Point Checklist: 400 101 ccie

Want to know Examcollection 400 101 pdf Exam practice test features? Want to lear more about Cisco CCIE Routing and Switching (v5.0) certification experience? Study Real Cisco 400 101 dumps answers to Improved passleader 400 101 questions at Examcollection. Gat a success with an absolute guarantee to pass Cisco 400 101 ccie (CCIE Routing and Switching (v5.0)) test on your first attempt.

Q111. An access switch at a remote location is connected to the spanning-tree root with redundant uplinks. A network engineer notices that there are issues with the physical cabling of the current root port. The engineer decides to force the secondary link to be the desired forwarding root port. Which action accomplishes this task? 

A. Adjust the secondary link to have a lower priority than the primary link. 

B. Change the link type to point-to-point. 

C. Apply a BPDU filter on the primary interface of the remote switches. 

D. Enable Rapid Spanning Tree to converge using the secondary link. 


Q112. Which three statements are true about an EtherChannel? (Choose three.) 

A. PAGP and LACP can be configured on the same switch if the switch is not in the same EtherChannel. 

B. EtherChannel ports in suspended state can receive BPDUs but cannot send them. 

C. An EtherChannel forms between trunks that are using different native VLANs. 

D. LACP can operate in both half duplex and full duplex, if the duplex setting is the same on both ends. 

E. Ports with different spanning-tree path costs can form an EtherChannel. 

Answer: A,B,E 


Answer A. EtherChannel groups running PAgP and LACP can coexist on the same switch or on different switches in the stack. Individual EtherChannel groups can run either PAgP or LACP, but they cannot interoperate. 

Answer B: 

EtherChannel Member Port States 

Port States 



The port is part of an EtherChannel and can send and receive BPDUs and data traffic. 


The port is not part of an EtherChannel. The port can receive BPDUs but cannot send them. Data traffic is blocked. 


The port is not bundled in an EtherChannel. The port functions as a standalone data port. The port can send and receive BPDUs and data traffic. 

Answer E. Ports with different spanning-tree path costs can form an EtherChannel if they are otherwise compatibly configured. Setting different spanning-tree path costs does not, by itself, make ports incompatible for the formation of an EtherChannel. 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/layer2/configuration_guide/b_lay2_152ex_2960-x_cg/b_lay2_152ex_2960-x_cg_chapter_010.html 

Q113. Now that we’ve generated the key, our next step would be to configure our vty lines for SSH access and specify which database we are going to use to provide authentication to the device. The local database on the router will do just fine for this example. 

LabRouter(config)#line vty 0 4 

LabRouter(config-line)#login local 

LabRouter(config-line)#transport input ssh 

5. You will need to create an account on the local router’s database to be used for authenticating to the device. This can be accomplished with these commands. LabRouter(config)#username XXXX privilege 15 secret XXXX 

Reference: http://blog.pluralsight.com/configure-secure-shell-ssh-on-cisco-router 

Q114. Refer to the exhibit. 

You have configured two routing protocols across this point-to-point link. How many BFD sessions will be established across this link? 

A. three per interface 

B. one per multicast address 

C. one per routing protocol 

D. one per interface 



Cisco devices will use one Bidirectional Forwarding Detection (BFD) session for multiple client protocols in the Cisco implementation of BFD for Cisco IOS Releases 12.2(18)SXE, 12.0(31)S, and 12.4(4)T. For example, if a network is running OSPF and EIGRP across the same link to the same peer, only one BFD session will be established, and BFD will share session information with both routing protocols. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/fs_bfd.html#wp1053749 

Q115. Which two options are required parts of an EEM policy? (Choose two.) 

A. event register keyword 

B. body 

C. environment must defines 

D. namespace import 

E. entry status 

F. exit status 

Answer: A,B 


EEM policies require two parts: the event register keyword and the body. The remaining 

parts of the policy are optional: environment must defines, namespace import, entry status, 

and exit status (Figure 5). 

Figure 5. EEM Policy Parts 

Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-


Q116. Which three features require Cisco Express Forwarding? (Choose three.) 


B. AutoQoS 

C. fragmentation 


E. UplinkFast 

F. BackboneFast 

Answer: A,B,D 


QoS Features That Require CEF 

These class-based QoS features are supported only on routers that run CEF. 

.Network Based Application Recognition (NBAR) provides intelligent network classification. For more information, refer to Network Based Application Recognition. 

. The AutoQoS -VoIP feature simplifies and speeds up the implementation and provisioning of QoS for VoIP traffic. This feature is enabled with the help of the auto qos voip command. CEF must be enabled at the interface or ATM PVC before the auto qos command can be used. For more information about this feature and its prerequisites, refer to AutoQoS -VoIP. 

From MPLS Fundamentals - Luc De Ghein 

Why Is CEF Needed in MPLS Networks? 

Concerning MPLS, CEF is special for a certain reason; otherwise, this book would not explicitly cover it. Labeled packets that enter the router are switched according to the label forwarding information base (LFIB) on the router. IP packets that enter the router are switched according to the CEF table on the router. Regardless of whether the packet is switched according to the LFIB or the CEF table, the outgoing packet can be a labeled packet or an IP packet 

Reference: http://www.cisco.com/c/en/us/support/docs/asynchronous-transfer-mode-atm/ip-to-atm-class-of-service/4800-cefreq.html 

Q117. Which authentication method does OSPFv3 use to secure communication between neighbors? 

A. plaintext 



D. IPSec 



In order to ensure that OSPFv3 packets are not altered and re-sent to the device, causing the device to behave in a way not desired by its system administrators, OSPFv3 packets must be authenticated. OSPFv3 uses the IPsec secure socket API to add authentication to OSPFv3 packets. This API supports IPv6. OSPFv3 requires the use of IPsec to enable authentication. Crypto images are required to use authentication, because only crypto images include the IPsec API needed for use with OSPFv3. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-sy/iro-15-sy-book/ip6-route-ospfv3-auth-ipsec.html 

Q118. Refer to the exhibit. 

Which statement about the R1 configuration is true? 

A. It permits host to establish a Telnet connection to R1. 

B. It limits remote hosts to two SSH connection attempts. 

C. SSH connections to R1 will log out after a 5-minute idle interval. 

D. Hosts that reside on network can SSH to R1. 

E. The R1 timeout for outgoing SSH connection attempts is 30 seconds. 



The timeout for outgoing SSH connection is defined by the “ip sshh time-out” command (in seconds), which is configured here as 30. 

Q119. Refer to the exhibit. 

A tunnel is configured between R3 to R4 sourced with their loopback interfaces. The ip pim sparse-dense mode command is configured on the tunnel interfaces and multicast-routing is enabled on R3 and R4. The IP backbone is not configured for multicast routing. 

The RPF check has failed toward the multicast source. 

Which two conditions could have caused the failure? (Choose two.) 

A. The route back to the RP is through a different interface than tunnel 0. 

B. The backbone devices can only route unicast traffic. 

C. The route back to the RP is through the same tunnel interface. 

D. A static route that points the RP to GigabitEthernet1/0 is configured. 

Answer: A,D 


.For a successful RPF verification of multicast traffic flowing over the shared tree (*,G) from RP, an ip mroute rp-address nexthop command needs to be configured for the RP address, that points to the tunnel interface. 

A very similar scenario can be found at the reference link below: 

Reference: http://www.cisco.com/c/en/us/support/docs/ip/ip-multicast/43584-mcast-over-gre.html 


Drag and drop the LACP elements on the left into the correct priority order in the hot-standby port-selection process on the right.