Cisco 300-101 ExamROUTE Implementing Cisco IP Routing

Total Question: 449 Last Updated: Jul 13,2019
  • Updated 300-101 Dumps
  • Based on Real 300-101 Exams Scenarios
  • Free 300-101 pdf Demo Available
  • Check out our 300-101 Dumps in a new PDF format
  • Instant 300-101 download
  • Guarantee 300-101 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $65.95 $39.99

Buy Now Free Trial

[100% Guarantee] 300-101 Cisco sample question 1-17 (Mar 2016)

Exam Code: 300-101 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Implementing Cisco IP Routing
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 300-101 Exam.

2016 Mar 300-101 Study Guide Questions:

Q1. Which PPP authentication method sends authentication information in clear text? 

A. MS CHAP 

B. CDPCP 

C. CHAP 

D. PAP 

Answer: D 

Explanation: 

PAP authentication involves a two-way handshake where the username and password are

sent across the link in clear text; hence, PAP authentication does not provide any protection against

playback and line sniffing. CHAP authentication, on the other hand, periodically verifies the identity of the

remote node using a three-way handshake. After the PPP link is established, the host sends a "challenge"

message to the remote node. The remote node responds with a value calculated using a one-way hash

function. The host checks the response against its own calculation of the expected hash value. If the

values match, the authentication is acknowledged; otherwise, the connection is terminated. Reference:

http://www.cisco.com/c/en/us/support/docs/wan/point-to-point-protocol-ppp/10241- ppp-callinhostname.

html


Q2. Which two functions are completely independent when implementing NAT64 over NAT-PT? (Choose two.) 

A. DNS 

B. NAT 

C. port redirection 

D. stateless translation 

E. session handling 

Answer: A,B 

Explanation: 

Network Address Translation IPv6 to IPv4, or NAT64, technology facilitates communication

between IPv6-only and IPv4-only hosts and networks (whether in a transit, an access, or an edge

network). This solution allows both enterprises and ISPs to accelerate IPv6 adoption while simultaneously

handling IPv4 address depletion. The DNS64 and NAT64 functions are completely separated, which is

essential to the superiority of NAT64 over NAT-PT. Reference: http:// www.cisco.com/c/en/us/products/

collateral/ios-nx-os-software/enterprise-ipv6- solution/white_paper_c11-676278.html


Q3. A network engineer is asked to configure a "site-to-site" IPsec VPN tunnel. One of the last things that the engineer does is to configure an access list (access-list 1 permit any) along with the command ip nat inside source list 1 int s0/0 overload. Which functions do the two commands serve in this scenario? 

A. The command access-list 1 defines interesting traffic that is allowed through the tunnel. 

B. The command ip nat inside source list 1 int s0/0 overload disables "many-to-one" access for all devices on a defined segment to share a single IP address upon exiting the external interface. 

C. The command access-list 1 permit any defines only one machine that is allowed through the tunnel. 

D. The command ip nat inside source list 1 int s0/0 overload provides "many-to-one" access for all devices on a defined segment to share a single IP address upon exiting the external interface. 

Answer: D 

Explanation: 

Configuring NAT to Allow Internal Users to Access the Internet Using Overloading NAT Router

interface ethernet 0

ip address 10.10.10.1 255.255.255.0

ip nat inside

!--- Defines Ethernet 0 with an IP address and as a NAT inside interface.

interface ethernet 1

ip address 10.10.20.1 255.255.255.0

ip nat inside

!--- Defines Ethernet 1 with an IP address and as a NAT inside interface.

interface serial 0

ip address 172.16.10.64 255.255.255.0

ip nat outside

!--- Defines serial 0 with an IP address and as a NAT outside interface.

ip nat pool ovrld 172.16.10.1 172.16.10.1 prefix 24 !

!--- Defines a NAT pool named ovrld with a range of a single IP

!--- address, 172.16.10.1.

ip nat inside source list 7 pool ovrld overload

!

!

!

!

!--- Indicates that any packets received on the inside interface that

!--- are permitted by access-list 7 has the source

address

!--- translated to an address out of the NAT pool named ovrld.

!--- Translations are overloaded, which allows multiple inside

!--- devices to be translated to the same valid IP

address.

access-list 7 permit 10.10.10.0 0.0.0.31

access-list 7 permit 10.10.20.0 0.0.0.31

!--- Access-list 7 permits packets with source addresses ranging from

!--- 10.10.10.0 through 10.10.10.31 and 10.10.20.0

through 10.10.20.31.

Note in the previous second configuration, the NAT pool "ovrld"only has a range of one address. The

keyword overload used in the ip nat inside source list 7 pool

ovrld overload command allows NAT to translate multiple inside devices to the single address in the pool.

Reference:

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml


Q4. CORRECT TEXT 

JS Industries has expanded their business with the addition of their first remote office. The remote office router (R3) was previously configured and all corporate subnets were reachable from R3. JS Industries is interested in using route summarization along with the EIGRP Stub Routing feature to increase network stability while reducing the memory usage and bandwidth utilization to R3. Another network professional was tasked with implementing this solution. However, in the process of configuring EIGRP stub routing connectivity with the remote network devices off of R3 has been lost. 

Currently EIGRP is configured on all routers R2, R3, and R4 in the network. Your task is to identify and resolve the cause of connectivity failure with the remote office router R3. Once the issue has been resolved you should complete the task by configuring route summarization only to the remote office router R3. 

You have corrected the fault when pings from R2 to the R3 LAN interface are successful, and the R3 IP routing table only contains 2 10.0.0.0 subnets. 





Answer: Here are the solution as below: 

Explanation: 

First we have to figure out why R3 and R4 can not communicate with each other. Use the show running-config command on router R3. 


Notice that R3 is configured as a stub receive-only router. The receive-only keyword will restrict the router from sharing any of its routes with any other router in that EIGRP autonomous system. This keyword will also prevent any type of route from being sent. Therefore we will remove this command and replace it with the eigrp stub command: 

R3# configure terminal 

R3(config)# router eigrp 123 

R3(config-router)# no eigrp stub receive-only 

R3(config-router)# eigrp stub 

R3(config-router)# end 

Now R3 will send updates containing its connected and summary routes to other routers. Notice that the eigrp stub command equals to the eigrp stub connected summary because the connected and summary options are enabled by default. Next we will configure router R3 so that it has only 2 subnets of 10.0.0.0 network. Use the show ip route command on R3 to view its routing table: 


Because we want the routing table of R3 only have 2 subnets so we have to summary sub-networks at the interface which is connected with R3, the s0/0 interface of R4. 

There is one interesting thing about the output of the show ip route shown above: the 10.2.3.0/24, which is a directly connected network of R3. We can’t get rid of it in the routing table no matter what technique we use to summary the networks. Therefore, to make the routing table of R3 has only 2 subnets we have to summary other subnets into one subnet. 

In the output if we don’t see the summary line (like 10.0.0.0/8 is a summary…) then we should use the command ip summary-address eigrp 123 10.2.0.0 255.255.0.0 so that all the ping can work well. 

In conclusion, we will use the ip summary-address eigrp 123 10.2.0.0 255.255.0.0 at the interface s0/0 of R4 to summary. 

R4> enable 

R4# conf t 

R4(config)# interface s0/0 

R4(config-if)# ip summary-address eigrp 123 10.2.0.0 255.255.0.0 

Now we jump back to R3 and use the show ip route command to verify the effect, the output is shown below: 


Note: Please notice that the IP addresses and the subnet masks in your real exam might be different so you might use different ones to solve this question. Just for your information, notice that if you use another network than 10.0.0.0/8 to summary, for example, if you use the command ip summary-address eigrp 123 10.2.0.0 255.255.0.0 you will leave a /16 network in the output of the show ip route command. 


But in your real exam, if you don’t see the line "10.0.0.0/8 is a summary, Null0" then you can summarize using the network 10.2.0.0/16. This summarization is better because all the pings can work well. Finally don’t forget to use the copy run start command on routers R3 and R4 to save the configurations. R3(config-if)# end R3# copy run start R4(config-if)# end R4# copy run start 

If the “copy run start” command doesn’t work then use “write memory.” 


Q5. What is a function of NPTv6? 

A. It interferes with encryption of the full IP payload. 

B. It maintains a per-node state. 

C. It is checksum-neutral. 

D. It rewrites transport layer headers. 

Answer: C 

Explanation: 

RFC 6296 describes a stateless IPv6-to-IPv6 Network Prefix Translation (NPTv6) function,

designed to provide address independence to the edge network. It is transport-agnostic with respect to

transports that do not checksum the IP header, such as SCTP, and to transports that use the TCP/UDP/

DCCP (Datagram Congestion Control Protocol) pseudo-header and checksum NPTv6 provides a simple

and compelling solution to meet the address-independence requirement in IPv6. The addressindependence

benefit stems directly from the translation function of the network prefix translator. To avoid

as many of the issues associated with NAPT44 as possible, NPTv6 is defined to include a two-way,

checksum-neutral, algorithmic translation function, and nothing else. Reference: http://tools.ietf.org/html/

rfc6296


300-101 torrent

Regenerate 300-101 free question:

Q6. Which Cisco IOS VPN technology leverages IPsec, mGRE, dynamic routing protocol, NHRP, and Cisco Express Forwarding? 

A. FlexVPN 

B. DMVPN 

C. GETVPN 

D. Cisco Easy VPN 

Answer: B 

Explanation: Dynamic Multipoint Virtual Private Network (DMVPN) is a dynamic tunneling form of a virtual

private network (VPN) supported on Cisco IOS-based routers and Unix-like Operating Systems based on

the standard protocols, GRE, NHRP and IPsec. This DMVPN provides the capability for creating a

dynamic-mesh VPN network without having to pre-configure (static) all possible tunnel end-point peers,

including IPsec (Internet Protocol Security) and ISAKMP (Internet Security Association and Key

Management Protocol) peers. DMVPN is initially configured to build out a hub-and-spoke network by

statically configuring the hubs (VPN headends) on the spokes, no change in the configuration on the hub is

required to accept new spokes. Using this initial hub-and-spoke network, tunnels between spokes can be

dynamically built on demand (dynamic-mesh) without additional configuration on the hubs or spokes. This

dynamic-mesh capability alleviates the need for any load on the hub to route data between the spoke

networks. DMVPN is combination of the following technologies:

Multipoint GRE (mGRE)

Next-Hop Resolution Protocol (NHRP)

Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP)

Dynamic IPsec encryption

Cisco Express Forwarding (CEF)

Reference: http://en.wikipedia.org/wiki/Dynamic_Multipoint_Virtual_Private_Network


Topic 5, Infrastructure Security 

53. Which traffic does the following configuration allow? 

ipv6 access-list cisco 

permit ipv6 host 2001:DB8:0:4::32 any eq ssh 

line vty 0 4 

ipv6 access-class cisco in 

A. all traffic to vty 0 4 from source 2001:DB8:0:4::32 

B. only ssh traffic to vty 0 4 from source all 

C. only ssh traffic to vty 0 4 from source 2001:DB8:0:4::32 

D. all traffic to vty 0 4 from source all 

Answer: C 

Explanation: 

Here we see that the IPv6 access list called "cisco" is being applied to incoming VTY connections to the

router. IPv6 access list has just one entry, which allows only the single IPv6 IP address of 2001:DB8:0:4::32 to connect using SSH only.


Q7. What does the following access list, which is applied on the external interface FastEthernet 1/0 of the perimeter router, accomplish? 

router(config)#access-list 101 deny ip 10.0.0.0 0.255.255.255 any log 

router (config)#access-list 101 deny ip 192.168.0.0 0.0.255.255 any log 

router (config)#access-list 101 deny ip 172.16.0.0 0.15.255.255 any log 

router (config)#access-list 101 permit ip any any 

router (config)#interface fastEthernet 1/0 

router (config-if)#ip access-group 101 in 

A. It prevents incoming traffic from IP address ranges 10.0.0.0-10.0.0.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255 and logs any intrusion attempts. 

B. It prevents the internal network from being used in spoofed denial of service attacks and logs any exit to the Internet. 

C. It filters incoming traffic from private addresses in order to prevent spoofing and logs any intrusion attempts. 

D. It prevents private internal addresses to be accessed directly from outside. 

Answer: C 

Explanation: 

The private IP address ranges defined in RFC 1918 are as follows:

10.0.0.0 - 10.255.255.255

172.16.0.0 - 172.31.255.255

192.168.0.0 - 192.168.255.255 

These IP addresses should never be allowed from external networks into a

corporate network as they would only be able to reach the network from the outside via routing problems or

if the IP addresses were spoofed. This ACL is used to prevent all packets with a spoofed reserved private

source IP address to enter the network. The log keyword also enables logging of this intrusion attempt.


Q8. Refer to the exhibit. The network setup is running the RIP routing protocol. Which two events will occur following link failure between R2 and R3? (Choose two.) 


A. R2 will advertise network 192.168.2.0/27 with a hop count of 16 to R1. 

B. R2 will not send any advertisements and will remove route 192.168.2.0/27 from its routing table. 

C. R1 will reply to R2 with the advertisement for network 192.168.2.0/27 with a hop count of 16. 

D. After communication fails and after the hold-down timer expires, R1 will remove the 192.168.2.0/27 route from its routing table. 

E. R3 will not accept any further updates from R2, due to the split-horizon loop prevention mechanism. 

Answer: A,C 

Explanation: 


Q9. Which address is used by the Unicast Reverse Path Forwarding protocol to validate a packet against the routing table? 

A. source address 

B. destination address 

C. router interface 

D. default gateway 

Answer: A 

Explanation: 

The Unicast RPF feature helps to mitigate problems that are caused by the introduction of

malformed or forged (spoofed) IP source addresses into a network by discarding IP packets that lack a

verifiable IP source address. For example, a number of common types of denial-of-service (DoS) attacks,

including Smurf and Tribal Flood Network (TFN), can take advantage of forged or rapidly changing source

IP addresses to allow attackers to thwart efforts to locate or filter the attacks. For Internet service providers

(ISPs) that provide public access, Unicast RPF deflects such attacks by forwarding only packets that have

source addresses that are valid and consistent with the IP routing table. This action protects the network of

the ISP, its customer, and the rest of the Internet. Reference: http://www.cisco.com/en/US/docs/ios/12_2/

security/configuration/guide/scfrpf.html


Q10. Which type of BGP AS number is 64591? 

A. a private AS number 

B. a public AS number 

C. a private 4-byte AS number 

D. a public 4-byte AS number 

Answer: A 

Explanation: 


300-101 dumps

100% Guarantee 300-101 exam question:

Q11. To configure SNMPv3 implementation, a network engineer is using the AuthNoPriv security level. What effect does this action have on the SNMP messages? 

A. They become unauthenticated and unencrypted. 

B. They become authenticated and unencrypted. 

C. They become authenticated and encrypted. 

D. They become unauthenticated and encrypted. 

Answer: B 

Explanation: 


Q12. Which encapsulation supports an interface that is configured for an EVN trunk? 

A. 802.1Q 

B. ISL 

C. PPP 

D. Frame Relay 

E. MPLS 

F. HDLC 

Answer: A 

Explanation: 

Restrictions for EVN

An EVN trunk is allowed on any interface that supports 802.1q encapsulation, such as Fast Ethernet,

Gigabit Ethernet, and port channels.

A single IP infrastructure can be virtualized to provide up to 32 virtual networks end-to-end.

If an EVN trunk is configured on an interface, you cannot configure VRF-Lite on the same interface.

OSPFv3 is not supported; OSPFv2 is supported.

Reference: 

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/evn/configuration/xe-3s/evn-xe-3s- book/evnoverview.Pdf


Q13. An engineer executes the ip flow ingress command in interface configuration mode. What is the result of this action? 

A. It enables the collection of IP flow samples arriving to the interface. 

B. It enables the collection of IP flow samples leaving the interface. 

C. It enables IP flow while disabling IP CEF on the interface. 

D. It enables IP flow collection on the physical interface and its subinterfaces. 

Answer: A 

Explanation: 


Q14. Which three items can you track when you use two time stamps with IP SLAs? (Choose three.) 

A. delay 

B. jitter 

C. packet loss 

D. load 

E. throughput 

F. path 

Answer: A,B,C


Q15. An organization decides to implement NetFlow on its network to monitor the fluctuation of traffic that is disrupting core services. After reviewing the output of NetFlow, the network engineer is unable to see OUT traffic on the interfaces. What can you determine based on this information? 

A. Cisco Express Forwarding has not been configured globally. 

B. NetFlow output has been filtered by default. 

C. Flow Export version 9 is in use. 

D. The command ip flow-capture fragment-offset has been enabled. 

Answer: A 

Explanation: 

We came across a recent issue where a user setup a router for NetFlow export but was unable to see the

OUT traffic for the interfaces in NetFlow Analyzer. Every NetFlow configuration aspect was checked and

nothing incorrect was found. That is when we noticed the `no ip cef' command on the router. CEF was

enabled at the global level and within seconds, NetFlow Analyzer started showing OUT traffic for the

interfaces. This is why this topic is about Cisco Express Forwarding.

What is switching?

A Router must make decisions about where to forward the packets passing through. This decision-making

process is called "switching". Switching is what a router does when it makes the following decisions:

1.Whether to forward or not forward the packets after checking that the destination for the packet is

reachable.

2.If the destination is reachable, what is the next hop of the router and which interface will the router use to

get to that destination.

What is CEF?

CEF is one of the available switching options for Cisco routers. Based on the routing table, CEF creates its

own table, called the Forwarding Information Base (FIB). The FIB is organized differently than the routing

table and CEF uses the FIB to decide which interface to send traffic from. CEF offers the following

benefits:

1.Better performance than fast-switching (the default) and takes less CPU to perform the same task.

2.When enabled, allows for advanced features like NBAR

3.Overall, CEF can switch traffic faster than route-caching using fast-switching

How to enable CEF?

CEF is disabled by default on all routers except the 7xxx series routers. Enabling and Disabling CEF is

easy. To enable CEF, go into global configuration mode and

enter the CEF command.

Router# config t

Router(config)# ip cef

Router(config)#

To disable CEF, simply use the `no' form of the command, ie. `no ip cef`.

Why CEF Needed when enabling NetFlow ?

CEF is a prerequisite to enable NetFlow on the router interfaces. CEF decides through which interface

traffic is exiting the router. Any NetFlow analyzer product will calculate the OUT traffic for an interface

based on the Destination Interface value present in the NetFlow packets exported from the router. If the

CEF is disabled on the router, the NetFlow packets exported from the router will have "Destination

interface" as "null" and this leads NetFlow Analyzer to show no OUT traffic for the interfaces. Without

enabling the CEF on the router, the NetFlow packets did not mark the destination interfaces and so

NetFlow Analyzer was not able to show the OUT traffic for the interfaces. Reference: https://

blogs.manageengine.com/network-2/netflowanalyzer/2010/05/19/need-for-cef- in-netflow-data-export.html


Q16. A packet capture log indicates that several router solicitation messages were sent from a local host on the IPv6 segment. What is the expected acknowledgment and its usage? 

A. Router acknowledgment messages will be forwarded upstream, where the DHCP server will allocate addresses to the local host. 

B. Routers on the IPv6 segment will respond with an advertisement that provides an external path from the local subnet, as well as certain data, such as prefix discovery. 

C. Duplicate Address Detection will determine if any other local host is using the same IPv6 address for communication with the IPv6 routers on the segment. 

D. All local host traffic will be redirected to the router with the lowest ICMPv6 signature, which is statically defined by the network administrator. 

Answer: B 

Explanation: 

Router Advertisements (RA) are sent in response to router solicitation messages. Router

solicitation messages, which have a value of 133 in the Type field of the ICMP packet header, are sent by

hosts at system startup so that the host can immediately autoconfigure without needing to wait for the next

scheduled RA message. Given that router solicitation messages are usually sent by hosts at system

startup (the host does not have a configured unicast address), the source address in router solicitation

messages is usually the unspecified IPv6 address (0:0:0:0:0:0:0:0). If the host has a configured unicast

address, the unicast address of the interface sending the router solicitation message is used as the source

address in the message. The destination address in router solicitation messages is the all-routers multicast

address with a scope of the link. When an RA is sent in response to a router solicitation, the destination

address in the RA message is the unicast address of the source of the router solicitation message. RA

messages typically include the following information:

One or more onlink IPv6 prefixes that nodes on the local link can use to automatically configure their IPv6

addresses

Lifetime information for each prefix included in the advertisement

Sets of flags that indicate the type of autoconfiguration (stateless or stateful) that can be completed

Default router information (whether the router sending the advertisement should be used as a default

router and, if so, the amount of time (in seconds) the router should be used as a default router)

Additional information for hosts, such as the hop limit and MTU a host should use in packets that it

originates Reference: http://www.cisco.com/c/en/us/td/docs/ios/ipv6/configuration/guide/12_4t/

ipv6_12_4t_book/ip6- addrg_bsc_con.html


Q17. A network engineer initiates the ip sla responder tcp-connect command in order to gather statistics for performance gauging. Which type of statistics does the engineer see? 

A. connectionless-oriented 

B. service-oriented 

C. connection-oriented 

D. application-oriented 

Answer: C 

Explanation: 

Configuration Examples for IP SLAs TCP Connect Operations The following example shows

how to configure a TCP Connection-oriented operation from Device B to the Telnet port (TCP port 23) of IP

Host 1 (IP address 10.0.0.1), as shown in the "TCP Connect Operation" figure in the "Information About

the IP SLAs TCP Connect Operation" section. The operation is scheduled to start immediately. In this

example, the control protocol is disabled on the source (Device B). IP SLAs uses the control protocol to

notify the IP SLAs responder to enable the target port temporarily. This action allows the responder to reply

to the TCP Connect operation. In this example, because the target is not a Cisco device and a well- known

TCP port is used, there is no need to send the control message. Device A (target device) Configuration

configure terminal ip sla responder tcp-connect ipaddress 10.0.0.1 port 23 

Reference: http://

www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipsla/configuration/15-mt/sla-15- mt-book/ sla_tcp_conn.html


Related 300-101 Articles