Proper study guides for Renewal Cisco Implementing Cisco IP Routing certified begins with Cisco 300-101 preparation products which designed to deliver the Vivid 300-101 questions by making you pass the 300-101 test at your first time. Try the free 300-101 demo right now.

2021 Nov route exam 300-101:

Q31. Scenario: 

You have been asked to evaluate an OSPF network setup in a test lab and to answer questions a customer has about its operation. The customer has disabled your access to the show running-config command. 

Areas of Router 5 and 6 are not normal areas, inspect their routing tables and determine which statement is true? 

A. R5's Loopback and R6's Loopback are both present in R5's Routing table 

B. R5's Loopback and R6's Loopback are both present in R6's Routing table 

C. Only R5's loopback is present in R5's Routing table 

D. Only R6's loopback is present in R5's Routing table 

E. Only R5's loopback is present in R6's Routing table 

Answer:

Explanation: 

Topic 4, VPN Technologies 

45. A company has just opened two remote branch offices that need to be connected to the corporate network. Which interface configuration output can be applied to the corporate router to allow communication to the remote sites? 

A. interface Tunnel0 

bandwidth 1536 

ip address 209.165.200.230 255.255.255.224 

tunnel source Serial0/0 

tunnel mode gre multipoint 

B. interface fa0/0 

bandwidth 1536 

ip address 209.165.200.230 255.255.255.224 

tunnel mode gre multipoint 

C. interface Tunnel0 

bandwidth 1536 

ip address 209.165.200.231 255.255.255.224 

tunnel source 209.165.201.1 

tunnel-mode dynamic 

D. interface fa 0/0 

bandwidth 1536 

ip address 209.165.200.231 255.255.255.224 

tunnel source 192.168.161.2 

tunnel destination 209.165.201.1 

tunnel-mode dynamic 

Answer:

Explanation: 

The configuration of mGRE allows a tunnel to have multiple destinations. The configuration of

mGRE on one side of a tunnel does not have any relation to the tunnel properties that might exist tunnel

source Serial0/0 tunnel mode gre multipoint

B. interface fa0/0 bandwidth 1536 ip address 209.165.200.230 255.255.255.224 tunnel mode gre

multipoint

C. interface Tunnel0 bandwidth 1536 ip address 209.165.200.231 255.255.255.224 tunnel source

209.165.201.1 tunnel-mode dynamic

D. interface fa 0/0 bandwidth 1536 ip address 209.165.200.231 255.255.255.224 tunnel source

192.168.161.2 tunnel destination 209.165.201.1 tunnel-mode dynamic

Answer: A Explanation: The configuration of mGRE allows a tunnel to have multiple destinations. The

configuration of mGRE on one side of a tunnel does not have any relation to the tunnel properties that

might exist at the exit points. This means that an mGRE tunnel on the hub may connect to a p2p tunnel on

the branch. Conversely, a p2p GRE tunnel may connect to an mGRE tunnel. The distinguishing feature

between an mGRE interface and a p2p GRE interface is the tunnel destination. An mGRE interface does

not have a configured destination. Instead the GRE tunnel is configured with the command tunnel mode

gre multipoint. This command is used instead of the tunnel destination x.x.x.x found with p2p GRE tunnels.

Besides allowing for multiple destinations, an mGRE tunnel requires NHRP to resolve the tunnel

endpoints. Note, tunnel interfaces by default are point-to-point (p-p) using GRE encapsulation, effectively they have the tunnel mode gre command, which is not seen in the configuration because it is the default.

The mGRE configuration is as follows: ! interface Tunnel0 bandwidth 1536 ip address 10.62.1.10

255.255.255.0 tunnel source Serial0/0 tunnel mode gre multipoint Reference: http://www.cisco.com/c/en/

us/td/docs/solutions/Enterprise/WAN_and_MAN/DMVPDG/DMVP N_2_Phase2.html


Q32. Which address is used by the Unicast Reverse Path Forwarding protocol to validate a packet against the routing table? 

A. source address 

B. destination address 

C. router interface 

D. default gateway 

Answer:

Explanation: 

The Unicast RPF feature helps to mitigate problems that are caused by the introduction of

malformed or forged (spoofed) IP source addresses into a network by discarding IP packets that lack a

verifiable IP source address. For example, a number of common types of denial-of-service (DoS) attacks,

including Smurf and Tribal Flood Network (TFN), can take advantage of forged or rapidly changing source

IP addresses to allow attackers to thwart efforts to locate or filter the attacks. For Internet service providers

(ISPs) that provide public access, Unicast RPF deflects such attacks by forwarding only packets that have

source addresses that are valid and consistent with the IP routing table. This action protects the network of

the ISP, its customer, and the rest of the Internet. Reference: http://www.cisco.com/en/US/docs/ios/12_2/

security/configuration/guide/scfrpf.html


Q33. A network engineer notices that transmission rates of senders of TCP traffic sharply increase and decrease simultaneously during periods of congestion. Which condition causes this? 

A. global synchronization 

B. tail drop 

C. random early detection 

D. queue management algorithm 

Answer:

Explanation: 

TCP global synchronization in computer networks can happen to TCP/IP flows during periods of

congestion because each sender will reduce their transmission rate at the same time when packet loss

occurs. Routers on the Internet normally have packet queues, to allow them to hold packets when the

network is busy, rather than discarding them. Because routers have limited resources, the size of these

queues is also limited. The simplest technique to limit queue size is known as tail drop. The queue is

allowed to fill to its maximum size, and then any new packets are simply discarded, until there is space in

the queue again. This causes problems when used on TCP/IP routers handling multiple TCP streams,

especially when bursty traffic is present. While the network is stable, the queue is constantly full, and there

are no problems except that the full queue results in high latency. However, the introduction of a sudden

burst of traffic may cause large numbers of established, steady streams to lose packets simultaneously.

Reference: http://en.wikipedia.org/wiki/TCP_global_synchronization


Q34. A network engineer is configuring a routed interface to forward broadcasts of UDP 69, 53, and 49 to 172.20.14.225. Which command should be applied to the configuration to allow this? 

A. router(config-if)#ip helper-address 172.20.14.225 

B. router(config-if)#udp helper-address 172.20.14.225 

C. router(config-if)#ip udp helper-address 172.20.14.225 

D. router(config-if)#ip helper-address 172.20.14.225 69 53 49 

Answer:

Explanation: 

To let a router forward broadcast packet the command ip helper-address can be used. The broadcasts will

be forwarded to the unicast address which is specified with the ip helper command.

ip helper-address {ip address}

When configuring the ip helper-address command, the following broadcast packets will be forwarded by

the router by default:

TFTP - UDP port 69

Domain Name System (DNS) UDP port 53

Time service - port 37

NetBIOS Name Server - port 137

NetBIOS Datagram Server - port 138

Bootstrap Protocol (BOOTP) - port 67

TACACS UDP port 49 Reference: http://www.cisco-faq.com/163/forward_udp_broadcas.html

Topic 6, Infrastructure Services 

61. A network engineer is configuring SNMP on network devices to utilize one-way SNMP notifications. However, the engineer is not concerned with authentication or encryption. Which command satisfies the requirements of this scenario? 

A. router(config)#snmp-server host 172.16.201.28 traps version 2c CISCORO 

B. router(config)#snmp-server host 172.16.201.28 informs version 2c CISCORO 

C. router(config)#snmp-server host 172.16.201.28 traps version 3 auth CISCORO 

D. router(config)#snmp-server host 172.16.201.28 informs version 3 auth CISCORO 

Answer:

Explanation: 

Most network admins and engineers are familiar with SNMPv2c which has become the

dominant SNMP version of the past decade. It's simple to configure on both the router/switch-side and just

as easy on the network monitoring server. The problem of course is that the SNMP statistical payload is

not encrypted and authentication is passed in cleartext. Most companies have decided that the information

being transmitted isn't valuable enough to be worth the extra effort in upgrading to SNMPv3, but I would

suggest otherwise. Like IPv4 to IPv6, there are some major changes under the hood. SNMP version 2

uses community strings (think cleartext passwords, no encryption) to authenticate polling and trap delivery.

SNMP version 3 moves away from the community string approach in favor of user- based authentication

and view-based access control. The users are not actual local user accounts, rather they are simply a

means to determine who can authenticate to the device. The view is used to define what the user account

may access on the IOS device. Finally, each user is added to a group, which determines the access policy

for its users. Users, groups, views. Reference: http://www.ccnpguide.com/snmp-version-3/


Q35. Refer to the following output: 

Router#show ip nhrp detail 

10.1.1.2/8 via 10.2.1.2, Tunnel1 created 00:00:12, expire 01:59:47 

TypE. dynamic, Flags: authoritative unique nat registered used 

NBMA address: 10.12.1.2 

What does the authoritative flag mean in regards to the NHRP information? 

A. It was obtained directly from the next-hop server. 

B. Data packets are process switches for this mapping entry. 

C. NHRP mapping is for networks that are local to this router. 

D. The mapping entry was created in response to an NHRP registration request. 

E. The NHRP mapping entry cannot be overwritten. 

Answer:

Explanation: 

Show NHRP: Examples

The following is sample output from the show ip nhrp command:

Router# show ip nhrp

10.0.0.2 255.255.255.255, tunnel 100 created 0:00:43 expire 1:59:16 Type: dynamic Flags: authoritative

NBMA address: 10.1111.1111.1111.1111.1111.1111.1111.1111.1111.11 10.0.0.1 255.255.255.255,

Tunnel0 created 0:10:03 expire 1:49:56 Type: static Flags: authoritative NBMA address: 10.1.1.2 The

fields in the sample display are as follows:

The IP address and its network mask in the IP-to-NBMA address cache. The mask is always

255.255.255.255 because Cisco does not support aggregation of NBMA information through NHRP.

The interface type and number and how long ago it was created (hours:minutes:seconds).

The time in which the positive and negative authoritative NBMA address will expire

(hours:minutes:seconds). This value is based on the ip nhrp holdtime

command.

Type of interface:

dynamic--NBMA address was obtained from the NHRP Request packet.

static--NBMA address was statically configured.

Flags:

authoritative--Indicates that the NHRP information was obtained from the Next Hop Server or router that

maintains the NBMA-to-IP address mapping for a particular destination. Reference: http://www.cisco.com/

c/en/us/td/docs/ios/12_4/ip_addr/configuration/guide/hadnhrp.html


Updated hpc-300-101:

Q36. What is the result of the command ip flow-export destination 10.10.10.1 5858? 

A. It configures the router to export cache flow information to IP 10.10.10.1 on port UDP/5858. 

B. It configures the router to export cache flow information about flows with destination IP 10.10.10.1 and port UDP/5858. 

C. It configures the router to receive cache flow information from IP 10.10.10.1 on port UDP/5858. 

D. It configures the router to receive cache flow information about flows with destination IP 10.10.10.1 and port UDP/5858. 

Answer:

Explanation: 

To enable the exporting of information in NetFlow cache entries, use the ip flow-export destination

command in global configuration mode.

Syntax Description

ip- IP address of the workstation to which you want to send the address NetFlow information.

udp-port UDP protocol-specific port number.

Reference:

http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/12s_mdnf.html#wp1023091


Q37. You have been asked to evaluate how EIGRP is functioning in a customer network. 

What percent of R1’s interfaces bandwidth is EIGRP allowed to use? 

A. 10 

B. 20 

C. 30 

D. 40 

Answer:

Explanation: 


Q38. A network engineer executes the show crypto ipsec sa command. Which three pieces of information are displayed in the output? (Choose three.) 

A. inbound crypto map 

B. remaining key lifetime 

C. path MTU 

D. tagged packets 

E. untagged packets 

F. invalid identity packets 

Answer: A,B,C 

Explanation: 

show crypto ipsec sa This command shows IPsec SAs built between peers. The encrypted

tunnel is built between 12.1.1.1 and 12.1.1.2 for traffic that goes between networks 20.1.1.0 and 10.1.1.0.

You can see the two Encapsulating Security Payload (ESP) SAs built inbound and outbound.

Authentication Header (AH) is not used since there are

no AH SAs.

This output shows an example of the show crypto ipsec sa command (bolded ones found in answers for

this question).

interface: FastEthernet0

Crypto map tag: test, local addr. 12.1.1.1

local ident (addr/mask/prot/port): (20.1.1.0/255.255.255.0/0/0) remote ident (addr/mask/prot/port):

(10.1.1.0/255.255.255.0/0/0) current_peer: 12.1.1.2

PERMIT, flags={origin_is_acl,}

#pkts encaps: 7767918, #pkts encrypt: 7767918, #pkts digest 7767918 #pkts decaps: 7760382, #pkts

decrypt: 7760382, #pkts verify 7760382 #pkts compressed:

0, #pkts decompressed: 0

#pkts not compressed: 0, #pkts compr. failed: 0,

#pkts decompress failed: 0, #send errors 1, #recv errors 0 local crypto endpt.: 12.1.1.1, remote crypto

endpt.: 12.1.1.2 path mtu 1500, media mtu 1500

current outbound spi: 3D3

inbound esp sas:

spi: 0x136A010F(325714191)

transform: esp-3des esp-md5-hmac ,

in use settings ={Tunnel, }

slot: 0, conn id: 3442, flow_id: 1443, crypto map: test sa timing: remaining key lifetime (k/sec):

(4608000/52) IV size: 8 bytes

replay detection support: Y

inbound ah sas:

inbound pcp sas:

inbound pcp sas:

outbound esp sas:

spi: 0x3D3(979)

transform: esp-3des esp-md5-hmac ,

in use settings ={Tunnel, }

slot: 0, conn id: 3443, flow_id: 1444, crypto map: test sa timing: remaining key lifetime (k/sec):

(4608000/52) IV size: 8 bytes

replay detection support: Y

outbound ah sas:

outbound pcp sas:

Reference: http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike- protocols/5409-

ipsec-debug-00.html


Q39. CORRECT TEXT 

You are a network engineer with ROUTE.com, a small IT company. They have recently merged two organizations and now need to merge their networks as shown in the topology exhibit. One network is using OSPF as its IGP and the other is using EIGRP as its IGP. R4 has been added to the existing OSPF network to provide the interconnect between the OSPF and EIGRP networks. Two links have been added that will provide redundancy. 

The network requirements state that you must be able to ping and telnet from loopback 101 on R1 to the OPSF domain test address of 172.16.1.100. All traffic must use the shortest path that provides the greatest bandwidth. The redundant paths from the OSPF network to the EIGRP network must be available in case of a link failure. No static or default routing is allowed in either network. 

A previous network engineer has started the merger implementation and has successfully assigned and verified all IP addressing and basic IGP routing. You have been tasked with completing the implementation and ensuring that the network requirements are met. You may not remove or change any of the configuration commands currently on any of the routers. You may add new commands or change default values. 

Answer: First we need to find out 5 parameters (Bandwidth, Delay, Reliability, Load, MTU) of the s0/0/0 interface (the interface of R2 connected to R4) for redistribution: 

R2#show interface s0/0/0 

Write down these 5 parameters, notice that we have to divide the Delay by 10 because the metric unit is in tens of microsecond. For example, we get Bandwidth=1544 Kbit, Delay=20000 us, Reliability=255, Load=1, MTU=1500 bytes then we would redistribute as follows: 

R2#config terminal 

R2(config)# router ospf 1 

R2(config-router)# redistribute eigrp 100 metric-type 1 subnets 

R2(config-router)#exit 

R2(config-router)#router eigrp 100 

R2(config-router)#redistribute ospf 1 metric 1544 2000 255 1 1500 

Note: In fact, these parameters are just used for reference and we can use other parameters with 

no problem. 

If the delay is 20000us then we need to divide it by 10, that is 20000 / 10 = 2000) 

For R3 we use the show interface fa0/0 to get 5 parameters too 

R3#show interface fa0/0 

For example we get Bandwidth=10000 Kbit, Delay=1000 us, Reliability=255, Load=1, MTU=1500 bytes 

R3#config terminal 

R3(config)#router ospf 1 

R3(config-router)#redistribute eigrp 100 metric-type 1 subnets 

R3(config)#exit 

R3(config-router)#router eigrp 100 

R3(config-router)#redistribute ospf 1 metric 10000 100 255 1 1500 

Finally you should try to “show ip route” to see the 172.16.100.1 network (the network behind R4) 

in the routing table of R1 and make a ping from R1 to this network. 

Note: If the link between R2 and R3 is FastEthernet link, we must put the command below under 

EIGRP process to make traffic from R1 to go through R3 (R1 -> R2 -> R3 -> R4), which is better 

than R1 -> R2 -> R4. 

R2(config-router)# distance eigrp 90 105 

This command sets the Administrative Distance of all EIGRP internal routes to 90 and all EIGRP external routes to 105, which is smaller than the Administrative Distance of OSPF (110) -> the link between R2 & R3 will be preferred to the serial link between R2 & R4. Note: The actual OPSF and EIGRP process numbers may change in the actual exam so be sure to use the actual correct values, but the overall solution is the same. 


Q40. Scenario: 

You have been asked to evaluate an OSPF network setup in a test lab and to answer questions a customer has about its operation. The customer has disabled your access to the show running-config command. 

How many times was SPF algorithm executed on R4 for Area 1? 

A. 1 

B. 5 

C. 9 

D. 20 

E. 54 

F. 224 

Answer:

Explanation: