The Cisco 400-101 review guide at Ucertify are introduced in 2 formats---PDF and Check ENGINE. The Pdf files can be printed so that you could preview your Cisco Cisco simulated materials everywhere if you carry them with you. The examination engine can be downloaded for free when you obtain our Cisco exam dumps. Ucertify provides you with the most current, reputable and genuine Cisco 400-101 practice questions which along with precise and rectified answers.
2021 Aug ccie 400 101:
Q551. Which two statements are true about IS-IS? (Choose two.)
A. IS-IS DIS election is nondeterministic.
B. IS-IS SPF calculation is performed in three phases.
C. IS-IS works over the data link layer, which does not provide for fragmentation and reassembly.
D. IS-IS can never be routed beyond the immediate next hop.
IS-IS runs directly over the data link alongside IP. On Ethernet, IS-IS packets are always 802.3 frames, with LSAPs 0xFEFE while IP packets are either Ethernet II frames or SNAP frames identified with the protocol number 0x800. OSPF runs over IP as protocol number 89.
IS-IS runs directly over layer 2 and hence:
-cannot support virtual links unless some explicit tunneling is implemented
-packets are kept small so that they don't require hop-by-hop fragmentation
-uses ATM/SNAP encapsulation on ATM but there are hacks to make it use VcMux encapsulation
-some operating systems that support IP networking have been implemented to differentiate Layer 3 packets in kernel. Such Oss require a lot of kernel modifications to support IS-IS for IP routing.
-can never be routed beyond the immediate next hop and hence shielded from IP spoofing and similar Denial of Service attacks.
Q552. Which two statements about VRRP are true? (Choose two.)
A. It is assigned multicast address 220.127.116.11.
B. The TTL for VRRP packets must be 255.
C. It is assigned multicast address 18.104.22.168.
D. Its IP protocol number is 115.
E. Three versions of the VRRP protocol have been defined.
F. It supports both MD5 and SHA1 authentication.
Q553. Refer to the exhibit.
RIPv2 authentication is failing on a device with this configuration. Which two actions can you take to enable it? (Choose two.)
A. Set the RIP authentication mode to text.
B. Set the RIP authentication mode to MD5.
C. Configure the password encryption for the key.
D. Set the password encryption to AES.
See the reference link below for information on configuring RIPv2 authentication, including both test and MD5 modes.
Q554. Refer to the exhibit.
What password will be required to enter privileged EXEC mode on a device with the given configuration?
Q555. DRAG DROP
Drag and drop the OSPF network type on the left to the correct category of timers on the right.
Improve 400-101 ccie written passing score:
Q556. DRAG DROP
Drag and drop the IPv6 multicast feature or protocol on the left to the correct address space on the right.
Q557. Where must the spanning-tree timers be configured if they are not using the default timers?
A. They must be on the root bridge.
B. They must be on any non-root bridge.
C. Changing the default timers is not allowed.
D. Timers must be modified manually on each switch.
Q558. Refer to the exhibit.
All of the routers on this network are running RIP. If you edit the R3 RIP process configuration to reduce the number of hops from R3 to R1, which statement about the configuration change is true?
A. Configuring no passive-interface for GigabitEthernet0/0 in the R3 RIP process reduces the number of hops to R1 by 2.
B. Configuring no passive-interface for GigabitEthernet0/0 in the R3 RIP process reduces the number of hops to R1 by 1.
C. Configuring no passive-interface for GigabitEthernet0/1 in the R3 RIP process reduces the number of hops to R1 by 3.
D. Configuring no passive-interface for GigabitEthernet0/1 in the R3 RIP process reduces the number of hops to R1 by 1.
By changing the link from R3 to R2 to not be passive, traffic can then take the direct route from R3-R2-R1 instead of the longer path of R3-R6-R5-R4-R1, resulting in two less hops.
Q559. Which two advantages does CoPP have over receive path ACLs? (Choose two.)
A. Only CoPP applies to IP packets and non-IP packets.
B. Only CoPP applies to receive destination IP packets.
C. A single instance of CoPP can be applied to all packets to the router, while rACLs require multiple instances.
D. Only CoPP can rate-limit packets.
Control Plane Policing – CoPP is the Cisco IOS-wide route processor protection mechanism. As illustrated in Figure 2, and similar to rACLs, CoPP is deployed once to the punt path of the router. However, unlike rACLs that only apply to receive destination IP packets, CoPP applies to all packets that punt to the route processor for handling. CoPP therefore covers not only receive destination IP packets, it also exceptions IP packets and non-IP packets. In addition, CoPP is implemented using the Modular QoS CLI (MQC) framework for policy construction. In this way, in addition to simply permit and deny functions, specific packets may be permitted but rate-limited. This behavior substantially improves the ability to define an effective CoPP policy. (Note: that “Control Plane Policing” is something of a misnomer because CoPP generally protects the punt path to the route processor and not solely the control plane.)
Q560. Which BGP feature allows BGP routing tables to be refreshed without impacting established BGP sessions?
A. BGP synchronization
B. soft reconfiguration
D. hard reset
Clearing a BGP session using a hard reset invalidates the cache and results in a negative impact on the operation of networks as the information in the cache becomes unavailable. Soft reset is recommended because it allows routing tables to be reconfigured and activated without clearing the BGP session. Soft reset is done on a per-neighbor basis.
Reference: http://www.cisco.com/en/US/products/ps6599/products_data_sheet09186a0080087b3a.ht ml