we provide Practical Cisco ccnp 300 101 dumps exam question which are the best for clearing ccnp route 300 101 dumps pdf test, and to get certified by Cisco Implementing Cisco IP Routing. The ccnp route 300 101 dumps pdf Questions & Answers covers all the knowledge points of the real ccnp 300 101 exam. Crack your Cisco ccnp routing and switching route 300 101 Exam with latest dumps, guaranteed!
If you would certainly such as to recognize more concerning 300-101 exam, call us or merely visit us at our internet 2PASSEASY.COM site.
Q49. Refer to the following command: router(config)# ip http secure-port 4433
Which statement is true?
A. The router will listen on port 4433 for HTTPS traffic.
B. The router will listen on port 4433 for HTTP traffic.
C. The router will never accept any HTTP and HTTPS traffic.
D. The router will listen to HTTP and HTTP traffic on port 4433.
To set the secure HTTP (HTTPS) server port number for listening, use the ip http secure-port
command in global configuration mode. To return the HTTPS server port number to the default, use the no
form of this command. ip http secure-port port-number no ip http secure-port Syntax Description port-
Integer in the range of 0 to 65535 is accepted, but the port number must be number higher than 1024
unless the default is used. The default is 443. Reference: http://www.cisco.com/en/US/docs/ios-xml/ios/
Q50. A network engineer is investigating the cause of a service disruption on a network segment and executes the debug condition interface fastethernet f0/0 command. In which situation is the debugging output generated?
A. when packets on the interface are received and the interface is operational
B. when packets on the interface are received and logging buffered is enabled
C. when packets on the interface are received and forwarded to a configured syslog server
D. when packets on the interface are received and the interface is shut down
Q51. A network engineer has been asked to ensure that the PPPoE connection is established and authenticated using an encrypted password. Which technology, in combination with PPPoE, can be used for authentication in this manner?
With PPPoE, the two authentication options are PAP and CHAP. When CHAP is enabled on
an interface and a remote device attempts to connect to it, the access server sends a CHAP packet to the
remote device. The CHAP packet requests or "challenges" the remote device to respond. The challenge
packet consists of an ID, a random number, and the host name of the local router. When the remote device
receives the challenge packet, it concatenates the ID, the remote device's password, and the random
number, and then encrypts all of it using the remote device's password. The remote device sends the
results back to the access server, along with the name associated with the password used in the
encryption process. When the access server receives the response, it uses the name it received to retrieve
a password stored in its user database. The retrieved password should be the same password the remote
device used in its encryption process. The access server then encrypts the concatenated information with
the newly retrieved password--if the result matches the result sent in the response packet, authentication
succeeds. The benefit of using CHAP authentication is that the remote device's password is never
transmitted in clear text (encrypted). This prevents other devices from stealing it and gaining illegal access
to the ISP's network. Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/
Q52. Refer to the exhibit.
A network administrator checks this adjacency table on a router. What is a possible cause for the incomplete marking?
A. incomplete ARP information
B. incorrect ACL
C. dynamic routing protocol failure
D. serial link congestion
To display information about the Cisco Express Forwarding adjacency table or the hardware Layer 3-
switching adjacency table, use the show adjacency command.
Reasons for Incomplete Adjacencies
There are two known reasons for an incomplete adjacency:
The router cannot use ARP successfully for the next-hop interface.
After a clear ip arp or a clear adjacency command, the router marks the adjacency as incomplete. Then it
fails to clear the entry.
In an MPLS environment, IP CEF should be enabeled for Label Switching. Interface level command ip
route-cache cef No ARP Entry When CEF cannot locate a valid adjacency for a destination prefix, it punts
the packets to the CPU for ARP resolution and, in turn, for completion of the adjacency.
Q53. Which PPP authentication method sends authentication information in clear text?
A. MS CHAP
PAP authentication involves a two-way handshake where the username and password are
sent across the link in clear text; hence, PAP authentication does not provide any protection against
playback and line sniffing. CHAP authentication, on the other hand, periodically verifies the identity of the
remote node using a three-way handshake. After the PPP link is established, the host sends a "challenge"
message to the remote node. The remote node responds with a value calculated using a one-way hash
function. The host checks the response against its own calculation of the expected hash value. If the
values match, the authentication is acknowledged; otherwise, the connection is terminated. Reference:
Q54. Refer to the exhibit. Which statement about the configuration is true?
A. 20 packets are being sent every 30 seconds.
B. The monitor starts at 12:05:00 a.m.
C. Jitter is being tested with TCP packets to port 65051.
D. The packets that are being sent use DSCP EF.
Q55. Which type of traffic does DHCP snooping drop?
A. discover messages
B. DHCP messages where the source MAC and client MAC do not match
C. traffic from a trusted DHCP server to client
D. DHCP messages where the destination MAC and client MAC do not match
The switch validates DHCP packets received on the untrusted interfaces of VLANs with DHCP snooping
enabled. The switch forwards the DHCP packet unless any of the following conditions occur (in which case the packet is dropped):
The switch receives a packet (such as a DHCPOFFER, DHCPACK, DHCPNAK, or DHCPLEASEQUERY
packet) from a DHCP server outside the network or firewall.
The switch receives a packet on an untrusted interface, and the source MAC address and the DHCP client
hardware address do not match. This check is performed only if the DHCP snooping MAC address
verification option is turned on. · The switch receives a DHCPRELEASE or DHCPDECLINE message from an untrusted host with an entry in the DHCP snooping binding table, and the interface information in the binding table does not match the interface on which the message was received.
The switch receives a DHCP packet that includes a relay agent IP address that is not 0.0.0.0. To support
trusted edge switches that are connected to untrusted aggregation-switch ports, you can enable the DHCP
option-82 on untrusted port feature, which enables untrusted aggregation- switch ports to accept DHCP
packets that include option-82 information. Configure the port on the edge switch that connects to the
aggregation switch as a trusted port. Reference: http:// www.cisco.com/c/en/us/td/docs/switches/lan/
Topic 7, Mix Questions
83. Which two commands would be used to troubleshoot high memory usage for a process? (Choose two.)
A. router#show memory allocating-process table
B. router#show memory summary
C. router#show memory dead
D. router#show memory events
E. router#show memory processor statistics
You have been asked to evaluate an OSPF network setup in a test lab and to answer questions a customer has about its operation. The customer has disabled your access to the show running-config command.
How many times was SPF algorithm executed on R4 for Area 1?
Q57. A router with an interface that is configured with ipv6 address autoconfig also has a link-local address assigned. Which message is required to obtain a global unicast address when a router is present?
A. DHCPv6 request
Autoconfiguration is performed on multicast-enabled links only and begins when a multicastenabled
interface is enabled (during system startup or manually). Nodes (both, hosts and routers) begin
the process by generating a link-local address for the interface. It is formed by appending the interface
identifier to well-known link-local prefix FE80 :: 0. The interface identifier replaces the right-most zeroes of
the link-local prefix. Before the link-local address can be assigned to the interface, the node performs the
Duplicate Address Detection mechanism to see if any other node is using the same link-local address on
the link. It does this by sending a Neighbor Solicitation message with target address as the "tentative"
address and destination address as the solicited-node multicast address corresponding to this tentative
address. If a node responds with a Neighbor Advertisement message with tentative address as the target
address, the address is a duplicate address and must not be used. Hence, manual configuration is
required. Once the node verifies that its tentative address is unique on the link, it assigns that link-local
address to the interface. At this stage, it has IP-connectivity to other neighbors on this link. The
autoconfiguration on the routers stop at this stage, further tasks are performed only by the hosts. The
routers will need manual configuration (or stateful configuration) to receive site-local or global addresses.
The next phase involves obtaining Router Advertisements from routers if any routers are present on the
link. If no routers are present, a stateful configuration is required. If routers are present, the Router
Advertisements notify what sort of configurations the hosts need to do and the hosts receive a global
unicast IPv6 address. Reference: https://sites.google.com/site/amitsciscozone/home/important-tips/ipv6/
Q58. To configure SNMPv3 implementation, a network engineer is using the AuthNoPriv security level. What effect does this action have on the SNMP messages?
A. They become unauthenticated and unencrypted.
B. They become authenticated and unencrypted.
C. They become authenticated and encrypted.
D. They become unauthenticated and encrypted.
Q59. Refer to the following output:
Router#show ip nhrp detail
10.1.1.2/8 via 10.2.1.2, Tunnel1 created 00:00:12, expire 01:59:47
TypE. dynamic, Flags: authoritative unique nat registered used
NBMA address: 10.12.1.2
What does the authoritative flag mean in regards to the NHRP information?
A. It was obtained directly from the next-hop server.
B. Data packets are process switches for this mapping entry.
C. NHRP mapping is for networks that are local to this router.
D. The mapping entry was created in response to an NHRP registration request.
E. The NHRP mapping entry cannot be overwritten.
Show NHRP: Examples
The following is sample output from the show ip nhrp command:
Router# show ip nhrp
10.0.0.2 255.255.255.255, tunnel 100 created 0:00:43 expire 1:59:16 Type: dynamic Flags: authoritative
NBMA address: 10.1111.1111.1111.1111.1111.1111.1111.1111.1111.11 10.0.0.1 255.255.255.255,
Tunnel0 created 0:10:03 expire 1:49:56 Type: static Flags: authoritative NBMA address: 10.1.1.2 The
fields in the sample display are as follows:
The IP address and its network mask in the IP-to-NBMA address cache. The mask is always
255.255.255.255 because Cisco does not support aggregation of NBMA information through NHRP.
The interface type and number and how long ago it was created (hours:minutes:seconds).
The time in which the positive and negative authoritative NBMA address will expire
(hours:minutes:seconds). This value is based on the ip nhrp holdtime
Type of interface:
dynamic--NBMA address was obtained from the NHRP Request packet.
static--NBMA address was statically configured.
authoritative--Indicates that the NHRP information was obtained from the Next Hop Server or router that
maintains the NBMA-to-IP address mapping for a particular destination. Reference: http://www.cisco.com/
Q60. After you review the output of the command show ipv6 interface brief, you see that several IPv6 addresses have the 16-bit hexadecimal value of "FFFE" inserted into the address. Based on this information, what do you conclude about these IPv6 addresses?
A. IEEE EUI-64 was implemented when assigning IPv6 addresses on the device.
B. The addresses were misconfigured and will not function as intended.
C. IPv6 addresses containing "FFFE" indicate that the address is reserved for multicast.
D. The IPv6 universal/local flag (bit 7) was flipped.
E. IPv6 unicast forwarding was enabled, but IPv6 Cisco Express Forwarding was disabled.
Extended Unique Identifier (EUI), as per RFC2373, allows a host to assign iteslf a unique 64-
Bit IP Version 6 interface identifier (EUI-64). This feature is a key benefit over IPv4 as it eliminates the
need of manual configuration or DHCP as in the world of IPv4. The IPv6 EUI-64 format address is obtained
through the 48-bit MAC address. The Mac address is first separated into two 24-bits, with one being OUI
(Organizationally Unique Identifier) and the other being NIC specific. The 16-bit 0xFFFE is then inserted
between these two 24-bits to for the 64-bit EUI address. IEEE has chosen FFFE as a reserved value which
can only appear in EUI-64 generated from the an EUI-48 MAC address. Here is an example showing how
a the Mac Address is used to generate EUI.
Next, the seventh bit from the left, or the universal/local (U/L) bit, needs to be inverted. This bit identifies whether this interface identifier is universally or locally administered. If 0, the address is locally
administered and if 1, the address is globally unique. It is worth noticing that in the OUI portion, the globally
unique addresses assigned by the IEEE has always been set to 0 whereas the locally created addresses
has 1 configured. Therefore, when the bit is inverted, it maintains its original scope (global unique address
is still global unique and vice versa). The reason for inverting can be found in RFC4291 section 2.5.1.
Once the above is done, we have a fully functional EUI-64 format address.
Q61. You have been asked to evaluate how EIGRP is functioning in a customer network.
What percent of R1’s interfaces bandwidth is EIGRP allowed to use?
Q62. Refer to the exhibit. After configuring GRE between two routers running OSPF that are connected to each other via a WAN link, a network engineer notices that the two routers cannot establish the GRE tunnel to begin the exchange of routing updates. What is the reason for this?
A. Either a firewall between the two routers or an ACL on the router is blocking IP protocol number 47.
B. Either a firewall between the two routers or an ACL on the router is blocking UDP 57.
C. Either a firewall between the two routers or an ACL on the router is blocking TCP 47.
D. Either a firewall between the two routers or an ACL on the router is blocking IP protocol number 57.
Q63. A packet capture log indicates that several router solicitation messages were sent from a local host on the IPv6 segment. What is the expected acknowledgment and its usage?
A. Router acknowledgment messages will be forwarded upstream, where the DHCP server will allocate addresses to the local host.
B. Routers on the IPv6 segment will respond with an advertisement that provides an external path from the local subnet, as well as certain data, such as prefix discovery.
C. Duplicate Address Detection will determine if any other local host is using the same IPv6 address for communication with the IPv6 routers on the segment.
D. All local host traffic will be redirected to the router with the lowest ICMPv6 signature, which is statically defined by the network administrator.
Router Advertisements (RA) are sent in response to router solicitation messages. Router
solicitation messages, which have a value of 133 in the Type field of the ICMP packet header, are sent by
hosts at system startup so that the host can immediately autoconfigure without needing to wait for the next
scheduled RA message. Given that router solicitation messages are usually sent by hosts at system
startup (the host does not have a configured unicast address), the source address in router solicitation
messages is usually the unspecified IPv6 address (0:0:0:0:0:0:0:0). If the host has a configured unicast
address, the unicast address of the interface sending the router solicitation message is used as the source
address in the message. The destination address in router solicitation messages is the all-routers multicast
address with a scope of the link. When an RA is sent in response to a router solicitation, the destination
address in the RA message is the unicast address of the source of the router solicitation message. RA
messages typically include the following information:
One or more onlink IPv6 prefixes that nodes on the local link can use to automatically configure their IPv6
Lifetime information for each prefix included in the advertisement
Sets of flags that indicate the type of autoconfiguration (stateless or stateful) that can be completed
Default router information (whether the router sending the advertisement should be used as a default
router and, if so, the amount of time (in seconds) the router should be used as a default router)
Additional information for hosts, such as the hop limit and MTU a host should use in packets that it
originates Reference: http://www.cisco.com/c/en/us/td/docs/ios/ipv6/configuration/guide/12_4t/
Q64. Which Cisco VPN technology can use multipoint tunnel, resulting in a single GRE tunnel interface on the hub, to support multiple connections from multiple spoke devices?
C. Cisco Easy VPN