aiotestking uk

400-101 Exam Questions - Online Test


400-101 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Refer to the exhibit. 

Which BGP feature allows R1 to instruct R2 which prefixes it is allowed to advertise to R1? 

A. route refresh 

B. Prefix-Based Outbound Route Filtering 

C. distribute lists 

D. prefix lists 

Answer:

Q2. Which two features does the show ipv6 snooping features command show information about? (Choose two.) 

A. RA guard 

B. DHCP guard 

C. ND inspection 

D. source guard 

Answer: A,C 

Explanation: 

The show ipv6 snooping features command displays the first-hop features that are configured on the router. Examples 

The following example shows that both IPv6 NDP inspection and IPv6 RA guard are configured on the router: 

Router# show ipv6 snooping features 

Feature name priority state 

RA guard 100 READY 

NDP inspection 20 READY 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/command/ipv6-cr-book/ipv6-s5.html 

Q3. Refer to the exhibit. 

While reviewing a log file on a router with this NTP configuration, you note that the log entries of the router display a different time than the NTP time. 

Which action can you take to correct the problem? 

A. Add the localtime keyword to the service timestamps log datetime statement. 

B. Add the msec keyword to the service timestamps log datetime statement. 

C. Add the statement ntp broadcast to the NTP configuration of the neighboring router. 

D. Configure the router to be the NTP master. 

E. Remove the datetime keyword from the service timestamps log datetime statement. 

Answer:

Q4. On a broadcast interface, which two OSPF states support BFD sessions? (Choose two.) 

A. DR 

B. BDR 

C. DROTHER 

D. 2WAY 

E. FULL 

F. ACTIVE 

Answer: A,B 

Q5. Which command drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value, and also causes the Security Violation counter to increment? 

A. switchport port-security violation protect 

B. switchport port-security violation drop 

C. switchport port-security violation shutdown 

D. switchport port-security violation restrict 

Answer:

Explanation: 

When configuring port security violation modes, note the following information: 

. protect—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value. 

. restrict—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment. 

. shutdown—Puts the interface into the error-disabled state immediately and sends an SNMP trap notification. 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/port_sec.html 

Q6. Refer to the exhibit. 

Which statement about the device routing table is true? 

A. Only networks 10.10.10.0/24 and smaller from host 192.168.168.1 are in the routing table. 

B. Only networks 10.10.10.0/24 and larger from host 192.168.168.1 are in the routing table. 

C. Only network 10.10.10.0/24 from host 192.168.168.1 is in the routing table. 

D. Networks 10.10.10.0/24 and smaller from any host are in the routing table. 

Answer:

Explanation: 

When you add the keywords “GE” and “LE” to the prefix-list, the “len” value changes its meaning. When using GE and LE, the len value specifies how many bits of the prefix you are checking, starting with the most significant bit. ip prefix-list LIST permit 1.2.3.0/24 le 32 

This means: Check the first 24 bits of the prefix 1.2.3.0 The subnet mask must be less than or equal to 32 

Reference: http://blog.ine.com/2007/12/26/how-do-prefix-lists-work/ 

Q7. Refer to the exhibit. 

R1, R2, and R3 have full network connectivity to each other, but R2 prefers the path through R3 to reach network 172.17.1.0/24. Which two actions can you take so that R2 prefers the path through R1 to reach 172.17.1.0/24? (Choose two.) 

A. Set the reference bandwidth to 10000 on R1, R2, and R3. 

B. Configure the cost on the link between R1 and R3 to be greater than 100 Mbps. 

C. Set the reference bandwidth on R2 only. 

D. Configure a manual bandwidth statement with a value of 1 Gbps on the link between R1 and R3. 

E. Modify the cost on the link between R1 and R2 to be greater than 10 Gbps. 

F. Configure a manual bandwidth statement with a value of 100 Mbps on the link between R1 and R2. 

Answer: A,B 

Explanation: 

By default, the reference bandwidth used in Cisco routers is 100Mbps, so FastEthernet and above will have a cost of 1, so a gigabit interface and 10GE interface will be equal with a fastethernet. This is not ideal. If we change the reference bandwidth to 100000 then the faster links will be used. Changing the reference bandwidth needs to be done on all routers in the OSPF network. Increasing the cost on the R1-R3 link will also cause the traffic to take the more direct route. 

Q8. A floating static route appears in the routing table of an interface even when the interface is unusable. 

Which action can you take to correct the problem? 

A. Remove the permanent option from the static route. 

B. Correct the administrative distance. 

C. Configure the floating static route to point to another route in the routing table. 

D. Correct the DHCP-provided route on the DHCP server. 

Answer:

Q9. Which two statements about IPv4 and IPv6 networks are true? (Choose two.) 

A. In IPv6, hosts perform fragmentation. 

B. IPv6 uses a UDP checksum to verify packet integrity. 

C. In IPv6, routers perform fragmentation. 

D. In IPv4, fragmentation is performed by the source of the packet. 

E. IPv4 uses an optional checksum at the transport layer. 

F. IPv6 uses a required checksum at the network layer. 

Answer: A,B 

Q10. Which two tasks are required for configuring SNMP to send traps on a Cisco IOS device? (Choose two.) 

A. Create access controls for an SNMP community. 

B. Configure SNMP notifications. 

C. Configure the SNMP agent. 

D. Configure SNMP status monitoring and troubleshooting. 

E. Configure SNMP server group names. 

F. Configure the SNMP server engine ID. 

Answer: A,B 

Explanation: 

The best current practices recommend applying Access Control Lists (ACLs) to community strings and ensuring that the requests community strings are not identical to notifications community strings. Access lists provide further protection when used in combination with other protective measures. This example sets up ACL to community string: 

access-list 1 permit 1.1.1.1 snmp-server community string1 ro 1 

. SNMP Notifications 

A key feature of SNMP is the ability to generate notifications from an SNMP agent. These notifications do not require that requests be sent from the SNMP manager. Unsolicited (asynchronous) notifications can be generated as traps or inform requests. Traps are messages alerting the SNMP manager to a condition on the network. Inform requests (informs) are traps that include a request for confirmation of receipt from the SNMP manager. Notifications can indicate improper user authentication, restarts, the closing of a connection, loss of connection to a neighbor router, or other significant events. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf014.h tml#wp1007320