Exam Code: ccnp dumps 300 101 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco IP Routing
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass ccnp routing and switching route 300 101 Exam.

Q17. To configure SNMPv3 implementation, a network engineer is using the AuthNoPriv security level. What effect does this action have on the SNMP messages? 

A. They become unauthenticated and unencrypted. 

B. They become authenticated and unencrypted. 

C. They become authenticated and encrypted. 

D. They become unauthenticated and encrypted. 

Answer:

Explanation: 


Q18. Which common issue causes intermittent DMVPN tunnel flaps? 

A. a routing neighbor reachability issue 

B. a suboptimal routing table 

C. interface bandwidth congestion 

D. that the GRE tunnel to hub router is not encrypted 

Answer:

Explanation: 

DMVPN Tunnel Flaps Intermittently Problem DMVPN tunnel flaps intermittently. Solution

When DMVPN tunnels flap, check the neighborship between the routers as issues with neighborship

formation between routers may cause the DMVPN tunnel to flap. In order to resolve this problem, make

sure the neighborship between the routers is always up. Reference: http://www.cisco.com/c/en/us/support/

docs/security-vpn/ipsec-negotiation-ike- protocols/29240-dcmvpn.html#Prblm1


Q19. A network administrator is troubleshooting a DMVPN setup between the hub and the spoke. Which action should the administrator take before troubleshooting the IPsec configuration? 

A. Verify the GRE tunnels. 

B. Verify ISAKMP. 

C. Verify NHRP. 

D. Verify crypto maps. 

Answer:

Explanation: 


Q20. Which two methods of deployment can you use when implementing NAT64? (Choose two.) 

A. stateless 

B. stateful 

C. manual 

D. automatic 

E. static 

F. functional 

G. dynamic 

Answer: A,B 

Explanation: 

While stateful and stateless NAT64 perform the task of translating IPv4 packets into IPv6 packets and vice

versa, there are important differences. The following

table provides a high-level overview of the most relevant differences.

Table 2. Differences Between Stateless NAT64 and Stateful NAT64

Stateless NAT64 Stateful NAT64

1:1 translation 1:N translation

No conservation of IPv4 address Conserves IPv4 address

Assures end-to-end address Uses address overloading, hence transparency and scalability lacks in endto-

end address transparency

No state or bindings created on the State or bindings are created on every translation unique translation

Requires IPv4-translatable IPv6 No requirement on the nature of IPv6 addresses assignment (mandatory

address assignment requirement)

Requires either manual or DHCPv6 Free to choose any mode of IPv6 based address assignment for IPv6

address assignment viz. Manual, hosts DHCPv6, SLAAC Reference: http://www.cisco.com/c/en/us/

products/collateral/ios-nx-os-software/enterprise-ipv6- solution/white_paper_c11-676277.html


Q21. Refer to the following access list. 

access-list 100 permit ip any any log 

After applying the access list on a Cisco router, the network engineer notices that the router CPU utilization has risen to 99 percent. What is the reason for this? 

A. A packet that matches access-list with the "log" keyword is Cisco Express Forwarding switched. 

B. A packet that matches access-list with the "log" keyword is fast switched. 

C. A packet that matches access-list with the "log" keyword is process switched. 

D. A large amount of IP traffic is being permitted on the router. 

Answer:

Explanation: 

Logging-enabled access control lists (ACLs) provide insight into traffic as it traverses the

network or is dropped by network devices. Unfortunately, ACL logging can be CPU intensive and can

negatively affect other functions of the network device. There are two primary factors that contribute to the

CPU load increase from ACL logging: process switching of packets that match log-enabled access control

entries (ACEs) and the generation and transmission of log messages. Reference: http://www.cisco.com/

web/about/security/intelligence/acl-logging.html#4


Q22. Scenario: 

You have been asked to evaluate an OSPF network setup in a test lab and to answer questions a customer has about its operation. The customer has disabled your access to the show running-config command. 

Areas of Router 5 and 6 are not normal areas, inspect their routing tables and determine which statement is true? 

A. R5's Loopback and R6's Loopback are both present in R5's Routing table 

B. R5's Loopback and R6's Loopback are both present in R6's Routing table 

C. Only R5's loopback is present in R5's Routing table 

D. Only R6's loopback is present in R5's Routing table 

E. Only R5's loopback is present in R6's Routing table 

Answer:

Explanation: 

Topic 4, VPN Technologies 

45. A company has just opened two remote branch offices that need to be connected to the corporate network. Which interface configuration output can be applied to the corporate router to allow communication to the remote sites? 

A. interface Tunnel0 

bandwidth 1536 

ip address 209.165.200.230 255.255.255.224 

tunnel source Serial0/0 

tunnel mode gre multipoint 

B. interface fa0/0 

bandwidth 1536 

ip address 209.165.200.230 255.255.255.224 

tunnel mode gre multipoint 

C. interface Tunnel0 

bandwidth 1536 

ip address 209.165.200.231 255.255.255.224 

tunnel source 209.165.201.1 

tunnel-mode dynamic 

D. interface fa 0/0 

bandwidth 1536 

ip address 209.165.200.231 255.255.255.224 

tunnel source 192.168.161.2 

tunnel destination 209.165.201.1 

tunnel-mode dynamic 

Answer:

Explanation: 

The configuration of mGRE allows a tunnel to have multiple destinations. The configuration of

mGRE on one side of a tunnel does not have any relation to the tunnel properties that might exist tunnel

source Serial0/0 tunnel mode gre multipoint

B. interface fa0/0 bandwidth 1536 ip address 209.165.200.230 255.255.255.224 tunnel mode gre

multipoint

C. interface Tunnel0 bandwidth 1536 ip address 209.165.200.231 255.255.255.224 tunnel source

209.165.201.1 tunnel-mode dynamic

D. interface fa 0/0 bandwidth 1536 ip address 209.165.200.231 255.255.255.224 tunnel source

192.168.161.2 tunnel destination 209.165.201.1 tunnel-mode dynamic

Answer: A Explanation: The configuration of mGRE allows a tunnel to have multiple destinations. The

configuration of mGRE on one side of a tunnel does not have any relation to the tunnel properties that

might exist at the exit points. This means that an mGRE tunnel on the hub may connect to a p2p tunnel on

the branch. Conversely, a p2p GRE tunnel may connect to an mGRE tunnel. The distinguishing feature

between an mGRE interface and a p2p GRE interface is the tunnel destination. An mGRE interface does

not have a configured destination. Instead the GRE tunnel is configured with the command tunnel mode

gre multipoint. This command is used instead of the tunnel destination x.x.x.x found with p2p GRE tunnels.

Besides allowing for multiple destinations, an mGRE tunnel requires NHRP to resolve the tunnel

endpoints. Note, tunnel interfaces by default are point-to-point (p-p) using GRE encapsulation, effectively they have the tunnel mode gre command, which is not seen in the configuration because it is the default.

The mGRE configuration is as follows: ! interface Tunnel0 bandwidth 1536 ip address 10.62.1.10

255.255.255.0 tunnel source Serial0/0 tunnel mode gre multipoint Reference: http://www.cisco.com/c/en/

us/td/docs/solutions/Enterprise/WAN_and_MAN/DMVPDG/DMVP N_2_Phase2.html


Q23. What are the three modes of Unicast Reverse Path Forwarding? 

A. strict mode, loose mode, and VRF mode 

B. strict mode, loose mode, and broadcast mode 

C. strict mode, broadcast mode, and VRF mode 

D. broadcast mode, loose mode, and VRF mode 

Answer:

Explanation: 

Network administrators can use Unicast Reverse Path Forwarding (Unicast RPF) to help limit

the malicious traffic on an enterprise network. This security feature works by enabling a router to verify the

reachability of the source address in packets being forwarded. This capability can limit the appearance of

spoofed addresses on a network. If the source IP address is not valid, the packet is discarded. Unicast

RPF works in one of three different modes: strict mode, loose mode, or VRF mode. Note that not all

network devices support all three modes of operation. Unicast RPF in VRF mode will not be covered in this

document. When administrators use Unicast RPF in strict mode, the packet must be received on the

interface that the router would use to forward the return packet. Unicast RPF configured in strict mode may

drop legitimate traffic that is received on an interface that was not the router's choice for sending return

traffic. Dropping this legitimate traffic could occur when asymmetric routing paths are present in the

network. When administrators use Unicast RPF in loose mode, the source address must appear in the

routing table. Administrators can change this behavior using the allow-default option, which allows the use

of the default route in the source verification process. Additionally, a packet that contains a source address

for which the return route points to the Null 0 interface will be dropped. An access list may also be

specified that permits or denies certain source addresses in Unicast RPF loose mode. Care must be taken

to ensure that the appropriate Unicast RPF mode (loose or strict) is configured during the deployment of

this feature because it can drop legitimate traffic. Although asymmetric traffic flows may be of concern

when deploying this feature, Unicast RPF loose mode is a scalable option for networks that contain

asymmetric routing paths. Reference: http://www.cisco.com/web/about/security/intelligence/unicastrpf.

html


Q24. You have been asked to evaluate how EIGRP is functioning in a customer network. 

What percent of R1’s interfaces bandwidth is EIGRP allowed to use? 

A. 10 

B. 20 

C. 30 

D. 40 

Answer:

Explanation: