Our pass rate is high to 98.9% and the similarity percentage between our ccie 400 101 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Cisco ccie 400 101 dumps exam in just one try? I am currently studying for the Cisco 400 101 ccie exam. Latest Cisco passleader 400 101 Test exam practice questions and answers, Try Cisco 400 101 ccie Brain Dumps First.
Q291. What are the three primary components of NetFlow? (Choose three.)
A. Flow caching
B. A flow collector
C. The data analyzer
D. Flow sequence numbers
E. Cisco Express Forwarding
F. Multicast
Answer: A,B,C
Explanation:
NetFlow includes three key components that perform the following capabilities:
. Flow caching analyzes and collects IP data flows entering router or switch interfaces and prepares data for export. It enables the accumulation of data on flows with unique characteristics, such as IP addresses, application, and CoS.
. FlowCollector and Data Analysis captures exported data from multiple routers and filters and aggregates the data according to customer policies, and then stores this summarized or aggregated data. Users can leverage Cisco NetFlow collector as a flow collector, or they can opt for a variety of third-party partner products. A Graphical user interface displays and analyzes NetFlow data collected from FlowCollector files. This allows users to complete near-real-time visualization or trending analysis of recorded and aggregated flow data. Users can specify the router and aggregation scheme and desired time interval.
Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/product_data_sheet0900aecd80173f71.html
Q292. Which three statements about the differences between Cisco IOS and IOS-XE functionality are true? (Choose three.)
A. Only IOS-XE Software can host applications outside of the IOS context.
B. Only the IOS-XE Services Plane has multiple cores.
C. Only the IOS-XE Data Plane has multiple cores.
D. Only the IOS-XE Control Plane has multiple cores.
E. Only IOS-XE module management integrates with packet processing.
F. Only IOS-XE configuration and control is integrated with the kernel.
Answer: A,B,C
Q293. What is the purpose of EIGRP summary leaking?
A. to allow a summary to be advertised conditionally on specific criteria
B. to allow a component of a summary to be advertised in addition to the summary
C. to allow overlapping summaries to exist on a single interface
D. to modify the metric of the summary based on which components of the summary are operational
Answer: B
Explanation:
When you do manual summarization, and still you want to advertise some specific routes to the neighbor, you can do that using leak-map. Please read more about leaking routes here.
http://www.cisco.com/c/en/us/td/docs/ios/iproute_eigrp/command/reference/ire_book/ire_i1. html#wp1037685.
Q294. What is the goal of Unicast Reverse Path Forwarding?
A. to verify the reachability of the destination address in forwarded packets
B. to help control network congestion
C. to verify the reachability of the destination address in multicast packets
D. to verify the reachability of the source address in forwarded packets
Answer: D
Explanation:
Network administrators can use Unicast Reverse Path Forwarding (Unicast RPF) to help limit the malicious traffic on an enterprise network. This security feature works by enabling a router to verify the reachability of the source address in packets being forwarded. This capability can limit the appearance of spoofed addresses on a network. If the source IP address is not valid, the packet is discarded.
Reference: http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html
Q295. Refer to the exhibit.
Which option is the most likely explanation of the duplicate address message logged?
A. HSRP misconfiguration
B. a PC with IP of 10.10.1.1
C. spanning-tree-loop
D. a hardware problem
Answer: A
Q296. Where must the spanning-tree timers be configured if they are not using the default timers?
A. They must be on the root bridge.
B. They must be on any non-root bridge.
C. Changing the default timers is not allowed.
D. Timers must be modified manually on each switch.
Answer: A
Q297. What is the main component of Unified MPLS?
A. Multiple IGPs in the network are used, where the loopback IP addresses of the PE routers are aggregated on the area border routers.
B. Confederations are used to provide scalability.
C. The loopback prefixes from one IGP area are redistributed into BGP without changing the next hop.
D. The ABR is a BGP route reflector and sets next-hop to self for all reflected routes.
Answer: D
Explanation:
Since the core and aggregation parts of the network are integrated and end-to-end LSPs are provided, the Unified MPLS solution is also referred to as "Seamless MPLS." New technologies or protocols are not used here, only MPLS, Label Distribution Protocol (LDP), IGP, and BGP. Since you do not want to distribute the loopback prefixes of the PE routers from one part of the network into another part, you need to carry the prefixes in BGP. The Internal Border Gateway Protocol (iBGP) is used in one network, so the next hop address of the prefixes is the loopback prefixes of the PE routers, which is not known by the IGP in the other parts of the network. This means that the next hop address cannot be used to recurse to an IGP prefix. The trick is to make the ABR routers Route Reflectors (RR) and set the next hop to self, even for the reflected iBGP prefixes. In order for this to work, a new knob is needed.
Reference: http://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/mpls/116127-configure-technology-00.html
Q298. Refer to the exhibit.
Assume that Cisco Discovery Protocol is supported and enabled only on switches A and C.
Which information is returned when you issue the command show cdp neighbors on switch C?
A. a limited amount of information about switch B
B. neighbor details for switch A
C. neighbor details for switch B
D. neighbor details for switch C
Answer: B
Q299. Which statement about SSHv2 is true?
A. Routers acting as SSH clients can operate without RSA keys.
B. SSHv2 supports port forwarding and compression.
C. The RSA key pair size must be at least 512.
D. You must configure a default gateway before you enable SSHv2.
Answer: A
Q300. What is a cause for unicast flooding?
A. Unicast flooding occurs when multicast traffic arrives on a Layer 2 switch that has directly connected multicast receivers.
B. When PIM snooping is not enabled, unicast flooding occurs on the switch that interconnects the PIM-enabled routers.
C. A man-in-the-middle attack can cause the ARP cache of an end host to have the wrong MAC address. Instead of having the MAC address of the default gateway, it has a MAC address of the man-in-the-middle. This causes all traffic to be unicast flooded through the man-in-the-middle, which can then sniff all packets.
D. Forwarding table overflow prevents new MAC addresses from being learned, and packets destined to those MAC addresses are flooded until space becomes available in the forwarding table.
Answer: D
Explanation:
Causes of Flooding The very cause of flooding is that destination MAC address of the packet is not in the L2 forwarding table of the switch. In this case the packet will be flooded out of all forwarding ports in its VLAN (except the port it was received on). Below case studies display most common reasons for destination MAC address not being known to the switch.
Cause 1: Asymmetric Routing
Large amounts of flooded traffic might saturate low-bandwidth links causing network performance issues or complete connectivity outage to devices connected across such low-bandwidth links
Cause 2: Spanning-Tree Protocol Topology Changes
Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur
Cause 3: Forwarding Table Overflow
Another possible cause of flooding can be overflow of the switch forwarding table. In this case, new addresses cannot be learned and packets destined to such addresses are flooded until some space becomes available in the forwarding table. New addresses will then be learned. This is possible but rare, since most modern switches have large enough forwarding tables to accommodate MAC addresses for most designs.
Reference:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6000-series-switches/23563-143.html