Ensurepass
2017 July Cisco Official New Released 400-101 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/400-101.html

CCIE Routing and Switching Written Exam v5.1

QUESTION 161

DRAG DROP

clip_image002

 

Correct Answer:

clip_image004

 

 

QUESTION 162

Which statement about MSS is true?

 

A.

It is negotiated between sender and receiver.

B.

It is sent in all TCP packets.

C.

It is 20 bytes lower than MTU by default.

D.

It is sent in SYN packets.

E.

It is 28 bytes lower than MTU by default.

 

Correct Answer: D

Explanation:

The maximum segment size (MSS) is a parameter of the Options field of the TCP header that specifies the largest amount of data, specified in octets, that a computer or communications device can receive in a single TCP segment. It does not count the TCP header or the IP header. The IP datagram containing a TCP segment may be self-contained within a single packet, or it may be reconstructed from several fragmented pieces; either way, the MSS limit applies to the total amount of data contained in the final, reconstructed TCP segment. The default TCP Maximum Segment Size is 536. Where a host wishes to set the maximum segment size to a value other than the default, the maximum segment size is specified as a TCP option, initially in the TCP SYN packet during the TCP handshake. The value cannot be changed after the connection is established.

Reference: http://en.wikipedia.org/wiki/Maximum_segment_size

 

 

 

 

 

 

 

 

QUESTION 163

Refer to the exhibit. All switches have default bridge priorities, and originate BPDUs with MAC addresses as indicated. The numbers shown are STP link metrics. Which two ports are in blocking state after STP converges? (Choose two.)

 

clip_image005

 

A.

the port on switch SWD that connects to switch SWE

B.

the port on switch SWF that connects to switch SWG

C.

the port on switch SWD that connects to switch SWC

D.

the port on switch SWB that connects to switch SWD

 

Correct Answer: CD

Explanation:

This is a scenario that wants you to demonstrate understanding of the Root switch and Root port election process. So, it’s best to start with where the root switch will be and work down from there. It’s setup nicely because the lowest MAC address switch starts at the top and then the lower priority/higher mac addresses move down the architecture. SWA wins the root election and of course all ports in SWA are forwarding. SWB introduces the possibility for a switching loop so it’s important to understand which ports will be put into the blocking state. Since SWD is a higher MAC address it will end up with a blocked port connected to SWB to prevent a loop: and this is one of the correct answers. To prevent the possibility of another potential switching loop, SWD again ends up with the higher MAC address so blocking the link between D and C prevents a B/C/D switching loop.

 

 

QUESTION 164

Which authentication method does OSPFv3 use to secure communication between neighbors?

 

A.

plaintext

B.

MD5 HMAC

C.

PKI

D.

IPSec

 

Correct Answer: D

Explanation:

In order to ensure that OSPFv3 packets are not altered and re-sent to the device, causing the device to behave in a way not desired by its system administrators, OSPFv3 packets must be authenticated. OSPFv3 uses the IPsec secure socket API to add authentication to OSPFv3 packets. This API supports IPv6.

OSPFv3 requires the use of IPsec to enable authentication. Crypto images are required to use authentication, because only crypto images include the IPsec API needed for use with OSPFv3. Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-sy/iro-15-sy-book/ip6-route-ospfv3-auth-ipsec.html

 

 

QUESTION 165

Which mechanism does Cisco recommend for CE router interfaces that face the service provider for an EVPL circuit with multiple EVCs and multiple traffic classes?

 

A.

HCBWFQ

B.

LLQ

C.

tail drop

D.

WRED

 

Correct Answer: A

Explanation:

In a simple handoff, packets may be discarded in the service provider network, either because of congestion on a link without an appropriate QoS policy or because of a policer QoS configuration on the service provider network that serves to rate limit traffic accessing the WAN core. To address these issues, QoS on the CE device is applied at a per-port level. A QoS service policy is configured on the outside Ethernet interface, and this parent policy includes a shaper that then references a second or subordinate (child) policy that enables queueing within the shaped rate. This is called a hierarchical CBWFQ (HCBWFQ) configuration.

Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/Ethernet_Access_for_ NG_MAN_WAN_V3-1_external.html

 

 

QUESTION 166

Which statement about a type 4 LSA in OSPF is true?

 

A.

It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ASBR.

B.

It is an LSA that is originated by an ASBR, that is flooded throughout the AS, and that describes a route to the ASBR.

C.

It is an LSA that is originated by an ASBR, that is flooded throughout the area, and that describes a route to the ASBR.

D.

It is an LSA that is originated by an ABR, that is flooded throughout the AS, and that describes a route to the ABR.

E.

It is an LSA that is originated by an ABR, that is flooded throughout the area, and that describes a route to the ASBR.

 

Correct Answer: E

Explanation:

LSA Type 4 (called Summary ASBR LSA) is generated by the ABR to describe an ASBR to routers in other areas so that routers in other areas know how to get to external routes through that ASBR.

 

 

QUESTION 167

What is a reason to use DHCPv6 on a network that uses SLAAC?

 

A.

To get a record of the IPs that are used by the clients

B.

To push DNS and other information to the clients

C.

No reason, because there is no need for DHCPv6 when using SLAAC

D.

Because DHCPv6 can be used only in stateful mode with SLAAC to record the IPs of the clients

E.

Because DHCPv6 can be used only in stateless mode with SLAAC to record the IPs of the clients

F.

Because DHCPv6 is required to use first-hop security features on the switches

 

Correct Answer: B

Explanation:

SLAAC is by far the easiest way to configure IPv6 addresses, simply because you don’t have to configure any IPv6 address. With SLAAC, a host uses the IPv6 Neighbor Discovery Protocol (NDP) to determine its IP address and default routers. Using SLAAC, a host requests and listens for Router Advertisements (RA) messages, and then taking the prefix that is advertised to form a unique address that can be used on the network. For this to work, the prefix that is advertised must advertise a prefix length of 64 bits (i.e., /64). But the most significant of Stateless Address Autoconfiguration (SLAAC) is it provided no mechanism for configuring DNS resolver information.Therefore SLACC can be used along with DHCPv6 (Stateless) to push DNS and other information to the clients.

 

 

QUESTION 168

For which kind of MPLS deployment is the next-hop-self all keyword used on a BGP neighbor command?

 

A.

6VPE

B.

MPLS Carrier’s carrier

C.

inter-AS MPLS VPN option D

D.

inter-AS MPLS VPN option C

E.

Unified MPLS

 

Correct Answer: E

Explanation:

Since the core and aggregation parts of the network are integrated and end-to-end LSPs are provided, the Unified MPLS solution is also referred to as “Seamless MPLS.”

New technologies or protocols are not used here, only MPLS, Label Distribution Protocol (LDP), IGP, and BGP. Since you do not want to distribute the loopback prefixes of the PE routers from one part of the network into another part, you need to carry the prefixes in BGP. The Internal Border Gateway Protocol (iBGP) is used in one network, so the next hop address of the prefixes is the loopback prefixes of the PE routers, which is not known by the IGP in the other parts of the network. This means that the next hop address cannot be used to recurse to an IGP prefix. The trick is to make the ABR routers Route Reflectors (RR) and set the next hop to self, even for the reflected iBGP prefixes. In order for this to work, a new knob is needed.

Only the RRs need newer software to support this architecture. Since the RRs advertise the BGP prefixes with the next hop set to themselves, they assign a local MPLS label to the BGP prefixes. This means that in the data plane, the packets forwarded on these end-to-end LSPs have an extra MPLS label in the label stack. The RRs are in the forwarding path.

There are two possible scenarios:

The ABR does not set the next hop to self for the prefixes advertised (reflected by BGP) by the ABR into the aggregation part of the network. Because of this, the ABR needs to redistribute the loopback prefixes of the ABRs from the core IGP into the aggregation IGP. If this is done, there is still scalability. Only the ABR loopback prefixes (from the core) need to be advertised into the aggregation part, not the loopback prefixes from the PE routers from the remote aggregation parts.

The ABR sets the next hop to self for the prefixes advertised (reflected by BGP) by the ABR into the aggregation part. Because of this, the ABR does not need to redistribute the loopback prefixes of the ABRs from the core IGP into the aggregation IGP.

In both scenarios, the ABR sets the next hop to self for the prefixes advertised (reflected by BGP) by the ABR from the aggregation part of the network into the core part. If this is not done, the ABR needs to redistribute the loopback prefixes of the PEs from the aggregation IGP into the core IGP.

If this is done, there is no scalability.

In order to set the next hop to self for reflected iBGP routes, you must configure the neighbor x.x.x.x next-hop-self all command.

Reference: http://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/mpls/116127-configure-technology-00.html

 

 

QUESTION 169

Refer to the exhibit. A PE router is configured with a policy map that contains the policer shown. The policy map is configured in the inbound direction of an interface facing a CE router. If the PE router receives 12Mb/s of traffic with the CoS value set to 7 on a 100-Mb/s interface from the CE router, what value of MPLS EXP is set when this traffic goes through the policer shown?

 

clip_image007

 

A.

0

B.

6

C.

7

D.

8

 

Correct Answer: B

Explanation:

Here, the policer is set where the conforming traffic is set to 10 percent of the 100 Mbps interface, so anything more than 10 Mbps will be placed into the exceeding traffic class, the traffic EXP value will be changed from 7 to 6 per the configuration.

 

 

QUESTION 170

Which circumstance can cause packet loss due to a microburst?

 

A.

slow convergence

B.

a blocked spanning-tree port

C.

process switching

D.

insufficient buffers

 

Correct Answer: D

Explanation:

Micro-bursting is a phenomenon where rapid bursts of data packets are sent in quick succession, leading to periods of full line-rate transmission that can overflow packet buffers of the network stack, both in network endpoints and routers and switches inside the network. Symptoms of micro bursts will manifest in the form of ignores and/ or overruns (also shown as accumulated in “input error” counter within show interface output). This is indicative of receive ring and corresponding packet buffer being overwhelmed due to data bursts
coming in over extremely short period of time (microseconds).

Reference: http://ccieordie.com/?tag=micro-burst

100% Free Download!
—Download Free Demo:400-101 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 400-101 Full Exam PDF and VCE Q&As:1299
—Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE