Exam Code: 400-101 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CCIE Routing and Switching (v5.0)
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 400-101 Exam.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 400-101 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
2021 Apr 400-101 sample question
Q141. What is the most secure way to store ISAKMP/IPSec preshared keys in Cisco IOS?
A. Use the service password-encryption command.
B. Encrypt the ISAKMP preshared key in secure type 5 format.
C. Encrypt the ISAKMP preshared key in secure type 7 format.
D. Encrypt the ISAKMP preshared key in secure type 6 format.
Using the Encrypted Preshared Key feature, you can securely store plain text passwords in type 6 format in NVRAM using a command-line interface (CLI). Type 6 passwords are encrypted. Although the encrypted passwords can be seen or retrieved, it is difficult to decrypt them to find out the actual password. This is currently the most secure way to store keys.
Q142. Which two statements about MPLS VPNs are true? (Choose two.)
A. PE routers maintain customer routes in the VPN for that customer.
B. They use the explicit-null label by default.
C. P routers are used only for label transit.
D. P routers maintain customer routes in the VPN for that customer.
E. They support only one route target.
F. Each interface on a PE router must have its own VRF.
Q143. Which option is an incorrect design consideration when deploying OSPF areas?
A. area 1 - area 0 - MPLS VPN backbone - area 0 - area 2
B. area 1 - MPLS VPN backbone - area 2
C. area 1 - MPLS VPN backbone - area 1
D. area 2 - area 0 - MPLS VPN backbone - area 1
E. area 0 - area 2 - MPLS VPN superbackbone - area 1
In the case of MPLS-VPN Backbone as The OSPF superbackbone behaves exactly like Area 0 in regular OSPF, so we cannot have two different area 0’s that are not directly connected to each other. When area 0 connects to the superbackbone, it simply becomes an extension of area 0.
Q144. Which three options are three benefits of an MPLS VPN? (Choose three.)
A. It allows IP address space overlap by maintaining customer routes in a private routing table.
B. It offers additional security by preventing intrusions directly into the customer routing table.
C. It offers a transparent virtual network in which all customer sites appear on one LAN.
D. It offers additional security by allowing only dynamic routing protocols between CE and PE routers.
E. It allows IP address space overlap by maintaining customer routes in the global routing table with unique BGP communities.
F. Providers can send only a default route for Internet access into the customer VPN.
Q145. How many hash buckets does Cisco Express Forwarding use for load balancing?
In order to understand how the load balance takes place, you must first see how the tables relate. The Cisco Express Forwarding table points to 16 hash buckets (load share table), which point to the adjacency table for parallel paths. Each packet to be switched is broken up into the source and destination address pair and checked against the loadshare table.
Up to the minute 400-101 practice:
Q146. DRAG DROP
Drag and drop each GET VPN feature on the left to the corresponding function it performs on the right.
Q147. MPLS LDP IGP synchronization is configured on a link. The OSPF adjacency on that link is UP but MPLS LDP synchronization is not achieved. Which statement about this scenario is true?
A. The router excludes the link from its OSPF LSA type 1.
B. The router flushes its own router LSA.
C. The router advertises the link in its router LSA with max-metric.
D. The router advertises an LSA type 2 for this link, with the metric set to max-metric.
E. The router advertises the link and OSPF adjacency as it would when the synchronization is achieved.
To enable LDP-IGP Synchronization on each interface that belongs to an OSPF or IS-IS process, enter the mpls ldp sync command. If you do not want some of the interfaces to have LDP-IGP Synchronization enabled, issue the no mpls ldp igp sync command on those interfaces. If the LDP peer is reachable, the IGP waits indefinitely (by default) for synchronization to be achieved. To limit the length of time the IGP session must wait, enter the mpls ldp igp sync holddown command. If the LDP peer is not reachable, the IGP establishes the adjacency to enable the LDP session to be established. When an IGP adjacency is established on a link but LDP-IGP Synchronization is not yet achieved or is lost, the IGP advertises the max-metric on that link.
Q148. Refer to the exhibit.
Which statement about this IP SLA is true?
A. The SLA must also have a schedule configured before it will start.
B. The TTL of the SLA packets is 10.
C. The SLA has a timeout of 3.6 seconds.
D. The SLA has a lifetime of 5 seconds.
When you configure an IP SLAs operation, you must schedule the operation to begin capturing statistics and collecting error information. You can schedule an operation to start immediately or to start at a certain month, day, and hour. You can use the pending option to set the operation to start at a later time. The pending option is an internal state of the operation that is visible through SNMP. The pending state is also used when an operation is a reaction (threshold) operation waiting to be triggered. You can schedule a single IP SLAs operation or a group of operations at one time. We can see in this output that the IP SLA is still in a pending trigger state.
Q149. Which two statements about proxy ARP are true? (Choose two.)
A. It is supported on networks without ARP.
B. It allows machines to spoof packets.
C. It must be used on a network with the host on a different subnet.
D. It requires larger ARP tables.
E. It reduces the amount of ARP traffic.
Disadvantages of Proxy ARP
Hosts have no idea of the physical details of their network and assume it to be a flat network in which they can reach any destination simply by sending an ARP request. But using ARP for everything has disadvantages. These are some of the disadvantages:
It increases the amount of ARP traffic on your segment.
Hosts need larger ARP tables in order to handle IP-to-MAC address mappings.
Security can be undermined. A machine can claim to be another in order to intercept packets, an act called "spoofing."
It does not work for networks that do not use ARP for address resolution.
It does not generalize to all network topologies. For example, more than one router that connects two physical networks.
Q150. Which statement is true about Fast Link Pulses in Ethernet?
A. They are used during collision detection.
B. They are used only if the media type is optical.
C. They are part of UniDirectional Link Detection.
D. They are used during autonegotiation.
To make sure that your connection is operating properly, IEEE 802.3 Ethernet employs normal link pulses (NLPs), which are used for verifying link integrity in a 10BaseT system. This signaling gives you the link indication when you attach to the hub and is performed between two directly connected link interfaces (hub-to-station or station-to-station). NLPs are helpful in determining that a link has been established between devices, but they are not a good indicator that your cabling is free of problems. An extension of NLPs is fast link pulses. These do not perform link tests, but instead are employed in the autonegotiation process to advertise a device's capabilities.