Cisco recognition, which often has best worth inside employment market, could possibly protect against "pirate talent" featuring a pricey price in addition to stringent enrolling procedure, particularly the system for training, secure the factors to understand something earned in addition to maintain this is genuine "solid feature.Half inch The particular strictness involving Cisco recognition is definitely world-famous in addition to whoever has acquired your qualification had received an average of 3 or 4 times training. Now, there is continue to zero your history that particular that has approved your recognition test out basically is definitely properly trained at least.

2016 Nov 400-101 ccie routing and switching written exam fee:

Q381. Refer to the exhibit. 

Which two options are effects of the given configuration? (Choose two.) 

A. It sets the data export destination to 209.165.200.227 on UDP port 49152. 

B. It enables Cisco Express Forwarding on interface FastEthernet0/0. 

C. It configures the export process to include the BGP peer AS of the router gathering the data. 

D. It enables NetFlow switching on interface FastEthernet0/0. 

E. It sets the data export destination to 209.165.200.227 on TCP port 49152. 

Answer: A,D 

Explanation: 

The “ip flow-export destination 209.165.200.227 49152” command specifies that the data export destination server is 209.165.200.227 using UDP port 49152. 

The “ip route-cache flow” command under the fastethernet 0/0 interface enable netflow switching on that interface. 


Q382. How many bytes comprise the system ID within an IS-IS NET? 

A. 4 bytes 

B. 6 bytes 

C. 8 bytes 

D. 16 bytes 

E. 20 bytes 

Answer:

Explanation: 

Routers are identified with NETs of 8 to 20 bytes. ISO/IEC 10589 distinguishes only three fields in the NSAP address format: a variable-length area address beginning with a single octet, a system ID, and a 1-byte n-selector. Cisco implements a fixed length of 6 bytes for the system ID, which is like the OSPF router ID. 

Reference: http://www.cisco.com/en/US/products/ps6599/products_white_paper09186a00800a3e6f.sh tml 


Q383. While troubleshooting an issue for a remote user, you must capture the communication between the user's computer and a server at your location. The traffic passes through a Cisco IOS-XE capable switch. Which statement about obtaining the capture is true? 

A. The Embedded Packet Capture application in the IOS-XE Software can capture the packets, but there is a performance impact. 

B. The Embedded Packet Capture application in the IOS-XE Software can capture the packets without impacting performance. 

C. The Mini Protocol Analyzer embedded in the IOS-XE Software can capture the packets without impacting performance. 

D. The Mini Protocol Analyzer embedded in the IOS-XE Software can be used to capture the packets, but there is a performance impact. 

E. Wireshark can capture packets through a SPAN port, but there is a performance impact. 

Answer:


Q384. Which two statements about OSPF default route injection are true? (Choose two.) 

A. The ABR requires manual configuration to send a default route into an NSSA area. 

B. The ABR injects a default route into a Totally Stub Area. 

C. In a stub area, the ASBR generates a summary LSA with link-state ID 0.0.0.0. 

D. If the default route is missing from the routing table, the ASBR can use the default-information originate command to advertise the default into the OSPF domain. 

E. By default, OSPF normal areas will generate default routes into the routing domain if a default route exists. 

Answer: A,B 


Q385. Which two statements about the command distance bgp 90 60 120 are true? (Choose two.) 

A. Implementing the command is a Cisco best practice. 

B. The external distance it sets is preferred over the internal distance. 

C. The internal distance it sets is preferred over the external distance. 

D. The local distance it sets may conflict with the EIGRP administrative distance. 

E. The internal distance it sets may conflict with the EIGRP administrative distance. 

F. The local distance it sets may conflict with the RIP administrative distance. 

Answer: C,F 

Explanation: 

To allow the use of external, internal, and local administrative distances that could be a better route than other external, internal, or local routes to a node, use the distance bgp command in address family or router configuration mode. To return to the default values, use the no form of this command. distance bgp external-distance internal-distance local-distance no distance bgp 

. Syntax Description 

external-distance 

Administrative distance for BGP external routes. External routes are routes for which the best path is learned from a neighbor external to the autonomous system. Accept table values are from 1 to 255. The default is 20. Routes with a distance of 255 are not installed in the routing table. 

internal-distance 

Administrative distance for BGP internal routes. Internal routes are those routes that are learned from another BGP entity within the same autonomous system. Accept table values are from 1 to 255. The default is 200. Routes with a distance of 255 are not installed in the routing table. 

local-distance 

Administrative distance for BGP local routes. Local routes are those networks listed with a network router configuration command, often as back doors, for that router or for networks that are being redistributed from another process. Accept table values are from 1 to 255. The default is 200. Routes with a distance of 255 are not installed in the routing table. 

Defaults 

external-distance: 20 

internal-distance: 200 

local-distance: 200 

In this case, the internal distance is 60 and the external is 90, and the local distance is 120 (same as RIP). 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/iproute/command/reference/fiprrp_r/1rfbgp1. html#wp1113874 


Renewal cisco 400-101:

Q386. Which two statements about OSPF are true? (Choose two.) 

A. External type 2 routes are preferred over interarea routes. 

B. Intra-area routes are preferred over interarea routes. 

C. External type 1 routes are preferred over external type 2 routes. 

D. External type 1 routes are preferred over intra-area routes. 

E. External type 2 routes are preferred over external type 1 routes. 

Answer: B,C 


Q387. Which timer expiration can lead to an EIGRP route becoming stuck in active? 

A. hello 

B. active 

C. query 

D. hold 

Answer:

Explanation: 

As noted above, when a route goes into the active state, the router queries its neighbors to find a path to the pertinent network. At this point, the router starts a three minute active timer by which time it must receive replies from all queried neighbors. If a neighbor has feasible successors for the route, it will recalculate its own local distance to the network and report this back. However, if a neighbor does not have a feasible successor, it also goes into active state. In some cases, multiple routers along multiple query paths will go into active state as routers continue to query for the desired route. In most cases, this process will yield responses from all queried routers and the sought after route will transition back into the passive state within the three minute SIA query timer. In the case that none of the queried routers can provide a feasible successor, the route is cleared. In some cases, a response is not received between two neighbor routers because of link failures, congestion or some other adverse condition in either the network or on the queried router, and the three minute active timer expires on the router originating the query. When this happens, the querying router that did not receive a response logs a “DUAL-3-SIA” or “stuck-in-active” error for the route and then drops and restarts its adjacency with the non-responding router 

Reference: http://www.packetdesign.com/resources/technical-briefs/diagnosing-eigrp-stuck-active 


Q388. Which Carrier Ethernet service supports the multiplexing of multiple point-to-point EVCs across as a single UNI? 

A. EPL 

B. EVPL 

C. EMS 

D. ERMS 

Answer:

Explanation: 

Ethernet Relay Service (ERS or EVPL) 

An Ethernet Virtual Circuit (EVC) is used to logically connect endpoints, but multiple EVCs 

could exist per single UNI. Each EVC is distinguished by 802.1q VLAN tag identification. 

The ERS network acts as if the Ethernet frames have crossed a switched network, and certain control traffic is not carried between ends of the EVC. ERS is analogous to Frame Relay where the CE-VLAN tag plays the role of a Data-Link Connection Identifier (DLCI). The MEF term for this service is EVPL. 

Reference: http://www.cisco.com/c/en/us/td/docs/net_mgmt/ip_solution_center/5-1/carrier_ethernet/user/guide/l2vpn51book/concepts.html 


Q389. DRAG DROP 

Drag and drop the OSPFv3 LSA type on the left to the functionality it provides on the right. 

Answer: 


Q390. Which three condition types can be monitored by crypto conditional debug? (Choose three.) 

A. Peer hostname 

B. SSL 

C. ISAKMP 

D. Flow ID 

E. IPsec 

F. Connection ID 

Answer: A,D,F 

Explanation: 

Supported Condition Types 

The new crypto conditional debug CLIs--debug crypto condition, debug crypto condition unmatched, and show crypto debug-condition--allow you to specify conditions (filter values) in which to generate and display debug messages related only to the specified conditions. The table below lists the supported condition types. 

Table 1 Supported Condition Types for Crypto Debug CLI 

Condition Type (Keyword) 

Description 

connid 1 

An integer between 1-32766. Relevant debug messages will be shown if the current IPSec operation uses this value as the connection ID to interface with the crypto engine. 

flowid 1 

An integer between 1-32766. Relevant debug messages will be shown if the current IPSec operation uses this value as the flow-ID to interface with the crypto engine. 

FVRF 

The name string of a virtual private network (VPN) routing and forwarding (VRF) instance. Relevant debug messages will be shown if the current IPSec operation uses this VRF instance as its front-door VRF (FVRF). 

IVRF 

The name string of a VRF instance. Relevant debug messages will be shown if the current IPSec operation uses this VRF instance as its inside VRF (IVRF). 

peer group 

A Unity group-name string. Relevant debug messages will be shown if the peer is using this group name as its identity. 

peer hostname 

A fully qualified domain name (FQDN) string. Relevant debug messages will be shown if the peer is using this string as its identity; for example, if the peer is enabling IKE Xauth with this FQDN string. 

peeripaddress 

A single IP address. Relevant debug messages will be shown if the current IPSec operation is related to the IP address of this peer. 

peer subnet 

A subnet and a subnet mask that specify a range of peer IP addresses. Relevant debug messages will be shown if the IP address of the current IPSec peer falls into the specified subnet range. 

peer username 

A username string. Relevant debug messages will be shown if the peer is using this username as its identity; for example, if the peer is enabling IKE Extended Authentication (Xauth) with this username. 

SPI 1 

A 32-bit unsigned integer. Relevant debug messages will be shown if the current IPSec operation uses this value as the SPI. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/xe-3s/sec-sec-for-vpns-w-ipsec-xe-3s-book/sec-crypto-debug-sup.html