It is more faster and easier to pass the Cisco 400-101 exam by using Actual Cisco CCIE Routing and Switching (v5.0) questuins and answers. Immediate access to the Latest 400-101 Exam and find the same core area 400-101 questions with professionally verified answers, then PASS your exam with a high score now.
Q161. DRAG DROP
Drag and drop each BGP attribute on the left to the matching description on the right.
Q162. Refer to the exhibit.
If router R1 is functioning as a DHCPv6 server and you enter the command show ipv6 dhcp binding, which two options are pieces of information in the output? (Choose two.)
A. The IA PD
B. The DUID
C. The prefix pool
D. The DNS server
E. The Rapid-Commit setting
In the following example, the show ipv6 dhcp binding command shows information about two clients, including their DUIDs, IAPDs, prefixes, and preferred and valid lifetimes:
Router# show ipv6 dhcp binding
Client: FE80::202:FCFF:FEA5:DC39 (GigabitEthernet2/1/0)
IA PD. IA ID 0x00040001, T1 0, T2 0
preferred lifetime 180, valid lifetime 12345
expires at Nov 08 2002 02:24 PM (12320 seconds)
Client: FE80::202:FCFF:FEA5:C039 (GigabitEthernet2/1/0)
IA PD. IA ID 0x00040001, T1 0, T2 0
preferred lifetime 240, valid lifetime 54321
expires at Nov 09 2002 02:02 AM (54246 seconds)
preferred lifetime 300, valid lifetime 54333
expires at Nov 09 2002 02:03 AM (54258 seconds)
preferred lifetime 280, valid lifetime 51111
Q163. You are configuring a DMVPN spoke to use IPsec over a physical interface that is located within a VRF. For which three configuration sections must you specify the VRF name? (Choose three.)
A. the ISAKMP profile
B. the crypto keyring
C. the IPsec profile
D. the IPsec transform set
E. the tunnel interface
F. the physical interface
ip vrf forwardingvrf-name
Router(config-if)# ip vrf forwarding green
Associates a virtual private network (VPN) routing and forwarding (VRF) instance with an interface or subinterface.
. vrf-name is the name assigned to a VRF.
Router(config-if)# tunnel vrfvrf-name
Router(config-if)# tunnel vrf finance1
Associates a VPN routing and forwarding (VRF) instance with a specific tunnel destination. vrf-name is the name assigned to a VRF.
Router(config)# crypto keyringkeyring-name [vrf fvrf-name]
Defines a crypto keyring to be used during IKE authentication and enters keyring configuration mode.
. keyring-name—Name of the crypto keyring.
. fvrf-name—(Optional) Front door virtual routing and forwarding (FVRF) name to which the keyring will be referenced. fvrf-name must match the FVRF name that was defined during virtual routing and forwarding (VRF) configuration
Q164. DRAG DROP
Drag and drop the LACP elements on the left into the correct priority order in the hot-standby port-selection process on the right.
Q165. DRAG DROP
Drag and drop the SNMP element on the left to the corresponding definition on the right.
Q166. Which three protocols can use enhanced object tracking? (Choose three.)
The Enhanced Object Tracking feature separates the tracking mechanism from HSRP and creates a separate standalone tracking process that can be used by other processes and HSRP. This feature allows tracking of other objects in addition to the interface line-protocol state. A client process such as HSRP, Virtual Router Redundancy Protocol (VRRP), or Gateway Load Balancing Protocol (GLBP), can register its interest in tracking objects and then be notified when the tracked object changes state.
Q167. You are configuring Wireshark on a Cisco Catalyst 4500E Switch with a Supervisor 8. Which three actions can you take to prevent the capture from overloading the CPU? (Choose three.)
A. Attach the specific ports that are part of the data path.
B. Use an in-line filter.
C. Use an appropriate ACL.
D. Add memory to the Supervisor.
E. Reconfigure the buffers to accommodate the additional traffic.
F. Configure a policy map, class map, and an access list to express the match conditions.
Because packet forwarding typically occurs in hardware, packets are not copied to the CPU for software processing. For Wireshark packet capture, packets are copied and delivered to the CPU, which causes an increase in CPU usage. To avoid high CPU, do the following:
. Attach only relevant ports.
. Use a class map, and secondarily, an access list to express match conditions. If neither is viable, use an explicit, in-line filter.
. Adhere closely to the filter rules. Restrict the traffic type (such as, IPv4 only) with a restrictive, rather than relaxed ACL, which elicits unwanted traffic.
Q168. Which problem can result when private AS numbers are included in advertisements that are sent to the global Internet BGP table?
A. The prefixes sent with private AS numbers are always discarded on the Internet.
B. The prefixes sent with private AS numbers are always tagged as invalid on the Internet.
C. The prefixes sent with private AS numbers lack uniqueness, which can lead to a loss of connectivity.
D. The prefixes sent with private AS numbers are sometimes tagged as invalid on the Internet.
Private AS numbers are not meant to be used for global Internet BGP routing, as they are assigned locally and can be used by any organization. They are meant to enable BGP within a enterprise or VPN, but since these numbers can be used by any organization they are not unique and could cause connectivity loss if leaked to the Internet.
Q169. DRAG DROP
Q170. Which VPN technology requires the use of an external key server?
E. IPsec F. L2TPv3
A GETVPN deployment has primarily three components, Key Server (KS), Group Member (GM), and Group Domain of Interpretation (GDOI) protocol. GMs do encrypt/decrypt the traffic and KS distribute the encryption key to all the group members. The KS decides on one single data encryption key for a given life time. Since all GMs use the same key, any GM can decrypt the traffic encrypted by any other GM. GDOI protocol is used between the GM and KS for group key and group SA management. Minimum one KS is required for a GETVPN deployment.
To know more about the 400-101, click here.