Updated & Revised 11/1/16

300-101 All Question PDF

New Question 1:

Refer to the following access list.

access-list 100 permit ip any any log

After applying the access list on a Cisco router, the network engineer notices that the router CPU
utilization has risen to 99 percent. What is the reason for this?

A. A packet that matches access-list with the “log” keyword is Cisco Express Forwarding
switched.
B. A packet that matches access-list with the “log” keyword is fast switched.
C. A packet that matches access-list with the “log” keyword is process switched.
D. A large amount of IP traffic is being permitted on the router.

Correct Answer: C

New Question 2:

What does the following access list, which is applied on the external interface FastEthernet 1/0
of the perimeter router, accomplish?

router(config)#access-list 101 deny ip 10.0.0.0 0.255.255.255 any log

router (config)#access-list 101 deny ip 192.168.0.0 0.0.255.255 any log
router (config)#access-list 101 deny ip 172.16.0.0 0.15.255.255 any log
router (config)#access-list 101 permit ip any any
router (config)#interface fastEthernet 1/0
router (config-if)#ip access-group 101 in

A. It prevents incoming traffic from IP address ranges 10.0.0.0-10.0.0.255,

172.16.0.0-172.31.255.255, 192.168.0.0-192.168.255.255 and logs any intrusion attempts.
B. It prevents the internal network from being used in spoofed denial of service attacks and logs
any exit to the Internet.
 Updated & Revised 11/1/16

C. It filters incoming traffic from private addresses in order to prevent spoofing and logs any
intrusion attempts.
D. It prevents private internal addresses to be accessed directly from outside.

Correct Answer: C

New Question 3:

A network engineer is configuring a solution to allow failover of HSRP nodes during

maintenance windows, as an alternative to powering down the active router and letting the
network respond accordingly. Which action will allow for manual switching of HSRP nodes?

A. Track the up/down state of a loopback interface and shut down this interface during
maintenance.
B. Adjust the HSRP priority without the use of preemption.
C. Disable and enable all active interfaces on the active HSRP node.
D. Enable HSRPv2 under global configuration, which allows for maintenance mode.

Correct Answer: A

New Question 4:

Which two commands would be used to troubleshoot high memory usage for a process? (Choose
two.)
A. router#show memory allocating-process table
B. router#show memory summary
C. router#show memory dead
D. router#show memory events
E. router#show memory processor statistics

Correct Answer: A,B

New Question 5:
 Updated & Revised 11/1/16

The enterprise network WAN link has been receiving several denial of service attacks from both
IPv4 and IPv6 sources. Which three elements can you use to identify an IPv6 packet via its
header, in order to filter future attacks? (Choose three.)

A. Traffic Class
B. Source address
C. Flow Label
D. Hop Limit
E. Destination Address
F. Fragment Offset

Correct Answer: A,C,D

New Question 6:

A network engineer has set up VRF-Lite on two routers where all the interfaces are in the same
VRF. At a later time, a new loopback is added to Router 1, but it cannot ping any of the existing
interfaces. Which two configurations enable the local or remote router to ping the loopback from
any existing interface? (Choose two.)

A. adding a static route for the VRF that points to the global route table
B. adding the loopback to the VRF
C. adding dynamic routing between the two routers and advertising the loopback
D. adding the IP address of the loopback to the export route targets for the VRF
E. adding a static route for the VRF that points to the loopback interface
F. adding all interfaces to the global and VRF routing tables

Correct Answer: A,B

 Updated & Revised 11/1/16

New Question 7:

Which three benefits does the Cisco Easy Virtual Network provide to an enterprise network?
(Choose three.)
A. simplified Layer 3 network virtualization
B. improved shared services support
C. enhanced management, troubleshooting, and usability
D. reduced configuration and deployment time for dot1q trunking
E. increased network performance and throughput
F. decreased BGP neighbor configurations

Correct Answer: A,B,C

New Question 8:

Which PPP authentication method sends authentication information in cleartext?

A. MS CHAP
B. CDPCP
C. CHAP
D. PAP

Correct Answer: D

New Question 9:

On which two types of interface is Frame Relay switching supported? (Choose two.)
A. serial interfaces
B. Ethernet interfaces
C. fiber interfaces
D. ISDN interfaces
E. auxiliary interfaces

Correct Answer: A,D

 Updated & Revised 11/1/16

New Question 10:

Which two statements about AAA implementation in a Cisco router are true? (Choose two.)
A. RADIUS is more flexible than TACACS+ in router management.
B. RADIUS and TACACS+ allow accounting of commands.
C. RADIUS and TACACS+ encrypt the entire body of the packet.
D. RADIUS and TACACS+ are client/server AAA protocols.
E. Neither RADIUS nor TACACS+ allow for accounting of commands.

Correct Answer: B,D

New Question 11:

Which option represents the minimal configuration that allows inbound traffic from the
172.16.1.0/24 network to successfully enter router R, while also limiting spoofed 10.0.0.0/8
hosts that could enter router R?
A. (config)#ipcef
(config)#interface fa0/0
(config-if)#ip verify unicast source reachable-via rx allow-default
B. (config)#ipcef
(config)#interface fa0/0
(config-if)#ip verify unicast source reachable-via rx
C. (config)#no ipcef
(config)#interface fa0/0
(config-if)#ip verify unicast source reachable-via rx
D. (config)#interface fa0/0
(config-if)#ip verify unicast source reachable-via any

Correct Answer: A
 Updated & Revised 11/1/16

New Question 12:

Which outbound access list, applied to the WAN interface of a router, permits all traffic except
for http traffic sourced from the workstation with IP address 10.10.10.1?
A. ip access-list extended 200
deny tcp host 10.10.10.1 eq 80 any
permit ip any any
B. ip access-list extended 10
deny tcp host 10.10.10.1 any eq 80
permit ip any any
C. ip access-list extended NO_HTTP
deny tcp host 10.10.10.1 any eq 80
D. ip access-list extended 100
deny tcp host 10.10.10.1 any eq 80
permit ip any any

Correct Answer: D

New Question 13:

Which easy virtual networking configuration component significantly decreases network

configuration?

A. Easy Trunk
B. Dot1e
C. Virtual Network Trunk
D. VNET Tags
E. MBGP

Correct Answer: C
 Updated & Revised 11/1/16

New Question 14:

In which two ways can split horizon issues be overcome in a Frame Relay network environment?
(choose two.)

A. Configuring one physical serial interface with Frame Relay to various remote sites.
B. Configure a loopback interface with Frame Relay to various remote sites.
C. Configuring multiple subinterfaces on a single physical interface to various remote sites.
D. Enabling split horizon.
E. Disabling split horizon

Correct Answer: C,E

New Question 15:

What is the administrative distance for EBGP?

A. 200
B. 30
C. 70
D. 20

Correct Answer: D
New Question 16:

Which three IP SLA performance metrics can you use to monitor enterprise-class networks?
(Choosethree.)

A. Delay
B. Reliability
C. Packet loss
D. Traps
E. Connectivity

Correct Answer: A,C,E

 Updated & Revised 11/1/16

New Question 17:

What command can you enter to configure an enable password that uses an encrypted password

from another configuration?

A. enable secret $abc%!e.Cd34$!ao0

B. enable secret 7 Sabc%!e.Cd34$!ao0
C. enable secret 0 Sabc%U*.Cd34$!ao0
D. enable secret 5 $abc%!e.Cd34$!ao0
E. enable secret 15 $abc%ie.Cd34$!ao0
F. enable secret 6 $abc%!e.Cd34$!ao0

Correct Answer: D

New Question 18:

A network engineer wants to notify a manager in the events that the IP SLA connection loss
threshold reached. Which two features are need to implements this function? (choose two)

A. MOS
B. Threshold action
C. Cisco EEM
D. SNMP traps
E. IOS

Correct Answer: B,D

New Question 19:

At which layer does Cisco Express Forwarding use adjacency tables to populate addressing

information?

A. Layer 1
B. Layer 2
 Updated & Revised 11/1/16

C. Layer 3
D. Layer 4

Correct Answer: B

New Question 20:

when the tunnel interface is configured in default mode, which statement about routers and the
tunnel destination address is true

A. The router must have a route installed towards the tunnel destination
B. The router must have wccp redirects enabled inbound from the tunnel destination
C. The router must have cisco discovery protocol enabled on the tunnel to form a CDP
neighborship with the tunnel destination
D. The router must have redirects enabled outbound towards the tunnel destination

Correct Answer: A

New Question 21:

A question in regards to the output of show crypto isakmp sa? (Sorry don’t have the exact quest.)

A. Ipsec configuration not compatible

B. Isakmp not compatible.
C. Isakmp is not enabled.
D. Isakmp is default mode

Correct Answer: D
New Question 22:

In Rapid-Commit mode , the DHCP client obtain configuration parameters from the server
through a rapid two message exchange. What two messages?

A. SOLICIT
B. ADVERTISE
C. REQUEST
 Updated & Revised 11/1/16

D. CONFIRM
E. RENEW
F. REBIND
G. REPLY

Correct Answer: A, G

New Question 23:

A network administrator notices that the BGP state drops and logs are generated for missing
BGP hello keepalives. What is the potential problem?
A. InCorrect Answer: neighbor options
B. Hello timer mismatch
C. BGP path MTU enabled
D. MTU mismatch

Correct Answer: D

New Question 24:

Refer to the exhibit showing complete command output. What type of OSPF router is Router A?

A. ABR
 Updated & Revised 11/1/16

B. ASBR
C. Edge Router
D. Internal Router

Correct Answer: A

New Question 25:

Access-list 1 permit 192.168.1.1

access-list 1 deny any
Access-list 2 permit 192.168.1.4
access-list 2 deny any
ntp access-group serve 1
ntp master 4
ntp access-group peer 2

which three ntp features can be deduced on the router? (choose 3)

A. Only accepts time requests from 192.168.1.1

B. Only handle four requests at a time
C. Only is in stratum 4
D. Only updates its time from 192.168.1.1
E. Only accepts time requests from 192.168.1.4
F. Only updates its time from 192.168.1.4

Correct Answer: A,C,F

New Question 26:

Considering the IPv6 address independence requirements, which process do you avoid when you
use NPTv6 for translation?

A. rewriting of higher layer information

B. checksum verification
C. ipv6 duplication and conservation
 Updated & Revised 11/1/16

D. IPSEC AH header modification

Correct Answer:A

New Question 27:

Which two statements about NTP operation are true? (Choose two.)
A. If multiple NTP servers are configured, the one with the lowest stratum is preferred
B. By default, NTP communications use UDP port 123.
C. If multiple NTP servers are configured, the one with the highest stratum is preferred.
D. Locally configured time overrides time received from an NTP server.
E. “Stratum” refers to the number of hops between the NTP client and the NTP server.
NTP questions

Correct Answer: A, B

New Question 28:

Which two attributes describe UDP within a TCP/IP network? (Choose two.)
A. Acknowledgments
B. Unreliable delivery
C. Connectionless communication
D. Connection-oriented communication
E. Increased headers

Correct Answer: B, C

New Question 29:

Refer to the following configuration command.

Router(config)# ip nat inside source static tcp 172.16.10.8 8080 172.16.10.8 80

 Updated & Revised 11/1/16

Which statement about the command is true ?

A. Any packet that is received in the inside interface with a source IP port address of
172.16.10.8:80 is translated to 172.16.10.8:8080.
B. Any packet that is received in the inside interface with a source IP port address of
172.16.10.8:8080 is transtated to 172.16.10.8:80.
C. The router accepts only a TCP connection from port 8080 and port 80 on IP address
172.16.10.8.
D. Any packet that is received in the inside interface with a source IP address of 172.16.10.8 is
redirected to port 8080 or port 80.

Correct Answer: ​A

New Question 30:

Which IP SLA operation can be used to measure round-trip delay for the full path and
hop-by-hop round-trip delay on the network?

A. HTTP
B. ICMP path echo
C. TCP connect
D. ICMP echo

Correct Answer: B

New Question 31:

A network engineer wants to display the statistics of an active tunnel on a DMVPN network.
Which command should the administrator execute to accomplish this task?
A. Router#show crypto ipsec sa
B. Router#show crypto isakmp peers
C. Router#show crypto isakmp sa
D. Router#show crypto ipsec transform-set
E. Router#show crypto engine connections active
 Updated & Revised 11/1/16

Correct Answer: A
New Question 32:

Refer to the exhibit. A network engineer has configured GRE between two IOS routers. The state
of the tunnel interface is continuously oscillating between up and down. What is the solution to
this problem?
A. Create a more specific static route to define how to reach the remote router.
B. Create a more specific ARP entry to define how to reach the remote router.
C. Save the configuration and reload the router.
D. Check whether the internet service provider link is stable

Correct Answer:​ A

New Question 33:

What is the optimal location from which to execute a debug command that produces an
excessive amount of information?

A. Vty lines
B. SNMP commands
C. A console port
D. An AUX port

Correct Answer: A

New Question 34:

What is the function of the snmp-server manager command?

A. To disable SNMP messages from getting to the SNMP engine
B. To enable the device to send SNMP traps to the SNMP server
C. To enable the device to send and receive SNMP requests and responses
D. To configure the SNMP server to store log data

Correct Answer: C
New Question 35:
 Updated & Revised 11/1/16

A network engineer receives reports about poor voice quality issues at a remote site. The
network engineer does a packet capture and sees out-of-order packets being delivered. Which
option can cause the VOIP quality to suffer?

A. traffic over backup redundant links

B. misconfigured voice vlan
C. speed duplex link issues
D. load balancing over redundant links

Correct Answer:​ D

New Question 36:

What following parameters for the EIGRP authentication need to match in order for EIGRP
neighbors to establish a neighbor relationship?

A. Autonomous System number.

B. K-Values
C. If authentication is used both: the key number, the password, and the date/time.
D. The neighbors must be on common subnet (all IGPs follow this rule).

Correct Answer: C

New Question 37:

A network administrator creates a static route that points directly to a multiaccess interface,
instead of the next-hop IP address. The administrator notices that Cisco Express Forwarding
ARP requests are being sent to all destinations. Which issue might this configuration create?
A. Low bandwidth usage
B. High memory usage
C. Cisco Express Forwarding routing loop
D. High bandwidth usage
E. IP route interference

Correct Answer:​ C

New Question 38:

 Updated & Revised 11/1/16

A network engineer is configuring the router for NetFlow data exporting. What is required in
order for NDE to begin exporting data?
A. Source
B. Flow mask
C. Destination
D. Interface type
E. Traffic type
F. NetFlow version

Correct Answer:​ C

New Question 39:

A network engineer wants to ensure an optimal end-to-end delay bandwidth product. The delay
is less than 64 KB. Which TCP feature ensures steady state throughput?

A. Window scaling
B. Network buffers
C. Round-trip timers
D. TCP acknowledgments

Correct Answer:​ A

New Question 40:

Reter to the exhibit. Router 1 cannot ping router 2 via the Frame Relay between them. Which
two statements describe the problems? (Chooses two.)

A. Encapsulation is mismatched.
 Updated & Revised 11/1/16

B. Frame Relay map is configured.

C. DLCI is active.
D. DLCI is inactive or deleted.
E. An access list is needed to allow ping.

Correct Answer:​ A,D

New Question 41:

Which type of Ipv6 address is an identifier for a single interface on a single node?

A. Anycast
B. Broadcast
C. Multicast
D. Unicast

Correct Answer: Answer: ​D

New Question 42:

Which two functionalities are specific to stateless NAT64? (Choose two.)

A. No requirement exists for the characteristics of Ipv6 address assignment.

B. It does not conserve Ipv4 addresses.
C. It provides 1-to-1 translation.
D. It uses address overloading.
E. State or bindings are created on the translation.

Correct Answer: ​B,C

New Question 43:

On the OSPF Evaluation Simlet, everything is the same except for the question regards to
the Link between R3 and R2. See below for details:

Check the serial links connected to R3. Which statements are Correct Answer:?
 Updated & Revised 11/1/16

A. The neighbor command must be used on R1-R3 link to keep the adjacency up
B. The OSPF timer values of R2-R3 link are 30, 120, 120
C. The OSPF timer values of R1-R3 link should be 10,40,40
D. R3 must flood LSUs to all the routers on the network.

Correct Answer : ​A

Explanation:

The answer is no longer option B, now the answer is A since the values of the link between R3
and R2 changed. The values are no longer 30,120,120. The link between R1 and R3 is NBMA,
thus, it needs the neighbor command to keep the adjacency up.

New Question 44:

Other than a working EIGRP configuration, which option must be the same on all routers for
EIGRP authentication key rolleover to work correctly?

A. SMTP

B. SNMP

C. Passwords

D. Time

Correct Answer: ​D

New Question 45: Refer

to the Exhibit

​ Dest src state conn-id slot status

172.31.1.1 172.16.30.1 QM_IDLE 3 0 Active

 Updated & Revised 11/1/16

A network engineer is troubleshooting a DMVPN setup between the hub and the spoke. The
engineer executes the command show crypto isakmp sa and observes the output that is displayed.
What is the problem?

A. That ISAKMP is not enabled

B. That ISAKMP is using default settings

C. An incompatible IP sec transform set

D. An incompatible ISAKMP policy

Corect Answer: ​B

New Question 46:

In which form does PAP authentication send the username and password across the link?

A. Encrypted

B. Password protected

C. Clear text

D. Hashed

Correct Answer: ​C

New Question 47:

An engineer is using a network sniffer to troubleshoot DHCPv6 between a router and hosts on
the LAN with the following configuration:

Interface Ethernet0

Ipv6 dhcp server DHCPSERVERPOOL rapid-commit

Which two DHCPv6 messages will appear in the sniffer logs?

 Updated & Revised 11/1/16

A. reply

B. request

C. advertise

D. acknowledge

E. solicit

F. accept

Correct Answer: ​A,E

New Question 48:

 Updated & Revised 11/1/16

New Question 49:

How should a router that is being used in a Frame Relay network be configured to keep split
horizon issues from preventing routing updates?

A. Configure a separate subinterface for each PVC with a unique DLCI and subnet assigned to
the subinterface.

B. Configure each Frame Relay circuit as a point-to-point line to support multicast and broadcast
traffic.

C. Configure many subinterfaces in the same subnet.

D. Configure a single subinterface to establish multiple PVC connections to multiple remote

router interfaces.

Correct Answer: ​A

New Question 50:

Which mode of uRPF causes a router interface to accept a packet, if the network to which the
packet’s source IP address belongs is found in the router’s FIB?

A. Strict mode

B. Loose mode

C. Auto mode

D. Desirable mode

Correct Answer: ​B

New Question 51:

Which of the following are characteristics of TACACS+? (Choose two.)

A. Uses UDP
 Updated & Revised 11/1/16

B. Encrypts an entire packet

C. Offers robust accounting

D. Cisco-proprietary

Correct Answer: ​B,D

New Question 52:

Which two options are causes of out-of-order packets? (Choose two.)

A. a routing loop

B. a router in the packet flow path that is intermittently dropping packets

C. high latency

D. packets in a flow traversing multiple paths through the network.

E. some packets in a flow being process-switched and others being interrupt-switched on a

transit Router.

Correct Answer: ​D,E

New Question 53:

Your company uses Voice over IP (VoIP). The system sends UDP datagrams containing the
voice data between communicating hosts. When areas of the network become busy, some of the
datagrams arrive at their destination out of order. What happens when this occurs?

A. UDP will send an ICMP Information request message to the source host.

B. UDP will pass the information in the datagrams up to the next OSI layer in the order in

which they arrive.

C. UDP will drop the datagrams that arrive out of order.

D. UDP will use the sequence numbers in the datagram headers to reassemble the data
 Updated & Revised 11/1/16

Correct Answer: ​B

New Question 54:

Which alerts will be seen on the console when running the command: logging console warnings?

A. warnings only

B. warnings, notifications, error, debugging, informational

C. warnings, errors, critical, alerts, emergencies

D. notifications, warnings, errors

E. warnings, errors, critical, alerts

Correct Answer: ​C

New Question 55:

Which IP SLA operation requires Cisco endpoints?

A. UDP Jitter for VoIP

B. ICMP Path Echo

C. ICMP Echo

D. UDP Jitter

Correct Answer:​ A

New Question 56:

Meaning of priority 0 configured in ospf router?

(Sorry do not know the answer choices for this one. Refer to Explanation for information)

Explanation:​ If needed, you can set the priority value to 0 in order to configure a router to never
become a DR/BDR. This is necessary in hub and spoke networks where the hub should be
configured to become the DR, where as the spokes should neither be DR nor BDR.
 Updated & Revised 11/1/16

New Question 57:

What is not supported by Unicast Reverse Path Forwarding interface?

A. Ping to self router

B. Default Route

C. ACL access

D. Searchable both

Correct Answer: ​C