Ensurepass
2017 July Cisco Official New Released 400-101 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/400-101.html

CCIE Routing and Switching Written Exam v5.1

QUESTION 31

Refer to the exhibit. Which statement is true?

 

clip_image002

 

A.

There is no issue with forwarding IPv6 traffic from this router.

B.

IPv6 traffic can be forwarded from this router, but only on Ethernet1/0.

C.

IPv6 unicast routing is not enabled on this router.

D.

Some IPv6 traffic will be blackholed from this router.

 

< font style="font-size: 10pt">Correct Answer: D

Explanation:

Here we see that the IPV6 default route shows two different paths to take, one via Ethernet 1/0 and one via Ethernet 0/0. However, only Eth 1/0 shows a next hop IPV6 address (the link local IPV6 address). There is no link local next hop addressed known on Eth 0/0. Therefore, traffic to all destinations will be load balanced over the two paths, but only half of the IPv6 traffic will be sent to the correct upsteam router.

 

 

QUESTION 32

Which type of port would have root guard enabled on it?

 

A.

A root port

B.

An alternate port

C.

A blocked port

D.

A designated port

 

Correct Answer: D

Explanation:

The root guard feature provides a way to enforce the root bridge placement in the network. The root guard ensures that the port on which root guard is enabled is the designated port. Normally, root bridge ports are all designated ports, unless two or more ports of the root bridge are connected together. If the bridge receives superior STP Bridge Protocol Data Units (BPDUs) on a root guard-enabled port, root guard moves this port to a root-inconsistent STP state. This root- inconsistent state is effectively equal to a listening state. No traffic is forwarded across this port. In this way, the root guard enforces the position of the root bridge.

Reference: http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/10588-74.html

 

 

QUESTION 33

Which three statements describe the characteristics of a VPLS architecture? (Choose three.)

 

A.

It forwards Ethernet frames.

B.

It maps MAC address destinations to IP next hops.

C.

It supports MAC address aging.

D.

It replicates broadcast and multicast frames to multiple ports.

E.

It conveys MAC address reachability information in a separate control protocol.

F.

It can suppress the flooding of traffic.

 

Correct Answer: ACD

Explanation:

As a VPLS forwards Ethernet frames at Layer 2, the operation of VPLS is exactly the same as that found within IEEE 802.1 bridges in that VPLS will self learn source MAC address to port associations, and frames are forwarded based upon the destination MAC address. Like other 802.1 bridges, MAC address aging is supported.

Reference: http://www.cisco.com/en/US/products/hw/routers/ps368/products_white_paper09186a00801f6084.shtml

 

 

QUESTION 34

Which statement about the feasibility condition in EIGRP is true?

 

A.

The prefix is reachable via an EIGRP peer that is in the routing domain of the router.

B.

The EIGRP peer that advertises the prefix to the router has multiple paths to the destination.

C.

The EIGRP peer that advertises the prefix to the router is closer to the destination than the router.

D.

The EIGRP peer that advertises the prefix cannot be used as a next hop to reach the destination.

 

Correct Answer: C

Explanation:

The advertised metric from an EIGRP neighbor (peer) to the local router is called Advertised Distance (or reported distance) while the metric from the local router to that network is called Feasible Distance. For example, R1 advertises network 10.10.10.0/24 with a metric of 20 to R2. For R2, this is the advertised distance. R2 calculates the feasible distance by adding the metric from the advertised router (R1) to itself. So in this case the feasible distance to network 10.10.10.0/24 is 20 + 50 = 70.

 

clip_image003

 

Before a router can be considered a feasible successor, it must pass the feasibility condition rule. In short, the feasibility condition says that if we learn about a prefix from a neighbor, the advertised distance from that neighbor to the destination must be lower than our feasible distance to that same destination.

Therefore we see the Advertised Distance always smaller than the Feasible Distance to satisfy the feasibility condition.

 

 

QUESTION 35

Where is multicast traffic sent, when it is originated from a spoke site in a DMVPN phase 2 cloud?

 

A.

spoke-spoke

B.

nowhere, because multicast does not work over DMVPN

C.

spoke-spoke and spoke-hub

D.

spoke-hub

 

Correct Answer: D

Explanation:

Spokes map multicasts to the static NBMA IP address of the hub, but hub maps multicast packets to the “dynamic” mappings – that is, the hub replicates multicast packets to all spokes registered via NHRP, so multicast traffic is sent to the hub from a spoke instead of to the other spokes directly.

 

 

QUESTION 36

Refer to the exhibit. Which statement is true?

 

clip_image005

 

A.

The Cisco PfR state is UP; however, the external interface Et0/1 of border router 10.1.1.1 has exceeded the maximum available bandwidth threshold.

B.

The Cisco PfR state is UP; however, an issue is preventing the border router from establishing a TCP session to the master controller.

C.

The Cisco PfR state is UP and is able to monitor traffic flows; however, MD5 authentication has not been successful between the master controller and the border routers.

D.

The Cisco PfR State is UP; however, the receive capacity was not configured for inbound traffic.

E.

The Cisco PfR state is UP, and the link utilization out-of-policy threshold is set to 90 percent for traffic exiting the external links.

Correct Answer: E

Explanation:

All three interfaces show as UP, and the capacity is set to 500 kbps, with the max threshold set to 450 kbps (90% of 500kbps).

 

 

QUESTION 37

Refer to the exhibit. Which statement about the debug behavior of the device is true?

 

clip_image006

 

A.

The device debugs all IP events for 172.16.129.4.

B.

The device sends all debugging information for 172.16.129.4.

C.

The device sends only NTP debugging information to 172.16.129.4.

D.

The device sends debugging information every five seconds.

 

Correct Answer: A

Explanation:

This is an example of a conditional debug, where there is a single condition specified of IP address 172.16.129.4. So all IP events for that address will be output in the debug.

 

 

QUESTION 38

Refer to the exhibit. Which two are causes of output queue drops on FastEthernet0/0? (Choose two.)

 

clip_image008

A.

an oversubscribed input service policy on FastEthernet0/0

B.

a duplex mismatch on FastEthernet0/0

C.

a bad cable connected to FastEthernet0/0

D.

an oversubscribed output service policy on FastEthernet0/0

E.

The router trying to send more than 100 Mb/s out of FastEthernet0/0

 

Correct Answer: DE

Explanation:

Output drops are caused by a congested interface. For example, the traffic rate on the outgoing interface cannot accept all packets that should be sent out, or a service policy is applied that is oversubscribed. The ultimate solution to resolve the problem is to increase the line speed. However, there are ways to prevent, decrease, or control output drops when you do not want to increase the line speed. You can prevent output drops only if output drops are a consequence of short bursts of data. If output drops are caused by a constant high-rate flow, you cannot prevent the drops. However, you can control them.

Reference: http://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/6343-queue-drops.html

 

 

QUESTION 39

Which three statements about implementing a NAT application layer gateway in a network are true? (Choose three.)

 

A.

It allows client applications to use dynamic ports to communicate with a server regardless of whether NAT is being used.

B.

It maintains granular security over application-specific data.

C.

It allows synchronization between multiple streams of data between two hosts.

D.

Application layer gateway is used only in VoIP/SIP deployments.

E.

Client applications require additional configuration to use an application layer gateway.

F.

An application layer gateway inspects only the first 64 bytes of a packet before forwarding it through the network.

 

Correct Answer: ABC

Explanation:

An application-level gateway (ALG), also known as an application-layer gateway, is an application that translates the IP address information inside the payload of an application packet. An ALG is used to interpret the application-layer protocol and perform firewall and Network Address Translation (NAT) actions. These actions can be one or more of the following depending on your configuration of the firewall and NAT:

Allow client applications to use dynamic TCP or UDP ports to communicate with the server application.

Recognize application-specific commands and offer granular security control over them.

Synchronize multiple streams or sessions of data between two hosts that are exchanging data.

Translate the network-layer address information that is available in the application payload.

 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/asr1000/nat-xe-3s-asr1k-book/fw-msrpc-supp.html

 

 

QUESTION 40

Which three actions are required when configuring NAT-PT? (Choose three.)

 

A.

Enable NAT-PT globally.

B.

Specify an IPv4-to-IPv6 translation.

C.

Specify an IPv6-to-IPv4 translation.

D.

Specify a ::/96 prefix that will map to an IPv4 address.

E.

Specify a ::/48 prefix that will map to a MAC address.

F.

Specify a ::/32 prefix that will map to an IPv6 address.

 

Correct Answer: BCD

Explanation:

The detailed steps on configuring NAY-PT is found at the reference link below:

Reference: http://www.cisco.com/c/en/us/td/docs/ios/ipv6/configuration/guide/12_4t/ipv6_12_4t_book/ip6- nat_trnsln.html

100% Free Download!
—Download Free Demo:400-101 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 400-101 Full Exam PDF and VCE Q&As:1299
—Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE