Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: force70

  1. Home
  2. Cisco
  3. CCNP Enterprise
  4. 300-410
  5. Implementing Cisco Enterprise Advanced Routing and Services (300-410 ENARSI) Questions and Answers

Pass the Cisco CCNP Enterprise 300-410 Questions and answers with CertsForce

 Cisco Exams      Go to Exam Detail      Get Premium Access
Viewing page 8 out of 13 pages
Viewing questions 106-120 out of questions
Questions # 106:

What is a limitation of IPv6 RA Guard?

Options:
A.

It is not supported in hardware when TCAM is programmed

B.

It does not offer protection in environments where IPv6 traffic is tunneled.

C.

It cannot be configured on a switch port interface in the ingress direction

D.

Packets that are dropped by IPv6 RA Guard cannot be spanned

Expert Solution
Questions # 107:

Which statement about route distinguishers in an MPLS network is true?

Options:
A.

Route distinguishers allow multiple instances of a routing table to coexist within the edge router.

B.

Route distinguishers are used for label bindings.

C.

Route distinguishers make a unique VPNv4 address across the MPLS network.

D.

Route distinguishers define which prefixes are imported and exported on the edge router.

Expert Solution
Questions # 108:

Which component of MPLS VPNs is used to extend the IP address so that an engineer is able to

identify to which VPN it belongs?

Options:
A.

VPNv4 address family

B.

RD

C.

RT

D.

LDP

Expert Solution
Questions # 109:

Which label operations are performed by a label edge router?

Options:
A.

SWAP and POP

B.

SWAP and PUSH

C.

PUSH and PHP

D.

PUSH and POP

Expert Solution
Questions # 110:

Which statement about IPv6 RA Guard is true?

Options:
A.

It does not offer protection in environments where IPv6 traffic is tunneled.

B.

It cannot be configured on a switch port interface in the ingress direction.

C.

Packets that are dropped by IPv6 RA Guard cannot be spanned.

D.

It is not supported in hardware when TCAM is programmed.

Expert Solution
Questions # 111:

Refer to the exhibit.

Question # 111

An engineer configures a static route on a router, but when the engineer checks the route

to the destination, a different next hop is chosen. What is the reason for this?

Options:
A.

Dynamic routing protocols always have priority over static routes.

B.

The metric of the OSPF route is lower than the metric of the static route.

C.

The configured AD for the static route is higher than the AD of OSPF.

D.

The syntax of the static route is not valid, so the route is not considered.

Expert Solution
Questions # 112:

Refer to the exhibit.

Question # 112

An engineer is trying to block the route to 192.168.2.2 from the routing table by using the

configuration that is shown. The route is still present in the routing table as an OSPF route. Which action blocks the route?

Options:
A.

Use an extended access list instead of a standard access list.

B.

Change sequence 10 in the route-map command from permit to deny.

C.

Use a prefix list instead of an access list in the route map.

D.

Add this statement to the route map: route-map RM-OSPF-DL deny 20.

Expert Solution
Questions # 113:

Refer to the exhibit.

Question # 113

Why is user authentication being rejected?

Options:
A.

The TACACS+ server expects “user”, but the NT client sends “domain/user”.

B.

The TACACS+ server refuses the user because the user is set up for CHAP.

C.

The TACACS+ server is down, and the user is in the local database.

D.

The TACACS+ server is down, and the user is not in the local database.

Expert Solution
Questions # 114:

Which two methods use IPsec to provide secure connectivity from the branch office to the headquarters office? (Choose two.)

Options:
A.

DMVPN

B.

MPLS VPN

C.

Virtual Tunnel Interface (VTI)

D.

SSL VPN

E.

PPPoE

Expert Solution
Questions # 115:

Drag and drop the MPLS VPN concepts from the left onto the correct descriptions on the right.

Question # 115

Expert Solution
Questions # 116:

Which statement about IPv6 ND inspection is true?

Options:
A.

It learns and secures bindings for stateless autoconfiguration addresses in Layer 3 neighbor tables.

B.

It learns and secures bindings for stateless autoconfiguration addresses in Layer 2 neighbor tables.

C.

It learns and secures bindings for stateful autoconfiguration addresses in Layer 3 neighbor tables.

D.

It learns and secures bindings for stateful autoconfiguration addresses in Layer 2 neighbor tables.

Expert Solution
Questions # 117:

Refer to the exhibit.

Question # 117

An engineer is trying to configure local authentication on the console line, but the device is trying to authenticate using TACACS+. Which action produces the desired configuration?

Options:
A.

Add the aaa authentication login default none command to the global configuration.

B.

Replace the capital “C” with a lowercase “c” in the aaa authentication login Console local command.

C.

Add the aaa authentication login default group tacacs+ local-case command to the globalconfiguration.

D.

Add the login authentication Console command to the line configuration

Expert Solution
Questions # 118:

Which command displays the IP routing table information that is associated with VRF-Lite?

Options:
A.

show ip vrf

B.

show ip route vrf

C.

show run vrf

D.

show ip protocols vrf

Expert Solution
Questions # 119:

Refer to the exhibit.

Question # 119

Users report that IP addresses cannot be acquired from the DHCP server. The DHCP

server is configured as shown. About 300 total nonconcurrent users are using this DHCP server, but none of them are active for more than two hours per day. Which action fixes the issue within the current resources?

Options:
A.

Modify the subnet mask to the network 192.168.1.0 255.255.254.0 command in the DHCP pool

B.

Configure the DHCP lease time to a smaller value

C.

Configure the DHCP lease time to a bigger value

D.

Add the network 192.168.2.0 255.255.255.0 command to the DHCP pool

Expert Solution
Questions # 120:

An engineer configured SNMP notifications sent to the management server using authentication and encrypting data with DES. An error in the response PDU is received as " UNKNOWNUSERNAME. WRONGDIGEST " . Which action resolves the issue?

Options:
A.

Configure the correct authentication password using SNMPv3 authPriv .

B.

Configure the correct authentication password using SNMPv3 authNoPriv.

C.

Configure correct authentication and privacy passwords using SNMPv3 authNoPriv.

D.

Configure correct authentication and privacy passwords using SNMPv3 authPriv.

Expert Solution
Viewing page 8 out of 13 pages
Viewing questions 106-120 out of questions