Want to know Pass4sure 400-101 Exam practice test features? Want to lear more about Cisco CCIE Routing and Switching (v5.0) certification experience? Study Highest Quality Cisco 400-101 answers to Renovate 400-101 questions at Pass4sure. Gat a success with an absolute guarantee to pass Cisco 400-101 (CCIE Routing and Switching (v5.0)) test on your first attempt.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 400-101 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/400-101-exam-dumps.html
2021 Mar 400-101 test engine
Q481. Which term describes an EIGRP route that has feasible successors?
A. active
B. passive
C. redistributed
D. invalid
Answer: B
Explanation:
A topology table entry for a destination can have one of two states. A route is considered in the Passive state when a router is not performing a route recomputation. The route is in Active state when a router is undergoing a route recomputation. If there are always feasible successors, a route never has to go into Active state and avoids a route recomputation.
When there are no feasible successors, a route goes into Active state and a route recomputation occurs. A route recomputation commences with a router sending a query packet to all neighbors. Neighboring routers can either reply if they have feasible successors for the destination or optionally return a query indicating that they are performing a route recomputation. While in Active state, a router cannot change the next-hop neighbor it is using to forward packets. Once all replies are received for a given query, the destination can transition to Passive state and a new successor can be selected.
Reference: http://docwiki.cisco.com/wiki/Enhanced_Interior_Gateway_Routing_Protocol
Q482. Which technology facilitates neighbor IP address resolution in DMVPN?
A. CEF
B. mGRE
C. a dynamic routing protocol
D. NHRP
Answer: D
Explanation:
NHRP Used with a DMVPN
NHRP is used to facilitate building a VPN and provides address resolution in DMVPN. In this context, a VPN consists of a virtual Layer 3 network that is built on top of an actual Layer 3 network. The topology you use over the VPN is largely independent of the underlying network, and the protocols you run over it are completely independent of it. The VPN network (DMVPN) is based on GRE IP logical tunnels that can be protected by adding in IPsec to encrypt the GRE IP tunnels.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_4/ip_addr/configuration/guide/hadnhrp.html#w p1057255
Q483. Which data plane protocol does EIGRP Over the Top use?
A. MPLS
B. GRE
C. LISP
D. IP-in-IP
Answer: C
Explanation:
The EIGRP Over the Top solution can be used to ensure connectivity between disparate Enhanced Interior Gateway Routing Protocol (EIGRP) sites. This feature uses EIGRP on the control plane and Locator ID Separation Protocol (LISP) encapsulation on the data plane to route traffic across the underlying WAN architecture. EIGRP is used to distribute routes between customer edge (CE) devices within the network, and the traffic forwarded across the WAN architecture is LISP encapsulated. Therefore, to connect disparate EIGRP sites, you must configure the neighbor command with LISP encapsulation on every CE in the network.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-xe-3s-book/ire-eigrp-over-the-top.html
Q484. Which two issues is TCP Sequence Number Randomization designed to prevent? (Choose two.)
A. DDOS attacks
B. OS fingerprinting
C. man-in-the-middle attacks
D. ARP poisoning
E. Smurf attack
Answer: B,C
Q485. Refer to the exhibit.
If a Layer 3 switch running OSPF in a VRF-lite configuration reports this error, which action can you take to correct the problem?
A. Set mls cef maximum-routes in the global configuration.
B. Add the vrf-lite capability to the OSPF configuration.
C. Upgrade the Layer 3 switch to a model that can support more routes.
D. Configure the control plane with a larger memory allocation to support the Cisco Express Forwarding Information Base.
Answer: A
Renewal 400-101 free practice test:
Q486. Which trunking configuration between two Cisco switches can cause a security risk?
A. configuring different native VLANs on the switches
B. configuring different trunk modes on the switches
C. configuring mismatched VLANs on the trunk
D. disabling DTP on the trunk ports
E. configuring incorrect channel-groups on the switches
Answer: A
Q487. Refer to the exhibit.
This network is configured with PIM, and the RPF check has failed toward the multicast source. Which two configuration changes must you make to router R3 to enable the RPF check to pass? (Choose two.)
A. Configure a static multicast route to the multicast source through the tunnel interface.
B. Configure a static multicast route to the multicast source LAN through the tunnel interface.
C. Configure a static multicast route to the multicast source LAN through the Ethernet interface.
D. Remove the command ip prim bidir-enable from the R3 configuration.
Answer: A,B
Q488. Which three conditions can cause excessive unicast flooding? (Choose three.)
A. Asymmetric routing
B. Repeated TCNs
C. The use of HSRP
D. Frames sent to FFFF.FFFF.FFFF
E. MAC forwarding table overflow
F. The use of Unicast Reverse Path Forwarding
Answer: A,B,E
Explanation:
Causes of Flooding
The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on). Below case studies display most
common reasons for destination MAC address not being known to the switch.
Cause 1: Asymmetric Routing
Large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links.
Cause 2: Spanning-Tree Protocol Topology Changes
Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur. TCNs are triggered by a port that is transitioning to or from the forwarding state. After the TCN, even if the particular destination MAC address has aged out, flooding should not happen for long in most cases since the address will be relearned. The issue might arise when TCNs are occurring repeatedly with short intervals. The switches will constantly be fast-aging their forwarding tables so flooding will be nearly constant. Normally, a TCN is rare in a well-configured network. When the port on a switch goes up or down, there is eventually a TCN once the STP state of the port is changing to or from forwarding. When the port is flapping, repetitive TCNs and flooding occurs.
Cause 3: Forwarding Table Overflow
Another possible cause of flooding can be overflow of the switch forwarding table. In this case, new addresses cannot be learned and packets destined to such addresses are flooded until some space becomes available in the forwarding table. New addresses will then be learned. This is possible but rare, since most modern switches have large enough forwarding tables to accommodate MAC addresses for most designs. Forwarding table exhaustion can also be caused by an attack on the network where one host starts generating frames each sourced with different MAC address. This will tie up all the forwarding table resources. Once the forwarding tables become saturated, other traffic will be flooded because new learning cannot occur. This kind of attack can be detected by examining the switch forwarding table. Most of the MAC addresses will point to the same port or group of ports. Such attacks can be prevented by limiting the number of MAC addresses learned on untrusted ports by using the port security feature.
Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/23563-143.html#causes
Q489. Refer to the exhibit.
Which statement is true?
A. 2001:DB8::1/128 is a local host route, and it can be redistributed into a dynamic routing protocol.
B. 2001:DB8::1/128 is a local host route, and it cannot be redistributed into a dynamic routing protocol.
C. 2001:DB8::1/128 is a local host route that was created because ipv6 unicast-routing is not enabled on this router.
D. 2001:DB8::1/128 is a route that was put in the IPv6 routing table because one of this router's loopback interfaces has the IPv6 address 2001:DB8::1/128.
Answer: B
Explanation:
The local routes have the administrative distance of 0. This is the same adminstrative distance as connected routes. However, when you configure redistributed connected under any routing process, the connected routes are redistributed, but the local routes are not. This behavior allows the networks to not require a large number of host routes, because the networks of the interfaces are advertised with their proper masks. These host routes are only needed on the router that owns the IP address in order to process packets destined to that IP address.
It is normal for local host routes to be listed in the IPv4 and IPv6 routing table for IP addresses of the router's interfaces. Their purpose is to create a corresponding CEF entry as a receive entry so that the packets destined to this IP address can be processed by the router itself. These routes cannot be redistributed into any routing protocol.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/ip-routing/116264-technote-ios-00.html
Q490. Refer to the exhibit.
Which option is the result of this configuration?
A. Devices in OSPF area 15 can reach the summary route 192.168.0.0/16 and its more specific subnets.
B. Devices in OSPF area 15 can reach only the more specific routes of 192.168.0.0/16.
C. Devices in OSPF area 0 can reach the summary route 192.168.0.0/16 and its more specific subnets.
D. Devices in OSPF area 0 can reach only the summary route of 192.168.0.0/16.
Answer: A
Explanation:
. area range
To consolidate and summarize routes at an area boundary, use the area range command in router configuration mode. To disable this function, use theno form of this command. Area area-id range ip-address mask [advertise | not-advertise] [cost cost] no area area-id range ip-address mask [advertise | not-advertise] [cost cost]
. Syntax Description
area-id
Identifier of the area about which routes are to be summarized. It can be specified as either a decimal value or as an IP address.
ip-address
IP address.
mask
IP address mask.
advertise
(Optional) Sets the address range status to advertise and generates a Type 3 summary link-state advertisement (LSA).
not-advertise
(Optional) Sets the address range status to DoNotAdvertise. The Type 3 summary LSA is suppressed, and the component networks remain hidden from other networks.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/iproute/command/reference/fiprrp_r/1rfospf. html