Our pass rate is high to 98.9% and the similarity percentage between our 400 101 dumps study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Cisco 400 101 vce exam in just one try? I am currently studying for the Cisco 400 101 pdf exam. Latest Cisco 400 101 pdf Test exam practice questions and answers, Try Cisco cisco 400 101 Brain Dumps First.
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 400-101 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/400-101-exam-dumps.html
Q481. Which two protocols are not protected in an edge router by using control plane policing? (Choose two.)
A. SMTP
B. RPC
C. SSH
D. Telnet
Answer: A,B
Explanation:
A CoPP policy can limit a number of different packet types that are forwarded to the control plane. Traffic destined for the switch CPU includes:
. Address Resolution Protocol (ARP)
. First-hop redundancy protocol packets
. Layer 2 control packets
. Management packets (telnet, Secure Shell [SSH] Protocol, Simple Network Management Protocol [SNMP]) <--- C and D are not correct.
. Multicast control packets
. Routing protocol packets
. Packets with IP options
. Packets with time to live (TTL) set to 1
. Packets that require ACL logging
. Packets that require an initial lookup (first packet in a flow: FIB miss)
. Packets that have don't support hardware switching/routing
Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/white_paper_c11_553261.html
Q482. Which two options are mandatory components of a multiprotocol BGP VPN-IPv4 address? (Choose two.)
A. a route distinguisher
B. an IPv4 address
C. a route target
D. an MPLS label
E. a system ID
F. an area ID
Answer: A,B
Explanation:
The IP prefix is a member of the IPv4 address family. After the PE device learns the IP prefix, the PE converts it into a VPN-IPv4 prefix by combining it with an 8-byte route distinguisher (RD). The generated prefix is a member of the VPN-IPv4 address family. It uniquely identifies the customer address, even if the customer site is using globally nonunique (unregistered private) IP addresses. The route distinguisher used to generate the VPN-IPv4 prefix is specified by a configuration command associated with the virtual routing and forwarding (VRF) instance on the PE device.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/15-mt/mp-l3-vpns-15-mt-book/mp-bgp-mpls-vpn.html
Q483. Independent, multiple OSPF processes are entered on the same router, and the processes have the same destination route. Which OSPF process is used?
A. The route with the fewest hops is used.
B. Both processes are used to load balance the traffic.
C. The first route process that places a route into the routing table is used.
D. The route with the shortest prefix is used.
Answer: C
Q484. Which two statements about UDP and latency are true? (Choose two.)
A. UDP is connection oriented, so the size of a UDP stream is independent of latency.
B. UDP is connection oriented, so latency can increase the size of a UDP stream.
C. UDP is connectionless, so latency can increase the size of a UDP stream.
D. If latency decreases, throughput also decreases.
E. If latency increases, throughput also increases.
F. Latency can cause jitter on UDP connections.
Answer: C,F
Q485. Which two configuration changes should be made on the OTP interface of an EIGRP OTP route reflector? (Choose two.)
A. passive-interface
B. no split-horizon
C. no next-hop-self
D. hello-interval 60, hold-time 180
Answer: B,C
Explanation:
The EIGRP Over the Top feature enables a single end-to-end Enhanced Interior Gateway Routing Protocol (EIGRP) routing domain that is transparent to the underlying public or private WAN transport that is used for connecting disparate EIGRP customer sites. When an enterprise extends its connectivity across multiple sites through a private or a public WAN connection, the service provider mandates that the enterprise use an additional routing protocol, typically the Border Gateway Protocol (BGP), over the WAN links to ensure end-to-end routing. The use of an additional protocol causes additional complexities for the enterprise, such as additional routing processes and sustained interaction between EIGRP and the routing protocol to ensure connectivity, for the enterprise. With the EIGRP Over the Top feature, routing is consolidated into a single protocol (EIGRP) across the WAN.
Perform this task to configure a customer edge (CE) device in a network to function as an EIGRP Route Reflector:
1. enable
2. configure terminal
3. router eigrp virtual-name
4. address-family ipv4 unicast autonomous-system as-number
5. af-interface interface-type interface-number
6. no next-hop-self
7. no split-horizon
8. exit
9. remote-neighbors source interface-type interface-number unicast-listen lisp-encap
10. network ip-address
11. end
Note. Use no next-hop-self to instruct EIGRP to use the received next hop and not the local outbound interface address as the next hop to be advertised to neighboring devices. If no next-hop-self is not configured, the data traffic will flow through the EIGRP Route Reflector.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-xe-3s-book/ire-eigrp-over-the-top.html
Q486. DRAG DROP
Drag and drop the NHRP flag on the left to the corresponding meaning on the right.
Answer:
Q487. Which object tracking function tracks the combined states of multiple objects?
A. application
B. interface
C. stub-object
D. list
Answer: D
Q488. The session status for an IPsec tunnel with IPv6-in-IPv4 is down with the error message IKE message from 10.10.1.1 failed its sanity check or is malformed.
Which statement describes a possible cause of this error?
A. There is a verification failure on the IPsec packet.
B. The SA has expired or has been cleared.
C. The pre-shared keys on the peers are mismatched.
D. There is a failure due to a transform set mismatch.
E. An incorrect packet was sent by an IPsec peer.
Answer: C
Explanation:
IKE Message from X.X.X.X Failed its Sanity Check or is Malformed This debug error appears if the pre-shared keys on the peers do not match. In order to fix this issue, check the pre-shared keys on both sides. 1d00H:%CRPTO-4-IKMP_BAD_MESSAGE. IKE message from 150.150.150.1 failed its sanity check or is malformed.
Reference: http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html#ike
Q489. Which two statements about OSPF are true? (Choose two.)
A. External type 2 routes are preferred over interarea routes.
B. Intra-area routes are preferred over interarea routes.
C. External type 1 routes are preferred over external type 2 routes.
D. External type 1 routes are preferred over intra-area routes.
E. External type 2 routes are preferred over external type 1 routes.
Answer: B,C
Q490. Which two tasks are required for configuring SNMP to send traps on a Cisco IOS device? (Choose two.)
A. Create access controls for an SNMP community.
B. Configure SNMP notifications.
C. Configure the SNMP agent.
D. Configure SNMP status monitoring and troubleshooting.
E. Configure SNMP server group names.
F. Configure the SNMP server engine ID.
Answer: A,B
Explanation:
The best current practices recommend applying Access Control Lists (ACLs) to community strings and ensuring that the requests community strings are not identical to notifications community strings. Access lists provide further protection when used in combination with other protective measures. This example sets up ACL to community string:
access-list 1 permit 1.1.1.1 snmp-server community string1 ro 1
. SNMP Notifications
A key feature of SNMP is the ability to generate notifications from an SNMP agent. These notifications do not require that requests be sent from the SNMP manager. Unsolicited (asynchronous) notifications can be generated as traps or inform requests. Traps are messages alerting the SNMP manager to a condition on the network. Inform requests (informs) are traps that include a request for confirmation of receipt from the SNMP manager. Notifications can indicate improper user authentication, restarts, the closing of a connection, loss of connection to a neighbor router, or other significant events.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf014.h tml#wp1007320
