★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/400-101-dumps.html
It is impossible to pass Cisco 400-101 exam without any help in the short term. Come to Exambible soon and find the most advanced, correct and guaranteed Cisco 400-101 practice questions. You will get a surprising result by our Up to date CCIE Routing and Switching (v5.0) practice guides.
2021 Apr 400-101 download
Q151. Which three statements about GLBP are true? (Choose three.)
A. It uses a virtual MAC address that starts with 0007.b4.
B. It elects a single active virtual gateway to appoint and manage multiple active virtual forwarders.
C. It allows the configured virtual IP address to be used on a physical interface as well.
D. It uses a virtual MAC address that starts with 0070.4b.
E. It elects multiple active virtual gateways to appoint and manage a single active virtual forwarder.
F. Preemption is enabled for the configured active virtual gateway by default.
Answer: A,B,C
Explanation:
The virtual MAC address in GLBP is 0007.b400.xxyy where xx is the GLBP group number and yy is the different number of each gateway (01, 02, 03…). One of the routers in a GLBP group is elected as an AVG – Active Virtual Gateway. There is only one active AVG in a group, and its task is to respond to ARP requests sent to the virtual gateway IP address replying different virtual MAC addresses in response packets. GLBP allows the configured virtual IP address to be used on a physical interface. By default, the GLBP gateway preemptive scheme is disabled. A backup virtual gateway can become the AVG only if the current AVG fails, regardless of the priorities assigned to the virtual gateways.
Q152. Refer to the exhibit.
Which two statements about the EEM applet configuration are true? (Choose two.)
A. The EEM applet runs before the CLI command is executed.
B. The EEM applet runs after the CLI command is executed.
C. The EEM applet requires a case-insensitive response.
D. The running configuration is displayed only if the letter Y is entered at the CLI.
Answer: A,D
Explanation:
sync Indicates whether the policy should be executed synchronously before the CLI command executes.
. If the yes keyword is specified, the policy will run synchronously with the CLI command.
. If the no keyword is specified, the policy will run asynchronously with the CLI command.
nocase
(Optional) Specifies case insensitive comparison.
Here we see that the sync knob was enabled so A is correct. However, C is not correct as the nocase argument was not used, so the applet is configured to display the config only if a capital Y is issued.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/command/eem-cr-book/eem-cr-a2.html
Q153. Refer to the exhibit.
If the traffic flowing from network 192.168.254.0 to 172.16.250.0 is unencrypted, which two actions must you take to enable encryption? (Choose two).
A. Configure the transform-set on R2 to match the configuration on R1.
B. Configure the crypto map on R2 to include the correct subnet.
C. Configure the ISAKMP policy names to match on R1 and R2.
D. Configure the crypto map names to match on R1 and R2.
E. Configure the Diffie-Hellman keys used in the ISAKMP policies to be different on R1 and R2.
Answer: A,B
Explanation:
A transform set combines an encryption method and an authentication method. During the IPsec security association negotiation with ISAKMP, the peers agree to use a particular transform set to protect a particular data flow. The transform set must be the same for both peers. Also, the crypto map on R2 points to the address name of VPN, which includes 172.16.0.0/16, but it should be the local subnet of 192.168.0.0/16
Q154. A TCP/IP host is able to transmit small amounts of data (typically less than 1500 bytes), but attempts to transmit larger amounts of data hang and then time out. What is the cause of this problem?
A. A link is flapping between two intermediate devices.
B. The processor of an intermediate router is averaging 90 percent utilization.
C. A port on the switch that is connected to the TCP/IP host is duplicating traffic and sending it to a port that has a sniffer attached.
D. There is a PMTUD failure in the network path.
Answer: D
Explanation:
Sometimes, over some IP paths, a TCP/IP node can send small amounts of data (typically less than 1500 bytes) with no difficulty, but transmission attempts with larger amounts of data hang, then time out. Often this is observed as a unidirectional problem in that large data transfers succeed in one direction but fail in the other direction. This problem is likely caused by the TCP MSS value, PMTUD failure, different LAN media types, or defective links.
Reference: http://www.cisco.com/c/en/us/support/docs/additional-legacy-protocols/ms-windows-networking/13709-38.html
Q155. Which statement describes the native VLAN concept in an ISL trunk?
A. It is the VLAN ID that is assigned to untagged packets.
B. It is the VLAN with highest priority.
C. It is the default VLAN for a trunk.
D. There is no native VLAN concept in an ISL trunk.
Answer: D
Explanation:
ISL has no native VLAN concept because it places the entire Ethernet frame in the payload of an ISL frame. Native VLANs is an 802.1Q specific concept
Avant-garde 400-101 exam answers:
Q156. An engineer has configured a router to use EUI-64, and was asked to document the IPv6 address of the router. The router has the following interface parameters:
mac address C601.420F.0007
subnet 2001:DB8:0:1::/64
A. 2001:DB8:0:1:C601:42FF:FE0F:7
B. 2001:DB8:0:1:FFFF:C601:420F:7
C. 2001:DB8:0:1:FE80:C601:420F:7
D. 2001:DB8:0:1:C601:42FE:800F:7
Answer: A
Q157. Which statement about the overload bit in IS-IS is true?
A. The IS-IS adjacencies on the links for which the overload bit is set are brought down.
B. Routers running SPF ignore LSPs with the overload bit set and hence avoid blackholing traffic.
C. A router setting the overload bit becomes unreachable to all other routers in the IS-IS area.
D. The overload bit in IS-IS is used only for external prefixes.
Answer: B
Explanation:
The OL bit is used to prevent unintentional blackholing of packets in BGP transit networks. Due to the nature of these protocols, IS-IS and OSPF converge must faster than BGP. Thus there is a possibility that while the IGP has converged, IBGP is still learning the routes. In that case if other IBGP routers start sending traffic towards this IBGP router that has not yet completely converged it will start dropping traffic. This is because it isnt yet aware of the complete BGP routes. OL bit comes handy in such situations. When a new IBGP neighbor is added or a router restarts, the IS-IS OL bit is set. Since directly connected (including loopbacks) addresses on an “overloaded” router are considered by other routers, IBGP can be bought up and can begin exchanging routes. Other routers will not use this router for transit traffic and will route the packets out through an alternate path. Once BGP has converged, the OL bit is cleared and this router can begin forwarding transit traffic.
Reference: https://routingfreak.wordpress.com/category/ospf-vs-is-is/
Q158. DRAG DROP
Drag and drop Layer 2 QoS Commands on the left to the corresponding functions on the right.
Answer:
Q159. Which two services are used to transport Layer 2 frames across a packet-switched network? (Choose two.)
A. Frame Relay
B. ATM
C. AToM
D. L2TPv3
Answer: C,D
Explanation:
Both AToM and L2TPv3 have the common objective of transmitting packet switched traffic of L2 frames (Frame Relay, ATM, and Ethernet) across a packet-switched network.
Reference: Layer 2 VPN Architectures - Google Books Result Wei Luo, Carlos Pignataro, Anthony Chan
https://books.google.com/books?isbn=0132796864
Q160. Refer to the exhibit.
Which statement is true about the downward bit?
A. It forces the CE router to use a backup link instead of sending traffic via MPLS VPN.
B. It informs the PE router that the LSA metric has been recently decreased to 1 and that partial SPF calculation cannot be delayed.
C. It forces the CE router to install the LSA with the downward bit set into its routing table as a discard route.
D. It informs the PE router that the LSA was already redistributed into BGP by another PE router and that the LSA must not be redistributed into BGP again.
Answer: D
Explanation:
From RFC 4577, specifically section 4.2.5.1
When a type 3 LSA is sent from a PE router to a CE router, the DN bit [OSPF-DN] in the LSA Options field MUST be set. This is used to ensure that if any CE router sends this type 3 LSA to a PE router, the PE router will not redistribute it further.
When a PE router needs to distribute to a CE router a route that comes from a site outside the latter’s OSPF domain, the PE router presents itself as an ASBR (Autonomous System Border Router), and distributes the route in a type 5 LSA. The DN bit [OSPF-DN] MUST be set in these LSAs to ensure that they will be ignored by any other PE routers that receive them.