It is impossible to pass Cisco 400 101 vce exam without any help in the short term. Come to Ucertify soon and find the most advanced, correct and guaranteed Cisco passleader 400 101 practice questions. You will get a surprising result by our Rebirth CCIE Routing and Switching (v5.0) practice guides.

Q351. Refer to the exhibit. 

Which two configuration changes enable you to log in to the router? (Choose two.) 

A. Configure a user name and password on the device. 

B. Modify the default login authentication group to use the terminal line password. 

C. Remove the terminal line password on the console line. 

D. Modify the terminal lines to include transport input none. 

E. Configure the terminal lines to use the local user database. 

Answer: A,B 

Q352. Which two mechanisms provide Cisco IOS XE Software with control plane and data plane separation? (Choose two.) 

A. Forwarding and Feature Manager 

B. Forwarding Engine Driver 

C. Forwarding Performance Management 

D. Forwarding Information Base 

Answer: A,B 


Control Plane and Data Plane Separation 

IOS XE introduces an opportunity to enable teams to now build drivers for new Data Plane ASICs outside the IOS instance and have them program to a set of standard APIs which in turn enforces Control Plane and Data Plane processing separation. IOS XE accomplishes Control Plane / Data Plane separation through the introduction of the Forwarding and Feature Manager (FFM) and its standard interface to the Forwarding Engine Driver (FED). FFM provides a set of APIs to Control Plane processes. In turn, the FFM programs the Data Plane via the FED and maintains forwarding state for the system. The FED is the instantiation of the hardware driver for the Data Plane and is provided by the platform. 


Q353. Which two statements about Layer 2 Frame Prioritization bits are true? (Choose two.) 

A. 802.1Q frame headers carry the CoS value in the three most-significant bits of the 2-byte Tag Control Information field. 

B. ISL frame headers carry an IEEE 802.1P CoS value in the three least-significant bits of the 2-byte User field. 

C. ISL frame headers carry an IEEE 802.1P CoS value in the three most-significant bits of the 1-byte User field. 

D. On 802.1Q trunks, traffic in the native VLAN is carried in 802.1Q frames. 

E. Only 802.1Q and ISL frame types can carry CoS information. 

F. On 802.1Q trunks, traffic in the native VLAN is carried in 802.1P frames. 

Answer: A,E 

Q354. What is a cause for unicast flooding? 

A. Unicast flooding occurs when multicast traffic arrives on a Layer 2 switch that has directly connected multicast receivers. 

B. When PIM snooping is not enabled, unicast flooding occurs on the switch that interconnects the PIM-enabled routers. 

C. A man-in-the-middle attack can cause the ARP cache of an end host to have the wrong MAC address. Instead of having the MAC address of the default gateway, it has a MAC address of the man-in-the-middle. This causes all traffic to be unicast flooded through the man-in-the-middle, which can then sniff all packets. 

D. Forwarding table overflow prevents new MAC addresses from being learned, and packets destined to those MAC addresses are flooded until space becomes available in the forwarding table. 



Causes of Flooding The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on). Below case studies display most common reasons for destination MAC address not being known to the switch. 

Cause 1: Asymmetric Routing 

Large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links 

Cause 2: Spanning-Tree Protocol Topology Changes 

Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur 

Cause 3: Forwarding Table Overflow 

Another possible cause of flooding can be overflow of the switch forwarding table. In this case, new addresses cannot be learned and packets destined to such addresses are flooded until some space becomes available in the forwarding table. New addresses will then be learned. This is possible but rare, since most modern switches have large enough forwarding tables to accommodate MAC addresses for most designs. 


Q355. Which two options are the two main phases of PPPoE? (Choose two.) 

A. Active Discovery Phase 

B. IKE Phase 

C. Main Mode Phase 

D. PPP Session Phase 

E. Aggressive Mode Phase 

F. Negotiation Phase 

Answer: A,D 


PPPoE is composed of two main phases: 

Active Discovery Phase — In this phase, the PPPoE client locates a PPPoE server, called an access concentrator. During this phase, a Session ID is assigned and the PPPoE layer is established. 

PPP Session Phase — In this phase, PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred over the PPP link within PPPoE headers. 


Q356. Refer to the exhibit. 

While reviewing a log file on a router with this NTP configuration, you note that the log entries of the router display a different time than the NTP time. 

Which action can you take to correct the problem? 

A. Add the localtime keyword to the service timestamps log datetime statement. 

B. Add the msec keyword to the service timestamps log datetime statement. 

C. Add the statement ntp broadcast to the NTP configuration of the neighboring router. 

D. Configure the router to be the NTP master. 

E. Remove the datetime keyword from the service timestamps log datetime statement. 


Q357. Refer to the exhibit. 

Which two configuration changes enable the user admin to log in to the device? (Choose two.) 

A. Configure the login authentication to be case-insensitive. 

B. Configure the user admin with a password and appropriate privileges. 

C. Configure the login authentication to be case-sensitive. 

D. Modify the configuration to use a named group. 

E. Configure additional login authentication under the terminal lines. 

Answer: A,B 


Usernames and passwords are case-sensitive. Users attempting to log in with an incorrectly cased username or password will be rejected. If users are unable to log into the router with their specific passwords, reconfigure the username and password on the router. 


Q358. Which three options must be configured when deploying OSPFv3 for authentication? (Choose three.) 

A. security parameter index 

B. crypto map 

C. authentication method 

D. IPsec peer 

E. encryption algorithm 

F. encryption key 

G. IPsec transform-set 

H. authentication key 

Answer: A,C,H 

Q359. Which three statements about the differences between Cisco IOS and IOS-XE functionality are true? (Choose three.) 

A. Only IOS-XE Software can host applications outside of the IOS context. 

B. Only the IOS-XE Services Plane has multiple cores. 

C. Only the IOS-XE Data Plane has multiple cores. 

D. Only the IOS-XE Control Plane has multiple cores. 

E. Only IOS-XE module management integrates with packet processing. 

F. Only IOS-XE configuration and control is integrated with the kernel. 

Answer: A,B,C 

Q360. Which two options are disadvantages of a commingled dual-tier WAN rate-based Ethernet circuit? (Choose two.) 

A. It requires the maintenance of separate chassis. 

B. It has limited scalability. 

C. It requires additional CPU resources at the subscriber end. 

D. It is more difficult to secure. 

E. It can increase the likelihood of packet drops. 

Answer: A,E