Latest E20-020 Dumps - Real Exam E20-020 Questions

Question: 1

An organization plans to deploy a spine/leaf network topology to support a cloud design. Leaf

switches will use layer-3 protocols to communicate with the spine switches. Hosts will each

connect to two leaf switches using layer-2 protocols.

Which technology must be enabled between the host and leaf switches to provide the maximum

throughput for a single data stream?

A.

Generic Network Virtualization Encapsulation

B.

Spanning Tree Protocol

C.

Equal-Cost Multi-Path Routing

D.

Multi-Chassis Aggregation

Answer: A

Explanation:

Generic Network Virtualization Encapsulation (Geneve) is the peacemaking protocol drafted to

unify VXLAN, NVGRE, and whatever other tunneling protocols emerge for network virtualization.

Geneve doesn’t exactly replace VXLAN and other protocols. Rather, it provides a common

superset among them, so that outside software can provide hooks to Geneve rather than having to

accommodate multiple encapsulation standards.

Note: NVGRE (Network Virtualization using Generic Routing Encapsulation) is a network

virtualization technology that attempts to alleviate the scalability problems associated with large

cloud computing deployments. It uses Generic Routing Encapsulation (GRE) to tunnel layer 2

packets over layer 3 networks. Its principal backer is Microsoft.

References:

https://www.sdxcentral.com/articles/news/intel-supports-geneve-unify-vxlan-nvgre/2014/09/

Question: 2

An organization wants to deploy a block storage in the cloud using a storage array that is

accessible through the iSCSI protocol. The hosts support iSCSI.

Why would network segmentation be included in the design to support this requirement?

A.

Secure all traffic between the storage array and the hosts

B.

Enable CHAP between the array and hosts

C.

iSCSI traffic is not supported on networks with other types of traffic

D.

Enable LUN masking capabilities of the array

Answer: D

References:

http://searchvirtualstorage.techtarget.com/definition/LUN-masking

Question: 3

An organization wants to provide backup services in the cloud. They have no backup infrastructure

in place. The organization has concerns about losing data if a site disaster occurs. They want to

maintain control of backup data placement because of data privacy laws. Finally, they want to

maintain at least one month’s worth of backups onsite.

Which backup solution will meet these requirements?

A.

Local backup

B.

Remote backups

C.

Local backup with replication

D.

Local backups with cloud gateway

Answer: D

Question: 4

An organization has internal applications that require block, file, and object storage. They

anticipate the need for multi-PB storage within the next 18 months. In addition, they would prefer

to use commodity hardware as well as open source technologies.

Which solution should be recommended?

A.

Cinder

B.

Hadoop

C.

Swift

D.

Ceph

Answer: D

Question: 5

In a cloud design, an architect has defined a separate trust zone for host management. The hosts

will be running open source hypervisors.

What should be included in the design deliverables to support this separate trust zone?

A.

Isolated management network and a common super-user account

B.

Separate PKI and encrypted CMI portal access

C.

Separate authentication source and a preferred zone set

D.

Isolated management network and a separate authentication source

Answer: D

Question: 6

Which aspect of the project definition does the cloud design scope provide?

A.

Broad directions for the project

B.

Boundaries of what the project should and should not include

C.

Sales figures that must be met when designing the project

D.

Specific features or functions that must be included in the project

Answer: B

Question: 7

A cloud architect is designing a hybrid cloud for an organization. A requirement for this

environment is that the private cloud user credential be trusted by both cloud provisioning APIs.

Which type of authentication will meet this requirement?

A.

Federated authentication

B.

Asymmetric encryption

C.

Symmetric encryption

D.

Shared-key authentication

Answer: A

Question: 8

Which categories of network traffic should be isolated from inter-host communication and each

other?

A.

Logging and messaging

B.

Cloud services and administration

C.

Administration and storage

D.

Messaging and storage

Answer: B

Question: 9

A cloud architect is evaluating an organization’s need to support thousands of virtual machine

instances and some form of encryption. Which encryption type should be selected and why?

A.

Storage array encryption to provide centralized management

B.

Full file systems encryption to simplify key management

C.

Network-based encryption to increase security at the cost of server overhead

D.

Self-encrypting storage devices to increase security at the cost of increased overhead

Answer: B

Question: 10

An organization wants to provide its developers with the ability to deploy virtual machines. These

virtual machines have software and libraries installed that are used to develop applications. Each

virtual machine will be configured with the same IP address and will be able to download

application code from a central server.

Which will be included in the design to support these requirements?

A.

VSANs and virtual firewall appliances

B.

VLANs and virtual firewall appliances

C.

VLANs and virtual IDS appliances

D.

VXLANs and an OS firewall

Answer: D

Explanation:

Virtual Extensible LAN (VXLAN) is a proposed encapsulation protocol for running an overlay

network on existing Layer 3 infrastructure. An overlay network is a virtual network that is built on

top of existing network Layer 2 and Layer 3 technologies to support elastic compute architectures.

VXLAN will make it easier for network engineers to scale out a cloud computing environment while

logically isolating cloud apps and tenants.

References:

http://whatis.techtarget.com/definition/VXLAN

Test Information:

Total Questions: 64

Test Number: E20-020

Vendor Name: EMC

Cert Name: EMCCA

Test Name: Cloud Infrastructure Specialist Exam for Cloud Architects

Official Site: https://www.certschief.com/

For More Details: https://www.certschief.com/exam/e20-020/

Certschief offers Implementing Cisco Network Security certification real exam questions answers with money back pass guarantee.