March/2021 Latest Braindump2go 300-410 Exam Dumps with PDF and VCE Free Updated Today! Following are some new 300-410 Real Exam Questions!

QUESTION 147
How are MPLS Layer 3 VPN services deployed?

A. The RD and RT values must match under the VRR
B. The RD and RT values under a VRF must match on the remote PE router
C. The import and export RT values under a VRF must always be the same.
D. The label switch path must be available between the local and remote PE routers.

Answer: D
Explanation:
https://www.cisco.com/c/en/us/td/docs/iosxr/ncs5500/vpn/65x/b-l3vpn-cg-ncs5500-65x/b-l3vpn-cg-ncs5500-65x_chapter_010.html

QUESTION 148
Refer to the exhibit.

The R1 and R2 configurations are:

The neighbor is not coming up. Which two sets of configurations bring the neighbors up? (Choose two.)

A.
B.
C.
D.
E.

Answer: AC
Explanation:

QUESTION 149
Refer to the exhibit. A company with autonomous system number AS6 401 has obtained IP address block 209.165.200.224/27 fro, ARIN. The company needed more IP addresses and was assigned block 209.165.202.128/27 from ISP2. An engineer is ISP1 reports they are receiving ISP2 routes from AS65401. Which configuration onR1 resolves the issue?

A.
B.
C.
D.

Answer: A
Explanation:
https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/23675-27.html

QUESTION 150
Refer to the exhibit. An engineer identifier a Layer 2 loop using DNAC. Which command fixes the problem in the SF-D9300-1 switch?

A. no spanning-tree uplinkfast
B. spanning-tree loopguard default
C. spanning-tree backbonesfast
D. spanning-tree portfast bpduguard

Answer: D
Explanation:
https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/tech_notes/b_dnac_sda_lan_automation_deployment.html

QUESTION 151
What are two functions of LDP? (Choose two.)

A. It is defined in RFC 3038 and 3039.
B. It requires MPLS Traffic Engineering.
C. It advertises labels per Forwarding Equivalence Class.
D. It must use Resource Reservation Protocol.
E. It uses Forwarding Equivalence Class

Answer: CE
Explanation:
https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/mpls/configuration/guide/mpls_cg/mp_mpls_overview.pdf

QUESTION 152
Refer to the exhibit. A network administrator is using the DNA Assurance Dashboard panel to troubleshoot an OSPF adjacency that failed between Edge_NYC interface GigabitEthernet1/3 with Neighbor Edge_SNJ. The administrator observes that the neighborship is stuck in exstart state. How does the administrator fix this issue?

A. Configure to match the OSPF interface speed and duplex settings on both routers.
B. Configure to match the OSPF interface MTU settings on both routers.
C. Configure to match the OSPF interface unique IP address and subnet mask on both routers.
D. Configure to match the OSPF interface network types on both routers.

Answer: B
Explanation:
After two OSPF neighboring routers establish bi-directional communication and complete DR/BDR election (on multi-access networks), the routers transition to the exstart state. In this state, the neighboring routers establish a master/slave relationship and determine the initial database descriptor (DBD) sequence number to use while exchanging DBD packets. Neighbors Stuck in Exstart/Exchange State The problem occurs most frequently when attempting to run OSPF between a Cisco router and another vendor’s router. The problem occurs when the maximum transmission unit (MTU) settings for neighboring router interfaces don’t match. If the router with the higher MTU sends a packet larger that the MTU set on the neighboring router, the neighboring router ignores the packet.
https://www cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13684-12.html

QUESTION 153
Refer to the exhibit. All the serial between R1, R2, and R3 have the Same bandwidth. User on the 192.168.1.0/24 network report slow response times while they access resource on network 192.168.3.0/24. When a traceroute is run on the path. It shows that the packet is getting forwarded via R2 to R3 although the link between R1 and R3 is still up.
What must the network administrator to fix the slowness?

A. Change the Administrative Distance of EIGRP to 5.
B. Add a static route on R1 using the next hop of R3.
C. Remove the static route on R1.
D. Redistribute the R1 route to EIGRP

Answer: C

QUESTION 154
An engineer configured a Cisco router to send reliable and encrypted notifications for any events to the management server.
It was noticed that the notification messages are reliable but not encrypted.
Which action resolves the issue?

A. Configure all devices for SNMPv3 informs with priv.
B. Configure all devices for SNMPv3 informs with auth.
C. Configure all devices for SNMPv3 traps with auth.
D. Configure all devices for SNMPv3 traps with priv.

Answer: A
Explanation:
SNMP notifications can be sent as traps or inform requests. Traps are unreliable because the receiver does not send acknowledgments when this device receives traps.”Send reliable and encrypted notifications for any events” so it is SNMP notifications. For encryption we need to configure “priv”.

QUESTION 155
Refer to the exhibit. A network administrator configured mutual redistribution on R1 and R2 routers, which caused instability in the network. Which action resolves the issue?

A. Set a tag in the route map when redistributing EIGRP into OSPF on R1. and match the same tag on R2 to allow when redistributing OSPF into EIGRP.
B. Apply a prefix list of EIGRP network routes in OSPF domain on R1 to propagate back into the EIGRP routing domain.
C. Set a tag in the route map when redistributing EIGRP into OSPF on R1, and match the same tag on R2 to deny when redistributing OSPF into EIGRP.
D. Advertise summary routes of EIGRP to OSPF and deny specific EIGRP routes when redistributing into OSPF.

Answer: C
Explanation:
When doing mutual redistribution at multiple points (between OSPF and EIGRP on R1 & R2), we may create routing loops so we should use route-map to prevent redistributed routes from redistributing again into the original domain.
In the below example, the route-map “SET-TAG” is used to prevent any routes that have been redistributed into EIGRP from redistributed again into OSPF domain by tagging these routes with tag
1:

QUESTION 156
Refer to the exhibit. A network administrator is discovering a Cisco Catalyst 9300 and a Cisco WLC 3504 in Cisco DNA Center. The Catalyst 9300 is added successfully However the WLC is showing [ error “uncontactable” when the administrator tries to add it in Cisco DNA Center.
Which action discovers WLC in Cisco DNA Center successfully?

A. Copy the .cert file from the Cisco DNA Center on the USB and upload it to the WLC 3504.
B. Delete the WLC 3504 from Cisco DNA Center and add it to Cisco DNA Center again.
C. Add the WLC 3504 under the hierarchy of the Catalyst 9300 connected devices.
D. Copy the .pern file from the Cisco DNA Center on the USB and upload it to the WLC 3504.

Answer: D

QUESTION 157
Which feature drops packets if the source address is not found in the snooping table?

A. IPv6 Source Guard
B. IPv6 Destination Guard
C. IPv6 Prefix Guard
D. Binding Table Recovery

Answer: A

QUESTION 158
Refer to the exhibit. A user has set up an IP SLA probe to test if a non SLA host web server on IP address 10.1.1.1 accepts HTTP sessions prior to deployment. The probe is failing.
Which action should the network administrator recommend for the probe to succeed?

A. Re-issue the ip sla schedule command.
B. Add icmp-echo command for the host.
C. Add the control disable option to the tcp connect.
D. Modify the ip sla schedule frequency to forever.

Answer: A

QUESTION 159
Refer to The exhibit. The network administrator must mutually redistribute routes at the Chicago router to the LA and NewYork routers.

The configuration of the Chicago router is this:

After the configuration, the LA router receives all the NewYork routes, but NewYork router does not receive any LA routes. Which set of configurations fixes the problem on the Chicago router?

A.
B.
C.
D.

Answer: B
Explanation:
“LA router receives all the NewYork routes but it does not receive any LA routes” because when redistrubuting into EIGRP, we must configure the default metric.

QUESTION 160
Refer to the exhibit. An IPv6 network was newly deployed in the environment and the help desk reports that R3 cannot SSH to the R2s Loopback interface. Which action resolves the issue?

A. Modify line 10 of the access list to permit instead of deny
B. Remove line 60 from the access list.
C. Modify line 30 of the access list to permit instead of deny.
D. Remove line 70 from the access list.

Answer: C

QUESTION 161
An engineer configured SNMP notifications sent to the management server using authentication and encrypting data with DES. An error in the response PDU is received as “UNKNOWNUSERNAME.
WRONGDIGEST”. Which action resolves the issue?

A. Configure the correct authentication password using SNMPv3 authPriv .
B. Configure the correct authentication password using SNMPv3 authNoPriv.
C. Configure correct authentication and privacy passwords using SNMPv3 authNoPriv.
D. Configure correct authentication and privacy passwords using SNMPv3 authPriv.

Answer: A
Explanation:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/15-e/snmp-15-e-book.pdf
There are three SNMP security levels (for SNMPv1, SNMPv2c, and SNMPv3):
+ noAuthNoPriv: Security level that does not provide authentication or encryption.
+ authNoPriv: Security level that provides authentication but does not provide encryption.
+ authPriv: Security level that provides both authentication and encryption.
For SNMPv3, “noAuthNoPriv” level uses a username match for authentication.

QUESTION 162
Refer to the exhibits. A user on the 192.168 1.0/24 network can successfully ping 192.168.3.1, but the administrator cannot ping 192.168.3.1 from the LA router.
Which set of configurations fixes the issue?

A.
B.
C.
D.

Answer: A

QUESTION 163
Refer to the exhibits. When DMVPN is configured, which configuration allows spoke-to-spoke communication using loopback as tunnel source?

A. Configure crypto isakmp key cisco address 0.0.0.0 on the hub.
B. Configure crypto isakmp key Cisco address 200.1.0.0 255.255.0.0 on the hub.
C. Configure crypto isakmp key cisco address 200.1.0.0 255.255.0.0 on the spokes.
D. Configure crypto isakmp key cisco address 0.0.0.0 on the spokes.

Answer: A

QUESTION 164
What are two functions of IPv6 Source Guard? (Choose two.)

A. It uses the populated binding table for allowing legitimate traffic.
B. It works independent from IPv6 neighbor discovery.
C. It denies traffic from unknown sources or unallocated addresses.
D. It denies traffic by inspecting neighbor discovery packets for specific pattern.
E. It blocks certain traffic by inspecting DHCP packets for specific sources.

Answer: AC

QUESTION 165
An engineer configured access list NON-CISCO in a policy to influence routes

What are the two effects of th s route map configuration? (Choose two.)

A. Packets are not evaluated by sequence 10.
B. Packets are evaluated by sequence 10.
C. Packets a e forwarded to the default gateway.
D. Packets a e forwarded using normal route lookup.
E. Packets are dropped by the access list.

Answer: BC

QUESTION 166
Refer to the exhibit. Which two actions restrict access to router R1 by SSH? (Choose two.)

A. Configure transport input ssh on line vty and remove sequence 30 from access list 100.
B. Configure transport output ssh on line vty and remove sequence 20 from access list 100.
C. Remove class-map ANY from service-policy CoPP
D. Configure transport output ssh on line vty and remove sequence 10 from access list 199.
E. Remove sequence 10 from access list 100 and add sequence 20 deny tcp any any eq telnet to access list 199

Answer: AB
Explanation:
To only allow SSH to R1, we have to: + Deny Telnet in ACL 100 because the action of class-map:
PERMIT is “permit” + Permit Telnet in ACL 199 because the action of class-map: ANY is “drop” But:
+ In ACL 100 there is a permit statement for Telnet traffic “20 permit tcp any any eq telnet (5 matches)” which is not correct so we must remove this statement.
+ In ACL 199 there is an ACL statement “10 deny tcp any eq telnet any (50 matches)”. This statement is aimed for Telnet traffic leaving R1 which is not correct so we must remove this statement.
Note:
+ The command “transport output telnet ssh” allows telnet and SSH from this device (to other devices).
+ Telnet is TCP port 23. + When using Telnet on source port, it affects Telnet traffic leaving from R1.

QUESTION 167
Refer to the exhibit. The administrator can see the traps for the failed login attempts, but cannot see the traps of successful login attempts. What command is needed to resolve the issue?

A. Configure logging history 2
B. Configure logging history 3
C. Configure logging history 4
D. Configure logging history 5

Answer: D
Explanation:
By default, the maximum severity sent as a syslog trap is warning. That is why you see syslog traps for login failures. Since a login success is severity 5 (notifications), those syslog messages will not be converted to traps. To fix this, configure:

Note:
The syntax of login block is:
login block-for seconds attempts tries within seconds

QUESTION 168
Drag and Drop Question
Drag and drop the actions from the left into the correct order on the right to configure a policy to avoid following packet forwarding based on the normal routing path.

Answer:

Explanation:
https://community.cisco.com/t5/networking-documents/how-to-configure-pbr/ta-p/3122774

---

Resources From:

1.2021 Latest Braindump2go 300-410 Exam Dumps (PDF & VCE) Free Share:
https://www.braindump2go.com/300-410.html

2.2021 Latest Braindump2go 300-410 PDF and 300-410 VCE Dumps Free Share:
https://drive.google.com/drive/folders/1NkZ6PH5JebhsyHrMEXD3IWxkOLRjQ-B-?usp=sharing

3.2021 Free Braindump2go 300-410 Exam Questions Download:
https://www.braindump2go.com/free-online-pdf/300-410-PDF-Dumps(147-168).pdf

Free Resources from Braindump2go,We Devoted to Helping You 100% Pass All Exams!