CertBus 2018 Hottest Cisco 400-101 CCIE Exam VCE and PDF Dumps for Free Download!
☆ 400-101 CCIE Exam PDF and VCE Dumps : 1379QAs Instant Download: https://www.certgod.com/400-101.html [100% 400-101 Exam Pass Guaranteed or Money Refund!!]
☆ Free view online pdf on CertBus free test 400-101 PDF: https://www.certgod.com/online-pdf/400-101.pdf
☆ CertBus 2018 Hottest 400-101 CCIE exam Question PDF Free Download from Google Drive Share: https://drive.google.com/file/d/0B_3QX8HGRR1mdEpkTFZvSDJDc2c/view?usp=sharing
Following 400-101 1379QAs are all new published by Cisco Official Exam Center
This is a note. Please give me your attention if you are preparing for your Cisco Latest 400-101 free download exam. It is really a tough task to pass CCIE Latest 400-101 pdf exam. However, CertBus will help you on that with the most comprehensive PDF and VCEs of the latest CCIE Latest 400-101 free download exam questions, covering each and every aspect of CCIE Jul 22,2018 Hotest 400-101 study guide CCIE Routing and Switching Written v5.0 exam curriculum.
CertBus 400-101 certification exam portal. CertBus – leading source of 400-101 certification exam learning/practice. CertBus| 400-101 exam dumps with pdf and vce, 100% pass guaranteed! CertBus: 400-101 certification training portal. CertBus – best way to guarantee your 400-101 certification and exam success! CertBus 400-101 exam certification prep online course training.
We CertBus has our own expert team. They selected and published the latest 400-101 preparation materials from Cisco Official Exam-Center: https://www.certgod.com/400-101.html
QUESTION NO:6
Why would a rogue host that is running a DHCP server on a campus LAN network present a
security risk?
A. It may allocate IP addresses from an unknown subnet to the users.
B. All multicast traffic can be sniffed by using the DHCP multicast capabilities.
C. The CPU utilization of the first hop router can be overloaded by exploiting DHCP relay open
ports.
D. A potential man-in-the-middle attack can be used against the clients.
Answer: D
Explanation:
QUESTION NO:8
Which statement is true about loop guard?
A. Loop guard only operates on interfaces that are considered point-to-point by the spanning tree.
B. Loop guard only operates on root ports.
C. Loop guard only operates on designated ports.
D. Loop guard only operates on edge ports.
Answer: A
Explanation:
Explanation
Understanding How Loop Guard Works
Unidirectional link failures may cause a root port or alternate port to become designated as root if
BPDUs are absent. Some software failures may introduce temporary loops in the network. Loop
guard checks if a root port or an alternate root port receives BPDUs. If the port is receiving
BPDUs, loop guard puts the port into an inconsistent state until it starts receiving BPDUs again.
Loop guard isolates the failure and lets spanning tree converge to a stable topology without the
failed link or bridge.
You can enable loop guard per port with the set spantree guard loop command.
Note When you are in MST mode, you can set all the ports on a switch with the set spantree
global-defaults loop-guard command.
When you enable loop guard, it is automatically applied to all of the active instances or VLANs to
which that port belongs. When you disable loop guard, it is disabled for the specified ports.
Disabling loop guard moves all loop-inconsistent ports to the listening state.
If you enable loop guard on a channel and the first link becomes unidirectional, loop guard blocks
the entire channel until the affected port is removed from the channel. Figure 8-6 shows loop
guard in a triangle switch configuration.
Figure 8-6 Triangle Switch Configuration with Loop Guard
Figure 8-6 illustrates the following configuration:
Switches A and B are distribution switches.
Switch C is an access switch.
Loop guard is enabled on ports 3/1 and 3/2 on Switches A, B, and C.
Use loop guard only in topologies where there are blocked ports. Topologies that have no blocked
ports, which are loop free, do not need to enable this feature. Enabling loop guard on a root switch
has no effect but provides protection when a root switch becomes a nonroot switch.
Follow these guidelines when using loop guard:
Do not enable loop guard on PortFast-enabled or dynamic VLAN ports.
Do not enable PortFast on loop guard-enabled ports.
Do not enable loop guard if root guard is enabled.
Do not enable loop guard on ports that are connected to a shared link.
Note: We recommend that you enable loop guard on root ports and alternate root ports on access
switches.
Loop guard interacts with other features as follows:
Loop guard does not affect the functionality of UplinkFast or BackboneFast.
Root guard forces a port to always be designated as the root port. Loop guard is effective only if
the port is a root port or an alternate port. Do not enable loop guard and root guard on a port at the
same time.
PortFast transitions a port into a forwarding state immediately when a link is established. Because
a PortFast-enabled port will not be a root port or alternate port, loop guard and PortFast cannot be
configured on the same port. Assigning dynamic VLAN membership for the port requires that the
port is PortFast enabled. Do not configure a loop guard-enabled port with dynamic VLAN
membership.
If your network has a type-inconsistent port or a PVID-inconsistent port, all BPDUs are dropped
until the misconfiguration is corrected. The port transitions out of the inconsistent state after the
message age expires. Loop guard ignores the message age expiration on type-inconsistent ports
and PVID-inconsistent ports. If the port is already blocked by loop guard, misconfigured BPDUs
that are received on the port make loop guard recover, but the port is moved into the type-
inconsistent state or PVID-inconsistent state.
In high-availability switch configurations, if a port is put into the blocked state by loop guard, it
remains blocked even after a switchover to the redundant supervisor engine. The newly activated
supervisor engine recovers the port only after receiving a BPDU on that port.
Loop guard uses the ports known to spanning tree. Loop guard can take advantage of logical ports
provided by the Port Aggregation Protocol (PAgP). However, to form a channel, all the physical
ports grouped in the channel must have compatible configurations. PAgP enforces uniform
configurations of root guard or loop guard on all the physical ports to form a channel.
These caveats apply to loop guard:
QUESTION NO:9
Which two are effects of connecting a network segment that is running 802.1D to a network
segment that is running 802.1w? (Choose two.)
A. The entire network switches to 802.1D and generates BPDUs to determine root bridge status. B.
A migration delay of three seconds occurs when the port that is connected to the 802.1D bridge
comes up.
C. The entire network reconverges and a unique root bridge for the 802.1D segment, and a root
bridge for the 802.1w segment, is chosen.
D. The first hop 802.1w switch that is connected to the 802.1D runs entirely in 802.1D compatibility
mode and converts the BPDUs to either 802.1D or 802.1w BPDUs to the 802.1D or 802.1w
segments of the network.
E. Classic 802.1D timers, such as forward delay and max-age, will only be used as a backup, and
will not be necessary if point-to-point links and edge ports are properly identified and set by the
administrator.
Answer: B,E
Explanation:
Each port maintains a variable that defines the protocol to run on the corresponding segment. A
migration delay timer of three seconds also starts when the port comes up. When this timer runs,
the current STP or RSTP mode associated to the port is locked. As soon as the migration delay
expires, the port adapts to the mode that corresponds to the next BPDU it receives. If the port
changes its mode of operation as a result of a BPDU received, the migration delay restarts.
802.1D works by the concept that the protocol had to wait for the network to converge before it
transitioned a port into the forwarding state. With Rapid Spanning Tree it does not have to rely on
any timers, the only variables that that it relies on is edge ports and link types.
Any uplink port that has an alternate port to the root can be directly placed into the forwarding
state (This is the Rapid convergence that you speak of “restored quickly when RSTP is already in
use?”). This is what happened when you disconnected the primary look; the port that was ALT,
moved to FWD immediately, but the switch also still needs to create a BDU with the TC bit set to
notify the rest of the network that a topology has occurred and all non-edge designated ports will
transition to BLK, LRN, and then FWD to ensure there are no loops in the rest of the network. This
is why if you have a host on a switchport, and you know for a fact that it is only one host, enable
portfast to configure the port as an edgeport so that it does not have to transition to all the STP
states.
Reference
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml
QUESTION NO:12
Which two options are contained in a VTP subset advertisement? (Choose two.)
A. followers field
B. MD5 digest
C. VLAN information
D. sequence number
Answer: C,D
Explanation:
Subset Advertisements
When you add, delete, or change a VLAN in a Catalyst, the server Catalyst where the changes are
made increments the configuration revision and issues a summary advertisement. One or several
subset advertisements follow the summary advertisement. A subset advertisement contains a list
of VLAN information.
If there are several VLANs, more than one subset advertisement can be required in order to
advertise all the VLANs.
Subset Advertisement Packet Format
This formatted example shows that each VLAN information field contains information for a different
VLAN. It is ordered so that lowered-valued ISL VLAN IDs occur first:
Most of the fields in this packet are easy to understand. These are two clarifications:
Code
QUESTION NO:14
Which three options are features of VTP version 3? (Choose three.)
A. VTPv3 supports 8K VLANs.
B. VTPv3 supports private VLAN mapping.
C. VTPv3 allows for domain discovery.
D. VTPv3 uses a primary server concept to avoid configuration revision issues.
E. VTPv3 is not compatible with VTPv1 or VTPv2.
F. VTPv3 has a hidden password option.
Answer: B,D,F
Explanation:
Key Benefits of VTP Version 3
Much work has gone into improving the usability of VTP version 3 in three major areas:
The new version of VTP offers better administrative control over which device is allowed to update
other devices\’ view of the VLAN topology. The chance of unintended and disruptive changes is
significantly reduced, and availability is increased. The reduced risk of unintended changes will
ease the change process and help speed deployment.
Functionality for the VLAN environment has been significantly expanded. Two enhancements are
most beneficial for today\’s networks:
400-101 PDF Dumps400-101 VCE Dumps400-101 Exam Questions
QUESTION NO:15
Which three options are considered in the spanning-tree decision process? (Choose three.)
A. lowest root bridge ID
B. lowest path cost to root bridge
C. lowest sender bridge ID
D. highest port ID
E. highest root bridge ID
F. highest path cost to root bridge
Answer: A,B,C
Explanation:
Configuration bridge protocol data units (BPDUs) are sent between switches for each port.
Switches use s four step process to save a copy of the best BPDU seen on every port. When a
port receives a better BPDU, it stops sending them. If the BPDUs stop arriving for 20 seconds
(default), it begins sending them again.
Step 1 Lowest Root Bridge ID (BID)
Step 2 Lowest Path Cost to Root Bridge
Step 3 Lowest Sender BID
Step 4 Lowest Port ID
Reference
Cisco General Networking Theory Quick Reference Sheets
QUESTION NO:20
Refer to the exhibit.
What is the potential issue with this configuration?
A. There is no potential issue; OSPF will work fine in any condition.
B. Sub-optimal routing may occur since there is no area 1 adjacency between the ABRs.
C. This is a wrong OSPF configuration because all routers must be in area 0 only.
D. This is a wrong OSPF configuration because /30 requires 0.0.0.3 wild card.
Answer: B
Explanation:
QUESTION NO:26
Refer to the exhibit.
Why is AS 65333 in parentheses?
A. It is an external AS.
B. It is a confederation AS.
C. It is the AS of a route reflector.
D. It is our own AS.
E. A route map has been applied to this route.
F. The BGP next hop is unreachable.
Answer: B
Explanation:
QUESTION NO:28
Which two orders in the BGP Best Path Selection process are correct? (Choose two.)
A. Higher local preference, then lowest MED, then eBGP over iBGP paths
B. Higher local preference, then highest weight, then lowest router ID
C. Highest weight, then higher local preference, then shortest AS path
D. Lowest origin type, then higher local preference, then lowest router ID
E. Highest weight, then higher local preference, then highest MED
Answer: A,C
Explanation:
QUESTION NO:32
Which two tunneling techniques support IPv6 multicasting? (Choose two.)
A. 6to4
B. 6over4
C. ISATAP
D. 6PE
E. GRE
Answer: B,E
Explanation:
When IPv6 multicast is supported (over a 6to4 tunnel), an IPv6 multicast routing protocol must be
used
Restrictions for Implementing IPv6 Multicast
IPv6 multicast for Cisco IOS software uses MLD version 2. This version of MLD is fully backward-
compatible with MLD version 1 (described in RFC 2710). Hosts that support only MLD version 1
will interoperate with a router running MLD version 2. Mixed LANs with both MLD version 1 and
MLD version 2 hosts are likewise supported.
IPv6 multicast is supported only over IPv4 tunnels in Cisco IOS Release 12.3(2)T, Cisco IOS
Release 12.2
(18)S, and Cisco IOS Release 12.0(26)S.
When the bidirectional (bidir) range is used in a network, all routers in that network must be able to
understand the bidirectional range in the bootstrap message (BSM).
IPv6 multicast routing is disabled by default when the ipv6 unicast-routing command is configured.
On Cisco Catalyst 6500 and Cisco 7600 series routers, the ipv6 multicast-routing also must be
enabled in order to use IPv6 unicast routing
Reference http://www.cisco.com/web/about/ac123/ac147/ac174/ac197/
about_cisco_ipj_archive_article09186a00800c830a.html
http://www.cisco.com/en/US/docs/ios/ipv6/configuration/guide/ip6-multicast.html
https://supportforums.cisco.com/thread/183386
CertBus exam braindumps are pass guaranteed. We guarantee your pass for the 400-101 exam successfully with our Cisco materials. CertBus CCIE Routing and Switching Written v5.0 exam PDF and VCE are the latest and most accurate. We have the best Cisco in our team to make sure CertBus CCIE Routing and Switching Written v5.0 exam questions and answers are the most valid. CertBus exam CCIE Routing and Switching Written v5.0 exam dumps will help you to be the Cisco specialist, clear your 400-101 exam and get the final success.
400-101 Latest questions and answers on Google Drive(100% Free Download): https://drive.google.com/file/d/0B_3QX8HGRR1mdEpkTFZvSDJDc2c/view?usp=sharing
400-101 Cisco exam dumps (100% Pass Guaranteed) from CertBus: https://www.certgod.com/400-101.html [100% Exam Pass Guaranteed]
Why select/choose CertBus?
Millions of interested professionals can touch the destination of success in exams by certgod.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
 |  |  |  |  | |
|---|---|---|---|---|---|
 |  | | |  | |
| Brand | Certbus | Testking | Pass4sure | Actualtests | Others |
| Price | $45.99 | $124.99 | $125.99 | $189 | $69.99-99.99 |
| Up-to-Date Dumps |  |  | | | |
| Free 365 Days Update | | | | | |
| Real Questions | | | | | |
| Printable PDF | | | | | |
| Test Engine | | | | | |
| One Time Purchase | | | | | |
| Instant Download | | | | | |
| Unlimited Install | | | | | |
| 100% Pass Guarantee | | | | | |
| 100% Money Back | | | | | |
| Secure Payment | | | | | |
| Privacy Protection | | | | | |