View 350-601 Exam Questions

Q: 11

A network architect must redesign a data center network based on OSPFv2. The network must perform fast reconvergence between directly connected switches. Which two actions must be taken to meet the requirements? (Choose two.)

Options

Discussion

Taylor S. Feb 15, 2026 4:57 am

C and E tbh. BFD (C) is what Cisco wants for fast, subsecond detection, and OSPF point-to-point (E) reduces convergence time since the topology's simpler. Pretty confident but open to other takes.

MethodicalConsultant7568 Feb 16, 2026 6:58 am

Option C and E make sense here. BFD is known for fast failure detection, and point-to-point links speed up OSPF convergence. Not totally certain, but saw similar on practice exams. Agree?

CuriousReviewer4255 Feb 22, 2026 7:12 pm

Would labbing this with BFD and point-to-point configs help clarify? I’ve seen similar reconvergence Qs pop up in official Cisco practice exams lately.

Adam D. Feb 18, 2026 9:12 pm

Had something like this in a mock and picked C and E. BFD (C) is used for subsecond failure detection with OSPF, while point-to-point links (E) simplify the topology, both speeding up convergence. If anyone disagrees let me know, but pretty sure that's Cisco's expected answer.

Nora Feb 27, 2026 12:04 am

C vs B but I’m picking C and E here. B is tempting since lowering hello/dead timers does help, but Cisco exam style favors BFD (C) for subsecond detection and E’s point-to-point links cut down on convergence complexity. Don’t think A or D get you any faster reconvergence directly.

Nora Mar 5, 2026 12:28 pm

Its C and E. BFD (C) is designed for rapid failure detection, much quicker than OSPF timers alone, and point-to-point links (E) let OSPF converge faster because there’s less ambiguity in the topology. Low hello/dead timers (B) help too, but BFD’s even faster and less intensive on resources. I think C/E aligns best with how Cisco wants you to answer this.

Ivy V. Feb 22, 2026 10:20 am

C and E tbh. BFD gives you really quick failure detection with OSPF and point-to-point links help with faster convergence too. I’ve seen similar in practice exams, so pretty sure this is right.

Be respectful. No spam.

Q: 12

A network engineer must configure a Cisco MDS switch to use the local user database for console access if all AAA servers are unreachable. Which configuration should be applied to complete this task?

Options

Q: 13

Refer to the exhibit. . Refer to the exhibit An engineer must access a Cisco UCS C-Series server KVM from a remote location. The engineer must use the out-of-band interface to access the KVM Which configuration set meets these requirements?

Options

Discussion

Ethan Mar 3, 2026 10:23 am

C/D? Depends on the NIC mode really. Out-of-band usually means using the dedicated management NIC, which matches D, but some setups might use Shared LOM if configured right. Pretty sure D is what they're expecting here though.

Chris H. Feb 28, 2026 11:22 am

D . Out-of-band access for UCS C-Series usually means the dedicated management port is used, not shared LOM. I've seen similar questions in practice sets, and they always go with Dedicated NIC, VLAN state disabled. Pretty sure that's what they're after here-correct me if I'm off.

CarefulEngineer6875 Mar 2, 2026 12:27 am

C imo. Shared LOM with VLAN ID set should still allow KVM access if the management and data are carried over the same link. Out-of-band sometimes catches people but in practice Shared LOM can work too.

Alex X. Feb 27, 2026 5:17 am

Out-of-band here points to using the dedicated management port, so D. Shared LOM looks tempting but is usually for in-band access.

Hannah Feb 25, 2026 12:42 pm

Hannah O. Feb 20, 2026 12:52 am

Maybe D. If they mean out-of-band as a dedicated management port, that's how UCS usually does it.

Ben Mar 3, 2026 7:55 pm

Option D here, since out-of-band means dedicated management, not shared LOM. Not 100 percent though.

Layla F. Feb 15, 2026 10:40 pm

I’d say D

Ravi U. Feb 22, 2026 4:10 am

Be respectful. No spam.

Q: 14

DRAG DROP Refer to the exhibit. Refer to the exhibit. Drag and drop the code snippets from the bottom onto the blanks in the code to complete the JSON request that implements the ACL presented. Not all code snippets are used. P-50

Drag & Drop

Enable JavaScript to use the Drag & Drop feature.

91.213.17.6
189.213.12.14
}
24
1
16

Q: 15

DRAG DROP Refer to the exhibit The VSAN 4041 and 4042 are exchanged between two Cisco MDS 9000 Series Switches called MDS-1 and MDS-2 The objective is to deploy a security mechanism on MDS-1 to allow MDS-2 to join the fabric exclusively Drag and drop the code snippets from the bottom onto the boxes in the code to complete the MDS-1 configuration Not all code snippets are used.

Drag & Drop

Enable JavaScript to use the Drag & Drop feature.

20:01:00:38:90:54:21:8
20:01:00:de:fb:fd:db:7
20:0a:00:38:90:54:21:8
32
103
11

Discussion

Skyler L. Feb 17, 2026 1:30 am

Used this mapping: 20:01:00:38:90:54:21:8 to awwn, 32 to domain, 20:0a:00:38:90:54:21:8 to awwn, 11 to domain. Saw it in the official practice labs so pretty confident, but always good to cross-check official config documentation just in case.

MiaZ Feb 24, 2026 2:27 pm

20:01:00:38:90:54:21:8 to awwn, 32 to domain, 20:0a:00:38:90:54:21:8 to awwn, 11 to domain. Saw this on a mock, sure.

QuietLearner9051 Mar 5, 2026 9:26 pm

20:01:00:38:90:54:21:8 to awwn, 32 to domain, 20:0a:00:38:90:54:21:8 to awwn, 11 to domain. Not 103 here, it's a common distractor in similar exam questions.

PracticalSec6893 Mar 1, 2026 10:57 am

Looks right to me, should be 20:01:00:38:90:54:21:8 for awwn, 32 for domain, 20:0a:00:38:90:54:21:8 for awwn, 11 for domain.

Reese X. Feb 28, 2026 2:04 pm

20:01:00:38:90:54:21:8 -> awwn, 32 -> domain, 20:0a:00:38:90:54:21:8 -> awwn, 11 -> domain. This matches VSAN security filtering. Pretty sure from official guide labs, but would double check with config docs if unsure.

Ivy J. Feb 21, 2026 6:37 pm

20:01:00:38:90:54:21:8 to awwn, 32 to domain, 20:0a:00:38:90:54:21:8 to awwn, 103 to domain. Pretty sure this but 11 could work too depending on the intent with exclusive access, open to correction.

Karan A. Feb 27, 2026 9:23 pm

20:01:00:38:90:54:21:8 to awwn, 32 to domain, 20:0a:00:38:90:54:21:8 to awwn, 11 to domain looks right. I don't think it's 103 for the last domain-common trap in practice sims.

Taylor D. Feb 16, 2026 12:57 pm

Not sure about the last part, I matched 20:01:00:38:90:54:21:8 to awwn, 32 to domain, 20:0a:00:38:90:54:21:8 to awwn, and 103 to domain. Think that's right but maybe missing something.

Arjun U. Mar 2, 2026 8:19 pm

Nice diagram, super straightforward for VSAN configuration. Mapping: 20:01:00:38:90:54:21:8, 32, 20:0a:00:38:90:54:21:8, 103.

Be respectful. No spam.

Q: 16

An engineer must configure a user role interface policy on a Cisco Nexus 9000 Series Switch. The role must prevent access to interface FC3/2 but allow access to interface FC3/1. Which set of actions must be taken to accomplish this goal?

Options

Q: 17

An engineer must implement Strict Unicast Reverse Path Forwarding mode for IPv4 packets on the Ethernet1/1 interface on the Cisco Nexus 9500 Series Switch. Which configuration achieves this goal? A)

B) P-9

Options

Discussion

Logan J. Mar 4, 2026 1:14 pm

Option D is correct since 'reachable-via rx' enforces strict uRPF, making sure the source is on the expected interface. That's what's needed per official docs. Pretty confident but let me know if anyone sees an edge case.

SofiaB Feb 15, 2026 9:10 pm

C , since 'ip verify unicast source reachable-via any' looks like it's enabling uRPF, and I remember seeing 'any' used in config guides for unicast reverse path. For strict mode, it should verify the source is reachable, and 'any' feels like it covers that. Not 100 percent though, maybe I'm confusing loose mode details.

Aisha T. Feb 21, 2026 5:02 am

I remember seeing a similar question in some exam reports. D is the right pick because 'reachable-via rx' activates strict uRPF, forcing the packet's source to be reachable via the receiving interface. That matches Cisco's Nexus config for strict mode. If someone has seen it done another way let me know, but pretty sure it's D.

Amelia N. Feb 18, 2026 8:45 am

Not sure it's C. D is the one with 'reachable-via rx', which is strict mode for uRPF on Nexus. 'Any' is actually loose mode, easy to mix up. Saw similar syntax in a practice test so pretty confident. Anyone disagree?

RyanU Feb 27, 2026 9:26 pm

Honestly, Cisco's uRPF config options are easy to mix up-wish the syntax was more intuitive. C or D here. I picked C since it shows 'ip verify unicast source reachable-via any', and from what I remember, sometimes 'any' is used in strict mode examples. Strict mode should check the source on the incoming interface, which does make me doubt this slightly. If I'm missing something with Nexus specifics, let me know.

Chris Feb 14, 2026 12:25 pm

Looks like D. B is a common trap since that's loose mode, but 'rx' is needed for strict uRPF on Nexus switches. Pretty sure D lines up with practice exam reports too. Disagree?

Grace H. Feb 20, 2026 10:35 am

D makes sense here. Strict uRPF checks if the source came in on the route's exact interface, and D configures 'ip verify unicast source reachable-via rx' which is strict mode. Pretty sure that's what's needed for Nexus. Open to other opinions if anyone's set this up before.

Anita X. Feb 24, 2026 12:45 pm

I don’t think it’s C. B.

Vikram A. Mar 4, 2026 6:57 am

Probably C, but which mode are they specifically asking for if the requirement was just 'loose' not 'strict' mode? Official guide examples could flip it for me.

Be respectful. No spam.

Q: 18

Which two configuration settings are available in the in the cisco UCS firmware Auto sync server policy?

Options

Q: 19

Refer to exhibit. P-38

Refer to the exhibit. An engineer is configuring Cisco Data Center Network Manager to automate the provisioning of Cisco Nexus 9000 Series Switches. The engineer must configure user access for network engineers to permit device operations in Interface Manager. The solution must hide Admin and Config Menu items in Interface Manager Which two roles must be assigned to the network engineers to meet these requirements? (Choose two.)

Options

Discussion

Jason T. Feb 18, 2026 2:31 am

B and D imo. Both grant device operation access in Interface Manager without showing Admin or Config menus, which is what the prompt wants. C is an easy mistake here since network-admin actually brings those extra menus up. Somebody disagree if you see it differently.

Owen R. Feb 19, 2026 2:39 am

B and D make sense here, since network-operator and access-admin cover interface tasks without exposing the admin/config menus. C would show too much, including menu items the question wants hidden. Pretty sure this lines up with how DCNM role separation works, but correct me if not.

JordanD Mar 4, 2026 2:14 pm

B and D tbh. Both roles let network engineers operate devices in Interface Manager but keep the Admin and Config stuff hidden, which matches the requirement. C is a common trap because network-admin gives more access than needed. Someone correct me if I'm missing a use case here.

SeasonedLearner856 Feb 19, 2026 3:59 am

Ben K. Mar 6, 2026 8:12 pm

B and D tbh

Sofia S. Feb 15, 2026 10:44 am

Call it B and D. network-operator plus access-admin let engineers work in Interface Manager without exposing Admin or Config menus, which is what the question asks. C looks tempting but would show too much, so that's likely a trap. Let me know if you see it another way.

Mia V. Feb 18, 2026 12:16 pm

Option B and D look right. network-operator and access-admin together give engineering enough access for device operations in Interface Manager but hide those Admin/Config menu options as required. C is tempting, but that’d expose too much. Anyone see it differently?

QuietDev778 Mar 1, 2026 3:20 am

B tbh, saw a similar combo in some exam reports and it matches the Interface Manager access while hiding admin/config stuff.

Luke Z. Mar 1, 2026 4:48 am

Why not just B and D here? Hiding admin and config menus should be covered by those roles.

Be respectful. No spam.

Q: 20

What is a benefit of using the Cisco UCS Lightweight upgrade feature?

Options

Discussion

Nora O. Mar 3, 2026 5:05 pm

A . Lightweight upgrade means only components with different firmware get updated, so there's less need for downtime and fewer reboots. That's what makes it 'lightweight' compared to a full update. D would cause more disruption, which the feature is supposed to avoid. Saw something similar in practice questions. Anyone disagree?

DirectCandidate2754 Feb 28, 2026 3:01 am

Option A makes sense, since UCS Lightweight upgrade is about only updating components that actually need new firmware. That way, you skip pushing updates and rebooting everything unnecessarily, so less downtime. D would do the opposite by rebooting all servers, which isn't 'lightweight' at all. Pretty sure this matches what Cisco docs explain. Agree?

Luna Mar 5, 2026 12:43 pm

Looks like it's A. Only changes get upgraded, so downtime stays low. Anyone else see a catch with this one?

Ava P. Feb 27, 2026 6:31 am

A or D? I think it's A here since the lightweight upgrade only updates firmware on components that actually changed, which reduces downtime. Option D sounds like a trap, since you want to avoid rebooting all servers if possible. Not totally sure but that's how most exam guides describe the feature. Correct me if I'm off!

FriendlyAnalyst4857 Feb 25, 2026 10:00 pm

Not D, it's A here. The trap is thinking lightweight means full server reboots, but it just updates changed components.

VikramY Feb 19, 2026 11:53 am

Probably D. If you want to make sure all servers get the latest updates, rebooting them makes sense to push everything at once. I think that's part of the benefit, but not totally sure here.

Grace M. Feb 27, 2026 7:19 pm

D tbh, because if you want all servers fully up-to-date that option forces updates everywhere, right?

Amelia T. Mar 1, 2026 7:04 pm

Looks like it's A, since lightweight upgrade only updates changed firmware so less disruption.

Mia F. Mar 1, 2026 9:43 am

A or D? I get why D looks tempting since it says all servers get rebooted so updates apply, but pretty sure that defeats the lightweight part of the feature.

Sam Feb 21, 2026 2:33 pm

Probably A

Be respectful. No spam.

Question 11 of 20 · Page 2 / 2

Premium Access Includes

✓ Quiz Simulator
✓ Exam Mode
✓ Progress Tracking
✓ Question Saving
✓ Flash Cards
✓ Drag & Drops
✓ 3 Months Access
✓ PDF Downloads

Get Premium Access

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE