It is more faster and easier to pass the Cisco ccie 400 101 exam by using Free Cisco CCIE Routing and Switching (v5.0) questuins and answers. Immediate access to the Most up-to-date ccie 400 101 dumps Exam and find the same core area 400 101 dumps questions with professionally verified answers, then PASS your exam with a high score now.

Q191. Which two statements about redistribution are true? (Choose two.) 

A. EIGRP requires the route to have a default metric defined. 

B. EIGRP and OSPF use their router IDs to prevent loops. 

C. When OSPF is redistributed into IS-IS, the default metric must be configured under the IS-IS process. 

D. When traffic is redistributed into OSPF, the subnets command is needed to redistribute classful subnets. 

E. The default seed metric for OSPF redistributed routes is 30. 

Answer: A,B 


Q192. Refer to the exhibit. 

The two standalone chassis are unable to convert into a VSS. What can you do to correct the problem? 

A. Set a different port channel number on each chassis. 

B. Set a different virtual domain ID on each chassis. 

C. Set the redundancy mode to rpr on both chassis. 

D. Add two ports to the port channel group. 

Answer:


Q193. Which option describes the effect of the OSPF default-information originate always command? 

A. It creates a stub area. 

B. It configures the device to advertise a default route regardless of whether it exists in the routing table. 

C. It configures the device to automatically redistribute a default route. 

D. It adds a static default route to the device configuration. 

Answer:

Explanation: 

default-information originate 

To generate a default external route into an Open Shortest Path First (OSPF) routing domain, use the default-information originate command in router configuration mode. To disable this feature, use the no form of this command. 

default-information originate [always] metric metric-value [ metric-type type-value ] [ route-map map-name ] 

Syntax Description 

always (Optional) Always advertises the default route regardless of whether the software has a default route. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6/command/ipv6-cr-book/ipv6-d2.html 


Q194. On an MPLS L3VPN, which two tasks are performed by the PE router? (Choose two.) 

A. It exchanges VPNv4 routes with other PE routers. 

B. It typically exchanges iBGP routing updates with the CE device. 

C. It distributes labels and forwards labeled packets. 

D. It exchanges VPNv4 routes with CE devices. 

E. It forwards labeled packets between CE devices. 

Answer: A,C 

Explanation: 

MPLS VPN functionality is enabled at the edge of an MPLS network. The PE router performs these tasks: . 

Exchanges routing updates with the CE router . 

Translates the CE routing information into VPN version 4 (VPNv4) routes . 

Exchanges VPNv4 routes with other PE routers through the Multiprotocol Border Gateway Protocol (MP-BGP) 

A PE router binds a label to each customer prefix learned from a CE router and includes the label in the network reachability information for the prefix that it advertises to other PE routers. When a PE router forwards a packet received from a CE router across the provider network, it labels the packet with the label learned from the destination PE router. When the destination PE router receives the labeled packet, it pops the label and uses it to direct the packet to the correct CE router. Label forwarding across the provider backbone is based on either dynamic label switching or traffic engineered paths. A customer data packet carries two levels of labels when traversing the backbone 

Reference: http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r4-2/lxvpn/configuration/guide/vcasr9kv342/vcasr9k42v3.html 


Q195. Refer to the exhibit. 

R2 is configured as the R1 neighbor in area 51, but R2 fails to receive the configured summary route. Which action can you take to correct the problem? 

A. Replace the summary-address command with the area-range command. 

B. Configure a summary address under R1interface GigabitEthernet0/0. 

C. Configure a summary address under R1 interface GigabitEthernet1/0. 

D. Configure the no discard-route command in the OSPF process of R1. 

E. Configure ip ospf network broadcast under the Loopback0 interface of R1. 

Answer:


Q196. Refer to the exhibit. 

Which action must you take to enable the WAN link to function properly? 

A. Enter a clock rate on the DCE interface. 

B. Enter a clock rate on the DTE interface. 

C. Enter a compression algorithm on both interfaces. 

D. Configure both interfaces for HDLC encapsulation. 

Answer:

Explanation: 

When connecting a serial cable to the serial interface of the router, clocking is provided by an external device, such as a CSU/DSU device. A CSU/DSU (Channel Service Unit/Data Service Unit) is a digital-interface device used to connect a router to a digital circuit. The router is the DTE (Data Terminal Equipment) and the external device is the DCE (Data Communications Equipment), where the DCE provides the clocking. However, in some cases we might connect two routers back-to-back using the routers’ serial interfaces (Example. Inside the router labs). Each router is a DTE by default. Since clocking is required to enable the interface, one of the two routers should function as DCE and should provide clocking. This can be done by using the "clock rate" command, from the interface configuration mode. 

Reference: http://www.omnisecu.com/cisco-certified-network-associate-ccna/how-to-configure-router-serial-interfaces.php 


Q197. Which three condition types can be monitored by crypto conditional debug? (Choose three.) 

A. Peer hostname 

B. SSL 

C. ISAKMP 

D. Flow ID 

E. IPsec 

F. Connection ID 

Answer: A,D,F 

Explanation: 

Supported Condition Types 

The new crypto conditional debug CLIs--debug crypto condition, debug crypto condition unmatched, and show crypto debug-condition--allow you to specify conditions (filter values) in which to generate and display debug messages related only to the specified conditions. The table below lists the supported condition types. 

Table 1 Supported Condition Types for Crypto Debug CLI 

Condition Type (Keyword) 

Description 

connid 1 

An integer between 1-32766. Relevant debug messages will be shown if the current IPSec operation uses this value as the connection ID to interface with the crypto engine. 

flowid 1 

An integer between 1-32766. Relevant debug messages will be shown if the current IPSec operation uses this value as the flow-ID to interface with the crypto engine. 

FVRF 

The name string of a virtual private network (VPN) routing and forwarding (VRF) instance. Relevant debug messages will be shown if the current IPSec operation uses this VRF instance as its front-door VRF (FVRF). 

IVRF 

The name string of a VRF instance. Relevant debug messages will be shown if the current IPSec operation uses this VRF instance as its inside VRF (IVRF). 

peer group 

A Unity group-name string. Relevant debug messages will be shown if the peer is using this group name as its identity. 

peer hostname 

A fully qualified domain name (FQDN) string. Relevant debug messages will be shown if the peer is using this string as its identity; for example, if the peer is enabling IKE Xauth with this FQDN string. 

peeripaddress 

A single IP address. Relevant debug messages will be shown if the current IPSec operation is related to the IP address of this peer. 

peer subnet 

A subnet and a subnet mask that specify a range of peer IP addresses. Relevant debug messages will be shown if the IP address of the current IPSec peer falls into the specified subnet range. 

peer username 

A username string. Relevant debug messages will be shown if the peer is using this username as its identity; for example, if the peer is enabling IKE Extended Authentication (Xauth) with this username. 

SPI 1 

A 32-bit unsigned integer. Relevant debug messages will be shown if the current IPSec operation uses this value as the SPI. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/xe-3s/sec-sec-for-vpns-w-ipsec-xe-3s-book/sec-crypto-debug-sup.html 


Q198. Which Cisco IOS VPN technology leverages IPsec, mGRE, dynamic routing protocol, NHRP, and 

Cisco Express Forwarding? 

A. FlexVPN 

B. DMVPN 

C. GETVPN 

D. Cisco Easy VPN 

Answer:


Q199. Which two options are ways in which an OSPFv3 router handles hello packets with a clear address-family bit? (Choose two.) 

A. IPv4 unicast packets are discarded. 

B. IPv6 unicast packets are discarded. 

C. IPv4 unicast packets are forwarded. 

D. IPv6 unicast packets are forwarded. 

Answer: A,D 

Explanation: 

A typical distance vector protocol saves the following information when computing the best path to a destination: the distance (total metric or distance, such as hop count) and the vector (the next hop). For instance, all the routers in the network in Figure 1 are running Routing Information Protocol (RIP). Router Two chooses the path to Network A by examining the hop count through each available path. 

Since the path through Router Three is three hops, and the path through Router One is two hops, Router Two chooses the path through One and discards the information it learned through Three. If the path between Router One and Network A goes down, Router Two loses all connectivity with this destination until it times out the route of its routing table (three update periods, or 90 seconds), and Router Three re-advertises the route (which occurs every 30 seconds in RIP). Not including any hold-down time, it will take between 90 and 120 seconds for Router Two to switch the path from Router One to Router Three. EIGRP, instead of counting on full periodic updates to re-converge, builds a topology table from each of its neighbor's advertisements (rather than discarding the data), and converges by either looking for a likely loop-free route in the topology table, or, if it knows of no other route, by querying its neighbors. Router Two saves the information it received from both Routers One and Three. It chooses the path through One as its best path (the successor) and the path through Three as a loop-free path (a feasible successor). When the path through Router One becomes unavailable, Router Two examines its topology table and, finding a feasible successor, begins using the path through Three immediately. 

Reference: http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/16406-eigrp-toc.html 


Q200. Which standard feature can be exploited by an attacker to perform network reconnaissance? 

A. IP-directed broadcast 

B. maintenance operations protocol 

C. ICMP redirects 

D. source quench 

Answer: