Tuesday, October 20, 2015

400-051 CCIE Collaboration


QUESTION 1
Company ABC is planning to migrate from MCS-hosted Cisco Unified Communications Manager
applications to Cisco UC on UCS B-Series servers. Which statement about installation media
support is true for this migration?

A. The install log can be written to a USB flash drive that is attached to the UCS server.
B. The answer file that is generated by the Answer File Generator (platformConfig.xml) can be
read from a USB flash drive to perform an unattended installation on the UCS server.
C. The Cisco Music on Hold USB audio sound card can be mapped to a virtual USB port on a
VMware virtual machine on the UCS server.
D. The answer file that is generated by the Answer File Generator (platformConfig.xml) can be
read from an FLP image that is mounted in a virtual floppy drive.
E. The Cisco Music on Hold USB audio sound card can be mapped to a virtual serial port on a
VMware virtual machine on the UCS server.

Answer: D

Explanation:
Using the AFG will allow you to get this license mac before even touching the server. It is provided
after filling in the main form of the AFG but it can also be found by looking at the last few lines of
your platformconfig.xml file.
Once you have the xml files, you will need to map those to the floppy drive of the VM (no usb
support on the VM OVA). There are many ways to do this. I simply use a freeware virtual floppy
app that I drop the platformconfig.xml file on and then copy the*.flp image out to the datastore. I’ll
end up with a directory on my datastore called AFG that has the host named *.flp images that I will
use during install. It also serves as archival of these files in the event the server needs to be reimaged.
This is important because the license mac will change if every parameteris not entered
exactly as it was prior. If the license mac changes, you will have to go through the process of
requesting new license files to be generated.
Reference:http://angryciscoguy.com/jello/cisco-answer-file-generator-to-the-rescue/


QUESTION 2
Which statement about the Cisco UC on UCS TRC and the third-party server specs-based
virtualization support model is true?

A. Both the UC on UCS TRC and the third-party servers spec-based support models have rulebased
approaches.
B. The UC on UCS TRC support model has a rule-based approach and the third-party servers
spec-based support model has a configuration-based approach.
C. The UC on UCS TRC support model requires a high level of virtualization experience while the
third-party server spec-based support model requires a low to medium level virtualization
experience.
D. VMware vCenter is mandatory for the UC on UCS TRC support model but it is optional for the
third-party server spec-based support model.
E. VMware vCenter is optional for the UC on UCS TRC support model but it is mandatory for the
third-party server spec-based support model.

Answer: E

Explanation:
VMware vCenter is
Reference:http://docwiki.cisco.com/wiki/Unified_Communications_VMware_Requirements


QUESTION 3
Which definition is included in a Cisco UC on UCS TRC?

A. storage arrays such as those from EMC or NetApp, if applicable
B. configuration of virtual-to-physical network interface mapping
C. step-by-step procedures for hardware BIOS, firmware, drivers, and RAID setup
D. server model and local components (CPU, RAM, adapters, local storage) at the part number
level
E. configuration settings and patch recommendations for VMware software

Answer: D

Explanation:
What does a TRC definition include?
Reference:http://docwiki.cisco.com/wiki/UC_Virtualization_Supported_Hardware#UC_on_UCS_Te
sted_Reference_Configurations


QUESTION 4
Which capability is supported by Cisco Discovery Protocol but not by LLDP-MED?

A. LAN speed and duplex discovery
B. Network policy discovery
C. Location identification discovery
D. Power discovery
E. Trust extension

Answer: E

Explanation:
Cisco Discovery Protocol provides an additional capability not found in LLDP-MED that allows the
switch to extend trust to the phone. In this case, the phone is now trusted to mark the packets
received on the PC port accordingly. This feature can be used to off-load the switch because now
it does not need to police the information being received from the phone.


QUESTION 5
Which two mechanisms does Cisco EnergyWise use for neighbor discovery? (Choose two.)

A. multicast
B. LLDP-MED
C. UDP broadcast
D. Cisco Discovery Protocol
E. TCP

Answer: C,D

Explanation:
Cisco EnergyWise Neighbor Discovery Process
The Cisco EnergyWise neighbor discovery process is the mechanism by which domain members
discover each other and populate their Cisco EnergyWise neighbor tables. Cisco EnergyWise
queries can subsequently be distributed to all domain members using the neighbor relationships to
monitor and control the power usage of devices within a domain. Cisco EnergyWise domain
members automatically discover their neighbors through one of two mechanisms:
•Cisco EnergyWise UDP broadcast packet
•Cisco EnergyWise CDP packets
UDP broadcast packets are automatically sent out switch ports which support Cisco EnergyWise,
regardless of whether the interfaces are configured with the no energywise interface-level
command. CDP packets are sent when CDP is configured for the switch ports.
Reference:http://www.cisco.com/en/US/docs/solutions/Enterprise/Borderless_Networks/Energy_M
anagement/energywisedg.html?referring_site=smartnavRD#wp555927


QUESTION 6
Which protocol does the Cisco Prime LAN Management Solution application use to communicate
with Cisco EnergyWise domain members?

A. UDP broadcast
B. Cisco Discovery Protocol
C. UDP unicast
D. TCP
E. multicast

Answer: D

Explanation:
Cisco Prime LMS 4.1 uses TCP port 43440.


Friday, February 27, 2015

Can the enterprise allow employees to use the public cloud?

The theme today isn't about enterprise clouds that are my normal topic, but instead, clouds where end users fly. Face it – your users are in their own clouds. Is that a nervous tic I see on your face?

iCloud OwnCloud

Dropbox

Magic sauce

Store my files

Store your files

Store our files

Mix them all together

Stir with random care

You said that file is where?
I find this harrowing. Users face no real way, without a lot of work that they're disinclined to do or even understand, to know if a personal device's files will be stored securely in any particular cloud provider's bin.

There are no standards. No seals of approvals worth spit. Random selection will take place, with a bias towards something your operating system provider conveniently provides.

Or maybe the home machine is a Mac (see: iCloud) and the office machine runs Windows 7, and the phone is an Android. People interchange files frequently from one device to another without thinking about the ramifications of a differing cloud provider. More copies are better, of course, because people want the convenience of just getting their files, photos, music, videos, and yes, work products, on demand. Demand is for now, not hauling out another device, booting it up, waiting for a logon, logging in (too many machines don't require passwords), maybe a signal, then maneuvering to some deep folder to fetch a file. Convenience rules.

This flies in the face of the hopes, dreams, and practical realities of security officers, policy makers, and IT professionals everywhere. It also explains the successful business model behind every convenience store in the world – time pressure.

There are ways to keep sensitive data from finding its way into someone's messy cloud cache, ranging from draconian to astute. Much depends on the values an organization imposes on its users. Yes, they have to be based on trust, and yes, people – even organized and thoughtful people – can be messy with data assets.

Sophisticated data loss prevention schemes are in place in some environments. Others force users to logon to virtual sessions and work within the ostensibly safe boundaries of those sessions. Some use sophisticated document or work-product tracking. Others force and use seriously sophisticated, often OS-based, policy controls (ex: Microsoft's Group Policy Objects) in an effort to impose moats around applications and, hopefully, their data. Swimming moats gets an airborne drone when clipboards are enabled…a trick I've had recently demonstrated to me.

Can you implement an approved cloud? How would you judge it? Encryption on the wire in addition to in-storage? Who do you whitelist?

My values, and those of most of my colleagues, say not to allow any organizational data to end up stored in places we don't control and can't audit – period, end of page, and job, if we catch you. Like BYOD, I also recognize that users will be users, and policies vary on the issue from draconian (yeah, you're fired) to "this is our list of approved sites." Don't use XY or Z, as they're unapproved, meaning blacklisting cloud storage.

If you get a chance, tell me which you – or your employer – might approve of, and why, in three sentences or less. You can also say things like: "No Way, I'll be shot at dawn if I say this, but…" and/or if they would (Upworthy alert) Change This One Thing.



Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com