400-101 Exam Questions - Online Test
400-101 Premium VCE File
150 Lectures, 20 Hours
Q1. Refer to the exhibit.
Which BGP feature allows R1 to instruct R2 which prefixes it is allowed to advertise to R1?
A. route refresh
B. Prefix-Based Outbound Route Filtering
C. distribute lists
D. prefix lists
Answer: B
Q2. Which two features does the show ipv6 snooping features command show information about? (Choose two.)
A. RA guard
B. DHCP guard
C. ND inspection
D. source guard
Answer: A,C
Explanation:
The show ipv6 snooping features command displays the first-hop features that are configured on the router. Examples
The following example shows that both IPv6 NDP inspection and IPv6 RA guard are configured on the router:
Router# show ipv6 snooping features
Feature name priority state
RA guard 100 READY
NDP inspection 20 READY
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/command/ipv6-cr-book/ipv6-s5.html
Q3. Refer to the exhibit.
While reviewing a log file on a router with this NTP configuration, you note that the log entries of the router display a different time than the NTP time.
Which action can you take to correct the problem?
A. Add the localtime keyword to the service timestamps log datetime statement.
B. Add the msec keyword to the service timestamps log datetime statement.
C. Add the statement ntp broadcast to the NTP configuration of the neighboring router.
D. Configure the router to be the NTP master.
E. Remove the datetime keyword from the service timestamps log datetime statement.
Answer: A
Q4. On a broadcast interface, which two OSPF states support BFD sessions? (Choose two.)
A. DR
B. BDR
C. DROTHER
D. 2WAY
E. FULL
F. ACTIVE
Answer: A,B
Q5. Which command drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value, and also causes the Security Violation counter to increment?
A. switchport port-security violation protect
B. switchport port-security violation drop
C. switchport port-security violation shutdown
D. switchport port-security violation restrict
Answer: D
Explanation:
When configuring port security violation modes, note the following information:
. protect—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.
. restrict—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment.
. shutdown—Puts the interface into the error-disabled state immediately and sends an SNMP trap notification.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/port_sec.html
Q6. Refer to the exhibit.
Which statement about the device routing table is true?
A. Only networks 10.10.10.0/24 and smaller from host 192.168.168.1 are in the routing table.
B. Only networks 10.10.10.0/24 and larger from host 192.168.168.1 are in the routing table.
C. Only network 10.10.10.0/24 from host 192.168.168.1 is in the routing table.
D. Networks 10.10.10.0/24 and smaller from any host are in the routing table.
Answer: A
Explanation:
When you add the keywords “GE” and “LE” to the prefix-list, the “len” value changes its meaning. When using GE and LE, the len value specifies how many bits of the prefix you are checking, starting with the most significant bit. ip prefix-list LIST permit 1.2.3.0/24 le 32
This means: Check the first 24 bits of the prefix 1.2.3.0 The subnet mask must be less than or equal to 32
Reference: http://blog.ine.com/2007/12/26/how-do-prefix-lists-work/
Q7. Refer to the exhibit.
R1, R2, and R3 have full network connectivity to each other, but R2 prefers the path through R3 to reach network 172.17.1.0/24. Which two actions can you take so that R2 prefers the path through R1 to reach 172.17.1.0/24? (Choose two.)
A. Set the reference bandwidth to 10000 on R1, R2, and R3.
B. Configure the cost on the link between R1 and R3 to be greater than 100 Mbps.
C. Set the reference bandwidth on R2 only.
D. Configure a manual bandwidth statement with a value of 1 Gbps on the link between R1 and R3.
E. Modify the cost on the link between R1 and R2 to be greater than 10 Gbps.
F. Configure a manual bandwidth statement with a value of 100 Mbps on the link between R1 and R2.
Answer: A,B
Explanation:
By default, the reference bandwidth used in Cisco routers is 100Mbps, so FastEthernet and above will have a cost of 1, so a gigabit interface and 10GE interface will be equal with a fastethernet. This is not ideal. If we change the reference bandwidth to 100000 then the faster links will be used. Changing the reference bandwidth needs to be done on all routers in the OSPF network. Increasing the cost on the R1-R3 link will also cause the traffic to take the more direct route.
Q8. A floating static route appears in the routing table of an interface even when the interface is unusable.
Which action can you take to correct the problem?
A. Remove the permanent option from the static route.
B. Correct the administrative distance.
C. Configure the floating static route to point to another route in the routing table.
D. Correct the DHCP-provided route on the DHCP server.
Answer: A
Q9. Which two statements about IPv4 and IPv6 networks are true? (Choose two.)
A. In IPv6, hosts perform fragmentation.
B. IPv6 uses a UDP checksum to verify packet integrity.
C. In IPv6, routers perform fragmentation.
D. In IPv4, fragmentation is performed by the source of the packet.
E. IPv4 uses an optional checksum at the transport layer.
F. IPv6 uses a required checksum at the network layer.
Answer: A,B
Q10. Which two tasks are required for configuring SNMP to send traps on a Cisco IOS device? (Choose two.)
A. Create access controls for an SNMP community.
B. Configure SNMP notifications.
C. Configure the SNMP agent.
D. Configure SNMP status monitoring and troubleshooting.
E. Configure SNMP server group names.
F. Configure the SNMP server engine ID.
Answer: A,B
Explanation:
The best current practices recommend applying Access Control Lists (ACLs) to community strings and ensuring that the requests community strings are not identical to notifications community strings. Access lists provide further protection when used in combination with other protective measures. This example sets up ACL to community string:
access-list 1 permit 1.1.1.1 snmp-server community string1 ro 1
. SNMP Notifications
A key feature of SNMP is the ability to generate notifications from an SNMP agent. These notifications do not require that requests be sent from the SNMP manager. Unsolicited (asynchronous) notifications can be generated as traps or inform requests. Traps are messages alerting the SNMP manager to a condition on the network. Inform requests (informs) are traps that include a request for confirmation of receipt from the SNMP manager. Notifications can indicate improper user authentication, restarts, the closing of a connection, loss of connection to a neighbor router, or other significant events.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf014.h tml#wp1007320
- [2021-New] Cisco 400-051 Dumps With Update Exam Questions (111-120)
- [2021-New] Cisco 200-125 Dumps With Update Exam Questions (2-11)
- What Free 300-615 Preparation Is
- [2021-New] Cisco 200-125 Dumps With Update Exam Questions (161-168)
- [2021-New] Cisco 300-207 Dumps With Update Exam Questions (41-50)
- [2021-New] Cisco 400-101 Dumps With Update Exam Questions (101-110)
- [2021-New] Cisco 300-135 Dumps With Update Exam Questions (31-38)
- [2021-New] Cisco 400-051 Dumps With Update Exam Questions (9-18)
- Cisco 400-151 Exam Questions and Answers 2021
- [2021-New] Cisco 700-551 Dumps With Update Exam Questions (1-10)