Implementing and Operating Cisco Data Center Core Technologies (DCCOR) — Question 504

An engineer configures a storage environment for a customer with high-security standards. The secure environment is configured in VSAN 50. The customer wants to maintain a configuration and active databases and prevent unauthorized switches from joining the fabric. Additionally, the switches must prevent rogue device from connecting to their ports by automatically learning the WWPNs of the ports connected to them for the first time. Which configuration sets must be used to meet these requirements? (Choose two.)

Answer options

• A. fcsp enable fcsp auto-active
• B. fcsp dhchap hash md5 sha1
• C. fabric-binding activate vsan 50 force
• D. clear fabric-binding activate vsan 50 fabric-binding activate vsan 50
• E. port-security enable port-security activate vsan 50

Correct answer: C, E

Explanation

The correct configurations are C and E. Option C, 'fabric-binding activate vsan 50 force', ensures that only authorized switches are allowed to join the fabric, which aligns with the high-security standards. Option E, 'port-security enable port-security activate vsan 50', prevents unauthorized devices by automatically learning the WWPNs, thus blocking rogue devices. Options A, B, and D do not address the specific requirements for securing the fabric against unauthorized access.