2-3: VLANs

Question 1

A network administrator is determining the best placement of VLAN trunk links. Which two types of point-to-point connections utilize VLAN trunking?

Answer 1

between a switch and a server that has an 802.1Q NIC between two switches that utilize multiple VLANs

Question 2

What happens to a port that is associated with VLAN 10 when the administrator deletes VLAN 10 from the switch?

Answer 2

The port becomes inactive.

Question 3

Interface Fa0/1 is connected to a PC. Fa0/2 is a trunk link to another switch. All other ports are unused. Which security best practice did the administrator forget to configure?

Answer 3

All user ports are associated with VLANs distinct from VLAN 1 and distinct from the ‘black-hole’ VLAN.

Question 4

Which command is used to remove only VLAN 20 from a switch?

Answer 4

no vlan 20

Question 5

A Cisco Catalyst switch has been added to support the use of multiple VLANs as part of an enterprise network. The network technician finds it necessary to clear all VLAN information from the switch in order to incorporate a new network design. What should the technician do to accomplish this task?

Answer 5

Delete the startup configuration and the vlan.dat file in the flash memory of the switch and reboot the switch.

Question 6

What is the effect of issuing a switchport access vlan 20 command on the Fa0/18 port of a switch that does not have this VLAN in the VLAN database?

Answer 6

VLAN 20 will be created automatically.

Question 7

Which command displays the encapsulation type, the voice VLAN ID, and the access mode VLAN for the Fa0/1 interface?

Answer 7

show interfaces Fa0/1 switchport

Question 8

Which DTP mode passively waits for the neighbor to initiate trunking?

Answer 8

dynamic auto

Question 9

Which DTP mode requires manual configuration of trunking or non-trunking?

Answer 9

nonegotiate

Question 10

Which DTP mode actively attempts to convert the link to a trunk?

Answer 10

dynamic desirable

Question 11

Which DTP mode is a permanent trunking mode?

Answer 11

trunk

Question 12

Port Fa0/11 on a switch is assigned to VLAN 30. If the command no switchport access vlan 30 is entered on the Fa0/11 interface, what will happen?

Answer 12

Port Fa0/11 will be returned to VLAN 1.

Question 13

What must the network administrator do to remove Fast Ethernet port fa0/1 from VLAN 2 and assign it to VLAN 3?

Answer 13

Enter the switchport access vlan 3 command in interface configuration mode.

Question 14

Which two Layer 2 security best practices would help prevent VLAN hopping attacks?

Answer 14

1. Disable DTP autonegotiation on end-user ports.
2. Change the native VLAN number to one that is distinct from all user VLANs and is not VLAN 1.

Question 15

In a basic VLAN hopping attack, which switch feature do attackers take advantage of?

Answer 15

the default automatic trunking configuration

Question 16

A Cisco switch currently allows traffic tagged with VLANs 10 and 20 across trunk port Fa0/5. What is the effect of issuing a switchport trunk allowed vlan 30 command on Fa0/5?

Answer 16

It allows only VLAN 30 on Fa0/5.

Question 17

A frame is traveling between PC-A and PC-B through the switch. Which statement is true concerning VLAN tagging of the frame?

Answer 17

No VLAN tag is added to the frame.

Question 18

PC-A and PC-B are both in VLAN 60. PC-A is unable to communicate with PC-B. What is the problem?

Answer 18

The VLAN that is used by PC-A is not in the list of allowed VLANs on the trunk.

Question 19

The VLAN that is used by PC-A is not in the list of allowed VLANs on the trunk.

Answer 19

The VLAN that is used by PC-A is not in the list of allowed VLANs on the trunk.

Question 20

Under which two occasions should an administrator disable DTP while managing a local area network?

Answer 20

1. on links that should not be trunking
2. when connecting a Cisco switch to a non-Cisco switch

Question 21

Which two statements are true about VLAN implementation?

Answer 21

1. Devices in one VLAN do not hear the broadcasts from devices in another VLAN.
2. VLANs logically group hosts, regardless of physical location.

Question 22

DLS1 is connected to another switch, DLS2, via a trunk link. A host that is connected to DLS1 is not able to communicate to a host that is connected to DLS2, even though they are both in VLAN 99. Which command should be added to Fa0/1 on DLS1 to correct the problem?

Answer 22

switchport trunk native vlan 66

Question 23

Which switch feature ensures that no unicast, multicast, or broadcast traffic is passed between ports that are configured with this feature?

Answer 23

PVLAN protected port

Question 24

The ___________ command displays the VLAN assignment for all ports as well as the existing VLANs on the switch.

Answer 24

show vlan brief

Question 25

Which three statements accurately describe VLAN types?

Answer 25

1. An 802.1Q trunk port, with a native VLAN assigned, supports both tagged and untagged traffic.
2. A management VLAN is any VLAN that is configured to access management features of the switch.
3. After the initial boot of an unconfigured switch, all ports are members of the default VLAN.

Question 26

Which command should the network administrator implement to prevent the transfer of DTP frames between a Cisco switch and a non-Cisco switch?

Answer 26

S1(config-if)# switchport nonegotiate