Following questions and answers are all new published by Cisco Official Exam Center: QUESTION 41Which three of the following security controls would you take into consideration when implementing loT capabities? (Choose three.) A.    Layered Security Appoach.B.    Place security above functionality.C.    Define lifecycle controls for loT devices.D.    Privacy impact Assessment.E.    Change passwords every 90 days.F.    Implement Intrusion Detection Systems on loT devices.Answer: ADE QUESTION 42Which EIGRP feature allows the use of leak maps? A.    offset-listB.    neighborC.    address-familyD.    stub Answer: D QUESTION 43Refer to the exhibit. Which IPv6 OSPF network type is applied to interface Fa0/0 of R2 by default?   A.    broadcastB.    EthernetC.    multipointD.    point-to-point Answer: A QUESTION 44Which option describes the characteristics of a public Infrastructure as a Serveice cloud service model? A.    It is a way of delivering cloud-computing infrastructure (servers, storage, network, and operating systems) as an on-demand service.B.    It is a cloud service where the underlying hardware is managed by the cloud service provider.C.    It is a cloud-computing platform that facilitates the creation of web applications without the need to maintain the supporting software applications.D.    It is a cloud-computing platform that facilitates the creation of web applications without the need to maintain the supporting software operating systems. Answer: A QUESTION 45Which effect of configuring the passive-interface S0/0 command under the EIGRP routing process is true? A.    It prevents EIGRP neighbor relationships from being formed over interface S0/0.B.    It configures interface S0/0 to send hello packets with the passive-interface bit set.C.    It configures interface S0/0 to suppress all outgoing routing updates.D.    It configures interface S0/0 to reject all incoming routing updates. Answer: A QUESTION 46What is the default IS-IS interface metric on a Cisco router? A.    255B.    64C.    10D.    128 Answer: C QUESTION 47Which two items must be defined to capture packet data with the Embedded Packet Capture feature? (Choose two.) A.    the capture rateB.    the capture pointC.    the capture bufferD.    the buffer memory sizeE.    the capture filterF.    the capture file export location Answer: BC QUESTION 48When you configure an IPv6 IPsec tunnel, which two fields can represent the ISAKMP identity of a peer? (Choose two) A.    Authentication methodB.    DH group identifierC.    HostnameD.    IPv6 addressE.    Encryption algorithm Answer: CD QUESTION 49Which action enables passive interfaces in RIPv6(RIPng)? A.    Use "passive-interface default" under the routing process.B.    Enable passive-interface on interface configuration.C.    passive interface are not supported in RIPng.D.    Enable passive-interface for each interface under the routing process. Answer: C QUESTION 50Which statement is true about IGMP? A.    Multicast sources send IGMP messages to their first-hop router, which then generates a PIM join message that is then sent to the RP.B.    Multicast receivers send IGMP messages to their first-hop router, which then forwards the IGMP messages to the RP.C.    IGMP messages are encapsulated in PIM register messages and sent to the RP.D.    Multicast receivers send IGMP messages to signal their interest to receive traffic for specific multicast groups. Answer: D QUESTION 51Which two Cisco Express Forwarding tables are located in the data plane? (Choose two.) A.    the label forwarding information baseB.    the forwarding information baseC.    the label information tableD.    the IP routing tableE.    the adjacency table Answer: BE QUESTION 52What does the DIS on a LAN periodically transmit in multicast to ensure that the IS-IS link-state database is accurate? A.    ISHB.    CSNPC.    IIHD.    PSNPE.    LIP Answer: B QUESTION 53Which two statements about DMVPN with NHRP are true? (Choose two) A.    NHRP shortens the configuration of the hub router.B.    NHRP dynamically provides information about the spoke routers to the hub.C.    NHRP disables multicastD.    The hub router uses NHRP to initiate the GRE tunnel with spokes.E.    The spoke routers act as the NHRP servers. Answer: AB QUESTION 54Refer to the exhibit. Which two options are effects of this configuration when the router is unable to reach the TACACS+ server? (Choose two.)   A.    Users cannot log in ti the routerB.    Users can log in to the router EXEC mode without entering a password.C.    Users can log in to the router user EXEC mode with the username cisco1 and the password cisco2.D.    Users can log in to the router privileged EXEC mode with the username cisco1 and the password cisco2.E.    Users can log in to the router privileged EXEC mode without entering a password.F.    Users can log in to the router privileged EXEC mode without a username and with the password cisco3. Answer: BF QUESTION 55Refer to the exhibit. Which configuration must you apply to a router so that it can generate a log message in the given format?   A.    service sequence-numbersB.    service timestamps log datetimeC.    service timestamps log uptimeD.    service alignment logging Answer: C QUESTION 56Refer to the exhibit. When traffic marked as CoS 5 arrives on the switch, what DSCP value does the switch apply?   A.    0B.    32C.    40D.    46E.    48 Answer: B QUESTION 57Which feature provides local database policy options that are similar to those of TACACS+ and RADIUS servers? A.    authentication fallbackB.    reflexive ACLsC.    AAA attributesD.    802.1x Answer: D QUESTION 58Which two statements about IGMP are true?(Choose two.) A.    IGMPv2 supports explicit source signaling.B.    IGMPv3 is the first version of IGMP to support a basic query-response mechanism.C.    IGMPv2 supports IGMP querier election.D.    IGMPv1 supports group-specific queries.E.    IGMPv3 uses as destination address for reports. Answer: CE QUESTION 59Refer to the exhibit. How is voice traffic entering this router on interface GigabitEthernet0/0 being handled by the shown marking policy?    A.    Any traffic matching access-list voice is trusted and marking is not changed.B.    All voice is being set to DSCP 0C.    All voice is being set to AF21D.    Any traffic matching access-list voice is set to EF Answer: A QUESTION 60Refer to the exhibit. After you configure the given IP SLA on a Cisco router, you note that the device is unable to fialover to the backup route even when pings to fail.What action can you take to correct the problem?   A.    Change the ip route 200 command to ip route 12.B.    Change the ip sla schedule 12 life forever start-time now command to ip sla schedule 12 life forever start-time 00:12:00.C.    Change the track 12 ip sla 12 state command to track 12 ip sla 12 reachability.D.    Change the frequency 2 command to frequency 12. Answer: C We offer standard exam questions of Cisco 400-101 dumps. 