400-101 Exam Questions - Online Test
400-101 Premium VCE File
150 Lectures, 20 Hours
Q1. Which statement about the spanning-tree portfast feature on the switch is true?
A. If an interface is enabled for portfast receives BDPU, the port goes through the spanning-tree listening, learning, and forwarding states.
B. If an interface is enabled for portfast receives BDPU, the port does not go through the spanning-tree listening, learning, and forwarding states.
C. If an interface is enabled for portfast receives BDPU, the port is shut down immediately.
D. If an interface is enabled for portfast receives BDPU, the port goes into the spanning-tree inconsistent state.
Answer: A
Q2. DRAG DROP
Drag and drop each BGP feature on the left to the corresponding function it performs on the right.
Answer:
Q3. Which technology facilitates dynamic tunnel establishment in DMVPN?
A. CEF
B. mGRE
C. a dynamic routing protocol
D. NHRP
Answer: D
Q4. Which three condition types can be monitored by crypto conditional debug? (Choose three.)
A. Peer hostname
B. SSL
C. ISAKMP
D. Flow ID
E. IPsec
F. Connection ID
Answer: A,D,F
Explanation:
Supported Condition Types
The new crypto conditional debug CLIs--debug crypto condition, debug crypto condition unmatched, and show crypto debug-condition--allow you to specify conditions (filter values) in which to generate and display debug messages related only to the specified conditions. The table below lists the supported condition types.
Table 1 Supported Condition Types for Crypto Debug CLI
Condition Type (Keyword)
Description
connid 1
An integer between 1-32766. Relevant debug messages will be shown if the current IPSec operation uses this value as the connection ID to interface with the crypto engine.
flowid 1
An integer between 1-32766. Relevant debug messages will be shown if the current IPSec operation uses this value as the flow-ID to interface with the crypto engine.
FVRF
The name string of a virtual private network (VPN) routing and forwarding (VRF) instance. Relevant debug messages will be shown if the current IPSec operation uses this VRF instance as its front-door VRF (FVRF).
IVRF
The name string of a VRF instance. Relevant debug messages will be shown if the current IPSec operation uses this VRF instance as its inside VRF (IVRF).
peer group
A Unity group-name string. Relevant debug messages will be shown if the peer is using this group name as its identity.
peer hostname
A fully qualified domain name (FQDN) string. Relevant debug messages will be shown if the peer is using this string as its identity; for example, if the peer is enabling IKE Xauth with this FQDN string.
peeripaddress
A single IP address. Relevant debug messages will be shown if the current IPSec operation is related to the IP address of this peer.
peer subnet
A subnet and a subnet mask that specify a range of peer IP addresses. Relevant debug messages will be shown if the IP address of the current IPSec peer falls into the specified subnet range.
peer username
A username string. Relevant debug messages will be shown if the peer is using this username as its identity; for example, if the peer is enabling IKE Extended Authentication (Xauth) with this username.
SPI 1
A 32-bit unsigned integer. Relevant debug messages will be shown if the current IPSec operation uses this value as the SPI.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/xe-3s/sec-sec-for-vpns-w-ipsec-xe-3s-book/sec-crypto-debug-sup.html
Q5. Refer to the exhibit.
R3 prefers the path through R1 to reach host 10.1.1.1.
Which option describes the reason for this behavior?
A. The OSPF reference bandwidth is too small to account for the higher speed links through R2.
B. The default OSPF cost through R1 is less than the cost through R2.
C. The default OSPF cost through R1 is more than the cost through R2.
D. The link between R2 and R1 is congested.
Answer: A
Explanation:
The default formula to calculate OSPF bandwidth is BW = Bandwidth Reference / interface
bandwidth [bps] = 10^8 / / interface bandwidth [bps]
BW of the R1-R3 link = 10^8 / 100Mbps = 10^8 / 10^8 = 1
BW of the R2-R3 link = 10^8 / 1Gbps = 10^8 / 10^9 = 1 (round up)
Therefore OSPF considers the two above links have the same Bandwidth -> R3 will go to 10.1.1.1 via the R1-R3 link. The solution here is to increase the Bandwidth Reference to a higher value using the “auto-cost reference-bandwidth” command under OSPF router mode. For example: Router(config)#router ospf 1 Router(config-router)#auto-cost reference-bandwidth 10000 This will increase the reference bandwidth to 10000 Mbps which increases the BW of the R2-R3 link to 10^10 / 10^8 = 100.
Q6. Refer to the exhibit.
Which option explains why the forwarding address is set to 0.0.0.0 instead of 110.100.1.1?
A. The interface Ethernet0/1 is in down state.
B. The next-hop ip address 110.100.1.1 is not directly attached to the redistributing router.
C. The next-hop interface (Ethernet0/1) is specified as part of the static route command; therefore, the forwarding address is always set to 0.0.0.0.
D. OSPF is not enabled on the interface Ethernet0/1.
Answer: D
Explanation:
From the output of the “show ip ospf database” command (although this command is not shown) we can conclude this is an ASBR (with Advertising Router is itself) and E0/1 is the ASBR’s next hop interface for other routers to reach network 192.168.10.0.
The Forwarding Address is determined by these conditions:
* The forwarding address is set to 0.0.0.0 if the ASBR redistributes routes and OSPF is not enabled on the next hop interface for those routes.
* These conditions set the forwarding address field to a non-zero address:
+ OSPF is enabled on the ASBR’s next hop interface AND
+ ASBR’s next hop interface is non-passive under OSPF AND
+ ASBR’s next hop interface is not point-to-point AND
+ ASBR’s next hop interface is not point-to-multipoint AND
+ ASBR’s next hop interface address falls under the network range specified in the router ospf command.
* Any other conditions besides these set the forwarding address to 0.0.0.0.
-> We can see E0/1 interface is not running OSPF because it does not belong to network 110.110.0.0 0.0.255.255 which is declared under OSPF process -> F.A address is set to 0.0.0.0.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13682-10.html
Q7. Refer to the exhibit.
Which two possible network conditions can you infer from this configuration? (Choose two.)
A. The authentication parameters on R1 and R2 are mismatched.
B. R1 is using the default NTP source configuration.
C. R1 and R2 have established an NTP session.
D. R2 is configured as the NTP master with a stratum of 7.
Answer: A,B
Explanation:
Answer A. The NTP associations are not synced, it is only listed as a candidate because it was configured. Routing is not the issue, so it must be mismatched authentication parameters.
Answer B. NTP sets the source IP address for all NTP packets based on the address of the interface through which the NTP packets are sent. You can configure NTP to use a specific source IP address.
Q8. Which two statements about path selection are true? (Choose two.)
A. If there are multiple equal matches between OSPF processes, the path with the lowest OSPF PID is chosen.
B. If the backdoor command is configured on a BGP network, the route is advertised with an AD of 20.
C. If an OSPF E2 route has an AS of 90, that path is preferred over an OSPF IA route with an AD of 110.
D. If there are multiple equal matches between the same protocols on an EIGRP network, the preferred path will be EIGRP with the highest AS.
E. If IS-IS has multiple routes with the same prefix-length, it will prefer Level 1 routes over Level 2 routes.
Answer: A,E
Q9. Which two statements about 6VPE are true? (Choose two.)
A. It allows a service provider to use an existing MPLS network to provide VPN services to IPv6 customers.
B. It uses MP-BGP as the carrier protocol to transport IPv6 connectivity.
C. It provides IPv6 connectivity to MPLS-VPN customers when IPv6 overlay tunneling is also configured.
D. It allows a service provider to use an existing MPLS network to provide global addressing to their IPv6 customers.
E. It requires the configuration of a GRE tunnel tagged with a VLAN ID.
F. It allows a service provider to use an existing L2TPv3 network to provide VPN services to IPv6 customers.
Answer: A,B
Explanation:
The IPv6 MPLS VPN service model is similar to that of IPv4 MPLS VPNs. Service providers who have already deployed MPLS IPv4 VPN services over an IPv4 backbone can deploy IPv6 MPLS VPN services over the same IPv4 backbone by upgrading the PE router IOS version and dual-stack configuration, without any change on the core routers. IPv4 services can be provided in parallel with IPv6 services. IPv6 VPN service is exactly the same as MPLS VPN for IPv4. 6VPE offers the same architectural features as MPLS VPN for IPv4. It offers IPv6 VPN and uses the same components, such as: .
Multiprotocol BGP (MP-BGP) VPN address family .
Route distinguishers .
VPN Routing and Forwarding (VRF) instances .
Site of Origin (SOO) .
Extended community .
MP-BGP
Reference: http://www.cisco.com/c/en/us/td/docs/net_mgmt/ip_solution_center/5-2/mpls_vpn/user/guide/mpls52book/ipv6.html
Q10. Which two options are causes of out-of-order packets? (Choose two.)
A. a routing loop
B. a router in the packet flow path that is intermittently dropping packets
C. high latency
D. packets in a flow traversing multiple paths through the network
E. some packets in a flow being process-switched and others being interrupt-switched on a transit router
Answer: D,E
Explanation:
In traditional packet forwarding systems, using different paths have varying latencies that cause out of order packets, eventually resulting in far lower performance for the network application. Also, if some packets are process switched quickly by the routing engine of the router while others are interrupt switched (which takes more time) then it could result in out of order packets. The other options would cause packet drops or latency, but not out of order packets.
- [2021-New] Cisco 010-151 Dumps With Update Exam Questions (1-10)
- [2021-New] Cisco 300-320 Dumps With Update Exam Questions (111-120)
- Verified 642-889 Dumps 2021
- [2021-New] Cisco 400-051 Dumps With Update Exam Questions (41-50)
- [2021-New] Cisco 300-208 Dumps With Update Exam Questions (1-10)
- [2021-New] Cisco 400-101 Dumps With Update Exam Questions (91-100)
- Cisco 300-175 Exam Questions and Answers 2021
- [2021-New] Cisco 300-320 Dumps With Update Exam Questions (131-140)
- [2021-New] Cisco 400-251 Dumps With Update Exam Questions (101-110)
- [2021-New] Cisco 300-206 Dumps With Update Exam Questions (21-30)