★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/400-101-dumps.html
Proper study guides for Regenerate Cisco CCIE Routing and Switching (v5.0) certified begins with Cisco 400-101 preparation products which designed to deliver the 100% Correct 400-101 questions by making you pass the 400-101 test at your first time. Try the free 400-101 demo right now.
2021 Aug ccie written dumps 400-101:
Q231. You are configuring a DMVPN hub to perform CBWFQ on a per-spoke basis. Which information is used to identify the spoke?
A. the NHRP network ID
B. the spoke tunnel source IP
C. the spoke tunnel interface IP address
D. the NHRP group
Answer: D
Q232. Refer to the exhibit.
Which action will solve the error state of this interface when connecting a host behind a Cisco IP phone?
A. Configure dot1x-port control auto on this interface
B. Enable errdisable recovery for security violation errors
C. Enable port security on this interface
D. Configure multidomain authentication on this interface
Answer: D
Explanation:
In single-host mode, a security violation is triggered when more than one device are detected on the data vlan. In multidomain authentication mode, a security violation is triggered when more than one device are detected on the data or voice VLAN. Here we see that single host mode is being used, not multidomain mode.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/50sg/configuration/guide/Wrapper-46SG/dot1x.html#wp1309041
Q233. DRAG DROP
Drag and drop the argument of the ip cef load-sharing algorithm command on the left to the function it performs on the right.
Answer:
Q234. Refer to the exhibit.
Which configuration reduces CPU utilization on R2 while still advertising the connected routes of R2 to R1?
A. Configure eigrp stub connected on R2.
B. Configure eigrp stub receive-only on R1.
C. Configure eigrp stub static on R2.
D. Configure eigrp stub summary on R1.
Answer: A
Q235. Refer to the exhibit.
What is a possible reason for the IPSec tunnel not establishing?
A. The peer is unreachable.
B. The transform sets do not match.
C. The proxy IDs are invalid.
D. The access lists do not match.
Answer: D
Explanation:
Proxy Identities Not Supported
This message appears in debugs if the access list for IPsec traffic does not match.
1d00h: IPSec(validate_transform_proposal): proxy identities not supported
1d00h: ISAKMP: IPSec policy invalidated proposal
1d00h: ISAKMP (0:2): SA not acceptable!
The access lists on each peer needs to mirror each other (all entries need to be reversible).
This example illustrates this point.
Peer A
access-list 150 permit ip 172.21.113.0 0.0.0.255 172.21.114.0 0.0.0.255
access-list 150 permit ip host 15.15.15.1 host 172.21.114.123
Peer B
access-list 150 permit ip 172.21.114.0 0.0.0.255 172.21.113.0 0.0.0.255
access-list 150 permit ip host 172.21.114.123 host 15.15.15.1
Reference:
http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html#proxy
Update ccie written exam:
Q236. Refer to the exhibit.
While reviewing a log file on a router with this NTP configuration, you note that the log entries of the router display a different time than the NTP time.
Which action can you take to correct the problem?
A. Add the localtime keyword to the service timestamps log datetime statement.
B. Add the msec keyword to the service timestamps log datetime statement.
C. Add the statement ntp broadcast to the NTP configuration of the neighboring router.
D. Configure the router to be the NTP master.
E. Remove the datetime keyword from the service timestamps log datetime statement.
Answer: A
Q237. DRAG DROP
Drag and drop the path-selection criteria on the left into the correct route-selection order on the right, that a router will use when having multiple routes toward the same destination.
Answer:
Q238. Which two application protocols require application layer gateway support when using NAT on a Cisco router? (Choose two.)
A. SIP
B. HTTP
C. FTP
D. SMTP
E. POP3
Answer: A,C
Q239. Refer to the exhibit.
You are configuring the S1 switch for the switchport connecting to the client computer. Which option describes the effect of the command mls qos map cos-dscp 0 8 16 24 32 40 46 56?
A. Voice traffic is excluded from the default priority queue.
B. Voice packets are given a class selector of 5.
C. Video conferencing is marked CS3.
D. Voice packets are processed in the priority queue.
Answer: A
Explanation:
The default CoS to DSCP mappings are shown below:
Default CoS-to-DSCP Map
CoS Value
DSCP Value
0
0
1
8
2
16
3
24
4
32
5
40
6
48
7
56
In our example, we see that COS 6 is mapped to DSCP, not the default of DSCP 48 as shown above. DSCP 46 is Expedited Forwarding (EF), which is typically used for voice traffic, and this value has not been included in this class map.
Q240. Which three statements about the route preference of IS-IS are true? (Choose three.)
A. An L1 path is preferred over an L2 path.
B. An L2 path is preferred over an L1 path.
C. Within each level, a path that supports optional metrics is preferred over a path that supports only the default metric.
D. Within each level of metric support, the path with the lowest metric is preferred.
E. The Cisco IS-IS implementation usually performs equal cost path load balancing on up to eight paths.
F. Both L1 and L2 routes will be installed in the routing table at the same time.
Answer: A,C,D
Explanation:
Given multiple possible routes to a particular destination, an L1 path is preferred over an L2 path. Within each level, a path that supports the optional metrics is preferred over a path that supports only the default metric. (Again, Cisco supports only the default metric, so the second order of preference is not relevant to Cisco routers.) Within each level of metric support, the path with the lowest metric is preferred. If multiple equal-cost, equal-level paths are found by the Decision process, they are all entered into the route table. The Cisco IS-IS implementation usually performs equal-cost load balancing on up to six paths.
Reference: http://www.realccielab.org/operation-of-integrated-is-is.html