Pinpoint of ccie 400 101 free practice questions materials and torrent for Cisco certification for examinee, Real Success Guaranteed with Updated passleader 400 101 pdf dumps vce Materials. 100% PASS CCIE Routing and Switching (v5.0) exam Today!
♥♥ 2021 NEW RECOMMEND ♥♥
Free VCE & PDF File for Cisco 400-101 Real Exam (Full Version!)
★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on:
http://www.surepassexam.com/400-101-exam-dumps.html
Q351. Refer to the exhibit.
Which route type is displayed when you enter the command show ip route supernets-only on a device with this configuration?
A. Connected
B. OSPF
C. RIP
D. EIGRP
E. An empty route set
Answer: E
Explanation:
This command shows supernets only; it does not show subnets. In this case, the routing table would contain the 10.0.0.0/24 subnet, but not the 10.0.0.0/8 supernet.
Q352. Refer to the exhibit.
What is a possible reason for the IPSec tunnel not establishing?
A. The peer is unreachable.
B. The transform sets do not match.
C. The proxy IDs are invalid.
D. The access lists do not match.
Answer: D
Explanation:
Proxy Identities Not Supported
This message appears in debugs if the access list for IPsec traffic does not match.
1d00h: IPSec(validate_transform_proposal): proxy identities not supported
1d00h: ISAKMP: IPSec policy invalidated proposal
1d00h: ISAKMP (0:2): SA not acceptable!
The access lists on each peer needs to mirror each other (all entries need to be reversible).
This example illustrates this point.
Peer A
access-list 150 permit ip 172.21.113.0 0.0.0.255 172.21.114.0 0.0.0.255
access-list 150 permit ip host 15.15.15.1 host 172.21.114.123
Peer B
access-list 150 permit ip 172.21.114.0 0.0.0.255 172.21.113.0 0.0.0.255
access-list 150 permit ip host 172.21.114.123 host 15.15.15.1
Reference:
http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html#proxy
Q353. Which two statements about class maps are true? (Choose two.)
A. As many as eight DSCP values can be included in a match dscp statement.
B. The default parameter on a class map with more than one match command is match-any.
C. The match class command can nest a class map within another class map.
D. A policy map can be used to designate a protocol within a class map.
Answer: A,C
Explanation:
Answer A.
Router(config-cmap)# match [ip] dscp dscp-value [dscp-value dscp-value dscp-value
dscp-value dscp-value dscp-value dscp-value]
(Optional) Identifies a specific IP differentiated service code point (DSCP) value as a match criterion. Up to eight DSCP values can be included in one match statement.
Answer C.
Router config-cmap)# match class-map class-name (Optional) Specifies the name of a traffic class to be used as a matching criterion (for nesting traffic class [nested class maps] within one another).
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/configuration/guide/fqos_c/qcfmcli2.html
Q354. Refer to the exhibit.
Which statement about this COS-DSCP mapping is true?
A. The expedited forwarding DSCP is mapped to COS 3.
B. COS 16 is mapped to DSCP 2.
C. The default COS is mapped to DSCP 32.
D. This mapping is the default COS-DSCP mapping on Cisco switches.
Answer: A
Explanation:
Here we see that COS 3 is mapped to DSCP 46, which is the Expedited forwarding class: The Expedited Forwarding (EF) model is used to provide resources to latency (delay) sensitive real-time, interactive traffic. The EF model uses one marking -- DSCP 46.
Q355. Refer to the exhibit.
Which additional configuration is necessary for R1 and R2 to become OSPF neighbors?
A. R1
!
router ospf 1
no passive-interface Fastethernet0/0
!
B. R2
!
router ospf 10
no network 10.1.1.6 0.0.0.0 area 0
network 10.1.1.6 0.0.0.0 area 1
!
C. R1
!
interface FastEthernet0/0
ip ospf mtu-ignore
!
R2
!
interface FastEthernet0/1
ip ospf mtu-ignore !
D. R1
!
no router ospf 1
router ospf 10
network 10.1.1.5 0.0.0.0 area 0
Answer: A
Explanation:
Because the passive interface default command is used, by default all interfaces are passive and no neighbors will form on these interfaces. We need to disable passive interface on the link to R2 by using the “no passive-interface Fastethernet0/0” on R1 under OSPF.
Q356. Refer to the exhibit.
If the downstream router has a summary route configured, which two actions must you take on the local router to create the summary route that summarizes all routes from the downstream router? (Choose two.)
A. Configure the summary address on the interface.
B. Use 10.0.0.0 255.248.0.0 as the summary route.
C. Configure the summary address in the EIGRP process.
D. Use 10.0.0.0 255.252.0.0 as the summary route.
E. Configure a route map to permit the route.
F. Configure a distribute list in.
Answer: A,B
Explanation:
Route summarization works in conjunction with the ip summary-address eigrp interface configuration command, in which additional summarization can be performed. To correctly summarize all the networks shown, the correct route to use is 10.0.0.0 255.248.0.0
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/ip/configuration/guide/fipr_c/1cfeigrp.html
Q357. Which option is a core event publisher for EEM?
A. Timer
B. Policy Director
C. Applet
D. Script
Answer: A
Explanation:
EEM is a flexible, policy-driven framework that supports in-box monitoring of different components of the system with the help of software agents known as event detectors. The figure below shows the relationship between the EEM server, core event publishers (event detectors), and the event subscribers (policies). Basically, event publishers screen events and publish them when there is a match on an event specification that is provided by the event subscriber. Event detectors notify the EEM server when an event of interest occurs. The EEM policies that are configured using the Cisco command-line interface (CLI) then implement recovery on the basis of the current state of the system and the actions specified in the policy for the given event. EEM offers the ability to monitor events and take informational or corrective action when the monitored events occur or when a threshold is reached. An EEM policy is an entity that defines an event and the actions to be taken when that event occurs. There are two types of EEM policies: an applet or a script. An applet is a simple form of policy that is defined within the CLI configuration. A script is a form of policy that is written in Tool Command Language (Tcl).
Figure 1. Embedded Event Manager Core Event Detectors
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/eem/configuration/15-mt/eem-15-mt-book/eem-overview.html
Q358. Refer to the exhibit.
Which statement about the debug behavior of the device is true?
A. The device debugs all IP events for 172.16.129.4.
B. The device sends all debugging information for 172.16.129.4.
C. The device sends only NTP debugging information to 172.16.129.4.
D. The device sends debugging information every five seconds.
Answer: A
Explanation:
This is an example of a conditional debug, where there is a single condition specified of IP address 172.16.129.4. So, all IP events for that address will be output in the debug.
Q359. Which two statements about private VLANs are true? (Choose two.)
A. Only one isolated VLAN can be mapped to a primary VLAN.
B. Only one community VLAN can be mapped to a primary VLAN.
C. Multiple isolated VLANs can be mapped to a primary VLAN.
D. Multiple community VLANs can be mapped to a primary VLAN.
Answer: A,D
Explanation:
An isolated VLAN is a secondary VLAN that carries unidirectional traffic upstream from the hosts toward the promiscuous ports. You can configure only one isolated VLAN in a PVLAN domain. An isolated VLAN can have several isolated ports. The traffic from each isolated port also remains completely separate. Only one isolated VLAN can be mapped under a given primary VLAN. A community VLAN is a secondary VLAN that carries upstream traffic from the community ports to the promiscuous port and to other host ports in the same community. You can configure multiple community VLANs in a PVLAN domain. The ports within one community can communicate, but these ports cannot communicate with ports in any other community or isolated VLAN in the private VLAN.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus6000/sw/layer2/6x/b_6k_L ayer2_Config_6x/b_6k_Layer2_Config_602N12_chapter_011.html
Q360. As a best practice, when a router is configured as an EIGRP Stub, which routes should be received from its distribution neighbor?
A. the default route
B. static routes
C. internal routes only
D. internal and external routes
Answer: A
Explanation:
Stub routing is commonly used in a hub and spoke network topology. In a hub and spoke network, one or more end (stub) networks are connected to a remote router (the spoke) that is connected to one or more distribution routers (the hub). The remote router is adjacent only to one or more distribution routers. The only route for IP traffic to follow into the remote router is through a distribution router. This type of configuration is commonly used in WAN topologies where the distribution router is directly connected to a WAN. The distribution router can be connected to many more remote routers. Often, the distribution router will be connected to 100 or more remote routers. In a hub and spoke topology, the remote router must forward all nonlocal traffic to a distribution router, so it becomes unnecessary for the remote router to hold a complete routing table. Generally, the distribution router need not send anything more than a default route to the remote router.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/eigrpstb.html