♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 300-101 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 300-101 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/300-101-exam-dumps.html
Q31. A network engineer initiates the ip sla responder tcp-connect command in order to gather statistics for performance gauging. Which type of statistics does the engineer see?
A. connectionless-oriented
B. service-oriented
C. connection-oriented
D. application-oriented
Answer: C
Explanation:
Configuration Examples for IP SLAs TCP Connect Operations The following example shows
how to configure a TCP Connection-oriented operation from Device B to the Telnet port (TCP port 23) of IP
Host 1 (IP address 10.0.0.1), as shown in the "TCP Connect Operation" figure in the "Information About
the IP SLAs TCP Connect Operation" section. The operation is scheduled to start immediately. In this
example, the control protocol is disabled on the source (Device B). IP SLAs uses the control protocol to
notify the IP SLAs responder to enable the target port temporarily. This action allows the responder to reply
to the TCP Connect operation. In this example, because the target is not a Cisco device and a well- known
TCP port is used, there is no need to send the control message. Device A (target device) Configuration
configure terminal ip sla responder tcp-connect ipaddress 10.0.0.1 port 23
Reference: http://
www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipsla/configuration/15-mt/sla-15- mt-book/ sla_tcp_conn.html
Q32. Which technology was originally developed for routers to handle fragmentation in the path between end points?
A. PMTUD
B. MSS
C. windowing
D. TCP
E. global synchronization
Answer: A
Explanation:
Q33. Which address is used by the Unicast Reverse Path Forwarding protocol to validate a packet against the routing table?
A. source address
B. destination address
C. router interface
D. default gateway
Answer: A
Explanation:
The Unicast RPF feature helps to mitigate problems that are caused by the introduction of
malformed or forged (spoofed) IP source addresses into a network by discarding IP packets that lack a
verifiable IP source address. For example, a number of common types of denial-of-service (DoS) attacks,
including Smurf and Tribal Flood Network (TFN), can take advantage of forged or rapidly changing source
IP addresses to allow attackers to thwart efforts to locate or filter the attacks. For Internet service providers
(ISPs) that provide public access, Unicast RPF deflects such attacks by forwarding only packets that have
source addresses that are valid and consistent with the IP routing table. This action protects the network of
the ISP, its customer, and the rest of the Internet. Reference: http://www.cisco.com/en/US/docs/ios/12_2/
security/configuration/guide/scfrpf.html
Q34. An organization decides to implement NetFlow on its network to monitor the fluctuation of traffic that is disrupting core services. After reviewing the output of NetFlow, the network engineer is unable to see OUT traffic on the interfaces. What can you determine based on this information?
A. Cisco Express Forwarding has not been configured globally.
B. NetFlow output has been filtered by default.
C. Flow Export version 9 is in use.
D. The command ip flow-capture fragment-offset has been enabled.
Answer: A
Explanation:
We came across a recent issue where a user setup a router for NetFlow export but was unable to see the
OUT traffic for the interfaces in NetFlow Analyzer. Every NetFlow configuration aspect was checked and
nothing incorrect was found. That is when we noticed the `no ip cef' command on the router. CEF was
enabled at the global level and within seconds, NetFlow Analyzer started showing OUT traffic for the
interfaces. This is why this topic is about Cisco Express Forwarding.
What is switching?
A Router must make decisions about where to forward the packets passing through. This decision-making
process is called "switching". Switching is what a router does when it makes the following decisions:
1.Whether to forward or not forward the packets after checking that the destination for the packet is
reachable.
2.If the destination is reachable, what is the next hop of the router and which interface will the router use to
get to that destination.
What is CEF?
CEF is one of the available switching options for Cisco routers. Based on the routing table, CEF creates its
own table, called the Forwarding Information Base (FIB). The FIB is organized differently than the routing
table and CEF uses the FIB to decide which interface to send traffic from. CEF offers the following
benefits:
1.Better performance than fast-switching (the default) and takes less CPU to perform the same task.
2.When enabled, allows for advanced features like NBAR
3.Overall, CEF can switch traffic faster than route-caching using fast-switching
How to enable CEF?
CEF is disabled by default on all routers except the 7xxx series routers. Enabling and Disabling CEF is
easy. To enable CEF, go into global configuration mode and
enter the CEF command.
Router# config t
Router(config)# ip cef
Router(config)#
To disable CEF, simply use the `no' form of the command, ie. `no ip cef`.
Why CEF Needed when enabling NetFlow ?
CEF is a prerequisite to enable NetFlow on the router interfaces. CEF decides through which interface
traffic is exiting the router. Any NetFlow analyzer product will calculate the OUT traffic for an interface
based on the Destination Interface value present in the NetFlow packets exported from the router. If the
CEF is disabled on the router, the NetFlow packets exported from the router will have "Destination
interface" as "null" and this leads NetFlow Analyzer to show no OUT traffic for the interfaces. Without
enabling the CEF on the router, the NetFlow packets did not mark the destination interfaces and so
NetFlow Analyzer was not able to show the OUT traffic for the interfaces. Reference: https://
blogs.manageengine.com/network-2/netflowanalyzer/2010/05/19/need-for-cef- in-netflow-data-export.html
Q35. Which type of BGP AS number is 64591?
A. a private AS number
B. a public AS number
C. a private 4-byte AS number
D. a public 4-byte AS number
Answer: A
Explanation:
Q36. For security purposes, an IPv6 traffic filter was configured under various interfaces on the local router. However, shortly after implementing the traffic filter, OSPFv3 neighbor adjacencies were lost. What caused this issue?
A. The traffic filter is blocking all ICMPv6 traffic.
B. The global anycast address must be added to the traffic filter to allow OSPFv3 to work properly.
C. The link-local addresses that were used by OSPFv3 were explicitly denied, which caused the neighbor relationships to fail.
D. IPv6 traffic filtering can be implemented only on SVIs.
Answer: C
Explanation:
OSPFv3 uses link-local IPv6 addresses for neighbor discovery and other features, so if any IPv6 traffic
filters are implemented be sure to include the link local address so that it is permitted in the filter list.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx- os/unicast/configuration/
guide/l3_cli_nxos/l3_ospfv3.html
Q37. Router A and Router B are configured with IPv6 addressing and basic routing capabilities using OSPFv3. The networks that are advertised from Router A do not show up in Router B's routing table. After debugging IPv6 packets, the message "not a router" is found in the output. Why is the routing information not being learned by Router B?
A. OSPFv3 timers were adjusted for fast convergence.
B. The networks were not advertised properly under the OSPFv3 process.
C. An IPv6 traffic filter is blocking the networks from being learned via the Router B interface that is connected to Router A.
D. IPv6 unicast routing is not enabled on Router A or Router B.
Answer: D
Explanation:
show ipv6 traffic Field Descriptions
Field Description
source- Number of source-routed packets.
routed
truncated Number of truncated packets.
format Errors that can result from checks performed on header fields, errors the version number, and
packet length.
not a Message sent when IPv6 unicast routing is not enabled.
router
Reference:
http://www.cisco.com/c/en/us/td/docs/ios/ipv6/command/reference/ipv6_book/ipv6_16.html
Q38. A user is having issues accessing file shares on a network. The network engineer advises the user to open a web browser, input a prescribed IP address, and follow the instructions. After doing this, the user is able to access company shares. Which type of remote access did the engineer enable?
A. EZVPN
B. IPsec VPN client access
C. VPDN client access
D. SSL VPN client access
Answer: D
Explanation:
The Cisco AnyConnect VPN Client provides secure SSL connections to the security
appliance for remote users. Without a previously installed client, remote users enter the IP address in their
browser of an interface configured to accept SSL VPN connections. Unless the security appliance is
configured to redirect http:// requests to https://, users must enter the URL in the form https://<address>.
After entering the URL, the browser connects to that interface and displays the login screen. If the user
satisfies the login and authentication, and the security appliance identifies the user as requiring the client, it
downloads the client that matches the operating system of the remote computer. After downloading, the
client installs and configures itself, establishes a secure SSL connection and either remains or uninstalls
itself (depending on the security appliance configuration) when the connection terminates. Reference:
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next- generation-firewalls/100936-
asa8x-split-tunnel-anyconnect-config.html
Q39. Which three problems result from application mixing of UDP and TCP streams within a network with no QoS? (Choose three.)
A. starvation
B. jitter
C. latency
D. windowing
E. lower throughput
Answer: A,C,E
Explanation:
It is a general best practice not to mix TCP-based traffic with UDP-based traffic (especially
streaming video) within a single service provider class due to the behaviors of these protocols during
periods of congestion. Specifically, TCP transmitters will throttle-back flows when drops have been
detected. Although some UDP applications have application-level windowing, flow control, and
retransmission capabilities, most UDP transmitters are completely oblivious to drops and thus never lower
transmission rates due to dropping. When TCP flows are combined with UDP flows in a single service
provider class and the class experiences congestion, then TCP flows will continually lower their rates,
potentially giving up their bandwidth to drop-oblivious UDP flows. This effect is called TCP-starvation/
UDP-dominance. This can increase latency and lower the overall throughput. TCP-starvation/UDPdominance
likely occurs if (TCP-based) mission-critical data is assigned to the same service provider class
as (UDP-based) streaming video and the class experiences sustained congestion. Even if WRED is
enabled on the service provider class, the same behavior would be observed, as WRED (for the most part)
only affects TCP-based flows. Granted, it is not always possible to separate TCP-based flows from UDPbased
flows, but it is beneficial to be aware of this behavior when making such application-mixing
decisions. Reference: http://www.cisco.com/warp/public/cc/so/neso/vpn/vpnsp/spqsd_wp.htm
Q40. Which IPv6 address type is seen as the next-hop address in the output of the show ipv6 rip RIPng database command?
A. link-local
B. global
C. site-local
D. anycast
E. multicast
Answer: A
Explanation:
