300-101

Question 1

A network engineer notices that transmission rates of senders of tcp traffic sharply increase and decrease simultaneously during periods of congestion. Which condition causes this?

A. Global synchronization
B. Tail drop
C. Random early detection
D. Queue management algorithm

Answer 1

Correct answer: A

Question 2

Which three problems results from application mixing of UDP and TCP streams within a network with no QoS (choose three)

A. Starvation 
B. Jitter
C. Latency
D. windowing 
E. Lower throughput

Answer 2

Correct answer:

ACE

Question 3

Which method allows IPv4 and IPv6 to work together without requiring both to be used for a single connection during the migration process?

A. Dual stack method
B. 6to4 tunneling
C. GRE tunneling
D. NAT-PT

Answer 3

Correct Answer:

A

Question 4

Which statement about the use of tunneling to migrate to IPv6 is true?

A. Tunneling is less secure than dual stack or translation.
B. Tunneling is more difficult to configure than dual stack or translation
C. Tunneling does not enable users of the new protocol to communicate with users of the old protocol without dual-stack hosts.
D. Tunneling destination are manually determined by the IPv4 address in the low-order 32 bits of IPv4-compatible IPv6 address

Answer 4

Correct Answer:

C

Question 5

A network administrator executes the command clear ip route. Which two tables does this command clear and rebuild? (Choose two)

A. IP routing 
B. FIB
C. ARP cache
D. MAC address table
E. Cisco Express Forwarding table
F. Topology table

Answer 5

Correct Answer:

AB

Question 6

Which switching method is used when entries are present in the output of the command show ip cache?
A. Fast switching 
B. Process switching 
C. Cisco Express Forwarding Switching 
D. Cut-through packet switching

Answer 6

Correct answer:

A

Question 7

Which two actions must you perform to enable and use window scaling on a router? (Choose two)
A. Execute the command ip tcp windows-size 65536
B. Set window scaling to be used on the remote host.
C. Execute the command ip tcp queuemax.
D. Set TCP options to “enabled” on the remote host.
E. Execute the command ip tcp adjust-mss

Answer 7

Correct Answer:

AB

Question 8

Which three TCP enhancements can be used with TCP selective acknowledgments? 
A. Header compression 
B. Explicit congestion notification 
C. Keepalive 
D. Time stamps
E. TCP path recovery 
F. MTU window

Answer 8

Correct Answer:

BCD

Question 9

A network administrator uses IP SLA to measure UDP performance and notices that packets on one router have a higher one-way delay compared to the opposite direction. Which UDP characteristic does this scenario describe? 
A. Latency
B. Starvation 
C. Connectionless communication
D. Nonsequencing unordered packets
E. Jitter

Answer 9

Correct Answer:

A

Question 10

Under which condition does UDP dominance occur?
A. When TCP traffic is in the same class as UDP
B. When UDP flows are assigned a lower priority queue
C. When WRED is enabled
D. When ACLs are in place to block TCP traffic.

Answer 10

Correct Answer:

A

Question 11

Prior to enabling PPPoE in a virtual private dialup network group, which task must be completed? 
A. Disable CDP on the interface.
B. Execute the vpdn enable command
C. Execute the no switchport command 
D. Enable QoS FiFo for PPPoE support

Answer 11

Correct Answer:

B

Question 12

A network engineer has been asked to ensure that the PPPoE connection is established and authenticated using an encrypted password. Which technology, in combination with PPPoE, can be used for authentication in this manner? 
A. PAP
B. Dot1x
C. Ipsec
D. CHAP
E. ESP

Answer 12

Correct Answer:

D

Question 13

A corporate policy requires PPPoE to be enabled and to maintain a connection with the ISP, even if not interested traffic exists. which feature can be found to accomplish this task?
A. TCT Adjust 
B. Dialer persistent
C. PPPoE groups
D. Half-bridging 
E. Peer Neighbor Route

Answer 13

Correct answer:

B

Question 14

Which PPP authentication method sent authentication information in clear text?
A. MS CHAP
B. CDPCP
C. CHAP
D. PAP

Answer 14

Correct answer:

D

Question 15

Which protocol uses dynamic address mapping to request the next-hope protocol address for specific connection?
A. Frame Relay inverse ARP
B. Static DLCI mapping 
C. Frame Relay broadcast queue 
D. Dynamic DLCI mapping

Answer 15

Correct answer:

A

Question 16

Which statement is true about PPP session phase of PPPoE?

A. PPP options are negotiated and authentication is not performed. Once the link set up is completed, PPPOE functions as layer 3 encapsulation method that allows data to be transferred over PPP link within the PPPoE headers.
B. PPP options are not negotiated and authentication is performed. Once the link setup is complete, PPPoE functions as a layer 4 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.
C. PPP options are automatically enabled and authorization is performed. Once the link setup is completed, PPPoE functions as a layer 2 encapsulation method that allows data to be encrypted over PPP link within PPPoE headers.
D. PPP options are negotiated and authentication is performed. Once the link setup is completed, PPPoE functions as layer 2 encapsulation method that allows data to be transferred over the PPP link within PPPoE headers.

Answer 16

Correct Answer:

D

Question 17

PPPoE is composed of which two phases?
A. Active Authentication phase and PPP Session Phase
B. Passive Discovery Phase and PPP session phase
C. Active authorization phase and PPP Session pahse
D. Active Discovery phase and PPP Session phase

Answer 17

Correct Answer:

D

Question 18

A router with an interface that is configured with iPv6 address autoconfig also has a link-local address assigned. Which message is required to obtain a global unicast address when a router is present? 
A. DHCPv6 request
B. Router-advertisement
C. Neighbor-solicitation 
D. Redirect

Answer 18

Correct Answer:

B

Question 19

A router with an interface that is configured with IPv6 address autoconfig also has a link-local address assigned. Which message is required to obtain a global unicast address when a router is present? 
A. DHCPv6 request
B. Router-advertisement 
C. Neighbor-solicitation 
D. Redirect

Answer 19

Correct Answer:

B

Question 20

An engineer has configured a router to use EUI-64, and was asked to document the IPv6 address of the router. The router has the following interface parameters:
MAC address C601.420F.0007
Subnet 2001:DB8:0:1::/64

Which IPv6 addresses should the engineer add to the documentation? 
A. 2001:DB8:0:1:C601:42FF:FE0F:7
B. 2001:DB8:0:1:FFFF:C601:420F:7
C. 2001:DB8:0:1:FE80:C601:420F:7
D. 2001:DB8:0:1:C601:42FE:800F:7

Answer 20

Correct Answer:

A

Question 21

For security purposes, an IPv6 traffic filter was configured under various interfaces on the local router. However, shortly after implementing the traffic filter, OSPFv3 neighbor adjacencies were lost. What caused this issue?
A. The traffic filter is blocking all ICMPv6 traffic
B. The global anycast address must be added to the traffic filter to allow OSPFv3 to work properly.
C. The link-local addresses that were used by OSPFV3 were explicit denied, which caused the neighbor relationships to fail.
D. IPv6 traffic filtering can be implemented only on SVIs.

Answer 21

Correct Answer:

C

Question 22

What is the purpose of the autonomous-system {autonomous-system-number} command?
A. It sets the EIGRP autonomous system number in a VRF
B. It sets the BGP autonomous system number in a VRF
C. Its sets the global EIGRP autonomous system number
D. It sets the global BGP autonomous system number

Answer 22

Correct Answer:

A

Question 23

What is the default OSPF hello interval on a Frame Relay point-to-point network? 
A. 10
B. 20
C. 30
D. 40

Answer 23

Correct Answer:

A

Question 24

Which prefix is matched by the command ip prefix-list name permit 10.8.0.0/16 ge 24 le 24?

A. 10.9.1.0/24
B. 10.8.0.0/24
C. 10.8.0.0/16
D. 10.8.0.0/23

Answer 24

Correct Answer:

B

Question 25

Router A and Router B are configured with IPv6 addressing and basic routing capabilities using OSPFV3. The Network that are advertised from Router A do not show up in Router B routing table. After debugging IPv6 packets, the message “not a router” is found in the output. Why is the routing information not being learned by router B?
A. OSPFV3 timers were not adjusted for fast convergence.
B. The networks were not advertised properly under the OSPFV3 process.
C. An IPv6 traffic filter is blocking the networks from being learned via the Router B interface that is connected to Router A
D. IPv6 unicast routing is not enabled on router A or router B.

Answer 25

Correct Answer:

D

Question 26

After you review the output of the command show IPv6 interface brief, you see that several IPv6 addresses have the 16-bit hexadecimal value of fFFE inserted into the address. Based on this information, what do you conclude about these IPV6 addresses?
A. IEEE EUI-64 was implemented when assigning IPV6 addresses on the device.
B. The addresses were misconfigured and will not function as intended.
C. IPv6 addresses containing “FFFE” indicate that the address is reversed for multicast.
D. The IPv6 universal/local flag (bit 7) was flipped
E. IPv6 unicast Forwarding was enable, but IPv6 Cisco Express Forwarding was disabled.

Answer 26

Correct Answer:

A

Question 27

A packet capture log indicates that several router solicitation messages were sent from a local host on the IPv6 segment. What is the expected acknowledgment and its usage?
A. Router acknowledgement message will be forwarded upstream, where the DHCP server will allocate addresses to the local host.
B. Routers on the IPv6 segment will respond with an advertisement that provides an external path from the local subnet, as well as certain data, such as prefix discovery.
C. Duplicate Address detection will determine if any other local host is using the same IPv6 address for communication with the IPv6 routers on the segment.

Answer 27

Correct Answer:

B

Question 28

A company has just opened two remote branch office that need to be connected to the corporate network. Which interface configuration output can be applied to the corporate router to allow communication to the remote sites? 
A. Interface Tunnel0
     Bandwidth 1536
     Ip address 209.165.200.230 255.255.255.224
     Tunnel source serial0/0
     Tunnel mode gre multipoint 
B. Interface fa0/0
     Bandwidth 1536
     IP address 209.165.200.230 255.255.255.224
     Tunnel mode gre multipoint 
C. Interface tunnel0
     Bandwidth 1536
     IP address 209.165.200.231 255.255.255.224
     Tunnel source 209.165.201.1
     Tunnel-mode dynamic
D. Interface fa 0/0
     Bandwidth 1536
     IP address 209.165.200.231 255.255.255.224
     Tunnel source 192.168.161.2
     Tunnel destination 209.165.201.1
     Tunnel-mode dynamic

Answer 28

Correct Answer:

A

Question 29

A network engineer executes the show crypto ipsec sa command. Which three pieces of information are displayed in the output.
A. Inbound crypto map 
B. Remaining key lifetime
C. Path MTU
D. Tagged packets 
E. Untagged packets 
F. Invalid identity packets

Answer 29

Correct Answer:

ABC

Question 30

Refer to the following output:

Router#show ip nhrp detail
10.1.1.2/8 via 10.2.1.2, Tunnel1 created 00:00:12 expire 01:59:47 typE. Dynamic, Flags: authoritative unique nat registered used NBMA address: 10.12.1.2
What does the authoritative flag mean in regards to the NHRP information?
A. It was obtained directly from the next-hop server.
B. Data packets are process switches for this mapping entry.
C. NHRP mapping is for network that are local to this router.
D. The mapping entry was created in response to an NHRP registration request.
E. The NHRP mapping entry cannot be overwritten.

Answer 30

Correct Answer:

A

Question 31

Which common issue causes intermittent DMVPN tunnel flaps?

A. A routing neighbor reachability issue
B. A suboptimal routing table
C. Interface bandwidth congestion
D. That the GRE tunnel to hub router is not encrypted

Answer 31

Correct Answer:

A

Question 32

Which encapsulation supports an interface that is configured for an EVN trunk? 
A. 802.1Q
B. ISL
C. PPP
D. Frame Relay 
E. MPLS
F. HDLC

Answer 32

Correct answer:

A

Question 33

Which three characteristics are shared by subinterfaces and associated EVNs?
A. IP address 
B. Routing table
C. Forwarding control lists
E. NetFlow configuration

Answer 33

Correct Answer:

ABC

Question 34

A user is having issues accessing file shares on a network. The network engineer advises the user to open a web browser, input a prescribed IP address, and follow the instructions. After doing this, the user is able to access company shares. Which type of remote access did the engineer enable? 
A. EZVPN
B. Ipsec VPN client access
C. VPDN client access
D. SSL VPN client access

Answer 34

Correct Answer:

D

Question 35

Which Cisco IOS VPN technology leverages IPsec, mGRE, dynamic routing protocol, NHRP, and Cisco Express Forwarding?
A. Flex VPN
B. DMVPN
C. GetVPN
D. Cisco Easy VPN

Answer 35

Correct answer:

B

Question 36

Which traffic does the following configuration allow?

IPv6 access-list cisco
Permit ipv6 host 2001:DB8:0:4::32 any eq ssh
Line vty 0 4
IPv6 access-class cisco in
A. All traffic to vty 0 4 from source 2001:DB8:0:4:32
B. Only ssh traffic to vty 0 4 from source all
C. Only ssh traffic to vty 0 4 from source 2001:DB:8:0:4::32
D. All traffic to vty 0 4 from source all

Answer 36

Correct Answer:

C

Question 37

For troubleshooting purposes, which method can you use in combination with the “debug ip packet” command to limit the amount of output data?
A. You can disable the IP route cache globally
B. You can use the KRON scheduler.
C. You can use an extended access list.
D. You can use an IOS parser.
E. You can use the RITE traffic exporter.

Answer 37

Correct Answer:

C

Question 38

Refer to the following access list.
Access-list 100 permit ip any any log

After applying the access list on a cisco router, the network engineer notices that the router CPU utilization has risen to 99 percent. What is the reason for this?
A. A packet that matches access-list with the “log” keyword is cisco express Forwarding switched.
B. A packet that matches access-list with the “log” keyword is fast switched.
C. A packet that matches access-list with the “log” keyword is process switched
D. A large amount of IP traffic is being permitted on the router

Answer 38

Correct Answer:

C

Question 39

Which address is used by Unicast Reverse Path Forwarding protocol to validate a packet against the routing table? 
A. Source address 
B. Destination address 
C. Router interface
D. Default gateway

Answer 39

Correct Answer:

A

Question 40

What are three modes of Unicast Reverse Path Forwarding?
A. Strict mode, loose mode, and VRF mode
B. Strict mode, loose mode, and broadcast mode
C. Strict mode, broadcast mode, and VRF mode
D. Broadcast mode, loose mode, and VRF mode

Answer 40

Correct Answer:

A

Question 41

What does the following access list, which is applied on the external interface FastEthernet 1/0 of the perimeter router, accomplish?
Router(config)#access-list 101 deny ip 10.0.0.0 255.255.255.255 any log
Router(config)#access-list 101 deny ip 192.168.0.0 0.0.255.255 any log
Router(config)#access-list 101 deny ip 172.16.0.0 0.15.255.255 any log
Router(config)#interface fastEthernet 1/0
Router(config-ip)#ip access-group 101 in
A. It prevents incoming traffic from IP address ranges 10.0.0.0-10.0.0.255, 172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255 and logs any intrusion attempts
B. It prevents the internal network from being used in spoofed denial of service attacks and logs any exit to the internet.
C. It filters incoming traffic from private addresses in order to prevent spoofing and logs any intrusion attempts.
D. It prevents private internal addresses to be accessed directly from outside.

Answer 41

Correct Answer:

C

Question 42

Refer to the following command:

Router(config)# ip http secure-port 4433

Which statement is true?
A. The router will listen on port 4433 for HTTPS traffic
B. The router will listen on port 4433 for HTTP traffic
C. The router will never accept any HTTP and HTTPS traffic.
D. The router will listen listen to HTTP and HTTP traffic on port 4433

Answer 42

Correct Answer: A

Question 43

A network engineer is configuring a routed interface to forward broadcasts of UDP 69, 53, and 49 to 172.20.14.225. Which command should be applied to the configuration to allow this?
A. Router(config-if)# ip helper-address 172.20.14.225
B. Router(config-if)# udp helper-address 172.20.14.225
C. Router(config-if)# ip udp helper-address 172.20.14.225

Answer 43

Correct Answer:

A

Question 44

A network engineer is configuring SNMP on the network devices to utilize one-way SNMP notifications. However, the engineer is not concerned with authentication or encryption. Which command satisfies the requirement of this scenario?

A. Router(config)#snmp-server host 172.16.201.28 traps version 2c CiSCORO
B. Router(config)#snmp-server host 172.16.201.28 informs version 2c CISCORO
C. Router(config)# snmp-server host 172.16.201.28 traps version 3 auth CISCORO

Answer 44

Correct Answer:

A

Question 45

When using SNMPv3 with NoauthNopriv, which string is math ed for sithentication?

A. Username
B. Password
C. Community-string
D. Encryption-key

Answer 45

Correct answer:

A

Question 46

After a recent DoS attack on a network, senior management ask you to implement better logging functionality on all IOS-based devices. Which two actions can you take to provide enhanced logging results? Choose two

A. Use the msec option to enable service time stamps
B. Increase the logging history
C. Set the logging severity level to 1
D. Specify a logging rate limit
E. Disable event logging on all noncritical items

Answer 46

Correct Answer:

AB

Question 47

A network engineer finds that a core router has crashed without warning. In this situation, which feature can the engineer use to create a crash collection?

A. Secure copy protocol 
B. Core dumps 
C. Warm reloads 
D. SNMP
E. Netflow

Answer 47

Correct Answer:

B

Question 48

A network engineer is trying to implement broadcast-based NTP in a network and executes the ntp broadcast client command. Assuming that an NTP server is already set up, what is the result of the command?
A. It enables receiving NTP broadcast on the interface where the command was executed
B. It enables receiving NTP broadcast on all interfaces globally.
C. It enables a device to be an NTP peer to another device.
D. It enables a devices to receive NTP broadcast and unicast packets

Answer 48

Correct Answer:

A

Question 49

What is a function of NPTv6?

A. It interferes with encryption of the full IP payload
B. It maintains a per-node state
C. It is checksum-neutral
D. It rewrites transport layer headers.

Answer 49

Correct Answer:

C

Question 50

IPv6 has just been deployed to all of the hosts within a network, but not to the servers. Which features allows ipv6 devices to communicate with ipv4 servers?

A. NAT
B. NATng
C. NAT64
D. Dual-stack NAT
E. DNS64

Answer 50

Correct Answer:

C

Question 51

A network engineer initiates the ip sla responder tcp-connect command in order to gather statistics for performance gauging. Which type of statistics does the engineer see?

A. Connectionless-oriented
B. Service-oriented
C. Connection-oriented
D. Application-oriented

Answer 51

Correct Answer:

C

Question 52

A network engineer executes the “ipv6 flowset” command. What is the result?

A. Flow-label marking in 1280-byte or larger packets is enabled.
B. Flow-set marking in 1280-byte or larger packets is enabled.
C. Ipv6 PMTU is enabled on the router
D. IPv6 flow control is enabled on the router.

Answer 52

Correct Answer:

A

Question 53

A network engineer executes the show ip flow export command. Which line in the output indicates that the send queue is full and report packets are not being sent?

A. Output drops
B. Enqueuing for the RP
C. Fragmentation failures
D. Adjacency issues

Answer 53

Correct Answer:

A

Question 54

A network engineer is asked to configure a site-to-site IPsec VPN tunnel. One of the last things that the engineer does is to configure an access list (access-list 1 permit any) along with the command ip nat inside source lost 1 int s0/0 overload. Which functions do the two commands serve in this scenario?

A. The command access-list 1 defines interesting traffic that is allowed through the tunnel.
B. The command ip nat inside source list 1 int s0/0 overload disables “many-to-one” access for all devices on a defined segment to share a single IP address upon existing the external interface.
C. The command access-list 1 permit any defines only one machine that is allowed through the tunnel.
D. The command ip nat inside source list 1 int s0/0 overload provides “many-to-one” access for all devices on a defined segment to share a single IP address upon existing the external interface.

Answer 54

Correct Answer:

D

Question 55

A network engineer is configuring a solution to allow failover of HSRP nodes during maintenance windows, as an alternative to powering down the active router and letting the network respond accordingly. Which action will allow for manual switching of HSRP nodes?
A. Track the up/down state of a loopback interface and shutdown this interface during maintenance.
B. Adjust the HSRP priority without the use of preemption
C. Disable and unable all active interface on the active HSRP node.
D. Enable HSRPv2 under global configuration, which allows for maintenance mode.

Answer 55

Correct Answer:

A