Cisco 400-101 ExamCCIE Routing and Switching (v5.0)

Total Question: 427 Last Updated: Oct 11,2018
  • Updated 400-101 Dumps
  • Based on Real 400-101 Exams Scenarios
  • Free 400-101 pdf Demo Available
  • Check out our 400-101 Dumps in a new PDF format
  • Instant 400-101 download
  • Guarantee 400-101 success in first attempt
Package Select:

Questions & Answers PDF

Practice Test Software

Practice Test + PDF 30% Discount

Price: $65.95 $29.99

Buy Now Free Trial

What Renew 400-101 Is?

Best Quality of 400-101 exam answers materials and free samples for Cisco certification for candidates, Real Success Guaranteed with Updated 400-101 pdf dumps vce Materials. 100% PASS CCIE Routing and Switching (v5.0) exam Today!

2017 Mar 400-101 exam price

Q261. Refer to the exhibit. 

Assume that Cisco Discovery Protocol is supported and enabled only on switches A and C. 

Which information is returned when you issue the command show cdp neighbors on switch C? 

A. a limited amount of information about switch B 

B. neighbor details for switch A 

C. neighbor details for switch B 

D. neighbor details for switch C 

Answer:


Q262. Which two parameters does the Tunnel Mode Auto Selection feature select automatically? (Choose two.) 

A. the tunneling protocol 

B. the transport protocol 

C. the ISAKMP profile 

D. the transform-set 

E. the tunnel peer 

Answer: A,B 

Explanation: 

The Tunnel Mode Auto Selection feature eases the configuration and spares you about knowing the responder’s details. This feature automatically applies the tunneling protocol (GRE or IPsec) and transport protocol (IPv4 or IPv6) on the virtual template as soon as the IKE profile creates the virtual access interface. This feature is useful on dual stack hubs aggregating multivendor remote access, such as Cisco AnyConnect VPN Client, Microsoft Windows7 Client, and so on. 

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_vpnips/configuration/xe-3s/sec-sec-for-vpns-w-ipsec-xe-3s-book/sec-ipsec-virt-tunnl.html 


Q263. Which statement about SSHv2 is true? 

A. Routers acting as SSH clients can operate without RSA keys. 

B. SSHv2 supports port forwarding and compression. 

C. The RSA key pair size must be at least 512. 

D. You must configure a default gateway before you enable SSHv2. 

Answer:


Q264. How are the Cisco Express Forwarding table and the FIB related to each other? 

A. The FIB is used to populate the Cisco Express Forwarding table. 

B. The Cisco Express Forwarding table allows route lookups to be forwarded to the route processor for processing before they are 

C. There can be only one FIB but multiple Cisco Express Forwarding tables on IOS devices. 

D. Cisco Express Forwarding uses a FIB to make IP destination prefix-based switching decisions. 

Answer:


Q265. Refer to the exhibit. 

Which two statements about this configuration are true? (Choose two.) 

A. Pings from SW2 to SW1 fail because SW1 is pruning VLAN 10. 

B. VLANs 10 and 200 are added to the SW2 allowed list on interface fa0/22. 

C. Pings from SW2 to SW1 are successful. 

D. Only VLAN 200 is added to the SW1 allowed list on interface fa0/22. 

Answer: B,C 


Updated 400-101 exam cram:

Q266. Refer to the exhibit. 

Which statement about this IP SLA is true? 

A. The SLA must also have a schedule configured before it will start. 

B. The TTL of the SLA packets is 10. 

C. The SLA has a timeout of 3.6 seconds. 

D. The SLA has a lifetime of 5 seconds. 

Answer:

Explanation: 

When you configure an IP SLAs operation, you must schedule the operation to begin capturing statistics and collecting error information. You can schedule an operation to start immediately or to start at a certain month, day, and hour. You can use the pending option to set the operation to start at a later time. The pending option is an internal state of the operation that is visible through SNMP. The pending state is also used when an operation is a reaction (threshold) operation waiting to be triggered. You can schedule a single IP SLAs operation or a group of operations at one time. We can see in this output that the IP SLA is still in a pending trigger state. 

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/44sg/configuration/guide/Wrapper-44SG/swipsla.html 


Q267. Which three statements about Cisco HDLC are true? (Choose three.) 

A. HDLC serial encapsulation provides asynchronous framing and error detection. 

B. Serial link keepalives are maintained by SLARP. 

C. HDLC serial encapsulation provides synchronous framing without retransmission. 

D. HDLC frame size can be reduced with MPPC compression. 

E. The interface is brought down after five ignored keepalives. 

F. The interface is brought down after three ignored keepalives. 

Answer: B,C,F 

Explanation: 

Cisco High-Level Data Link Controller (HDLC) is the Cisco proprietary protocol for sending data over synchronous serial links using HDLC. Cisco HDLC also provides a simple control protocol called Serial Line Address Resolution Protocol (SLARP) to maintain serial link keepalives. For each encapsulation type, a certain number of keepalives ignored by a peer triggers the serial interface to transition to the down state. For HDLC encapsulation, three ignored keepalives causes the interface to be brought down. By default, synchronous serial lines use the High-Level Data Link Control (HDLC) serial encapsulation method, which provides the synchronous framing and error detection functions of HDLC without windowing or retransmission. 

Reference: http://www.cisco.com/c/en/us/td/docs/routers/access/800/819/software/configuration/Guide/ 819_SCG/6ser_conf.html#78662 


Q268. DRAG DROP 

What is the correct order of the VSS initialization process? Drag the actions on the left to the correct initialization step on the right. 

Answer: 


Q269. Refer to the exhibit. 

What is a possible reason for the IPSec tunnel not establishing? 

A. The peer is unreachable. 

B. The transform sets do not match. 

C. The proxy IDs are invalid. 

D. The access lists do not match. 

Answer:

Explanation: 

Proxy Identities Not Supported 

This message appears in debugs if the access list for IPsec traffic does not match. 

1d00h: IPSec(validate_transform_proposal): proxy identities not supported 

1d00h: ISAKMP: IPSec policy invalidated proposal 

1d00h: ISAKMP (0:2): SA not acceptable! 

The access lists on each peer needs to mirror each other (all entries need to be reversible). 

This example illustrates this point. 

Peer A 

access-list 150 permit ip 172.21.113.0 0.0.0.255 172.21.114.0 0.0.0.255 

access-list 150 permit ip host 15.15.15.1 host 172.21.114.123 

Peer B 

access-list 150 permit ip 172.21.114.0 0.0.0.255 172.21.113.0 0.0.0.255 

access-list 150 permit ip host 172.21.114.123 host 15.15.15.1 

Reference: 

http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html#proxy 


Q270. DRAG DROP 

Drag and drop the argument of the ip cef load-sharing algorithm command on the left to the function it performs on the right. 

Answer: 


Related 400-101 Articles