★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on: https://www.certleader.com/400-101-dumps.html


Cause all that matters here is passing the Cisco 400-101 exam. Cause all that you need is a high score of 400-101 CCIE Routing and Switching (v5.0) exam. The only one thing you need to do is downloading Exambible 400-101 exam study guides now. We will not let you down with our money-back guarantee.

2021 Mar 400-101 exam question

Q411. Which two statements about 802.1Q tunneling are true? (Choose two.) 

A. It requires a system MTU of at least 1504 bytes. 

B. The default configuration sends Cisco Discovery Protocol, STP, and VTP information. 

C. Traffic that traverses the tunnel is encrypted. 

D. It is supported on private VLAN ports. 

E. MAC-based QoS and UDLD are supported on tunnel ports. 

F. Its maximum allowable system MTU is 1546 bytes. 

Answer: A,E 


Q412. Which two statements about MPLS VPNs are true? (Choose two.) 

A. PE routers maintain customer routes in the VPN for that customer. 

B. They use the explicit-null label by default. 

C. P routers are used only for label transit. 

D. P routers maintain customer routes in the VPN for that customer. 

E. They support only one route target. 

F. Each interface on a PE router must have its own VRF. 

Answer: A,C 


Q413. Refer to the exhibit. 

Your network is suffering excessive output drops. Which two actions can you take to resolve the problem? (Choose two.) 

A. Install a switch with larger buffers. 

B. Configure a different queue set. 

C. Reconfigure the switch buffers. 

D. Configure the server application to use TCP. 

E. Update the server operating system. 

Answer: A,B 

Explanation: 

Installing a switch with larger buffers and correctly configuring the buffers can solve output queue problems. 

For each queue we need to configure the assigned buffers. The buffer is like the ‘storage’ space for the interface and we have to divide it among the different queues. This is how to do it: 

mls qos queue-set output <queue set> buffers Q1 Q2 Q3 Q4 

In this example, there is nothing hitting queue 2 or queue 3 so they are not being utilized. 


Q414. Which two statements about PIM-DM are true? (Choose two.) 

A. It forwards multicast packets on a source tree. 

B. It requires an RP. 

C. It forwards multicast packets on a shared distribution tree. 

D. It floods multicast packets to neighbors that have requested the data. 

E. It floods multicast packets throughout the network. 

F. It forwards multicast packets to neighbors that have requested the data. 

Answer: A,E 


Q415. Which two message types allow PIM snooping to forward multicast traffic? (Choose two.) 

A. hello messages 

B. leave messages 

C. membership query messages 

D. bidirectional PIM DF election messages 

Answer: A,D 


Up to date 400-101 download:

Q416. Which mechanism does Cisco recommend for CE router interfaces that face the service provider for an EVPL circuit with multiple EVCs and multiple traffic classes? 

A. HCBWFQ 

B. LLQ 

C. tail drop 

D. WRED 

Answer:

Explanation: 

In a simple handoff, packets may be discarded in the service provider network, either because of congestion on a link without an appropriate QoS policy or because of a policer QoS configuration on the service provider network that serves to rate limit traffic accessing the WAN core. To address these issues, QoS on the CE device is applied at a per-port level. A QoS service policy is configured on the outside Ethernet interface, and this parent policy includes a shaper that then references a second or subordinate (child) policy that enables queueing within the shaped rate. This is called a hierarchical CBWFQ (HCBWFQ) configuration. 

Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/Ethernet_Acces s_for_NG_MAN_WAN_V3-1_external.html 


Q417. Which three condition types can be monitored by crypto conditional debug? (Choose three.) 

A. Peer hostname 

B. SSL 

C. ISAKMP 

D. Flow ID 

E. IPsec 

F. Connection ID 

Answer: A,D,F 

Explanation: 

Supported Condition Types 

The new crypto conditional debug CLIs--debug crypto condition, debug crypto condition unmatched, and show crypto debug-condition--allow you to specify conditions (filter values) in which to generate and display debug messages related only to the specified conditions. The table below lists the supported condition types. 

Table 1 Supported Condition Types for Crypto Debug CLI 

Condition Type (Keyword) 

Description 

connid 1 

An integer between 1-32766. Relevant debug messages will be shown if the current IPSec operation uses this value as the connection ID to interface with the crypto engine. 

flowid 1 

An integer between 1-32766. Relevant debug messages will be shown if the current IPSec operation uses this value as the flow-ID to interface with the crypto engine. 

FVRF 

The name string of a virtual private network (VPN) routing and forwarding (VRF) instance. Relevant debug messages will be shown if the current IPSec operation uses this VRF instance as its front-door VRF (FVRF). 

IVRF 

The name string of a VRF instance. Relevant debug messages will be shown if the current IPSec operation uses this VRF instance as its inside VRF (IVRF). 

peer group 

A Unity group-name string. Relevant debug messages will be shown if the peer is using this group name as its identity. 

peer hostname 

A fully qualified domain name (FQDN) string. Relevant debug messages will be shown if the peer is using this string as its identity; for example, if the peer is enabling IKE Xauth with this FQDN string. 

peeripaddress 

A single IP address. Relevant debug messages will be shown if the current IPSec operation is related to the IP address of this peer. 

peer subnet 

A subnet and a subnet mask that specify a range of peer IP addresses. Relevant debug messages will be shown if the IP address of the current IPSec peer falls into the specified subnet range. 

peer username 

A username string. Relevant debug messages will be shown if the peer is using this username as its identity; for example, if the peer is enabling IKE Extended Authentication (Xauth) with this username. 

SPI 1 

A 32-bit unsigned integer. Relevant debug messages will be shown if the current IPSec operation uses this value as the SPI. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/xe-3s/sec-sec-for-vpns-w-ipsec-xe-3s-book/sec-crypto-debug-sup.html 


Q418. Which statement about NAT64 is true? 

A. It uses one-to-one mapping between IPv6 addresses and IPv4 addresses. 

B. It requires static address mapping between IPv6 addresses and IPv4 addresses. 

C. It can be used to translate an IPv6 network to another IPv6 network. 

D. It can be configured for stateless and stateful translation. 

Answer:


Q419. Refer to the exhibit. 

R3 prefers the path through R1 to reach host 10.1.1.1. 

Which option describes the reason for this behavior? 

A. The OSPF reference bandwidth is too small to account for the higher speed links through R2. 

B. The default OSPF cost through R1 is less than the cost through R2. 

C. The default OSPF cost through R1 is more than the cost through R2. 

D. The link between R2 and R1 is congested. 

Answer:

Explanation: 

The default formula to calculate OSPF bandwidth is BW = Bandwidth Reference / interface 

bandwidth [bps] = 10^8 / / interface bandwidth [bps] 

BW of the R1-R3 link = 10^8 / 100Mbps = 10^8 / 10^8 = 1 

BW of the R2-R3 link = 10^8 / 1Gbps = 10^8 / 10^9 = 1 (round up) 

Therefore OSPF considers the two above links have the same Bandwidth -> R3 will go to 10.1.1.1 via the R1-R3 link. The solution here is to increase the Bandwidth Reference to a higher value using the “auto-cost reference-bandwidth” command under OSPF router mode. For example: Router(config)#router ospf 1 Router(config-router)#auto-cost reference-bandwidth 10000 This will increase the reference bandwidth to 10000 Mbps which increases the BW of the R2-R3 link to 10^10 / 10^8 = 100. 


Q420. Which implementation can cause packet loss when the network includes asymmetric routing paths? 

A. the use of ECMP routing 

B. the use of penultimate hop popping 

C. the use of Unicast RPF 

D. disabling Cisco Express Forwarding 

Answer:

Explanation: 

When administrators use Unicast RPF in strict mode, the packet must be received on the interface that the router would use to forward the return packet. Unicast RPF configured in strict mode may drop legitimate traffic that is received on an interface that was not the router's choice for sending return traffic. Dropping this legitimate traffic could occur when asymmetric routing paths are present in the network. 

Reference: http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html