Testking has the Cisco Cisco exam questions which usually with accurate and verified answers. They are going to appear in the real Cisco 400-101 exam. So taking entire advantage of each of our Cisco 400-101 practice questions and answers, you need to be successful at first attempt. The particular Cisco 400-101 training course is a excellent instrument to get ready the 400-101 exam. We all provide any limited period for the no cost downloadable Cisco 400-101 exam dumps after paying. There exists no time to get rid of! Our Cisco 400-101 exam products are marketed at a discounted price. Look simply no further much more. Stop at Testking website and also buy the Cisco Cisco exam dumps right now. You will always be capable of making great improvement throughout the review with the Cisco 400-101 exam.

2021 Apr 400-101 free exam

Q301. Which two statements about reverse ARP are true? (Choose two.) 

A. Its servers require static mappings. 

B. It works with AutoInstall to configure new devices. 

C. It provides IP addresses for subnet masks. 

D. It provides IP addresses for default gateways. 

E. It requires less maintenance than DHCP. 

Answer: A,B 


Q302. Refer to the exhibit. 

If IS-IS is configured utilizing default metrics, what is the cost for Router 4 to reach the 10.2.2.0/24 network? 

A. 1 

B. 20 

C. 30 

D. 63 

Answer:

Explanation: 

By default, every link is an IS-IS network has a metric of 10. 


Q303. Refer to the exhibit. 

What is wrong with the configuration of this tunnel interface? 

A. ISATAP tunnels cannot use the EUI-64 address format. 

B. No tunnel destination has been specified. 

C. The tunnel source of an ISATAP tunnel must always point to a loopback interface. 

D. Router advertisements are disabled on this tunnel interface. 

Answer:

Explanation: 

Sending of IPv6 router advertisements is disabled by default on tunnel interfaces. This command reenables the sending of IPv6 router advertisements to allow client autoconfiguration: 

Example: Router(config-if)# no ipv6 nd ra suppress 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/interface/configuration/xe-3s/ir-xe-3s-book/ip6-isatap-xe.html 


Q304. Refer to the exhibit. 

Which two options are possible states for the interface configured with the given OSPFv3 

authentication? (Choose two.) 

A. GOING UP 

B. DOWN 

C. UNCONFIGURED 

D. GOING DOWN 

Answer: A,B 

Explanation: 

To configure IPsec, you configure a security policy, which is a combination of the security policy index (SPI) and the key (the key is used to create and validate the hash value). IPsec for OSPFv3 can be configured on an interface or on an OSPFv3 area. For higher security, you should configure a different policy on each interface configured with IPsec. If you configure IPsec for an OSPFv3 area, the policy is applied to all of the interfaces in that area, except for the interfaces that have IPsec configured directly. Once IPsec is configured for OSPFv3, IPsec is invisible to you. The secure socket API is used by applications to secure traffic. The API needs to allow the application to open, listen, and close secure sockets. The binding between the application and the secure socket layer also allows the secure socket layer to inform the application of changes to the socket, such as connection open and close events. The secure socket API is able to identify the socket; that is, it can identify the local and remote addresses, masks, ports, and protocol that carry the traffic requiring security. Each interface has a secure socket state, which can be one of the following: 

. NULL: Do not create a secure socket for the interface if authentication is configured for the area. 

. DOWN: IPsec has been configured for the interface (or the area that contains the interface), but OSPFv3 either has not requested IPsec to create a secure socket for this interface, or there is an error condition. 

. GOING UP: OSPFv3 has requested a secure socket from IPsec and is waiting for a CRYPTO_SS_SOCKET_UP message from IPsec. 

. UP: OSPFv3 has received a CRYPTO_SS_SOCKET_UP message from IPsec. 

. CLOSING: The secure socket for the interface has been closed. A new socket may be opened for the interface, in which case the current secure socket makes the transition to the DOWN state. Otherwise, the interface will become UNCONFIGURED. 

. UNCONFIGURED. Authentication is not configured on the interface. 

OSPFv3 will not send or accept packets while in the DOWN state. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-sy/iro-15-sy-book/ip6-route-ospfv3-auth-ipsec.html 


Q305. When deploying redundant route reflectors in BGP, which attribute can you configure on the route reflector to allow routes to be identified as belonging to the same group? 

A. ROUTER_ID 

B. CLUSTER_ID 

C. ORIGINATOR_ID 

D. PEER_GROUP 

Answer:

Explanation: 

Together, a route reflector and its clients form a cluster. When a single route reflector is deployed in a cluster, the cluster is identified by the router ID of the route reflector. The bgp cluster-id command is used to assign a cluster ID to a route reflector when the cluster has one or more route reflectors. Multiple route reflectors are deployed in a cluster to increase redundancy and avoid a single point of failure. When multiple route reflectors are configured in a cluster, the same cluster ID is assigned to all route reflectors. This allows all route reflectors in the cluster to recognize updates from peers in the same cluster and reduces the number of updates that need to be stored in BGP routing tables. 

Reference: http://ieoc.com/forums/t/5326.aspx 


Updated 400-101 vce:

Q306. Which two statements about the OSPF two-way neighbor state are true? (Choose two.) 

A. Each neighbor receives its own router ID in a hello packet from the other neighbor. 

B. Each neighbor receives a hello message from the other neighbor. 

C. It is valid only on NBMA networks. 

D. It is valid only on point-to-point networks. 

E. Each neighbor receives an acknowledgement of its own hello packet from the other neighbor. 

F. Each neighbor receives the router ID of the other neighbor in a hello packet from the other neighbor. 

Answer: A,E 


Q307. Which two statements about the max-age time in IS-IS are true? (Choose two.) 

A. The IS-IS max-age time is 20 minutes by default. 

B. The IS-IS max-age time is 60 minutes by default. 

C. The IS-IS max-age time increments from zero to max-age. 

D. The IS-IS max-age time decrements from max-age to zero. 

Answer: A,D 


Q308. Which two 802.1D port states are expected in a stable Layer 2 network? (Choose two.) 

A. forwarding 

B. learning 

C. listening 

D. blocking 

E. disabled 

Answer: A,D 


Q309. Which statement about NAT64 is true? 

A. NAT64 provides address family translation and translates IPv4 to IPv6 and IPv6 to IPv4. 

B. NAT64 provides address family translation and can translate only IPv6 to IPv4. 

C. NAT64 should be considered as a permanent solution. 

D. NAT64 requires the use of DNS64. 

Answer:


Q310. What is a reason to use DHCPv6 on a network that uses SLAAC? 

A. To get a record of the IPs that are used by the clients 

B. To push DNS and other information to the clients 

C. No reason, because there is no need for DHCPv6 when using SLAAC 

D. Because DHCPv6 can be used only in stateful mode with SLAAC to record the IPs of the clients 

E. Because DHCPv6 can be used only in stateless mode with SLAAC to record the IPs of the clients 

F. Because DHCPv6 is required to use first-hop security features on the switches 

Answer:

Explanation: 

SLAAC is by far the easiest way to configure IPv6 addresses, simply because you don’t have to configure any IPv6 address. With SLAAC, a host uses the IPv6 Neighbor Discovery Protocol (NDP) to determine its IP address and default routers. Using SLAAC, a host requests and listens for Router Advertisements (RA) messages, and then taking the prefix that is advertised to form a unique address that can be used on the network. For this to work, the prefix that is advertised must advertise a prefix length of 64 bits (i.e., /64). But the most significant of Stateless Address Autoconfiguration (SLAAC) is it provided no mechanism for configuring DNS resolver information.Therefore SLACC can be used along with DHCPv6 (Stateless) to push DNS and other information to the clients.