Download New Updated (July) Cisco 400-101 Actual Test 251-260

Ensurepass

 

QUESTION 251

Which two options describe two functions of a neighbor solicitation message? (Choose two.)

 

A.

It requests the link-layer address of the target.

B.

It provides its own link-layer address to the target.

C.

It requests the site-local address of the target.

D.

It provides its own site-local address to the target.

E.

It requests the admin-local address of the target.

F.

It provides its own admin-local address to the target.

 

Correct Answer: AB

Explanation:

Neighbor solicitation messages are sent on the local link when a node wants to determine the link- layer address of another node on the same local link (see the figure below). When a node wants to determine the link-layer address of another node, the source address in a neighbor solicitation message is the IPv6 address of the node sending the neighbor solicitation message. The destination address in the neighbor solicitation message is the solicited-node multicast address that corresponds to the IPv6 address of the destination node. The neighbor solicitation message also includes the link-layer address of the source node.

 

Figure 1. IPv6 Neighbor Discovery: Neighbor Solicitation Message

clip_image002

 

After receiving the neighbor solicitation message, the destination node replies by sending a neighbor advertisement message, which has a value of 136 in the Type field of the ICMP packet header, on the local link. The source address in the neighbor advertisement message is the IPv6 address of the node (more specifically, the IPv6 address of the node interface) sending the neighbor advertisement message. The destination address in the neighbor advertisement message is the IPv6 address of the node that sent the neighbor solicitation message. The data portion of the neighbor advertisement message includes the link-layer address of the node sending the neighbor advertisement message.

After the source node receives the neighbor advertisement, the source node and destination node can communicate.

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6_basic/configuration/xe-3s/ip6b-xe-3s-book/ip6-neighb-disc-xe.html

 

 

QUESTION 252

Which three options are three of the default EIGRP administrative distances? (Choose three.)

 

A.

Internal, 90

B.

External, 170

C.

Summary, 5

D.

Outside Local, 100

E.

Inside Local, 180

F.

Inside Global, 1

 

Correct Answer: ABC

Explanation:

The following table lists the default administrative distances for various routing protocols used on Cisco routers.

Routing Protocol

Administrative distance

Directly connected interface

0

Static route out an interface

1

Static route to next-hop address

1

DMNR – Dynamic Mobile Network Routing

3

EIGRP summary route

5

External BGP

20

Internal EIGRP

90

IGRP

100

OSPF

110

IS-IS

115

Routing Information Pr
otocol (RIP)

120

Exterior Gateway Protocol (EGP)

140

On Demand Routing (ODR)

160

External EIGRP

170

Internal BGP

200

Floating Static Route (ex. DHCP-learned)

254

Unknown

255

Reference: http://en.wikipedia.org/wiki/Administrative_distance

 

 

QUESTION 253

Refer to the exhibit. Which two statements about this route table are true? (Choose two.)

 

clip_image004

 

A.

The BGP routes are internal.

B.

The OSPF routes with the E2 flag retain the same metric as they leave the router.

C.

The OSPF routes with the IA flag have their administrative distances incremented as they leave the router.

D.

The BGP routes are external.

E.

The OSPF routes with the E2 flag have their metrics incremented as they leave the router.

 

Correct Answer: AB

Explanation:

IBGP routes have an Administrative distance of 200, while EBGP have an AD of 20. Here we see that the BGP routes have an AD value of 200.

With OSPF, external routes fall under two categories, external type 1 and external type 2. The difference between the two is in the way the cost (metric) of the route is being calculated. The cost of a type 2 route is always the external cost, irrespective of the interior cost to reach that route. A type 1 cost is the addition of the external cost and the internal cost used to reach that route. The metric for E2 routes do not change when advertising to other routers.

 

 

QUESTION 254

Refer to the exhibit. Which two statements about this configuration are true? (Choose two.)

 

clip_image006

 

A.

It allows 172.16.0.0/16 to be distributed into EIGRP.

B.

It allows a default route to be distributed into EIGRP.

C.

It allows 172.16.0.0/16 and larger subnets to be distributed into EIGRP.

D.

It prevents 172.16.0.0/16 from being distributed into EIGRP.

E.

It prevents a default route from being distributed into EIGRP.

F.

It creates summary routes and injects them into EIGRP.

 

Correct Answer: AB

Explanation:

In this example, the prefix list is configured to only allow the two specific routes of 172.16.0.0/16 and the default route. Any other routes will be filtered.

 

 

 

 

 

 

 

 

 

 

 

QUESTION 255

Refer to the exhibit. R1 is able to reach only some of the subnets that R2 is advertising. Which two configuration changes can you make to ensure that R1 can reach all routes from R2? (Choose two.)

 

clip_image008

 

A.

Add an additional permit statement to the LOOPBACKS route map.

B.

Modify the LOOPBACKS access list to include all loopback subnets.

C.

Add an additional statement in the LOOPBACKS route map to match both Level 1 and Level 2 circuits.

D.

Add an additional statement in the LOOPBACKS route map to match the R1 CLNS address.

E.

Configure the interfaces between R1 and R2 with a Level 1 IS-IS circuit.

F.

Configure the interfaces between R1 and R2 with a Level 2 IS-IS circuit.

 

Correct Answer: AB

Explanation:

In this example, the access list is using a 0.0.3.255 wildcard mask, so only the loopback IP’s of 172.16.0.0 – 172.16.3.255 will be included. We need to add another statement to allow loopback 4 to be advertised, or modify the wildcard mask to include them all.

 

 

QUESTION 256

What are two advantages to using Asynchronous mode instead of Demand mode for BFD? (Choose two.)

 

A.

Asynchronous mode requires half as many packets as Demand mode for failure detection.

B.

Asynchronous mode can be used in place of the echo function.

C.

Asynchronous mode supports a larger number of BFD sessions.

D.

Asynchronous mode requires one fourth as many packets as Demand mode for failure detection.

E.

Asynchronous mode’s round-trip jitter is less than that of Demand mode.

 

Correct Answer: AB

Explanation:

Pure Asynchronous mode is advantageous in that it requires half as many packets to achieve a particular Detection Time as does the Echo function. It is also used when the Echo function cannot be supported for some reason.

Reference: https://tools.ietf.org/html/rfc5880

 

 

QUESTION 257

Refer to the exhibit. R1, R2, and R3 have full network connectivity to each other, but R2 prefers the path through R3 to reach network 172.17.1.0/24. Which two actions can you take so that R2 prefers the path through R1 to reach 172.17.1.0/24? (Choose two.)

 

clip_image010

 

A.

Set the reference bandwidth to 10000 on R1, R2, and R3.

B.

Configure the cost on the link between R1 and R3 to be greater than 100 Mbps.

C.

Set the reference bandwidth on R2 only.

D.

Configure a manual bandwidth statement with a value of 1 Gbps on the link between R1 and R3.

E.

Modify the cost on the link between R1 and R2 to be greater than 10 Gbps.

F.

Configure a manual bandwidth statement with a value of 100 Mbps on the link between R1 and R2.

 

Correct Answer: AB

Explanation:

By default, the reference bandwidth used in Cisco routers is 100Mbps, so FastEthernet and above wi
ll have a cost of 1, so a gigabit interface and 10GE interface will be equal with a fastethernet. This is not ideal. If we change the reference bandwidth to 100000 then the faster links will be used. Changing the reference bandwidth needs to be done on all routers in the OSPF network. Increasing the cost on the R1-R3 link will also cause the traffic to take the more direct route.

 

 

 

 

QUESTION 258

Which action does route poisoning take that serves as a loop-prevention method?

 

A.

It immediately sends routing updates with an unreachable metric to all devices.

B.

It immediately sends routing updates with a metric of 255 to all devices.

C.

It prohibits a router from advertising back onto the interface from which it was learned.

D.

It advertises a route with an unreachable metric back onto the interface from which it was learned.

E.

It poisons the route by tagging it uniquely within the network.

 

Correct Answer: A

Explanation:

With route poisoning, when a router detects that one of its connected routes has failed, the router will poison the route by assigning an infinite metric to it and advertising it to neighbors.

 

 

QUESTION 259

Which two statements about the ipv6 ospf authentication command are true? (Choose two.)

 

A.

The command is required if you implement the IPsec AH header.

B.

The command configures an SPI.

C.

The command is required if you implement the IPsec TLV.

D.

The command can be used in conjunction with the SPI authentication algorithm.

E.

The command must be configured under the OSPFv3 process.

 

Correct Answer: AB

Explanation:

OSPFv3 requires the use of IPsec to enable authentication. Crypto images are required to use authentication, because only crypto images include the IPsec API needed for use with OSPFv3. In OSPFv3, authentication fields have been removed from OSPFv3 packet headers. When OSPFv3 runs on IPv6, OSPFv3 requires the IPv6 authentication header (AH) or IPv6 ESP header to ensure integrity, authentication, and confidentiality of routing exchanges. IPv6 AH and ESP extension headers can be used to provide authentication and confidentiality to OSPFv3.

To use the IPsec AH, you must enable the ipv6 ospf authentication command. To use the IPsec ESP header, you must enable the ipv6 ospf encryption command. The ESP header may be applied alone or in combination with the AH, and when ESP is used, both encryption and authentication are provided. Security services can be provided between a pair of communicating hosts, between a pair of communicating security gateways, or between a security gateway and a host.

To configure IPsec, you configure a security policy, which is a combination of the security policy index (SPI) and the key (the key is used to create and validate the hash value). IPsec for OSPFv3 can be configured on an interface or on an OSPFv3 area. For higher security, you should configure a different policy on each interface configured with IPsec. If you configure IPsec for an OSPFv3 area, the policy is applied to all of the interfaces in that area, except for the interfaces that have IPsec configured directly. Once IPsec is configured for OSPFv3, IPsec is invisible to you.

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/iproute_ospf/configuration/15-sy/iro-15-sy-book/ip6-route-ospfv3-auth-ipsec.html

 

 

QUESTION 260

Which two statements about SoO checking in EIGRP OTP deployments are true? (Choose two).

 

A.

During the import process, the SoO value in BGP is checked against the SoO value of the site map.

B.

During the reception of an EIGRP update, the SoO value in the EIGRP update is checked

against the SoO value of the site map on the ingress interface.

C.

At the ingress of the PE/CE link, the SoO in the EIGRP update is checked against the SoO within the PE/CE routing protocol.

D.

At the egress of the PE/CE link, the SoO is checked against the SoO within the PE/CE routing protocol.

E.

The SoO is checked at the ingress of the backdoor link.

F.

The SoO is checked at the egress of the backdoor link.

 

Correct Answer: AB

Explanation:

SoO checking:

During the import process the SoO value in BGP update is checked against the SoO value of the site-map attached to VRF interface. The update is propagated to CE only if there is no match (this check is done regardless of protocol used on PE/CE link).

At reception of EIGRP update, the SoO value in the EIGRP update is checked against the SoO value of site-map attached to the incoming interface. This update is accepted only if there is no match (this check can optionally be done on backdoor router).

Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ip-routing/whitepaper_C11-730404.html

 

Free VCE & PDF File for Cisco 400-101 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …