Act now and download your Cisco 400-101 test today! Do not waste time for the worthless Cisco 400-101 tutorials. Download Renewal Cisco CCIE Routing and Switching (v5.0) exam with real questions and answers and begin to learn Cisco 400-101 with a classic professional.
2021 Apr 400-101 actual exam
Q71. Which statement is true regarding the UDP checksum?
A. It is used for congestion control.
B. It cannot be all zeros.
C. It is used by some Internet worms to hide their propagation.
D. It is computed based on the IP pseudo-header.
Answer: D
Explanation:
The method used to compute the checksum is defined in RFC 768: “Checksum is the 16-bit one's complement of the one's complement sum of a pseudo header of information from the IP header, the UDP header, and the data, padded with zero octets at the end (if necessary) to make a multiple of two octets.” In other words, all 16-bit words are summed using one's complement arithmetic. Add the 16-bit values up. Each time a carry-out (17th bit) is produced, swing that bit around and add it back into the least significant bit. The sum is then one's complemented to yield the value of the UDP checksum field. If the checksum calculation results in the value zero (all 16 bits 0) it should be sent as the one's complement (all 1s).
Reference: http://en.wikipedia.org/wiki/User_Datagram_Protocol
Q72. What is a key advantage of Cisco GET VPN over DMVPN?
A. Cisco GET VPN provides zero-touch deployment of IPSEC VPNs.
B. Cisco GET VPN supports certificate authentication for tunnel establishment.
C. Cisco GET VPN has a better anti-replay mechanism.
D. Cisco GET VPN does not require a secondary overlay routing infrastructure.
Answer: D
Explanation:
DMVPN requires overlaying a secondary routing infrastructure through the tunnels, which results in suboptimal routing while the dynamic tunnels are built. The overlay routing topology also reduces the inherent scalability of the underlying IP VPN network topology. Traditional point-to-point IPsec tunneling solutions suffer from multicast replication issues because multicast replication must be performed before tunnel encapsulation and encryption at the IPsec CE (customer edge) router closest to the multicast source. Multicast replication cannot be performed in the provider network because encapsulated multicasts appear to the core network as unicast data. Cisco’s Group Encrypted Transport VPN (GET VPN) introduces the concept of a trusted group to eliminate point-to-point tunnels and their associated overlay routing. All group members (GMs) share a common security association (SA), also known as a group SA. This enables GMs to decrypt traffic that was encrypted by any other GM. (Note that IPsec CE acts as a GM.) In GET VPN networks, there is no need to negotiate point-to- point IPsec tunnels between the members of a group, because GET VPN is “tunnel-less.”
Reference: Group Encrypted Transport VPN (Get VPN) Design and Implementation Guide PDF
Q73. Which timer expiration can lead to an EIGRP route becoming stuck in active?
A. hello
B. active
C. query
D. hold
Answer: B
Explanation:
As noted above, when a route goes into the active state, the router queries its neighbors to find a path to the pertinent network. At this point, the router starts a three minute active timer by which time it must receive replies from all queried neighbors. If a neighbor has feasible successors for the route, it will recalculate its own local distance to the network and report this back. However, if a neighbor does not have a feasible successor, it also goes into active state. In some cases, multiple routers along multiple query paths will go into active state as routers continue to query for the desired route. In most cases, this process will yield responses from all queried routers and the sought after route will transition back into the passive state within the three minute SIA query timer. In the case that none of the queried routers can provide a feasible successor, the route is cleared. In some cases, a response is not received between two neighbor routers because of link failures, congestion or some other adverse condition in either the network or on the queried router, and the three minute active timer expires on the router originating the query. When this happens, the querying router that did not receive a response logs a “DUAL-3-SIA” or “stuck-in-active” error for the route and then drops and restarts its adjacency with the non-responding router
Reference: http://www.packetdesign.com/resources/technical-briefs/diagnosing-eigrp-stuck-active
Q74. Refer to the exhibit.
Which statement about the output is true?
A. The flow is an HTTPS connection to the router, which is initiated by 144.254.10.206.
B. The flow is an HTTP connection to the router, which is initiated by 144.254.10.206.
C. The flow is an HTTPS connection that is initiated by the router and that goes to 144.254.10.206.
D. The flow is an HTTP connection that is initiated by the router and that goes to 144.254.10.206.
Answer: A
Explanation:
We can see that the connection is initiated by the Source IP address shown as 144.254.10.206. We also see that the destination protocol (DstP) shows 01BB, which is in hex and translates to 443 in decimal. SSL/HTTPS uses port 443.
Q75. Which three TLVs does LLDP use to discover network devices? (Choose three.)
A. Management address
B. Port description
C. Network policy
D. System name
E. Location information
F. Power management
Answer: A,B,D
Explanation:
Basic Management TLV Set
This set includes the following five TLVs used in LLDP:
. Port description TLV: Provides a description of the port in an alpha-numeric format. The value equals the ifDescr object, if the LAN device supports RFC 2863.
. System name TLV: Provides the system's assigned name in an alpha-numeric format. The value equals the sysName object, if the LAN device supports RFC 3418.
. System description TLV: Provides a description of the network entity in an alpha-numeric format. This includes system's name and versions of hardware, operating system and networking software supported in the device. The value equals the sysDescr object, if the LAN device supports RFC 3418.
. System capabilities TLV: Indicates the primary function(s) of the device and whether or not these functions are enabled in the device. The capabilities are indicated by two octects. Bits 0 through 7 indicate Other, Repeater, Bridge, WLAN AP, Router, Telephone, DOCSIS cable device and Station respectively. Bits 8 through 15 are reserved.
. Management address TLV: Indicates the addresses of the local LLDP agent. Other remote managers can use this address to obtain information related to the local device.
Reference: http://www.eetimes.com/document.asp?doc_id=1272069
Up to the minute 400-101 real exam:
Q76. Which two options are causes of out-of-order packets? (Choose two.)
A. a routing loop
B. a router in the packet flow path that is intermittently dropping packets
C. high latency
D. packets in a flow traversing multiple paths through the network
E. some packets in a flow being process-switched and others being interrupt-switched on a transit router
Answer: D,E
Explanation:
In traditional packet forwarding systems, using different paths have varying latencies that cause out of order packets, eventually resulting in far lower performance for the network application. Also, if some packets are process switched quickly by the routing engine of the router while others are interrupt switched (which takes more time) then it could result in out of order packets. The other options would cause packet drops or latency, but not out of order packets.
Q77. Refer to the exhibit.
The interface FastEthernet0/1 of both routers R4 and R5 is connected to the same Ethernet segment with a multicast receiver. Which two statements are true? (Choose two)
A. Multicast traffic that is destined to a receiver with IP address 192.168.2.6 will flow through router R4.
B. Both routers R4 and R5 will send PIM join messages to the RP.
C. Only router R5 will send a multicast join message to the RP.
D. Multicast traffic that is destined to a receiver with IP address 192.168.2.6 will flow through router R5.
Answer: C,D
Explanation:
Even though R4 is the active HSRP router, traffic will flow through R5 and only R5 will send the join messages. The Multicast DR is elected by the higher IP address or priority. R5 has 192.168.2.2 and R4 has 192.168.2.1. R5 is the DR which sends all packets to the RP.
Q78. Refer to the exhibit.
Which two conditions can cause this error message to be displayed on the console? (Choose two.)
A. The EtherChannel is configured as desirable on both ends.
B. The port-channel on the adjacent device is misconfigured.
C. There is a speed and duplex mismatch on interface fa0/12.
D. The EtherChannel is configured as auto on one of the interfaces.
Answer: B,C
Q79. DRAG DROP
Drag and drop the BGP attribute on the left to the correct category on the right.
Answer:
Q80. Refer to the exhibit.
Which statement is true about a valid IPv6 address that can be configured on tunnel interface0?
A. There is not enough information to calculate the IPv6 address.
B. 6to4 tunneling allows you to use any IPv6 address.
C. 2001:7DCB:5901::/128 is a valid IPv6 address.
D. 2002:7DCB:5901::/128 is a valid IPv6 address.
Answer: D
Explanation:
Most IPv6 networks use autoconfiguration, which requires the last 64 bits for the host. The first 64 bits are the IPv6 prefix. The first 16 bits of the prefix are always 2002:, the next 32 bits are the IPv4 address, and the last 16 bits of the prefix are available for addressing multiple IPv6 subnets behind the same 6to4 router. Since the IPv6 hosts using autoconfiguration already have determined the unique 64 bit host portion of their address, they must simply wait for a Router Advertisement indicating the first 64 bits of prefix to have a complete IPv6 address. A 6to4 router will know to send an encapsulated packet directly over IPv4 if the first 16 bits are 2002, using the next 32 as the destination, or otherwise send the packet to a well-known relay server, which has access to native IPv6.
Reference: http://en.wikipedia.org/wiki/6to4