QUESTION 561
A configuration includes the line ip nbar port-map SSH tcp 22 23 443 8080. Which option describes the effect of this configuration line?
|
A. |
It configures NBAR to search for SSH using ports 22, 23, 443, and 8080. |
|
B. |
It configures NBAR to allow SSH connections only on ports 22, 23, 443, and 8080. |
|
C. |
It enables NBAR to inspect for SSH connections. |
|
D. |
It creates a custom NBAR port-map named SSH and associates TCP ports 22, 23, 443, and 8080 to itself. |
Correct Answer: A
Explanation:
The ip nbar-port-map command configures NBAR to search for a protocol or protocol name using a port number other than the well-known port.
Reference:
http://www.cisco.com/c/en/us/td/docs/ios/12_2/qos/command/reference/fqos_r/qrfcmd10.pdf
QUESTION 562
Which two descriptions of the keying mechanisms that are used to distribute the session keys used in routing authentication are true? (Choose two.)
|
A. |
Peer keying creates a unique one-to-one relationship with another peer. |
|
B. |
Group keying creates a single keying message to multiple peers. |
|
C. |
Peer keying creates a single keying message to multiple peers. |
|
D. |
Group keying creates a unique one-to-one relationship with another peer. |
|
E. |
Group keying creates a full mesh of keying sessions to all devices. |
|
F. |
Peer keying creates a full mesh of keying sessions to all devices. |
Correct Answer: AB
QUESTION 563
DRAG DROP
Drag and drop the SNMP element on the left to the corresponding definition on the right.
Correct Answer:
QUESTION 564
Refer to the exhibit. Which two commands are required on R3 in order for MPLS to function? (Choose two.)
|
A. |
mpls ip |
|
B. |
ip cef |
|
C. |
mpls label protocol tdp |
|
D. |
mpls ip propagate-ttl |
Correct Answer: AB
QUESTION 565
Which three protocols can use enhanced object tracking? (Choose three.)
|
A. |
HSRP |
|
B. |
Proxy-ARP |
|
C. |
VRRP |
|
D. |
GLBP |
|
E. |
NTP |
|
F. |
DHCP |
Correct Answer: ACD
Explanation:
The Enhanced Object Tracking feature separates the tracking mechanism from HSRP and creates a separate standalone tracking process that can be used by other processes and HSRP. This feature allows tracking of other objects in addition to the interface line-protocol state. A client process such as HSRP, Virtual Router Redundancy Protocol (VRRP), or Gateway Load Balancing Protocol (GLBP), can register its interest in tracking objects and then be notified when the tracked object changes state.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/15-mt/iap-15-mt-book/iap-eot.html
QUESTION 566
On which three options can Cisco PfR base its traffic routing? (Choose three.)
|
A. |
Time of day |
|
B. |
An access list with permit or deny statements |
|
C. |
Load-balancing requirements |
|
D. |
Network performance |
|
E. |
User-defined link capacity thresholds |
|
F. |
Router IOS version |
Correct Answer: CDE
Explanation:
Key Advantages of using PfR for Load balancing:
Reference: http://docwiki.cisco.com/wiki/PfR:Solutions:InternetOutboundLoadBalancing
QUESTION 567
Which address is a MAC address that is mapped from an IPv6 address (RFC 2464)?
|
A. |
3333.FF17.FC0F |
|
B. |
FFFE. FF17.FC0F |
|
C. |
FF34.3333.FF17 |
|
D. |
FF7E.FF17.FC0F |
Correct Answer: A
Explanation:
An IPv6 packet with a multicast destination address DST, consisting of the sixteen octets DST through DST, is transmitted to the Ethernet multicast address whose first two octets are the value 3333 hexadecimal and whose last four octets are the last four octets of DST.
Reference: https://tools.ietf.org/html/rfc2464
QUESTION 568
DRAG DROP
Drag and drop each policy command on the left to the function it performs on the right.
Correct Answer:
QUESTION 569
Which two statements about IPsec VTI implementation are true? (Choose two.)
|
A. |
The IKE SA can be bound to the VTI and the crypto map. |
|
B. |
The transform set can be configured only in tunnel mode. |
|
C. |
SVTIs support only a single IPsec SA. |
|
D. |
SVTIs support IPv4 packets that carry IPv6 packets. |
Correct Answer: BC
QUESTION 570
Which two statements about NPTv6 are true? (Choose two.)
|
A. |
The translation is invisible to applications that hard code IP information within the application logic. |
|
B. |
It is a one-way stateful translation for the IPv6 address. |
|
C. |
Translation is 1:1 at the network layer. |
|
D. |
It is a two-way stateless translation for the network prefix. |
Correct Answer: CD
Explanation:
This document describes a stateless, transport-agnostic IPv6-to-IPv6 Network Prefix Translation (NPTv6) function that provides the address-independence benefit associated with IPv4-to-IPv4 NAT (NAPT44) and provides a 1:1 relationship between addresses in the “inside” and “outside” prefixes, preserving end-to-end reachability at the network layer NPTv6 Translation is stateless, so a “reset” or brief outage of an NPTv6 Translator does not break connections that traverse the translation function, and if multiple NPTv6 Translators exist between the same two networks, the load can shift or be dynamically load shared among them. NPTv6 is defined to include a two-way, checksum-neutral, algorithmic translation function, and nothing else.
Reference: https://tools.ietf.org/html/rfc6296
Free VCE & PDF File for Cisco 400-101 Practice Tests
Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …