aiotestking uk

300-101 Exam Questions - Online Test


300-101 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Which PPP authentication method sends authentication information in clear text? 

A. MS CHAP 

B. CDPCP 

C. CHAP 

D. PAP 

Answer:

Explanation: 

PAP authentication involves a two-way handshake where the username and password are

sent across the link in clear text; hence, PAP authentication does not provide any protection against

playback and line sniffing. CHAP authentication, on the other hand, periodically verifies the identity of the

remote node using a three-way handshake. After the PPP link is established, the host sends a "challenge"

message to the remote node. The remote node responds with a value calculated using a one-way hash

function. The host checks the response against its own calculation of the expected hash value. If the

values match, the authentication is acknowledged; otherwise, the connection is terminated. Reference:

http://www.cisco.com/c/en/us/support/docs/wan/point-to-point-protocol-ppp/10241- ppp-callinhostname.

html

Q2. Which switching method is used when entries are present in the output of the command show ip cache? 

A. fast switching 

B. process switching 

C. Cisco Express Forwarding switching 

D. cut-through packet switching 

Answer:

Explanation: 

Fast switching allows higher throughput by switching a packet using a cache created by the initial packet

sent to a particular destination. Destination addresses are stored in the high-speed cache to expedite forwarding. Routers offer better packet-transfer performance when fast switching is enabled. Fast switching is enabled by default on all interfaces that support fast switching.

To display the routing table cache used to fast switch IP traffic, use the "show ip cache" EXEC command.

Reference:

http://www.cisco.com/c/en/us/td/docs/ios/12_2/switch/command/reference/fswtch_r/xrfscmd5.ht

ml#wp1038133

Q3. You have been asked to evaluate how EIGRP is functioning in a customer network. 

What type of route filtering is occurring on R6 

A. Distribute-list using an ACL 

B. Distribute-list using a prefix-list 

C. Distribute-list using a route-map 

D. An ACL using a distance of 255 

Answer:

Explanation: 

Q4. Which type of BGP AS number is 64591? 

A. a private AS number 

B. a public AS number 

C. a private 4-byte AS number 

D. a public 4-byte AS number 

Answer:

Explanation: 

Q5. Which address is used by the Unicast Reverse Path Forwarding protocol to validate a packet against the routing table? 

A. source address 

B. destination address 

C. router interface 

D. default gateway 

Answer:

Explanation: 

The Unicast RPF feature helps to mitigate problems that are caused by the introduction of

malformed or forged (spoofed) IP source addresses into a network by discarding IP packets that lack a

verifiable IP source address. For example, a number of common types of denial-of-service (DoS) attacks,

including Smurf and Tribal Flood Network (TFN), can take advantage of forged or rapidly changing source

IP addresses to allow attackers to thwart efforts to locate or filter the attacks. For Internet service providers

(ISPs) that provide public access, Unicast RPF deflects such attacks by forwarding only packets that have

source addresses that are valid and consistent with the IP routing table. This action protects the network of

the ISP, its customer, and the rest of the Internet. Reference: http://www.cisco.com/en/US/docs/ios/12_2/

security/configuration/guide/scfrpf.html

Q6. An engineer has configured a router to use EUI-64, and was asked to document the IPv6 address of the router. The router has the following interface parameters: 

mac address C601.420F.0007 

subnet 2001:DB8:0:1::/64 

Which IPv6 addresses should the engineer add to the documentation? 

A. 2001:DB8:0:1:C601:42FF:FE0F:7 

B. 2001:DB8:0:1:FFFF:C601:420F:7 

C. 2001:DB8:0:1:FE80:C601:420F:7 

D. 2001:DB8:0:1:C601:42FE:800F:7 

Answer:

Explanation: 

Explanation: Extended Unique Identifier (EUI), as per RFC2373, allows a host to assign iteslf a unique 64-

Bit IP Version 6 interface identifier (EUI-64). This feature is a key benefit over IPv4 as it eliminates the

need of manual configuration or DHCP as in the world of IPv4. The IPv6 EUI-64 format address is obtained

through the 48-bit MAC address. The Mac address is first separated into two 24-bits, with one being OUI

(Organizationally Unique Identifier) and the other being NIC specific. The 16-bit 0xFFFE is then inserted

between these two 24-bits to for the 64-bit EUI address. IEEE has chosen FFFE as a reserved value which

can only appear in EUI-64 generated from the EUI-48 MAC address. Here is an example showing how the

Mac Address is used to generate EUI.

Next, the seventh bit from the left, or the universal/local (U/L) bit, needs to be inverted. This bit identifies

whether this interface identifier is universally or locally administered. If 0, the address is locally

administered and if 1, the address is globally unique. It is worth noticing that in the OUI portion, the globally

unique addresses assigned by the IEEE has always been set to 0 whereas the locally created addresses

has 1 configured. Therefore, when the bit is inverted, it maintains its original scope (global unique address

is still global unique and vice versa). The reason for inverting can be found in RFC4291 section 2.5.1.

Reference: https:// supportforums.cisco.com/document/100566/understanding-ipv6-eui-64-bit- address

Q7. Which statement about the use of tunneling to migrate to IPv6 is true? 

A. Tunneling is less secure than dual stack or translation. 

B. Tunneling is more difficult to configure than dual stack or translation. 

C. Tunneling does not enable users of the new protocol to communicate with users of the old protocol without dual-stack hosts. 

D. Tunneling destinations are manually determined by the IPv4 address in the low-order 32 bits of IPv4-compatible IPv6 addresses. 

Answer:

Explanation: 

Using the tunneling option, organizations build an overlay network that tunnels one protocol over the other

by encapsulating IPv6 packets within IPv4 packets and IPv4 packets within IPv6 packets. The advantage of this approach is that the new protocol can work without disturbing the old protocol, thus providing connectivity between users of the new protocol. Tunneling has two disadvantages, as discussed in RFC 6144: Users of the new architecture cannot use the services of the underlying infrastructure.

Tunneling does not enable users of the new protocol to communicate with users of the old protocol without

dual-stack hosts, which negates interoperability. 

Reference: http://www.cisco.com/c/en/us/products/

collateral/ios-nx-os-software/enterprise-ipv6- solution/white_paper_c11-676278.html

Q8. What is a function of NPTv6? 

A. It interferes with encryption of the full IP payload. 

B. It maintains a per-node state. 

C. It is checksum-neutral. 

D. It rewrites transport layer headers. 

Answer:

Explanation: 

RFC 6296 describes a stateless IPv6-to-IPv6 Network Prefix Translation (NPTv6) function,

designed to provide address independence to the edge network. It is transport-agnostic with respect to

transports that do not checksum the IP header, such as SCTP, and to transports that use the TCP/UDP/

DCCP (Datagram Congestion Control Protocol) pseudo-header and checksum NPTv6 provides a simple

and compelling solution to meet the address-independence requirement in IPv6. The addressindependence

benefit stems directly from the translation function of the network prefix translator. To avoid

as many of the issues associated with NAPT44 as possible, NPTv6 is defined to include a two-way,

checksum-neutral, algorithmic translation function, and nothing else. Reference: http://tools.ietf.org/html/

rfc6296

Q9. The enterprise network WAN link has been receiving several denial of service attacks from both IPv4 and IPv6 sources. Which three elements can you use to identify an IPv6 packet via its header, in order to filter future attacks? (Choose three.) 

A. Traffic Class 

B. Source address 

C. Flow Label 

D. Hop Limit 

E. Destination Address 

F. Fragment Offset 

Answer: A,C,D 

Explanation: 

Q10. What is the primary service that is provided when you implement Cisco Easy Virtual Network? 

A. It requires and enhances the use of VRF-Lite. 

B. It reduces the need for common services separation. 

C. It allows for traffic separation and improved network efficiency. 

D. It introduces multi-VRF and label-prone network segmentation. 

Answer:

Explanation: