, forwarding FLOGI requests from initiators to the upstream NPIV-capable core switch. If NPIV is disabled on the upstream switch, it will reject the FLOGI because it cannot register multiple N-Port IDs on a single physical link, causing the initiator to fail login.

Exam trap

Cisco often tests the distinction between NPV (a switch mode) and NPIV (a feature on the upstream switch), leading candidates to confuse the two or assume the issue is with the NPV switch's own configuration.

How to eliminate wrong answers

Option B is wrong because device aliases are used for zoning and management convenience, not for the FLOGI process; an initiator can log in without any alias. Option C is wrong because the question states the switch is configured for NPV mode, and NPIV mode is a feature of the upstream switch, not a conflicting mode. Option D is wrong because in NPV mode, the switch port facing the upstream switch is configured as an NP port (proxy N-port), not an E port; E ports are used for ISL links between switches in standard FC switching mode, not NPV.

135
Multi-Selecthard

Which THREE factors must be considered when implementing FCIP for SAN extension over a WAN? (Choose three.)

Select 3 answers
A.VSAN configuration on the remote MDS switch.
B.Jitter and packet loss characteristics.
C.Buffer-to-buffer credit count on the FCIP tunnel.
D.Round-trip time (RTT) latency of the WAN link.
E.Available bandwidth and potential congestion.
AnswersB, D, E

Jitter and loss impact TCP performance and retransmissions.

Why this answer

FCIP (Fibre Channel over IP) tunnels encapsulate Fibre Channel frames over IP networks. Jitter and packet loss directly cause Fibre Channel timeouts and retransmissions, severely impacting storage performance. Unlike Fibre Channel over dedicated links, WAN characteristics like jitter and loss must be explicitly accounted for in FCIP design.

Exam trap

Cisco often tests the distinction between Fibre Channel fabric parameters (like VSANs and B2B credits) and WAN-specific factors (jitter, loss, RTT, bandwidth) that directly impact FCIP tunnel performance, leading candidates to select local SAN parameters instead of WAN characteristics.

136
MCQhard

A company has two Cisco MDS 9700 switches in a dual-fabric SAN. Each fabric has its own set of storage arrays and hosts. The company wants to enable selective communication between specific devices in Fabric A and Fabric B without merging the fabrics. Which Cisco technology should be used?

A.FCIP
B.NPV
C.IVR
D.Port channels
AnswerC

IVR enables selective communication between devices in different VSANs while keeping fabrics separate.

Why this answer

Cisco IVR (Inter-VSAN Routing) allows selective communication between devices in different VSANs without merging the fabrics. In this dual-fabric SAN scenario, IVR enables specific hosts in Fabric A to communicate with specific storage arrays in Fabric B while keeping the VSANs and fabrics logically isolated, preserving fault domains and administrative boundaries.

Exam trap

Cisco often tests the distinction between technologies that merge fabrics (like FCIP or trunking) versus those that enable selective inter-fabric communication without merging (like IVR), and the trap here is confusing FCIP's WAN extension capability with IVR's selective routing within a local dual-fabric design.

How to eliminate wrong answers

Option A is wrong because FCIP (Fibre Channel over IP) is used to interconnect geographically separated SAN islands over an IP network, not to enable selective communication between devices in the same physical location without merging fabrics. Option B is wrong because NPV (N_Port Virtualization) is a mode used by edge switches to aggregate multiple N_Ports into a single uplink to a core switch, reducing domain IDs; it does not provide inter-fabric routing. Option D is wrong because port channels aggregate multiple physical links into a single logical link for increased bandwidth and redundancy within a single fabric, not for routing traffic between separate fabrics.

137
MCQmedium

An engineer is designing a SAN extension over a WAN link using FCIP. The link has high latency (50 ms RTT). Which configuration is most critical to maintain performance?

A.Configure a large TCP window size.
B.Enable compression on the FCIP tunnel.
C.Increase the buffer-to-buffer credits.
D.Reduce the TCP MSS to 512 bytes.
AnswerA

Window scaling allows more data in flight, improving throughput over high-latency links.

Why this answer

FCIP encapsulates Fibre Channel frames over TCP/IP. High latency (50 ms RTT) means the TCP sender must wait longer for acknowledgments, which can stall the connection if the TCP window is too small. A large TCP window size (e.g., using window scaling per RFC 1323) allows more data to be in flight before requiring an ACK, thereby maintaining throughput and preventing performance collapse on high-latency WAN links.

Exam trap

Cisco often tests the misconception that buffer-to-buffer credits (BB_credits) are the primary flow control for FCIP, when in fact TCP window sizing is the critical parameter for high-latency WAN links.

How to eliminate wrong answers

Option B is wrong because compression reduces bandwidth usage but does not address the fundamental throughput limitation caused by high latency and small TCP windows; it may even add processing delay. Option C is wrong because buffer-to-buffer credits (BB_credits) are a Fibre Channel flow control mechanism used between directly connected FC ports, not over FCIP tunnels; they do not affect TCP windowing over WAN. Option D is wrong because reducing TCP MSS to 512 bytes increases header overhead and the number of segments, which can worsen performance on a high-latency link by requiring more ACKs per byte of data.

138
Matchingmedium

Match each Cisco data center automation tool to its primary use.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Configuration management and orchestration

Scripting language for custom automation

Programmatic interface for device management

Infrastructure as code for server configuration

Declarative configuration management

Why these pairings

Automation tools streamline data center operations.

139
Multi-Selecthard

Which THREE factors should be considered when sizing buffer credits for a long-haul FC link?

Select 3 answers
A.Link speed
B.Number of targets
C.Frame size
D.Distance
E.Buffer-to-buffer credit pool size
AnswersA, C, D

Higher speed requires more credits to keep the link busy.

Why this answer

Link speed (A) is a critical factor because higher speeds require more buffer credits to maintain full throughput over a given distance. The buffer credit requirement scales linearly with link speed, as each credit represents the ability to send one frame before receiving an acknowledgment. For example, a 16 Gbps link needs twice as many buffer credits as an 8 Gbps link for the same distance.

Exam trap

Cisco often tests the misconception that the number of targets or initiators influences buffer credit requirements, when in fact only distance, speed, and frame size matter for the per-link calculation.

140
Multi-Selecthard

Which THREE factors should be considered when calculating the required number of buffer credits for a long-distance Fibre Channel link? (Choose three.)

Select 3 answers
A.The link data rate (e.g., 16 Gbps).
B.The maximum frame size (e.g., 2148 bytes).
C.The number of VSANs configured.
D.The number of zones in the fabric.
E.The distance between the switches.
AnswersA, B, E

Higher data rates require more buffer credits to keep the link busy.

Why this answer

To calculate buffer credits, you need the distance, data rate, and frame size. Option A: distance affects propagation delay. Option C: data rate affects how many frames can be in flight.

Option E: frame size (maximum) determines how many bytes per credit. Option B is wrong because VSAN count does not matter. Option D is wrong because number of zones is irrelevant.

141
Multi-Selectmedium

A storage administrator reports that a host cannot reach any of the targets on a Cisco MDS 9000 Series switch. The VSAN configuration is correct, and all interfaces are up. Which two commands should be used to verify the Fibre Channel name server database and zoning configuration?

Select 2 answers
A.show zoneset active
B.show zone
C.show flogi database
D.show fcns database
E.show fcns details
AnswersA, D

Shows the active zoneset and its member devices, verifying zoning.

Why this answer

Option A is correct because the 'show zoneset active' command displays the currently active zone set, which is essential for verifying which zones are enforced by the switch. Since the VSAN configuration is correct and interfaces are up, a missing or incorrect active zone set could prevent the host from reaching any targets, even if the name server database is populated.

Exam trap

Cisco often tests the distinction between 'show flogi database' (which shows fabric login state) and 'show fcns database' (which shows name server registrations), leading candidates to mistakenly choose 'show flogi database' when the question asks for name server verification.

142
MCQmedium

A storage administrator needs to monitor traffic between two specific storage arrays without causing any disruption. Which approach should be used?

A.Configure a SPAN session on the MDS switch to copy traffic between the storage ports.
B.Use FC traceroute to identify the path.
C.Enable FC ping between arrays.
D.Use IVR to route traffic through a monitoring zone.
E.Configure port channel between arrays.
AnswerA

SPAN (Switched Port Analyzer) copies traffic to a monitor port for analysis without disruption.

Why this answer

Option A is correct because configuring a SPAN session on the MDS switch allows copying traffic between the storage ports to a monitoring port without affecting the original traffic flow. Option B (FC traceroute) only shows path, not traffic. Option C (FC ping) tests connectivity.

Option D (port channel) does not monitor. Option E (IVR) is for routing, not monitoring.

143
MCQeasy

Which Fibre Channel frame field is used to identify the upper-layer protocol being carried?

A.Source FC ID
B.D_ID
C.CS_CTL
D.R_CTL
AnswerD

Routing Control field specifies the frame category and protocol.

Why this answer

Option B is correct. R_CTL indicates the frame's information category, including upper-layer protocol (e.g., SCSI-FCP).

144
MCQeasy

An engineer needs to create a VSAN on a Cisco MDS switch with VSAN ID 50. Which command correctly creates the VSAN?

A.switch(config-vsan)# vsan 50
B.switch(config)# vsan 50
C.switch(config)# interface vsan 50
D.switch(config)# vsan database
AnswerB

This command creates VSAN 50 in global config.

Why this answer

Option A is correct. 'vsan <id>' in global config creates the VSAN. Option D is not complete.

145
MCQmedium

A storage administrator needs to ensure that a Fibre Channel zone configuration is operationally effective without disrupting the current active zone set. Which approach should be used?

A.Create the new zone configuration in the defined configuration, then activate it as a new zone set.
B.Delete the active zone set and create a new one.
C.Edit the active zone set directly.
D.Use the 'commit' command to update the zone set.
AnswerA

Standard best practice.

Why this answer

Option A is correct because in Cisco MDS Fibre Channel SANs, zone configurations are created in the defined configuration and then activated as a new zone set. This approach ensures that the current active zone set remains operational and unaffected during the configuration process, preventing any disruption to existing traffic. Only when the new zone set is explicitly activated does it replace the active set, allowing for a controlled cutover.

Exam trap

Cisco often tests the misconception that you can directly edit the active zone set, similar to how you might edit a running configuration on a router, but in Fibre Channel zoning, the active set is immutable and must be replaced via activation.

How to eliminate wrong answers

Option B is wrong because deleting the active zone set would immediately disrupt all Fibre Channel zoning, causing all devices to lose connectivity and potentially causing a SAN outage. Option C is wrong because editing the active zone set directly is not supported in Cisco MDS; the active zone set is a read-only copy of the last activated configuration, and any changes must be made to the defined configuration. Option D is wrong because the 'commit' command is used in Cisco NX-OS to apply pending configuration changes in other contexts (e.g., interface or VLAN configurations), but it is not a valid command for updating Fibre Channel zone sets; zone set activation is performed using the 'activate' command.

146
MCQmedium

A Fibre Channel switch port is experiencing a high number of CRC errors. Which action should be taken to resolve this issue?

A.Replace the fiber optic cable between the switch and the storage device.
B.Reduce the port speed to 2 Gbps.
C.Reconfigure the zone to include only the affected device.
D.Increase the buffer credits on the port.
AnswerA

CRC errors typically indicate physical layer problems like bad cables.

Why this answer

CRC errors often indicate physical layer issues such as faulty cables or SFPs. Replacing the cable is the first step in troubleshooting. Option A is wrong because increasing the buffer credits does not fix CRC errors.

Option B is wrong because reducing speed may mask the issue. Option D is wrong because zoning changes do not affect CRC errors.

147
MCQmedium

Refer to the exhibit. A host with WWPN 10:00:00:00:c9:29:3b:23 can only see its own WWPN but not the target. What is the likely cause?

A.The host is in a different VSAN.
B.The target is missing from the zone.
C.The zoneset is not the full zoneset.
D.The host's FLOGI is rejected.
E.The zone is not activated.
AnswerB

Zone_C has no target member, so the host cannot access any storage.

Why this answer

Option A is correct. Zone_C contains only the initiator (10:00:00:00:c9:29:3b:23) and no target members, so the host cannot communicate with any storage. Option B is incorrect; the zoneset is active and named ZS_1.

Option C is incorrect; all devices are in VSAN 1 per the command. Option D is incorrect; the zone is listed in the active zoneset. Option E is incorrect; there is no indication of FLOGI failure.

148
MCQmedium

A storage engineer is planning to migrate from an existing 2 Gbps Fibre Channel fabric to a new 16 Gbps fabric while maintaining connectivity during the cutover. The legacy and new switches are connected via ISL and use the same VSAN. What is a best practice to ensure a seamless migration?

A.Assign the new switches to a separate VSAN to prevent mixing
B.Set the ISL port speed to 2 Gbps on both sides until the migration is complete
C.Use a dedicated ISL for the migration and move zones gradually
D.Disable zoning on both fabrics and re-apply after migration
AnswerB

Ensures compatibility and stable fabric merge.

Why this answer

Option B is correct because setting the ISL port speed to 2 Gbps on both sides ensures that the new 16 Gbps switch negotiates down to the legacy fabric's speed, preventing buffer-to-buffer credit mismatches and frame corruption during the cutover. This allows both fabrics to operate at a common speed, maintaining stable connectivity until all devices are migrated and the ISL speed can be safely increased.

Exam trap

Cisco often tests the misconception that simply connecting a higher-speed switch to a lower-speed fabric via ISL will auto-negotiate correctly, but the trap here is that without manually setting the speed, the link may fail to establish or cause instability due to incompatible buffer-to-buffer credit management.

How to eliminate wrong answers

Option A is wrong because assigning the new switches to a separate VSAN would isolate them from the legacy fabric, preventing any communication or gradual migration of devices across the ISL. Option C is wrong because using a dedicated ISL does not address the fundamental speed mismatch; without speed negotiation, the 16 Gbps port may not properly interoperate with the 2 Gbps port, leading to link instability or failure. Option D is wrong because disabling zoning on both fabrics would expose all devices to each other, creating a security risk and potential data corruption; zoning should remain active and be migrated incrementally.

149
MCQhard

During an FCoE deployment, the server team reports that hosts can reach the storage array but performance is intermittent with periodic timeouts. The network team sees no errors on the FCoE VLAN. The DCB configuration on the upstream switch shows that PFC is enabled for CoS 3. What should the engineer check next?

A.Verify that jumbo frames are enabled on the storage array
B.Confirm that the VSAN is appropriately sized for the number of hosts
C.Ensure that the FCoE VLAN is enabled for FCoE on the server's vNIC
D.Check if the PFC configuration matches on both ends and that PFC is enabled on the FCoE VLAN interfaces
AnswerD

PFC must be consistent across all hops.

Why this answer

D is correct because PFC (Priority Flow Control) must be consistently configured on both ends of an FCoE link to prevent frame loss. If PFC is enabled for CoS 3 on the upstream switch but not on the server's vNIC or the FCoE VLAN interfaces, the lack of lossless behavior causes intermittent timeouts and performance degradation, even if the FCoE VLAN shows no errors.

Exam trap

Cisco often tests the misconception that FCoE performance issues are due to VLAN or VSAN misconfiguration, when the real culprit is mismatched PFC settings between endpoints.

How to eliminate wrong answers

Option A is wrong because jumbo frames are not required for FCoE; FCoE typically uses 2500-byte frames, but the issue is about lossless delivery, not MTU size. Option B is wrong because VSAN sizing relates to zoning and fabric management, not to PFC or link-level flow control; the problem is at Layer 2, not VSAN capacity. Option C is wrong because the FCoE VLAN must be enabled on the switch port, not the server's vNIC; the server team already reports reachability, indicating the VLAN is active, so this is a misdirection about where the configuration is applied.

150
MCQeasy

A storage administrator wants to ensure that only designated initiators can access a specific target in a Fibre Channel SAN. Which mechanism enforces this policy?

A.IVR
B.Port channel
C.Zoning
D.VSAN
E.Credit recovery
AnswerC

Zoning defines which initiators can talk to which targets.

Why this answer

Zoning is the correct mechanism because it restricts Fibre Channel (FC) communication to only those initiators and targets that are members of the same zone. By defining a zone that includes only the designated initiator WWPNs and the target WWPN, the switch enforces access control at the fabric level, preventing any unauthorized device from discovering or communicating with the target.

Exam trap

Cisco often tests the distinction between VSAN (which isolates traffic at the fabric level) and zoning (which controls device-level access within a VSAN), leading candidates to incorrectly select VSAN when the question specifically asks about restricting access to a target.

How to eliminate wrong answers

Option A (IVR) is wrong because Inter-VSAN Routing (IVR) enables selective communication between devices in different VSANs, not access control within a single VSAN or target. Option B (Port channel) is wrong because it aggregates multiple physical links into a single logical link for bandwidth and redundancy, not for enforcing initiator-to-target access policies. Option D (VSAN) is wrong because a VSAN creates an isolated virtual fabric, but within a VSAN all devices can communicate unless further restricted by zoning; VSAN alone does not enforce per-initiator access to a specific target.

Option E (Credit recovery) is wrong because it is a buffer-to-buffer credit recovery mechanism (BB_CR) used to recover lost credits in FC links, unrelated to access control.

← PreviousPage 2 of 3 · 154 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Storage Network questions.