Act now and download your Cisco cisco 400 101 test today! Do not waste time for the worthless Cisco cisco 400 101 tutorials. Download Improved Cisco CCIE Routing and Switching (v5.0) exam with real questions and answers and begin to learn Cisco 400 101 ccie with a classic professional.

Q421. What is the ip dhcp snooping information option command used for? 

A. It displays information about the DHCP snooping table. 

B. It sends a syslog and an SNMP trap for a DHCP snooping violation. 

C. It enables the DHCP snooping host tracking feature. 

D. It enables DHCP option 82 data insertion. 



To enable DHCP option-82 data insertion, perform this task: 



Step 1 

Router(config)# ip dhcp snooping information option 

Enables DHCP option-82 data insertion. 

Step 2 

Router(config)# ip dhcp snooping information option replace 


Router(config-if)# ip dhcp snooping information option replace 

(Optional) Replaces the DHCP relay information option received in snooped packets with the switch's option-82 data. 

Step 3 

Router(config)# do show ip dhcp snooping | include 82 



Q422. Which two options are interface requirements for turbo flooding? (Choose two.) 

A. The interface is Ethernet. 

B. The interface is configured for ARPA encapsulation. 

C. The interface is PPP. 

D. The interface is configured for GRE encapsulation. 

E. The interface is configured for 802.1Q encapsulation. 

Answer: A,B 


In the switch, the majority of packets are forwarded in hardware; most packets do not go through the switch CPU. For those packets that do go to the CPU, you can speed up spanning tree-based UDP flooding by a factor of about four to five times by using turbo-flooding. This feature is supported over Ethernet interfaces configured for ARPA encapsulation. 


Q423. Refer to the exhibit. 

R1 and R2 both advertise to R3 and R4 as shown. R1 is the primary path. Which path does traffic take from the R4 data center to the file server? 

A. All traffic travels from R4 to R2 to the file server. 

B. All traffic travels from R4 to R3 to R1 to the file server. 

C. Traffic is load-balanced from R4 to R2 and R3. Traffic that is directed to R3 then continues to R1 to the file server. Traffic that is directed to R2 continues to the file server. 

D. All traffic travels from R4 to R2 to R1 to the file server. 


Q424. Which variable in an EEM applet is set when you use the sync yes option? 

A. $_cli_result 

B. $_result 

C. $_string_result 

D. $_exit_status 



The CLI event detector screens CLI commands for a regular expression match. When a match is found, an event is published. The match logic is performed on the fully expanded CLI command after the command is successfully parsed and before it is executed. The CLI event detector supports three publish modes: 

. Synchronous publishing of CLI events--The CLI command is not executed until the EEM policy exits, and the EEM policy can control whether the command is executed. The read/write variable, _exit_status, allows you to set the exit status at policy exit for policies triggered from synchronous events. If _exit_status is 0, the command is skipped, if _exit_status is 1, the command is run. 

. Asynchronous publishing of CLI events--The CLI event is published, and then the CLI command is executed. 

. Asynchronous publishing of CLI events with command skipping--The CLI event is published, but the CLI command is not executed. 



Q425. Refer to the exhibit. 

Which statement is true? 

A. IS-IS has been enabled on R4 for IPv6, single-topology. 

B. IS-IS has been enabled on R4 for IPv6, multitopology. 

C. IS-IS has been enabled on R4 for IPv6, single-topology and multitopology. 

D. R4 advertises IPv6 prefixes, but it does not forward IPv6 traffic, because the protocol has not been enabled under router IS-IS. 



When working with IPv6 prefixes in IS-IS, you can configure IS-IS to be in a single topology for both IPv4 and IPv6 or to run different topologies for IPv4 and IPv6. By default, IS-IS works in single-topology mode when activating IPv4 and IPv6. This means that the IS-IS topology will be built based on IS Reachability TLVs. When the base topology is built, then IPv4 prefixes (IP Reachability TLV) and IPv6 prefixes (IPv6 Reachability TLV) are added to each node as leaves, without checking if there is IPv6 connectivity between nodes. 


Q426. Which BGP feature enables you to install a backup path in the forwarding table? 

A. soft reconfiguration 

B. prefix independent convergence 

C. route refresh 

D. synchronization 



To install a backup path into the forwarding table and provide prefix independent convergence (PIC) in case of a PE-CE link failure, use the additional-paths install backup command in an appropriate address family configuration mode. To prevent installing the backup path, use the no form of this command. To disable prefix independent convergence, use the disable keyword. 



Drag and drop the BGP state on the left to the action that defines it on the right. 


Q428. Which three conditions can cause excessive unicast flooding? (Choose three.) 

A. Asymmetric routing 

B. Repeated TCNs 

C. The use of HSRP 

D. Frames sent to FFFF.FFFF.FFFF 

E. MAC forwarding table overflow 

F. The use of Unicast Reverse Path Forwarding 

Answer: A,B,E 


Causes of Flooding 

The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on). Below case studies display most 

common reasons for destination MAC address not being known to the switch. 

Cause 1: Asymmetric Routing 

Large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links. 

Cause 2: Spanning-Tree Protocol Topology Changes 

Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur. TCNs are triggered by a port that is transitioning to or from the forwarding state. After the TCN, even if the particular destination MAC address has aged out, flooding should not happen for long in most cases since the address will be relearned. The issue might arise when TCNs are occurring repeatedly with short intervals. The switches will constantly be fast-aging their forwarding tables so flooding will be nearly constant. Normally, a TCN is rare in a well-configured network. When the port on a switch goes up or down, there is eventually a TCN once the STP state of the port is changing to or from forwarding. When the port is flapping, repetitive TCNs and flooding occurs. 

Cause 3: Forwarding Table Overflow 

Another possible cause of flooding can be overflow of the switch forwarding table. In this case, new addresses cannot be learned and packets destined to such addresses are flooded until some space becomes available in the forwarding table. New addresses will then be learned. This is possible but rare, since most modern switches have large enough forwarding tables to accommodate MAC addresses for most designs. Forwarding table exhaustion can also be caused by an attack on the network where one host starts generating frames each sourced with different MAC address. This will tie up all the forwarding table resources. Once the forwarding tables become saturated, other traffic will be flooded because new learning cannot occur. This kind of attack can be detected by examining the switch forwarding table. Most of the MAC addresses will point to the same port or group of ports. Such attacks can be prevented by limiting the number of MAC addresses learned on untrusted ports by using the port security feature. 


Q429. Refer to the exhibit. 

If the route to is removed from the R2 routing table, which server becomes the master NTP server? 

A. R2 

B. the NTP server at 

C. the NTP server at 

D. the NTP server with the lowest stratum number 



NTP uses a concept called “stratum” that defines how many NTP hops away a device is from an authoritative time source. For example, a device with stratum 1 is a very accurate device and might have an atomic clock attached to it. Another NTP server that is using this stratum 1 server to sync its own time would be a stratum 2 device because it’s one NTP hop further away from the source. When you configure multiple NTP servers, the client will prefer the NTP server with the lowest stratum value. 


Q430. Which two metrics are measured with active probes when PfR voice traffic optimization is in use? (Choose two.) 


B. cost 

C. jitter 

D. bandwidth 

Answer: A,C