aiotestking uk

400-101 Exam Questions - Online Test


400-101 Premium VCE File

Learn More 100% Pass Guarantee - Dumps Verified - Instant Download
150 Lectures, 20 Hours

Q1. Which two statements best describes the difference between active mode monitoring and passive mode monitoring? (Choose two.) 

A. Active mode monitoring is the act of Cisco PfR gathering information on user packets assembled into flows by NetFlow. 

B. Active mode monitoring uses IP SLA probes for obtaining performance characteristics of the current exit WAN link. 

C. Passive mode monitoring uses IP SLA to generate probes for the purpose of obtaining information regarding the characteristics of the WAN links. 

D. Passive mode monitoring uses NetFlow for obtaining performance characteristics of the exit WAN links. 

Answer: B,D 

Q2. Refer to the exhibit. 

If OSPF is implemented on the network, which additional configuration is needed to allow traffic from host 10.4.1.15/24 to host 10.1.2.20/24? 

A. A virtual link between router 2 and router 4 

B. A virtual link between router 3 and router 4 

C. A virtual link between router 2 and router 3 

D. The current design allows traffic between the two hosts. 

Answer:

Explanation: 

This specific traffic from 10.4.1.0/24 to 10.1.2.0/24 would work because this traffic crosses only over the single OSPF area of 0.0.0.1. 

However, traffic from hosts on R4 to R1 would indeed need a virtual link, since area 0.0.0.2 is not connected to the backbone area of 0.0.0.0. 

Q3. What is a cause for unicast flooding? 

A. Unicast flooding occurs when multicast traffic arrives on a Layer 2 switch that has directly connected multicast receivers. 

B. When PIM snooping is not enabled, unicast flooding occurs on the switch that interconnects the PIM-enabled routers. 

C. A man-in-the-middle attack can cause the ARP cache of an end host to have the wrong MAC address. Instead of having the MAC address of the default gateway, it has a MAC address of the man-in-the-middle. This causes all traffic to be unicast flooded through the man-in-the-middle, which can then sniff all packets. 

D. Forwarding table overflow prevents new MAC addresses from being learned, and packets destined to those MAC addresses are flooded until space becomes available in the forwarding table. 

Answer:

Explanation: 

Causes of Flooding The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on). Below case studies display most common reasons for destination MAC address not being known to the switch. 

Cause 1: Asymmetric Routing 

Large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links 

Cause 2: Spanning-Tree Protocol Topology Changes 

Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur 

Cause 3: Forwarding Table Overflow 

Another possible cause of flooding can be overflow of the switch forwarding table. In this case, new addresses cannot be learned and packets destined to such addresses are flooded until some space becomes available in the forwarding table. New addresses will then be learned. This is possible but rare, since most modern switches have large enough forwarding tables to accommodate MAC addresses for most designs. 

Reference: 

http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/23563-143.html 

Q4. Which two descriptions of the keying mechanisms that are used to distribute the session keys used in routing authentication are true? (Choose two.) 

A. Peer keying creates a unique one-to-one relationship with another peer. 

B. Group keying creates a single keying message to multiple peers. 

C. Peer keying creates a single keying message to multiple peers. 

D. Group keying creates a unique one-to-one relationship with another peer. 

E. Group keying creates a full mesh of keying sessions to all devices. 

F. Peer keying creates a full mesh of keying sessions to all devices. 

Answer: A,B 

Q5. Refer to the exhibit. 

Switch DSW1 should share the same MST region with switch DSW2. Which statement is true? 

A. Configure DSW1 with the same version number, and VLAN-to-instance mapping as shown on DSW2. 

B. Configure DSW1 with the same region name, number, and VLAN-to-instance mapping as shown on DSW2. 

C. DSW2 uses the VTP server mode to automatically propagate the MST configuration to DSW1. 

D. DSW1 is in VTP client mode with a lower configuration revision number, therefore, it automatically inherits MST configuration from DSW2. 

E. DSW1 automatically inherits MST configuration from DSW2 because they have the same domain name. 

Answer:

Q6. DRAG DROP 

Drag and drop the Cisco IOS XE subpackage on the left to the function it performs on the right. 

Answer:  

Q7. Which three benefits does the Cisco Easy Virtual Network provide to an enterprise network? 

(Choose three.) 

A. simplified Layer 3 network virtualization 

B. improved shared services support 

C. enhanced management, troubleshooting, and usability 

D. reduced configuration and deployment time for dot1q trunking 

E. increased network performance and throughput 

F. decreased BGP neighbor configurations 

Answer: A,B,C 

Q8. When EIGRP is used as the IPv4 PE-CE protocol, which two requirements must be configured before the BGP IPv4 address family can be configured? (Choose two.) 

A. the route distinguisher 

B. the virtual routing and forwarding instance 

C. the loopback interface 

D. the router ID 

Answer: A,B 

Explanation: 

A VRF must be created, and a route distinguisher and route target must be configured in order for the PE routers in the BGP network to carry EIGRP routes to the EIGRP CE site. The VRF must also be associated with an interface in order for the PE router to send routing updates to the CE router. Prerequisites Before this feature can be configured, MPLS and CEF must be configured in the BGP network, and multiprotocol BGP and EIGRP must be configured on all PE routers that provide VPN services to CE routers. 

Reference: 

http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/seipecec.html#wp1083316 

Q9. Which BGP feature enables you to install a backup path in the forwarding table? 

A. soft reconfiguration 

B. prefix independent convergence 

C. route refresh 

D. synchronization 

Answer:

Explanation: 

To install a backup path into the forwarding table and provide prefix independent convergence (PIC) in case of a PE-CE link failure, use the additional-paths install backup command in an appropriate address family configuration mode. To prevent installing the backup path, use the no form of this command. To disable prefix independent convergence, use the disable keyword. 

Reference: http://www.cisco.com/c/en/us/td/docs/routers/crs/software/crs_r4-2/routing/command/reference/b_routing_cr42crs/b_routing_cr42crs_chapter_01.html 

Q10. DRAG DROP 

Drag and drop the StackWise stack master election rule on the left into the correct priority order on the right. 

Answer: