Limited Time Discount Offer 30% Off - Ends in 02:00:00


Cisco CCIE SP 400-201 Exam - CCIE SP Written v4.1

Download Free Cisco 400-201 Exam Questions

Questions & Answers for Cisco 400-201

Showing 1-15 of 197 Questions

Question #1

In a secure domain router scenario, which two functions are shared amongst all SDR in the
system? (Choose two.)

A. configuration

B. protocols

C. routing tables

D. chassis-control

E. switch-fabric

Secure domain routers (SDRs) provide a means of partitioning a router into multiple,
independent routers. SDRs perform routing functions in the same manner as a physical
router but share resources with the rest of the system. For example, the applications,
configurations, protocols, and routing tables assigned to an SDR belong to that SDR only,
but other functions such as chassis control, switch fabric, and partitioning are shared with
the rest of the system.

Question #2

Drag each resiliency mechanism on the left to its corresponding technology on the right.

Question #3

A telecom company offers ISPs the ability to resell dynamic IP broadband services over its
local loops, but it does not allow the resellers to install broadband network gateways. If an
ISP wants to become a reseller but is unable to use NHRP, which tunneling protocol should
be implemented?

A. IP in IP

B. IPsec



However, while OpenVPN can not be used with VoIP, L2TP can be used for VoIP. Only
use this if OpenVPN is not available and you are in need of very high security/encryption.

Question #4

A network engineer wants to deploy a solution that allows for 200 DS1 s and 100 DS0s that
are multiplexed to a single interface on a Cisco 7600 Series Router. Which interface type
satisfies this requirement?

A. Channelized T3/E3 (DS0)

B. Channelized OC-12/STM-4

C. OC-12/STM-4

D. OC-48c/STM-16

Question #5

A service provider is implementing Ethernet solutions for clients that are not being
provisioned within the MPLS core network. Which solution allows the Service Provider to
complete Ethernet circuit provisioning in this scenario?

A. L2TPv3




L2TPv3 defines the L2TP protocol for tunneling Layer 2 payloads over an IP core network
using Layer 2 virtual private networks (VPNs). Benefits of this feature include the following:

Simplifies deployment of VPNs.

Does not require Multiprotocol Label Switching (MPLS) virtual private network (VPN).

Supports Layer 2 tunneling over IP for any payload.

Supports data encapsulation directly over IP (IP protocol number 115), not using User
Datagram Protocol (UDP)

Supports point-to-point sessions, not point-to-multipoint or multipoint-to-point sessions

Supports sessions between the same Layer 2 protocols, for example Frame Relay-to-
Frame Relay or ATM-to-ATM.

Question #6

When IPv6 is enabled on an interface, which three multicast addresses does the
configured interface automatically join? (Choose three.)

A. FF01::2

B. FEC0::1

C. FF02:0:0:0:0:1:FF00::/104

D. FF02::1

E. FF01::1

F. FF02::2

G. FF02::D

H. FF02::5


Question #7

A network engineer is responsible for implementing a solution with Cisco IOS XR Software
that insures continuous forwarding during a control plane failure. Which two technologies
should the engineer consider? (Choose two.)



C. graceful restart




Question #8

Two Service Providers are beginning a merger between AS boundaries to provide MPLS-
enabled services between their networks. Customers are using both Service Providers for
services and, under certain circumstances; there are requirements to extend Layer 2 VPN
circuits between each provider. The providers are in the process of completing the
technical merger. However, the MPLS is not supported between the providers. Which
action allows MPLS Layer 2 VPN circuits to be built over the inter-AS link?

A. Create a GRE tunnel with the mpls ip command between ASBRs.

B. Create Layer 2 VPN peerings between PE routers from each provider.

C. Create a VPNv4 peering between ASBRs to advertise labels between each provider.

D. Create a sham link between ASBR routers to enable a superbackbone peering for Layer 2 VPN signaling.


Question #9

The diagram was R1 connected to R2 and R2 connected to R3 on ospf area 0

Refer to the exibit OSPF is already running with default parameters. If R1 already have
loopback 0 & Router-ID configured with that loopback address, then what will SPF
computation on R2 after adding R1 one more loopback11 on OSPF?

A. Beacuse prefix information will be an LSA type 3 on R2 router 's database , R2 router will run partial SPF computation.

B. Beacuse prefix will a LSA type 1 on R2 router's database. R2 router will a full SPF computation, even though an OSPF optimization is applied on R2 router.

C. Adding ispf on command on R2 router, the entire SPT will be computed on R2 router.

D. Adding ispf on command on R2 router, R2 router will only recompute only the affected part of the tree.

Question #10

Refer to the exhibit.

An engineer is troubleshooting CSC-PE and CSC-CE configurations and finds that there is
a missing communication between Layer 3 VPN customer sites that are connected to
customer carrier provider.
What is the cause of this issue?

A. The static route configured on CSC-PE1 is missing the vrf keyword on next-hop information.

B. The CSC-PE1 does require knowledge of the Layer 3 VPN customer prefixes in order to allocate and exchange Layer 3 VPN labels with CSC-CE1.

C. A CSC design requires selective label allocation.

D. The CSC-PE1 device is not allocating labels for the CSC backbone carrier route reflector.

E. The CSC-PE1 and CSC-CE1 routers are not exchanging labeled IPv4 prefixes, which results in LSP blackholing.

Question #11

Refer to the exhibit.

It displays the Router_3 FIB information without any OSPF LSDB optimization. An engineer
wants to optimize the OSPF LSDB in accordance with RFC 1587 Considering the following
Router_3 maintains full connectivity
Router_2 requires the least configuration
In orderto achieve the OSPF LSDB optimization on Router_3. which Cisco IOS command
should the engineer use on Router_2?

A. area 1 nssa default-information-originate

B. area n nssa no-summary area 1 nssa no-redistribution

C. area 1 nssa no-redistributionarea 1 nssa default-information-originate

D. area 1 nssa no-summary

E. area 1 nssa no-redistribution

F. area 1 nssa no-summaryarea 1 nssa default-information-originate

Question #12

Refer to the exhibit. The Service Provider is deploying Internet service to its VRF
customers by using vrf INTERNET. A dedicated firewall provides NAT functionally towards
the Internet. Assume that IP address overlapping between VRFs is not an issue.

Which three configuration steps are required to add Internet service to the VRF customers?
(Choose three.)

A. Export the RD of vrf INTERNET from all customer VRFs.

B. Originate a default route on PE4 in vrf INTERNET.

C. Import the RD from vrf INTERNET in all customer VRFs.

D. Originate a default route on the firewall in vrf INTERNET.

E. Import the VRF “INTERNET” Route Target in all customer VRFs.

F. Import the Route Target of all customer VRFs in vrf INTERNET.

G. Leak all VRF routes to the global routing table.

Question #13

The product team at an ISP that offers VoIP services wants to add two-way video
conferencing to their product offering. Which three QoS methods can be applied for real-
time traffic on WAN links with speeds that are slower than 768 Kbps? (Choose three.)

A. Apply MLP link fragmentation and interleaving to the interface.

B. Apply LLQ with both voice traffic and video traffic in the same priority queue.

C. Apply CBWFQ with VoIP traffic in its own class, which is marked with a PHB value of EF.

D. Apply CBWFQ with video traffic in its own class, which is marked with a PHB value of AF41.

E. Apply voice-adaptive fragmentation to ensure that large video packets are fragmented and interleaved.

F. Apply LLQ with video traffic that is dedicated in the priority queue.


Question #14

Which is the main goal of BGPsec regards to improve BGP security?

A. Reduces risk of improper route propagation from unauthorized AS numbers

B. Configures BGP route verification by storing routes in a database used to validate AS numbers

C. Adds encryption to route propagation outside the iBGP AS

D. Increases legitimacy and authenticity of BGP advertisements


Question #15

A Server Provider is seeing an increasing amount of attacks against its customers. For
which kind of attack would an engineer want to design a Backscatter Traceback solution?

A. Rogue DNS/DHCP Servers

B. IP Spoofing

C. Ping of Death

D. Distributed Denial of Service

E. Network Attack TCP/UDP Scan


Try Our Special 30% Discount Offer for
Premium 400-201 VCE File

  • Verified by experts

400-201 Premium File

  • Real Questions
  • Last Update: Mar 31, 2020
  • 100% Accurate Answers
  • Fast Exam Update




You save

Enter Your Email Address to Receive Your 30% Discount Code


You save

Use Discount Code:

A confirmation link was sent to your e-mail.

Please check your mailbox for a message from and follow the directions.

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

  • Realistic exam simulation and exam editor with preview functions
  • Whole exam in a single file with several different question types
  • Customizable exam-taking mode & detailed score reports