Leads4Pass CCNP Enterprise 300-410 dumps contain 925 latest exam questions and answers: https://www.leads4pass.com/300-410.html. Candidates can choose either PDF or VCE tools to help them practice the exam.
Leads4Pass CCNP Enterprise 300-410 dumps have undergone a major revision, removing exam questions with low compliance and adding exam questions that meet new topics and actual needs, ensuring 100% compliance with actual exam requirements.
[Free share] Leads4Pass CCNP Enterprise 300-410 dumps Exam practice questions
| Formart | Number of exam questions | Free Share | Related Certifications |
| PDF + VCE | 925 Q&A | 15 Q&A (online Document) | CCNP Enterprise |
Question 1:
Refer to the exhibit.
An engineer must redistribute networks 192.168.10.0/24 and 192.168.20.0/24 into OSPF from EIGRP. where the metric must be added when traversing through multiple hops to start an external route of 20 The engineer notices that the external metric is fixed and does not add at each hop.
Which configuration resolves the issue?
A. R2(config)#access-list 10 permit 192.168.10.0 0.0.0.255 R2(config)#access-list 10 permit 192.168.20.0 0.0.0.255 ! R2(config)#route-map RD permit 10 R2(config-route-map)#match ip address 10 R2(config-route-map)#set metric 20 R2(config-route-map)#set metric-type type-2 ! R2(config)#router ospf 10 R2(config-router)#redistribute eigrp 10 subnets route-map RD
B. R2(config)#access-list 10 permit 192.168.10.0 0.0.0.255 R2(config)#access-list 10 permit 192.168.20.0 0.0.0.255 ! R2(config)#route-map RD permit 10 R2(config-route-map)#match ip address 10 R2(config-route-map)#set metric 20 R2(config-route-map)#set metric-type type-1 ! R2(config)#router ospf 10 R2(config-router)#redistribute eigrp 10 subnets route-map RD
C. R1(config)#access-list 10 permit 192.168.10.0 0.0.0.255 R1(config)#access-list 10 permit 192.168.20.0 0.0.0.255 ! R1(config)#route-map RD permit 10 R1(config-route-map)#match ip address 10 R1(config-route-map)#set metric 20 R1(config-route-map)#set metric-type type-1 ! R1(config)#router ospf 10 R1(config-router)#redistribute eigrp 10 subnets route-map RD
D. R1(config)#access-list 10 permit 192.168.10.0 0.0.0.255 R1(config)#access-list 10 permit 192.168.20.0 0.0.0.255 ! R1(config)#route-map RD permit 10 R1(config-route-map)#match ip address 10 R1(config-route-map)#set metric 20 R1(config-route-map)#set metric-type type-2 ! R1(config)#router ospf 10 R1(config-router)#redistribute eigrp 10 subnets route-map RD
Correct Answer: B
Question 2:
When configuring a DMVPN solution, which technology allows the spoke routers to use dynamic IP addressing?
A. IPsec
B. mGRE
C. NHRP
D. Dynamic routing protocols
Correct Answer: C
Next Hop Resolution Protocol (NHRP) allows the spoke routers to register their IP addresses with the NHRP server, which is the hub router. It also allows the spoke routers to then learn the physical IP addresses of the other spoke routers
from the hub router, allowing for GRE links to be built dynamically as needed between the spokes. This eliminates the need for the traffic to go through the hub router.
Dynamic Multipoint VPN (DMVPN) technology leverages the following associated technologies:
IPsec
mGRE
Dynamic routing protocols
NHRP
Cisco Express Forwarding
It makes it possible to build the hub router once and add spokes later, making no additional changes to the hub. The spokes can register with the hub and dynamically build their connections to other spokes using the IP addresses
learned from the hub using NHRP. DMVPN also allows IPsec point-to-point GRE tunnels to be built to new spokes with no IPsec peering configuration. The multipoint GRE technology (mGRE) allows a single physical interface on the hub to
be used for all spoke connections.
Finally, the routing protocols used by DMVPN allow the routers to share routing information, while Cisco Express Forwarding (CEF) is a switching technology that improves performance while reducing the load on the routers’ CPUs.
Objective:
VPN Technologies
Sub-Objective:
Describe DMVPN (single hub)
References:
Cisco > Dynamic Multipoint VPN (DMVPN) Design Guide (Version 1.1) > DMVPN Design Overview
Question 3:
Which two protocols can cause TCP starvation? (Choose two)
A. TFTP
B. SNMP
C. SMTP
D. HTTPS
E. FTP
Correct Answer: AB
Question 4:
What are two characteristics of VRF instances? (Choose two.)
A. All VRFs share customer routing and CEF tables.
B. An interface must be associated with one VRF.
C. Each VRF has a different set of routing and CEF tables
D. It is defined by the VPN membership of a customer site attached to a P device.
E. A customer site can be associated with different VRFs
Correct Answer: BC
Two characteristics of a VRF (Virtual Routing and Forwarding) instance are:
Each VRF has a different set of routing and CEF tables: VRFs maintain separate routing and CEF (Cisco Express Forwarding) tables, allowing different VRFs to have isolated routing information and forwarding decisions.
An interface must be associated with one VRF: Interfaces on a router or switch are typically associated with a specific VRF. This association ensures that traffic on that interface is segregated and follows the routing information within the
designated VRF.
Question 5:
DRAG DROP Refer to the exhibit.
Drag and drop the credentials from the left onto the remote login information on the right to resolve a failed login attempt to vtys. Not all credentials are used.
Select and Place:
Correct Answer:
vty 0:
+
cisco
+
0csic
vty 1:
+
no username
+
no password
The command “aaa authentication login default none” means no authentication is required when accessing the device via Console/VTY/AUX so if one interface does not specify another login authentication method (via the “login authentication …” command), it will allow to access without requiring username or password. In this case, VTY 1 does not specify another authentication login method so it will use the default method (which is “none” in this case).
Question 6:
Refer to the exhibit.
AS111 is receiving its own routes from AS200 causing a loop in the network.
Which configuration provides loop prevention?
A. router bgp 111 neighbor 195.1.1.1 as-override neighbor 195.1.2.2 as-override
B. router bgp 111 neighbor 195.1.1.1 as-override no neighbor 195.1.2.2 allows-in
C. router bgp 111 no neighbor 195.1.1.1 allows-in no neighbor 195.1.2.2 allows-in
D. router bgp 111 neighbor 195.1.2.2 as-override no neighbor 195.1.1.1 allows-in
Correct Answer: C
Question 7:
You instructed your associate to configure Router R2 to reject a redistribution of the 20.0.0.0/8 network, while still receiving routes from other networks connected to Router R1. The diagram below displays the network in place:
When he is finished, you find that the 20.0.0.0/8 network is still being advertised and traffic from the 20.0.0.0/8 network is not reaching Router2. You execute the show running-configuration command and see the following output:
What is the problem?
A. The access list was applied to the wrong interface.
B. The access list should have been configured as a distribution list.
C. The access list has an incorrect wildcard mask.
D. The access list is applied in the wrong direction.
Correct Answer: B
The access list should have been created as a distribution list to control route redistribution from the other area. This configuration would prevent the redistribution of the 20.0.0.0/8 network by applying the list as a distributed list under the Border
Gateway Protocol (BGP). The proper commands would be:
Router2(config)# router bgp 94688
Router2(config-router)# distribute-list 101 in
To correct the problem with traffic not arriving from the 20.0.0.0/8 network, you must remove the application of the list under interface S0 as well. This would be done by executing the following command set:
Router2(config)# interface Serial1
Router2(config-int)# no ip access-group 101 in
The access list was not applied to the wrong interface. It should not have been applied directly to any interface. When applied directly as an access list to an interface, it will prevent traffic, but not the redistribution of routes.
The access list does not have an incorrect wildcard mask. To prevent the redistribution of a Class C network, the correct wildcard mask is 0.0.0.255.
The access list was not applied in the wrong direction. It should be applied incoming, but should be applied as an incoming distribute-list, and it should be applied under the BGP protocol.
Objective:
Layer 3 Technologies
Sub-Objective:
Configure and verify filtering with any protocol
References:
Cisco IOS Master Command List, Release 12.4T > d > distribute-list in (IP) Cisco > Home > Support > Technology Support > IP > IP Routing > Design > Design Technotes > Filtering Routing Updates on Distance Vector IP Routing Protocols
Question 8:
Which of the following commands configures an SNMP host to authenticate a user by username and send clear text notifications, the receipt of which will be acknowledged by the receiver?
A. Router(config)# snmp-server host 192.168.5.5 informs version 3 noauth CISCO
B. Router(config)# snmp-server host 192.168.5.5 traps version 3 auth CISCO
C. Router(config)# snmp-server host 192.168.5.5 informs version 2c CISCO
D. Router(config)# snmp-server host 192.168.5.5 informs version 3 authpriv CISCO
Correct Answer: A
The command snmp-server host 192.168.5.5 informs version 3 noauth CISCO will configure the host to authenticate a user by username and send clear text notifications. The receiver will then acknowledge receipt of the notification. The
keyword informs indicates that an inform message type will be used. Unlike a trap, an informed message is acknowledged by the receiver.
The version 3 keyword indicates that version 3 is in use, which is the ONLY version that supports authentication and encryption. Finally, the noauth keyword specifies authentication by username only and no encryption.
The command snmp-server host 192.168.5.5 traps version 3 auth CISCO configures the host to send traps rather than informs.
The command snmp-server host 192.168.5.5 informs version 2c CISCO specifies version 2c, which only support community string-based authentication.
The command snmp-server host 192.168.5.5 informs version 3 authpriv CISCO specifies the keyword authpriv, which indicates encryption will be used and authentication based on HMAC-MD5 or HMAC-SHA algorithms.
Objective:
Infrastructure Services
Sub-Objective:
Configure and verify SNMP
References:
Configuring SNMP Support > Understanding SNMP > SNMP Versions Cisco IOS Network Management Command Reference > snmp-server engineID local through snmp trap link- status > snmp-server host
Question 9:
Refer to the exhibit.
The network administrator has configured the Customer Edge router (AS 64511) to send only summarized routes toward ISP-1 (AS 100) and ISP-2 (AS 200).
After this configuration, ISP-1 and ISP-2 continue to receive the specific routes and the summary route.
Which configuration resolves the issue?
A. router bgp 64511 aggregate-address 172.16.20.0 255.255.252.0 summary-only
B. router bgp 64511 neighbor 192.168.100.1 summary-only neighbor 192.168.200.2 summary-only
C. interface E 0/0 ip bgp suppress-map BLOCK_SPECIFIC! interface E 0/1 ip bgp suppress-map BLOCK_SPECIFIC ! ip prefix-list PL_BLOCK_SPECIFIC permit 172.16.20.0/22 ge 24 ! route-map BLOCK_SPECIFIC permit 10 match ip address prefix-list PL_BLOCK_SPECIFIC
D. ip prefix-list PL_BLOCK_SPECIFIC deny 172.16.20.0/22 ge 22 ip prefix-list PL BLOCK SPECIFIC permit 172.16.20.0/22! route-map BLOCK_SPECIFIC permit 10 match ip address prefix-list PL_BLOCK_SPECIFIC! router bgp 64511 aggregate-address 172.16.20.0 255 255.252.0 suppress-map BLOCKSPECIFIC
Correct Answer: A
When the aggregate-address command is used within BGP routing, the aggregated address is advertised, along with the more specific routes. The exception to this rule is through the use of the summary-only command. The “summary-only” keyword suppresses the more specific routes and announces only the summarized route.
Question 10:
Refer to the exhibit. Which configuration configures a policy on R1 to forward any traffic that is sourced from the 192.168.130.0/24 network to R2?
A. access-list 1 permit 192.168.130.0 0.0.0.255 ! interface Gi0/2 ip policy route-map test ! route-map test permit 10 match ip address 1 set ip next-hop 172.20.20.2
B. access-list 1 permit 192.168.130.0 0.0.0.255 ! interface Gi0/1 ip policy route-map test ! route-map test permit 10 match ip address 1 set ip next-hop 172.20.40.2
C. access-list 1 permit 192.168.130.0 0.0.0.255 ! interface Gi0/2 ip policy route-map test ! r oute-map test permit 10 match ip address 1 set ip next-hop 172.20.20.1
D. access-list 1 permit 192.168.130.0 0.0.0.255 ! interface Gi0/1 ip policy route-map test ! route-map test permit 10 match ip address 1 set ip next-hop 172.20.40.1
E. access-list 1 permit 192.168.130.0 0.0.0.255 ! interface Gi0/1 ip policy route-map test ! route-map test permit 10 match ip address 1 set ip next-hop 172.20.20.1
Correct Answer: D
Question 11:
An engineer is implementing a coordinated change with a server team. As part of the change, the engineer must configure interface GigabitEthernet2 in an existing VRF “RED” then move the interface to an existing VRF “BLUE” when the server team is ready. The engineer configured interface GigabitEthernet2 in VRF “RED”:
interface GigabitEthernet2 description Migration ID: B410A82D0935G35 vrf forwarding RED ip address 10.0.0.0 255.255.255.254 negotiation auto
Which configuration completes the change?
A. interface GigabitEthernet2 no vrf forwarding RED vrf forwarding BLUE ip address 10.0.0.0 255.255.255.254
B. interface GigabitEthernet2 no ip address vrf forwarding BLUE
C. interface GigabitEthernet2 no vrf forwarding RED vrf forwarding BLUE
D. interface GigabitEthernet2 no ip address ip address 10.0.0.0 255.255.255.254 vrf forwarding BLUE
Correct Answer: A
When assigning an interface to a VRF, the IP address will be removed so we have to reassign the IP address to thatinterface.
Question 12:
While working with software images, an engineer observes that Cisco DNA Center cannot upload its software image directly from the device. Why is the image not uploading?
A. The device must be resynced to Cisco DNA Center.
B. The software image for the device is in install mode.
C. The device has lost connectivity to Cisco DNA Center.
D. The software image for the device is in bundle mode
Correct Answer: B
Upload Software Images for Devices in Install Mode The Image Repository page might show a software image as being in Install Mode. When a device is in Install Mode, Cisco DNA Center is unable to upload its software image directly from the device. When a device is in install mode, you must first manually upload the software image to the Cisco DNA Center repository before marking the image as golden, as shown in the following steps.
Question 13:
What is the term used when it causes the packets to lose their MPLS labels including the VPN information that lies in the inner MPLS Label i.e. if a packet goes through an untagged interface, the VPN information is lost and VPN sites lose connectivity?
A. Pseudowire
B. Black Hole
C. Traffic Engineering
D. Active Network Abstraction
Correct Answer: B
Question 14:
Refer to the exhibit.
An administrator that is connected to the console does not see debug messages when remote users log in. Which action ensures that debug messages are displayed for remote logins?
A. Enter the transport input ssh configuration command.
B. Enter the terminal monitor exec command.
C. Enter the logging console debugging configuration command.
D. Enter the aaa new-model configuration command.
Correct Answer: C
Question 15:
An engineer configures PBR en R5 and wants to create a policy that matches traffic destined for 10.10.10.0/24 and forwards it toward 10.1.1 1. This traffic must also have its IP precedence set to 5. All other traffic should be forwarded toward 10.1.1.2 and have its IP precedence set to 0.
Which configuration meets the requirements?
A. access-list 1 permit 10.10.10.0 0.0.0.255 access-list 2 permit any route-map CCNP permit 10 match ip address 1 set ip next-hop 10.1.1.1 set ip precedence 5 ! route-map CCNP permit 20 match ip address 2 set ip next-hop 10.1.1.2 set ip precedence 0route-map CCNP permit 30
B. access-list 100 permit ip any 10.10.10.0 0.0.0.255 route-map CCNP permit 10 match ip address 100 set ip next-hop 10.1.1.1 set ip precedence 0 ! route-map CCNP permit 20 set ip next-hop 10.1.1.2 set ip precedence 5 ! route-map CCNP permit 30
C. access-list 1 permit 10.10.10.0 0.0.0.255 route-map CCNP permit 10 match ip address 1 set ip next-hop 10.1.1.1 set ip precedence 5 ! route-map CCNP permit 20 set ip next-hop 10.1.1.2 set ip precedence 0
D. access-list 100 permit ip any 10.10.10.0 0.0.0.255 route-map CCNP permit 10 match ip address 100 set ip next-hop 10.1.1.1 set ip precedence 5 ! route-map CCNP permit 20 set ip next-hop 10.1.1.2 set ip precedence 0
Correct Answer: D
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/pbroute.pdf Classify traffic based on extended access list criteria.
…
Leads4Pass CCNP Enterprise 300-410 dumps are the latest exam materials! After a major revision, the success rate is closer to 100%, ensuring that candidates can pass the exam easily!
Download CCNP Enterprise 300-410 actual exam questions and answers: https://www.leads4pass.com/300-410.html (925 Q&A)