It is more faster and easier to pass the Cisco 300-101 exam by using Simulation Cisco Implementing Cisco IP Routing questuins and answers. Immediate access to the Update 300-101 Exam and find the same core area 300-101 questions with professionally verified answers, then PASS your exam with a high score now.
2017 Mar 300-101 Study Guide Questions:
Q1. Which common issue causes intermittent DMVPN tunnel flaps?
A. a routing neighbor reachability issue
B. a suboptimal routing table
C. interface bandwidth congestion
D. that the GRE tunnel to hub router is not encrypted
DMVPN Tunnel Flaps Intermittently Problem DMVPN tunnel flaps intermittently. Solution
When DMVPN tunnels flap, check the neighborship between the routers as issues with neighborship
formation between routers may cause the DMVPN tunnel to flap. In order to resolve this problem, make
sure the neighborship between the routers is always up. Reference: http://www.cisco.com/c/en/us/support/
Q2. When using SNMPv3 with NoAuthNoPriv, which string is matched for authentication?
The following security models exist: SNMPv1, SNMPv2, SNMPv3. The following security
levels exits: "noAuthNoPriv" (no authentiation and no encryption noauth keyword in CLI),
"AuthNoPriv" (messages are authenticated but not encrypted auth keyword in CLI), "AuthPriv" (messages
are authenticated and encrypted priv keyword in CLI). SNMPv1 and SNMPv2 models only support the
"noAuthNoPriv" model since they use plain community string to match the incoming packets. The SNMPv3
implementations could be configured to use either of the models on per-group basis (in case if
"noAuthNoPriv" is configured, username serves as a replacement for community string). Reference: http://
Q3. Which statement is true about the PPP Session Phase of PPPoE?
A. PPP options are negotiated and authentication is not performed. Once the link setup is completed, PPPoE functions as a Layer 3 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.
B. PPP options are not negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 4 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.
C. PPP options are automatically enabled and authorization is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method that allows data to be encrypted over the PPP link within PPPoE headers.
D. PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.
PPPoE is composed of two main phases:
Active Discovery Phase–In this phase, the PPPoE client locates a PPPoE server, called an access concentrator. During this phase, a Session ID is assigned and the PPPoE layer is established.
PPP Session Phase–In this phase, PPP options are negotiated and authentication is performed. Once the
link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred over the PPP link within PPPoE headers.
Abreast of the times 300-101 testing engine:
Q4. Which switching method is used when entries are present in the output of the command show ip cache?
A. fast switching
B. process switching
C. Cisco Express Forwarding switching
D. cut-through packet switching
Fast switching allows higher throughput by switching a packet using a cache created by the initial packet
sent to a particular destination. Destination addresses are stored in the high-speed cache to expedite forwarding. Routers offer better packet-transfer performance when fast switching is enabled. Fast switching is enabled by default on all interfaces that support fast switching.
To display the routing table cache used to fast switch IP traffic, use the "show ip cache" EXEC command.
Q5. Refer to the exhibit.
Which statement is true?
A. Traffic from the 172.16.0.0/16 network will be blocked by the ACL.
B. The 10.0.0.0/8 network will not be advertised by Router B because the network statement for the 10.0.0.0/8 network is missing from Router B.
C. The 10.0.0.0/8 network will not be in the routing table on Router B.
D. Users on the 10.0.0.0/8 network can successfully ping users on the 192.168.5.0/24 network, but users on the 192.168.5.0/24 cannot successfully ping users on the 10.0.0.0/8 network.
E. Router B will not advertise the 10.0.0.0/8 network because it is blocked by the ACL.
Q6. Which Cisco IOS VPN technology leverages IPsec, mGRE, dynamic routing protocol, NHRP, and Cisco Express Forwarding?
D. Cisco Easy VPN
Explanation: Dynamic Multipoint Virtual Private Network (DMVPN) is a dynamic tunneling form of a virtual
private network (VPN) supported on Cisco IOS-based routers and Unix-like Operating Systems based on
the standard protocols, GRE, NHRP and IPsec. This DMVPN provides the capability for creating a
dynamic-mesh VPN network without having to pre-configure (static) all possible tunnel end-point peers,
including IPsec (Internet Protocol Security) and ISAKMP (Internet Security Association and Key
Management Protocol) peers. DMVPN is initially configured to build out a hub-and-spoke network by
statically configuring the hubs (VPN headends) on the spokes, no change in the configuration on the hub is
required to accept new spokes. Using this initial hub-and-spoke network, tunnels between spokes can be
dynamically built on demand (dynamic-mesh) without additional configuration on the hubs or spokes. This
dynamic-mesh capability alleviates the need for any load on the hub to route data between the spoke
networks. DMVPN is combination of the following technologies:
Multipoint GRE (mGRE)
Next-Hop Resolution Protocol (NHRP)
Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP)
Dynamic IPsec encryption
Cisco Express Forwarding (CEF)
Topic 5, Infrastructure Security
53. Which traffic does the following configuration allow?
ipv6 access-list cisco
permit ipv6 host 2001:DB8:0:4::32 any eq ssh
line vty 0 4
ipv6 access-class cisco in
A. all traffic to vty 0 4 from source 2001:DB8:0:4::32
B. only ssh traffic to vty 0 4 from source all
C. only ssh traffic to vty 0 4 from source 2001:DB8:0:4::32
D. all traffic to vty 0 4 from source all
Here we see that the IPv6 access list called "cisco" is being applied to incoming VTY connections to the
router. IPv6 access list has just one entry, which allows only the single IPv6 IP address of 2001:DB8:0:4::32 to connect using SSH only.
Real 300-101 ebook:
Q7. A network engineer executes the show ip flow export command. Which line in the output indicates that the send queue is full and export packets are not being sent?
A. output drops
B. enqueuing for the RP
C. fragmentation failures
D. adjacency issues
Table 5 show ip flow export Field Descriptions Field Description Exporting flows to 10.1.1.1
Specifies the export destinations and ports. (1000) and 10.2.1.1 The ports are in parentheses. Exporting
using source Specifies the source address or interface. IP address 10.3.1.1 Version 5 flow records
Specifies the version of the flow. 11 flows exported in 8 udp The total number of export packets sent, and
datagrams the total number of flows contained within them. 0 flows failed due to lack of No memory was
available to create an export export packet packet. 0 export packets were sent The packet could not be
processed by CEF or up to process level by fast switching, possibly because another feature requires
running on the packet. 0 export packets were Indicates that CEF was unable to switch the dropped due to
no fib packet or forward it up to the process level. 0 export packets were dropped due to adjacency issues
0 export packets were Indicates that the packet was dropped because dropped due to of problems
constructing the IP packet. fragmentation failures 0 export packets were dropped due to encapsulation
fixup failures 0 export packets were Indicates that there was a problem transferring dropped enqueuing for
the the export packet between the RP and the line RP card. 0 export packets were dropped due to IPC
rate limiting 0 export packets were Indicates that the send queue was full while dropped due to output the
packet was being transmitted. drops
Q8. What does the following access list, which is applied on the external interface FastEthernet 1/0 of the perimeter router, accomplish?
router(config)#access-list 101 deny ip 10.0.0.0 0.255.255.255 any log
router (config)#access-list 101 deny ip 192.168.0.0 0.0.255.255 any log
router (config)#access-list 101 deny ip 172.16.0.0 0.15.255.255 any log
router (config)#access-list 101 permit ip any any
router (config)#interface fastEthernet 1/0
router (config-if)#ip access-group 101 in
A. It prevents incoming traffic from IP address ranges 10.0.0.0-10.0.0.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255 and logs any intrusion attempts.
B. It prevents the internal network from being used in spoofed denial of service attacks and logs any exit to the Internet.
C. It filters incoming traffic from private addresses in order to prevent spoofing and logs any intrusion attempts.
D. It prevents private internal addresses to be accessed directly from outside.
The private IP address ranges defined in RFC 1918 are as follows:
10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255
These IP addresses should never be allowed from external networks into a
corporate network as they would only be able to reach the network from the outside via routing problems or
if the IP addresses were spoofed. This ACL is used to prevent all packets with a spoofed reserved private
source IP address to enter the network. The log keyword also enables logging of this intrusion attempt.
Q9. Refer to the following access list.
access-list 100 permit ip any any log
After applying the access list on a Cisco router, the network engineer notices that the router CPU utilization has risen to 99 percent. What is the reason for this?
A. A packet that matches access-list with the "log" keyword is Cisco Express Forwarding switched.
B. A packet that matches access-list with the "log" keyword is fast switched.
C. A packet that matches access-list with the "log" keyword is process switched.
D. A large amount of IP traffic is being permitted on the router.
Logging-enabled access control lists (ACLs) provide insight into traffic as it traverses the
network or is dropped by network devices. Unfortunately, ACL logging can be CPU intensive and can
negatively affect other functions of the network device. There are two primary factors that contribute to the
CPU load increase from ACL logging: process switching of packets that match log-enabled access control
entries (ACEs) and the generation and transmission of log messages. Reference: http://www.cisco.com/
Q10. Refer to the exhibit. The command is executed while configuring a point-to-multipoint Frame Relay interface. Which type of IPv6 address is portrayed in the exhibit?