Ultimate Guide: ccie 400 101 dumps

Proper study guides for Down to date Cisco CCIE Routing and Switching (v5.0) certified begins with Cisco 400 101 ccie preparation products which designed to deliver the Precise passleader 400 101 questions by making you pass the ccie 400 101 dumps test at your first time. Try the free cisco 400 101 demo right now.

Q181. Refer to the exhibit. 

With these configurations for R1 and R2, which statement about PPP authentication is true? 

A. Authentication fails because R1 is missing a username and password. 

B. R2 responds with the correct authentication credentials. 

C. R2 requires authentication from R1. 

D. R1 requires authentication from R2. 

Answer:

Explanation: 

Only R2 is configured with the “PPP authentication PAP” command so it requires authentication from R1, but R1 does not require authentication from R2. 


Q182. Refer to the exhibit. 

If a Layer 3 switch running OSPF in a VRF-lite configuration reports this error, which action can you take to correct the problem? 

A. Set mls cef maximum-routes in the global configuration. 

B. Add the vrf-lite capability to the OSPF configuration. 

C. Upgrade the Layer 3 switch to a model that can support more routes. 

D. Configure the control plane with a larger memory allocation to support the Cisco Express Forwarding Information Base. 

Answer:


Q183. DRAG DROP 

Drag and drop the BGP attribute on the left to the correct category on the right. 

Answer: 


Q184. Which three modes are valid for forming an EtherChannel between the ports of two switches? (Choose three.) 

A. Active/active 

B. Active/passive 

C. Passive/passive 

D. Auto/auto 

E. Auto/desirable 

F. Desirable/on 

Answer: A,B,E 

Explanation: 

To configure an EtherChannel using LACP negotiation, each side must be set to either active or passive; only interfaces configured in active mode will attempt to negotiate an EtherChannel. Passive interfaces merely respond to LACP requests. PAgP behaves the same, but its two modes are refered to as desirable and auto. 

Reference: http://packetlife.net/blog/2010/jan/18/etherchannel-considerations/ 


Q185. Which two statements about SoO checking in EIGRP OTP deployments are true? (Choose two). 

A. During the import process, the SoO value in BGP is checked against the SoO value of the site map. 

B. During the reception of an EIGRP update, the SoO value in the EIGRP update is checked against the SoO value of the site map on the ingress interface. 

C. At the ingress of the PE/CE link, the SoO in the EIGRP update is checked against the SoO within the PE/CE routing protocol. 

D. At the egress of the PE/CE link, the SoO is checked against the SoO within the PE/CE routing protocol. 

E. The SoO is checked at the ingress of the backdoor link. 

F. The SoO is checked at the egress of the backdoor link. 

Answer: A,B 

Explanation: 

. SoO checking: 

– During the import process the SoO value in BGP update is checked against the SoO value of the site-map attached to VRF interface. The update is propagated to CE only if there is no match (this check is done regardless of protocol used on PE/CE link). 

– At reception of EIGRP update, the SoO value in the EIGRP update is checked against the SoO value of site-map attached to the incoming interface. This update is accepted only if there is no match (this check can optionally be done on backdoor router). 

Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ip-routing/whitepaper_C11-730404.html 


Q186. Refer to the exhibit. 

Which two commands are required on R3 in order for MPLS to function? (Choose two.) 

A. mpls ip 

B. ip cef 

C. mpls label protocol tdp 

D. mpls ip propagate-ttl 

Answer: A,B 


Q187. Which three benefits does the Cisco Easy Virtual Network provide to an enterprise network? 

(Choose three.) 

A. simplified Layer 3 network virtualization 

B. improved shared services support 

C. enhanced management, troubleshooting, and usability 

D. reduced configuration and deployment time for dot1q trunking 

E. increased network performance and throughput 

F. decreased BGP neighbor configurations 

Answer: A,B,C 


Q188. Refer to the exhibit. 

Traffic from CE1 to CE2 is traveling through the core instead of through R1. All the PE routers have a similar configuration, and BGP peering and extended-community meshing are configured correctly. 

Which configuration change routes the traffic through R1? 

A) 

B) 

C) 

D) 

A. Exhibit A 

B. Exhibit B 

C. Exhibit C 

D. Exhibit D 

Answer:


Q189. DRAG DROP 

Drag each IS-IS command on the left to its effect on the right. 

Answer: 


Q190. EIGRP allows configuration of multiple MD5 keys for packet authentication to support easy rollover from an old key to a new key. Which two statements are true regarding the usage of multiple authentication keys? (Choose two.) 

A. Received packets are authenticated by the key with the smallest key ID. 

B. Sent packets are authenticated by all valid keys, which means that each packet is replicated as many times as the number of existing valid keys. 

C. Received packets are authenticated by any valid key that is chosen. 

D. Sent packets are authenticated by the key with the smallest key ID. 

Answer: C,D 

Explanation: 

Suppose two routers are connected with each other via Fa0/0 interfaces and they are configured to authenticate via MD5. Below is a simple configuration on both routers so that they will work: 

Router1(config)#key chain KeyChainR1 

Router1(config-keychain)#key 1 

Router1(config-keychain-key)#key-string FirstKey 

Router1(config-keychain-key)#key 2 

Router1(config-keychain-key)#key-string SecondKey 

Router2(config)#key chain KeyChainR2 

Router2(config-keychain)#key 1 

Router2(config-keychain-key)#key-string FirstKey 

Router2(config-keychain-key)#key 2 

Router2(config-keychain-key)#key-string SecondKey 

Apply these key chains to R1 & R2: 

Router1(config)#interface fastEthernet 0/0 

Router1(config-if)#ip authentication mode eigrp 1 md5 

Router1(config-if)#ip authentication key-chain eigrp 1 KeyChainR1 

Router2(config)#interface fastEthernet 0/0 

Router2(config-if)#ip authentication mode eigrp 1 md5 

Router2(config-if)#ip authentication key-chain eigrp 1 KeyChainR2 

There are some rules to configure MD5 authentication with EIGRP: 

+ The key chain names on two routers do not have to match (in this case the name “KeyChainR1 & “KeyChainR2 do not match) 

+ The key number and key-string on the two potential neighbors must match (for example “key 1 & “key-string FirstKey” must match on “key 1” & “key-string FirstKey” of neighboring router) Also some facts about MD5 authentication with EIGRP 

+ When sending EIGRP messages the lowest valid key number is used -> D is correct. 

+ When receving EIGRP messages all currently configured valid keys are verified but the lowest valid one will be used -> Although answer C does not totally mention like that but it is the most suitable answer because A and B are totally wrong. Answer A is not correct because we need valid key to authenticate. As mentioned above, although answer C is not totally correct but it puts some light on why 

answer B is not correct: each packet is NOT “replicated as many times as the number of existing valid keys”. All currently configured valid keys are verified but the lowest valid one will be used.