• Home
  • Articles
  • Get Special Discount Offer of 300-410 Certification Exam Sample Questions and Answers [Q115-Q130]

Get Special Discount Offer of 300-410 Certification Exam Sample Questions and Answers [Q115-Q130]

Share

Get Special Discount Offer of 300-410 Certification Exam Sample Questions and Answers

New 300-410 Dumps For Preparing CCNP Enterprise Certified Cisco Exam Well

NEW QUESTION # 115
A customer requested a GRE tunnel through the provider network between two customer sites using loopback to hide internal networks. Which configuration on R2 establishes the tunnel with R1?

  • A. R2(config)# interface Tunnel 1
    R2(config-if)# ip address 172.20.1.2 255.255.255.0
    R2(config-if)# ip mtu 1500
    R2(config-if)# ip tcp adjust-mss 1360
    R2(config-if)# tunnel source 10.10.2.2
    R2(config-if)# tunnel destination 10.10.1.1
  • B. R2(config)# interface Tunnel 1
    R2(config-if)# ip address 172.20.1.2 255.255.255.0
    R2(config-if)# ip mtu 1500
    R2(config-if)# ip tcp adjust-mss 1360
    R2(config-if)# tunnel source 192.168.20.1
    R2(config-if)# tunnel destination 10.10.1.1
  • C. R2(config)# interface Tunnel 1
    R2(config-if)# ip address 172.20.1.2 255.255.255.0
    R2(config-if)# ip mtu 1400
    R2(config-if)# ip tcp adjust-mss 1360
    R2(config-if)# tunnel source 192.168.20.1
    R2(config-if)# tunnel destination 192.168.10.1
  • D. R2(config)# interface Tunnel 1
    R2(config-if)# ip address 172.20.1.2 255.255.255.0
    R2(config-if)# ip mtu 1400
    R2(config-if)# ip tcp adjust-mss 1360
    R2(config-if)# tunnel source 10.10.2.2
    R2(config-if)# tunnel destination 10.10.1.1

Answer: A


NEW QUESTION # 116
Drag and drop the MPLS VPN device types from me left onto the definitions on the right.

Answer:

Explanation:


NEW QUESTION # 117
An engineer is creating a policy that overrides normal routing behavior.if the route to a destination of
10.100.100.0/24 is withdrawn from the routing
Table, the policy must direct traffic to a next hop of 10.1 1.1. if the route is present in the routing table, then normal forwarding must occur. Which configuration meets the requirements?

  • A. access-list 100 permit ip any 10.100.100.0 0.0.0.255
    !
    route-map POLICY permit 10
    match ip address 100
    set ip next-hop 10.1.1.1
    !
    route map POLICY permit 20
  • B. access-list 100 permit ip any any
    !
    route-map POLICY permit 10
    match ip address 100
    set ip next-hop recursive 10.1.1.1
  • C. access-list 100 permit ip any 10.100.100.0 0.0.0.255
    !
    route map POLICY permit 10
    match ip address 100
    Set ip next-hop recursive 10.1.1.1
    !
    route-map POLICY permit 20
  • D. access-list 100 permit ip any 10.100.100.0 0.0.0.255
    !
    Route-map POLICY permit 10
    match ip address 100
    set ip default next-hop 10.1.1.1

Answer: C


NEW QUESTION # 118
Refer to the exhibit.


Refer to me exhibit Traffic from R3 to the central site does not use alternate paths when R3 cannot reach 10 10 10 2 Traffic on R3 destined to R4 takes an alternate route via 10 10 10.6 when 10 10 10 4 is not accessible from R3 Which configuration switches traffic destined to 10 10 10 2 from R3 on the alternate path''

  • A. R3(config)#ip route 192.168.10.1 255.255.265.255 10.10.10.2 track 20
  • B. R3(config)#track( 20 ip sla 20 reachability
  • C. R2(config)#ip route 10.10 10 3 255 255.255 255 10.0.0.6
  • D. R6(config)#ip route 10.10.10 3 255.255.255.255 10.0.0.30

Answer: A


NEW QUESTION # 119
Refer to the exhibit.

Refer to the exhibit. An engineer configured SNMP Commimes on UserSW2 switch, but the SNMP server cannot upload modified configurations to the switch. Which configuration resolves this issue?

  • A. snmp-server group NETVIEW v2c priv read NETVIEW access 11
  • B. snmp-server community Ciscowruser RW 11
  • C. snmp-server community CiscOUs3r RW 11
  • D. snmp-server group NETADMIN v3 priv read NETVIEW write NETADMIN access 22

Answer: B


NEW QUESTION # 120
Refer to Exhibit.

Which two configurations allow clients to get dynamic ip addresses assigned?

  • A. Configure access-list 100 permit udp any any eq 69 as the first line
  • B. Configure access-list 100 permit udp any any eq 86 as the first line
  • C. Configure access-list 100 permit udp any any eq 61 as the first line
  • D. Configure access-list 100 permit udp any any eq 67 as the first line
  • E. Configure access-list 100 permit udp any any eq 68 as the first line

Answer: D,E

Explanation:
Explanation
A DHCP server that receives a DHCPDISCOVER message may respond with a DHCPOFFER message on UDP port 68 (BootP client).
...
In the event that the DHCP server is not on the local subnet, the DHCP server will send the DHCPOFFER, as a unicast packet, on UDP port 67, back to the DHCP/BootPRelay Agent from which the DHCPDISCOVER came.


NEW QUESTION # 121
Refer to the exhibit.

An engineer must configure a LAN-to-LAN IPsec VPN between R1 and the remote router. Which IPsec Phase 1 configuration must the engineer use for the local router?

  • A. crypto isakmp policy 5
    authentication pre-share
    encryption 3des
    hash sha
    group 2
    !
    crypto isakmp key cisco123 address 200.1.1.3
  • B. crypto isakmp policy 5
    authentication pre-share
    encryption 3des
    hash md5
    group 2
    !
    crypto isakmp key cisco123 address 199.1.1.1
  • C. crypto isakmp policy 5
    authentication pre-share
    encryption 3des
    hash md5
    group 2
    !
    crypto isakmp key cisco123 address 200.1.1.3
  • D. crypto isakmp policy 5
    authentication pre-share
    encryption 3des
    hash md5
    group 2
    !
    crypto isakmp key cisco123! address 199.1.1.1

Answer: A

Explanation:
In the "crypto isakmp key ... address " command, the address must be of the IP address of the other end (which is 200.1.1.3 in this case) so Option A and Option B are correct. The difference between these two options are in the hash SHA or MD5 method but both of them can be used although SHA is better than MD5 so we choose Option A the best answer.
Note: Cisco no longer recommends using 3DES, MD5 and DH groups 1, 2 and 5.
Reference:
5/sec-ipsec-management-xe-16-5-book/sec-ipsec-usability-enhance.html


NEW QUESTION # 122
Refer to the exhibit.

An engineer is trying to add an encrypted user password that should not be visible in the router configuration. Which two configuration commands resolve the issue? (Choose two)

  • A. no service password-encryption
  • B. username Admin secret Cisco@maedeh motamedi
  • C. password encryption aes
  • D. service password-encryption
  • E. username Admin password Cisco@maedeh motamedi
  • F. username Admin password 5 Cisco@maedeh motamedi

Answer: B,D


NEW QUESTION # 123
Refer to the exhibit.

Refer to the exhibit. An engineer configures router A to mark all inside to outside traffic from network 192 168 1 0, except from host 192 168 1 1. with critical IP precedence. The policy did not work as expected Which configuration resolves the issue?

  • A.
  • B.
  • C.
  • D.

Answer: B


NEW QUESTION # 124
Which function does LDP provide in an MPLS topology?

  • A. It provides hop-by-hop forwarding in an MPLS topology for LSRs.
  • B. It enables a MPLS topology to connect multiple VPNs to P routers.
  • C. It provides a means for LSRs to exchange IP routes.
  • D. It exchanges routes for MPLS VPNs across different VRFs.

Answer: A

Explanation:
Explanation
LDP provides a standard methodology for hop-by-hop, or dynamic label, distribution in an MPLS network by assigning labels to routes that have been chosen by the underlying Interior Gateway Protocol (IGP) routing protocols. The resulting labeled paths, called label switch paths (LSPs), forward label traffic across an MPLS backbone to particular destinations.
Reference: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_ldp/configuration/12-4t/mp-ldp-
12-4t-book.pdf


NEW QUESTION # 125
Refer to the exhibit.

Although summarization is configured for R1 to receive 10.0.0.0/8. more specific routes are received by R1.
How should the 10.0.0.0/8 summary route be received from the neighbor, attached to R1 via Fast Ethernet0/0 interface?

  • A. The summarization condition is not met. The network 10.1.100.0/24 should be changed to
    172.16.0.0/24.
  • B. The summarization condition is not met Router 10 1 100.10 requires a route for 10 0.0.0/8 that points to null 0
  • C. R1 should configure the ip summary-address eigrp <AS number> 10.0.0.0.255.0.0.0 command under the Fast Ethernet 0/0 interface.
  • D. R1 should configure the ip summary-address eigrp <AS number> 10.0.0.0 0.0.0.255 command under the Fast Ethernet 0/0 interface.

Answer: D


NEW QUESTION # 126
Refer to the exhibit.

An engineer implemented CoPP but did not see OSPF traffic going through it. Which configuration resolves the issue?

  • A. policy-map COPP class OSFP police 8000 conform-action transmit exceed-action transmit violate-action drop
  • B. class-map match-all OSFP match access-group name OSPF
  • C. ip access-list extended OSPF permit ospf any any
  • D. control-plane service-policy input COPP

Answer: A


NEW QUESTION # 127
An engineer must configure a Cisco router to initiate secure connections from the router to other devices in the network but kept failing. Which two actions resolve the issue? (Choose two.)

  • A. Configure transport input ssh command on the console
  • B. Configure a crypto key to be generated
  • C. Configure a domain name
  • D. Configure a TACACS+ server and enable it
  • E. Configure a source port for the SSH connection to initiate

Answer: B,C

Explanation:
Explanation
Follow these guidelines when configuring the switch as an SSH server or SSH client:
+ An RSA key pair generated by a SSHv1 server can be used by an SSHv2 server, and the reverse.+ If the SSH server is running on a stack master and the stack master fails, the new stack master uses the RSA key pair generated by the previous stack master
+ If you get CLI error messages after entering the crypto key generate rsa global configuration command, an RSA key pair has not been generated. Reconfigure thehostname and domain, and then enter the crypto key generate rsa command.+ When generating the RSA key pair, the message No host name specified might appear. If it does, you must configure a hostname by using the hostname globalconfiguration command.+ When generating the RSA key pair, the message No domain specified might appear. If it does, you must configure an IP domain name by using the ip domain-nameglobal configuration command.+ When configuring the local authentication and authorization authentication method, make sure that AAA is disabled on the console.


NEW QUESTION # 128
Refer to the exhibit.

An engineer wanted to set a tag of 30 to route 10 1.80.65/32 but it failed How is the issue fixed?

  • A. Modify route-map ospf-to-eigrp permit 10 and match prefix-list ccnp2.
  • B. Modify route-map ospf-to-eigrp permit 30 and match prefix-list ccnp2.
  • C. Modify prefix-list ccnp3 to add 10.1.64.0/20 ge 32
  • D. Modify prefix-list ccnp3 to add 10.1.64.0/20 le 24

Answer: A


NEW QUESTION # 129
Refer to the exhibit.

A user cannot SSH to the router. What action must be taken to resolve this issue?

  • A. Configure transport input ssh
  • B. Configure ip ssh source-interface loopback0
  • C. Configure ip ssh version 2
  • D. Configure transport output ssh

Answer: A

Explanation:
Explanation
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/security/configuration_g


NEW QUESTION # 130
......

Updated 300-410 Dumps Questions Are Available For Passing Cisco Exam: https://passleader.free4dump.com/300-410-real-dump.html

Related Articles

more
Cisco 300-410 Certification Practice Exam