A Review Of Real 300-101 questions pool

It is more faster and easier to pass the Cisco 300-101 exam by using Simulation Cisco Implementing Cisco IP Routing questuins and answers. Immediate access to the Update 300-101 Exam and find the same core area 300-101 questions with professionally verified answers, then PASS your exam with a high score now.

2017 Mar 300-101 Study Guide Questions:

Q1. Which common issue causes intermittent DMVPN tunnel flaps? 

A. a routing neighbor reachability issue 

B. a suboptimal routing table 

C. interface bandwidth congestion 

D. that the GRE tunnel to hub router is not encrypted 

Answer: A 

Explanation: 

DMVPN Tunnel Flaps Intermittently Problem DMVPN tunnel flaps intermittently. Solution

When DMVPN tunnels flap, check the neighborship between the routers as issues with neighborship

formation between routers may cause the DMVPN tunnel to flap. In order to resolve this problem, make

sure the neighborship between the routers is always up. Reference: http://www.cisco.com/c/en/us/support/

docs/security-vpn/ipsec-negotiation-ike- protocols/29240-dcmvpn.html#Prblm1

Q2. When using SNMPv3 with NoAuthNoPriv, which string is matched for authentication? 

A. username 

B. password 

C. community-string 

D. encryption-key 

Answer: A 

Explanation: 

The following security models exist: SNMPv1, SNMPv2, SNMPv3. The following security

levels exits: "noAuthNoPriv" (no authentiation and no encryption noauth keyword in CLI),

"AuthNoPriv" (messages are authenticated but not encrypted auth keyword in CLI), "AuthPriv" (messages

are authenticated and encrypted priv keyword in CLI). SNMPv1 and SNMPv2 models only support the

"noAuthNoPriv" model since they use plain community string to match the incoming packets. The SNMPv3

implementations could be configured to use either of the models on per-group basis (in case if

"noAuthNoPriv" is configured, username serves as a replacement for community string). Reference: http://

blog.ine.com/2008/07/19/snmpv3-tutorial/

Q3. Which statement is true about the PPP Session Phase of PPPoE? 

A. PPP options are negotiated and authentication is not performed. Once the link setup is completed, PPPoE functions as a Layer 3 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers. 

B. PPP options are not negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 4 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers. 

C. PPP options are automatically enabled and authorization is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method that allows data to be encrypted over the PPP link within PPPoE headers. 

D. PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers. 

Answer: D 

Explanation: 

PPPoE is composed of two main phases:

Active Discovery Phase–In this phase, the PPPoE client locates a PPPoE server, called an access concentrator. During this phase, a Session ID is assigned and the PPPoE layer is established.

PPP Session Phase–In this phase, PPP options are negotiated and authentication is performed. Once the

link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred over the PPP link within PPPoE headers.

Reference: 

http://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/vpn/asa-vpn- cli/vpnpppoe.html

300-101  book

Abreast of the times 300-101 testing engine:

Q4. Which switching method is used when entries are present in the output of the command show ip cache? 

A. fast switching 

B. process switching 

C. Cisco Express Forwarding switching 

D. cut-through packet switching 

Answer: A 

Explanation: 

Fast switching allows higher throughput by switching a packet using a cache created by the initial packet

sent to a particular destination. Destination addresses are stored in the high-speed cache to expedite forwarding. Routers offer better packet-transfer performance when fast switching is enabled. Fast switching is enabled by default on all interfaces that support fast switching.

To display the routing table cache used to fast switch IP traffic, use the "show ip cache" EXEC command.

Reference:

http://www.cisco.com/c/en/us/td/docs/ios/12_2/switch/command/reference/fswtch_r/xrfscmd5.ht

ml#wp1038133

Q5. Refer to the exhibit. 

Which statement is true? 

A. Traffic from the 172.16.0.0/16 network will be blocked by the ACL. 

B. The 10.0.0.0/8 network will not be advertised by Router B because the network statement for the 10.0.0.0/8 network is missing from Router B. 

C. The 10.0.0.0/8 network will not be in the routing table on Router B. 

D. Users on the 10.0.0.0/8 network can successfully ping users on the 192.168.5.0/24 network, but users on the 192.168.5.0/24 cannot successfully ping users on the 10.0.0.0/8 network. 

E. Router B will not advertise the 10.0.0.0/8 network because it is blocked by the ACL. 

Answer: E 

Explanation: 

Q6. Which Cisco IOS VPN technology leverages IPsec, mGRE, dynamic routing protocol, NHRP, and Cisco Express Forwarding? 

A. FlexVPN 

B. DMVPN 

C. GETVPN 

D. Cisco Easy VPN 

Answer: B 

Explanation: Dynamic Multipoint Virtual Private Network (DMVPN) is a dynamic tunneling form of a virtual

private network (VPN) supported on Cisco IOS-based routers and Unix-like Operating Systems based on

the standard protocols, GRE, NHRP and IPsec. This DMVPN provides the capability for creating a

dynamic-mesh VPN network without having to pre-configure (static) all possible tunnel end-point peers,

including IPsec (Internet Protocol Security) and ISAKMP (Internet Security Association and Key

Management Protocol) peers. DMVPN is initially configured to build out a hub-and-spoke network by

statically configuring the hubs (VPN headends) on the spokes, no change in the configuration on the hub is

required to accept new spokes. Using this initial hub-and-spoke network, tunnels between spokes can be

dynamically built on demand (dynamic-mesh) without additional configuration on the hubs or spokes. This

dynamic-mesh capability alleviates the need for any load on the hub to route data between the spoke

networks. DMVPN is combination of the following technologies:

Multipoint GRE (mGRE)

Next-Hop Resolution Protocol (NHRP)

Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP)

Dynamic IPsec encryption

Cisco Express Forwarding (CEF)

Reference: http://en.wikipedia.org/wiki/Dynamic_Multipoint_Virtual_Private_Network

Topic 5, Infrastructure Security 

53. Which traffic does the following configuration allow? 

ipv6 access-list cisco 

permit ipv6 host 2001:DB8:0:4::32 any eq ssh 

line vty 0 4 

ipv6 access-class cisco in 

A. all traffic to vty 0 4 from source 2001:DB8:0:4::32 

B. only ssh traffic to vty 0 4 from source all 

C. only ssh traffic to vty 0 4 from source 2001:DB8:0:4::32 

D. all traffic to vty 0 4 from source all 

Answer: C 

Explanation: 

Here we see that the IPv6 access list called "cisco" is being applied to incoming VTY connections to the

router. IPv6 access list has just one entry, which allows only the single IPv6 IP address of 2001:DB8:0:4::32 to connect using SSH only.

certleader.com

Real 300-101 ebook:

Q7. A network engineer executes the show ip flow export command. Which line in the output indicates that the send queue is full and export packets are not being sent? 

A. output drops 

B. enqueuing for the RP 

C. fragmentation failures 

D. adjacency issues 

Answer: A 

Explanation: 

Table 5 show ip flow export Field Descriptions Field Description Exporting flows to 10.1.1.1

Specifies the export destinations and ports. (1000) and 10.2.1.1 The ports are in parentheses. Exporting

using source Specifies the source address or interface. IP address 10.3.1.1 Version 5 flow records

Specifies the version of the flow. 11 flows exported in 8 udp The total number of export packets sent, and

datagrams the total number of flows contained within them. 0 flows failed due to lack of No memory was

available to create an export export packet packet. 0 export packets were sent The packet could not be

processed by CEF or up to process level by fast switching, possibly because another feature requires

running on the packet. 0 export packets were Indicates that CEF was unable to switch the dropped due to

no fib packet or forward it up to the process level. 0 export packets were dropped due to adjacency issues

0 export packets were Indicates that the packet was dropped because dropped due to of problems

constructing the IP packet. fragmentation failures 0 export packets were dropped due to encapsulation

fixup failures 0 export packets were Indicates that there was a problem transferring dropped enqueuing for

the the export packet between the RP and the line RP card. 0 export packets were dropped due to IPC

rate limiting 0 export packets were Indicates that the send queue was full while dropped due to output the

packet was being transmitted. drops

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/oaggnf.html

Q8. What does the following access list, which is applied on the external interface FastEthernet 1/0 of the perimeter router, accomplish? 

router(config)#access-list 101 deny ip 10.0.0.0 0.255.255.255 any log 

router (config)#access-list 101 deny ip 192.168.0.0 0.0.255.255 any log 

router (config)#access-list 101 deny ip 172.16.0.0 0.15.255.255 any log 

router (config)#access-list 101 permit ip any any 

router (config)#interface fastEthernet 1/0 

router (config-if)#ip access-group 101 in 

A. It prevents incoming traffic from IP address ranges 10.0.0.0-10.0.0.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255 and logs any intrusion attempts. 

B. It prevents the internal network from being used in spoofed denial of service attacks and logs any exit to the Internet. 

C. It filters incoming traffic from private addresses in order to prevent spoofing and logs any intrusion attempts. 

D. It prevents private internal addresses to be accessed directly from outside. 

Answer: C 

Explanation: 

The private IP address ranges defined in RFC 1918 are as follows:

10.0.0.0 – 10.255.255.255

172.16.0.0 – 172.31.255.255

192.168.0.0 – 192.168.255.255 

These IP addresses should never be allowed from external networks into a

corporate network as they would only be able to reach the network from the outside via routing problems or

if the IP addresses were spoofed. This ACL is used to prevent all packets with a spoofed reserved private

source IP address to enter the network. The log keyword also enables logging of this intrusion attempt.

Q9. Refer to the following access list. 

access-list 100 permit ip any any log 

After applying the access list on a Cisco router, the network engineer notices that the router CPU utilization has risen to 99 percent. What is the reason for this? 

A. A packet that matches access-list with the "log" keyword is Cisco Express Forwarding switched. 

B. A packet that matches access-list with the "log" keyword is fast switched. 

C. A packet that matches access-list with the "log" keyword is process switched. 

D. A large amount of IP traffic is being permitted on the router. 

Answer: C 

Explanation: 

Logging-enabled access control lists (ACLs) provide insight into traffic as it traverses the

network or is dropped by network devices. Unfortunately, ACL logging can be CPU intensive and can

negatively affect other functions of the network device. There are two primary factors that contribute to the

CPU load increase from ACL logging: process switching of packets that match log-enabled access control

entries (ACEs) and the generation and transmission of log messages. Reference: http://www.cisco.com/

web/about/security/intelligence/acl-logging.html#4

Q10. Refer to the exhibit. The command is executed while configuring a point-to-multipoint Frame Relay interface. Which type of IPv6 address is portrayed in the exhibit? 

A. link-local 

B. site-local 

C. global 

D. multicast 

Answer: A 

Explanation: 

About 300-101 Information: 300-101 Dumps

Certleader Dumps
Certleader is a company specialized on providing high quality IT exam materials and fully committed to assist our respected clients crack any IT certification tests on their 1st efforts.