It is more faster and easier to pass the Cisco 400 101 ccie exam by using Exact Cisco CCIE Routing and Switching (v5.0) questuins and answers. Immediate access to the Most recent 400 101 ccie Exam and find the same core area 400 101 pdf questions with professionally verified answers, then PASS your exam with a high score now.

Q291. In IPv6 Path MTU Discovery, which ICMP message is sent by an intermediary router that requires a smaller MTU? 

A. Time Exceeded, with code 1 (fragment reassembly time exceeded) 

B. Packet Too Big 

C. Destination Unreachable, with code 4 (the datagram is too big) 

D. Multicast Termination Router 


Q292. What are the three HDLC operating modes? (Choose three.) 

A. normal response 

B. asynchronous balanced 

C. synchronous response 

D. asynchronous response 

E. normal balanced 

F. synchronous balanced 

Answer: A,B,D 

Q293. Which statement is true about VPLS? 

A. MPLS is not required for VPLS to work. 

B. VPLS carries packets as Layer 3 multicast. 

C. VPLS has been introduced to address some shortcomings of OTV. 

D. VPLS requires an MPLS network. 



VPLS uses MPLS labels so an MPLS network is required. VPLS MPLS packets have a two-label stack. The outer label is used for normal MPLS forwarding in the service provider's network. If BGP is used to establish the VPLS, the inner label is allocated by a PE as part of a label block. If LDP is used, the inner label is a virtual circuit ID assigned by LDP when it first established a mesh between the participating PEs. Every PE keeps track of assigned inner label, and associates these with the VPLS instance. 


Q294. Which three options are characteristics of a Type 10 LSA? (Choose three.) 

A. It is an area-local, opaque LSA. 

B. Data is flooded to all routers in the LSA scope. 

C. It is used for traffic-engineering extensions to OSPF. 

D. It is a link-local, opaque LSA. 

E. Data is flooded only to the routers in the LSA scope that understand the data. 

F. It is used for traffic-engineering extensions to LDP. 

Answer: A,B,C 

Q295. Which command drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value, and also causes the Security Violation counter to increment? 

A. switchport port-security violation protect 

B. switchport port-security violation drop 

C. switchport port-security violation shutdown 

D. switchport port-security violation restrict 



When configuring port security violation modes, note the following information: 

. protect—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value. 

. restrict—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment. 

. shutdown—Puts the interface into the error-disabled state immediately and sends an SNMP trap notification. 


Q296. Which three statements about OSPFv3 address families are true? (Choose three.) 

A. Each address family requires the same instance ID. 

B. Address families can perform route redistribution into any IPv4 routing protocol. 

C. An address family can have two device processes on each interface. 

D. IPv4 address family require an IPv4 address to be configured on the interface. 

E. Each address family uses a different shortest path tree. 

F. Different address families can share the same link state database. 

Answer: B,D,E 

Q297. Which three statements about IS-IS are true? (Choose three.) 

A. IS-IS is not encapsulated in IP. 

B. IS-IS is directly encapsulated in the data link layer. 

C. 0XFEFE is used in the Layer 2 header to identify the Layer 3 protocol. 

D. IS-IS uses protocol ID 93. 

E. IS-IS can be used to route the IPX protocol. 

F. IS-IS is an IETF standard. 

Answer: A,B,C 


IS-IS is an Interior Gateway Protocol (IGP) for routing OSI. IS-IS packets are not encapsulated in CLNS or IP but are encapsulated directly in the data-link layer. The IS-IS protocol family is OSI, and values such as 0xFE and 0xFEFE are used by the data-link protocol to identify the Layer 3 protocol as OSI. 

Reference: tml 

Q298. Which three statements about implementing a NAT application layer gateway in a network are true? (Choose three.) 

A. It allows client applications to use dynamic ports to communicate with a server regardless of whether NAT is being used. 

B. It maintains granular security over application-specific data. 

C. It allows synchronization between multiple streams of data between two hosts. 

D. Application layer gateway is used only in VoIP/SIP deployments. 

E. Client applications require additional configuration to use an application layer gateway. 

F. An application layer gateway inspects only the first 64 bytes of a packet before forwarding it through the network. 

Answer: A,B,C 


An application-level gateway (ALG), also known as an application-layer gateway, is an application that translates the IP address information inside the payload of an application packet. An ALG is used to interpret the application-layer protocol and perform firewall and Network Address Translation (NAT) actions. These actions can be one or more of the following depending on your configuration of the firewall and NAT: 

. Allow client applications to use dynamic TCP or UDP ports to communicate with the server application. 

. Recognize application-specific commands and offer granular security control over them. 

. Synchronize multiple streams or sessions of data between two hosts that are exchanging data. 

. Translate the network-layer address information that is available in the application payload 


Q299. Refer to the exhibit. 

Router 1 and Router 2 use HSRP to provide first hop redundancy for hosts on the network. 

Which feature can provide additional failover coverage for the PC? 

A. Cisco Express Forwarding 

B. NetFlow 

C. Accounting 

D. Enhanced Object Tracking 



HSRP has a mechanism for tracking the interface line-protocol state. The enhanced object tracking feature separates the tracking mechanism from HSRP. It creates a separate, standalone tracking process that can be used by processes other than HSRP. This feature allows tracking of other objects in addition to the interface line-protocol state. A client process, such as HSRP, can register an interest in tracking objects and request notification when the tracked object changes state. Several clients can track the same object, and can take different actions when the object changes state. This feature increases the availability and speed of recovery of a router system and decreases outages and outage duration. 


Q300. Which two statements about DHCP snooping are true? (Choose two.) 

A. It is implemented on a per-VLAN basis. 

B. It filters invalid DHCP messages. 

C. The binding database logs trusted and untrusted hosts with leased IP addresses. 

D. Interfaces are trusted by default. 

E. It uses the LFIB to validate requests from untrusted hosts. 

Answer: A,B