Cause all that matters here is passing the Cisco 400 101 ccie exam. Cause all that you need is a high score of cisco 400 101 CCIE Routing and Switching (v5.0) exam. The only one thing you need to do is downloading Actualtests 400 101 pdf exam study guides now. We will not let you down with our money-back guarantee.
Q481. Refer to the exhibit.
Which configuration can you implement on PE-1 to allow CE-1 to receive delegated IPv6 prefixes?
A)
B)
C)
D)
E)
A. Exhibit A
B. Exhibit B
C. Exhibit C
D. Exhibit D
E. Exhibit E
Answer: A
Q482. Which statement about the function of poison reverse in EIGRP is true?
A. It tells peers to remove paths that previously might have pointed to this router.
B. It tells peers to remove paths to save memory and bandwidth.
C. It provides reverse path information for multicast routing.
D. It tells peers that a prefix is no longer reachable.
Answer: A
Explanation:
Poison Reverse in EIGRP states: “Once you learn of a route through an interface, advertise it as unreachable back through that same interface”. For more information please read here. http://www.cisco.com/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/16406-eigrp-toc.html#splithorizon.
Q483. Which Cisco IOS VPN technology leverages IPsec, mGRE, dynamic routing protocol, NHRP, and
Cisco Express Forwarding?
A. FlexVPN
B. DMVPN
C. GETVPN
D. Cisco Easy VPN
Answer: B
Q484. Refer to the exhibit.
Which three statements about this configuration are true? (Choose three.)
A. The default route appears in the global routing table.
B. The static route appears in the VRF red routing table.
C. The subnet 192.168.1.0 is unique to the VRF red routing table.
D. The static route is added to the global routing table and leaked from the VRF red.
E. The subnet 192.168.1.0 is unique to the global routing table.
F. 192.168.1.1 is reachable using any of the addresses on the router where the static route is configured.
Answer: A,B,E
Explanation:
This is an example of the route leaking feature. Here, this static route is created for the red VRF so it will be installed into the red VRF routing table, but the use of the global keyword will cause this default route to appear in the global routing table.
Q485. Refer to the exhibit.
If the downstream router has a summary route configured, which two actions must you take on the local router to create the summary route that summarizes all routes from the downstream router? (Choose two.)
A. Configure the summary address on the interface.
B. Use 10.0.0.0 255.248.0.0 as the summary route.
C. Configure the summary address in the EIGRP process.
D. Use 10.0.0.0 255.252.0.0 as the summary route.
E. Configure a route map to permit the route.
F. Configure a distribute list in.
Answer: A,B
Explanation:
Route summarization works in conjunction with the ip summary-address eigrp interface configuration command, in which additional summarization can be performed. To correctly summarize all the networks shown, the correct route to use is 10.0.0.0 255.248.0.0
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/ip/configuration/guide/fipr_c/1cfeigrp.html
Q486. Which three steps are necessary to enable SSH? (Choose three.)
A. generating an RSA or DSA cryptographic key
B. configuring the version of SSH
C. configuring a domain name
D. configuring VTY lines for use with SSH
E. configuring the port for SSH to listen for connections
F. generating an AES or SHA cryptographic key
Answer: A,C,D
Explanation:
Here are the steps:
1. Configure a hostname for the router using these commands.
yourname#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
yourname (config)#hostname LabRouter
LabRouter(config)#
2. Configure a domain name with the ip domain-name command followed by whatever you would like your domain name to be. I used CiscoLab.com.
LabRouter(config)#ip domain-name CiscoLab.com
3. We generate a certificate that will be used to encrypt the SSH packets using the crypto key generate rsa command.
Take note of the message that is displayed right after we enter this command. “The name for the keys will bE. LabRouter.CiscoLab.com” — it combines the hostname of the router along with the domain name we configured to get the name of the encryption key generated; this is why it was important for us to, first of all, configure a hostname then a domain name before we generated the keys.
Notice also that it asks us to choose a size of modulus for the key we’re about to generate.
The higher the modulus, the stronger the encryption of the key. For our example, we’ll use a modulus of 1024.
Q487. Which three statements about implementing a NAT application layer gateway in a network are true? (Choose three.)
A. It allows client applications to use dynamic ports to communicate with a server regardless of whether NAT is being used.
B. It maintains granular security over application-specific data.
C. It allows synchronization between multiple streams of data between two hosts.
D. Application layer gateway is used only in VoIP/SIP deployments.
E. Client applications require additional configuration to use an application layer gateway.
F. An application layer gateway inspects only the first 64 bytes of a packet before forwarding it through the network.
Answer: A,B,C
Explanation:
An application-level gateway (ALG), also known as an application-layer gateway, is an application that translates the IP address information inside the payload of an application packet. An ALG is used to interpret the application-layer protocol and perform firewall and Network Address Translation (NAT) actions. These actions can be one or more of the following depending on your configuration of the firewall and NAT:
. Allow client applications to use dynamic TCP or UDP ports to communicate with the server application.
. Recognize application-specific commands and offer granular security control over them.
. Synchronize multiple streams or sessions of data between two hosts that are exchanging data.
. Translate the network-layer address information that is available in the application payload
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe-3s/asr1000/nat-xe-3s-asr1k-book/fw-msrpc-supp.html
Q488. Which option is the result if two adjacent routers are configured for OSPF with different process IDs?
A. The routers are unable to establish an adjacency.
B. The routers establish an adjacency, but route exchange fails.
C. The routers establish an adjacency and exchange routes, but the routes are unreachable.
D. The routers establish an adjacency and exchange routes, and the routes are reachable.
Answer: D
Q489. Refer to the exhibit.
At which location will the benefit of this configuration be observed?
A. on Router A and its upstream routers B. on Router A and its downstream routers
C. on Router A only
D. on Router A and all of its ARP neighbors
Answer: B
Explanation:
The following example shows how to configure the router (and downstream routers) to drop all options packets that enter the network: Router(config)# ip options drop
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_0s/feature/guide/sel_drop.html
Q490. Packets from a router with policy-based routing configured are failing to reach the next hop.
Which two additions can you make to the router configuration to enable the packets to flow correctly? (Choose two.)
A. Enable ip proxy-arp on the exiting interface.
B. Specify the next hop as an address.
C. Specify the next hop as an interface.
D. Add a match-any permit statement to the route map.
Answer: A,B
Explanation:
Here is an example:
Router(config)#route-map Engineers permit 20
Router(config-route-map)#match ip address 2
Router(config-route-map)#set interface Ethernet1
Here, instead of specifying a next-hop, it specifies that any packets matching this rule will be forwarded directly out the interface Ethernet1. This means that either the destination device must be on this segment, or there must be a router configured with Proxy ARP that can forward the packet to the ultimate destination.