[Free] 2019(Nov) EnsurePass Cisco 400-101 Dumps with VCE and PDF 31-40

Get Full Version of the Exam

Question No.31

Refer to the exhibit. Which statement is true?


  1. There is no issue with forwarding IPv6 traffic from this router.

  2. IPv6 traffic can be forwarded from this router, but only on Ethernet1/0.

  3. IPv6 unicast routing is not enabled on this router.

  4. Some IPv6 traffic will be blackholed from this router.

Correct Answer: D


Here we see that the IPV6 default route shows two different paths to take, one via Ethernet 1/0 and one via Ethernet 0/0. However, only Eth 1/0 shows a next hop IPV6 address (the link local IPV6 address). There is no link local next hop addressed known on Eth 0/0. Therefore, traffic to all destinations will be load balanced over the two paths, but only half of the IPv6 traffic will be sent to the correct upsteam router.

Question No.32

Which type of port would have root guard enabled on it?

  1. A root port

  2. An alternate port

  3. A blocked port

  4. A designated port

Correct Answer: D


The root guard feature provides a way to enforce the root bridge placement in the network. The root guard ensures that the port on which root guard is enabled is the designated port. Normally, root bridge ports are all designated ports, unless two or more ports of the root bridge are connected together. If the bridge receives superior STP Bridge Protocol Data Units (BPDUs) on a root guard-enabled port, root guard moves this port to a root-inconsistent STP state. This root- inconsistent state is effectively equal to a listening state. No traffic is forwarded across this port. In this way, the root guard enforces the position of the root bridge.

Reference: http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree- protocol/10588-74.html

Question No.33

Which three statements describe the characteristics of a VPLS architecture? (Choose three.)

  1. It forwards Ethernet frames.

  2. It maps MAC address destinations to IP next hops.

  3. It supports MAC address aging.

  4. It replicates broadcast and multicast frames to multiple ports.

  5. It conveys MAC address reachability information in a separate control protocol.

  6. It can suppress the flooding of traffic.

Correct Answer: ACD


As a VPLS forwards Ethernet frames at Layer 2, the operation of VPLS is exactly the same as that found within IEEE 802.1 bridges in that VPLS will self learn source MAC address to port associations, and frames are forwarded based upon the destination MAC address. Like other

802.1 bridges, MAC address aging is supported. Reference:

http://www.cisco.com/en/US/products/hw/routers/ps368/products_white_paper09186a00801f608 4.shtml

Question No.34

Which statement about the feasibility condition in EIGRP is true?

  1. The prefix is reachable via an EIGRP peer that is in the routing domain of the router.

  2. The EIGRP peer that advertises the prefix to the router has multiple paths to the destination.

  3. The EIGRP peer that advertises the prefix to the router is closer to the destination than the router.

  4. The EIGRP peer that advertises the prefix cannot be used as a next hop to reach the destination.

Correct Answer: C


The advertised metric from an EIGRP neighbor (peer) to the local router is called Advertised Distance (or reported distance) while the metric from the local router to that network is called Feasible Distance. For example, R1 advertises network with a metric of 20 to R2. For R2, this is the advertised distance. R2 calculates the feasible distance by adding the metric from the advertised router (R1) to itself. So in this case the feasible distance to network is 20 50 = 70.


Before a router can be considered a feasible successor, it must pass the feasibility condition rule. In short, the feasibility condition says that if we learn about a prefix from a neighbor, the advertised distance from that neighbor to the destination must be lower than our feasible distance to that same destination.

Therefore we see the Advertised Distance always smaller than the Feasible Distance to satisfy the feasibility condition.

Question No.35

Where is multicast traffic sent, when it is originated from a spoke site in a DMVPN phase 2 cloud?

  1. spoke-spoke

  2. nowhere, because multicast does not work over DMVPN

  3. spoke-spoke and spoke-hub

  4. spoke-hub

Correct Answer: D


Spokes map multicasts to the static NBMA IP address of the hub, but hub maps multicast packets to the quot;dynamicquot; mappings – that is, the hub replicates multicast packets to all spokes registered via NHRP, so multicast traffic is sent to the hub from a spoke instead of to the other spokes directly.

Question No.36

Refer to the exhibit. Which statement is true?


  1. The Cisco PfR state is UP; however, the external interface Et0/1 of border router has exceeded the maximum available bandwidth threshold.

  2. The Cisco PfR state is UP; however, an issue is preventing the border router from establishing a TCP session to the master controller.

  3. The Cisco PfR state is UP and is able to monitor traffic flows; however, MD5 authentication has not been successful between the master controller and the border routers.

  4. The Cisco PfR State is UP; however, the receive capacity was not configured for inbound traffic.

  5. The Cisco PfR state is UP, and the link utilization out-of-policy threshold is set to 90 percent for traffic exiting the external links.

Correct Answer: E


All three interfaces show as UP, and the capacity is set to 500 kbps, with the max threshold set to 450 kbps (90% of 500kbps).

Question No.37

Refer to the exhibit. Which statement about the debug behavior of the device is true?


  1. The device debugs all IP events for

  2. The device sends all debugging information for

  3. The device sends only NTP debugging information to

  4. The device sends debugging information every five seconds.

Correct Answer: A


This is an example of a conditional debug, where there is a single condition specified of IP address So all IP events for that address will be output in the debug.

Question No.38

Refer to the exhibit. Which two are causes of output queue drops on FastEthernet0/0? (Choose two.)


  1. an oversubscribed input service policy on FastEthernet0/0

  2. a duplex mismatch on FastEthernet0/0

  3. a bad cable connected to FastEthernet0/0

  4. an oversubscribed output service policy on FastEthernet0/0

  5. The router trying to send more than 100 Mb/s out of FastEthernet0/0

Correct Answer: DE


Output drops are caused by a congested interface. For example, the traffic rate on the outgoing interface cannot accept all packets that should be sent out, or a service policy is applied that is

oversubscribed. The ultimate solution to resolve the problem is to increase the line speed. However, there are ways to prevent, decrease, or control output drops when you do not want to increase the line speed. You can prevent output drops only if output drops are a consequence of short bursts of data. If output drops are caused by a constant high-rate flow, you cannot prevent the drops. However, you can control them.

Reference: http://www.cisco.com/c/en/us/support/docs/routers/10000-series-routers/6343-queue- drops.html

Question No.39

Which three statements about implementing a NAT application layer gateway in a network are true? (Choose three.)

  1. It allows client applications to use dynamic ports to communicate with a server regardless of whether NAT is being used.

  2. It maintains granular security over application-specific data.

  3. It allows synchronization between multiple streams of data between two hosts.

  4. Application layer gateway is used only in VoIP/SIP deployments.

  5. Client applications require additional configuration to use an application layer gateway.

  6. An application layer gateway inspects only the first 64 bytes of a packet before forwarding it through the network.

Correct Answer: ABC


An application-level gateway (ALG), also known as an application-layer gateway, is an application that translates the IP address information inside the payload of an application packet. An ALG is used to interpret the application-layer protocol and perform firewall and Network Address Translation (NAT) actions. These actions can be one or more of the following depending on your configuration of the firewall and NAT:

Allow client applications to use dynamic TCP or UDP ports to communicate with the server application.

Recognize application-specific commands and offer granular security control over them. Synchronize multiple streams or sessions of data between two hosts that are exchanging data. Translate the network-layer address information that is available in the application payload.

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_nat/configuration/xe- 3s/asr1000/nat-xe-3s-asr1k-book/fw-msrpc-supp.html

Question No.40

Which three actions are required when configuring NAT-PT? (Choose three.)

  1. Enable NAT-PT globally.

  2. Specify an IPv4-to-IPv6 translation.

  3. Specify an IPv6-to-IPv4 translation.

  4. Specify a ::/96 prefix that will map to an IPv4 address.

  5. Specify a ::/48 prefix that will map to a MAC address.

  6. Specify a ::/32 prefix that will map to an IPv6 address.

Correct Answer: BCD


The detailed steps on configuring NAY-PT is found at the reference link below: Reference:

http://www.cisco.com/c/en/us/td/docs/ios/ipv6/configuration/guide/12_4t/ipv6_12_4t_book/ip6- nat_trnsln.html

Get Full Version of the Exam
400-101 Dumps
400-101 VCE and PDF

You must be logged in to post a comment.

Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com