[Free] Download New Latest (November) Cisco 400-201 Actual Tests 261-270

Ensurepass

QUESTION 261

A network administrator wants to detect a login attack against a router. What IOS command can make the attack recorded in syslog server?

 

A.

Login detect login-failure log

B.

none of the above

C.

Logging detect fail-login

D.

Login on-failure log

E.

Logging login on-failure

Correct Answer: D

 

 

QUESTION 262

How many content definitions does CSG allow?

 

A.

40

B.

400

C.

4000

D.

40,000

 

Correct Answer: C

Explanation:

CISCO CSG CONFIGURATION LIMITS

256 total virtual LANs (client and server)

4000 content definitions

1024 services

16,000 access control list (ACL) items

Up to six Cisco CSGs and/or CSMs can be installed in a Cisco Catalyst 6500 Series or Cisco 7600 Series chassis

 

 

QUESTION 263

What are the differences between LLQ and CBWFQ? (Choose two.)

 

A.

LLQ priority queue bandwidth is policed with a congestion aware policer.

B.

With LLQ, bandwidth allocations for the priority queue and all the CBWFQ queues are configured using the priority command.

C.

LLQ does not support WFQ on the default traffic class (class-default).

D.

LLQ supports the addition of strict priority queuing.

E.

LLQ is configured using MQC and CBWFQ is configured using the fair-queue command.

 

Correct Answer: AD

 

 

QUESTION 264

Which two statements about NTP version 4 are true? (Choose two)

 

A.

It supports fast synchronization at starting and before network failures.

B.

It supports automatic server discovery.

C.

It uses a fixed-point arithmetic

D.

It supports the “nanokernel” kernel implementation.

E.

It does not support Public-Key Cryptography

 

Correct Answer: BD

Explanation:

4.1.9. What’s new in Version 4?

According to the NTP Version 4 Release Notes found in release.htm, the new features of version four (as compared to version three) are.

 

Use of floating-point arithmetic instead of fixed-point arithmetic.

Redesigned clock discipline algorithm that improves accuracy, handling of network jitter, and polling intervals.

Support for the nanokernel kernel implementation that provides nanosecond precision as well as improved algorithms.

 

Public-Key cryptography known as autokey that avoids having common secret keys.

Automatic server discovery (manycast mode)

Fast synchronization at startup and after network failures (burst mode)

New and revised drivers for reference clocks

Support for new platforms and operating systems

 

 

QUESTION 265

Which four statements about NetFlow are true? (Choose four.)

 

A.

NetFlow records bidirectional IP traffic flow.

B.

NetFlow export can be implemented over IPv4.

C.

NetFlow export can be implemented over IPv6.

D.

NetFlow records multicast IP traffic flow.

E.

NetFlow records ingress traffic.

F.

NetFlow records egress traffic.

 

Correct Answer: BDEF

 

 

QUESTION 266

Which MQC-based output queueing method is designed to support multiple traffic classes including VoIP traffic, mission-critical traffic, bulk traffic, interactive traffic and default class traffic?

 

A.

Custom Queueing

B.

CB-WRED

C.

WRR Queueing

D.

LLQ

E.

CBWFQ

 

Correct Answer: D

 

 

QUESTION 267

Which four statements about an IP service level agreement (SLA) are true? (Choose four.)

 

A.

SLA responder knows type of operation, the port used, and duration.

B.

SLA responder inserts in and out timestamps in the packet payload.

C.

SLA sender and responder use the IP SLA Control Protocol to communicate with each other before sending test packets.

D.

SLA sender and responder communication can be encrypted.

E.

SLA sender and responder communication can be authenticated with MD5.

 

Correct Answer: ABCE

 

 

QUESTION 268

How many token buckets are needed to support a multi-actions policer that meters conforming, exceeding and violating traffic?

 

A.

1

B.

3

C.

5

D.

2

E.

6

F.

4

 

Correct Answer: D

 

 

QUESTION 269

What is the typical marked DSCP value for a voice signaling packet in VoIP technology?

 

A.

BE

B.

AF41

C.

AF21

D.

EF

E.

AF31

 

Correct Answer: E

 

 

QUESTION 270

How would you characterize the source and type in a denial of service attack on a router?

 

A.

By perform a show ip interface to see the type and source of the attack based upon the access-list matches.

B.

By setting up an access-list to permit all ICMP, TCP, and UDP traffic with the log or log- input commands, then use the show access-list and show log commands to determine the type and source of attack.

C.

By performing a show interface to see the transmitted load “txload” and receive load “rxload”, if the interface utilization is not maxed out, there is no attack underway.

D.

By applying an access-list to all incoming and outgoing interfaces, turning off route- cache on all interfaces, then, when telnetting into the router perform a debug IP packet detail.

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 400-201 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …

Tags: