★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/400-101-dumps.html
Learn the actual Cisco Cisco practice materials in the basic and also lay a solid foundation for that great achievements in actual work. Youll enjoy the high standing in the entire world of That. If you are the job hunter thats eager to have the Cisco Cisco 400-101 certification, please look simply no further. There is time to reduce! Take measures at once and you will always be on the path to a brilliant future shortly.
2021 Aug 400-101 ccie routing and switching pdf:
Q351. Refer to the exhibit.
Which statement about the output is true?
A. The flow is an HTTPS connection to the router, which is initiated by 144.254.10.206.
B. The flow is an HTTP connection to the router, which is initiated by 144.254.10.206.
C. The flow is an HTTPS connection that is initiated by the router and that goes to 144.254.10.206.
D. The flow is an HTTP connection that is initiated by the router and that goes to 144.254.10.206.
Answer: A
Explanation:
We can see that the connection is initiated by the Source IP address shown as 144.254.10.206. We also see that the destination protocol (DstP) shows 01BB, which is in hex and translates to 443 in decimal. SSL/HTTPS uses port 443.
Q352. Refer to the exhibit.
R1 is performing mutual redistribution, but OSPF routes from R3 are unable to reach R2. Which three options are possible reasons for this behavior? (Choose three.)
A. R1 requires a seed metric to redistribute RIP.
B. The RIP version supports only classful subnet masks.
C. R1 is filtering OSPF routes when redistributing into RIP.
D. R3 and R1 have the same router ID.
E. R1 and R3 have an MTU mismatch.
F. R2 is configured to offset OSPF routes with a metric of 16.
Answer: A,C,F
Explanation:
A. RIP requires a seed metric to be specified when redistributing routes into that protocol. A seed metric is a "starter metric" that gives the RIP process a metric it can work with. The OSPF metric of cost is incomprehensible to RIP, since RIP's sole metric is hop count. We've got to give RIP a metric it understands when redistributing routes into that protocol, so let's go back to R1 and do so.
C. Filtering routes is another explanation, if the routes to R2 are boing filtered from being advertised to R1.
F. If the metric is offset to 16, then the routes will have reached the maximum hop count when redistributed to RIP. The max hop count for RIP is 16.
Q353. Which two statements about MLD are true? (Choose two.)
A. MLD is a subprotocol of ICMPv6.
B. When a single link supports multiple interfaces, only one interface is required to send MLD messages.
C. MLD is a subprotocol of PIMv6.
D. When a single link supports multiple interfaces, all supported interfaces are required to send MLD messages.
E. There are three subtypes of MLD query messages.
F. The code section in the MLD message is set to 1 by the sender and ignored by receivers.
Answer: A,B
Q354. Refer to the exhibit.
Which option is the result of this configuration?
A. All SNMP traffic coming into the router is redirected to interface GigabitEthernet1/0.
B. All SNMP traffic generated from the router is redirected to interface GigabitEthernet1/0.
C. All SMTP traffic generated from the router is redirected to interface GigabitEthernet1/0.
D. All POP3 traffic coming into the router is redirected to interface GigabitEthernet1/0.
E. All SMTP traffic coming into the router is redirected to interface GigabitEthernet1/0.
Answer: C
Explanation:
This is an example of policy based routing, where traffic sourced from this router that matches the access list (all traffic with port 25 which is SMTP) will be forced out the Gig 0/1 interface.
Q355. Which address is a MAC address that is mapped from an IPv6 address (RFC 2464)?
A. 3333.FF17.FC0F
B. FFFE. FF17.FC0F
C. FF34.3333.FF17
D. FF7E.FF17.FC0F
Answer: A
Explanation:
An IPv6 packet with a multicast destination address DST, consisting of the sixteen octets DST through DST, is transmitted to the Ethernet multicast address whose first two octets are the value 3333 hexadecimal and whose last four octets are the last four octets of DST.
Reference: https://tools.ietf.org/html/rfc2464
Update 400-101 ccie written passing score:
Q356. Which three statements about the default behaviour of eBGP sessions are true? (Choose three.)
A. eBGP sessions between sub-ASs in different confederations transmit the next hop unchanged.
B. The next hop in an eBGP peering is the IP address of the neighbor that announced the route.
C. When a route reflector reflects a route to a client, it transmits the next hop unchanged.
D. The next hop in an eBGP peering is the loopback address of the interface that originated the route.
E. The next hop in an eBGP peering is the loopback address of the neighbor that announced the route.
F. When a route reflector reflects a route to a client, it changes the next hop to its own address.
Answer: A,B,C
Q357. Which IPv6 tunneling type establishes a permanent link between IPv6 domains over IPv4?
A. IPv4-compatible tunneling
B. ISATAP tunneling
C. 6to4 tunneling
D. manual tunneling
Answer: D
Explanation:
A manually configured tunnel is equivalent to a permanent link between two IPv6 domains over an IPv4 backbone. The primary use is for stable connections that require regular secure communication between two edge routers or between an end system and an edge router, or for connection to remote IPv6 networks.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/ipv6/configuration/guide/12_4t/ipv6_12_4t_book/i p6-tunnel.html
Q358. Which technology can be used to prevent flooding of IPv6 multicast traffic on a switch?
A. IGMP snooping
B. IGMP filtering
C. MLD snooping
D. MLD filtering
Answer: C
Explanation:
MLD snooping allows the switch to examine MLD packets and make forwarding decisions based on their content. You can configure the switch to use MLD snooping in subnets that receive MLD queries from either MLD or the MLD snooping querier. MLD snooping constrains IPv6 multicast traffic at Layer 2 by configuring Layer 2 LAN ports dynamically to forward IPv6 multicast traffic only to those ports that want to receive it.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/snoopmld.html
Q359. Which two statements about port ACLs are true? (Choose two.)
A. Port ACLs are supported on physical interfaces and are configured on a Layer 2 interface on a switch.
B. Port ACLs support both outbound and inbound traffic filtering.
C. When it is applied to trunk ports, the port ACL filters only native VLAN traffic.
D. When it is applied to a port with voice VLAN, the port ACL filters both voice and data VLAN traffic.
Answer: A,D
Explanation:
PACLs filter incoming traffic on Layer 2 interfaces, using Layer 3 information, Layer 4 header information, or non-IP Layer 2 information The port ACL (PACL) feature provides the ability to perform access control on specific Layer 2 ports. A Layer 2 port is a physical LAN or trunk port that belongs to a VLAN. Port ACLs perform access control on all traffic entering the specified Layer 2 port, including voice and data VLANs that may be configured on the port. Port ACLs are applied only on the ingress traffic.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/configuration/guide/sy_swcg/port_acls.html
Q360. Which two options are EIGRP route authentication encryption modes? (Choose two.)
A. MD5
B. HMAC-SHA-256bit
C. ESP-AES
D. HMAC-AES
Answer: A,B
Explanation:
Packets exchanged between neighbors must be authenticated to ensure that a device accepts packets only from devices that have the same preshared authentication key. Enhanced Interior Gateway Routing Protocol (EIGRP) authentication is configurable on a per-interface basis; this means that packets exchanged between neighbors connected through an interface are authenticated. EIGRP supports message digest algorithm 5 (MD5) authentication to prevent the introduction of unauthorized information from unapproved sources. MD5 authentication is defined in RFC 1321. EIGRP also supports the Hashed Message Authentication Code-Secure Hash Algorithm-256 (HMAC-SHA-256) authentication method.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-xe-3s-book/ire-sha-256.html