400 101 pdf [Aug 2017]

Cause all that matters here is passing the Cisco ccie 400 101 exam. Cause all that you need is a high score of 400 101 pdf CCIE Routing and Switching (v5.0) exam. The only one thing you need to do is downloading Actualtests 400 101 pdf exam study guides now. We will not let you down with our money-back guarantee.

2017 NEW RECOMMEND

Free VCE & PDF File for Cisco 400-101 Real Exam
(Full Version!)

Pass on Your First TRY 100% Money Back Guarantee Realistic Practice Exam Questions

Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on:
http://www.certleader.com/400-101-dumps.html

Q451. Which two statements about UDP and latency are true? (Choose two.) 

A. UDP is connection oriented, so the size of a UDP stream is independent of latency. 

B. UDP is connection oriented, so latency can increase the size of a UDP stream. 

C. UDP is connectionless, so latency can increase the size of a UDP stream. 

D. If latency decreases, throughput also decreases. 

E. If latency increases, throughput also increases. 

F. Latency can cause jitter on UDP connections. 

Answer: C,F 

Q452. What is a cause for unicast flooding? 

A. Unicast flooding occurs when multicast traffic arrives on a Layer 2 switch that has directly connected multicast receivers. 

B. When PIM snooping is not enabled, unicast flooding occurs on the switch that interconnects the PIM-enabled routers. 

C. A man-in-the-middle attack can cause the ARP cache of an end host to have the wrong MAC address. Instead of having the MAC address of the default gateway, it has a MAC address of the man-in-the-middle. This causes all traffic to be unicast flooded through the man-in-the-middle, which can then sniff all packets. 

D. Forwarding table overflow prevents new MAC addresses from being learned, and packets destined to those MAC addresses are flooded until space becomes available in the forwarding table. 

Answer:

Explanation: 

Causes of Flooding The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on). Below case studies display most common reasons for destination MAC address not being known to the switch. 

Cause 1: Asymmetric Routing 

Large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links 

Cause 2: Spanning-Tree Protocol Topology Changes 

Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur 

Cause 3: Forwarding Table Overflow 

Another possible cause of flooding can be overflow of the switch forwarding table. In this case, new addresses cannot be learned and packets destined to such addresses are flooded until some space becomes available in the forwarding table. New addresses will then be learned. This is possible but rare, since most modern switches have large enough forwarding tables to accommodate MAC addresses for most designs. 

Reference: 

http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/23563-143.html 

Q453. Which two statements about IS-IS wide metrics are true? (Choose two.) 

A. The wide metric is a 24-bit field. 

B. The maximum link metric is 16777215. 

C. R3 and R4 periodically advertise PNSP messages to synchronize the IS-IS database. 

D. IS-IS devices that are enabled with wide metrics can become neighbors with a device that uses standard metrics. 

E. The maximum link metric is 4261412864. 

F. The maximum path metric is 16777215. 

Answer: A,B 

Q454. Refer to the exhibit. 

Which two statements about this configuration are true? (Choose two.) 

A. It allows 172.16.0.0/16 to be distributed into EIGRP. 

B. It allows a default route to be distributed into EIGRP. 

C. It allows 172.16.0.0/16 and larger subnets to be distributed into EIGRP. 

D. It prevents 172.16.0.0/16 from being distributed into EIGRP. 

E. It prevents a default route from being distributed into EIGRP. 

F. It creates summary routes and injects them into EIGRP. 

Answer: A,B 

Explanation: 

In this example, the prefix list is configured to only allow the two specific routes of 172.16.0.0/16 and the default route. Any other routes will be filtered. 

Q455. Which option describes a limitation of Embedded Packet Capture? 

A. It can capture data only on physical interfaces and subinterfaces. 

B. It can store only packet data. 

C. It can capture multicast packets only on ingress. 

D. It can capture multicast packets only on egress. 

Answer:

Explanation: 

Restrictions for Embedded Packet Capture 

. In Cisco IOS Release 12.2(33)SRE, EPC is supported only on 7200 platform. 

. EPC only captures multicast packets on ingress and does not capture the replicated packets on egress. 

. Currently, the capture file can only be exported off the device; for example, TFTP or FTP servers and local disk. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/epc/configuration/15-mt/epc-15-mt-book/nm-packet-capture.html 

Q456. What is the goal of Unicast Reverse Path Forwarding? 

A. to verify the reachability of the destination address in forwarded packets 

B. to help control network congestion 

C. to verify the reachability of the destination address in multicast packets 

D. to verify the reachability of the source address in forwarded packets 

Answer:

Explanation: 

Network administrators can use Unicast Reverse Path Forwarding (Unicast RPF) to help limit the malicious traffic on an enterprise network. This security feature works by enabling a router to verify the reachability of the source address in packets being forwarded. This capability can limit the appearance of spoofed addresses on a network. If the source IP address is not valid, the packet is discarded. 

Reference: http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html 

Q457. Which technology can be used to prevent flooding of IPv6 multicast traffic on a switch? 

A. IGMP snooping 

B. IGMP filtering 

C. MLD snooping 

D. MLD filtering 

Answer:

Explanation: 

MLD snooping allows the switch to examine MLD packets and make forwarding decisions based on their content. You can configure the switch to use MLD snooping in subnets that receive MLD queries from either MLD or the MLD snooping querier. MLD snooping constrains IPv6 multicast traffic at Layer 2 by configuring Layer 2 LAN ports dynamically to forward IPv6 multicast traffic only to those ports that want to receive it. 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/snoopmld.html 

Q458. Which three options are three benefits of an MPLS VPN? (Choose three.) 

A. It allows IP address space overlap by maintaining customer routes in a private routing table. 

B. It offers additional security by preventing intrusions directly into the customer routing table. 

C. It offers a transparent virtual network in which all customer sites appear on one LAN. 

D. It offers additional security by allowing only dynamic routing protocols between CE and PE routers. 

E. It allows IP address space overlap by maintaining customer routes in the global routing table with unique BGP communities. 

F. Providers can send only a default route for Internet access into the customer VPN. 

Answer: A,B,C 

Q459. Refer to the exhibit. 

You have just created a new VRF on PE3. You have enabled debug ip bgp vpnv4 unicast updates on PE1, and you can see the route in the debug, but not in the BGP VPNv4 table. 

Which two statements are true? (Choose two.) 

A. VPNv4 is not configured between PE1 and PE3. 

B. address-family ipv4 vrf is not configured on PE3. 

C. After you configure route-target import 999:999 for a VRF on PE3, the route will be accepted. 

D. PE1 will reject the route due to automatic route filtering. 

E. After you configure route-target import 999:999 for a VRF on PE1, the route will be accepted. 

Answer: D,E 

Explanation: 

The route target extended community for VPLS auto-discovery defines the import and export policies that a VPLS instance uses. The export route target sets an extended community attribute number that is appended to all routes that are exported from the VPLS instance. The import route target value sets a filter that determines the routes that are accepted into the VPLS instance. Any route with a value in its import route target contained in its extended attributes field matching the value in the VPLS instance’s import route target are accepted. Otherwise the route is rejected. 

Q460. Refer to the exhibit. 

Which two statements about how the configuration processes Telnet traffic are true? (Choose two.) 

A. Telnet traffic from 10.1.1.9 to 10.10.10.1 is dropped. 

B. All Telnet traffic is dropped. 

C. Telnet traffic from 10.10.10.1 to 10.1.1.9 is permitted. 

D. Telnet traffic from 10.1.1.9 to 10.10.10.1 is permitted. 

E. Telnet traffic is permitted to all IP addresses. 

Answer: A,C 

Explanation: 

The ACL applied to the COPP policy matches only telnet traffic from 10.1.1.9 to 10.10.10.1, all other telnet traffic is not matched and therefore not used in the COPP policy, which means this traffic will be handled normally (accepted). For telnet traffic from 10.1.1.9 to 10.10.10.1, the COPP policy has defined this traffic as an exceed, and dropped. 

Certleader Dumps
Certleader is a company specialized on providing high quality IT exam materials and fully committed to assist our respected clients crack any IT certification tests on their 1st efforts.