Super to passleader 400 101

Our pass rate is high to 98.9% and the similarity percentage between our cisco 400 101 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Cisco cisco 400 101 exam in just one try? I am currently studying for the Cisco ccie 400 101 exam. Latest Cisco 400 101 dumps Test exam practice questions and answers, Try Cisco 400 101 ccie Brain Dumps First.

Q331. Which three statements about IPsec VTIs are true? (Choose three.) 

A. IPsec sessions require static mapping to a physical interface. 

B. They can send and receive multicast traffic. 

C. They can send and receive traffic over multiple paths. 

D. They support IP routing and ACLs. 

E. They can send and receive unicast traffic. 

F. They support stateful failover. 

Answer: B,D,E 

Q332. What are the minimal configuration steps that are required to configure EIGRP HMAC-SHA2 authentication? 

A. classic router mode, interface XX, authentication mode hmac-sha-256 <password> 

B. named router mode, address-family statement, authentication mode hmac-sha-256 <password> 

C. named router mode, address-family statement, af-interface default, authentication mode hmac-sha-256 <password> 

D. named router mode, address-family statement, authentication mode hmac-sha-256 <password> 

Answer: C 

Explanation: 

The example below shows how to configure EIGRP HMAC-SHA2 on Cisco router: 

Device(config)# router eigrp name1 

Device(config-router)# address-family ipv4 autonomous-system 45000 

Device(config-router-af)# af-interface ethernet 0/0 

Device(config-router-af-interface)# authentication mode hmac-sha-256 0 password1 

Device(config-router-af-interface)# end 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_eigrp/configuration/15-sy/ire-15-sy-book/ire-sha-256.html 

Q333. What is the ip dhcp snooping information option command used for? 

A. It displays information about the DHCP snooping table. 

B. It sends a syslog and an SNMP trap for a DHCP snooping violation. 

C. It enables the DHCP snooping host tracking feature. 

D. It enables DHCP option 82 data insertion. 

Answer: D 

Explanation: 

To enable DHCP option-82 data insertion, perform this task: 

Command 

Purpose 

Step 1 

Router(config)# ip dhcp snooping information option 

Enables DHCP option-82 data insertion. 

Step 2 

Router(config)# ip dhcp snooping information option replace 

Or: 

Router(config-if)# ip dhcp snooping information option replace 

(Optional) Replaces the DHCP relay information option received in snooped packets with the switch's option-82 data. 

Step 3 

Router(config)# do show ip dhcp snooping | include 82 

Verifies 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/snoodhcp.html 

Q334. When you implement PfR, which IP SLA probe is used to determine the MOS? 

A. jitter 

B. latency 

C. packet loss 

D. throughput 

Answer: A 

Q335. Which flag in a configuration BPDU instructs all switches to shorten their bridge table aging process from the default 300 seconds to the current forward delay value? 

A. topology change bit 

B. topology change acknowledgment bit 

C. priority bit 

D. max-age bit 

Answer: A 

Explanation: 

The Root Bridge continues to set the Topology Change flag (TCN bit) in all Configuration BPDUs that it sends out for a total of Forward Delay + Max Age seconds (default = 35 (20+15) seconds). This flag instructs all bridges to shorten their MAC address table (Bridge table) aging process from the default value of 300 seconds to the current Forward Delay value of the bridge (default=15 seconds). The TCA flag is set by the upstream bridge to tell the downstream bridges to stop sending TCN BPDUs. The TC flag is set in configuration BPDU by the Root Bridge to shorten the bridge table age-out period from default 300 seconds to Forward Delay seconds. 

Q336. Which two statements about DHCP snooping are true? (Choose two.) 

A. It is implemented on a per-VLAN basis. 

B. It filters invalid DHCP messages. 

C. The binding database logs trusted and untrusted hosts with leased IP addresses. 

D. Interfaces are trusted by default. 

E. It uses the LFIB to validate requests from untrusted hosts. 

Answer: A,B 

Q337. Which statement about the function of poison reverse in EIGRP is true? 

A. It tells peers to remove paths that previously might have pointed to this router. 

B. It tells peers to remove paths to save memory and bandwidth. 

C. It provides reverse path information for multicast routing. 

D. It tells peers that a prefix is no longer reachable. 

Answer: A 

Explanation: 

Poison Reverse in EIGRP states: “Once you learn of a route through an interface, advertise it as unreachable back through that same interface”. For more information please read here. http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/16406-eigrp-toc.html#splithorizon. 

Q338. Refer to the exhibit. 

R1 is able to reach only some of the subnets that R2 is advertising. Which two configuration changes can you make to ensure that R1 can reach all routes from R2? (Choose two.) 

A. Add an additional permit statement to the LOOPBACKS route map. 

B. Modify the LOOPBACKS access list to include all loopback subnets. 

C. Add an additional statement in the LOOPBACKS route map to match both Level 1 and Level 2 circuits. 

D. Add an additional statement in the LOOPBACKS route map to match the R1 CLNS address. 

E. Configure the interfaces between R1 and R2 with a Level 1 IS-IS circuit. 

F. Configure the interfaces between R1 and R2 with a Level 2 IS-IS circuit. 

Answer: A,B 

Explanation: 

In this example, the access list is using a 0.0.3.255 wildcard mask, so only the loopback IP’s of 172.16.0.0 – 172.16.3.255 will be included. We need to add another statement to allow loopback 4 to be advertised, or modify the wildcard mask to include them all. 

Q339. Which two statements about the passive-interface command are true? (Choose two.) 

A. A RIP router listens to multicast updates from its neighbor but stops sending multicast updates on the passive interface. 

B. In OSPF, configuring passive-interface at the interface level suppresses hello packets for the interface and all sub interfaces. 

C. An EIGRP router can form neighbor relationship on the passive interface, but incoming and outgoing multicast updates are disabled on the interface. 

D. A RIP router disables all incoming and outgoing multicast updates in the passive interface. 

E. In EIGRP, the passive interface stops sending hello packets. 

F. In OSPF, the passive interface can receive incoming routing updates and update the device routing table. 

Answer: A,E 

Q340. Refer to the exhibit. 

R2 is configured as the R1 neighbor in area 51, but R2 fails to receive the configured summary route. Which action can you take to correct the problem? 

A. Replace the summary-address command with the area-range command. 

B. Configure a summary address under R1interface GigabitEthernet0/0. 

C. Configure a summary address under R1 interface GigabitEthernet1/0. 

D. Configure the no discard-route command in the OSPF process of R1. 

E. Configure ip ospf network broadcast under the Loopback0 interface of R1. 

Answer: A