Free Download New Updated Cisco CCIE R&S 400-101 Real Exam Questions and Answers 301-310

Ensurepass

QUESTION 301

Refer to the exhibit. A GRE tunnel between R1 and R2 has been configured over an Internet connection. As soon as traffic is sent over the tunnel, high CPU utilization is observed on R1. Reducing the traffic shows a reduction in CPU utilization. What could be a possible cause for the high CPU utilization?

 

clip_image001

 

A.

The BGP process is processing the complete Internet routing table.

B.

An MTU issue causes GRE packets to be fragmented.

C.

A GRE-based DDoS attack is overloading the router control plane.

D.

All GRE packets are always process switched.

 

Correct Answer: B

 

 

QUESTION 302

Refer to the exhibit. You are investigating connectivity issues on your LAN and have noticed that sometimes you cannot use Telnet from RTA to RTB. Sometimes, Telnet sessions will disconnect on RTA with the message “connection reset by peer.” However, you can ping from RTA to RTB at all times. What is most likely the cause of this issue?

 

clip_image002

 

A.

Quality of service is configured on RTA, limiting the Telnet sessions.

B.

Quality of service is configured on RTB, limiting the Telnet sessions.

C.

Control Plane Policing is configured on RTB, limiting the Telnet sessions.

D.

On router RTB, the “login block” mode went to a “quiet period” for the IP address of RTA.

E.

Another device that is connected to the switch is using the same IP address as RTB.

F.

Another device that is connected to the switch is using the same MAC address as RTB.

 

Correct Answer: E

 

 

 

 

 

 

 

 

 

QUESTION 303

Drag the DSCP values on left to the correct classes on the right. Not all DSCP values will be used.

 

clip_image004

 

Correct Answer:

clip_image006

 

 

QUESTION 304

Drag the actions on the left to the correct order on the right when doing outside-to-inside NAT translation.

 

clip_image008

 

Correct Answer:

clip_image010

 

 

QUESTION 305

Drag the statements on the left to the correct OSPF network type on the right.

clip_image012

 

Correct Answer:

clip_image014

 

 

QUESTION 306

What is the purpose of an explicit “deny any” statement at the end of an ACL?

 

A.

none, since it is implicit

B.

to enable Cisco lOS IPS to work properly; however, it is the deny all traffic entry that is actually required

C.

to enable Cisco lOS Firewall to work properly; however, it is the deny all traffic entry that is actually required

D.

to allow the log option to be used to log any matches

E.

to prevent sync flood attacks

F.

to prevent half-opened TCP connections

 

Correct Answer: D

QUESTION 307

Which of these is mandatory when configuring Cisco IOS Firewall?

 

A.

Cisco IOS IPS enabled on the untrusted interface

B.

NBAR enabled to perform protocol discovery and deep packet inspection

C.

a route map to define the trusted outgoing traffic

D.

a route map to define the application inspection rules

E.

an inbound extended ACL applied to the untrusted interface

 

Correct Answer: E

 

 

QUESTION 308

Which statement correctly describes the disabling of IP TTL propagation in an MPLS network?

 

A.

The TTL field from the IP packet is copied into the TTL field of the MPLS label header at the ingress edge LSR.

B.

TTL propagation cannot be disabled in an MPLS domain.

C.

TTL propagation is only disabled on the ingress edge LSR.

D.

The TTL field of the MPLS label header is set to 255.

E.

The TTL field of the IP packet is set to 0.

 

Correct Answer: D

 

 

QUESTION 309

Two routers configured to run BGP have been connected to a firewall, one on the inside interface and one on the outside interface. BGP has been configured so the two routers should peer, including the correct BGP session endpoint addresses and the correct BGP session hop-count limit (EBGP multihop). What is a good first test to see if BGP will work across the firewall?

 

A.

Attempt to TELNET from the router connected to the inside of the firewall to the router connected to the outside of the firewall. If telnet works, BGP will work, since telnet and BGP both use TCP to transport data.

B.

Ping from the router connected to the inside interface of the firewall to the router connected to the outside interface of the firewall. If you can ping between them, BGP should work, since BGP uses IP to transport packets.

C.

There is no way to make BGP work across a firewall without special configuration, so there is no simple test that will show you if BGP will work or not, other than trying to start the peering session.

D.

There is no way to make BGP work across a firewall.

 

Correct Answer: C

 

 

QUESTION 310

Spanning Tree Protocol IEEE 802.1 s defines the ability to deploy which of these?

 

A.

one global STP instance for all VLANs

B.

one STP instance for each VLAN

C.

one STP instance per set of VLANs

D.

one STP instance per set of bridges

 

Correct Answer: C

 

Instant Access to Download Latest Complete Collection of Cisco CCIE R&S 400-101 Real Exam

Try Cisco CCIE R&S 400-101 Free Demo

Comments are closed.