Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)
Exam Details
Exam Code
:350-401
Exam Name
:Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR)
Certification
:CCNP Enterprise
Vendor
:Cisco
Total Questions
:1407 Q&As
Last Updated
:Apr 13, 2025
Cisco CCNP Enterprise 350-401 Questions & Answers
Question 291:
Which IPv6 migration method relies on dynamic tunnels that use the 2002::/16 reserved address space?
A. GRE
B. 6RD
C. 6to4
D. ISATAP
Correct Answer: C
6to4 tunnel is a technique which relies on reserved address space 2002::/16 (you must remember this range). These tunnels determine the appropriate destination address by combining the IPv6 prefix with the globally unique destination 6to4 border router's IPv4 address, beginning with the 2002::/16 prefix, in this format: 2002:border-router-IPv4-address::/48 For example, if the border-router-IPv4-address is 64.101.64.1, the tunnel interface will have an IPv6 prefix of 2002:4065:4001:1::/64, where 4065:4001 is the hexadecimal equivalent of 64.101.64.1. This technique allows IPv6 sites to communicate with each other over the IPv4 network without explicit tunnel setup but we have to implement it on all routers on the path.
Question 292:
Which two statements about Cisco Express Forwarding load balancing are true? (Choose two)
A. Each hash maps directly to a single entry in the RIB
B. It combines the source IP address subnet mask to create a hash for each destination
C. Cisco Express Forwarding can load-balance over a maximum of two destinations
D. It combines the source and destination IP addresses to create a hash for each destination
E. Each hash maps directly to a single entry in the adjacency table
Correct Answer: DE
Cisco IOS software basically supports two modes of CEF load balancing: On per-destination or perpacket basis. For per destination load balancing a hash is computed out of the source and destination IP address (-> Answer 'It combines the source and destination IP addresses to create a hash for each destination' is correct). This hash points to exactly one of the adjacency entries in the adjacency table (-> Answer 'Each hash maps directly to a single entry in the adjacency table' is correct), providing that the same path is used for all packets with this source/destination address pair. If per packet load balancing is used the packets are distributed round robin over the available paths. In either case the information in the FIB and adjacency tables provide all the necessary forwarding information, just like for non-load balancing operation. The number of paths used is limited by the number of entries the routing protocol puts in the routing table, the default in IOS is 4 entries for most IP routing protocols with the exception of BGP, where it is one entry. The maximum number that can be configured is 6 different paths -> Answer 'Cisco Express Forwarding can load-balance over a maximum of two destinations' is not correct. Reference: https://www.cisco.com/en/US/products/hw/modules/ps2033/ prod_technical_reference 09186a00800afeb7.html
Question 293:
Which two statements about VRF-lite are true? (Choose two)
A. It can support multiple customers on a single switch
B. It supports most routing protocols, including EIGRP, ISIS, and OSPF
C. It should be used when a customer's router is connected to an ISP over OSPF
D. It can increase the packet switching rate
E. It supports MPLS-VRF label exchange and labeled packets
Correct Answer: AC
VRF-lite does not support IGRP and ISIS.
1.
VRF-lite does not support all MPLS-VRF functionality: label exchange, LDP adjacency, or labeled packets.
2.
VRF-lite does not affect the packet switching rate.
3.
The capability vrf-lite subcommand under router ospf should be used when configuring OSPF as the routing protocol between the PE and the CE. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/vrf.html#wp1045190
Question 294:
Refer to the exhibit.
You have just created a new VRF on PE3. You have enabled debug ip bgp vpnv4 unicast updates on PE1, and you can see the route in the debug, but not in the BGP VPNv4 table. Which two statements are true? (Choose two)
A. After you configure route-target import 999:999 for a VRF on PE1, the route will be accepted
B. VPNv4 is not configured between PE1 and PE3
C. address-family ipv4 vrf is not configured on PE3
D. PE1 will reject the route due to automatic route filtering
E. After you configure route-target import 999:999 for a VRF on PE3, the route will be accepted
Correct Answer: AD
Because some PE routers might receive routing information they do not require, a basic requirement is to be able to filter the MP-iBGP updates at the ingress to the PE router so that the router does not need to keep this information in
memory. The Automatic Route Filtering feature fulfills this filtering requirement. This feature is available by default on all PE routers, and no additional configuration is necessary to enable it. Its function is to filter automatically VPN-IPv4 routes
that contain a route target extended community that does not match any of the PE's configured VRFs. This effectively discards any unwanted VPN-IPv4 routes silently, thus reducing the amount of information that the PE has to store in
memory -> Answer 'PE1 will reject the route due to automatic route filtering' is correct.
Reference: MPLS and VPN Architectures Book, Volume 1
The reason that PE1 dropped the route is there is no "route-target import 999:999" command on PE1 (so we see the "DENIED due to: extended community not supported" in the debug) so we need to type this command to accept this route ->
Answer 'After you configure route-target import 999:999 for a VRF on PE1, the route will be accepted' is correct.
Question 295:
Which two statements about VRRP are true? (Choose two)
A. It supports both MD5 and SHA1 authentication.
B. It is assigned multicast address 224.0.0.9.
C. Three versions of the VRRP protocol have been defined.
D. It is assigned multicast address 224.0.0.8.
E. The TTL for VRRP packets must be 255.
F. Its IP address number is 115.
Correct Answer: CE
Question 296:
Which two statements about EIGRP load balancing are true? (Choose two)
A. Cisco Express Forwarding is required to load-balance across interfaces
B. A path can be used for load balancing only if it is a feasible successor
C. EIGRP supports unequal-cost paths by default
D. Any path in the EIGRP topology table can be used for unequal-cost load balancing
E. EIGRP supports 6 unequal-cost paths
Correct Answer: BE
EIGRP provides a mechanism to load balance over unequal cost paths (or called unequal cost load balancing) through the "variance" command. In other words, EIGRP will install all paths with metric < variance * best metric into the local routing table, provided that it meets the feasibility condition to prevent routing loop. The path that meets this requirement is called a feasible successor. If a path is not a feasible successor, it is not used in load balancing. Note: The feasibility condition states that, the Advertised Distance (AD) of a route must be lower than the feasible distance of the current successor route.
Question 297:
Which statement about LISP encapsulation in an EIGRP OTP implementation is true?
A. LISP learns the next hop
B. OTP uses LISP encapsulation to obtain routes from neighbors
C. OTP uses LISP encapsulation for dynamic multipoint tunneling
D. OTP maintains the LISP control plane
Correct Answer: C
The EIGRP Over the Top solution can be used to ensure connectivity between disparate EIGRP sites. This feature uses EIGRP on the control plane and Locator ID Separation Protocol (LISP) encapsulation on the data plane to route traffic across the underlying WAN architecture. EIGRP is used to distribute routes between customer edge (CE) devices within the network, and the traffic forwarded across the WAN architecture is LISP encapsulated. EIGRP OTP only uses LISP for the data plane, EIGRP is still used for the control plane. Therefore we cannot say OTP uses LISP encapsulation for dynamic multipoint tunneling as this requires encapsulating both data and control plane traffic -> Answer 'OTP uses LISP encapsulation for dynamic multipoint tunneling' is not correct. In OTP, EIGRP serves as the replacement for LISP control plane protocols (therefore EIGRP will learn the next hop, not LISP -> Answer 'LISP learns the next hop' is not correct). Instead of doing dynamic EID-to- RLOC mappings in native LISP-mapping services, EIGRP routers running OTP over a service provider cloud create targeted sessions, use the IP addresses provided by the service provider as RLOCs, and exchange routes as EIDs. Let's take an example:
If R1 and R2 ran OTP to each other, R1 would learn about the network 10.0.2.0/24 from R2 through EIGRP, treat the prefix 10.0.2.0/24 as an EID prefix, and take the advertising next hop 198.51.100.62 as the RLOC for this EID prefix. Similarly, R2 would learn from R1 about the network 10.0.1.0/24 through EIGRP, treat the prefix 10.0.1.0/24 as an EID prefix, and take the advertising next hop 192.0.2.31 as the RLOC for this EID prefix. On both routers, this information would be used to populate the LISP mapping tables. Whenever a packet from 10.0.1.0/24 to 10.0.2.0/24 would arrive at R1, it would use its LISP mapping tables just like in ordinary LISP to discover that the packet has to be LISP encapsulated and tunneled toward 198.51.100.62, and vice versa. The LISP data plane is reused in OTP and does not change; however, the native LISP mapping and resolving mechanisms are replaced by EIGRP. Reference: CCIE Routing and Switching V5.0 Official Cert Guide, Volume 1, Fifth Edition
Question 298:
Which EIGRP feature allows the use of leak maps?
A. neighbor
B. stub
C. offset-list
D. address-family
Correct Answer: B
If we configured an EIGRP stub router so that it only advertises connected and summary routes. But we also want to have an exception to this rule then we can configure a leak-map. For example: R4(config-if)#router eigrp 1 R4(config-router)#eigrp stub R4(config)#ip access-list standard R4_L0opback0 R4(config-std-nacl)#permit host 4.4.4.4 R4(config)#route-map R4_L0opback0_LEAKMAP R4(config-route-map)#match ip address R4_L0opback0 R4(config)#router eigrp 1 R4(config-router)#eigrp stub leak-map R4_L0opback0_LEAKMAP As we can see the leak-map feature goes long with `eigrp stub' command.
Question 299:
Refer to the exhibit.
Which IPv6 OSPF network type is applied to interface Fa0/0 of R2 by default?
A. multipoint
B. broadcast
C. Ethernet
D. point-to-point
Correct Answer: B
The Broadcast network type is the default for an OSPF enabled ethernet interface (while Point-to- Point is the default OSPF network type for Serial interface with HDLC and PPP encapsulation). Reference: https:// www.oreilly.com/library/ view/ cisco-ios-cookbook/0596527225/ch08s15.html
Question 300:
Into which two pieces of information does the LISP protocol split the device identity? (Choose two)
A. Device ID
B. Enterprise Identifier
C. LISP ID
D. Routing Locator
E. Resource Location
F. Endpoint Identifier
Correct Answer: DF
Locator ID Separation Protocol (LISP) is a network architecture and protocol that implements the use of two namespaces instead of a single IP address:
+
Endpoint identifiers (EIDs)--assigned to end hosts.
+
Routing locators (RLOCs)--assigned to devices (primarily routers) that make up the global routing system.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 350-401 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.
