Our pass rate is high to 98.9% and the similarity percentage between our cisco 400 101 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Cisco 400 101 ccie exam in just one try? I am currently studying for the Cisco ccie 400 101 dumps exam. Latest Cisco passleader 400 101 Test exam practice questions and answers, Try Cisco cisco 400 101 Brain Dumps First.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 400-101 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/400-101-exam-dumps.html
Q101. DRAG DROP
Drag and drop the NHRP flag on the left to the corresponding meaning on the right.
Answer:
Q102. Refer to the exhibit.
What will be the extended community value of this route?
A. RT:200:3000 RT:200:9999
B. RT:200:9999 RT:200:3000
C. RT:200:3000
D. RT:200:9999
Answer: D
Explanation:
Here the route map is being used to manually set the extended community RT to 200:9999
Q103. An NSSA area has two ABRs connected to Area 0. Which statement is true?
A. Both ABRs translate Type-7 LSAs to Type-5 LSAs.
B. The ABR with the highest router ID translates Type-7 LSAs to Type-5 LSAs.
C. Both ABRs forward Type-5 LSAs from the NSSA area to backbone area.
D. No LSA translation is needed.
Answer: B
Q104. Refer to the exhibit.
What is the meaning of the asterisk (*) in the output?
A. PIM neighbor 10.1.5.6 is the RPF neighbor for the group 232.1.1.1 for the shared tree.
B. PIM neighbor 10.1.5.6 is the one that is seen as the RPF neighbor when performing the command show ip rpf 10.1.4.7.
C. PIM neighbor 10.1.5.6 is the winner of an assert mechanism.
D. The RPF neighbor 10.1.5.6 is invalid.
Answer: C
Explanation:
show ip mroute
Field
Descriptions
Field Description
RPF neighbor or RPF nbr
IP address of the upstream router to the source. Tunneling indicates that this router is sending data to the RP encapsulated in register packets.
The hexadecimal number in parentheses indicates to which RP it is registering. Each bit indicates a different RP if multiple RPs per group are used. If an asterisk (*) appears after the IP address in this field, the RPF neighbor has been learned through an assert.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/ipmulti/command/reference/fiprmc_r/1rfmult 3.html
Q105. Which two statements about NPTv6 are true? (Choose two.)
A. The translation is invisible to applications that hard code IP information within the application logic.
B. It is a one-way stateful translation for the IPv6 address.
C. Translation is 1:1 at the network layer.
D. It is a two-way stateless translation for the network prefix.
Answer: C,D
Explanation:
This document describes a stateless, transport-agnostic IPv6-to-IPv6 Network Prefix Translation (NPTv6) function that provides the address-independence benefit associated with IPv4-to-IPv4 NAT (NAPT44) and provides a 1:1 relationship between addresses in the "inside" and "outside" prefixes, preserving end-to-end reachability at the network layer NPTv6 Translation is stateless, so a "reset" or brief outage of an NPTv6 Translator does not break connections that traverse the translation function, and if multiple NPTv6 Translators exist between the same two networks, the load can shift or be dynamically load shared among them. NPTv6 is defined to include a two-way, checksum-neutral, algorithmic translation function, and nothing else.
Reference: https://tools.ietf.org/html/rfc6296
Q106. Refer to the exhibit.
While configuring AAA with a local database, users can log in via Telnet, but receive the message "error in authentication" when they try to go into enable mode. Which action can solve this problem?
A. Configure authorization to allow the enable command.
B. Use aaa authentication login default enable to allow authentication when using the enable command.
C. Verify whether an enable password has been configured.
D. Use aaa authentication enable default enable to allow authentication when using the enable command.
Answer: C
Explanation:
If a different enable password is configured, it will override the privilege level 15 of that user and force the existing password to be used for enable access.
Q107. Which statement about the RPF interface in a BIDIR-PIM network is true?
A. In a BIDIR-PIM network, the RPF interface is always the interface that is used to reach the PIM rendezvous point.
B. In a BIDIR-PIM network, the RPF interface can be the interface that is used to reach the PIM rendezvous point or the interface that is used to reach the source.
C. In a BIDIR-PIM network, the RPF interface is always the interface that is used to reach the source.
D. There is no RPF interface concept in BIDIR-PIM networks.
Answer: A
Explanation:
RPF stands for "Reverse Path Forwarding". The RPF Interface of a router with respect to an address is the interface that the MRIB indicates should be used to reach that address. In the case of a BIDIR-PIM multicast group, the RPF interface is determined by looking up the Rendezvous Point Address in the MRIB. The RPF information determines the interface of the router that would be used to send packets towards the Rendezvous Point Link for the group.
Reference: https://tools.ietf.org/html/rfc5015
Q108. Refer to the exhibit.
Which statement about the R1 configuration is true?
A. It permits host 10.1.1.2 to establish a Telnet connection to R1.
B. It limits remote hosts to two SSH connection attempts.
C. SSH connections to R1 will log out after a 5-minute idle interval.
D. Hosts that reside on network 10.0.0.0/8 can SSH to R1.
E. The R1 timeout for outgoing SSH connection attempts is 30 seconds.
Answer: E
Explanation:
The timeout for outgoing SSH connection is defined by the “ip sshh time-out” command (in seconds), which is configured here as 30.
Q109. Which two statements about DHCP snooping are true? (Choose two.)
A. It is implemented on a per-VLAN basis.
B. It filters invalid DHCP messages.
C. The binding database logs trusted and untrusted hosts with leased IP addresses.
D. Interfaces are trusted by default.
E. It uses the LFIB to validate requests from untrusted hosts.
Answer: A,B
Q110. Refer to the exhibit.
This is the configuration of the ASBR of area 110.Which option explains why the remote ABR should not translate the type 7 LSA for the prefix 192.168.0.0/16 into a type 5 LSA?
A. The remote ABR translates all type 7 LSA into type 5 LSA, regardless of any option configured in the ASBR.
B. The ASBR sets the forwarding address to 0.0.0.0 which instructs the ABR not to translate the LSA into a type 5 LSA.
C. The ASBR originates a type 7 LSA with age equal to MAXAGE 3600.
D. The ABR clears the P bit in the header of the type 7 LSA for 192.168.0.0/16.
Answer: D
Explanation:
When external routing information is imported into an NSSA, LSA Type 7 is generated by the ASBR and it is flooded within that area only. To further distribute the external information, type 7 LSA is translated into type 5 LSA at the NSSA border. The P-bit in LSA Type 7 field indicates whether the type 7 LSA should be translated. This P-bit is automatically set by the NSSA ABR (also the Forwarding Address (FA) is copied from Type 7 LSA). The P-bit is not set only when the NSSA ASBR and NSSA ABR are the same router for the area. If bit P = 0, then the NSSA ABR must not translate this LSA into Type 5.
The nssa-only keyword instructs the device to instigate Type-7 LSA with cleared P-bit, thereby, preventing LSA translation to Type 5 on NSSA ABR device.
Note. If a router is attached to another AS and is also an NSSA ABR, it may originate a both a type-5 and a type-7 LSA for the same network. The type-5 LSA will be flooded to the backbone and the type-7 will be flooded into the NSSA. If this is the case, the P-bit must be reset (P=0) in the type-7 LSA so the type-7 LSA isn’t again translated into a type-5 LSA by another NSSA ABR.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-e/iro-15-e-book/iro-ospfv3-nssa-cfg.html