• Home
  • Articles
  • [Sep-2021] Pass Cisco 300-410 Exam in First Attempt Guaranteed! [Q96-Q119]

[Sep-2021] Pass Cisco 300-410 Exam in First Attempt Guaranteed! [Q96-Q119]

Share

[Sep-2021] Pass Cisco 300-410 Exam in First Attempt Guaranteed!

Full 300-410 Practice Test and 215 unique questions with explanations waiting just for you, get it now!

NEW QUESTION 96
Refer to the exhibit.

The OSPF routing protocol is redistributed into the BGP routing protocol, but not all the OSPF routes are distributed into BGP Which action resolves the issue?

  • A. Use a route-map command to redistribute OSPF external routes defined in a prefix list.
  • B. Include the word internal external in the redistribute command
  • C. Use a route-map command to redistribute OSPF external routes defined in an access list
  • D. Include the word external in the redistribute command

Answer: C

 

NEW QUESTION 97
An engineer configured a leak-map command to summarize EIGRP routes and advertise specifically loopback
0 with an IP of 10.1.1.1.255.255.255.252 along with the summary route. After finishing configuration, the customer complained not receiving summary route with specific loopback address. Which two configurations will fix it? (Choose two.)

  • A. Configure route-map Leak-Route permit 20.
  • B. Configure access-list 1 and match under route-map Leak-Route.
  • C. Configure access-list 1 permit 10.1.1.0.0.0.0.3.
  • D. Configure access-list 1 permit 10.1.1.1.0.0.0.252.
  • E. Configure route-map Leak-Route permit 10 and match access-list 1.

Answer: C,E

Explanation:
Explanation
When you configure an EIGRP summary route, all networks that fall within the range of your summary are suppressed and no longer advertised on the interface. Only the summary route is advertised. But if we want to advertise a network that has been suppressed along with the summary route then we can use leak-map feature. The below commands will fix the configuration in this question:
R1(config)#access-list 1 permit 10.1.1.0 0.0.0.3
R1(config)#route-map Leak-Route permit 10 // this command will also remove the "route_map Leak-Route deny 10" command.
R1(config-route-map)#match ip address 1

 

NEW QUESTION 98
Refer to the exhibit.

An IP SLA was configured on router R1 that allows the default route to be modified in the event that Fa0/0 loses reachability with the router R3 Fa0/0 interface. The route has changed to flow through router R2. Which debug command is used to troubleshoot this issue?

  • A. debug ip packet
  • B. debug ip sla error
  • C. debug ip routing
  • D. debug ip flow

Answer: C

Explanation:
Explanation
debug ip routing This command enables debugging messages related to the routing table.

 

NEW QUESTION 99
Drag and drop the addresses from the left onto the correct IPv6 filter purposes on the right.

Answer:

Explanation:

Explanation
Same Answer is already updated below:

HTTP and HTTPs run on TCP port 80 and 443, respectively and we have to remember them.
Syslog runs on UDP port 514 while NTP runs on UDP port 123 so if we remember them we can find out the matching answers easily. But maybe there is some typos in this question as 2001:d88:800:200c::c/126 only ranges from 2001:d88:800:200c:0:0:0:c (4 hosts in total). It does not cover host 2001:0D88:0800:200c::1f. Same for , which also ranges from
2001:d88:800:200c:0:0:0:c to 2001:d88:800:200c:0:0:0:f and does not cover host 2001:0D88:0800:200c::1c
.

 

NEW QUESTION 100
Refer to the exhibit.

A network administrator is discovering a Cisco Catalyst 9300 and a Cisco WLC 3504 in Cisco DNA Center. The Catalyst 9300 is added successfully However the WLC is showing [ error "uncontactable" when the administrator tries to add it in Cisco DNA Center. Which action discovers WLC in Cisco DNA Center successfully?

  • A. Copy the .cert file from the Cisco DNA Center on the USB and upload it to the WLC 3504.
  • B. Delete the WLC 3504 from Cisco DNA Center and add it to Cisco DNA Center again.
  • C. Copy the .pern file from the Cisco DNA Center on the USB and upload it to the WLC 3504.
  • D. Add the WLC 3504 under the hierarchy of the Catalyst 9300 connected devices.

Answer: C

Explanation:
https://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/109597-csr-chained-certificates-wlc-00.html#anc12

 

NEW QUESTION 101
Refer to the exhibit.

The ACL is placed on the inbound Gigabit 0/1 interface of the router. Host
192.168.10.10cannot SSH to host 192.168.100.10 even though the flow is permitted. Which action resolves the issue without opening full access to this router?

  • A. Temporarily remove the ACL from the interface to see if the flow works
  • B. Temporarily move the permit ip any any line to the beginning of the ACL to see if the flow works
  • C. Run the show access-list FILTER command to view if the SSH entry has any hit statistic associated with it
  • D. Move the SSH entry to the beginning of the ACL

Answer: D

 

NEW QUESTION 102
Which command displays the IP routing table information that is associated with VRF-Lite?

  • A. show ip protocols vrf
  • B. show ip vrf
  • C. show ip route vrf
  • D. show run vrf

Answer: C

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/50sg/configuration/guide/Wrapper-46SG/vrf.html#wp1045708

 

NEW QUESTION 103
Refer to the exhibit.

A company is evaluating multiple network management system tools. Trending graphs generated by SNMP data are returned by the NMS and appear to have multiple gaps. While troubleshooting the issue, an engineer noticed the relevant output. What solves the gaps in the graphs?

  • A. Remove the exceed-rate command in the class map.
  • B. Configure the CIR rate to a lower value that accommodates all the NMS tools
  • C. Remove the class map NMS from being part of control plane policing.
  • D. Separate the NMS class map in multiple class maps based on the specific protocols with appropriate CoPP actions

Answer: D

 

NEW QUESTION 104
Which component of MPLS VPNs is used to extend the IP address so that an engineer is able to identify to which VPN it belongs?

  • A. LDP
  • B. VPNv4 address family
  • C. RD
  • D. RT

Answer: C

 

NEW QUESTION 105
Refer to the exhibit. The engineer configured and connected Router2 to Router1. The link came up but could not establish a Telnet connection to Router1 IPv6 address of 2001:DB8::1. Which configuration allows Router2 to establish a Telnet connection to Router1?

  • A. permit ip any any on access list EGRESS2 on Router1
  • B. jpv6 unicast-routing
  • C. IPv6 address on GigabitEthernet0/0
  • D. permit ICMPv6 on access list INGRESS for Router2 to obtain IPv6 address

Answer: A

 

NEW QUESTION 106
Refer to the exhibit.

An engineer is trying to configure local authentication on the console line, but the device is trying to authenticate using TACACS+. Which action produces the desired configuration?

  • A. Add the login authentication Console command to the line configuration
  • B. Add the aaa authentication login default group tacacs+ local-case command to the global configuration.
  • C. Add the aaa authentication login default none command to the global configuration.
  • D. Replace the capital "C" with a lowercase "c" in the aaa authentication login Console local command.

Answer: A

Explanation:
Reference:
https://community.cisco.com/t5/switching/how-to-define-login-local-for-console-0/td-p/2949493

 

NEW QUESTION 107
While working with software images, an engineer observes that Cisco DNA Center cannot upload its software image directly from the device. Why is the image not uploading?

  • A. The software image for the device is in install mode.
  • B. The device must be resynced to Cisco DNA Center.
  • C. The device has lost connectivity to Cisco DNA Center.
  • D. The software image for the device is in bundle mode

Answer: A

 

NEW QUESTION 108
Refer to the exhibit.

The Math and Science departments connect through the corporate IT router but users in the Math department must not be able to reach the Science department and vice versa Which configuration accomplishes this task?

  • A. vrf definition Science
    address-family ipv4
    !
    interface E 0/2
    vrf forwarding Science
    ip address 192.168.1.1 255.255.255.0
    no shut
    !
    interface E 0/3
    vrf forwarding Science
    ip address 192.168.2.1
  • B. vrf definition Science
    !
    interface E 0/2
    ip address 192.168.1.1 255.255.255.0
    no shut
    !
    interface E 0/3
    ip address 192.168.2.1 255.255.255.0
    no shut
  • C. vrf definition Science
    address-family ipv4
    !
    interface E 0/2
    ip address 192.168.1.1 255.255.255.0
    no shut
    !
    interface E 0/3
    ip address 192.168.2.1 255.255.255.0
    no shut
  • D. vrf definition Science
    address-family ipv4
    !
    interface E 0/2
    ip address 192.168.1.1 255.255.255.0
    vrf forwarding Science
    no shut
    !
    interface E 0/3
    ip address 192.168.2.1 255.255.255.0
    vrf forwarding Science
    no shut

Answer: A

 

NEW QUESTION 109
Which is statement about IPv6 inspection is true?

  • A. It teams and secures bindings for stateless autoconfiguration addresses in Layer 3 neighbor tables
  • B. It team and secures binding for stateless autoconfiguration addresses in Layer 2 neighbor tables.
  • C. It teams and secures bindings for stateful autoconfiguration addresses in Layer 2 neighbor tables
  • D. It learns and secures bindings for stateful autoconfiguration addresses in Layer 3 neighbor tables

Answer: A

 

NEW QUESTION 110
Refer to the exhibit.

The ACL is placed on the inbound Gigabit 0/1 interface of the router. Host
192.168.10.10cannot SSH to host 192.168.100.10 even though the flow is permitted. Which action resolves the issue without opening full access to this router?

  • A. Temporarily remove the ACL from the interface to see if the flow works
  • B. Temporarily move the permit ip any any line to the beginning of the ACL to see if the flow works
  • C. Run the show access-list FILTER command to view if the SSH entry has any hit statistic associated with it
  • D. Move the SSH entry to the beginning of the ACL

Answer: D

 

NEW QUESTION 111
Drag and drop the operations from the left onto the locations where the operations are performed on the right.

Answer:

Explanation:

 

NEW QUESTION 112
Drag and drop the SNMP attributes in Cisco IOS devices from the left onto the correct SNMPv2c or SNMPV3 categories on the right.

Answer:

Explanation:

 

NEW QUESTION 113
Refer to the exhibit.

Which configuration configures a policy on R1 to forward any traffic that is sourced from the 192.168.130.0/24 network to R2?

  • A. Option A
  • B. Option D
  • C. Option B
  • D. Option C

Answer: B

 

NEW QUESTION 114
Refer to the exhibit. R2 has two paths to reach 192.168.13.0/24. but traffic is sent only through R3. Which action allows traffic to use both paths?

  • A. Configure the delay 1 command under interface FastEthernet0/0 on R2.
  • B. Configure the variance 4 command under the EIGRP process on R2.
  • C. Configure the bandwidth 2000 command under interface FastEthernet0/0 on R2.

Answer: B

Explanation:
d. Configure the variance 2 command under the EIGRP process on R2
From the output of the "show ip eigrp topology ..." command, we notice network 192.168.13.0/24 was learned via two routes:+ From 192.168.23.3 (R3) with FD = 1075200 and AD = 281600+ From 192.168.12.1 (R1) with FD = 2611200 and AD = 281600 From the output of the "show ip route ..." command, we learned that the best (and chosen) path is via 192.168.23.3 (R3).
To use both paths (called unequal cost load balancing) with EIGRP, the second path via R1 must satisfy the feasibility condition. The feasibility condition states that, theAdvertised Distance (AD) of a route must be lower than the feasible distance of the current successor route.
In this case, the second path satisfies the feasible condition as its AD (281600) is smaller than the FD (1075200) of the best path. Therefore we can configure loadbalancing with "variance" command.
In other words, EIGRP will install all paths with metric < variance * best_metric into the local routing table, provided that it meets the feasibility condition to preventrouting loop. Therefore we can calculate the variance > metric / best_metric = 2611200 / 1075200 =2.4.
So with a variance greater than 2 (and must be an integer), we can load balance traffic to network 192.168.13.0/24.

 

NEW QUESTION 115
Refer to the exhibit.

An IPv6 network was newly deployed in the environment and the help desk reports that R3 cannot SSH to the R2s Loopback interface. Which action resolves the issue?

  • A. Modify line 10 of the access list to permit instead of deny.
  • B. Remove line 70 from the access list.
  • C. Remove line 60 from the access list.
  • D. Modify line 30 of the access list to permit instead of deny.

Answer: D

 

NEW QUESTION 116
Refer to the exhibit.

An IP SLA is configured to use the backup default route when the primary is down, but it is not working as desired. Which command fixes the issue?

  • A. R1(config)# ip route 0.0.0.0.0.0.0.0.2.2.2.2
  • B. R1(config)#ip sla track 1
  • C. R1(config)# ip route 0.0.0.0.0.0.0.0.2.2.2.2 10 track 1
  • D. R1(config)# ip route 0.0.0.0.0.0.0.0.1.1.1.1 track 1

Answer: D

Explanation:
Reference:
Note: By default Static Router AD value-1 hence ip route 0.0.0.0. 0.0.0.0. 1.1.1.1 track 1 means AD-1 which must be less than of back up route AD.
Define the backup route to use when the tracked object is unavailable. !--- The administrative distance of the backup route must be greater than !--- the administrative distance of the tracked route. !--- If the primary gateway is unreachable, that route is removed !--- and the backup route is installed in the routing table !--- instead of the tracked route.
https://www.cisco.com/c/en/us/support/docs/ip/ip-routing/200785-ISP-Failover-with-default-routes-using-I.html
https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118962-configure-asa-00.html

 

NEW QUESTION 117
Refer to the exhibits.

When DMVPN is configured, which configuration allows spoke-to-spoke communication using loopback as tunnel source?

  • A. Configure crypto isakmp key cisco address 200.1.0.0 255.255.0.0 on the spokes.
  • B. Configure crypto isakmp key cisco address 0.0.0.0 on the hub.
  • C. Configure crypto isakmp key Cisco address 200.1.0.0 255.255.0.0 on the hub.
  • D. Configure crypto isakmp key cisco address 0.0.0.0 on the spokes.

Answer: B

 

NEW QUESTION 118
Refer to the exhibit.


The administrator can see the traps for the failed login attempts, but cannot see the traps of successful login attempts. What command is needed to resolve the issue?

  • A. Configure logging history 3
  • B. Configure logging history 5
  • C. Configure logging history 4
  • D. Configure logging history 2

Answer: B

Explanation:
Explanation
By default, the maximum severity sent as a syslog trap is warning. That is why you see syslog traps for login failures. Since a login success is severity 5 (notifications), those syslog messages will not be converted to traps. To fix this, configure:

Note:
The syntax of login block is:
login block-for seconds attempts tries within seconds

 

NEW QUESTION 119
......

Prepare for your Cisco certification with the updated PassSureExam 300-410 exam questions: https://drive.google.com/open?id=1y2sDlOgdPDzW5yRpaBP_P29H6aEd_9bu

Get Latest 300-410 Dumps Exam Questions in here: https://www.passsureexam.com/300-410-pass4sure-exam-dumps.html

Related Articles

more
Cisco 300-410 Certification Practice Exam