Want to know Testking 400-101 Exam practice test features? Want to lear more about Cisco CCIE Routing and Switching (v5.0) certification experience? Study Top Quality Cisco 400-101 answers to Replace 400-101 questions at Testking. Gat a success with an absolute guarantee to pass Cisco 400-101 (CCIE Routing and Switching (v5.0)) test on your first attempt.
2021 Feb cisco 400-101:
Q71. Which option is the default number of routes over which EIGRP can load balance?
A. 1
B. 4
C. 8
D. 16
Answer: B
Explanation:
By default, EIGRP load-shares over four equal-cost paths. For load sharing to happen, the routes to load-share over must show up in the IP forwarding table or with the show ip route command. Only when a route shows up in the forwarding table with multiple paths to it will load sharing occur.
Reference: http://www.informit.com/library/content.aspx?b=CCIE_Practical_Studies_I&seqNum=126
Q72. DRAG DROP
Drag each AF class on the left to its matching DSCP binary value on the right.
Answer:
Q73. Which bit should be set in the link-state PDU of an IS-IS L1/L2 router to indicate that it is a potential exit point of the area?
A. the ABR bit
B. the ATT bit
C. the down bit
D. the P bit
Answer: B
Explanation:
Default routing is achieved in two distinct ways with Integrated IS-IS:
. Attached bit—Set by a Level 1/Level 2 router in its own Level 1 LSP and used to indicate to all Level 1 routers (within the area) that this router is a potential exit point of the area. Level 1-only routers will default to the nearest attached Level 2 router.
. Default information originate—Can be configured in Level 1 as well as Level 2. The default route (0.0.0.0/0) is inserted in the router LSP (Level 1 or Level 2, according to the configuration command) and the LSP is flooded according to the router type (Level 1 or Level 2). A Level 2 router doesn't need to have a default route to originate a default route.
Reference: http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a3e6f.sh tml
Q74. Which three statements about implementing a NAT application layer gateway in a network are true? (Choose three.)
A. It allows client applications to use dynamic ports to communicate with a server regardless of whether NAT is being used.
B. It maintains granular security over application-specific data.
C. It allows synchronization between multiple streams of data between two hosts.
D. Application layer gateway is used only in VoIP/SIP deployments.
E. Client applications require additional configuration to use an application layer gateway.
F. An application layer gateway inspects only the first 64 bytes of a packet before forwarding it through the network.
Answer: A,B,C
Explanation:
An application-level gateway (ALG), also known as an application-layer gateway, is an application that translates the IP address information inside the payload of an application packet. An ALG is used to interpret the application-layer protocol and perform firewall and Network Address Translation (NAT) actions. These actions can be one or more of the following depending on your configuration of the firewall and NAT:
. Allow client applications to use dynamic TCP or UDP ports to communicate with the server application.
. Recognize application-specific commands and offer granular security control over them.
. Synchronize multiple streams or sessions of data between two hosts that are exchanging data.
. Translate the network-layer address information that is available in the application payload
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/asr1000/nat-xe-3s-asr1k-book/fw-msrpc-supp.html
Q75. Which two hashing algorithms can be used when configuring SNMPv3? (Choose two.)
A. MD5
B. SHA-1
C. Blowfish
D. DES
E. AES
F. SSL
Answer: A,B
Explanation:
Note that SNMPv3 does not send passwords in clear-text and uses hash-based authentication with either MD5 or SHA1 functions (HMAC authentication – the packet conted is hashed along with authentication key to produce the authentication string).
Reference: http://blog.ine.com/2008/07/19/snmpv3-tutorial/
Avant-garde cisco 400-101:
Q76. Refer to the exhibit.
Which statement is true?
A. 2001:DB8::1/128 is a local host route, and it can be redistributed into a dynamic routing protocol.
B. 2001:DB8::1/128 is a local host route, and it cannot be redistributed into a dynamic routing protocol.
C. 2001:DB8::1/128 is a local host route that was created because ipv6 unicast-routing is not enabled on this router.
D. 2001:DB8::1/128 is a route that was put in the IPv6 routing table because one of this router's loopback interfaces has the IPv6 address 2001:DB8::1/128.
Answer: B
Explanation:
The local routes have the administrative distance of 0. This is the same adminstrative distance as connected routes. However, when you configure redistributed connected under any routing process, the connected routes are redistributed, but the local routes are not. This behavior allows the networks to not require a large number of host routes, because the networks of the interfaces are advertised with their proper masks. These host routes are only needed on the router that owns the IP address in order to process packets destined to that IP address.
It is normal for local host routes to be listed in the IPv4 and IPv6 routing table for IP addresses of the router's interfaces. Their purpose is to create a corresponding CEF entry as a receive entry so that the packets destined to this IP address can be processed by the router itself. These routes cannot be redistributed into any routing protocol.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/ip-routing/116264-technote-ios-00.html
Q77. Refer to the exhibit.
A Cisco Catalyst 6500 Series Switch experiences high CPU utilization. What can be the cause of this issue, and how can it be prevented?
A. The hardware routing table is full. Redistribute from BGP into IGP.
B. The software routing table is full. Redistribute from BGP into IGP.
C. The hardware routing table is full. Reduce the number of routes in the routing table.
D. The software routing table is full. Reduce the number of routes in the routing table.
Answer: C
Explanation:
FIB TCAM Exception - If you try to install more routes than are possible into the FIB TCAM you will see the following error message in the logs:
CFIB-SP-STBY-7-CFIB_EXCEPTION : FIB TCAM exception, Some entries will be software switched
%CFIB-SP-7-CFIB_EXCEPTION : FIB TCAM exception, Some entries will be software switched.
%CFIB-SP-STBY-7-CFIB_EXCEPTION : FIB TCAM exception, Some entries will be software switched.
This error message is received when the amount of available space in the TCAM is exceeded. This results in high CPU. This is a FIB TCAM limitation. Once TCAM is full, a flag will be set and FIB TCAM exception is received. This stops from adding new routes to the TCAM. Therefore, everything will be software switched. The removal of routes does not help resume hardware switching. Once the TCAM enters the exception state, the system must be reloaded to get out of that state. You can view if you have hit a FIB TCAM exception with the following command:
6500-2#sh mls cef exception status
Current IPv4 FIB exception state = TRUE
Current IPv6 FIB exception state = FALSE
Current MPLS FIB exception state = FALSE
When the exception state is TRUE, the FIB TCAM has hit an exception.
The maximum routes that can be installed in TCAM is increased by the mls cef maximum-routes command.
Reference: https://supportforums.cisco.com/document/59926/troubleshooting-high-cpu-6500-sup720
Q78. Which statement describes the difference between a stub area and a totally stub area?
A. The ABR advertises a default route to a totally stub area and not to a stub area.
B. Stub areas do not allow LSA types 4 and 5, while totally stub areas do not allow LSA types 3, 4, and 5.
C. Totally stub areas allow limited external routes in the area via a special type 7 LSA, while stub areas do not.
D. Stub areas do not allow external LSAs, ASBR summary LSAs, or summary LSAs with the exception of a default route originated by the ABR via a summary LSA.
Answer: B
Explanation:
. Standard areas can contain LSAs of type 1, 2, 3, 4, and 5, and may contain an ASBR. The backbone is considered a standard area.
. Stub areas can contain type 1, 2, and 3 LSAs. A default route is substituted for external routes.
. Totally stubby areas can only contain type 1 and 2 LSAs, and a single type 3 LSA. The type 3 LSA describes a default route, substituted for all external and inter-area routes.
. Not-so-stubby areas implement stub or totally stubby functionality yet contain an ASBR. Type 7 LSAs generated by the ASBR are converted to type 5 by ABRs to be flooded to the rest of the OSPF domain.
Reference: http://packetlife.net/blog/2008/jun/24/ospf-area-types/
Q79. Which technology can be used to secure the core of an STP domain?
A. UplinkFast
B. BPDU guard
C. BPDU filter
D. root guard
Answer: D
Explanation:
Since STP does not implement any authentication or encryption to protect the exchange of BPDUs, it is vulnerable to unauthorized participation and attacks. Cisco IOS offers the STP Root Guard feature to enforce the placement of the root bridge and secure the core of the STP domain.
STP root guard forces a port to become a designated port so that no switch on the other end of the link can become a root switch. If a port configured for root guard receives a superior BPDU, the port it is received on is blocked. In this way, STP root guard blocks other devices from trying to become the root bridge.
STP root guard should be enabled on all ports that will never connect to a root bridge, for example, all end user ports. This ensures that a root bridge will never be negotiated on those ports.
Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/Baseline_Security/secur ebasebook/sec_chap7.html
Q80. Which BGP feature allows a router to maintain its current BGP configuration while it advertises a different AS number to new connections?
A. local-AS
B. next-hop-self
C. allow-AS in
D. soft reset
Answer: A
Explanation:
The local-AS feature allows a router to appear to be a member of a second autonomous system (AS), in addition to its real AS. This feature can only be used for true eBGP peers. The local-AS feature is useful if ISP-A purchases ISP-B, but ISP-B's customers do not want to modify any peering arrangements or configurations. The local-AS feature allows routers in ISP-B to become members of ISP-A's AS. At the same time, these routers appear to their customers to retain their ISP-B AS number.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13761-39.html