Cisco® 400-151 Exam Practice Questions (P. 1)
- Full Access (489 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #1
Which two statements about VXLAN are true? (Choose two.)
- AVXLAN uses a UDP destination port of 4987.
- BA VTEP is a virtual or physical device that maps end devices to VXLAN segments.
- CDevices that terminate VXLAN tunnels are known as VTEPs.
- DVXLAN adds an additional 32 bytes worth of headers.
Correct Answer:
BC
BC
send
light_mode
delete
Question #2
Which two security features are supported by NX-API (Choose two.)
- ANX-API support certificate-based authentication.
- BUsers must have appropriate accounts to access the device through NX-API.
- CAll communication to the device is encrypted when you use HTTPS.
- DAll communication to the device is encrypted when you use VPN.
Correct Answer:
BC
BC
send
light_mode
delete
Question #3
Which three guidelines and limitations of policy-based routing are true? (Choose three.)
- AA match command can refer to more than one ACL in a route map for policy-based routing.
- BSetting a tunnel interface or an IP address via a tunnel interface as a next hop in a police-based routing policy is not supported.
- CThe same route map can be shared among different interfaces for policy-based routing as long as interfaces belong to the same VRF instance.
- DAn ACL used in a policy-based routing route map cannot include a deny statement.
- EA policy-based routing route map can have multiple match or set statements per route-map statement.
- FPolicy-based routing and WCCPv2 are not supported on the same interface if bank chaining is disabled.
Correct Answer:
BCD
Policy-based routing has the following configuration guidelines and limitations: "¢ A policy-based routing route mapcan have only one match or set statement per route-map statement. "¢ A match command cannot refer to more than one ACL in a single route-map statement/clause. "¢ Policy-based routing is not supported with inbound traffic on FEX ports. "¢ An ACL used in a policy-based routing route map cannot include a deny statement. "¢ The same route map can be shared among different interfaces for policy-based routing as long as the interfaces belong to the same virtual routing and forwarding (VRF) instance. "¢ Setting atunnel interface or an IP address via a tunnel interface as a next hop in a policy-based routing policy is not supported.
References:
BCD
Policy-based routing has the following configuration guidelines and limitations: "¢ A policy-based routing route mapcan have only one match or set statement per route-map statement. "¢ A match command cannot refer to more than one ACL in a single route-map statement/clause. "¢ Policy-based routing is not supported with inbound traffic on FEX ports. "¢ An ACL used in a policy-based routing route map cannot include a deny statement. "¢ The same route map can be shared among different interfaces for policy-based routing as long as the interfaces belong to the same virtual routing and forwarding (VRF) instance. "¢ Setting atunnel interface or an IP address via a tunnel interface as a next hop in a policy-based routing policy is not supported.
References:
send
light_mode
delete
Question #4
Which statement about VTP bombing is true?
- AIt occurs because of configuration mismatch on VTPv3 switches. This problem can be avoided using a confirmation management tool.
- BIt occurs when switches with different VTP versions are connected together. This situation may occur when a new switch is plugged into a stable VTP domain. The MAC address table of the new switch overrides the MAC address table of stable switches causing interruption of service.
- CIt occurs when a client connects to a switch and launches a distributed denial of service attack against the VTP domain. This attack is possible only ifthe client knows the VTP password.
- DIt occurs when a server with a higher revision number and a wrong VTP database is inserted into the VTP domain. This situation may occur when a new switch plugged into a stable VTP domain. The incorrect database is propagated to the domain and the earlier stable database is overwritten. D
Correct Answer:
Explanation
Explanation
send
light_mode
delete
Question #5
Which three options are common PTP device types? (Choose three.)
- Anetwork clock
- Bsundials
- Cboundary clock
- Dtransparent clock
- Eordinary clock
- Fcrystal clock
Correct Answer:
CDE
CDE
send
light_mode
delete
Question #6
Which two options are functions of the 6LoWPAN header? (Choose two.)
- Apacket fragmentation and reassembly
- Blimit the lifespan of a packet (TTL)
- CIPv6 header compression
- Dcyclic redundancy check
- ELayer 2 encryption
Correct Answer:
AC
AC
send
light_mode
delete
Question #7
Which three options are benefits of the vPC peer switch feature? (Choose three.)
- AAfter the peer link comes up, it performs an ARP bulk sync over CFSoE to the peer switch
- BIt improves convergence forLayer 3 flows.
- CIt allows a pair of vPC peer devices to appear as a single STP root in the Layer 2.
- DIt simplifies STP configuration by configuring both vPC with the same STP priority.
- EIt eliminates the recommendation to pin the STP root to the vPCprimary switch. CDE
Correct Answer:
Explanation
Explanation
send
light_mode
delete
Question #8
Which two statements about IP-directed broadcast are true? (Choose two.)
- AThe destination address in the IP header of the packet is rewritten to the configured IP broadcast address for the subnet, and the packet is sent as a link-layer broadcast.
- BAn IP-directed broadcast is an IP packet whose destination address is a valid broadcast address, and it originates from a node that is also part of the same subnet.
- CA switch that is not directly connectedto its destination subnet forwards an IP-directed broadcast in the same way it forwards unicast IP packets destined to a host on that subnet.
- DAll switches in the network forward an IP-directed broadcast in the same way they forward multicast IP packets.
Correct Answer:
AC
AC
send
light_mode
delete
Question #9
Which statement about glean throttling in Cisco NX-OS is true?
- AThe traffic shaping feature in Cisco NX-OS to avoid bottle necks in the network.
- BCisco NX-OS supports a rate-limiting feature to manage the access bandwidth policy for a network by ensuring that traffic falling within specified rate parameters is sent, while dropping packets that exceed the acceptable amount of traffic or sending them a different priority.
- CWhen forwarding an incoming IP packet in a line card, if the Address Resolution Protocol request for the next hop is not resolved, the line card forwards the packets to the supervisor. The supervisor resolves the MAC address for the next hop and programs the hardware.
- DThe traffic policing feature manages the maximum rate of traffic through a token bucket algorithm. The token bucket algorithm can use the user-configured values to determine the maximum rate of traffic allowed on an interface at a given moment in time.
Correct Answer:
C
C
send
light_mode
delete
Question #10
Which two guidelines apply to private VLAN configuration when you are running FabricPath (Choose two.)
- AOn the F-Series modules, user-configured static MAC addresses are programmed on all forwarding engines that have ports in that VLAN.
- BThe system does support hierarchical static MAC addresses.
- CFabricPath ports can be put into a private VLAN.
- DAll VLANs in a private VLAN must be in the same VLAN mode; either CE or FabricPath.
Correct Answer:
AD
AD
send
light_mode
delete
All Pages