300-101

We have all the necessary Cisco 300-101 practice questions and answers which are closely equal on the Cisco 300-101 actual exam. Your Cisco Cisco exam dumps are put together and verified via multiple times. Each of the Cisco 300-101 exam syllabuses are integrated in our 300-101 products. The kind of Cisco practice questions will be the same as the real Cisco 300-101 exam, that is certainly multiple choice which can make you just as if on the true test day time.


♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for Cisco 300-101 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 300-101 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/300-101-exam-dumps.html

2021 Apr 300-101 actual exam

Q61. A network engineer executes the show crypto ipsec sa command. Which three pieces of information are displayed in the output? (Choose three.) 

A. inbound crypto map 

B. remaining key lifetime 

C. path MTU 

D. tagged packets 

E. untagged packets 

F. invalid identity packets 

Answer: A,B,C 

Explanation: 

show crypto ipsec sa This command shows IPsec SAs built between peers. The encrypted

tunnel is built between 12.1.1.1 and 12.1.1.2 for traffic that goes between networks 20.1.1.0 and 10.1.1.0.

You can see the two Encapsulating Security Payload (ESP) SAs built inbound and outbound.

Authentication Header (AH) is not used since there are

no AH SAs.

This output shows an example of the show crypto ipsec sa command (bolded ones found in answers for

this question).

interface: FastEthernet0

Crypto map tag: test, local addr. 12.1.1.1

local ident (addr/mask/prot/port): (20.1.1.0/255.255.255.0/0/0) remote ident (addr/mask/prot/port):

(10.1.1.0/255.255.255.0/0/0) current_peer: 12.1.1.2

PERMIT, flags={origin_is_acl,}

#pkts encaps: 7767918, #pkts encrypt: 7767918, #pkts digest 7767918 #pkts decaps: 7760382, #pkts

decrypt: 7760382, #pkts verify 7760382 #pkts compressed:

0, #pkts decompressed: 0

#pkts not compressed: 0, #pkts compr. failed: 0,

#pkts decompress failed: 0, #send errors 1, #recv errors 0 local crypto endpt.: 12.1.1.1, remote crypto

endpt.: 12.1.1.2 path mtu 1500, media mtu 1500

current outbound spi: 3D3

inbound esp sas:

spi: 0x136A010F(325714191)

transform: esp-3des esp-md5-hmac ,

in use settings ={Tunnel, }

slot: 0, conn id: 3442, flow_id: 1443, crypto map: test sa timing: remaining key lifetime (k/sec):

(4608000/52) IV size: 8 bytes

replay detection support: Y

inbound ah sas:

inbound pcp sas:

inbound pcp sas:

outbound esp sas:

spi: 0x3D3(979)

transform: esp-3des esp-md5-hmac ,

in use settings ={Tunnel, }

slot: 0, conn id: 3443, flow_id: 1444, crypto map: test sa timing: remaining key lifetime (k/sec):

(4608000/52) IV size: 8 bytes

replay detection support: Y

outbound ah sas:

outbound pcp sas:

Reference: http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike- protocols/5409-

ipsec-debug-00.html


Q62. The following configuration is applied to a router at a branch site: 

ipv6 dhcp pool dhcp-pool 

dns-server 2001:DB8:1:B::1 

dns-server 2001:DB8:3:307C::42 

domain-name example.com 

If IPv6 is configured with default settings on all interfaces on the router, which two dynamic IPv6 addressing mechanisms could you use on end hosts to provide end-to-end connectivity? (Choose two.) 

A. EUI-64 

B. SLAAC 

C. DHCPv6 

D. BOOTP 

Answer: A,B 

Explanation: 


Q63. An engineer executes the ip flow ingress command in interface configuration mode. What is the result of this action? 

A. It enables the collection of IP flow samples arriving to the interface. 

B. It enables the collection of IP flow samples leaving the interface. 

C. It enables IP flow while disabling IP CEF on the interface. 

D. It enables IP flow collection on the physical interface and its subinterfaces. 

Answer:

Explanation: 


Improve 300-101 test preparation:

Q64. Refer to the exhibit. Which statement about the configuration is true? 

A. 20 packets are being sent every 30 seconds. 

B. The monitor starts at 12:05:00 a.m. 

C. Jitter is being tested with TCP packets to port 65051. 

D. The packets that are being sent use DSCP EF. 

Answer:

Explanation: 


Q65. Which three TCP enhancements can be used with TCP selective acknowledgments? (Choose three.) 

A. header compression 

B. explicit congestion notification 

C. keepalive 

D. time stamps 

E. TCP path discovery 

F. MTU window 

Answer: B,C,D 

Explanation: 

TCP Selective Acknowledgment

The TCP Selective Acknowledgment feature improves performance if multiple packets are lost from one

TCP window of data.

Prior to this feature, because of limited information available from cumulative acknowledgments, a TCP

sender could learn about only one lost packet per-round-trip

time. An aggressive sender could choose to resend packets early, but such re-sent segments might have

already been successfully received.

The TCP selective acknowledgment mechanism helps improve performance. The receiving TCP host

returns selective acknowledgment packets to the sender,

informing the sender of data that has been received. In other words, the receiver can acknowledge packets

received out of order. The sender can then resend only

missing data segments (instead of everything since the first missing packet).

Prior to selective acknowledgment, if TCP lost packets 4 and 7 out of an 8-packet window, TCP would

receive acknowledgment of only packets 1, 2, and 3. Packets

4 through 8 would need to be re-sent. With selective acknowledgment, TCP receives acknowledgment of

packets 1, 2, 3, 5, 6, and 8. Only packets 4 and 7 must be

re-sent.

TCP selective acknowledgment is used only when multiple packets are dropped within one TCP window.

There is no performance impact when the feature is

enabled but not used. Use the ip tcp selective-ack command in global configuration mode to enable TCP

selective acknowledgment.

Refer to RFC 2021 for more details about TCP selective acknowledgment.

TCP Time Stamp

The TCP time-stamp option provides improved TCP round-trip time measurements. Because the time

stamps are always sent and echoed in both directions and the time-stamp value in the header is always

changing, TCP header compression will not compress the outgoing packet. To allow TCP header

compression over a serial link, the TCP time-stamp option is disabled. Use the ip tcp timestamp command

to enable the TCP time-stamp option.

TCP Explicit Congestion Notification

The TCP Explicit Congestion Notification (ECN) feature allows an intermediate router to notify end hosts of

impending network congestion. It also provides enhanced support for TCP sessions associated with

applications, such as Telnet, web browsing, and transfer of audio and video data that are sensitive to delay

or packet loss. The benefit of this feature is the reduction of delay and packet loss in data transmissions.

Use the ip tcp ecn command in global configuration mode to enable TCP ECN.

TCP Keepalive Timer

The TCP Keepalive Timer feature provides a mechanism to identify dead connections. When a TCP

connection on a routing device is idle for too long, the device sends a TCP keepalive packet to the peer

with only the Acknowledgment (ACK) flag turned on. If a response packet (a TCP ACK packet) is not

received after the device sends a specific number of probes, the connection is considered dead and the

device initiating the probes frees resources used by the TCP connection. Reference: http://www.cisco.com/

c/en/us/td/docs/ios-xml/ios/ipapp/configuration/xe-3s/asr1000/iap-xe-3s-asr1000-book/iap-tcp.html#GUID-22A82C5F-631F-4390-9838-F2E48FFEEA01


Q66. A network engineer is trying to modify an existing active NAT configuration on an IOS router by using the following command: 

(config)# no ip nat pool dynamic-nat-pool 192.1.1.20 192.1.1.254 netmask 255.255.255.0 

Upon entering the command on the IOS router, the following message is seen on the console: 

%Dynamic Mapping in Use, Cannot remove message or the %Pool outpool in use, cannot destroy 

What is the least impactful method that the engineer can use to modify the existing IP NAT configuration? 

A. Clear the IP NAT translations using the clear ip nat traffic * " command, then replace the NAT configuration quickly, before any new NAT entries are populated into the translation table due to active NAT traffic. 

B. Clear the IP NAT translations using the clear ip nat translation * " command, then replace the NAT configuration quickly, before any new NAT entries are populated into the translation table due to active NAT traffic. 

C. Clear the IP NAT translations using the reload command on the router, then replace the NAT configuration quickly, before any new NAT entries are populated into the translation table due to active NAT traffic. 

D. Clear the IP NAT translations using the clear ip nat table * " command, then replace the NAT configuration quickly, before any new NAT entries are populated into the translation table due to active NAT traffic. 

Answer:

Explanation: 


Related 300-101 posts:

  1. An Expert interview about 300 101 pdf
  2. 300-101 free samples(31 to 40) for IT learners: Apr 2021 Edition
  3. A Complete Guide to ccnp route 300-101 exam questions
  4. What tells you about ccnp study guide 300-101
  5. Ultimate Guide: ccnp 300 101 pdf