★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/400-101-dumps.html
Last but not least, Exambible maintain your Cisco Cisco exam dumps updated regularly. Our professionals ensure to supply with the most up-to-date and most logical Cisco 400-101 practice components. They will revise many times ahead of publishing. The updated Cisco 400-101 will be presented with regard to only 120 days. You need to keep abreast associated with our Cisco 400-101 exam dumps.
2021 Oct 400-101 ccie routing and switching written exam fee:
Q71. Which statement about the OSPF Loop-Free Alternate feature is true?
A. It is supported on routers that are configured with virtual links.
B. It is supported in VRF OSPF instances.
C. It is supported when a traffic engineering tunnel interface is protected.
D. It is supported when traffic can be redirected to a primary neighbor.
Answer: B
Explanation:
Restrictions for OSPF IPv4 Remote Loop-Free Alternate IP Fast Reroute
. The OSPF IPv4 Remote Loop-Free Alternate IP Fast Reroute feature is not supported on devices that are virtual links headends.
. The feature is supported only in global VPN routing and forwarding (VRF) OSPF
Instances.
. The only supported tunneling method is MPLS.
. You cannot configure a traffic engineering (TE) tunnel interface as a protected interface. Use the MPLS Traffic Engineering—Fast Reroute Link and Node Protection feature to protect these tunnels. For more information, see the “MPLS Traffic Engineering—Fast Reroute Link and Node Protection” section in the Multiprotocol Label Switching Configuration Guide.
. You can configure a TE tunnel interface in a repair path, but OSPF will not verify the tunnel’s placement; you must ensure that it is not crossing the physical interface that it is intended to protect.
. Not all routes can have repair paths. Multipath primary routes might have repair paths for all, some, or no primary paths, depending on the network topology, the connectivity of the computing router, and the attributes required of repair paths.
. Devices that can be selected as tunnel termination points must have a /32 address advertised in the area in which remote LFA is enabled. This address will be used as a tunnel termination IP. If the device does not advertise a /32 address, it may not be used for remote LFA tunnel termination.
. All devices in the network that can be selected as tunnel termination points must be configured to accept targeted LDP sessions using the mpls ldp discovery targeted-hello accept command.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/xe-3s/iro-xe-3s-book/iro-ipfrr-lfa.html
Q72. Refer to the exhibit.
RIPv2 authentication is failing on a device with this configuration. Which two actions can you take to enable it? (Choose two.)
A. Set the RIP authentication mode to text.
B. Set the RIP authentication mode to MD5.
C. Configure the password encryption for the key.
D. Set the password encryption to AES.
Answer: A,B
Explanation:
See the reference link below for information on configuring RIPv2 authentication, including both test and MD5 modes.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13719-50.html#configuringplain
Q73. DRAG DROP
Drag and drop each MLPPP command on the left to the function it performs on the right.
Answer:
Q74. Which two options are differences between TACACS+ and RADIUS using AAA? (Choose two.)
A. Only TACACS+ limits the protocols that are supported.
B. Only RADIUS combines accounting and authentication.
C. Only TACACS+ uses TCP.
D. Only RADIUS combines authorization and accounting.
E. Only RADIUS encrypts the password in packets from the client to the server. But leaves the body of the message unencrypted.
Answer: C,E
Q75. Which bit should be set in the link-state PDU of an IS-IS L1/L2 router to indicate that it is a potential exit point of the area?
A. the ABR bit
B. the ATT bit
C. the down bit
D. the P bit
Answer: B
Explanation:
Default routing is achieved in two distinct ways with Integrated IS-IS:
. Attached bit—Set by a Level 1/Level 2 router in its own Level 1 LSP and used to indicate to all Level 1 routers (within the area) that this router is a potential exit point of the area. Level 1-only routers will default to the nearest attached Level 2 router.
. Default information originate—Can be configured in Level 1 as well as Level 2. The default route (0.0.0.0/0) is inserted in the router LSP (Level 1 or Level 2, according to the configuration command) and the LSP is flooded according to the router type (Level 1 or Level 2). A Level 2 router doesn't need to have a default route to originate a default route.
Reference: http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a3e6f.sh tml
Renew 400-101 cisco ccie written:
Q76. Which option is the origin code when a route is redistributed into BGP?
A. IGP
B. EGP
C. external
D. incomplete
E. unknown
Answer: D
Q77. Which two statements about IPsec VTI implementation are true? (Choose two.)
A. The IKE SA can be bound to the VTI and the crypto map.
B. The transform set can be configured only in tunnel mode.
C. SVTIs support only a single IPsec SA.
D. SVTIs support IPv4 packets that carry IPv6 packets.
Answer: B,C
Q78. Which two statements are true about unicast RPF? (Choose two.)
A. Unicast RPF requires CEF to be enabled.
B. Unicast RPF strict mode works better with multihomed networks.
C. Unicast RPF strict mode supports symmetric paths.
D. Unicast RPF strict mode supports asymmetric paths.
E. CEF is optional with Unicast RPF, but when CEF is enabled it provides better performance.
Answer: A,C
Explanation:
Unicast RPF requires Cisco express forwarding (CEF) to function properly on the router.
Strict Versus Loose Checking Mode
The Unicast RPF in Strict Mode feature filters ingress IPv4 traffic in strict checking mode and forwards packets only if the following conditions are satisfied.
. An IPv4 packet must be received at an interface with the best return path (route) to the packet source (a process called symmetric routing). There must be a route in the Forwarding Information Base (FIB) that matches the route to the receiving interface. Adding a route in the FIB can be done via static route, network statement, or dynamic routing.
. IPv4 source addresses at the receiving interface must match the routing entry for the interface.
References:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfrpf. html
http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/srpf_gsr.html
Q79. Refer to the exhibit.
Why is the router out of memory?
A. The router is experiencing a BGP memory leak software defect.
B. The BGP peers have been up for too long.
C. The amount of BGP update traffic in the network is too high.
D. The router has insufficient memory due to the size of the BGP database.
Answer: D
Explanation:
Here we can see that this router is running out of memory due to the large size of the BGP routing database. In this case, this router is receiving over 200,000 routes from each of the 4 peers.
Q80. Refer to the exhibit.
Service provider SP 1 is running the MPLS-VPN service. The MPLS core network has MP-BGP configured with RR-1 as route reflector. What will be the effect on traffic between PE1 and PE2 if router P1 goes down?
A. No effect, because all traffic between PE1 and PE2 will be rerouted through P2.
B. No effect, because P1 was not the only P router in the forwarding path of traffic.
C. No effect, because RR-1 will find an alternative path for MP-BGP sessions to PE-1 and PE-2.
D. All traffic will be lost because RR-1 will lose the MP-BGP sessions to PE-1 and PE-2.
Answer: D
Explanation:
If the connection to the route reflector goes down, then routes from PE-1 will not get advertised to PE2, and vice versa. Route reflectors are critical in an MPLS VPN such as the one shown, which is why it is a best practice to have multiple route reflectors in this kind of network.