All the Cisco 300-101 on the web study supplies are of great price with nearly all supreme accuracy. Our professionals are dedicated to presenting one of the most authentic, reputable, and current Cisco Cisco certification exam questions for you personally all. You may get a high mark which guarantee your success in the direction of Cisco certification. You can be at ease with all the answers to the Cisco Cisco 300-101 stimulation tests. The Cisco Cisco 300-101 braindumps contain almost 100% proper answers which cause you to understand the particular 300-101 questions easily. Youll be able to get a passing score in the Cisco Cisco real analyze. In addition, you will get a total refund because of your failure in the Cisco exam after employing our items. You should send out us your Cisco 300-101 score report. We all will give back your cash within 12 hours.

2017 Apr 300-101 free question

Q61. A network engineer is configuring a routed interface to forward broadcasts of UDP 69, 53, and 49 to 172.20.14.225. Which command should be applied to the configuration to allow this? 

A. router(config-if)#ip helper-address 172.20.14.225 

B. router(config-if)#udp helper-address 172.20.14.225 

C. router(config-if)#ip udp helper-address 172.20.14.225 

D. router(config-if)#ip helper-address 172.20.14.225 69 53 49 

Answer:

Explanation: 

To let a router forward broadcast packet the command ip helper-address can be used. The broadcasts will

be forwarded to the unicast address which is specified with the ip helper command.

ip helper-address {ip address}

When configuring the ip helper-address command, the following broadcast packets will be forwarded by

the router by default:

TFTP - UDP port 69

Domain Name System (DNS) UDP port 53

Time service - port 37

NetBIOS Name Server - port 137

NetBIOS Datagram Server - port 138

Bootstrap Protocol (BOOTP) - port 67

TACACS UDP port 49 Reference: http://www.cisco-faq.com/163/forward_udp_broadcas.html

Topic 6, Infrastructure Services 

61. A network engineer is configuring SNMP on network devices to utilize one-way SNMP notifications. However, the engineer is not concerned with authentication or encryption. Which command satisfies the requirements of this scenario? 

A. router(config)#snmp-server host 172.16.201.28 traps version 2c CISCORO 

B. router(config)#snmp-server host 172.16.201.28 informs version 2c CISCORO 

C. router(config)#snmp-server host 172.16.201.28 traps version 3 auth CISCORO 

D. router(config)#snmp-server host 172.16.201.28 informs version 3 auth CISCORO 

Answer:

Explanation: 

Most network admins and engineers are familiar with SNMPv2c which has become the

dominant SNMP version of the past decade. It's simple to configure on both the router/switch-side and just

as easy on the network monitoring server. The problem of course is that the SNMP statistical payload is

not encrypted and authentication is passed in cleartext. Most companies have decided that the information

being transmitted isn't valuable enough to be worth the extra effort in upgrading to SNMPv3, but I would

suggest otherwise. Like IPv4 to IPv6, there are some major changes under the hood. SNMP version 2

uses community strings (think cleartext passwords, no encryption) to authenticate polling and trap delivery.

SNMP version 3 moves away from the community string approach in favor of user- based authentication

and view-based access control. The users are not actual local user accounts, rather they are simply a

means to determine who can authenticate to the device. The view is used to define what the user account

may access on the IOS device. Finally, each user is added to a group, which determines the access policy

for its users. Users, groups, views. Reference: http://www.ccnpguide.com/snmp-version-3/


Q62. Scenario: 

You have been asked to evaluate an OSPF network setup in a test lab and to answer questions a customer has about its operation. The customer has disabled your access to the show running-config command. 

Areas of Router 5 and 6 are not normal areas, inspect their routing tables and determine which statement is true? 

A. R5's Loopback and R6's Loopback are both present in R5's Routing table 

B. R5's Loopback and R6's Loopback are both present in R6's Routing table 

C. Only R5's loopback is present in R5's Routing table 

D. Only R6's loopback is present in R5's Routing table 

E. Only R5's loopback is present in R6's Routing table 

Answer:

Explanation: 

Topic 4, VPN Technologies 

45. A company has just opened two remote branch offices that need to be connected to the corporate network. Which interface configuration output can be applied to the corporate router to allow communication to the remote sites? 

A. interface Tunnel0 

bandwidth 1536 

ip address 209.165.200.230 255.255.255.224 

tunnel source Serial0/0 

tunnel mode gre multipoint 

B. interface fa0/0 

bandwidth 1536 

ip address 209.165.200.230 255.255.255.224 

tunnel mode gre multipoint 

C. interface Tunnel0 

bandwidth 1536 

ip address 209.165.200.231 255.255.255.224 

tunnel source 209.165.201.1 

tunnel-mode dynamic 

D. interface fa 0/0 

bandwidth 1536 

ip address 209.165.200.231 255.255.255.224 

tunnel source 192.168.161.2 

tunnel destination 209.165.201.1 

tunnel-mode dynamic 

Answer:

Explanation: 

The configuration of mGRE allows a tunnel to have multiple destinations. The configuration of

mGRE on one side of a tunnel does not have any relation to the tunnel properties that might exist tunnel

source Serial0/0 tunnel mode gre multipoint

B. interface fa0/0 bandwidth 1536 ip address 209.165.200.230 255.255.255.224 tunnel mode gre

multipoint

C. interface Tunnel0 bandwidth 1536 ip address 209.165.200.231 255.255.255.224 tunnel source

209.165.201.1 tunnel-mode dynamic

D. interface fa 0/0 bandwidth 1536 ip address 209.165.200.231 255.255.255.224 tunnel source

192.168.161.2 tunnel destination 209.165.201.1 tunnel-mode dynamic

Answer: A Explanation: The configuration of mGRE allows a tunnel to have multiple destinations. The

configuration of mGRE on one side of a tunnel does not have any relation to the tunnel properties that

might exist at the exit points. This means that an mGRE tunnel on the hub may connect to a p2p tunnel on

the branch. Conversely, a p2p GRE tunnel may connect to an mGRE tunnel. The distinguishing feature

between an mGRE interface and a p2p GRE interface is the tunnel destination. An mGRE interface does

not have a configured destination. Instead the GRE tunnel is configured with the command tunnel mode

gre multipoint. This command is used instead of the tunnel destination x.x.x.x found with p2p GRE tunnels.

Besides allowing for multiple destinations, an mGRE tunnel requires NHRP to resolve the tunnel

endpoints. Note, tunnel interfaces by default are point-to-point (p-p) using GRE encapsulation, effectively they have the tunnel mode gre command, which is not seen in the configuration because it is the default.

The mGRE configuration is as follows: ! interface Tunnel0 bandwidth 1536 ip address 10.62.1.10

255.255.255.0 tunnel source Serial0/0 tunnel mode gre multipoint Reference: http://www.cisco.com/c/en/

us/td/docs/solutions/Enterprise/WAN_and_MAN/DMVPDG/DMVP N_2_Phase2.html


Q63. Which Cisco IOS VPN technology leverages IPsec, mGRE, dynamic routing protocol, NHRP, and Cisco Express Forwarding? 

A. FlexVPN 

B. DMVPN 

C. GETVPN 

D. Cisco Easy VPN 

Answer:

Explanation: Dynamic Multipoint Virtual Private Network (DMVPN) is a dynamic tunneling form of a virtual

private network (VPN) supported on Cisco IOS-based routers and Unix-like Operating Systems based on

the standard protocols, GRE, NHRP and IPsec. This DMVPN provides the capability for creating a

dynamic-mesh VPN network without having to pre-configure (static) all possible tunnel end-point peers,

including IPsec (Internet Protocol Security) and ISAKMP (Internet Security Association and Key

Management Protocol) peers. DMVPN is initially configured to build out a hub-and-spoke network by

statically configuring the hubs (VPN headends) on the spokes, no change in the configuration on the hub is

required to accept new spokes. Using this initial hub-and-spoke network, tunnels between spokes can be

dynamically built on demand (dynamic-mesh) without additional configuration on the hubs or spokes. This

dynamic-mesh capability alleviates the need for any load on the hub to route data between the spoke

networks. DMVPN is combination of the following technologies:

Multipoint GRE (mGRE)

Next-Hop Resolution Protocol (NHRP)

Dynamic Routing Protocol (EIGRP, RIP, OSPF, BGP)

Dynamic IPsec encryption

Cisco Express Forwarding (CEF)

Reference: http://en.wikipedia.org/wiki/Dynamic_Multipoint_Virtual_Private_Network

Topic 5, Infrastructure Security 

53. Which traffic does the following configuration allow? 

ipv6 access-list cisco 

permit ipv6 host 2001:DB8:0:4::32 any eq ssh 

line vty 0 4 

ipv6 access-class cisco in 

A. all traffic to vty 0 4 from source 2001:DB8:0:4::32 

B. only ssh traffic to vty 0 4 from source all 

C. only ssh traffic to vty 0 4 from source 2001:DB8:0:4::32 

D. all traffic to vty 0 4 from source all 

Answer:

Explanation: 

Here we see that the IPv6 access list called "cisco" is being applied to incoming VTY connections to the

router. IPv6 access list has just one entry, which allows only the single IPv6 IP address of 2001:DB8:0:4::32 to connect using SSH only.


Leading 300-101 braindumps:

Q64. An organization decides to implement NetFlow on its network to monitor the fluctuation of traffic that is disrupting core services. After reviewing the output of NetFlow, the network engineer is unable to see OUT traffic on the interfaces. What can you determine based on this information? 

A. Cisco Express Forwarding has not been configured globally. 

B. NetFlow output has been filtered by default. 

C. Flow Export version 9 is in use. 

D. The command ip flow-capture fragment-offset has been enabled. 

Answer:

Explanation: 

We came across a recent issue where a user setup a router for NetFlow export but was unable to see the

OUT traffic for the interfaces in NetFlow Analyzer. Every NetFlow configuration aspect was checked and

nothing incorrect was found. That is when we noticed the `no ip cef' command on the router. CEF was

enabled at the global level and within seconds, NetFlow Analyzer started showing OUT traffic for the

interfaces. This is why this topic is about Cisco Express Forwarding.

What is switching?

A Router must make decisions about where to forward the packets passing through. This decision-making

process is called "switching". Switching is what a router does when it makes the following decisions:

1.Whether to forward or not forward the packets after checking that the destination for the packet is

reachable.

2.If the destination is reachable, what is the next hop of the router and which interface will the router use to

get to that destination.

What is CEF?

CEF is one of the available switching options for Cisco routers. Based on the routing table, CEF creates its

own table, called the Forwarding Information Base (FIB). The FIB is organized differently than the routing

table and CEF uses the FIB to decide which interface to send traffic from. CEF offers the following

benefits:

1.Better performance than fast-switching (the default) and takes less CPU to perform the same task.

2.When enabled, allows for advanced features like NBAR

3.Overall, CEF can switch traffic faster than route-caching using fast-switching

How to enable CEF?

CEF is disabled by default on all routers except the 7xxx series routers. Enabling and Disabling CEF is

easy. To enable CEF, go into global configuration mode and

enter the CEF command.

Router# config t

Router(config)# ip cef

Router(config)#

To disable CEF, simply use the `no' form of the command, ie. `no ip cef`.

Why CEF Needed when enabling NetFlow ?

CEF is a prerequisite to enable NetFlow on the router interfaces. CEF decides through which interface

traffic is exiting the router. Any NetFlow analyzer product will calculate the OUT traffic for an interface

based on the Destination Interface value present in the NetFlow packets exported from the router. If the

CEF is disabled on the router, the NetFlow packets exported from the router will have "Destination

interface" as "null" and this leads NetFlow Analyzer to show no OUT traffic for the interfaces. Without

enabling the CEF on the router, the NetFlow packets did not mark the destination interfaces and so

NetFlow Analyzer was not able to show the OUT traffic for the interfaces. Reference: https://

blogs.manageengine.com/network-2/netflowanalyzer/2010/05/19/need-for-cef- in-netflow-data-export.html


Q65. A network engineer is trying to implement broadcast-based NTP in a network and executes the ntp broadcast client command. Assuming that an NTP server is already set up, what is the result of the command? 

A. It enables receiving NTP broadcasts on the interface where the command was executed. 

B. It enables receiving NTP broadcasts on all interfaces globally. 

C. It enables a device to be an NTP peer to another device. 

D. It enables a device to receive NTP broadcast and unicast packets. 

Answer:

Explanation: 

The NTP service can be activated by entering any ntp command. When you use the ntp broadcast client

command, the NTP service is activated (if it has not already been activated) and the device is configured to receive NTP broadcast packets on a specified interface simultaneously.

Command Description

ntp broadcast Allows the system to receive NTP broadcast packets on an client interface.

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/bsm/command/bsm-xe-3se-3850- cr-book/

bsm-xe-3se-3850-cr-book_chapter_00.html


Q66. Which prefix is matched by the command ip prefix-list name permit 10.8.0.0/16 ge 24 le 24? 

A. 10.9.1.0/24 

B. 10.8.0.0/24 

C. 10.8.0.0/16 

D. 10.8.0.0/23 

Answer:

Explanation: 

With prefix lists, the ge 24 term means greater than or equal to a /24 and the le 24 means less than or

equal to /24, so only a /24 is both greater than or equal to 24 and less than or equal to 24. This translate to any prefix in the 10.8.x.0/24 network, where X is any value in the 0-255 range.

Only the choice of 10.8.0.0.24 matches this.