It is impossible to pass Cisco 400-101 exam without any help in the short term. Come to Pass4sure soon and find the most advanced, correct and guaranteed Cisco 400-101 practice questions. You will get a surprising result by our Most up-to-date CCIE Routing and Switching (v5.0) practice guides.

2017 Apr 400-101 exam prep


Drag and drop the EIGRP term on the left to the corresponding definition on the right. 


Q422. In which 802.1D port state are the root bridge, the root port, and the designated port(s) elected? 

A. Listening 

B. learning 

C. forwarding 

D. blocking 

E. disabled 



STP switch port states: 

. Blocking – A port that would cause a switching loop if it were active. No user data is sent or received over a blocking port, but it may go into forwarding mode if the other links in use fail and the spanning tree algorithm determines the port may transition to the forwarding state. BPDU data is still received in blocking state. Prevents the use of looped paths. 

. Listening – The switch processes BPDUs and awaits possible new information that would cause it to return to the blocking state. It does not populate the MAC address table and it does not forward frames. In this state the root bridge, the root port, and the designated port(s) are elected. 

. Learning – While the port does not yet forward frames it does learn source addresses from frames received and adds them to the filtering database (switching database). It populates the MAC Address table, but does not forward frames. 

. Forwarding – A port receiving and sending data, normal operation. STP still monitors incoming BPDUs that would indicate it should return to the blocking state to prevent a loop. 

. Disabled – Not strictly part of STP, a network administrator can manually disable a port. 


Q423. Which technology is an application of MSDP, and provides load balancing and redundancy between the RPs? 

A. static RP 


C. auto RP 

D. anycast RP 



Using Anycast RP is an implementation strategy that provides load sharing and redundancy in Protocol Independent Multicast sparse mode (PIM-SM) networks. Anycast RP allows two or more rendezvous points (RPs) to share the load for source registration and the ability to act as hot backup routers for each other. Multicast Source Discovery Protocol (MSDP) is the key protocol that makes Anycast RP possible. 


Q424. Which command do you use to connect a dense-mode domain to a sparse-mode multicast domain? 

A. none, because there is no such command 

B. ip pim spt-threshold infinity 

C. ip pim register dense-mode 

D. ip pim dense-mode proxy-register 



For IP PIM multicast, Cisco recommends Sparse-Mode over Dense-Mode. In the midst of our network migration, we have a new network operating in Sparse-Mode with Anycast rendezvous point (RP) but our existing network is still operating in Dense-Mode. To bridge two different modes across both PIM domains, we should use the ip pim dense-mode proxy-register command on the interface leading toward the bordering dense mode region. This configuration will enable the border router to register traffic from the dense mode region (which has no concept of registration) with the RP in the sparse mode domain. 


Q425. Which three steps are necessary to enable SSH? (Choose three.) 

A. generating an RSA or DSA cryptographic key 

B. configuring the version of SSH 

C. configuring a domain name 

D. configuring VTY lines for use with SSH 

E. configuring the port for SSH to listen for connections 

F. generating an AES or SHA cryptographic key 

Answer: A,C,D 


Here are the steps: 

1. Configure a hostname for the router using these commands. 

yourname#configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

yourname (config)#hostname LabRouter 


2. Configure a domain name with the ip domain-name command followed by whatever you would like your domain name to be. I used 

LabRouter(config)#ip domain-name 

3. We generate a certificate that will be used to encrypt the SSH packets using the crypto key generate rsa command. 

Take note of the message that is displayed right after we enter this command. “The name for the keys will bE.” — it combines the hostname of the router along with the domain name we configured to get the name of the encryption key generated; this is why it was important for us to, first of all, configure a hostname then a domain name before we generated the keys. 

Notice also that it asks us to choose a size of modulus for the key we’re about to generate. 

The higher the modulus, the stronger the encryption of the key. For our example, we’ll use a modulus of 1024. 

Renovate 400-101 practice:

Q426. Refer to the exhibit. 

Which two statements about the output are true? (Choose two.) 

A. It indicates that prefix aggregation cache export is enabled on the device. 

B. It was obtained with the show ip cache flow command. 

C. It indicates that the device is using NetFlow version 5. 

D. It indicates that the flows are being sent to a destination using an RFC1918 address. 

Answer: C,D 


C. The fourth line shows that Version 5 is being used. 

D. The third line shows that the destination server is, which of course is a private, RFC 1918 address. 

Q427. Which two statements about OSPFv3 are true? (Choose two.) 

A. It supports unicast address families for IPv4 and IPv6. 

B. It supports unicast address families for IPv6 only. 

C. It supports only one address family per instance. 

D. It supports the use of a cluster ID for loop prevention. 

E. It supports multicast address families for IPv4 and IPv6. 

F. It supports multicast address families for IPv6 only. 

Answer: A,C 

Q428. Which statement about SSHv2 is true? 

A. Routers acting as SSH clients can operate without RSA keys. 

B. SSHv2 supports port forwarding and compression. 

C. The RSA key pair size must be at least 512. 

D. You must configure a default gateway before you enable SSHv2. 


Q429. Which standard feature can be exploited by an attacker to perform network reconnaissance? 

A. IP-directed broadcast 

B. maintenance operations protocol 

C. ICMP redirects 

D. source quench 


Q430. Which two statements about MPLS VPNs are true? (Choose two.) 

A. PE routers maintain customer routes in the VPN for that customer. 

B. They use the explicit-null label by default. 

C. P routers are used only for label transit. 

D. P routers maintain customer routes in the VPN for that customer. 

E. They support only one route target. 

F. Each interface on a PE router must have its own VRF. 

Answer: A,C