2021 Apr 300-101 torrent

Q31. A user is having issues accessing file shares on a network. The network engineer advises the user to open a web browser, input a prescribed IP address, and follow the instructions. After doing this, the user is able to access company shares. Which type of remote access did the engineer enable? 

A. EZVPN 

B. IPsec VPN client access 

C. VPDN client access 

D. SSL VPN client access 

Answer:

Explanation: 

The Cisco AnyConnect VPN Client provides secure SSL connections to the security

appliance for remote users. Without a previously installed client, remote users enter the IP address in their

browser of an interface configured to accept SSL VPN connections. Unless the security appliance is

configured to redirect http:// requests to https://, users must enter the URL in the form https://<address>.

After entering the URL, the browser connects to that interface and displays the login screen. If the user

satisfies the login and authentication, and the security appliance identifies the user as requiring the client, it

downloads the client that matches the operating system of the remote computer. After downloading, the

client installs and configures itself, establishes a secure SSL connection and either remains or uninstalls

itself (depending on the security appliance configuration) when the connection terminates. Reference:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next- generation-firewalls/100936-

asa8x-split-tunnel-anyconnect-config.html


Q32. Which PPP authentication method sends authentication information in clear text? 

A. MS CHAP 

B. CDPCP 

C. CHAP 

D. PAP 

Answer:

Explanation: 

PAP authentication involves a two-way handshake where the username and password are

sent across the link in clear text; hence, PAP authentication does not provide any protection against

playback and line sniffing. CHAP authentication, on the other hand, periodically verifies the identity of the

remote node using a three-way handshake. After the PPP link is established, the host sends a "challenge"

message to the remote node. The remote node responds with a value calculated using a one-way hash

function. The host checks the response against its own calculation of the expected hash value. If the

values match, the authentication is acknowledged; otherwise, the connection is terminated. Reference:

http://www.cisco.com/c/en/us/support/docs/wan/point-to-point-protocol-ppp/10241- ppp-callinhostname.

html


Q33. Which statement about dual stack is true? 

A. Dual stack translates IPv6 addresses to IPv4 addresses. 

B. Dual stack means that devices are able to run IPv4 and IPv6 in parallel. 

C. Dual stack translates IPv4 addresses to IPv6 addresses. 

D. Dual stack changes the IP addresses on hosts from IPv4 to IPv6 automatically. 

Answer:

Explanation: 


Q34. Which encapsulation supports an interface that is configured for an EVN trunk? 

A. 802.1Q 

B. ISL 

C. PPP 

D. Frame Relay 

E. MPLS 

F. HDLC 

Answer:

Explanation: 

Restrictions for EVN

An EVN trunk is allowed on any interface that supports 802.1q encapsulation, such as Fast Ethernet,

Gigabit Ethernet, and port channels.

A single IP infrastructure can be virtualized to provide up to 32 virtual networks end-to-end.

If an EVN trunk is configured on an interface, you cannot configure VRF-Lite on the same interface.

OSPFv3 is not supported; OSPFv2 is supported.

Reference: 

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/evn/configuration/xe-3s/evn-xe-3s- book/evnoverview.Pdf


Q35. A network engineer executes the show ip flow export command. Which line in the output indicates that the send queue is full and export packets are not being sent? 

A. output drops 

B. enqueuing for the RP 

C. fragmentation failures 

D. adjacency issues 

Answer:

Explanation: 

Table 5 show ip flow export Field Descriptions Field Description Exporting flows to 10.1.1.1

Specifies the export destinations and ports. (1000) and 10.2.1.1 The ports are in parentheses. Exporting

using source Specifies the source address or interface. IP address 10.3.1.1 Version 5 flow records

Specifies the version of the flow. 11 flows exported in 8 udp The total number of export packets sent, and

datagrams the total number of flows contained within them. 0 flows failed due to lack of No memory was

available to create an export export packet packet. 0 export packets were sent The packet could not be

processed by CEF or up to process level by fast switching, possibly because another feature requires

running on the packet. 0 export packets were Indicates that CEF was unable to switch the dropped due to

no fib packet or forward it up to the process level. 0 export packets were dropped due to adjacency issues

0 export packets were Indicates that the packet was dropped because dropped due to of problems

constructing the IP packet. fragmentation failures 0 export packets were dropped due to encapsulation

fixup failures 0 export packets were Indicates that there was a problem transferring dropped enqueuing for

the the export packet between the RP and the line RP card. 0 export packets were dropped due to IPC

rate limiting 0 export packets were Indicates that the send queue was full while dropped due to output the

packet was being transmitted. drops

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/oaggnf.html


Q36. Which three benefits does the Cisco Easy Virtual Network provide to an enterprise network? (Choose three.) 

A. simplified Layer 3 network virtualization 

B. improved shared services support 

C. enhanced management, troubleshooting, and usability 

D. reduced configuration and deployment time for dot1q trunking 

E. increased network performance and throughput 

F. decreased BGP neighbor configurations 

Answer: A,B,C 

Explanation: 


Q37. You have been asked to evaluate how EIGRP is functioning in a customer network. 

Traffic from R1 to R61 s Loopback address is load shared between R1-R2-R4-R6 and R1-R3-R5-R6 paths. What is the ratio of traffic over each path? 

A. 1:1 

B. 1:5 

C. 6:8 

D. 19:80 

Answer:

Explanation: 


Q38. Refer to the exhibit. The command is executed while configuring a point-to-multipoint Frame Relay interface. Which type of IPv6 address is portrayed in the exhibit? 

A. link-local 

B. site-local 

C. global 

D. multicast 

Answer:

Explanation: 


Q39. Which prefix is matched by the command ip prefix-list name permit 10.8.0.0/16 ge 24 le 24? 

A. 10.9.1.0/24 

B. 10.8.0.0/24 

C. 10.8.0.0/16 

D. 10.8.0.0/23 

Answer:

Explanation: 

With prefix lists, the ge 24 term means greater than or equal to a /24 and the le 24 means less than or

equal to /24, so only a /24 is both greater than or equal to 24 and less than or equal to 24. This translate to any prefix in the 10.8.x.0/24 network, where X is any value in the 0-255 range.

Only the choice of 10.8.0.0.24 matches this.


Q40. For troubleshooting purposes, which method can you use in combination with the “debug ip packet” command to limit the amount of output data? 

A. You can disable the IP route cache globally. 

B. You can use the KRON scheduler. 

C. You can use an extended access list. 

D. You can use an IOS parser. 

E. You can use the RITE traffic exporter. 

Answer:

Explanation: 

The debug ip packet command generates a substantial amount of output and uses a substantial amount of

system resources. This command should be used with caution in production networks. Always use with the access-list command to apply an extended ACL to the debug output. Reference: http://www.cisco.com/c/en/us/support/docs/security/dynamic-multipoint-vpn-dmvpn/111976-dmvpn-troubleshoot-00.html