Super ways to ccnp 300 101

Our pass rate is high to 98.9% and the similarity percentage between our ccnp routing and switching route 300 101 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Cisco 300 101 route exam in just one try? I am currently studying for the Cisco ccnp 300 101 pdf exam. Latest Cisco ccnp routing and switching route 300 101 official cert guide Test exam practice questions and answers, Try Cisco 300 101 dumps Brain Dumps First.

Q41. Which technology was originally developed for routers to handle fragmentation in the path between end points? 

A. PMTUD 

B. MSS 

C. windowing 

D. TCP 

E. global synchronization 

Answer: A 

Explanation: 

Q42. What does the following access list, which is applied on the external interface FastEthernet 1/0 of the perimeter router, accomplish? 

router(config)#access-list 101 deny ip 10.0.0.0 0.255.255.255 any log 

router (config)#access-list 101 deny ip 192.168.0.0 0.0.255.255 any log 

router (config)#access-list 101 deny ip 172.16.0.0 0.15.255.255 any log 

router (config)#access-list 101 permit ip any any 

router (config)#interface fastEthernet 1/0 

router (config-if)#ip access-group 101 in 

A. It prevents incoming traffic from IP address ranges 10.0.0.0-10.0.0.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255 and logs any intrusion attempts. 

B. It prevents the internal network from being used in spoofed denial of service attacks and logs any exit to the Internet. 

C. It filters incoming traffic from private addresses in order to prevent spoofing and logs any intrusion attempts. 

D. It prevents private internal addresses to be accessed directly from outside. 

Answer: C 

Explanation: 

The private IP address ranges defined in RFC 1918 are as follows:

10.0.0.0 - 10.255.255.255

172.16.0.0 - 172.31.255.255

192.168.0.0 - 192.168.255.255 

These IP addresses should never be allowed from external networks into a

corporate network as they would only be able to reach the network from the outside via routing problems or

if the IP addresses were spoofed. This ACL is used to prevent all packets with a spoofed reserved private

source IP address to enter the network. The log keyword also enables logging of this intrusion attempt.

Q43. Which three benefits does the Cisco Easy Virtual Network provide to an enterprise network? (Choose three.) 

A. simplified Layer 3 network virtualization 

B. improved shared services support 

C. enhanced management, troubleshooting, and usability 

D. reduced configuration and deployment time for dot1q trunking 

E. increased network performance and throughput 

F. decreased BGP neighbor configurations 

Answer: A,B,C 

Explanation: 

Q44. A packet capture log indicates that several router solicitation messages were sent from a local host on the IPv6 segment. What is the expected acknowledgment and its usage? 

A. Router acknowledgment messages will be forwarded upstream, where the DHCP server will allocate addresses to the local host. 

B. Routers on the IPv6 segment will respond with an advertisement that provides an external path from the local subnet, as well as certain data, such as prefix discovery. 

C. Duplicate Address Detection will determine if any other local host is using the same IPv6 address for communication with the IPv6 routers on the segment. 

D. All local host traffic will be redirected to the router with the lowest ICMPv6 signature, which is statically defined by the network administrator. 

Answer: B 

Explanation: 

Router Advertisements (RA) are sent in response to router solicitation messages. Router

solicitation messages, which have a value of 133 in the Type field of the ICMP packet header, are sent by

hosts at system startup so that the host can immediately autoconfigure without needing to wait for the next

scheduled RA message. Given that router solicitation messages are usually sent by hosts at system

startup (the host does not have a configured unicast address), the source address in router solicitation

messages is usually the unspecified IPv6 address (0:0:0:0:0:0:0:0). If the host has a configured unicast

address, the unicast address of the interface sending the router solicitation message is used as the source

address in the message. The destination address in router solicitation messages is the all-routers multicast

address with a scope of the link. When an RA is sent in response to a router solicitation, the destination

address in the RA message is the unicast address of the source of the router solicitation message. RA

messages typically include the following information:

One or more onlink IPv6 prefixes that nodes on the local link can use to automatically configure their IPv6

addresses

Lifetime information for each prefix included in the advertisement

Sets of flags that indicate the type of autoconfiguration (stateless or stateful) that can be completed

Default router information (whether the router sending the advertisement should be used as a default

router and, if so, the amount of time (in seconds) the router should be used as a default router)

Additional information for hosts, such as the hop limit and MTU a host should use in packets that it

originates Reference: http://www.cisco.com/c/en/us/td/docs/ios/ipv6/configuration/guide/12_4t/

ipv6_12_4t_book/ip6- addrg_bsc_con.html

Q45. Which PPP authentication method sends authentication information in cleartext? 

A. MS CHAP 

B. CDPCP 

C. CHAP 

D. PAP 

Answer: D 

Explanation: 

Q46. When using SNMPv3 with NoAuthNoPriv, which string is matched for authentication? 

A. username 

B. password 

C. community-string 

D. encryption-key 

Answer: A 

Explanation: 

The following security models exist: SNMPv1, SNMPv2, SNMPv3. The following security

levels exits: "noAuthNoPriv" (no authentiation and no encryption noauth keyword in CLI),

"AuthNoPriv" (messages are authenticated but not encrypted auth keyword in CLI), "AuthPriv" (messages

are authenticated and encrypted priv keyword in CLI). SNMPv1 and SNMPv2 models only support the

"noAuthNoPriv" model since they use plain community string to match the incoming packets. The SNMPv3

implementations could be configured to use either of the models on per-group basis (in case if

"noAuthNoPriv" is configured, username serves as a replacement for community string). Reference: http://

blog.ine.com/2008/07/19/snmpv3-tutorial/

Q47. A network engineer is notified that several employees are experiencing network performance related issues, and bandwidth-intensive applications are identified as the root cause. In order to identify which specific type of traffic is causing this slowness, information such as the source/destination IP and Layer 4 port numbers is required. Which feature should the engineer use to gather the required information? 

A. SNMP 

B. Cisco IOS EEM 

C. NetFlow 

D. Syslog 

E. WCCP 

Answer: C 

Explanation: 

NetFlow Flows Key Fields

A network flow is identified as a unidirectional stream of packets between a given source and destination--

both are defined by a network-layer IP address and

transport-layer source and destination port numbers. Specifically, a flow is identified as the combination of

the following key fields:

Source IP address

Destination IP address

Source Layer 4 port number

Destination Layer 4 port number

Layer 3 protocol type

Type of service (ToS)

Input logical interface Reference: http://www.cisco.com/en/US/docs/ios-xml/ios/netflow/configuration/12-4t/

cfg-nflow- data-expt.html

Q48. A company's corporate policy has been updated to require that stateless, 1-to-1, and IPv6 to IPv6 translations at the Internet edge are performed. What is the best solution to ensure compliance with this new policy? 

A. NAT64 

B. NAT44 

C. NATv6 

D. NPTv4 

E. NPTv6 

Answer: E 

Explanation: 

NPTv6 provides a mechanism to translate the private internal organization prefixes to public globally

reachable addresses. The translation mechanism is stateless and provides a 1:1 relationship between the internal addresses and external addresses. The use cases for NPTv6 outlined in the RFC include peering with partner networks, multi homing, and redundancy and load sharing.

Reference:

http://www.cisco.com/c/dam/en/us/td/docs/solutions/SBA/August2012/Cisco_SBA_BN_IPv6AddressingGuide-Aug2012.pdf

Q49. Which type of BGP AS number is 64591? 

A. a private AS number 

B. a public AS number 

C. a private 4-byte AS number 

D. a public 4-byte AS number 

Answer: A 

Explanation: 

Q50. What are the three modes of Unicast Reverse Path Forwarding? 

A. strict mode, loose mode, and VRF mode 

B. strict mode, loose mode, and broadcast mode 

C. strict mode, broadcast mode, and VRF mode 

D. broadcast mode, loose mode, and VRF mode 

Answer: A 

Explanation: 

Network administrators can use Unicast Reverse Path Forwarding (Unicast RPF) to help limit

the malicious traffic on an enterprise network. This security feature works by enabling a router to verify the

reachability of the source address in packets being forwarded. This capability can limit the appearance of

spoofed addresses on a network. If the source IP address is not valid, the packet is discarded. Unicast

RPF works in one of three different modes: strict mode, loose mode, or VRF mode. Note that not all

network devices support all three modes of operation. Unicast RPF in VRF mode will not be covered in this

document. When administrators use Unicast RPF in strict mode, the packet must be received on the

interface that the router would use to forward the return packet. Unicast RPF configured in strict mode may

drop legitimate traffic that is received on an interface that was not the router's choice for sending return

traffic. Dropping this legitimate traffic could occur when asymmetric routing paths are present in the

network. When administrators use Unicast RPF in loose mode, the source address must appear in the

routing table. Administrators can change this behavior using the allow-default option, which allows the use

of the default route in the source verification process. Additionally, a packet that contains a source address

for which the return route points to the Null 0 interface will be dropped. An access list may also be

specified that permits or denies certain source addresses in Unicast RPF loose mode. Care must be taken

to ensure that the appropriate Unicast RPF mode (loose or strict) is configured during the deployment of

this feature because it can drop legitimate traffic. Although asymmetric traffic flows may be of concern

when deploying this feature, Unicast RPF loose mode is a scalable option for networks that contain

asymmetric routing paths. Reference: http://www.cisco.com/web/about/security/intelligence/unicastrpf.

html