It is more faster and easier to pass the Cisco 300-101 exam by using Vivid Cisco Implementing Cisco IP Routing questuins and answers. Immediate access to the Replace 300-101 Exam and find the same core area 300-101 questions with professionally verified answers, then PASS your exam with a high score now.

2021 Mar 300-101 exam question

Q21. A user is having issues accessing file shares on a network. The network engineer advises the user to open a web browser, input a prescribed IP address, and follow the instructions. After doing this, the user is able to access company shares. Which type of remote access did the engineer enable? 

A. EZVPN 

B. IPsec VPN client access 

C. VPDN client access 

D. SSL VPN client access 

Answer:

Explanation: 

The Cisco AnyConnect VPN Client provides secure SSL connections to the security

appliance for remote users. Without a previously installed client, remote users enter the IP address in their

browser of an interface configured to accept SSL VPN connections. Unless the security appliance is

configured to redirect http:// requests to https://, users must enter the URL in the form https://<address>.

After entering the URL, the browser connects to that interface and displays the login screen. If the user

satisfies the login and authentication, and the security appliance identifies the user as requiring the client, it

downloads the client that matches the operating system of the remote computer. After downloading, the

client installs and configures itself, establishes a secure SSL connection and either remains or uninstalls

itself (depending on the security appliance configuration) when the connection terminates. Reference:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next- generation-firewalls/100936-

asa8x-split-tunnel-anyconnect-config.html


Q22. Which type of traffic does DHCP snooping drop? 

A. discover messages 

B. DHCP messages where the source MAC and client MAC do not match 

C. traffic from a trusted DHCP server to client 

D. DHCP messages where the destination MAC and client MAC do not match 

Answer:

Explanation: 

The switch validates DHCP packets received on the untrusted interfaces of VLANs with DHCP snooping

enabled. The switch forwards the DHCP packet unless any of the following conditions occur (in which case the packet is dropped):

The switch receives a packet (such as a DHCPOFFER, DHCPACK, DHCPNAK, or DHCPLEASEQUERY

packet) from a DHCP server outside the network or firewall.

The switch receives a packet on an untrusted interface, and the source MAC address and the DHCP client

hardware address do not match. This check is performed only if the DHCP snooping MAC address

verification option is turned on. · The switch receives a DHCPRELEASE or DHCPDECLINE message from an untrusted host with an entry in the DHCP snooping binding table, and the interface information in the binding table does not match the interface on which the message was received.

The switch receives a DHCP packet that includes a relay agent IP address that is not 0.0.0.0. To support

trusted edge switches that are connected to untrusted aggregation-switch ports, you can enable the DHCP

option-82 on untrusted port feature, which enables untrusted aggregation- switch ports to accept DHCP

packets that include option-82 information. Configure the port on the edge switch that connects to the

aggregation switch as a trusted port. Reference: http:// www.cisco.com/c/en/us/td/docs/switches/lan/

catalyst6500/ios/12- 2SX/configuration/guide/book/snoodhcp.html

Topic 7, Mix Questions 

83. Which two commands would be used to troubleshoot high memory usage for a process? (Choose two.) 

A. router#show memory allocating-process table 

B. router#show memory summary 

C. router#show memory dead 

D. router#show memory events 

E. router#show memory processor statistics 

Answer: A,B 

Explanation: 


Q23. Which PPP authentication method sends authentication information in clear text? 

A. MS CHAP 

B. CDPCP 

C. CHAP 

D. PAP 

Answer:

Explanation: 

PAP authentication involves a two-way handshake where the username and password are

sent across the link in clear text; hence, PAP authentication does not provide any protection against

playback and line sniffing. CHAP authentication, on the other hand, periodically verifies the identity of the

remote node using a three-way handshake. After the PPP link is established, the host sends a "challenge"

message to the remote node. The remote node responds with a value calculated using a one-way hash

function. The host checks the response against its own calculation of the expected hash value. If the

values match, the authentication is acknowledged; otherwise, the connection is terminated. Reference:

http://www.cisco.com/c/en/us/support/docs/wan/point-to-point-protocol-ppp/10241- ppp-callinhostname.

html


Q24. Refer to the exhibit. The command is executed while configuring a point-to-multipoint Frame Relay interface. Which type of IPv6 address is portrayed in the exhibit? 

A. link-local 

B. site-local 

C. global 

D. multicast 

Answer:

Explanation: 


Q25. Which common issue causes intermittent DMVPN tunnel flaps? 

A. a routing neighbor reachability issue 

B. a suboptimal routing table 

C. interface bandwidth congestion 

D. that the GRE tunnel to hub router is not encrypted 

Answer:

Explanation: 

DMVPN Tunnel Flaps Intermittently Problem DMVPN tunnel flaps intermittently. Solution

When DMVPN tunnels flap, check the neighborship between the routers as issues with neighborship

formation between routers may cause the DMVPN tunnel to flap. In order to resolve this problem, make

sure the neighborship between the routers is always up. Reference: http://www.cisco.com/c/en/us/support/

docs/security-vpn/ipsec-negotiation-ike- protocols/29240-dcmvpn.html#Prblm1


Avant-garde 300-101 test question:

Q26. Refer to the following configuration command. 

router (config-line)# ntp master 10 

Which statement about this command is true? 

A. The router acts as an authoritative NTP clock and allows only 10 NTP client connections. 

B. The router acts as an authoritative NTP clock at stratum 10. 

C. The router acts as an authoritative NTP clock with a priority number of 10. 

D. The router acts as an authoritative NTP clock for 10 minutes only. 

Answer:

Explanation: 


Q27. PPPoE is composed of which two phases? 

A. Active Authentication Phase and PPP Session Phase 

B. Passive Discovery Phase and PPP Session Phase 

C. Active Authorization Phase and PPP Session Phase 

D. Active Discovery Phase and PPP Session Phase 

Answer:

Explanation: 

PPPoE is composed of two main phases:

Active Discovery Phase--In this phase, the PPPoE client locates a PPPoE server, called an access

concentrator. During this phase, a Session ID is assigned and the PPPoE layer is established.

PPP Session Phase--In this phase, PPP options are negotiated and authentication is performed. Once the

link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to be transferred over the PPP link within PPPoE headers.

Reference: 

http://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/vpn/asa-vpn- cli/vpn-pppoe.html

Topic 3, Layer 3 Technologies 

20. Refer to the exhibit. 

Which one statement is true? 

A. Traffic from the 172.16.0.0/16 network will be blocked by the ACL. 

B. The 10.0.0.0/8 network will not be advertised by Router B because the network statement for the 10.0.0.0/8 network is missing from Router B. 

C. The 10.0.0.0/8 network will not be in the routing table on Router B. 

D. Users on the 10.0.0.0/8 network can successfully ping users on the 192.168.5.0/24 network, but users on the 192.168.5.0/24 cannot successfully ping users on the 10.0.0.0/8 network. 

E. Router B will not advertise the 10.0.0.0/8 network because it is blocked by the ACL. 

Answer:

Explanation: 

You can filter what individual routes are sent (out) or received (in) to any interface within your EIGRP

configuration.

One example is noted above. If you filter outbound, the next neighbor(s) will not know about anything

except the 172.16.0.0/16 route and therefore won't send it to anyone else downstream. If you filter inbound, YOU won't know about the route and therefore won't send it to anyone else downstream.


Q28. What is the purpose of the autonomous-system {autonomous-system-number} command? 

A. It sets the EIGRP autonomous system number in a VRF. 

B. It sets the BGP autonomous system number in a VRF. 

C. It sets the global EIGRP autonomous system number. 

D. It sets the global BGP autonomous system number. 

Answer:

Explanation: 

To configure the autonomous-system number for an Enhanced Interior Gateway Routing

Protocol (EIGRP) routing process to run within a VPN routing and forwarding (VRF) instance, use the

autonomous-system command in address-family configuration mode. To remove the autonomous-system

for an EIGRP routing process from within a VPN VRF instance, use the no form of this command.

autonomous-system autonomous-system-number no autonomous-system autonomous-system-number

Reference: http://www.cisco.com/c/en/us/td/docs/ios/iproute_eigrp/command/reference/ire_book/

ire_a1.htm l#wp1062796


Q29. A network engineer executes the “ipv6 flowset” command. What is the result? 

A. Flow-label marking in 1280-byte or larger packets is enabled. 

B. Flow-set marking in 1280-byte or larger packets is enabled. 

C. IPv6 PMTU is enabled on the router. 

D. IPv6 flow control is enabled on the router. 

Answer:

Explanation: 

Enabling Flow-Label Marking in Packets that Originate from the Device This feature allows the device to

track destinations to which the device has sent packets that

are 1280 bytes or larger.

SUMMARY STEPS

1.enable

2.configure terminal

3.ipv6 flowset

4.exit

5.clear ipv6 mtu

DETAILED STEPS

Command or Action Purpose

Step 1 enable Enables privileged EXEC mode.

Enter your password if prompted.

Example:

Device> enable

Step 2 configure terminal Enters global configuration mode.

Example:

Device# configure

terminal

Step 3 ipv6 flowset Configures flow-label marking in 1280-byte or larger packets sent by the device.

Example:

Device# configure

terminal

Step 3 ipv6 flowset Configures flow-label marking in 1280-byte or larger packets sent by the device.

Example:

Device(config)# ipv6

flowset

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6_basic/configuration/15- mt/ip6b-15-mtbook/ip6-mtu-path-disc.html


Q30. CORRECT TEXT 

You are a network engineer with ROUTE.com, a small IT company. They have recently merged two organizations and now need to merge their networks as shown in the topology exhibit. One network is using OSPF as its IGP and the other is using EIGRP as its IGP. R4 has been added to the existing OSPF network to provide the interconnect between the OSPF and EIGRP networks. Two links have been added that will provide redundancy. 

The network requirements state that you must be able to ping and telnet from loopback 101 on R1 to the OPSF domain test address of 172.16.1.100. All traffic must use the shortest path that provides the greatest bandwidth. The redundant paths from the OSPF network to the EIGRP network must be available in case of a link failure. No static or default routing is allowed in either network. 

A previous network engineer has started the merger implementation and has successfully assigned and verified all IP addressing and basic IGP routing. You have been tasked with completing the implementation and ensuring that the network requirements are met. You may not remove or change any of the configuration commands currently on any of the routers. You may add new commands or change default values. 

Answer: First we need to find out 5 parameters (Bandwidth, Delay, Reliability, Load, MTU) of the s0/0/0 interface (the interface of R2 connected to R4) for redistribution: 

R2#show interface s0/0/0 

Write down these 5 parameters, notice that we have to divide the Delay by 10 because the metric unit is in tens of microsecond. For example, we get Bandwidth=1544 Kbit, Delay=20000 us, Reliability=255, Load=1, MTU=1500 bytes then we would redistribute as follows: 

R2#config terminal 

R2(config)# router ospf 1 

R2(config-router)# redistribute eigrp 100 metric-type 1 subnets 

R2(config-router)#exit 

R2(config-router)#router eigrp 100 

R2(config-router)#redistribute ospf 1 metric 1544 2000 255 1 1500 

Note: In fact, these parameters are just used for reference and we can use other parameters with 

no problem. 

If the delay is 20000us then we need to divide it by 10, that is 20000 / 10 = 2000) 

For R3 we use the show interface fa0/0 to get 5 parameters too 

R3#show interface fa0/0 

For example we get Bandwidth=10000 Kbit, Delay=1000 us, Reliability=255, Load=1, MTU=1500 bytes 

R3#config terminal 

R3(config)#router ospf 1 

R3(config-router)#redistribute eigrp 100 metric-type 1 subnets 

R3(config)#exit 

R3(config-router)#router eigrp 100 

R3(config-router)#redistribute ospf 1 metric 10000 100 255 1 1500 

Finally you should try to “show ip route” to see the 172.16.100.1 network (the network behind R4) 

in the routing table of R1 and make a ping from R1 to this network. 

Note: If the link between R2 and R3 is FastEthernet link, we must put the command below under 

EIGRP process to make traffic from R1 to go through R3 (R1 -> R2 -> R3 -> R4), which is better 

than R1 -> R2 -> R4. 

R2(config-router)# distance eigrp 90 105 

This command sets the Administrative Distance of all EIGRP internal routes to 90 and all EIGRP external routes to 105, which is smaller than the Administrative Distance of OSPF (110) -> the link between R2 & R3 will be preferred to the serial link between R2 & R4. Note: The actual OPSF and EIGRP process numbers may change in the actual exam so be sure to use the actual correct values, but the overall solution is the same.