CertBus 2018 Hottest Cisco 400-101 CCIE Exam VCE and PDF Dumps for Free Download!
☆ 400-101 CCIE Exam PDF and VCE Dumps : 1063QAs Instant Download: https://www.certgod.com/400-101.html [100% 400-101 Exam Pass Guaranteed or Money Refund!!]
☆ Free view online pdf on CertBus free test 400-101 PDF: https://www.certgod.com/online-pdf/400-101.pdf
☆ CertBus 2018 Hottest 400-101 CCIE exam Question PDF Free Download from Google Drive Share: https://drive.google.com/file/d/0B_3QX8HGRR1mdEpkTFZvSDJDc2c/view?usp=sharing
Following 400-101 1063QAs are all new published by Cisco Official Exam Center
Do not worry about that if you are stuck in the CCIE Latest 400-101 vce exam difficulties, CertBus will assist you all your way through the CCIE Latest 400-101 free download CCIE Routing and Switching Written v5.0 exam with the most update CCIE Hotest 400-101 pdf dumps PDF and VCE dumps. CertBus exam Apr 17,2018 Latest 400-101 pdf preparation materials are the most comprehensive material, covering every key knowledge of Latest 400-101 pdf dumps CCIE Routing and Switching Written v5.0 exam.
CertBus – help candidates on all 400-101 certification exams preparation. pass 400-101 certification exams, get it certifications easily. CertBus – Cisco dumps, braindumps, certification 400-101 exam dumps. CertBus – most reliable and professional 400-101 certification exam material provider. real latest, easily pass.
We CertBus has our own expert team. They selected and published the latest 400-101 preparation materials from Cisco Official Exam-Center: https://www.certgod.com/400-101.html
QUESTION NO:6
Why would a rogue host that is running a DHCP server on a campus LAN network present a
security risk?
A. It may allocate IP addresses from an unknown subnet to the users.
B. All multicast traffic can be sniffed by using the DHCP multicast capabilities.
C. The CPU utilization of the first hop router can be overloaded by exploiting DHCP relay open
ports.
D. A potential man-in-the-middle attack can be used against the clients.
Answer: D
Explanation:
QUESTION NO:8
Which statement is true about loop guard?
A. Loop guard only operates on interfaces that are considered point-to-point by the spanning tree.
B. Loop guard only operates on root ports.
C. Loop guard only operates on designated ports.
D. Loop guard only operates on edge ports.
Answer: A
Explanation:
Explanation
Understanding How Loop Guard Works
Unidirectional link failures may cause a root port or alternate port to become designated as root if
BPDUs are absent. Some software failures may introduce temporary loops in the network. Loop
guard checks if a root port or an alternate root port receives BPDUs. If the port is receiving
BPDUs, loop guard puts the port into an inconsistent state until it starts receiving BPDUs again.
Loop guard isolates the failure and lets spanning tree converge to a stable topology without the
failed link or bridge.
You can enable loop guard per port with the set spantree guard loop command.
Note When you are in MST mode, you can set all the ports on a switch with the set spantree
global-defaults loop-guard command.
When you enable loop guard, it is automatically applied to all of the active instances or VLANs to
which that port belongs. When you disable loop guard, it is disabled for the specified ports.
Disabling loop guard moves all loop-inconsistent ports to the listening state.
If you enable loop guard on a channel and the first link becomes unidirectional, loop guard blocks
the entire channel until the affected port is removed from the channel. Figure 8-6 shows loop
guard in a triangle switch configuration.
Figure 8-6 Triangle Switch Configuration with Loop Guard
Figure 8-6 illustrates the following configuration:
Switches A and B are distribution switches.
Switch C is an access switch.
Loop guard is enabled on ports 3/1 and 3/2 on Switches A, B, and C.
Use loop guard only in topologies where there are blocked ports. Topologies that have no blocked
ports, which are loop free, do not need to enable this feature. Enabling loop guard on a root switch
has no effect but provides protection when a root switch becomes a nonroot switch.
Follow these guidelines when using loop guard:
Do not enable loop guard on PortFast-enabled or dynamic VLAN ports.
Do not enable PortFast on loop guard-enabled ports.
Do not enable loop guard if root guard is enabled.
Do not enable loop guard on ports that are connected to a shared link.
Note: We recommend that you enable loop guard on root ports and alternate root ports on access
switches.
Loop guard interacts with other features as follows:
Loop guard does not affect the functionality of UplinkFast or BackboneFast.
Root guard forces a port to always be designated as the root port. Loop guard is effective only if
the port is a root port or an alternate port. Do not enable loop guard and root guard on a port at the
same time.
PortFast transitions a port into a forwarding state immediately when a link is established. Because
a PortFast-enabled port will not be a root port or alternate port, loop guard and PortFast cannot be
configured on the same port. Assigning dynamic VLAN membership for the port requires that the
port is PortFast enabled. Do not configure a loop guard-enabled port with dynamic VLAN
membership.
If your network has a type-inconsistent port or a PVID-inconsistent port, all BPDUs are dropped
until the misconfiguration is corrected. The port transitions out of the inconsistent state after the
message age expires. Loop guard ignores the message age expiration on type-inconsistent ports
and PVID-inconsistent ports. If the port is already blocked by loop guard, misconfigured BPDUs
that are received on the port make loop guard recover, but the port is moved into the type-
inconsistent state or PVID-inconsistent state.
In high-availability switch configurations, if a port is put into the blocked state by loop guard, it
remains blocked even after a switchover to the redundant supervisor engine. The newly activated
supervisor engine recovers the port only after receiving a BPDU on that port.
Loop guard uses the ports known to spanning tree. Loop guard can take advantage of logical ports
provided by the Port Aggregation Protocol (PAgP). However, to form a channel, all the physical
ports grouped in the channel must have compatible configurations. PAgP enforces uniform
configurations of root guard or loop guard on all the physical ports to form a channel.
These caveats apply to loop guard:
QUESTION NO:13
Which two statements are true about traffic shaping? (Choose two.)
A. Out-of-profile packets are queued.
B. It causes TCP retransmits.
C. Marking/remarking is not supported.
D. It does not respond to BECN and ForeSight Messages.
E. It uses a single/two-bucket mechanism for metering.
Answer: A,C
Explanation:
QUESTION NO:14
Which three options are features of VTP version 3? (Choose three.)
A. VTPv3 supports 8K VLANs.
B. VTPv3 supports private VLAN mapping.
C. VTPv3 allows for domain discovery.
D. VTPv3 uses a primary server concept to avoid configuration revision issues.
E. VTPv3 is not compatible with VTPv1 or VTPv2.
F. VTPv3 has a hidden password option.
Answer: B,D,F
Explanation:
Key Benefits of VTP Version 3
Much work has gone into improving the usability of VTP version 3 in three major areas:
The new version of VTP offers better administrative control over which device is allowed to update
other devices\’ view of the VLAN topology. The chance of unintended and disruptive changes is
significantly reduced, and availability is increased. The reduced risk of unintended changes will
ease the change process and help speed deployment.
Functionality for the VLAN environment has been significantly expanded. Two enhancements are
most beneficial for today\’s networks:
QUESTION NO:24
Refer to the exhibit.
R1 is not learning about the 172.16.10.0 subnet from the BGP neighbor R2 (209.165.202.130).
What can be done so that R1 will learn about this network?
A. Disable auto-summary on R2.
B. Configure an explicit network command for the 172.16.10.0 subnet on R2.
C. Subnet information cannot be passed between IBGP peers.
D. Disable auto-summary on R1.
Answer: B
Explanation:
By default, BGP does not accept subnets redistributed from IGP. To advertise and carry subnet
routes in BGP, use an explicit network command or the no auto-summary command. If you disable
auto-summarization and have not entered a network command, you will not advertise network
routes for networks with subnet routes unless they contain a summary route.
Reference
http://www.cisco.com/en/US/docs/ios/11_3/np1/command/reference/1rbgp.html
400-101 Practice Test400-101 Study Guide400-101 Exam Questions
QUESTION NO:25
Refer to the exhibit.
After a link flap in the network, which two EIGRP neighbors will not be queried for alternative
paths? (Choose two.)
A. 192.168.1.1
B. 192.168.3.7
C. 192.168.3.8
D. 192.168.3.6
E. 192.168.2.1
F. 192.168.3.9
Answer: B,C
Explanation:
Explanation
Both 192.168.3.7 and 192.168.3.8 are in an EIGRP Stub area
The Enhanced Interior Gateway Routing Protocol (EIGRP) Stub Routing feature improves network
stability, reduces resource utilization, and simplifies stub router configuration.
Stub routing is commonly used in a hub and spoke network topology. In a hub and spoke network,
one or more end (stub) networks are connected to a remote router (the spoke) that is connected to
one or more distribution routers (the hub). The remote router is adjacent only to one or more
distribution routers. The only route for IP traffic to follow into the remote router is through a
distribution router. This type of configuration is commonly used in WAN topologies where the
distribution router is directly connected to a WAN. The distribution router can be connected to
many more remote routers. Often, the distribution router will be connected to 100 or more remote
routers. In a hub and spoke topology, the remote router must forward all nonlocal traffic to a
distribution router, so it becomes unnecessary for the remote router to hold a complete routing
table. Generally, the distribution router need not send anything more than a default route to the
remote router.
When using the EIGRP Stub Routing feature, you need to configure the distribution and remote
routers to use EIGRP, and to configure only the remote router as a stub. Only specified routes are
propagated from the remote (stub) router. The router responds to queries for summaries,
connected routes, redistributed static routes, external routes, and internal routes with the message
“inaccessible.” A router that is configured as a stub will send a special peer information packet to
all neighboring routers to report its status as a stub router. Any neighbor that receives a packet
informing it of the stub status will not query the stub router for any routes, and a router that has a
stub peer will not query that peer. The stub router will depend on the distribution router to send the
proper updates to all peers.
Reference
http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/eigrpstb.html#wp1021949
QUESTION NO:31
How will EIGRPv6 react if there is an IPv6 subnet mask mismatch between the Global Unicast
addresses on a point-to-point link?
A. EIGRPv6 will form a neighbor relationship.
B. EIGRPv6 will not form a neighbor relationship.
C. EIGRPv6 will form a neighbor relationship, but with the log MSG: “EIGRPv6 neighbor not on a
common subnet.”
D. EIGRPv6 will form a neighbor relationship, but routes learned from that neighbor will not be
installed in the routing table.
Answer: A Explanation:
http://www.ietf.org/rfc/rfc3587.txt
QUESTION NO:49
Refer to the exhibit.
Which IGMPv2 message is displayed in the output of the packet capture?
A. General Query
B. Membership Report
C. Membership Query
D. Membership Delay
Answer: B
Explanation:
Reference
http://wiki.wireshark.org/IGMP
QUESTION NO:57
Refer to the exhibit.
What would be the security risk when you are using the above configuration?
A. The locally configured users would override the TACACS security policy.
B. It would be impossible to log in to the router if the TACACS server is down.
C. The default login policy would override the TACACS configuration.
D. If the TACACS server failed, no authentication would be required.
Answer: D
Explanation:
QUESTION NO:60
Refer to the exhibit.
Which option best describes how the virtual MAC address is composed?
A. based on a randomly generated number
B. based on the burned-in MAC address of the router
C. based on a number manually configured by the administrator
D. based on the configured standby group number
Answer: D
Explanation: Explanation
The MAC address 00-00-0c-07-ac-xx is reserved for HSRP, and xx is the HSRP group number in
hexadecimal so make sure you\’re comfortable with hex conversions. The group number is 5,
which is expressed as 05 with a two-bit hex character. If the group number had been 17, we\’d see
11 at the end of the MAC address
CertBus exam braindumps are pass guaranteed. We guarantee your pass for the 400-101 exam successfully with our Cisco materials. CertBus CCIE Routing and Switching Written v5.0 exam PDF and VCE are the latest and most accurate. We have the best Cisco in our team to make sure CertBus CCIE Routing and Switching Written v5.0 exam questions and answers are the most valid. CertBus exam CCIE Routing and Switching Written v5.0 exam dumps will help you to be the Cisco specialist, clear your 400-101 exam and get the final success.
400-101 Latest questions and answers on Google Drive(100% Free Download): https://drive.google.com/file/d/0B_3QX8HGRR1mdEpkTFZvSDJDc2c/view?usp=sharing
400-101 Cisco exam dumps (100% Pass Guaranteed) from CertBus: https://www.certgod.com/400-101.html [100% Exam Pass Guaranteed]
Why select/choose CertBus?
Millions of interested professionals can touch the destination of success in exams by certgod.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
 |  |  |  |  | |
|---|---|---|---|---|---|
 |  | | |  | |
| Brand | Certbus | Testking | Pass4sure | Actualtests | Others |
| Price | $45.99 | $124.99 | $125.99 | $189 | $69.99-99.99 |
| Up-to-Date Dumps |  |  | | | |
| Free 365 Days Update | | | | | |
| Real Questions | | | | | |
| Printable PDF | | | | | |
| Test Engine | | | | | |
| One Time Purchase | | | | | |
| Instant Download | | | | | |
| Unlimited Install | | | | | |
| 100% Pass Guarantee | | | | | |
| 100% Money Back | | | | | |
| Secure Payment | | | | | |
| Privacy Protection | | | | | |