★ Pass on Your First TRY ★ 100% Money Back Guarantee ★ Realistic Practice Exam Questions
Free Instant Download NEW 400-101 Exam Dumps (PDF & VCE):
Available on:
https://www.certleader.com/400-101-dumps.html
Want to know Testking 400-101 Exam practice test features? Want to lear more about Cisco CCIE Routing and Switching (v5.0) certification experience? Study Accurate Cisco 400-101 answers to Leading 400-101 questions at Testking. Gat a success with an absolute guarantee to pass Cisco 400-101 (CCIE Routing and Switching (v5.0)) test on your first attempt.
2021 Apr 400-101 torrent
Q21. Which two Cisco IOS AAA features are available with the local database? (Choose two.)
A. command authorization
B. network access authorization
C. network accounting
D. network access authentication
Answer: A,D
Explanation:
Configuring the Local Database
This section describes how to manage users in the local database. You can use the local database for CLI access authentication, privileged mode authentication, command authorization, network access authentication, and VPN authentication and authorization. You cannot use the local database for network access authorization. The local database does not support accounting.
Reference: http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_gd/aaa.h tml
Q22. Refer to the exhibit.
Which two statements about the output are true? (Choose two.)
A. It indicates that prefix aggregation cache export is enabled on the device.
B. It was obtained with the show ip cache flow command.
C. It indicates that the device is using NetFlow version 5.
D. It indicates that the flows are being sent to a destination using an RFC1918 address.
Answer: C,D
Explanation:
C. The fourth line shows that Version 5 is being used.
D. The third line shows that the destination server is 10.5.206.250, which of course is a private, RFC 1918 address.
Q23. Which option is the default point of insertion for the BGP cost community?
A. before best path calculation
B. after best path calculation
C. after the IGP metric comparison
D. after the router ID comparison
Answer: C
Q24. Refer to the exhibit.
Which statement about this GET VPN configuration is true?
A. Router 1 acts as the primary key server because it has a higher priority.
B. An RSA key has been imported into the configuration.
C. The GDOI group configuration generated a key.
D. DPD is disabled.
Answer: A
Q25. DRAG DROP
Drag and drop each step in the performance-monitoring configuration process on the left into the correct order on the right.
Answer:
Renovate 400-101 actual test:
Q26. Which option describes how a VTPv3 device responds when it detects a VTPv2 device on a trunk port?
A. It sends VTPv3 packets only.
B. It sends VTPv2 packets only.
C. It sends VTPv3 and VTPv2 packets.
D. It sends a special packet that contains VTPv3 and VTPv2 packet information.
Answer: C
Explanation:
When a VTP version 3 device on a trunk port receives messages from a VTP version 2 device, the VTP version 3 device sends a scaled-down version of the VLAN database on that particular trunk in a VTP version 2 format. A VTP version 3 device does not send out VTP version 2-formatted packets on a trunk port unless it first receives VTP version 2 packets on that trunk. If the VTP version 3 device does not receive VTP version 2 packets for an interval of time on the trunk port, the VTP version 3 device stops transmitting VTP version 2 packets on that trunk port. Even when a VTP version 3 device detects a VTP version 2 device on a trunk port, the VTP version 3 device continues to send VTP version 3 packets in addition to VTP version 3 device 2 packets, to allow two kinds of neighbors to coexist on the trunk. VTP version 3 sends VTP version 3 and VTP version 2 updates on VTP version 2-detected trunks.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vtp.html
Q27. Refer to the exhibit.
Why is the prefix 1.1.1.1/32 not present in the routing table of R1?
A. There is a duplicate router ID.
B. There is a subnet mask mismatch on Ethernet0/0.
C. The router LSA has an invalid checksum.
D. There is an OSPF network type mismatch that causes the advertising router to be unreachable.
Answer: D
Explanation:
A common problem when using Open Shortest Path First (OSPF) is routes in the database don't appear in the routing table. In most cases OSPF finds a discrepancy in the database so it doesn't install the route in the routing table. Often, you can see the Adv Router is not-reachable message (which means that the router advertising the LSA is not reachable through OSPF) on top of the link-state advertisement (LSA) in the database when this problem occurs. Here is an example:
Adv Router is not-reachable
LS agE. 418
Options: (No TOS-capability, DC)
LS TypE. Router
Links Link State ID. 172.16.32.2
Advertising Router: 172.16.32.2
LS Seq Number: 80000002
Checksum: 0xFA63
Length: 60
Number of Links: 3
There are several reasons for this problem, most of which deal with mis-configuration or a broken topology. When the configuration is corrected the OSPF database discrepancy goes away and the routes appear in the routing table.
Reason 1: Network Type Mismatch
Let's use the following network diagram as an example:
R4-4K
R1-7010
interface Loopback0
ip address 172.16.33.1 255.255.255.255
interface Serial2
ip address 172.16.32.1 255.255.255.0
ip ospf network broadcast
router ospf 20
network 172.16.0.0 0.0.255.255 area 0
interface Loopback0
ip address 172.16.30.1 255.255.255.255
!
interface Serial1/0
ip address 172.16.32.2 255.255.255.0
clockrate 64000
router ospf 20
network 172.16.0.0 0.0.255.255 area 0
R4-4K(4)# show ip ospf interface serial 2
Serial2 is up, line protocol is up
Internet Address 172.16.32.1/24, Area 0
Process ID 20, Router ID 172.16.33.1, Network Type BROADCAST, Cost: 64
Transmit Delay is 1 sec, State DR, Priority 1
Designated Router (ID) 172.16.33.1, Interface address 172.16.32.1
Backup Designated router (ID) 172.16.32.2, Interface address 172.16.32.2
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:08
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 172.16.32.2 (Backup Designated Router)
Suppress hello for 0 neighbor(s)
R1-7010(5)# show ip ospf interface serial 1/0
Serial1/0 is up, line protocol is up
Internet Address 172.16.32.2/24, Area 0
Process ID 20, Router ID 172.16.32.2, Network Type POINT_TO_POINT, Cost: 64
Transmit Delay is 1 sec, State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5
Hello due in 00:00:02
Neighbor Count is 1, Adjacent neighbor count is 1
Adjacent with neighbor 172.16.33.1
Suppress hello for 0 neighbor(s)
As you can see above, Router R4-4K is configured for broadcast, and Router R1-7010 is configured for point-to-point. This kind of network type mismatch makes the advertising router unreachable.
R4-4K(4)# show ip ospf database router 172.16.32.2
Adv Router is not-reachable
LS agE. 418
Options: (No TOS-capability, DC)
LS TypE. Router Links
Link State ID. 172.16.32.2
Advertising Router: 172.16.32.2
LS Seq Number: 80000002
Checksum: 0xFA63
Length: 60
Number of Links: 3
Link connected to: another Router (point-to-point)
(Link ID) Neighboring Router ID. 172.16.33.1
(Link Data) Router Interface address: 172.16.32.2
Number of TOS metrics: 0
TOS 0 Metrics: 64
Link connected to: a Stub Network
(Link ID) Network/subnet number: 172.16.32.0
(Link Data) Network Mask: 255.255.255.0
Number of TOS metrics: 0
TOS 0 Metrics: 64
R1-7010(5)# show ip ospf database router 172.16.33.1
Adv Router is not-reachable
LS agE. 357
Options: (No TOS-capability, DC)
LS TypE. Router Links
Link State ID. 172.16.33.1
Advertising Router: 172.16.33.1
LS Seq Number: 8000000A
Checksum: 0xD4AA
Length: 48
Number of Links: 2
Link connected to: a Transit Network
(Link ID) Designated Router address: 172.16.32.1
(Link Data) Router Interface address: 172.16.32.1
Number of TOS metrics: 0
TOS 0 Metrics: 64
You can see that for subnet 172.16.32.0/24, Router R1-7010 is generating a point-to-point link and Router R4-4K is generating a transit link. This creates a discrepancy in the link-state database, which means no routes are installed in the routing table.
R1-7010(5)# show ip route
172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C 172.16.32.0/24 is directly connected, Serial1/0
C 172.16.30.1/32 is directly connected, Loopback0
Solution
To solve this problem, configure both routers for the same network type. You can either change the network type of Router R1-7010 to broadcast, or change Router R4-4K's serial interface to point-to-point.
Reference: http://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/7112-26.html
Q28. According to RFC 4577, OSPF for BGP/MPLS IP VPNs, when must the down bit be set?
A. when an OSPF route is distributed from the PE to the CE, for Type 3 LSAs
B. when an OSPF route is distributed from the PE to the CE, for Type 5 LSAs
C. when an OSPF route is distributed from the PE to the CE, for Type 3 and Type 5 LSAs
D. when an OSPF route is distributed from the PE to the CE, for all types of LSAs
Answer: C
Explanation:
If an OSPF route is advertised from a PE router into an OSPF area, the Down bit (DN) is set. Another PE router in the same area does not redistribute this route into iBGP of the MPLS VPN network if down is set.
RFC 4577 says:
“When a type 3 LSA is sent from a PE router to a CE router, the DN bit in the LSA Options field MUST be set. This is used to ensure that if any CE router sends this type 3 LSA to a PE router, the PE router will not redistribute it further. When a PE router needs to distribute to a CE router a route that comes from a site outside the latter’s OSPF domain, the PE router presents itself as an ASBR (Autonomous System Border Router), and distributes the route in a type 5 LSA. The DN bit [OSPF-DN] MUST be set in these LSAs to ensure that they will be ignored by any other PE routers that receive them.”
For more information about Down bit according to RFC 4577 please read more herE. http://tools.ietf.org/html/rfc4577#section-4.2.5.1.
Q29. Which three options are characteristics of a Type 10 LSA? (Choose three.)
A. It is an area-local, opaque LSA.
B. Data is flooded to all routers in the LSA scope.
C. It is used for traffic-engineering extensions to OSPF.
D. It is a link-local, opaque LSA.
E. Data is flooded only to the routers in the LSA scope that understand the data.
F. It is used for traffic-engineering extensions to LDP.
Answer: A,B,C
Q30. DRAG DROP
Drag and drop the IS-IS component on the left to the function that it performs on the right.
Answer: