Pinpoint of 400 101 vce practice exam materials and free samples for Cisco certification for client, Real Success Guaranteed with Updated passleader 400 101 pdf dumps vce Materials. 100% PASS CCIE Routing and Switching (v5.0) exam Today!
Q211. What are two benefits of NVI? (Choose two.)
A. It provides scalability by maintaining a NAT table on every interface.
B. It can dynamically create a static route to the NAT pool for translation.
C. It supports the use of route maps for policy-based NAT.
D. It supports the use of a single interface for translations.
E. It injects a route into the existing routing protocol that directs translation to the NAT pool.
Answer: A,B
Q212. When you enable the MPLS Multi-VRF feature, which two supported routing protocols can be used to exchange routing information between PE routers and CE routers? (Choose two.)
A. BGP
B. RIP
C. OSPF
D. EIGRP
E. IS-IS
Answer: A,B
Q213. Which two options are EIGRP route authentication encryption modes? (Choose two.)
A. MD5
B. HMAC-SHA-256bit
C. ESP-AES
D. HMAC-AES
Answer: A,B
Explanation:
Packets exchanged between neighbors must be authenticated to ensure that a device accepts packets only from devices that have the same preshared authentication key. Enhanced Interior Gateway Routing Protocol (EIGRP) authentication is configurable on a per-interface basis; this means that packets exchanged between neighbors connected through an interface are authenticated. EIGRP supports message digest algorithm 5 (MD5) authentication to prevent the introduction of unauthorized information from unapproved sources. MD5 authentication is defined in RFC 1321. EIGRP also supports the Hashed Message Authentication Code-Secure Hash Algorithm-256 (HMAC-SHA-256) authentication method.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/xe-3s/ire-xe-3s-book/ire-sha-256.html
Q214. Which three statements about the route preference of IS-IS are true? (Choose three.)
A. An L1 path is preferred over an L2 path.
B. An L2 path is preferred over an L1 path.
C. Within each level, a path that supports optional metrics is preferred over a path that supports only the default metric.
D. Within each level of metric support, the path with the lowest metric is preferred.
E. The Cisco IS-IS implementation usually performs equal cost path load balancing on up to eight paths.
F. Both L1 and L2 routes will be installed in the routing table at the same time.
Answer: A,C,D
Explanation:
Given multiple possible routes to a particular destination, an L1 path is preferred over an L2 path. Within each level, a path that supports the optional metrics is preferred over a path that supports only the default metric. (Again, Cisco supports only the default metric, so the second order of preference is not relevant to Cisco routers.) Within each level of metric support, the path with the lowest metric is preferred. If multiple equal-cost, equal-level paths are found by the Decision process, they are all entered into the route table. The Cisco IS-IS implementation usually performs equal-cost load balancing on up to six paths.
Reference: http://www.realccielab.org/operation-of-integrated-is-is.html
Q215. EIGRP allows configuration of multiple MD5 keys for packet authentication to support easy rollover from an old key to a new key. Which two statements are true regarding the usage of multiple authentication keys? (Choose two.)
A. Received packets are authenticated by the key with the smallest key ID.
B. Sent packets are authenticated by all valid keys, which means that each packet is replicated as many times as the number of existing valid keys.
C. Received packets are authenticated by any valid key that is chosen.
D. Sent packets are authenticated by the key with the smallest key ID.
Answer: C,D
Explanation:
Suppose two routers are connected with each other via Fa0/0 interfaces and they are configured to authenticate via MD5. Below is a simple configuration on both routers so that they will work:
Router1(config)#key chain KeyChainR1
Router1(config-keychain)#key 1
Router1(config-keychain-key)#key-string FirstKey
Router1(config-keychain-key)#key 2
Router1(config-keychain-key)#key-string SecondKey
Router2(config)#key chain KeyChainR2
Router2(config-keychain)#key 1
Router2(config-keychain-key)#key-string FirstKey
Router2(config-keychain-key)#key 2
Router2(config-keychain-key)#key-string SecondKey
Apply these key chains to R1 & R2:
Router1(config)#interface fastEthernet 0/0
Router1(config-if)#ip authentication mode eigrp 1 md5
Router1(config-if)#ip authentication key-chain eigrp 1 KeyChainR1
Router2(config)#interface fastEthernet 0/0
Router2(config-if)#ip authentication mode eigrp 1 md5
Router2(config-if)#ip authentication key-chain eigrp 1 KeyChainR2
There are some rules to configure MD5 authentication with EIGRP:
+ The key chain names on two routers do not have to match (in this case the name “KeyChainR1 & “KeyChainR2 do not match)
+ The key number and key-string on the two potential neighbors must match (for example “key 1 & “key-string FirstKey” must match on “key 1” & “key-string FirstKey” of neighboring router) Also some facts about MD5 authentication with EIGRP
+ When sending EIGRP messages the lowest valid key number is used -> D is correct.
+ When receving EIGRP messages all currently configured valid keys are verified but the lowest valid one will be used -> Although answer C does not totally mention like that but it is the most suitable answer because A and B are totally wrong. Answer A is not correct because we need valid key to authenticate. As mentioned above, although answer C is not totally correct but it puts some light on why
answer B is not correct: each packet is NOT “replicated as many times as the number of existing valid keys”. All currently configured valid keys are verified but the lowest valid one will be used.
Q216. Assume that the following MAC addresses are used for the bridge ID MAC address by four different switches in a network. Which switch will be elected as the spanning-tree root bridge?
A. SwitchA uses MAC 1000.AA-AA-AA-AA-AA-AA.
B. SwitchB uses MAC 2000.BB-BB-BB-BB-BB-BB.
C. SwitchC uses MAC 3000.CC-CC-CC-CC-CC-CC.
D. SwitchD uses MAC 4000.DD-DD-DD-DD-DD-DD.
Answer: A
Explanation:
The switch with the highest switch priority (the lowest numerical priority value) is elected as the root switch. If all switches are configured with the default priority (32768), the switch with the lowest MAC address in the VLAN becomes the root switch.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_53_se/configuration/guide/2960scg/swstp.html
Q217. Refer to the exhibit.
Why is the loopback 0 interface of R4 missing in the routing table of R2?
A. R2 is configured as a route reflector client.
B. There is no peering between R2 and R3.
C. The next hop is not reachable from R2.
D. The route originated within the same AS.
Answer: B
Explanation:
In the “show ip bgp” output we see that there is no peering session between R2 and R3. Since R3 is the route reflector here, R3 would reflect routes advertised from R4 to R2, but the peer needs to be established first.
Q218. Which two statements are true about VPLS? (Choose two.)
A. It can work over any transport that can forward IP packets.
B. It provides integrated mechanisms to maintain First Hop Resiliency Protocols such as HSRP, VRRP, or GLBP.
C. It includes automatic detection of multihoming.
D. It relies on flooding to propagate MAC address reachability information.
E. It can carry a single VLAN per VPLS instance.
Answer: D,E
Explanation:
VPLS relies on flooding to propagate MAC address reachability information. Therefore, flooding cannot be prevented.
VPLS can carry a single VLAN per VPLS instance. To multiplex multiple VLANs on a single instance, VPLS uses IEEE QinQ.
Reference: http://www.cisco.com/c/en/us/products/collateral/switches/nexus-7000-series-switches/white_paper_c11-574984.html
Q219. A configuration includes the line ip route 10.0.0.0 255.0.0.0 172.16.10.10 permanent.
Which option is a benefit of configuring this static route as permanent?
A. It allows the route to be redistributed into the network even if the outgoing interface is down.
B. It allows the route to be saved in the running configuration of the device.
C. It places a hidden tag on the route that can be matched on other devices.
D. It allows the route to have a tracking status even if no tracking object is configured.
Answer: A
Q220. Which two Cisco IOS XE commands can install a subpackage onto a router? (Choose two.)
A. request platform software package install rp rpSlotNumber file fileURL
B. boot system flash bootflash:filename
C. copy sourceUrl destinationUrl
D. license install file storedLocationUrl
E. issu loadversion rp identifier file diskType imageFilename
F. config-register value
Answer: A,C
Explanation:
. Managing and Configuring a Consolidated Package Using the request platform software package install Command
In the following example, the request platform software package install command is used to upgrade a consolidated package running on RP 0. The force option, which forces the upgrade past any prompt (such as already having the same consolidated package installed), is used in this example.
Router# request platform software package install rp 0 file bootflash:asr1000rp1-adventerprisek9.02.01.00.122-33.XNA.bin force
To upgrade a consolidated package on the Cisco ASR 1000 Series Routers using the copy command, copy the consolidated package into the bootflash: directory on the router using the copy command as you would on most other Cisco routers. After making this copy, configure the router to boot using the consolidated package file. In the following example, the consolidated package file is copied onto the bootflash: file system from TFTP. The config-register is then set to boot using boot system commands, and the boot system commands instruct the router to boot using the consolidated package stored in the bootflash: file system. The new configuration is then saved using the copy running-config startup-config command, and the system is then reloaded to complete the process.
Router# dir bootflash:
Directory of bootflash:/
11 drwx 16384 Dec 4 2007 04:32:46 -08:00 lost+found
86401 drwx 4096 Dec 4 2007 06:06:24 -08:00.ssh
14401 drwx 4096 Dec 4 2007 06:06:36 -08:00.rollback_timer
28801 drwx 4096 Mar 18 2008 17:31:17 -07:00.prst_sync
43201 drwx 4096 Dec 4 2007 04:34:45 -08:00.installer
13 -rw- 45977 Apr 9 2008 16:48:46 -07:00 target_support_output.tgz.tgz
928862208 bytes total (712273920 bytes free)
Router# copy tftp bootflash:
Address or name of remote host []? 172.17.16.81
Source filename []? /auto/tftp-users/user/asr1000rp1-adventerprisek9.02.01.00.122-33.XNA.bin
Destination filename [asr1000rp1-adventerprisek9.02.01.00.122-33.XNA.bin]?
Reference: http://www.cisco.com/c/en/us/td/docs/routers/asr1000/configuration/guide/chassis/asrswcfg /Package_Management.html#78189