Implementing Cisco Application Centric Infrastructure (DCACI)
The Implementing Cisco Application Centric Infrastructure (DCACI) certification exam is tailored for professionals working with Cisco’s ACI solution in modern data centers. This practice test is designed to help candidates build proficiency in configuring, managing, and troubleshooting ACI within Nexus 9000 Series switches and Cisco Application Policy Infrastructure Controller (APIC) environments.
Covering essential topics such as ACI architecture, policy model, fabric discovery, tenant configuration, contracts, and integration with Layer 4–7 services, this resource enables in-depth understanding of Cisco’s intent-based networking framework. It supports real-world learning through scenario-based questions that reflect practical challenges in deploying scalable, secure, and agile data center networks.
Ideal for network engineers, data center administrators, and system architects, this exam prep ensures readiness to work with ACI-based automation, service insertion, and multi-tenant designs. It reinforces knowledge of VXLAN encapsulation, endpoint learning, access policies, and troubleshooting tools used in ACI deployments.
Gain the confidence to implement and manage Cisco ACI with precision, and prepare thoroughly to succeed in the DCACI certification exam.
Sample Questions and Answers
1. What is the purpose of the Cisco Application Policy Infrastructure Controller (APIC) in ACI?
A. Enforces north-south traffic policies
B. Acts as a Layer 3 switch
C. Provides centralized automation and management of the ACI fabric
D. Hosts virtual machines in the ACI fabric
Answer: C
Explanation: The APIC is the central controller in Cisco ACI that automates, manages, and monitors the ACI fabric. It defines policies, pushes configurations, and monitors health scores.
2. Which protocol is primarily used by Cisco ACI fabric for endpoint learning?
A. OSPF
B. IS-IS
C. COOP (Council of Oracle Protocol)
D. BGP
Answer: C
Explanation: COOP is used by spine switches to maintain endpoint information from leaf switches. It’s a key part of endpoint learning in ACI.
3. What is an Endpoint Group (EPG) in ACI?
A. A group of switches that form a control plane
B. A collection of interfaces with similar policies
C. A group of endpoints that share common policy requirements
D. A routing table on the spine switches
Answer: C
Explanation: EPGs group endpoints with similar policy needs, simplifying policy enforcement and management in ACI.
4. Which two components are part of the ACI policy model? (Choose two)
A. Bridge domains
B. Autonomous Systems
C. Contracts
D. VLANs
Answer: A, C
Explanation: ACI policy models are built around objects like bridge domains and contracts, which define communication policies between EPGs.
5. What role do leaf switches serve in the ACI fabric?
A. Store global endpoint tables
B. Route external traffic only
C. Provide connectivity to endpoints and servers
D. Run management services for the fabric
Answer: C
Explanation: Leaf switches connect endpoints (e.g., servers, firewalls) to the ACI fabric and enforce policies defined by the APIC.
6. Which component handles traffic forwarding in the ACI fabric?
A. APIC
B. Leaf and Spine switches
C. Endpoints
D. Controllers
Answer: B
Explanation: Spine and leaf switches are responsible for forwarding traffic within the ACI fabric, while APIC handles policy and configuration.
7. In ACI, what is the function of a contract?
A. Creates a secure zone
B. Defines communication rules between EPGs
C. Assigns IP addresses to endpoints
D. Enables multicast routing
Answer: B
Explanation: Contracts specify what types of traffic are allowed between EPGs. Without a contract, no communication is allowed.
8. Which tunneling protocol is used within the ACI fabric to transport traffic?
A. VXLAN
B. GRE
C. MPLS
D. L2TP
Answer: A
Explanation: VXLAN is used to encapsulate Layer 2 traffic across Layer 3 infrastructure in Cisco ACI.
9. What is a bridge domain in ACI?
A. A Layer 3 VPN instance
B. A Layer 2 forwarding construct
C. A policy enforcement domain
D. An endpoint authentication protocol
Answer: B
Explanation: A bridge domain is a Layer 2 construct in ACI used to define the broadcast domain for EPGs.
10. What are tenants in the Cisco ACI architecture?
A. Types of switch roles
B. Logical containers for policies and configurations
C. Hardware abstraction layers
D. SDN controllers
Answer: B
Explanation: Tenants are logical partitions that separate applications, policies, and configurations for multi-tenancy support.
11. Which statement is true about the ACI fabric discovery process?
A. Spines discover leafs
B. Leafs discover APICs
C. Leafs and spines discover each other via LLDP
D. APICs discover the fabric via DHCP
Answer: C
Explanation: Fabric discovery is initiated using LLDP between APICs and leafs, and then between leafs and spines.
12. What feature enables seamless migration from legacy networks to ACI?
A. VRF routing
B. Interleaved control planes
C. ACI Anywhere
D. Network Centric mode
Answer: D
Explanation: Network Centric mode maps traditional VLANs and subnets to bridge domains and EPGs, easing the transition from legacy networks.
13. Which Cisco ACI feature ensures application availability and scalability across data centers?
A. LISP
B. ACI Multi-Site
C. BGP EVPN
D. VTP
Answer: B
Explanation: ACI Multi-Site extends ACI policies and fabrics across geographically dispersed data centers while maintaining isolation and high availability.
14. What is a VRF in Cisco ACI used for?
A. Encrypting traffic
B. Defining Layer 2 boundaries
C. Enabling logical Layer 3 segmentation
D. Policy management
Answer: C
Explanation: A VRF (Virtual Routing and Forwarding) instance is used in ACI to maintain separate Layer 3 routing tables for different tenants.
15. What is the role of policy-based redirect in Cisco ACI?
A. Blocking north-south traffic
B. Load balancing links
C. Redirecting traffic to specific service appliances
D. Avoiding spanning tree loops
Answer: C
Explanation: Policy-based redirect allows traffic to be forwarded through firewalls, load balancers, or other service devices using defined policies.
16. Which of the following are characteristics of the spine-leaf architecture? (Choose two)
A. All leafs connect directly to each other
B. Leafs connect only to spines
C. Spines interconnect with each other
D. Spines connect to leafs only
Answer: B, D
Explanation: Spine-leaf architecture ensures non-blocking, scalable connectivity. Leafs connect to spines but not to other leafs.
17. What is the primary purpose of fabric access policies in ACI?
A. Defining spine switch roles
B. Controlling endpoint learning
C. Defining switch-to-APIC connectivity
D. Automating the onboarding of endpoints
Answer: D
Explanation: Fabric access policies define how endpoints connect to the fabric, automating port profiles and VLAN mappings.
18. Which feature allows ACI to integrate with VMware vCenter?
A. DVS Connector
B. VMM Domain
C. LACP Bundle
D. Host Initiator Protocol
Answer: B
Explanation: A VMM (Virtual Machine Manager) Domain integrates Cisco ACI with hypervisors like VMware vCenter for policy enforcement at the VM level.
19. Which Cisco tool provides GUI access to monitor ACI fabric?
A. Cisco ISE
B. Prime Infrastructure
C. Cisco APIC
D. DNA Center
Answer: C
Explanation: Cisco APIC provides GUI-based access for configuring and monitoring the ACI fabric.
20. What is an In-Band management interface used for in ACI?
A. Out-of-band monitoring
B. Direct switch console access
C. Managing fabric devices via internal fabric IP
D. Logging northbound API calls
Answer: C
Explanation: In-band management allows management traffic over the same data fabric used by regular traffic, utilizing fabric IPs.
21. How is traffic between EPGs controlled in ACI?
A. Using ACLs
B. Through VLAN configurations
C. Using contracts
D. By route maps
Answer: C
Explanation: Communication between EPGs is explicitly allowed using contracts; otherwise, traffic is denied by default.
22. What happens when an endpoint is learned by ACI?
A. It is added to a routing protocol
B. Its MAC/IP binding is stored in the COOP database
C. It triggers multicast routing
D. It creates a VRF instance
Answer: B
Explanation: When an endpoint is learned, its MAC and IP are registered with the spine COOP database.
23. Which of the following are benefits of Cisco ACI? (Choose two)
A. Simplified policy model
B. Manual provisioning of every device
C. Decentralized management
D. Micro-segmentation
Answer: A, D
Explanation: Cisco ACI supports automation through a centralized policy model and offers micro-segmentation capabilities for granular security.
24. What is the purpose of a tenant in ACI?
A. Defines global routing
B. Creates LACP bundles
C. Segments logical networks
D. Assigns IP addresses
Answer: C
Explanation: Tenants logically isolate applications and policies within the ACI fabric.
25. How does ACI ensure endpoint mobility across leaf switches?
A. By assigning static routes
B. Using VXLAN encapsulation
C. Through DHCP snooping
D. Using IP-SLA
Answer: B
Explanation: VXLAN tunnels allow endpoints to move freely within the fabric while preserving connectivity.
26. What defines a Layer 3 boundary in ACI?
A. Bridge domain
B. EPG
C. VRF
D. VLAN
Answer: C
Explanation: VRFs define Layer 3 boundaries by maintaining separate routing tables for traffic segregation.
27. Which tool helps monitor application health in ACI?
A. NetFlow
B. SNMP
C. APIC Health Score
D. Wireshark
Answer: C
Explanation: APIC Health Score provides real-time metrics and alarms for fabric and application performance.
28. What allows external Layer 3 routing in ACI?
A. Static routes
B. L3Out
C. HSRP
D. NAT
Answer: B
Explanation: L3Out enables connectivity between ACI fabric and external Layer 3 networks using BGP or OSPF.
29. Which object groups endpoints for communication and policy enforcement?
A. Bridge domain
B. VRF
C. EPG
D. Contract
Answer: C
Explanation: Endpoints with similar policies are grouped in EPGs for streamlined policy enforcement.
30. Which is a key security feature in ACI for east-west traffic?
A. PVLAN
B. VLAN pruning
C. Micro-segmentation
D. Port Security
Answer: C
Explanation: Micro-segmentation allows policy-based control between individual workloads, even within the same EPG or subnet.
Set 2
1. What is the primary function of the Cisco Application Policy Infrastructure Controller (APIC) in ACI?
A. Acts as a Layer 2 switch
B. Provides centralized automation and management of the ACI fabric
C. Hosts virtual machines in the ACI fabric
D. Enforces north-south traffic policies
Answer: B
Explanation: The APIC serves as the central controller in Cisco ACI, automating, managing, and monitoring the ACI fabric. It defines policies, pushes configurations, and monitors health scores.
2. Which protocol is primarily used by Cisco ACI fabric for endpoint learning?
A. OSPF
B. IS-IS
C. COOP (Council of Oracle Protocol)
D. BGP
Answer: C
Explanation: COOP is used by spine switches to maintain endpoint information from leaf switches. It’s a key part of endpoint learning in ACI.
3. What is an Endpoint Group (EPG) in ACI?
A. A group of switches that form a control plane
B. A collection of interfaces with similar policies
C. A group of endpoints that share common policy requirements
D. A routing table on the spine switches
Answer: C
Explanation: EPGs group endpoints with similar policy needs, simplifying policy enforcement and management in ACI.
4. Which two components are part of the ACI policy model? (Choose two)
A. Bridge domains
B. Autonomous Systems
C. Contracts
D. VLANs
Answer: A, C
Explanation: ACI policy models are built around objects like bridge domains and contracts, which define communication policies between EPGs.
5. What role do leaf switches serve in the ACI fabric?
A. Store global endpoint tables
B. Route external traffic only
C. Provide connectivity to endpoints and servers
D. Run management services for the fabric
Answer: C
Explanation: Leaf switches connect endpoints (e.g., servers, firewalls) to the ACI fabric and enforce policies defined by the APIC.
6. Which component handles traffic forwarding in the ACI fabric?
A. APIC
B. Leaf and Spine switches
C. Endpoints
D. Controllers
Answer: B
Explanation: Spine and leaf switches are responsible for forwarding traffic within the ACI fabric, while APIC handles policy and configuration.
7. In ACI, what is the function of a contract?
A. Creates a secure zone
B. Defines communication rules between EPGs
C. Assigns IP addresses to endpoints
D. Enables multicast routing
Answer: B
Explanation: Contracts specify what types of traffic are allowed between EPGs. Without a contract, no communication is allowed.
8. Which tunneling protocol is used within the ACI fabric to transport traffic?
A. VXLAN
B. GRE
C. MPLS
D. L2TP
Answer: A
Explanation: VXLAN is used to encapsulate Layer 2 traffic across Layer 3 infrastructure in Cisco ACI.
9. What is a bridge domain in ACI?
A. A Layer 3 VPN instance
B. A Layer 2 forwarding construct
C. A policy enforcement domain
D. An endpoint authentication protocol
Answer: B
Explanation: A bridge domain is a Layer 2 construct in ACI used to define the broadcast domain for EPGs.
10. What are tenants in the Cisco ACI architecture?
A. Types of switch roles
B. Logical containers for policies and configurations
C. Hardware abstraction layers
D. SDN controllers
Answer: B
Explanation: Tenants are logical partitions that separate applications, policies, and configurations for multi-tenancy support.
11. Which statement is true about the ACI fabric discovery process?
A. Spines discover leafs
B. Leafs discover APICs
C. Leafs and spines discover each other via LLDP
D. APICs discover the fabric via DHCP
Answer: C
Explanation: Fabric discovery is initiated using LLDP between APICs and leafs, and then between leafs and spines.
12. What feature enables seamless migration from legacy networks to ACI?
A. VRF routing
B. Interleaved control planes
C. ACI Anywhere
D. Network Centric mode
Answer: D
Explanation: Network Centric mode maps traditional VLANs and subnets to bridge domains and EPGs, easing the transition from legacy networks.
13. Which Cisco ACI feature ensures application availability and scalability across data centers?
A. LISP
B. ACI Multi-Site
C. BGP EVPN
D. VTP
Answer: B
Explanation: ACI Multi-Site extends ACI policies and fabrics across geographically dispersed data centers while maintaining isolation and high availability.
14. What is a VRF in Cisco ACI used for?
A. Encrypting traffic
B. Defining Layer 2 boundaries
C. Enabling logical Layer 3 segmentation
D. Policy management
Answer: C
Explanation: A VRF (Virtual Routing and Forwarding) instance is used in ACI to maintain separate Layer 3 routing tables for different tenants.
15. What is the role of policy-based redirect in Cisco ACI?
A. Blocking north-south traffic
B. Load balancing links
C. Redirecting traffic to specific service appliances
D. Avoiding spanning tree loops
Answer: C
Explanation: Policy-based redirect allows traffic to be forwarded through firewalls, load balancers, or other service devices using defined policies.
16. Which of the following are characteristics of the spine-leaf architecture? (Choose two)
A. All leafs connect directly to each other
B. Leafs connect only to spines
C. Spines interconnect with each other
D. Spines connect to leafs only
Answer: B, D
Explanation: Spine-leaf architecture ensures non-blocking, scalable connectivity. Leafs connect to spines but not to other leafs.
17. What is the primary purpose of fabric access policies in ACI?
A. Defining spine switch roles
B. Controlling endpoint learning
C. Defining switch-to-APIC connectivity
D. Automating the onboarding of endpoints
Answer: D
Explanation: Fabric access policies define how endpoints connect to the fabric, automating port profiles and VLAN mappings.
18. Which feature allows ACI to integrate with VMware vCenter?
A. DVS Connector
B. VMM Domain
C. LACP Bundle
D. Host Initiator Protocol
Answer: B
Explanation: A VMM (Virtual Machine Manager) Domain integrates Cisco ACI with hypervisors like VMware vCenter for policy enforcement at the VM level.
19. Which Cisco tool provides GUI access to monitor ACI fabric?
A. Cisco ISE
B. Prime Infrastructure
C. Cisco APIC
D. DNA Center
Answer: C
Explanation: Cisco APIC provides GUI-based access for configuring and monitoring the ACI fabric.
20. What is an In-Band management interface used for in ACI?
A. Out-of-band monitoring
B. Direct switch console access
C. Managing fabric devices via internal fabric IP
D. Logging northbound API calls
Answer: C
Explanation: In-band management allows management traffic over the same data fabric used by regular traffic, utilizing fabric IPs.
21. How is traffic between EPGs controlled in ACI?
A. Using ACLs
B. Through VLAN configurations
C. Using contracts
D. By route maps
Answer: C
Explanation: Communication between EPGs is explicitly allowed using contracts; otherwise, traffic is denied by default.
22. What happens when an endpoint is learned by ACI?
A. It is added to a routing protocol
B. Its MAC/IP binding is stored in the COOP database
C. It triggers multicast routing
D. It creates a VRF instance
Answer: B
Explanation: When an endpoint is learned, its MAC and IP are registered with the spine COOP database.
23. Which of the following are benefits of Cisco ACI? (Choose two)
A. Simplified policy model
B. Manual provisioning of every device
C. Decentralized management
D. Micro-segmentation
Answer: A, D
Explanation: Cisco ACI supports automation through a centralized policy model and offers micro-segmentation capabilities for granular security.
24. What is the purpose of a tenant in ACI?
A. Defines global routing
B. Creates LACP bundles
C. Segments logical networks
D. Assigns IP addresses
Answer: C
Explanation: Tenants logically isolate applications and policies within the ACI fabric.
25. How does ACI ensure endpoint mobility across leaf switches?
A. By assigning static routes
B. Using VXLAN encapsulation
C. Through DHCP snooping
D. Using IP-SLA
Answer: B
Explanation: VXLAN tunnels allow endpoints to move freely within the fabric while preserving connectivity.
