ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-620 All Questions

View all questions & answers for the 300-620 exam
Go to Exam

Exam 300-620 topic 1 question 125 discussion

Actual exam question from Cisco's 300-620
Question #: 125
Topic #: 1
[All 300-620 Questions]

A network engineer must allow secure access to the Cisco ACI out-of-band (OOB) management only from external subnets 10.0.0.0/24 and 192.168.20.0/25. Which configuration set accomplishes this goal?

  • A. Create a L3Out in the MGMT tenant in OOB VRF.
    Set External Management Network Instance Profile as a consumer of the OOB contract.
    Create an External EPG with two subnet entries with the external subnets.
  • B. Create a PBR service graph in the MGMT tenant.
    Create a management Profile with the required OOB EPG.
    Redirect all traffic going into ACI management to the external firewall.
    Create two subnet entries under the OOB Bridge domain with the required subnets.
  • C. Create an EPG and BD in the MGMT tenant in OOB VRF.
    Set OOB VRF to provide the contract.
    Set a new EPG to consume the OOB contract.
  • D. Create an OOB contract that allows the required ports.
    Provide the contract from the OOB EPG.
    Consume the contract by the OOB External Management Network Instance Profile.
    Create two subnet entries in the External Management Network Profile with the required subnets.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Narbledeath at April 17, 2023, 7:35 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Mr_Certifiable
5 months, 1 week ago
D - Step 1 – Providing the contract Tenant > Tenant mgmt > Node Management EPGs > Out-of-Band EPG default • Under the “Provided Out-of-Band Contracts” in the policy window, provide the appropriate contract. (This could be a the default/common contract or a specific contract you have created and modified). Click Submit. Tenant > Tenant mgmt > Node Management EPGs > Out-of-Band EPG default Step 2 – Consuming the contract Tenant > Tenant mgmt > External Management Network Instance Profiles > YourInstanceProfile • Consume the same contract that you provided in the previous step. • Enter the subnets that are allowed to have access to the APIC. (0.0.0.0/0 will permit all). https://www.cisco.com/c/dam/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/aci-guide-configuring-out-of-band-access-for-your-fabric.pdf
upvoted 1 times
...
Narbledeath
6 months, 3 weeks ago
Selected Answer: D
https://www.cisco.com/c/dam/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/aci-guide-configuring-out-of-band-access-for-your-fabric.pdf
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago