[Lead2pass New] Lead2pass 300-101 Exam Dumps New Updated By Cisco Official Exam Center (241-260)

2017 October Cisco Official New Released 300-101 Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

Cisco New Released Exam 300-101 exam questions are now can be downloaded from Lead2pass! All questions and answers are the latest! 100% exam pass guarantee! Get this IT exam certification in a short time!

Following questions and answers are all new published by Cisco Official Exam Center: https://www.lead2pass.com/300-101.html

QUESTION 241
Which two different configuration can you apply to a device to block incoming SSH access? (Choose two)

 

A.    Option A
B.    Option B
C.    Option C
D.    Option D
E.    Option E

Answer: BC
Explanation:
If you are denying incoming traffic you would apply the access list in the inbound direction, not outbound.

QUESTION 242
DHCPv6 can obtain configuration parameters from a server through rapid two-way message exchange. Which two steps are involved in this process? (Choose Two)

A.    solicit
B.    advertise
C.    request
D.    auth
E.    reply

Answer: AE
Explanation:
When a server has IPv6 addresses and other configuration information committed to a client, the client and server may be able to complete  the exchange using only two messages, instead of four messages as described in the next section.  In this case, the client sends a Solicit message to the All_DHCP_Relay_Agents_and_Servers requesting the assignment of addresses and other configuration information.
The server that is willing to commit the assignment of addresses to the client
immediately responds with a Reply message.

QUESTION 243
Which two phases of DMVPN allow to spoke sites to create dynamic tunnels to one another? (Choose Two)

A.    Phase 1
B.    Phase 2
C.    Phase 3
D.    Phase 4
E.    Phase 5

Answer: BC

QUESTION 244
ipv6 access list and need to apply it to block traffic INBOUND telnet and interface ( choose two )

A.    inbound……
B.    inbound…..
C.    outbound…..
D.    outbound…..
E.    outbound……

Answer: AB

QUESTION 245
EIGRP is implemented in a frame relay network but there is no adjacency.
Which options cause the adjacency to come up? (choose 2)

A.    disable split horizon
B.    neighbor command to configure it for a point to multipoint on the WAN interface

Answer: AB

QUESTION 246
Which allowing website access between certain times

A.    Filters using Time-Based ACLs

Answer: A

QUESTION 247
Which option to the command service timestamps debug enables the logging server to capture the greatest amount of information from the router?

A.    uptime
B.    show-timezone
C.    year
D.    msec

Answer: D

QUESTION 248
What is the default value of TCP maximum segment size?

A.    536
B.    1492
C.    1500
D.    1508

Answer: A
Explanation:
THE TCP MAXIMUM SEGMENT SIZE IS THE IP MAXIMUM DATAGRAM SIZE MINUS FORTY.
The default IP Maximum Datagram Size is 576.
The default TCP Maximum Segment Size is 536.
http://www.ietf.org/rfc/rfc879.txt?referring_site=bodynav

QUESTION 249
ip sla network with a configuration snippet

A.    apply the ipv6 acl under a vty
B.    ip access-class
C.    ipv6 access class
D.    Access-list IN
E.    Access-list OUT

Answer: AD

QUESTION 250
When unicast reverse patch forwarding is configured on interface, which action does the interface take list when it received a packet?

A.    It check the ingress access list
B.    It check the egress access list
C.    Route available in FIB or It verifies a reverse patch via the fib to the source
D.    It verify that the source has a valid VEF adjacency

Answer: C

QUESTION 251
Which command instruct a PPPoE client to obtain its IP address from the PPPoe server?

A.    Interface dialer
B.    ip address negotiated
C.    pppoe enable
D.    Ip address DHCP
E.    Ip address dynamic

Answer: B

QUESTION 252
Which feature enables security in vty lines?

A.    exec-time out
B.    logging
C.    username and password
D.    transport out

Answer: C

QUESTION 253
Which access list entry checks for an ACK within a packet header?

A.    access-list 49 permit ip any any eq 21 tcp-ack
B.    access-list 49 permit tcp any any eq 21 tcp-ack
C.    access-list 149 permit tcp any any eq 21 established
D.    access-list 49 permit tcp any any eq 21 established

Answer: C

QUESTION 254
Which option is one way to mitigate symmetric routing on an active/active firewall setup for TCP-based connections?

A.    performing packet captures
B.    disabling asr-group commands on interfaces that are likely to receive asymmetric traffic
C.    replacing them with redundant routers and allowing load balancing
D.    disabling stateful TCP checks

Answer: D

QUESTION 255
A network engineer executes the show ip cache flow command. Witch two types of information are displayed in the report that is generated? (Choose two)

A.    top talkers
B.    flow export statistics
C.    flow sample for specific protocols
D.    MLS flow traffic
E.    IP packet distribution

Answer: CE

QUESTION 256
Which DHCP option provides a TFTP server that Cisco phones can use to download a configuration?

A.    DHCP Option 66
B.    DHCP Option 68
C.    DHCP Option 82
D.    DHCP Option 57

Answer: A

QUESTION 257
Drag and Drop Question
Drag each statement about authentication, authorization, and accounting on the left to the matching category on right.

 

Answer:

 

QUESTION 258
Drag and Drop Question
Drag each statement about authentication mechanisms on the left to the matching authentication type on the right.

 
Answer:

 

QUESTION 259
Drag and Drop Question

A.    Radius >>>
Use udp port 1812 for authentication. It encrypts only the password in the access-request packet, from the client to the server. The remainder of the packet is unencrypted.
It combines authorization and accounting functions.

Tacacs+ >>>
Use tcp port 49 and encrypts the entire packet.
It separates authorization and accounting functions.

Answer: A

QUESTION 260
Drag and Drop Question
 
Answer:

Lead2pass gives the latest, authoritative and complete 300-101 braindumps for 300-101 exam, because of that, all of our candidates pass 300-101 certification without any problem. The biggest feature is the regular update of 300-101 PDF and VCE, which keeps our candidates’ knowledge up to date and ensures their 300-101 exam success.

300-101 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDX0QwYXF1aXFINmM

2017 Cisco 300-101 exam dumps (All 470 Q&As) from Lead2pass:

https://www.lead2pass.com/300-101.html [100% Exam Pass Guaranteed]

You may also like