Exambible?¡¥s Cisco Cisco exam practice demos contain the essential words with the real analyze. Questions and answers are generally designed with the Cisco IT professionals around the earth. They have got rich expertise in the compiling the particular Cisco 400-101 exam practice materials. Weve full confidence that we promise a person 100% passing guarantee. Simply because our Cisco Cisco exam demos are generally comprised of the earlier and most recent necessary contents reflected from the real exam. Our experts are generally dedicated to be able to search one of the most technical and comprehensive supplies for the Cisco certification exam. The actual Cisco 400-101 prep package has attracted numerous people along with its higher standard of quality and accuracy.

2021 Aug 400-101 ccie written exam price:

Q1. Which three statements about DMVPN are true? (Choose three.) 

A. It facilitates zero-touch configuration for addition of new spokes. 

B. It supports dynamically addressed spokes using DHCP. 

C. It features automatic IPsec triggering for building an IPsec tunnel. 

D. It requires uses of IPsec to build the DMVPN cloud. 

E. Spokes can build tunnels to other spokes and exchange traffic directly. 

F. It supports server load balancing on the spokes. 

Answer: A,C,E 

Q2. Refer to the exhibit. 

Which two possible network conditions can you infer from this configuration? (Choose two.) 

A. The authentication parameters on R1 and R2 are mismatched. 

B. R1 is using the default NTP source configuration. 

C. R1 and R2 have established an NTP session. 

D. R2 is configured as the NTP master with a stratum of 7. 

Answer: A,B 


Answer A. The NTP associations are not synced, it is only listed as a candidate because it was configured. Routing is not the issue, so it must be mismatched authentication parameters. 

Answer B. NTP sets the source IP address for all NTP packets based on the address of the interface through which the NTP packets are sent. You can configure NTP to use a specific source IP address. 

Q3. What are the three modes of Unicast Reverse Path Forwarding? 

A. strict mode, loose mode, and VRF mode 

B. strict mode, loose mode, and broadcast mode 

C. strict mode, broadcast mode, and VRF mode 

D. broadcast mode, loose mode, and VRF mode 

Answer: A 

Q4. Which three statements about implementing an application layer gateway in a network are true? (Choose three.) 

A. It allows client applications to use dynamic ports to communicate with a server regardless of whether NAT is being used. 

B. It maintains granular security over application-specific data. 

C. It allows synchronization between multiple streams of data between two hosts. 

D. Application layer gateway is used only in VoIP/SIP deployments. 

E. Client applications require additional configuration to use an application layer gateway. 

F. An application layer gateway inspects only the first 64 bytes of a packet before forwarding it through the network. 

Answer: A,B,C 


An ALG may offer the following functions: 

. allowing client applications to use dynamic ephemeral TCP/ UDP ports to communicate with the known ports used by the server applications, even though a firewall configuration may allow only a limited number of known ports. In the absence of an ALG, either the ports would get blocked or the network administrator would need to explicitly open up a large number of ports in the firewall — rendering the network vulnerable to attacks on those ports. 

. converting the network layer address information found inside an application payload between the addresses acceptable by the hosts on either side of the firewall/NAT. This aspect introduces the term 'gateway' for an ALG. 

. recognizing application-specific commands and offering granular security controls over them 

. synchronizing between multiple streams/sessions of data between two hosts exchanging data. For example, an FTP application may use separate connections for passing control commands and for exchanging data between the client and a remote server. During large file transfers, the control connection may remain idle. An ALG can prevent the control connection getting timed out by network devices before the lengthy file transfer completes. 

Reference: http://en.wikipedia.org/wiki/Application-level_gateway 

Q5. Which switching technology can be used to solve reliability problems in a switched network? 

A. fragment-free mode 

B. cut-through mode 

C. check mode 

D. store-and-forward mode 

Answer: D 


Characteristics of Store-and-Forward Ethernet Switching 

This section provides an overview of the functions and features of store-and-forward Ethernet switches. 

Error Checking 

Figure 1 shows a store-and-forward switch receiving an Ethernet frame in its entirety. At the end of that frame, the switch will compare the last field of the datagram against its own frame-check-sequence (FCS) calculations, to help ensure that the packet is free of physical and data-link errors. The switch then performs the forwarding process. Whereas a store-and-forward switch solves reliability issues by dropping invalid packets, cut-through devices forward them because they do not get a chance to evaluate the FCS before transmitting the packet. 

Figure 1. Ethernet Frame Entering a Store-and-Forward Bridge or Switch (from Left to Right) 

Reference: http://www.cisco.com/c/en/us/products/collateral/switches/nexus-5020-switch/white_paper_c11-465436.html 


Down to date 400-101 ccie written exam number:

Q6. Refer to the exhibit. 

Which option is the result of this configuration? 

A. Devices in OSPF area 15 can reach the summary route and its more specific subnets. 

B. Devices in OSPF area 15 can reach only the more specific routes of 

C. Devices in OSPF area 0 can reach the summary route and its more specific subnets. 

D. Devices in OSPF area 0 can reach only the summary route of 

Answer: A 


. area range 

To consolidate and summarize routes at an area boundary, use the area range command in router configuration mode. To disable this function, use theno form of this command. Area area-id range ip-address mask [advertise | not-advertise] [cost cost] no area area-id range ip-address mask [advertise | not-advertise] [cost cost] 

. Syntax Description 


Identifier of the area about which routes are to be summarized. It can be specified as either a decimal value or as an IP address. 


IP address. 


IP address mask. 


(Optional) Sets the address range status to advertise and generates a Type 3 summary link-state advertisement (LSA). 


(Optional) Sets the address range status to DoNotAdvertise. The Type 3 summary LSA is suppressed, and the component networks remain hidden from other networks. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/iproute/command/reference/fiprrp_r/1rfospf. html 

Q7. Which statement about a P router in a Layer 3 MPLS VPN is true? 

A. It is unaware of VPN routes. 

B. It connects to customer edge routers. 

C. It participates in MPLS VPN routing. 

D. It uses the running IGP to share VPN routes. 

Answer: A 

Q8. In a network where a Layer 2 switch interconnects several routers, which feature restricts multicast packets for each IP multicast group to only those mulicast router ports that have downstream receivers joined to that group? 

A. PIM snooping 

B. IGMP snooping 

C. IGMP filter 

D. IGMP proxy 

Answer: A 


In networks where a Layer 2 switch interconnects several routers, such as an Internet exchange point (IXP), the switch floods IP multicast packets on all multicast router ports by default, even if there are no multicast receivers downstream. With PIM snooping enabled, the switch restricts multicast packets for each IP multicast group to only those multicast router ports that have downstream receivers joined to that group. When you enable PIM snooping, the switch learns which multicast router ports need to receive the multicast traffic within a specific VLAN by listening to the PIM hello messages, PIM join and prune messages, and bidirectional PIM designated forwarder-election messages. 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/snooppim.html 

Q9. Refer to the exhibit. The Main1 and Branch1 switches are connected directly over an MPLS pseudowire, and both run UDLD. After router B1 reloads because of a power failure, the pseudowire is restored. However, the Branch1 switch is unable to reach the Main1 switch. 

Which two actions can you take to restore connectivity and prevent the problem from recurring? (Choose two.) 

A. Configure a backup pseudowire between the Main1 and Branch1 switches. 

B. Enable UDLD recovery on both the Main1 and Branch1 switches. 

C. Configure a backup GRE tunnel between the Main1 and Branch1 switches. 

D. Enable errdisable recovery on both the Main1 and Branch1 switches. 

E. Issue the shutdown and no shutdown commands on both the Branch1 switch’s uplink to the B1 router and the Main1 switch’s uplink to the M1 router. 

F. Issue the shutdown and no shutdown commands on the Branch1 switch uplink to the B1 router only. 

Answer: D,F 

Q10. Which statement describes the BGP add-path feature? 

A. It allows for installing multiple IBGP and EBGP routes in the routing table. 

B. It allows a network engineer to override the selected BGP path with an additional path created in the config. 

C. It allows BGP to provide backup paths to the routing table for quicker convergence. 

D. It allows multiple paths for the same prefix to be advertised. 

Answer: D 


BGP routers and route reflectors (RRs) propagate only their best path over their sessions. The advertisement of a prefix replaces the previous announcement of that prefix (this behavior is known as an implicit withdraw). The implicit withdraw can achieve better scaling, but at the cost of path diversity. Path hiding can prevent efficient use of BGP multipath, prevent hitless planned maintenance, and can lead to MED oscillations and suboptimal hot-potato routing. Upon nexthop failures, path hiding also inhibits fast and local recovery because the network has to wait for BGP control plane convergence to restore traffic. The BGP Additional Paths feature provides a generic way of offering path diversity; the Best External or Best Internal features offer path diversity only in limited scenarios. The BGP Additional Paths feature provides a way for multiple paths for the same prefix to be advertised without the new paths implicitly replacing the previous paths. Thus, path diversity is achieved instead of path hiding. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_bgp/configuration/xe-3s/irg-xe-3s-book/irg-additional-paths.html