Amazing cisco 400 101 secrets

Pass4sure ccie 400 101 Questions are updated and all cisco 400 101 answers are verified by experts. Once you have completely prepared with our ccie 400 101 dumps exam prep kits you will be ready for the real 400 101 ccie exam without a problem. We have Renew Cisco ccie 400 101 dumps dumps study guide. PASSED cisco 400 101 First attempt! Here What I Did.

Q21. Refer to the exhibit. 

What will be the IP MTU of tunnel 0? 

A. 1500 

B. 1524 

C. 1476 

D. 1452 

E. 1548 

Answer:

Explanation: 

In the case of the GRE tunnel interface, the IP maximum transmission unit (MTU) is 24 bytes less than the IP MTU of the real outgoing interface. For an Ethernet outgoing interface that means the IP MTU on the tunnel interface would be 1500 minus 24, or 1476 bytes. 

Reference: A spoke site that is connected to Router-A cannot reach a spoke site that is connected to Router-B, but both spoke sites can reach the hub. What is the likely cause of this issue http://www.cisco.com/c/en/us/support/docs/ip/generic-routing-encapsulation-gre/13725-56.html 


Q22. Which two statements about class maps are true? (Choose two.) 

A. As many as eight DSCP values can be included in a match dscp statement. 

B. The default parameter on a class map with more than one match command is match-any. 

C. The match class command can nest a class map within another class map. 

D. A policy map can be used to designate a protocol within a class map. 

Answer: A,C 

Explanation: 

Answer A. 

Router(config-cmap)# match [ip] dscp dscp-value [dscp-value dscp-value dscp-value 

dscp-value dscp-value dscp-value dscp-value] 

(Optional) Identifies a specific IP differentiated service code point (DSCP) value as a match criterion. Up to eight DSCP values can be included in one match statement. 

Answer C. 

Router config-cmap)# match class-map class-name (Optional) Specifies the name of a traffic class to be used as a matching criterion (for nesting traffic class [nested class maps] within one another). 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/configuration/guide/fqos_c/qcfmcli2.html 


Q23. Refer to the exhibit. 

Which statement about authentication on Router A is true? 

A. The router will attempt to authenticate users against TACACS+ only. 

B. The router will attempt to authenticate users against the local database only. 

C. The router will attempt to authenticate users against the local database first, and fall back to TACACS+ if the local database authentication fails. 

D. The router will authenticate users against the default database only. 

E. The router will attempt to authenticate users against TACACS+ first, and fall back to the local database if the TACACS+ authentication fails. 

Answer:


Q24. Which two packet types does an RTP session consist of? (Choose two.) 

A. TCP 

B. RTCP 

C. RTP 

D. ICMP 

E. BOOTP 

F. ARP 

Answer: B,C 

Explanation: 

An RTP session is established for each multimedia stream. A session consists of an IP address with a pair of ports for RTP and RTCP. For example, audio and video streams use separate RTP sessions, enabling a receiver to deselect a particular stream. The ports which form a session are negotiated using other protocols such as RTSP (using SDP in the setup method) and SIP. According to the specification, an RTP port should be even and the RTCP port is the next higher odd port number. 

Reference: http://en.wikipedia.org/wiki/Real-time_Transport_Protocol 


Q25. Refer to the exhibit. 

Which statement about the R1 configuration is true? 

A. It permits host 10.1.1.2 to establish a Telnet connection to R1. 

B. It limits remote hosts to two SSH connection attempts. 

C. SSH connections to R1 will log out after a 5-minute idle interval. 

D. Hosts that reside on network 10.0.0.0/8 can SSH to R1. 

E. The R1 timeout for outgoing SSH connection attempts is 30 seconds. 

Answer:

Explanation: 

The timeout for outgoing SSH connection is defined by the “ip sshh time-out” command (in seconds), which is configured here as 30. 


Q26. DRAG DROP 

Drag each traceroute text character on the left to its meaning on the right. 

Answer: 


Q27. Refer to the exhibit. 

Which statement about the output is true? 

A. The flow is an HTTPS connection to the router, which is initiated by 144.254.10.206. 

B. The flow is an HTTP connection to the router, which is initiated by 144.254.10.206. 

C. The flow is an HTTPS connection that is initiated by the router and that goes to 144.254.10.206. 

D. The flow is an HTTP connection that is initiated by the router and that goes to 144.254.10.206. 

Answer:

Explanation: 

We can see that the connection is initiated by the Source IP address shown as 144.254.10.206. We also see that the destination protocol (DstP) shows 01BB, which is in hex and translates to 443 in decimal. SSL/HTTPS uses port 443. 


Q28. Which two statements about packet fragmentation on an IPv6 network are true? (Choose two.) 

A. The fragment header is 64 bits long. 

B. The identification field is 32 bits long. 

C. The fragment header is 32 bits long. 

D. The identification field is 64 bits long. 

E. The MTU must be a minimum of 1280 bytes. 

F. The fragment header is 48 bits long. 

Answer: A,B 

Explanation: 

The fragment header is shown below, being 64 bits total with a 32 bit identification field: 

Reference: http://www.openwall.com/presentations/IPv6/img24.html 


Q29. Which two issues is TCP Sequence Number Randomization designed to prevent? (Choose two.) 

A. DDOS attacks 

B. OS fingerprinting 

C. man-in-the-middle attacks 

D. ARP poisoning 

E. Smurf attack 

Answer: B,C 


Q30. Which statement about WAN Ethernet Services is true? 

A. Rate-limiting can be configured per EVC. 

B. Point-to-point processing and encapsulation are performed on the customer network. 

C. Ethernet multipoint services function as a multipoint-to-multipoint VLAN-based connection. 

D. UNIs can perform service multiplexing and all-in-one bundling. 

Answer:

Explanation: 

The MEF has defined a set of bandwidth profiles that can be applied at the UNI or to an EVC. A bandwidth profile is a limit on the rate at which Ethernet frames can traverse the UNI or the EVC. 

Reference: http://www.ciscopress.com/articles/article.asp?p=101367&seqNum=2