passleader 400 101 (251 to 260)

Proper study guides for Down to date Cisco CCIE Routing and Switching (v5.0) certified begins with Cisco 400 101 dumps preparation products which designed to deliver the Top Quality 400 101 ccie questions by making you pass the 400 101 dumps test at your first time. Try the free passleader 400 101 demo right now.


The article at Testaimer.com going over http://www.testaimer.com/400-101-test is very comprehensive.

Q251. DRAG DROP 

Drag and drop the IPv6 multicast feature on the left to its corresponding function on the right. 

Answer: 


Q252. Which two pieces of information does RTCP use to inform endpoint devices about the RTP flow? (Choose two.) 

A. the transmitted octet 

B. the lost packet count 

C. session control function provisioning information 

D. the CNAME for session participants 

E. the authentication method 

F. MTU size changes in the path of the flow 

Answer: A,B 

Explanation: 

RTCP transports statistics for a media connection and information such as transmitted octet and packet counts, packet loss, packet delay variation, and round-trip delay time. An application may use this information to control quality of service parameters, perhaps by limiting flow, or using a different codec. 

Reference: http://en.wikipedia.org/wiki/RTP_Control_Protocol 


Q253. Which IPv6 tunneling mechanism requires a service provider to use one of its own native IPv6 blocks to guarantee that its IPv6 hosts will be reachable? 

A. 6rd tunneling 

B. automatic 6to4 tunneling 

C. NAT-PT tunneling 

D. ISATAP tunneling 

E. manual ipv6ip tunneling 

F. automatic 4to6 tunneling 

Answer:


Q254. Which three statements about VTP version 3 are true? (Choose three.) 

A. It supports other databases in addition to VLAN. 

B. It supports VLANs up to 4095. 

C. It supports the synchronization of switch configuration templates between switches in the domain. 

D. It supports the transfer of information about private VLAN structures. 

E. It supports the transfer of PVST+ configuration information. 

F. It supports RSTP. 

Answer: A,B,D 

Explanation: 

Much work has gone into improving the usability of VTP version 3 in three major areas: 

. The new version of VTP offers better administrative control over which device is allowed to update other devices' view of the VLAN topology. The chance of unintended and disruptive changes is significantly reduced, and availability is increased. The reduced risk of unintended changes will ease the change process and help speed deployment. 

. Functionality for the VLAN environment has been significantly expanded. Two enhancements are most beneficial for today's networks: 

– In addition to supporting the earlier ISL VLAN range from 1 to 1001, the new version supports the whole IEEE 802.1Q VLAN range up to 4095. 

– In addition to supporting the concept of normal VLANs, VTP version 3 can transfer information regarding Private VLAN (PVLAN) structures. 

. The third area of major improvement is support for databases other than VLAN (for example, MST). 

Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/solution_guide_c78_508010.html 


Q255. Refer to the exhibit. 

Which two possible network conditions can you infer from this configuration? (Choose two.) 

A. The authentication parameters on R1 and R2 are mismatched. 

B. R1 is using the default NTP source configuration. 

C. R1 and R2 have established an NTP session. 

D. R2 is configured as the NTP master with a stratum of 7. 

Answer: A,B 

Explanation: 

Answer A. The NTP associations are not synced, it is only listed as a candidate because it was configured. Routing is not the issue, so it must be mismatched authentication parameters. 

Answer B. NTP sets the source IP address for all NTP packets based on the address of the interface through which the NTP packets are sent. You can configure NTP to use a specific source IP address. 


Q256. Refer to the exhibit. 

R2 is configured as the R1 neighbor in area 51, but R2 fails to receive the configured summary route. Which action can you take to correct the problem? 

A. Replace the summary-address command with the area-range command. 

B. Configure a summary address under R1interface GigabitEthernet0/0. 

C. Configure a summary address under R1 interface GigabitEthernet1/0. 

D. Configure the no discard-route command in the OSPF process of R1. 

E. Configure ip ospf network broadcast under the Loopback0 interface of R1. 

Answer:


Q257. Refer to the exhibit. 

Which two statements about this egress queue are true? (Choose two.) 

A. The queue 3 buffer is allocated 20 percent, its drop threshold is 100 percent, and it is guaranteed 400 percent of memory. 

B. The queue 1 buffer is allocated 30 percent, its drop threshold is 25 percent, and it is guaranteed 100 percent of memory. 

C. The queue 1 buffer is allocated 30 percent, its drop threshold is 100 percent, and it is guaranteed 150 percent of memory. 

D. The queue 2 buffer is allocated 30 percent, its drop threshold is 200 percent, and it can use at maximum 400 percent of memory. 

E. The queue 3 buffer is allocated 30 percent, its drop threshold is 100 percent, and it can use at maximum 400 percent of memory. 

Answer: B,D 


Q258. Which three features are considered part of the IPv6 first-hop security suite? (Choose three.) 

A. DNS guard 

B. destination guard 

C. DHCP guard 

D. ICMP guard 

E. RA guard 

F. DoS guard 

Answer: B,C,E 

Explanation: 

Cisco IOS has (at least) these IPv6 first-hop security features: IPv6 RA Guard rejects fake RA messages coming from host (non-router) ports (not sure whether it handles all possible IPv6 header fragmentation attacks). Interestingly, it can also validate the contents of RA messages (configuration flags, list of prefixes) received through router-facing ports, potentially giving you a safeguard against an attack of fat fingers. DHCPv6 Guard blocks DHCPv6 messages coming from unauthorized DHCPv6 servers and relays. Like IPv6 RA Guard it also validates the DHCPv6 replies coming from authorized DHCPv6 servers, potentially providing protection against DHCPv6 server misconfiguration. IPv6 Snooping and device tracking builds a IPv6 First-Hop Security Binding Table (nicer name for ND table) by monitoring DHCPv6 and ND messages as well as regular IPv6 traffic. The binding table can be used to stop ND spoofing (in IPv4 world we’d call this feature DHCP Snooping and Dynamic ARP Inspection). IPv6 Source Guard uses the IPv6 First-Hop Security Binding Table to drop traffic from unknown sources or bogus IPv6 addresses not in the binding table. The switch also tries to recover from lost address information, querying DHCPv6 server or using IPv6 neighbor discovery to verify the source IPv6 address after dropping the offending packet(s). IPv6 Prefix Guard is denies illegal off-subnet traffic. It uses information gleaned from RA messages and IA_PD option of DHCPv6 replies (delegated prefixes) to build the table of valid prefixes. IPv6 Destination Guard drops IPv6 traffic sent to directly connected destination addresses not in IPv6 First-Hop Security Binding Table, effectively stopping ND exhaustion attacks. 

Reference: http://blog.ipspace.net/2013/07/first-hop-ipv6-security-features-in.html 


Q259. DRAG DROP 

Drag and drop the multiprotocol BGP feature on the left to the corresponding description on the right. 

Answer: 


Q260. Which three address family types does EIGRP support? (Choose three.) 

A. IPv4 unicast 

B. IPv4 multicast 

C. IPv6 unicast 

D. IPv6 multicast 

E. IPv4 anycast 

F. IPv6 anycast 

Answer: A,B,C