Promise in order to provide the high-quality Cisco exam dumps, Testking gives the top good quality Cisco Cisco certification products with best questions and also answers. You will get the most fresh and precise 400-101 preparation components which promise your success at initial attempt. Take activities now and also download your Cisco 400-101 exam dumps today!

2017 Mar 400-101 exam cram

Q271. DRAG DROP 

Drag and drop each GET VPN feature on the left to the corresponding function it performs on the right. 

Answer: 


Q272. Refer to the exhibit. 

What does the return code 3 represent in this output? 

A. The mapping of the replying router for the FEC is different. 

B. The packet is label-switched at stack depth. 

C. The return code is reserved. 

D. The upstream index is unknown. 

E. The replying router was the proper egress for the FEC. 

Answer:

Explanation: 

Return Codes The Return Code is set to zero by the sender. The receiver can set it to one of the values listed below. The notation <RSC> refers to the Return Subcode. This field is filled in with the stack-depth for those codes that specify that. For all other codes, the Return Subcode MUST be set to zero. 

Value Meaning 

0 No return code 

1 Malformed echo request received 

2 One or more of the TLVs was not understood 

3 Replying router is an egress for the FEC at stack-depth <RSC> 

4 Replying router has no mapping for the FEC at stack-depth <RSC> 

Reference: https://www.ietf.org/rfc/rfc4379.txt 


Q273. Refer to the exhibit. 

Which three statements about the output are true? (Choose three.) 

A. An mrouter port can be learned by receiving a PIM hello packet from a multicast router. 

B. This switch is configured as a multicast router. 

C. Gi2/0/1 is a trunk link that connects to a multicast router. 

D. An mrouter port is learned when a multicast data stream is received on that port from a multicast router. 

E. This switch is not configured as a multicast router. It is configured only for IGMP snooping. 

F. IGMP reports are received only on Gi2/0/1 and are never transmitted out Gi2/0/1 for VLANs 10 and 20. 

Answer: A,B,C 

Explanation: 

In this example, the switch has been configured as a multicast router since IGMP snooping has been enabled. All mrouters can learn about other mrouters by receiving a PIM hello packet from another multicast router. Also, since two different VLANs are being used by the same port of gi 2/0/1, it must be a trunk link that connects to another multicast router. 


Q274. Refer to the exhibit. 

Which two actions can you take to enable CE-1 at site A to access the Internet? (Choose two.) 

A. Create a default route for site A on PE-1 with the next hop set to the PE-2 interface to the Internet. 

B. Originate a default route in site B with the next hop set to the PE-2 Internet interface, and import the default route into site A. 

C. Create a default route on CE-1 with the next hop set to the PE-1 upstream interface. 

D. Originate a default route in site A with the next hop set to the PE-2 interface to CE-1. 

E. Create a static default route on CE-1 with the next hop set to the PE-2 interface to the Internet. 

Answer: A,B 


Q275. What is a key advantage of Cisco GET VPN over DMVPN? 

A. Cisco GET VPN provides zero-touch deployment of IPSEC VPNs. 

B. Cisco GET VPN supports certificate authentication for tunnel establishment. 

C. Cisco GET VPN has a better anti-replay mechanism. 

D. Cisco GET VPN does not require a secondary overlay routing infrastructure. 

Answer:

Explanation: 

DMVPN requires overlaying a secondary routing infrastructure through the tunnels, which results in suboptimal routing while the dynamic tunnels are built. The overlay routing topology also reduces the inherent scalability of the underlying IP VPN network topology. Traditional point-to-point IPsec tunneling solutions suffer from multicast replication issues because multicast replication must be performed before tunnel encapsulation and encryption at the IPsec CE (customer edge) router closest to the multicast source. Multicast replication cannot be performed in the provider network because encapsulated multicasts appear to the core network as unicast data. Cisco’s Group Encrypted Transport VPN (GET VPN) introduces the concept of a trusted group to eliminate point-to-point tunnels and their associated overlay routing. All group members (GMs) share a common security association (SA), also known as a group SA. This enables GMs to decrypt traffic that was encrypted by any other GM. (Note that IPsec CE acts as a GM.) In GET VPN networks, there is no need to negotiate point-to- point IPsec tunnels between the members of a group, because GET VPN is “tunnel-less.” 

Reference: Group Encrypted Transport VPN (Get VPN) Design and Implementation Guide PDF 


Improved 400-101 rapidshare:

Q276. Which CoS value is mapped to DSCP 48 by default? 

A. 6 

B. 7 

C. AF21 

D. AF44 

E. AF41 

F. 46 

Answer:


Q277. Which two types of traffic are blocked when the storm control threshold for multicast traffic is reached on a port? (Choose two.) 

A. BPDU 

B. OSPF 

C. CDP 

D. IS-IS 

E. LLDP 

Answer: B,D 


Q278. Refer to the exhibit. 

Which two statements about the implementation are true? (Choose two.) 

A. The PPP multilink protocol header is omitted on delay-sensitive packets. 

B. The maximum number of fragments is 1. 

C. Small real-time packets are multilink-encapsulated. 

D. A transmit queue is provided for smaller packets. 

Answer: A,D 

Explanation: 

Previous implementations of Cisco IOS Multilink PPP (MLP) include support for Link Fragmentation Interleaving (LFI). This feature allows the delivery of delay-sensitive packets, such as the packets of a Voice call, to be expedited by omitting the PPP Multilink Protocol header and sending the packets as raw PPP packets in between the fragments of larger data packets. This feature works well on bundles consisting of a single link. However, when the bundle contains multiple links there is no way to keep the interleaved packets in sequence with respect to each other. The Multiclass Multilink PPP (MCMP) feature in Cisco IOS Release 12.2(13)T addresses the limitations of MLP LFI on bundles containing multiple links by introducing multiple data classes. With multiclass multilink PPP interleaving, large packets can be multilink-encapsulated and fragmented into smaller packets to satisfy the delay requirements of real-time voice traffic; small real-time packets, which are not multilink encapsulated, are transmitted between fragments of the large packets. The interleaving feature also provides a special transmit queue for the smaller, delay-sensitive packets, enabling them to be transmitted earlier than other flows. Interleaving provides the delay bounds for delay-sensitive voice packets on a slow link that is used for other best-effort traffic. 

References: http://www.cisco.com/c/en/us/td/docs/ios/dial/configuration/guide/12_4t/dia_12_4t_book/dia _multiclass_link_ppp.pdf http://www.cisco.com/c/en/us/td/docs/routers/access/500/520/software/configuration/guide/520_SCG_Book/520scg_concepts.html 


Q279. Refer to the exhibit. 

Which option explains why the forwarding address is set to 0.0.0.0 instead of 110.100.1.1? 

A. The interface Ethernet0/1 is in down state. 

B. The next-hop ip address 110.100.1.1 is not directly attached to the redistributing router. 

C. The next-hop interface (Ethernet0/1) is specified as part of the static route command; therefore, the forwarding address is always set to 0.0.0.0. 

D. OSPF is not enabled on the interface Ethernet0/1. 

Answer:

Explanation: 

From the output of the “show ip ospf database” command (although this command is not shown) we can conclude this is an ASBR (with Advertising Router is itself) and E0/1 is the ASBR’s next hop interface for other routers to reach network 192.168.10.0. 

The Forwarding Address is determined by these conditions: 

* The forwarding address is set to 0.0.0.0 if the ASBR redistributes routes and OSPF is not enabled on the next hop interface for those routes. 

* These conditions set the forwarding address field to a non-zero address: 

+ OSPF is enabled on the ASBR’s next hop interface AND 

+ ASBR’s next hop interface is non-passive under OSPF AND 

+ ASBR’s next hop interface is not point-to-point AND 

+ ASBR’s next hop interface is not point-to-multipoint AND 

+ ASBR’s next hop interface address falls under the network range specified in the router ospf command. 

* Any other conditions besides these set the forwarding address to 0.0.0.0. 

-> We can see E0/1 interface is not running OSPF because it does not belong to network 110.110.0.0 0.0.255.255 which is declared under OSPF process -> F.A address is set to 0.0.0.0. 

Reference: http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13682-10.html 


Q280. Which statement about OSPF loop prevention is true? 

A. The discard route is generated automatically on the ABR to prevent routing loops. 

B. The ASBR uses type 3 LSAs from non-backbone areas to prevent control-plane routing loops. 

C. The ABR can filter type 3 LSPs to prevent routing loops. 

D. The DN bit ignores LSA types 2, 3, and 5 to prevent routing loops. 

Answer: