Which two statements about how the configuration processes Telnet traffic are true?

All traffic should be permitted. Policy-maps do not default in drop to non-matching traffic

Its a correct answer A & C.

When Permit in access list ,that’s means Deny Traffic.

Also Permit All is incorrect,Cause the 1.9 is denied.

New 400-101 Exam Questions and Answers Updated Recently (3/May/2016):

NEW QUESTION 1
In which order of magnitude (time) is delay/latency measured when you use wide metrics in EIGRP?

A. tens of microseconds
B. picoseconds
C. mamoseconds
D. microseconds

Answer: B

NEW QUESTION 2
Which statement about the BGP synchronization rule is true?

A. A BGP router with synchronization enabled does not advertise its iBGP learned routes to its iBGP peers unless it has learned or verified this route on its routing table through an IGP.
B. A BGP router with synchronization enabled does not advertise its eBGP learned routes to its iBGP peers unless it has learned or verified this route on its routing table through an IGP.
C. A BGP router with synchronization enabled does not advertise its eBGP learned routes to its eBGP peers unless it has learned or verified this route on its routing table through an IGP.
D. A BGP router with synchronization enabled does not advertise its iBGP learned routes to its eBGP peers unless it has learned or verified this route on its routing table through an IGP.

Answer: D

NEW QUESTION 3
Which tunnel type can be used with encryption to provide security for IPv6 over IPv4?

A. 6RD
B. 6to4
C. ISATAP
D. IPv4-compatible
E. GRE

Answer: E

NEW QUESTION 4
Which QoS mechanism is used to implement CoPP?

A. RSVP
B. rate limiting
C. FIFO
D. MQC

Answer: D

NEW QUESTION 5
Which two statements about the spanning-tree timers in a switched network are true? (Choose two)

A. After receiving a BPDU from the root bridge, a non-root bridge waits for the hello interval before forwarding it out.
B. The root bridge sends out a TCN every max-age interval.
C. The root bridge sends out a configuration BPDU every hello interval.
D. The default hello time is two seconds.

Answer: CD

NEW QUESTION 6
Which two statements about Cisco IOS XE are true? (Choose two)

A. Separate images are required for platform-dependent code.
B. Its functions run as multiple separate processes in the OS.
C. It uses a service blade outside Cisco IOS XE to integrate and run applications.
D. It is deployed in a Linux-based environment.
E. The FED feature provides separation between the control plane and the data plane.

Answer: BD

NEW QUESTION 7
Which two factors can reduce NBAR2 performance? (Choose two)

A. queuing
B. multiple NBAR2-enabled interfaces
C. slow link speeds
D. stateful protocol matches
E. short-duration flows

Answer: DE

NEW QUESTION 8
Which encryption algorithm is enabled by the Cisco IOS command service password-encryption?

A. MD5
B. Cisco Type-5
C. Cisco AES
D. Cisco Type-7
E. TKIP

Answer: D

NEW QUESTION 9
Which two options are requirements for AToM support? (Choose two)

A. Cisco Express Forwarding must be disabled.
B. MPLS must be configured with an LSP in the SP core.
C. MPLS must be enabled between the PE and CE routers.
D. The PE routers must be able to communicate with each other over IP.
E. IP routing must be configured between the PE and CE routers.

Answer: BD

NEW QUESTION 10
Which two statements best describes the difference between active mode monitoring and passive mode monitoring? (Choose two)

A. Active mode monitoring is the act of Cisco PfR gathering information on user packets assembled into flows by NetFlow.
B. Active mode monitoring uses IP SLA probes for obtaining performance characteristics of the current exit WAN link.
C. Passive mode monitoring uses IP SLA to generate probes for the purpose of obtaining information regarding the characteristics of the WAN links.
D. Passive mode monitoring uses NetFlow for obtaining performance characteristics of the exit WAN links.

Answer: BD

NEW QUESTION 11
……

P.S. These New 400-101 Exam Questions Were Just Updated From The Real 400-101 Exam, You Can Get The Newest 400-101 Dumps In PDF And VCE From — http://j.mp/valid-400-101-dumps-vce-pdf (986q)

Good Luck !!!

New 400-101 Exam Questions and Answers Updated Recently (8/June/2016):

NEW QUESTION 988
Which three service offer VLAN transparency for WAN Ethernet services? (Choose three)

A. ERMS
B. EPL
C. ERS
D. MPLS
E. EMS
F. EWS

Answer: ABC

NEW QUESTION 989
Which two values are required to implement an EIGRP named configurations? (Choose two)

A. address-family
B. process-id
C. subnet-mask
D. virtual-instance-name
E. router-id

Answer: AB

NEW QUESTION 990
What are the two EEM event subscribers? (Choose two)

A. CLI
B. script
C. applet
D. none
E. syslog

Answer: BC

NEW QUESTION 991
How is a targeted LDP session different from a standard LDP session?

A. Targeted LDP is used only for neighbors on different segments.
B. Targeted LDP requires SDP to be enabled.
C. Targeted LDP requires RSVP to be enabled.
D. Targeted LDP uses unicast hello messages to peer with other devices.

Answer: D

NEW QUESTION 992
Which two options are valid IPV6 extension header typers? (Choose two)

A. Flow Label
B. Encapsulating security Payload
C. Version
D. Traffic Class
E. Mobility

Answer: BE

NEW QUESTION 993
Your NetFlow collector is not working due to a large amount of traffic entering your network which is destined to a single IP address. Which NetFlow feature allows you to collect the top source hosts for this traffic on the local router?

A. A NetFlow can export flows only to a extermal flow collector
B. show ip cache flow
C. ip accounting
D. ip flow-top-talkers

Answer: D

NEW QUESTION 994
For which reason can two OSPF neighbor routers on the same LAN segment be stuck in the two-way state?

A. The two routers have different MTUs on the interface.
B. The two routers are configured with different priorities.
C. The interface priority is set to zero on both routers.
D. Both routers have the same OSPF router ID.

Answer: C

NEW QUESTION 995
……

NEW QUESTION 997
Which information is contained in an OSPF Type 1 Router LSA?

A. The Autonomous System Border Routers(ASBR) for the OSPF network and the cost of the path to reach each ASBR
B. The router’s interfaces(links) on which OSPF is enabled ,the state and outgoing cost of each link.and the OSPF neighbors on each link
C. The network links to all known OSPF routers and and the cost of each path
D. The Area Border Routers (ABR) for the area and the cost of the path to each ABR
E. The OSPF neighboring routers and the cost of the outgoing link to reach each neighbor

Answer: B

NEW QUESTION 998
Which command can you enter to configure a built-in policer with minimum guaranteed bandwidth without starving other classes during periods of congestion?

A. bandwidth remaining percent
B. bandwidth
C. priority percent
D. fair-queue

Answer: C

NEW QUESTION 999
Which three session tables does NAT64 maintain?

A. 6rd
B. TCP
C. 484XLAT
D. ICMP Query
E. SIP
F. UDP

Answer: BDF

NEW QUESTION 1000
Which two statements about Cisco Express Forwarding load balancing are true?

A. Cisco Express Forwarding can load-balance over a maximum of two destinations
B. It combines the source IP address subnet mask to create a hash for each destination
C. Each hash maps directly to a single entry in the RIB
D. Each hash maps directly to a single entry in the adjacency table
E. It combines the source and destination IP addresses to create a hash fdor each destination

Answer: DE

NEW QUESTION 1001
……

P.S. These New 400-101 Exam Questions Were Just Updated From The Real 400-101 Exam, You Can Get The Newest 400-101 Dumps In PDF And VCE From — http://j.mp/valid-400-101-dumps-vce-pdf (1069q)

Good Luck !!!

New 400-101 Exam Questions and Answers Updated Recently (13/July/2016):

NEW QUESTION 1070
A network engineer is extending a LAN segment between two geographically separated data centers. Which enhancement to a spanning-tree design prevents unnecessary traffic from crossing the extended LAN segment?

A. Modify the spanning-tree priorities to dictate the traffic flow.
B. Create a Layer 3 transit VLAN to segment the traffic between the sites.
C. Use VTP pruning on the trunk interfaces.
D. Configure manual trunk pruning between the two locations.

Answer: C

NEW QUESTION 1071
The OSPF database of a router shows LSA types 1, 2, 3 and 7 only. Which type of area is this router connected to?

A. backbone area
B. totally stubby area
C. stub area
D. not-so-stubby area

Answer: D

NEW QUESTION 1072
Which feature can you implement to most effectively protect customer traffic in a rate-limited WAN Ethernet service?

A. HCBWFQ
B. IntServ with RSVP
C. DiffServ
D. The IPsec VTI qos pre-classify command
E. Q-in-Q

Answer: A

NEW QUESTION 1073
An engineer has configured a router to use EUI-64, and was asked to document the IPv6 address of the router. The router has the following interface parameters:
mac address C601.420F.0007
subnet 2001:DB8:0:1::/64

A. 2001:DB8:0:1:C601:42FF:FE0F:7
B. 2001:DB8:0:1:FFFF:C601:420F:7
C. 2001:DB8:0:1:FE80:C601:420F:7
D. 2001:DB8:0:1:C601:42FE:800F:7

Answer: A

NEW QUESTION 1074
Which command configures port security on a switch to enable permanent MAC address learning on the interface?

A. switchport port-security mac-address-learning enable
B. switchport port-security mac-address timer 0
C. switchport port-security mac-address sticky
D. switchport port-security mac-address maximum 1 sticky
E. switchport port-security mac-address permanent

Answer: C

NEW QUESTION 1075
If EIGRP and OSPF are configured within an administrative domain for the same network, which value can you change so that the OSPF becomes the installed routing protocol for all routes?

A. Local preference
B. Metric
C. MED
D. Administrative distance
E. Prefix length

Answer: E

NEW QUESTION 1076
Which three components are in an MPLS header? (choose three)

A. a 4-bit experimental use field
B. a 4-bit label stack entry
C. an 8-bit TTL
D. a 2-bottom of stack
E. a 3-bit experimental use field
F. a 20-bit label

Answer: CEF

NEW QUESTION 1077
What is the main function of VRF-lite?

A. To allow devices to use labels to make Layer 2 Path decisions
B. To segregate multiple routing tables on a single device
C. To connect different autonomous systems together to share routes
D. To route IPv6 traffic across an IPv4 backbone

Answer: B

NEW QUESTION 1078
Refer to the exhibit. Which prefixes will have their distance changed?
router eigrp 100
network 10.0.0.0
distance 80 10.1.12.0 0.0.0.255 10
!
access-list 10 permit 10.1.0.0 0.0.255.255

A. all prefixes matching access-list 10 learned from peers in the range 10.1.12.0- 10.1.12.255
B. all internal prefixes in the range 10.1.12.0-10.1.12.255 learned from peers matching access-list 10
C. all internal prefixes matching access-list 10 learned from peers in the range 10.1.12.0- 10.1.12.255
D. all prefixes in the range 10.1.12.0-10.1.12.255 learned from peers matching access-list

Answer: C

NEW QUESTION 1079
Which two methods do IPsec VTIs used to identify and transmit encrypted traffic through the tunnel? (choose two)

A. static routing
B. dynamic routing
C. object groups
D. ACLs
E. NAT

Answer: AB

NEW QUESTION 1080
When you deploy DMVPN, what is the purpose of the command crypto isakmp key ciscotest address 0.0.0.0 0.0.0.0 ?

A. It is configured on hub and spoke router to establish peering
B. It is configured on hub to set the pre-shared key for the spoke routers
C. It is configured on the spokes to indicate the hub router
D. It is configured on the Internet PE routers to allow traffic to traverse the ISP core

Answer: B

NEW QUESTION 1081
……

P.S. These New 400-101 Exam Questions Were Just Updated From The Real 400-101 Exam, You Can Get The Newest 400-101 Dumps In PDF And VCE From — http://j.mp/valid-400-101-dumps-vce-pdf (1119q)

Good Luck !!!

BTW, NEW 400-101 PDF Dumps from Google Drive for Free: https://drive.google.com/open?id=0B-ob6L_QjGLpfnRCUEFYcEhWZUw3OGNQY2FUSkptUXBrZDVzeE8zdkJQUERtOUFINDBFQW8

New 400-101 Exam Questions and Answers Updated Recently (14/Oct/2016):

NEW QUESTION 1203
What is the source MAC address of a BPDU frame that is sent out of a port?

A. A the lowest MAC address on the switch
B. the higest MAC address on the switch
C. the MAC address of the individual port that is sending the BPDU
D. the same as the MAC address in the brigdge ID

Answer: C

NEW QUESTION 1204
Which type of ACL can be applied only to Layer 2 pods?

A. port ACLs
B. reflexive ACLs
C. reflexive ACLs
D. dynamic ACLs
E. VLAN ACLs

Answer: A

NEW QUESTION 1205
Refer to the exhibit. Which two statements about this topology are true? (Choose two)
Image URL: examgod.com/plimages/ba3a26a3b5fe_E707/new-400-101-dumps-12051_thumb.jpg

A. Destination 192.168.23.0/24 is unable to use interface Fa0/1 as the LFA
B. Interface FastEthernet 0/1 is the primary path to destination 192 168.23.0/24
C. The FastEthernet 0/0 and FastEthernet 0/1 interfaces are used as LFA for destination 192.168.23.0/24
D. Only interface FastEthernet 0/1 are used as the LFA for destination 19216823.0/24
E. Interface FastEthernet 0/0 is the primary path to destination 192.168.23.0/24
F. Only FastEthernet 0/0 is used as the LFA to destination 192.168.23.0/24

Answer: AE

NEW QUESTION 1206
Which three options are the main security features in SNMPv3? (Choose three)

A. authentication
B. MIB persistence
C. message integrity
D. authorization
E. encryption
F. accounting

Answer: ACE

NEW QUESTION 1207
Which two are best practices when configuring VLAN and switch port ? (Choose two)

A. Assign an unused VLAN to all unsed ports.
B. Always use MST to ensure a loop-free topology.
C. Use a dedicated native VLAN ID for all trunk ports.
D. Use VLAN1 as the network management VLAN.
E. Set the default port status to Enable.

Answer: AC

NEW QUESTION 1208
Which command can you enter to disable logging for terminal lines?

A. no logging trop
B. no logging monitor
C. no logging buffer
D. no logging console
E. no logging count

Answer: B

NEW QUESTION 1209
……

P.S. These New 400-101 Exam Questions Were Just Updated From The Real 400-101 Exam, You Can Get The Newest 400-101 Dumps In PDF And VCE From — http://j.mp/valid-400-101-dumps-vce-pdf (1219q)

Good Luck !!!

New 400-101 Exam Questions and Answers Updated Recently (16/Jan/2017):

(P.S. PassLeader said that it just sorted its 400-101 dumps, and now it just has 150q, all those 150 questions are all the real 400-101 exam questions from the actual 400-101 test, you do not need to learn the huge 1000q+ dumps!!!)

NEW QUESTION 1
Which statement about Cisco StackWise technology is true?

A. All switches in a stack share configuration and routing information to behave as a single unit
B. Removing switches can affect stack performance
C. Only the master switch acts as a forwarding processor
D. Every switch in a stack has its own independent … configuration file, which enables it to become the stack master if the previous master fails

Answer: A
Explanation:
Configuration and routing information is shared by every switch in the stack, creating a single switching unit.
cisco.com/c/en/us/products/collateral/switches/catalyst-3750-series-switches/prod_white_paper09186a00801b096a.html

NEW QUESTION 2
Which feature can mitigate hung management sessions?

A. Control Plane Policing
B. the service tcp-keepalives-in and service tcp-keepalives-out command
C. the service tcp-small servers command
D. vty line ACLs

Answer: B

NEW QUESTION 3
Which option is an example of SaaS?

A. Google Apps
B. Amazon AWS
C. Google App Engine
D. Microsoft Azure

Answer: A

NEW QUESTION 4
How does an IPv6 host automatically generate a global address?

A. It prepends its interface identifier to the network prefixes contained in Router Advertisement messages.
B. It appends its interface identifier to the network prefixes contained in Router Advertisement messages.
C. It appends its interface identifier to the network prefixes contained in Router Solicitation messages.
D. It prepends its interface identifier to the network prefixes contained in Router Solicitation messages.

Answer: B

NEW QUESTION 5
Which two commands should you enter to enable IP Source Guard with IP and MAC address filtering? (Choose two.)

A. ip verify source tracking
B. switchport port-security
C. ip verify unicast source
D. ip verify source
E. ip verify source port-security

Answer: AE

NEW QUESTION 6
Which option describes a difference between Ansible and Puppet?

A. Ansible is client-server based, and Puppet is not.
B. Ansible requires an agent, and Puppet does not.
C. Ansible is Python based, and Puppet is Ruby based.
D. Ansible autonates repetitive tasks, and Puppet allows you to run plain ssh command.

Answer: C

NEW QUESTION 7
What is the default behavior for a manual summary route when a component route of the summary disappears?

A. Regardless of the metric if the componnent route, the metric of the summary is unchanged in order to keep stability.
B. If the component route previously had the best composite metric, the same summary metric is retained for stability.
C. If the component route previously had the best composite metric, the metric of the summary changes to the next-best composite metric.
D. if the component route previously did not have the best composite metric, the summary metric is updated, and updates are sent to peers.

Answer: C

NEW QUESTION 8
What are the two variants of NTPv4? (Choose two.)

A. client/server
B. broadcast
C. multicast
D. asymmetric
E. unicast

Answer: AB

NEW QUESTION 9
For what reason might you choose to use an SVTI interface instead of a crypto map on a tunnel interface?

A. SVTIs support dynamic routing protocols without GRE headers.
B. SVTIs can support multiple IPSec SAs.
C. SVTIs can carry non-IP traffic.
D. SVTIs support CEF-switched traffic shaping.

Answer: A

NEW QUESTION 10
Refer to the exhibit. Which two statements about the output are true? (Choose two.)
Image URL: examgod.com/plimages/3e263efdddcf_ECEC/passleader-400-101-dumps-101.jpg

A. BFD last failed 476ms ago on interface GigabitEthernet 0/3.
B. BGP on RT1 has negotiated the BFD capability with its peer.
C. BFD is active on interface GigabitEthernet0/3 and is using ICMP.
D. BFD is active on interface GigabitEthernet0/3 and is using UDP.
E. BFD is active for BGP on RT1.

Answer: BE

NEW QUESTION 11
Which two statements about PPP PAP are true? (Choose two.)

A. It requires two-way authentication.
B. It can protect against playback attacks.
C. It is supported only on synchronous interfaces.
D. It is vulnerable to trial-and error attacks.
E. Login attempts are controlled by the remote node.

Answer: DE

NEW QUESTION 12
Refer to the exhibit. What is the PHB class on this flow?
Image URL: examgod.com/plimages/3e263efdddcf_ECEC/passleader-400-101-dumps-121.jpg

A. none
B. CS4
C. EF
D. AF21

Answer: B

NEW QUESTION 13
……

NEW QUESTION 20
Drag and Drop Question
Drag each NTP command on the left to its effect on the right.
Image URL: examgod.com/plimages/3e263efdddcf_ECEC/passleader-400-101-dumps-201.jpg

Answer:
Image URL: examgod.com/plimages/3e263efdddcf_ECEC/passleader-400-101-dumps-202.jpg

NEW QUESTION 21
……

P.S. These New 400-101 Exam Questions Were Just Updated From The Real 400-101 Exam, You Can Get The Newest 400-101 Dumps In PDF And VCE From — http://www.passleader.com/400-101.html (150q VCE and PDF)

(P.S. PassLeader said that it just sorted its 400-101 dumps, and now it just has 150q, all those 150 questions are all the real 400-101 exam questions from the actual 400-101 test, you do not need to learn the huge 1000q+ dumps!!!)

Good Luck!

New CCIE 400-101 Exam Questions and Answers Updated Recently (9/May/2017):

NEW QUESTION 278
Which two options are required parts of an EEM policy? (Choose two.)

A. exit status
B. event register keyword
C. entry status
D. namespace import
E. body

Answer: BE

NEW QUESTION 279
Which option describes the characteristics of a public Infrastructure as a Service cloud service model?

A. It is a way of delivering cloud-computing infratructure (servers, storage, network, and operating systems) as an on-demand service
B. It is a cloud service where the underlying hardware is managed by the cloud service provider
C. It is a cloud-computing platform that facilitaes the creation of web applications without the need to maintain the supporting software application
D. It is a cloud-computing platform that facilitaes the creation of web applications without the need to maintain the supporting software operating systems

Answer: A

NEW QUESTION 280
Which option is can example of SaaS?

A. Google Apps
B. Amazon AWs
C. Google App Engine
D. Microsoft Azure

Answer: A

NEW QUESTION 281
Which two statements about static routing are ture? (Choose two.)

A. It is highly scalable as networks grow
B. It reduces configuration errors
C. It can be implemented more quickly that dynamic routing
D. It provides better security than dynamic routing
E. It requires less bandwidth and fewer CPU cycles than dynamic routing protocols

Answer: DE

NEW QUESTION 282
Which value does VPLS use to make forwarding decisions?

A. destination IP address of the packet
B. destination MAC of the Ethernet frame
C. source IP address of the packet
D. source MAC of the Ethernet frame

Answer: B

NEW QUESTION 283
Which three configuration settings must match for switches to be in the same MST region? (Choose three.)

A. password
B. region name
C. VLAN-to-instance assignment
D. revision number
E. VLAN names
F. domain name

Answer: BCD

NEW QUESTION 284
……

NEW QUESTION 285
Which two statements about IPv6 multicast address are true? (Choose two.)

A. An IPv6 host must join the solicited-node multicast group for every unicast and anycast address on the node
B. IPv6 routers update their routing tables when they receive a redirect message on a segment
C. Solicited-node multicast addresses are based on the lower-order 24 bits of the unicast or anycast address
D. They perform neighbor unreachability detection only for neighbors that send multicast packets
E. Neighbors respone to solicitation messages by sending Router Advertisement message
F. They use UDP packets to perform neighbor unreachability detection

Answer: AC

NEW QUESTION 286
Which type of access list allows granular session filtering for upper-level protocols?

A. reflexive access lists
B. context-based access lists
C. content-based access lists
D. extended access lists

Answer: A

NEW QUESTION 287
In which scenario can asymmetric routing occur?

A. redundant routers running VRRP
B. active/standby firewall setup
C. active/active firewall setup
D. single path in and out of the network

Answer: C

NEW QUESTION 288
……

NEW QUESTION 289
Which three of the following secrity controls would you take into consideration when implementing IoT capabilities? (Choose three.)

A. Layered Security Approach
B. Place security above functionality
C. Define lifecycle controls for IoT devices
D. Privacy Impact Assessment
E. Change passwords every 90 days
F. Implement Intrusion Detection Systems on IoT devices

Answer: ACD

NEW QUESTION 290
A network engineer enables OSPF on a Frame Relay WAN connection to various remote sites,but no OSPF adjacencies come up.Which two actions are possible solutions for this issue? (Choose two.)

A. Change the network type to nonbroadcast multipoint access
B. Configure the neighbor command under OSPF process for each remote site
C. Ensure that the OSPF process number matches among all remote sites
D. Enable virtual links
E. Change the network type to point-to-multipoint under WAN interface

Answer: BE

NEW QUESTION 291
……

By the way, Get The Newest 400-101 Dumps In PDF And VCE From — http://www.passleader.com/400-101.html (328q VCE and PDF)

Good Luck!

New 400-101 Exam Questions Updated Recently (6/June/2017):

NEW QUESTION 329
Two routers are connected on a PPP link using CHAP authentication by default which value will the routers use as their identification on the link?

A. Their hostnames
B. Their IP address on the connected link
C. Their interface numbers
D. Their serial numbers

Answer: A

NEW QUESTION 330
Which component of a GETVPN deployment is responsible for obtaining an IPsec SA to encrypt data within a group?

A. Group member
B. Key Server
C. GDOI
D. GRE

Answer: C

NEW QUESTION 331
Which PIM multicast type is designed to be used for many-to-many applications within individual PIM domains?

A. PIM-DM
B. Bidir-PIM
C. PIM-SM
D. SSM

Answer: B

……

NEW QUESTION 334
Which tunneling method can transmit IPv6 traffic over an MPLS infrastructure?

A. 6PE
B. 6to4
C. ISATAP
D. 6RD

Answer: A

NEW QUESTION 335
Which IPv6 solution provides network information to clients without providing an IPv6 host address?

A. autoconfiguration
B. stateless DHCPv6
C. stateful DHCPv6
D. prefix delegation

Answer: A

NEW QUESTION 336
Which two statements about PPP CHAP authentication are true? (Choose two.)

A. It is a one-way authentication method
B. It uses a secret password, which is sent across the link for authentication
C. It supports clear-text passwords
D. It is configurable only on PPP callout links
E. It uses a configured username and password to authenticate a host

Answer: AE

……

NEW QUESTION 339
After you configure split horizon on an EIGRP hub-and-spoke network. You notice that some routes are missing on the spoke routers. Which two actions can you take to correct the problem? (Choose two.)

A. Increase the Hello and Hold timers on the connections between the routers
B. Configure unicast neighbor statements on both the hub and the spokes
C. Disable split horizon on the spoke router interfaces only
D. Disable split horizon on the hub router interface only
E. Configure the summary address command on the hub router
F. Define a separate subinterface on the hub router for each spoke

Answer: DF

NEW QUESTION 340
Which technology must be enabled on an interface before L2TPv3 can operate correctly?

A. OSPF
B. MPLS
C. CEF
D. STP

Answer: C

……

P.S. These New 400-101 Exam Questions Were Just Updated From The Real 400-101 Exam, You Can Get The Newest 400-101 Dumps In PDF And VCE From — http://www.passleader.com/400-101.html (352q VCE and PDF)

Good Luck!

BTW, part of new CCIE 400-251 dumps are available here:

http://www.ciscobraindump.com/?s=400-251

Best Regards!

New 400-101 Exam Questions and Answers (28/June/2017 Updated):

NEW QUESTION 609
What are two major requirements for configuring an extended VLAN with VTPv2? (Choose two.)

A. VLAN pruning must be enabled
B. The device must be operating in VTP transparent mode
C. The configuration must be made in global configuration mode
D. The VLAN must be configured in VLAN database mode
E. The reduced MAC address feature must be disabled

Answer: BC

NEW QUESTION 610
Which two statements about MLD snooping are true?

A. MLD protocol messages can be sent in both IGMPv4 and ICMPv4 formats.
B. It supports private VLANs.
C. It limits the Layer 2 multicast traffic that is generate by routing protocols.
D. PFC modes support MLD version 2 only.
E. The MLD snooping querier requires the VLAN interface to be configured with an IPv6 address.

Answer: BE

NEW QUESTION 611
Which IPv6 tunneling mechanism requires a service provider to nude one of its own native IPv6 blocks to guarantee that its IPv6 hosts will be reachable?

A. 6rd tunneling
B. Automatic 6to4 tunneling
C. Manual IPv6 ip tunneling
D. NAT-PT tunneling
E. Automatic 4to6 tunneling
F. ISATAP tunneling

Answer: F

NEW QUESTION 612
Refer to the exhibit. After you applied this configuration to R1 and R2, they failed to form an ISIS adjacency. Which reason for the problem is most likely true?
……

A. The network statements are mismatched
B. The IP subnets are mismatched
C. T he bandwidth is mismatched
D. The MTUs are mismatched

Answer: D

NEW QUESTION 613
Which two statements about cisco Express Forwarding are ture? (Choose two.)

A. Adjacency tables and Cisco Express Forwarding tables require packet switching.
B. Cisco Express Forwarding tables contain forwarding information on and adjacency tables contain reachability information.
C. Adjacency tables and Cisco Express forwarding tables can be separately.
D. Changing MAC header rewrite strings requires cache validation.
E. Cisco Express Forwarding tables contain reach ability information and adjacency tables contain forwarding information.

Answer: CE

NEW QUESTION 614
On which three options can Cisco PfR base its traffic routing? (Choose three.)

A. Time of day
B. Network performance
C. Router lOS version
D. User-defined link capacity thresholds
E. An access list with permit or deny statements
F. Load-balancing requirements

Answer: BDF

NEW QUESTION 615
Which three statements about BGP soft reconfiguration are true? (Choose three)

A. Outbound soft reconfiguration requires additional configuration on the BGP neighbor
B. Inbound soft reconfiguration requires additional memory
C. Outbound soft reconfiguration requires additional memory
D. Inbound soft reconfiguration stores an additional copy of the received from a neighbor before routing policies take effect
E. Inbound soft reconfiguration requires additional memory
F. Outbound soft reconfiguration stores an additional copy of the routes advertised to a neighbor before routing policies take effect

Answer: BEF

NEW QUESTION 616
What mechanism should you choose to prevent unicast flooding?

A. Make sure that all end systems are connected to the network with a single physical connection.
B. Use control plane policing (CPP) to limit unicast flooding.
C. Configure the ARP cache timers to be longer than the switch forwarding cache (CAM) timers.
D. Configure the switch forwarding cache (CAM) timers to be longer than the ARP cache timers.

Answer: D

NEW QUESTION 617
Refer to the exhibit. Which two statements about the device configuration are true? (Choose two.)
……

A. The device has control-plane protection enabled.
B. The device implicitly allows Tel net connections.
C. The GigabitEthernet0/1 interface of the device allows incoming SSH and SNMP connections.
D. The device has management-plane protection enabled.
E. The device allows SSH connections to its loopback interface.

Answer: CD

NEW QUESTION 618
What are the two requirements for BGP to install a classful network into the BGP routing table? (Choose two.)

A. Synchronization is disabled.
B. The AS contains the entire classful network.
C. Auto-summary is enabled.
D. A classful network is statement with a classful mask is in the routing table.
E. A classful network statement with a lower administrative distance in the routing table.
F. Synchronization is enabled.

Answer: CD

NEW QUESTION 619
Which authentication types does OSPF support?

A. Null (or no authentication), clear text and MD5.
B. Clear text only.
C. MD5 only.
D. MD5 and clear text.
E. Null (or no authentication) and clear text.

Answer: A

NEW QUESTION 620
……

P.S. These New 400-101 Exam Questions Were Just Updated From The Real 400-101 Exam, You Can Get The Newest 400-101 Dumps In PDF And VCE From — http://www.passleader.com/400-101.html (708q VCE and PDF)

Good Luck!

New 400-101 Exam Questions and Answers Updated Recently (2/Aug/2017):

NEW QUESTION 710
Which information is contained in an OSPF Type 7 Not-So-Stubby Area NSSA External LSA?

A. External network address, mask, and cost to reach network that is external to the OSPF domain and only within the NSSA.
B. The external network address, mask and cost to reach networks that are external to the OSPF NSSA, including the default route.
C. The address of routers that connect the current area to other areas and cost to reach those routers.
D. The paths and costs to reach other stub area border routers in the OSPF routing domain.
E. The paths and costs to all OSPF NSSA areas that are external to the current area.

Answer: A

NEW QUESTION 711
Refer to the exhibit. The Main1 and Branch1 switches are connected directly over an MPLS pseudowire, and both run UDLD. After router B1 reloads because of a power failure, the pseudowire is restored. However, the Branch 1 switch is unable to reach the Main 1 switch. Which two actions can you take to restore connectivity and prevent the problem from recurring? (Choose two.)
……

A. Issue the shutdown and no shutdown commands on both the Branch1 switch uplink to the B1 router and the Main1 switch’s uplink to the M1 router.
B. Configure a backup GRE tunnel between the Main1 and Branch1 switches.
C. Enable UDLD recovery on both the Main1 and Branch1 switches.
D. Enable errdisable recovery on both the Main1 and Branch1 switches.
E. Configure a backup pseudowire between the Main1 and Branch1 switches.

Answer: AD

NEW QUESTION 712
Which statement about Auto-RP is true?

A. An RP that is tied to a loopback address must be configured.
B. All interfaces must be configured in sparse mode.
C. All interfaces must be configured in sparse-dense mode.
D. All interfaces must be configured in dense mode.

Answer: C

NEW QUESTION 713
Which technology can be used to secure the edge of an STP domain?

A. root guard
B. BPDU guard
C. UplinkFast
D. BPDU filter

Answer: A

NEW QUESTION 714
Which three features support object tracking? (Choose three.)

A. OSPF
B. BFD
C. EEM
D. HSRP
E. PfR
F. vPC

Answer: CDF

NEW QUESTION 715
Which GDOI key is responsible for encrypting control plane traffic?

A. The traffic encryption key
B. The key-chain
C. The preshared key
D. The key encryption key

Answer: D

NEW QUESTION 716
Which two statements about private VLAN communications are true? (Choose two.)

A. Promiscuous ports communicate with all other ports.
B. Primary VLAN traffic is passed across trunk interfaces.
C. Promiscuous ports connect only to routers.
D. Isolated ports communicate with other isolated ports.

Answer: AB

NEW QUESTION 717
Which three options are three of the valid message types for DHCPv6? (Choose three.)

A. Offer
B. Request
C. Leave
D. Solicit
E. Discover
F. Advertise

Answer: BDF

NEW QUESTION 718
Which IPv6 migration method allows IPv4-only devices to communicate with IPv6-only devices?

A. GRE tunnel
B. dual stack
C. ISATAP tunnel
D. NAT64

Answer: D

NEW QUESTION 719
Refer to the exhibit. While troubleshooting an issue with a blocked switch port, you find this error in the switch log. Which action should you take first to locate the problem?
……

A. Check the attached switch for a BPDU filter.
B. Test the link for unidirectional failures.
C. Check the attached switch for an interface configuration issue.
D. Execute the show interface command to check FastEthernet 0/1.

Answer: A

NEW QUESTION 720
Which three pieces of information are carried in OSPF type-3 LSAs? (Choose three.)

A. Forwarding address
B. IP subnet
C. Subnet mask
D. Authentication type
E. External route tag
F. Metric

Answer: ACF

NEW QUESTION 721
What is one requirement to support the IGMP proxy feature?

A. Devices on the unidirectional link must be in the same IP subnet.
B. Devices connected to a unidirectional link must disable Internet access.
C. IGMP snooping must be disabled.
D. PIM-DM must be enabled on all unidirectional links.

Answer: A

NEW QUESTION 722
Which routing protocol is incompatible with VRF-lite?

A. IS-IS
B. EIGRP
C. BGP
D. OSPF

Answer: B

NEW QUESTION 723
……

P.S. These New 400-101 Exam Questions Were Just Updated From The Real 400-101 Exam, You Can Get The Newest 400-101 Dumps In PDF And VCE From — https://www.passleader.com/400-101.html (742q VCE and PDF)

Good Luck!