Exam Code: 400-101 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: CCIE Routing and Switching (v5.0)
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 400-101 Exam.

2021 Jun 400-101 Study Guide Questions:

Q341. Which three conditions can cause excessive unicast flooding? (Choose three.) 

A. Asymmetric routing 

B. Repeated TCNs 

C. The use of HSRP 

D. Frames sent to FFFF.FFFF.FFFF 

E. MAC forwarding table overflow 

F. The use of Unicast Reverse Path Forwarding 

Answer: A,B,E 

Explanation: 

Causes of Flooding 

The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on). Below case studies display most 

common reasons for destination MAC address not being known to the switch. 

Cause 1: Asymmetric Routing 

Large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links. 

Cause 2: Spanning-Tree Protocol Topology Changes 

Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur. TCNs are triggered by a port that is transitioning to or from the forwarding state. After the TCN, even if the particular destination MAC address has aged out, flooding should not happen for long in most cases since the address will be relearned. The issue might arise when TCNs are occurring repeatedly with short intervals. The switches will constantly be fast-aging their forwarding tables so flooding will be nearly constant. Normally, a TCN is rare in a well-configured network. When the port on a switch goes up or down, there is eventually a TCN once the STP state of the port is changing to or from forwarding. When the port is flapping, repetitive TCNs and flooding occurs. 

Cause 3: Forwarding Table Overflow 

Another possible cause of flooding can be overflow of the switch forwarding table. In this case, new addresses cannot be learned and packets destined to such addresses are flooded until some space becomes available in the forwarding table. New addresses will then be learned. This is possible but rare, since most modern switches have large enough forwarding tables to accommodate MAC addresses for most designs. Forwarding table exhaustion can also be caused by an attack on the network where one host starts generating frames each sourced with different MAC address. This will tie up all the forwarding table resources. Once the forwarding tables become saturated, other traffic will be flooded because new learning cannot occur. This kind of attack can be detected by examining the switch forwarding table. Most of the MAC addresses will point to the same port or group of ports. Such attacks can be prevented by limiting the number of MAC addresses learned on untrusted ports by using the port security feature. 

Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/23563-143.html#causes 


Q342. Refer to the exhibit. 


Which configuration reduces CPU utilization on R2 while still advertising the connected routes of R2 to R1? 

A. Configure eigrp stub connected on R2. 

B. Configure eigrp stub receive-only on R1. 

C. Configure eigrp stub static on R2. 

D. Configure eigrp stub summary on R1. 

Answer: A 


Q343. Which two statements about TCP are true? (Choose two.) 

A. TCP option must be divisible by 32. 

B. It has a 16-bit window size. 

C. Its maximum data offset is fifteen 32-bit words. 

D. It has a 32-bit window size. 

E. Its maximum data offset is ten 32-bit words. 

F. It has a 32-bit checksum field. 

Answer: B,C 


2passeasy.com

Improved examcollection 400-101:

Q344. Which two statements about MAC Authentication Bypass are true? (Choose two.) 

A. Traffic from an endpoint is authorized to pass after MAB authenticates the MAC address of the endpoint. 

B. During the learning stage, the switch examines multiple packets from the endpoint to determine the MAC address of the endpoint. 

C. After the switch learns the MAC address of the endpoint, it uses TACACS+ to authenticate it. 

D. After learning a source MAC address, it sends the host a RADIUS Account-Request message to validate the address. 

E. The MAC address of a device serves as its user name and password to authenticate with a RADIUS server. 

Answer: A,E 


Q345. Refer to the exhibit. 


While troubleshooting high CPU utilization of a Cisco Catalyst 4500 Series Switch, you notice the error message that is shown in the exhibit in the log file. 

What can be the cause of this issue, and how can it be prevented? 

A. The hardware routing table is full. Redistribute from BGP into IGP. 

B. The software routing table is full. Redistribute from BGP into IGP. 

C. The hardware routing table is full. Reduce the number of routes in the routing table. 

D. The software routing table is full. Reduce the number of routes in the routing table. 

Answer: C 

Explanation: 

L3HWFORWADING-2 

Error MessageC4K_L3HWFORWARDING-2-FWDCAMFULL:L3 routing table is full. 

Switching to software forwarding. 

The hardware routing table is full; forwarding takes place in the software instead. The switch performance might be degraded. 

Recommended Action: Reduce the size of the routing table. Enter the ip cef command to return to hardware forwarding. 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/31sg/system/message/message/emsg.html 


Q346. An NSSA area has two ABRs connected to Area 0. Which statement is true? 

A. Both ABRs translate Type-7 LSAs to Type-5 LSAs. 

B. The ABR with the highest router ID translates Type-7 LSAs to Type-5 LSAs. 

C. Both ABRs forward Type-5 LSAs from the NSSA area to backbone area. 

D. No LSA translation is needed. 

Answer: B 


2passeasy.com

Simulation ccie 400-101:

Q347. In the DiffServ model, which class represents the lowest priority with the lowest drop probability? 

A. AF11 

B. AF13 

C. AF41 

D. AF43 

Answer: A 

Explanation: 

Assured Forwarding (AF) Behavior Group 

Class 1 

Class 2 

Class 3 

Class 4 

Low Drop 

AF11 (DSCP 10) 

AF21 (DSCP 18) 

AF31 (DSCP 26) 

AF41 (DSCP 34) 

Med Drop 

AF12 (DSCP 12) 

AF22 (DSCP 20) 

AF32 (DSCP 28) 

AF42 (DSCP 36) 

High Drop 

AF13 (DSCP 14) 

AF23 (DSCP 22) 

AF33 (DSCP 30) 

AF43 (DSCP 38) 

Reference: http://en.wikipedia.org/wiki/Differentiated_services 


Q348. Which three statements are true about an EtherChannel? (Choose three.) 

A. PAGP and LACP can be configured on the same switch if the switch is not in the same EtherChannel. 

B. EtherChannel ports in suspended state can receive BPDUs but cannot send them. 

C. An EtherChannel forms between trunks that are using different native VLANs. 

D. LACP can operate in both half duplex and full duplex, if the duplex setting is the same on both ends. 

E. Ports with different spanning-tree path costs can form an EtherChannel. 

Answer: A,B,E 

Explanation: 

Answer A. EtherChannel groups running PAgP and LACP can coexist on the same switch or on different switches in the stack. Individual EtherChannel groups can run either PAgP or LACP, but they cannot interoperate. 

Answer B: 

EtherChannel Member Port States 

Port States 

Description 

bundled 

The port is part of an EtherChannel and can send and receive BPDUs and data traffic. 

suspended 

The port is not part of an EtherChannel. The port can receive BPDUs but cannot send them. Data traffic is blocked. 

standalone 

The port is not bundled in an EtherChannel. The port functions as a standalone data port. The port can send and receive BPDUs and data traffic. 

Answer E. Ports with different spanning-tree path costs can form an EtherChannel if they are otherwise compatibly configured. Setting different spanning-tree path costs does not, by itself, make ports incompatible for the formation of an EtherChannel. 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/layer2/configuration_guide/b_lay2_152ex_2960-x_cg/b_lay2_152ex_2960-x_cg_chapter_010.html 


Q349. Which three characteristics are shared by subinterfaces and associated EVNs? (Choose three.) 

A. IP address 

B. routing table 

C. forwarding table 

D. access control lists 

E. NetFlow configuration 

Answer: A,B,C 


Q350. Which mechanism does Cisco recommend for CE router interfaces that face the service provider for an EVPL circuit with multiple EVCs and multiple traffic classes? 

A. HCBWFQ 

B. LLQ 

C. tail drop 

D. WRED 

Answer: A 

Explanation: 

In a simple handoff, packets may be discarded in the service provider network, either because of congestion on a link without an appropriate QoS policy or because of a policer QoS configuration on the service provider network that serves to rate limit traffic accessing the WAN core. To address these issues, QoS on the CE device is applied at a per-port level. A QoS service policy is configured on the outside Ethernet interface, and this parent policy includes a shaper that then references a second or subordinate (child) policy that enables queueing within the shaped rate. This is called a hierarchical CBWFQ (HCBWFQ) configuration. 

Reference: http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/WAN_and_MAN/Ethernet_Acces s_for_NG_MAN_WAN_V3-1_external.html