The actual 400-101 software program of Ucertify can check any testee whether to grasp the CCIE Routing and Switching (v5.0) understanding firmly and also genuine solutions. The actual Ucertify 400-101 items are consist of multiple choose. Prospect can select various package deal goods for the 400-101 pdf or perhaps 400-101 vce software program in accordance with their own grasp with the 400-101 situation.

2021 Jun 400-101 rapidshare

Q21. Now that we’ve generated the key, our next step would be to configure our vty lines for SSH access and specify which database we are going to use to provide authentication to the device. The local database on the router will do just fine for this example. 

LabRouter(config)#line vty 0 4 

LabRouter(config-line)#login local 

LabRouter(config-line)#transport input ssh 

5. You will need to create an account on the local router’s database to be used for authenticating to the device. This can be accomplished with these commands. LabRouter(config)#username XXXX privilege 15 secret XXXX 

Reference: http://blog.pluralsight.com/configure-secure-shell-ssh-on-cisco-router 


Q22. What is the function of an implicit-null label? 

A. It notifies the upstream LSR to remove the top label in the label stack and forward the packet. 

B. It notifies the upstream LSR to add a VPN label to the label stack. 

C. It is used to statically assign a label to an IGP route. 

D. It is used to identify the router ID. 

Answer: A 


Q23. Refer to the exhibit. 


Why is R2 unable to ping the loopback interface of R4? 

A. The local preference is too high. 

B. The weight is too low. 

C. The next hop is not reachable from R2. 

D. The route originated from within the same AS. 

Answer: C 

Explanation: 

Before a BGP speaker installs a route to a network in the main IP routing table, the router must know how to reach the next hop that is used to get to that network. Route reachability is verified by searching for a route to the next hop in the main IP routing table. Unlike IGP routing protocols, such as EIGRP and OSPF, which assume that a route is reachable if they learned it through a valid adjacency, BGP does not install routes that it cannot verify as reachable. If a route to the next hop for a BGP network is found in the main IP routing table, BGP assumes that the network is reachable, and that the particular BGP route might be stored in the main IP routing table. If the router receives a route to a network that is not reachable, that route continues to be stored in the incoming BGP table, adj-RIB-In, and might be seen using the show ip bgp command, but is not placed in the main IP routing table. 

Reference: https://www.informit.com/library/content.aspx?b=CCIE_Practical_Studies_II&seqNum=75 


Q24. Which technology can be affected when switches are used that do not support jumbo frames? 

A. 802.1x 

B. BFD 

C. OSPFv3 

D. 802.1q 

Answer: D 

Explanation: 

The 802.1Q tag is 4 bytes. Therefore, the resulting Ethernet frame can be as large as 1522 bytes. If jumbo frames are not supported, then typically the MTU on an Ethernet link needs to be lowered to 1496 to support this extra 802.1Q tag. 


Q25. Which two tunneling techniques determine the IPv4 destination address on a per-packet basis? (Choose two.) 

A. 6to4 tunneling 

B. ISATAP tunneling 

C. manual tunneling 

D. GRE tunneling 

Answer: A,B 

Explanation: Tunnel Configuration Parameters by Tunneling Type 

Tunneling Type 

Tunnel Configuration Parameter 

Tunnel Mode 

Tunnel Source 

Tunnel Destination 

Interface Prefix or Address 

Manual 

ipv6ip 

An IPv4 address, or a reference to an interface on which IPv4 is configured. 

An IPv4 address. 

An IPv6 address. 

GRE/IPv4 

gre ip 

An IPv4 address. 

An IPv6 address. 

IPv4-compatible 

ipv6ip auto-tunnel 

Not required. These are all point-to-multipoint tunneling types. The IPv4 destination address is calculated, on a per-packet basis, from the IPv6 destination. 

Not required. The interface address is generated as ::tunnel-source/96. 

6to4 

ipv6ip 6to4 

An IPv6 address. The prefix must embed the tunnel source IPv4 address 

ISATAP 

ipv6ip isatap 

An IPv6 prefix in modified eui-64 format. The IPv6 address is generated from the prefix and the tunnel source IPv4 address. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/ipv6/configuration/guide/12_4t/ipv6_12_4t_book/i p6-tunnel.html 


400-101  exam prep

Improved cisco ccie 400-101:

Q26. Refer to the exhibit. 


Which two options are effects of the given configuration? (Choose two.) 

A. It sets the data export destination to 209.165.200.227 on UDP port 49152. 

B. It enables Cisco Express Forwarding on interface FastEthernet0/0. 

C. It configures the export process to include the BGP peer AS of the router gathering the data. 

D. It enables NetFlow switching on interface FastEthernet0/0. 

E. It sets the data export destination to 209.165.200.227 on TCP port 49152. 

Answer: A,D 

Explanation: 

The “ip flow-export destination 209.165.200.227 49152” command specifies that the data export destination server is 209.165.200.227 using UDP port 49152. 

The “ip route-cache flow” command under the fastethernet 0/0 interface enable netflow switching on that interface. 


Q27. Which two statements about redistribution are true? (Choose two.) 

A. When BGP traffic is redistributed into OSPF, the metric is set to 1 unless the metric is defined. 

B. When EIGRP routes on a CE are redistributed through a PE into BGP, the Cost Community POI is set automatically. 

C. When OSPF traffic is redistributed into BGP, internal and external routes are redistributed. 

D. When BGP traffic is redistributed into OSPF, eBGP and iBGP routes are advertised. 

E. iBGP routes automatically redistribute into the IGP if the routes are in the routing table. 

F. When EIGRP traffic is redistributed into BGP, a default metric is required. 

Answer: A,B 


Q28. DRAG DROP 

Drag and drop the QoS requirement on the left to the correct QoS technology on the right. 


Answer: 



Q29. Refer to the exhibit. 


Which BGP feature allows R1 to send R2 a list of prefixes that R2 is prevented from advertising to R1? 

A. route refresh 

B. Prefix-Based Outbound Route Filtering 

C. distribute lists 

D. prefix lists 

Answer: B 


Q30. Refer to the exhibit. 


What is a possible reason for the IPSec tunnel not establishing? 

A. The peer is unreachable. 

B. The transform sets do not match. 

C. The proxy IDs are invalid. 

D. The access lists do not match. 

Answer: D 

Explanation: 

Proxy Identities Not Supported 

This message appears in debugs if the access list for IPsec traffic does not match. 

1d00h: IPSec(validate_transform_proposal): proxy identities not supported 

1d00h: ISAKMP: IPSec policy invalidated proposal 

1d00h: ISAKMP (0:2): SA not acceptable! 

The access lists on each peer needs to mirror each other (all entries need to be reversible). 

This example illustrates this point. 

Peer A 

access-list 150 permit ip 172.21.113.0 0.0.0.255 172.21.114.0 0.0.0.255 

access-list 150 permit ip host 15.15.15.1 host 172.21.114.123 

Peer B 

access-list 150 permit ip 172.21.114.0 0.0.0.255 172.21.113.0 0.0.0.255 

access-list 150 permit ip host 172.21.114.123 host 15.15.15.1 

Reference: 

http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html#proxy