Your success in Cisco 300-165 is our sole target and we develop all our 300-165 braindumps in a way that facilitates the attainment of this target. Not only is our 300-165 study material the best you can find, it is also the most detailed and the most updated. 300-165 Practice Exams for Cisco CCNP Data Center 300-165 are written to the highest standards of technical accuracy.
2026 New 300-165 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/300-165/
Q1. - (Topic 2)
When a local RBAC user account has the same name as a remote user account on an
A. The user roles from the remote AAA user account are applied, not the configured local user roles.
B. All the roles are merged (logical OR).
C. The user roles from the local user account are applied, not the remote AAA user roles.
D. Only the roles that are defined on both accounts are merged (logical AND).
Answer: C
Explanation:
If you have a user account configured on the local Cisco NX-OS device that has the same name as a remote user account on an AAA server, the Cisco NX-OS software applies the user roles for the local user account to the remote user, not the user roles configured on the AAA server.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg/sec_rbac.html
Q2. - (Topic 4)
Which two Cisco Nexus platforms support Adapter FEX? (Choose two.)
A. Cisco Nexus 7000 Series Switches
B. Cisco Nexus 5000 Series Switches
C. Cisco Nexus 5500 Series Switches
D. Cisco Nexus 4000 Series Switches
E. Cisco Nexus 2000 Series Fabric Extenders
Answer: C,E
Explanation:
At the access layer, the Adapter-FEX requires a FEX-enabled adapter on a server that connects to a parent device that supports virtualization of interfaces. The Adapter-FEX is supported on the following platforms:
•The Cisco Unified Computing System (UCS) platform supports Adapter-FEX between UCS servers and the UCS Fabric Interconnect.
•The Adapter-FEX is supported on the Cisco Nexus 5500 Series platform and on the Cisco Nexus 2200 Fabric Extender that is connected to a Cisco Nexus 5500 Series parent device. This implementation works on a variety of FEX-capable adapters, including the Cisco UCS P81E virtual interface card (VIC) adapter for the UCS C-Series platform and third party adapters such as the Broadcom BCM57712 Convergence Network Interface Card, that implement the virtual network tag (VNTag) technology.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/operations/adapt er_fex/513_n1_1/ops_adapter_fex/ops_using_adapter_fex.html
Q3. - (Topic 3)
Refer to the exhibit.
What is the consequence of configuring peer-gateway on the two vPC peers N7K-1 and N7K-2?
A. Nothing, this is the standard vPC configuration to make the feature work.
B. The downstream device detects only one of the vPC peers as its gateway.
C. The downstream device can use DMAC of N7K-1 on the link to N7K-2, and N7K-2 forwards the packet.
D. This configuration enables the downstream device to use DHCP to obtain its default gateway.
Answer: C
Explanation:
Beginning with Cisco NX-OS 4.2(1), you can configure vPC peer devices to act as the gateway even for packets that are destined to the vPC peer device's MAC address. Use the peer-gateway command to configure this feature.
Some network-attached storage (NAS) devices or load-balancers may have features aimed to optimize the performances of particular applications. Essentially these features avoid performing a routing-table lookup when responding to a request that originated form a host not locally attached to the same subnet. Such devices may reply to traffic using the MAC address of the sender Cisco Nexus 7000 device rather than the common HSRP gateway. Such behavior is non-complaint with some basic Ethernet RFC standards. Packets reaching a vPC device for the non-local router MAC address are sent across the peer-link and could be dropped by the built in vPC loop avoidance mechanism if the final destination is behind another vPC.
The vPC peer-gateway capability allows a vPC switch to act as the active gateway for packets that are addressed to the router MAC address of the vPC peer. This feature enables local forwarding of such packets without the need to cross the vPC peer-link. In this scenario, the feature optimizes use of the peer-link and avoids potential traffic loss. Configuring the peer-gateway feature needs to be done on both primary and secondary vPC peers and is non-disruptive to the operations of the device or to the vPC traffic. The vPC peer-gateway feature can be configured globally under the vPC domain submode. When enabling this feature it is also required to disable IP redirects on all interface VLANs mapped over a vPC VLAN to avoid generation of IP redirect messages for packets switched through the peer gateway router. When the feature is enabled in the vPC domain, the user is notified of such a requirement through an appropriate message.
Packets arriving at the peer-gateway vPC device will have their TTL decremented, so packets carrying TTL = 1 may be dropped in transit due to TTL expire. This needs to be taken into account when the peer-gateway feature is enabled and particular network protocols sourcing packets with TTL = 1 operate on a vPC VLAN.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_2/nx-os/interfaces/configuration/guide/if_nxos/if_vPC.html
Q4. - (Topic 3)
On a Cisco Nexus7000 switches what is true regarding Cisco FabricPath requirements?
A. Ensure that you have installed the Enhanced Layer 2 license and that you have installed an F Series module
B. Ensure that you have installed the Enhanced Layer 2 license and that you have installed an M Series module
C. Ensure that you have installed the Enhanced Layer 3 license and that you have installed an M Series module
D. Ensure that you have installed the Scalable Feature License license and that you have installed an F Series module
Answer: A
Explanation:
FabricPath switching has the following prerequisites:
•You should have a working knowledge of Classical Ethernet Layer 2 functioning.
•You must install the FabricPath feature set on the default and nondefault VDC before you enable FabricPath on the switch. See Configuring Feature Set for FabricPath for information on installing the FabricPath feature set.
•You are logged onto the device.
•Ensure that you have installed the Enhanced Layer 2 license.
•You are in the correct virtual device context (VDC). A VDC is a logical representation of a set of system resources. You can use the switchto vdc command with a VDC number.
•You are working on the F Series module.
Reference: http://www.cisco.com/en/US/docs/switches/datacenter/sw/5_x/nx-oQsu/feasbtriicopnaNtho/c:o3n6fig-ur(aTtoiopnic/g3u)ide/fp_switching.html
Q5. - (Topic 2)
Which statement about implementation of Cisco TrustSec on Cisco Nexus 5546 or 5548 switches are true?
A. Cisco TrustSec support varies depending on Cisco Nexus 5500 Series Switch model.
B. The hardware is not able to support MACsec switch-port-level encryption based on IEEE 802.1AE.
C. The maximum number of RBACL TCAM user configurable entries is 128k.
D. The SGT Exchange Protocol must use the management (mgmt 0) interface.
Answer: B
Reference: https://scadahacker.com/library/Documents/Manuals/Cisco%20-%20TrustSec%20Solution%20Overview.pdf
Q6. - (Topic 4)
What must be enabled on the interface of a multicast-enabled device to support the Source Specific Multicast feature?
A. IGMP version 3
B. IGMP version 2
C. IGMP version 1
D. PIM
Answer: A
Explanation:
IGMP is the Internet Engineering Task Force (IETF) standards track protocol used for hosts to signal multicast group membership to routers. Version 3 of this protocol supports source filtering, which is required for SSM. To run SSM with IGMPv3, SSM must be supported in the Cisco IOS router, the host where the application is running, and the application itself. IGMP v3lite and URD are two Cisco-developed transition solutions that enable the immediate development and deployment of SSM services, without the need to wait for the availability of full IGMPv3 support in host operating systems and SSM receiver applications. IGMP v3lite is a solution for application developers that allows immediate development of SSM receiver applications switching to IGMPv3 as soon as it becomes available. URD is a solution for content providers and content aggregators that enables them to deploy receiver applications that are not yet SSM enabled (through support for IGMPv3). IGMPv3, IGMP v3lite, and URD interoperate with each other, so that both IGMP v3lite and URD can easily be used as transitional solutions toward full IGMPv3 support in
hosts.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/ip/configuration/guide/fipr_c/1cfssm.html
Q7. - (Topic 1)
Which statement about SNMP support on Cisco Nexus switches is true?
A. Cisco NX-OS only supports SNMP over IPv4.
B. Cisco NX-OS supports one instance of the SNMP per VDC.
C. SNMP is not VRF-aware.
D. SNMP requires the LAN_ENTERPRISE_SERVICES_PKG license.
E. Only users belonging to the network operator RBAC role can assign SNMP groups.
Answer: B
Explanation:
Cisco NX-OS supports one instance of the SNMP per virtual device context (VDC). By default, Cisco NX-OS places you in the default VDC. SNMP supports multiple MIB module instances and maps them to logical network entities. SNMP is also VRF aware. You can configure SNMP to use a particular VRF to reach the SNMP notification host receiver. You can also configure SNMP to filter notifications to an SNMP host receiver based on the VRF where the notification occurred.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/system_management/configuration/guide/sm_nx_os_cg/sm_9snmp.html
Q8. - (Topic 2)
Which statement about RBAC user roles on a Cisco Nexus switch is true?
A. If you belong to multiple roles, you can execute only the commands that are permitted by both roles (logical AND).
B. Access to a command takes priority over being denied access to a command.
C. The predefined roles can only be changed by the network administrator (superuser).
D. The default SAN administrator role restricts configuration to Fibre Channel interfaces.
E. On a Cisco Nexus 7000 Series Switch, roles are shared between VDCs.
Answer: B
Explanation:
If you belong to multiple roles, you can execute a combination of all the commands permitted by these roles. Access to a command takes priority over being denied access to a command. For example, suppose a user has RoleA, which denied access to the configuration commands. However, the users also have RoleB, which has access to the configuration commands. In this case, the users have access to the configuration commands.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guid e/cli/CLIConfigurationGuide/sec_rbac.html
Q9. - (Topic 1)
By default it will take 10 seconds for authentication to fail due to an unresponsive RADIUS server before a Cisco Nexus series switch reverts to another RADIUS server or local authentication. What is one efficient way to improve the reaction time to a RADIUS server failure?
A. Decrease the global RADIUS retransmission count to 1.
B. Decrease the global RADIUS timeout interval to 5 seconds.
C. Configure the RADIUS retransmission count and timeout interval per server, versus globally.
D. Configure per server a test idle timer, along with a username and password.
Answer: D
Explanation:
You can monitor the availability of RADIUS servers. These parameters include the username and password to use for the server and an idle timer. The idle timer specifies the interval during which a RADIUS server receives no requests before the Nexus 5000 Series switch sends out a test packet. You can configure this option to test servers periodically. The test idle timer specifies the interval during which a RADIUS server receives no
requests before the Nexus 5000 Series switch sends out a test packet. The default idle timer value is 0 minutes. When the idle time interval is 0 minutes, the Nexus 5000 Series switch does not perform periodic RADIUS server monitoring.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/guid e/cli_rel_4_0_1a/CLIConfigurationGuide/sec_radius.html
Q10. - (Topic 4)
Which three VDC resources can be constrained with a resource template? (Choose three.)
A. ACLs
B. NAT entries
C. IPv4 routes
D. IPv6 routes
E. SPAN sessions
F. RBAC users
Answer: C,D,E
Explanation:
VDC resource templates set the minimum and maximum limits for shared physical device resources when you create the VDC. The Cisco NX-OS software reserves the minimum limit for the resource to the VDC. Any resources allocated to the VDC beyond the minimum are based on the maximum limit and availability on the device.
You can explicitly specify a VDC resource template, or you can use the default VDC template provided by the Cisco NX-OS software. VDC templates set limits on the following resources:
✑ IPv4 multicast route memory
✑ IPv6 multicast route memory
✑ IPv4 unicast route memory
✑ IPv6 unicast route memory
✑ Port channels
✑ Switch Port Analyzer (SPAN) sessions
✑ VLANs
✑ Virtual routing and forwarding instances (VRFs)
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/nx-os/virtual_device_context/configuration/guide/b-7k-Cisco-Nexus-7000-Series-NX-OS-Virtual-Device-Context-Configuration-Guide/vdc-res-template.html