♥♥ 2021 NEW RECOMMEND ♥♥

Free VCE & PDF File for Cisco 400-101 Real Exam (Full Version!)

★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions

Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on: http://www.surepassexam.com/400-101-exam-dumps.html

Q421. Refer to the exhibit. 

Which two routes are included in the route update? (Choose two.) 






Answer: C,D 


This access list will permit the,,, and subnets. 

Q422. Which two statements about Inverse ARP are true? (Choose two.) 

A. It uses the same operation code as ARP. 

B. It uses the same packet format as ARP. 

C. It uses ARP stuffing. 

D. It supports static mapping. 

E. It translates Layer 2 addresses to Layer 3 addresses. 

F. It translates Layer 3 addresses to Layer 2 addresses. 

Answer: B,E 


Inverse Address Resolution Protocol (Inverse ARP or InARP) is used to obtain Network Layer addresses (for example, IP addresses) of other nodes from Data Link Layer (Layer 2) addresses. It is primarily used in Frame Relay (DLCI) and ATM networks, in which Layer 2 addresses of virtual circuits are sometimes obtained from Layer 2 signaling, and the corresponding Layer 3 addresses must be available before those virtual circuits can be used. 

Since ARP translates Layer 3 addresses to Layer 2 addresses, InARP may be described as its inverse. In addition, InARP is implemented as a protocol extension to ARP: it uses the same packet format as ARP, but different operation codes. 

Reference: http://en.wikipedia.org/wiki/Address_Resolution_Protocol 

Q423. Which statement about NAT64 is true? 

A. NAT64 provides address family translation and translates IPv4 to IPv6 and IPv6 to IPv4. 

B. NAT64 provides address family translation and can translate only IPv6 to IPv4. 

C. NAT64 should be considered as a permanent solution. 

D. NAT64 requires the use of DNS64. 


Q424. Refer to the exhibit. 

Which configuration must you apply to router R2 to enable BFD?





A. Exhibit A 

B. Exhibit B 

C. Exhibit C 

D. Exhibit D 


Q425. Which congestion-avoidance or congestion-management technique can cause global synchronization? 

A. Tail drop 

B. Random early detection 

C. Weighted random early detection 

D. Weighted fair queuing 



Tail Drop 

Tail drop treats all traffic equally and does not differentiate between classes of service. Queues fill during periods of congestion. When the output queue is full and tail drop is in effect, packets are dropped until the congestion is eliminated and the queue is no longer full. 

Weighted Random Early Detection 

WRED avoids the globalization problems that occur when tail drop is used as the congestion avoidance mechanism on the router. Global synchronization occurs as waves of congestion crest only to be followed by troughs during which the transmission link is not fully utilized. Global synchronization of TCP hosts, for example, can occur because packets are dropped all at once. Global synchronization manifests when multiple TCP hosts reduce their transmission rates in response to packet dropping, then increase their transmission rates once again when the congestion is reduced. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/configuration/guide/fqos_c/qcfconav.ht ml#wp1002048 

Q426. Which two statements about the protected ports feature and the private VLAN feature are true? (Choose two.) 

A. The protected ports feature is limited to the local switch. 

B. The protected ports feature can isolate traffic between two "protected" ports on different switches. 

C. The private VLAN feature is limited to the local switch. 

D. The private VLAN feature prevents interhost communication within a VLAN across one or more switches. 

Answer: A,D 


Protected Ports (PVLAN Edge) In some network environments, there is a requirement for no traffic to be seen or forwarded between host(s) on the same LAN segment, thereby preventing interhost communications. The PVLAN edge feature provisions this isolation by creating a firewall-like barrier, thereby blocking any unicast, broadcast, or multicast traffic among the protected ports on the switch. Note that the significance of the protected port feature is limited to the local switch, and there is no provision in the PVLAN edge feature to isolate traffic between two "protected" ports located on different switches. For this purpose, the PVLAN feature can be used. 

Reference: http://www.ciscopress.com/articles/article.asp?p=1181682&seqNum=2 

Q427. Which two Cisco IOS AAA features are available with the local database? (Choose two.) 

A. command authorization 

B. network access authorization 

C. network accounting 

D. network access authentication 

Answer: A,D 


Configuring the Local Database 

This section describes how to manage users in the local database. You can use the local database for CLI access authentication, privileged mode authentication, command authorization, network access authentication, and VPN authentication and authorization. You cannot use the local database for network access authorization. The local database does not support accounting. 

Reference: http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_gd/aaa.h tml 

Q428. Refer to the exhibit. 

While reviewing a log file on a router with this NTP configuration, you note that the log entries of the router display a different time than the NTP time. 

Which action can you take to correct the problem? 

A. Add the localtime keyword to the service timestamps log datetime statement. 

B. Add the msec keyword to the service timestamps log datetime statement. 

C. Add the statement ntp broadcast to the NTP configuration of the neighboring router. 

D. Configure the router to be the NTP master. 

E. Remove the datetime keyword from the service timestamps log datetime statement. 



Drag and drop the argument of the ip cef load-sharing algorithm command on the left to the function it performs on the right. 



Drag each show command on the left to the description of its output on a PE router on the right.