[Free] 2017(July) Ensurepass Braindumps Cisco 400-101 Latest Dumps 561-570

Ensurepass
2017 July Cisco Official New Released 400-101 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/400-101.html

CCIE Routing and Switching Written Exam v5.1

QUESTION 561

A configuration includes the line ip nbar port-map SSH tcp 22 23 443 8080. Which option describes the effect of this configuration line?

 

A.

It configures NBAR to search for SSH using ports 22, 23, 443, and 8080.

B.

It configures NBAR to allow SSH connections only on ports 22, 23, 443, and 8080.

C.

It enables NBAR to inspect for SSH connections.

D.

It creates a custom NBAR port-map named SSH and associates TCP ports 22, 23, 443, and 8080 to itself.

 

Correct Answer: A

Explanation:

The ip nbar-port-map com
mand configures NBAR to search for a protocol or protocol name using a port number other than the well-known port.

Reference:

http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/command/reference/fqos_r/qrfcmd10.pdf

 

 

QUESTION 562

Which two descriptions of the keying mechanisms that are used to distribute the session keys used in routing authentication are true? (Choose two.)

 

A.

Peer keying creates a unique one-to-one relationship with another peer.

B.

Group keying creates a single keying message to multiple peers.

C.

Peer keying creates a single keying message to multiple peers.

D.

Group keying creates a unique one-to-one relationship with another peer.

E.

Group keying creates a full mesh of keying sessions to all devices.

F.

Peer keying creates a full mesh of keying sessions to all devices.

 

Correct Answer: AB

 

 

QUESTION 563

Which two statements about VPLS are true? (Choose two)

 

A.

The service provider provisions CE devices.

B.

It transmits broadcast traffic more efficiently than Ethernet switches.

C.

It uses broadcast replication to transmit Ethernet p
ackets with multicast MAC addresses.

D.

It enables CE devices to operate as part of an L3 VPN.

E.

It enables CE devices on different networks to operate as if they were in the same LAN.

F.

It enables PE and CE devices to operate as if they were routing neighbors.

 

Correct Answer: CE

 

 

QUESTION 564

DRAG DROP

Drag and drop the SNMP element on the left to the corresponding definition on the right.

 

clip_image002

 

Correct Answer:

clip_image004

 

 

QUESTION 565

On which three options can Cisco PfR base its traffic routing? (Choose three.)

 

A.

Time of day

B.

An access list with permit or deny statements

C.

Load-balancing requirements

D.

Network performance

E.

User-defined link capacity thresholds

F.

Router IOS version

 

Correct Answer: CDE

Explanation:

Key Advantages of using PfR for Load balancing:

Reference: http://docwiki.cisco.com/wiki/PfR:Solutions:InternetOutboundLoadBalancing

 

 

QUESTION 566

Which address is a MAC address that is mapped from an IPv6 address (RFC 2464)?

 

A.

3333.FF17.FC0F

B.

FFFE. FF17.FC0F

C.

FF34.3333.FF17

D.

FF7E.FF17.FC0F

 

Correct Answer: A

Explanation:

An IPv6 packet with a multicast destination address DST, consisting of the sixteen octets DST through DST, is transmitted to the Ethernet multicast address whose first two octets are the value 3333 hexadecimal and whose last four octets are the last four octets of DST.

Reference: https://tools.ietf.org/html/rfc2464

 

 

QUESTION 567

Refer to the exhibit. Which two commands are required on R3 in order for MPLS to function? (Choose two.)

 

clip_image006

 

A.

mpls ip

B.

ip cef

C.

mpls label protocol tdp

D.

mpls ip propagate-ttl

 

Correct Answer: AB

 

 

QUESTION 568

Which two statements about IPsec VTI implementation are true? (Choose two.)

 

A.

The IKE SA can be bound to the VTI and the crypto map.

B.

The transform set can be configured only in tunnel mode.

C.

SVTIs support only a single IPsec SA.

D.

SVTIs support IPv4 packets that carry IPv6 packets.

 

Correct Answer: BC

 

QUESTION 569

DRAG DROP

Drag and drop each policy command on the left to the function it performs on the right.

 

clip_image008

 

Correct Answer:

clip_image010

 

 

QUESTION 570

Which two statements about NPTv6 are true? (Choose two.)

 

A.

The translation is invisible to applications that hard code IP information within the application logic.

B.

It is a one-way stateful translation for the IPv6 address.

C.

Translation is 1:1 at the network layer.

D.

It is a two-way stateless translation for the network prefix.

 

Correct Answer: CD

Explanation:

This document describes a stateless, transport-agnostic IPv6-to-IPv6 Network Prefix Translation (NPTv6) function that provides the address-independence benefit associated with IPv4-to-IPv4 NAT (NAPT44) and provides a 1:1 relationship between addresses in the “inside” and “outside” prefixes, preserving end-to-end reachability at the network layer NPTv6 Translation is stateless, so a “reset” or brief outage of an NPTv6 Translator does not break connections that traverse the translation function, and if multiple NPTv6 Translators exist between the same two networks, the load can shift or be dynamically load shared among them. NPTv6 is defined to include a two-way, checksum-neutral, algorithmic translation function, and nothing else.

Reference: https://tools.ietf.org/html/rfc6296

100% Free Download!
—Download Free Demo:400-101 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 400-101 Full Exam PDF and VCE Q&As:1299
—Get 10% off your purchase! Copy it:TJDN-947R-9CCD [2017.07.01-2017.07.31]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE