1. Home
  2. Cisco
  3. 300-410

Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)

Exam Details

  • Exam Code
    :300-410
  • Exam Name
    :Implementing Cisco Enterprise Advanced Routing and Services (ENARSI)
  • Certification
    :CCNP Enterprise
  • Vendor
    :Cisco
  • Total Questions
    :925 Q&As
  • Last Updated
    :Apr 17, 2025

Cisco CCNP Enterprise 300-410 Questions & Answers

  • Question 531:

    Refer to the exhibit. R1 is configured with IP SLA to check the availability of the server behind R6 but it kept failing.

    Which configuration resolves the issue?

    A. R6(config)#ip sla responder udp-echo ip address 10.10.10.1 port 5000

    B. R6(config)#ip access-list extended DDOS R6(config-ext-nacl)#5 permit icmp host 10.10.10.1 host 10.66.66.66

    C. R6(config)#ip sla responder

    D. R6(config)#ip access-list extended DDOS R6(config-ext-nacl)#5 permit icmp host 10.66.66.66 host 10.10.10.1

  • Question 532:

    Refer to the exhibit. An engineer configured IP SLA on R1 to avoid the ISP link flapping problem, but it is not working as designed. IP SLA should wait 30 seconds before switching traffic to a secondary connection and then revert to the primary link after waiting 20 seconds, when the primary link is available and stabilized.

    R1# *Nov 18 15:38:59.956: track-sta (700) Change #8 ip sla 700, state Up -> Down *Nov 18 15:38:59.956: %TRACK-6-STATE: 700 ip sla 700 state Up -> Down *Nov 18 15:38:59.956: track-sta (700) ip sla 700 state Up -> Down *Nov 18 15:38:59.956: track-que (700) Queuing CHANGED client event for Static IP Routing *Nov 18 15:38:59.956: track-que (700) Unqueuing CHANGED client event for Static IP Routing *Nov 18 15:39:04.965: track-sta (700) Change #9 ip sla 700, state Down -> Up *Nov 18 15:39:04.965: %TRACK-6-STATE: 700 ip sla 700 state Down -> Up *Nov 18 15:39:04.965: track-sta (700) ip sla 700 state Down -> Up *Nov 18 15:39:04.965: track-que (700) Queuing CHANGED client event for Static IP Routing *Nov 18 15:39:04.965: track-que (700) Unqueuing CHANGED client event for Static IP Routing

    Which configuration resolves the issue?

    A. R1(config)#track 700 ip sla 700 R1 (config-track)#delay down 30 up 20

    B. R1 (config)#ip sla 700 R1(config-ip-sla)#delay down 30 up 20

    C. R1 (config)#ip sla 700 R1(config-ip-sla)#delay down 20 up 30

    D. R1(config)#track 700 ip sla 700 R1(config-track)#delay down 20 up 30

  • Question 533:

    The network administrator configured CoPP so that all HTTP and HTTPS traffic from the administrator device located at 172.16 1.99 toward the router CPU is limited to 500 kbps. Any traffic that exceeds this limit must be dropped.

    access-list 100 permit ip host 172.16.1.99 any ! class-map CM-ADMIN match access-group 100 ! policy-map PM-COPP class CM-ADMIN police 500000 conform-action transmit ! interface E0/0 service-policy input PM-COPP

    CoPP failed to capture the desired traffic and the CPU load is getting higher.

    Which two configurations resolve the issue? (Choose two.)

    A. interface E0/0 no service-policy input PM-COPP ! control-plane service-policy input PM-COPP

    B. policy-map PM-COPP class CM-ADMIN no police 500000 conform-action transmit police 500 conform-action transmit ! control-plane service-policy input PM-COPP

    C. no access-list 100 access-list 100 permit tcp host 172.16.1.99 any eq 80

    D. no access-list 100 access-list 100 permit tcp host 172.16.1.99 any eq 80 access-list 100 permit tcp host 172.16.1.99 any eq 443

    E. policy-map PM-COPP class CM-ADMIN no police 500000 conform-action transmit police 500 conform-action transmit

  • Question 534:

    Refer to the exhibit. A network administrator is troubleshooting IPv6 address assignment for a DHCP client that is not getting an IPv6 address from the server.

    ipv6 dhcp server:

    ipv6 unicast-routing ! int e0/1 ipv6 enable ipv6 add 2001:11::1/64 ipv6 nd other-config-flag no shut ipv6 dhcp server IPv6Pool ! ipv6 dhcp pool IPv6Pool dns-server 2002:555::1 domain-name my.net

    ipv6 dhcp client:

    interface Ethernet0/1 no ip address ipv6 address dhcp ipv6 enable no shut

    Which configuration retrieves the client IPv6 address from the DHCP server?

    A. ipv6 address autoconfig command on the interface

    B. ipv6 dhcp server automatic command on DHCP server

    C. ipv6 dhcp relay-agent command on the interface

    D. service dhcp command on DHCP server

  • Question 535:

    Refer to the exhibit.

    A junior engineer configured SNMP to network devices. Malicious users have uploaded different configurations to the network devices using SNMP and TFTP servers. Which configuration prevents changes from unauthorized NMS and TFTP servers?

    A. access-list 20 permit 10.221.10.11

    access-list 20 deny any log

    !

    snmp-server group NETVIEW v3 priv read NETVIEW access 20

    snmp-server group NETADMIN v3 priv read NETVIEW write NETADMIN access 20

    snmp-server community Cisc0Us3r RO 20

    snmp-server community Cisc0wrus3r RW 20

    snmp-server tftp-server-list 20

    B. access-list 20 permit 10.221.10.11 access-list 20 deny any log ! snmp-server group NETVIEW v3 priv read NETVIEW access 20 snmp-server group NETADMIN v3 priv read NETVIEW write NETADMIN access 20 snmp-server community Cisc0wrus3r RO 20 snmp-server community Cisc0Us3r RW 20 snmp-server tftp-server-list 20

    C. access-list 20 permit 10.221.10.11 access-list 20 deny any log

    D. access-list 20 permit 10.221.10.11

  • Question 536:

    Refer to the exhibit. An engineer must block access to the console ports for all corporate remote Cisco devices based on the recent corporate security policy but the security team still can connect through the console port.

    Switch# ! line con 0 logging synchronous line aux 0 line vty 0 4 password cisco@123 login transport input ssh telnet ! end

    Which configuration on the console port resolves the issue?

    A. login and password

    B. exec 0 0

    C. transport input telnet

    D. no exec

  • Question 537:

    Which OSI model is used to insert an MPLS label?

    A. between Layer 2 and Layer 3

    B. between Layer 5 and Layer 6

    C. between Layer 1 and Layer 2

    D. between Layer 3 and Layer 4

  • Question 538:

    Which function does LDP provide in an MPLS topology?

    A. It enables a MPLS topology to connect multiple VPNs to P routers.

    B. It provides hop-by-hop forwarding in an MPLS topology for LSRs.

    C. It exchanges routes for MPLS VPNs across different VRFs.

    D. It provides a means for LSRs to exchange IP routes.

  • Question 539:

    Which mechanism provides traffic segmentation within a DMVPN network?

    A. BGP

    B. IPsec

    C. MPLS

    D. RSVP

  • Question 540:

    What are two characteristics of IPv6 Source Guard? (Choose two.)

    A. requires the user to configure a static binding

    B. used in service provider deployments to protect DDoS attacks

    C. requires that validate prefix be enabled

    D. requires IPv6 snooping on Layer 2 access or trunk ports

    E. recovers missing binding table entries

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 300-410 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.