Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCNP Switch > CCNP Switch > Flashcards

CCNP Switch Flashcards

1
Q

Refer to the exhibit.

Why are users from VLAN 100 unable to ping users on VLAN 200?

A

Trunking must be enabled on Fa0/1.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which statement is true about RSTP topology changes?

A

Only non-edge ports moving to the forwarding state generate a TC BPDU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Refer to the exhibit.

The link between switch SW1 and switch SW2 is configured as a trunk, but the trunk failed to
establish connectivity between the switches. Based on the configurations and the error messages
received on the console of SW1, what is the cause of the problem?

A

The two ends of the trunk have different native VLAN configurations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

When you create a network implementation for a VLAN solution, what is one procedure that you
should include in your plan?

A

Perform an incremental implementation of components.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You have just created a new VLAN on your network. What is one step that you should include in
your VLAN-based implementation and verification plan?

A

Verify that the VLAN was added on all switches with the use of the show vlan command.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which two statements describe a routed switch port on a multilayer switch? (Choose two.)

A

The port is not associated with any VLAN.

The routed switch port is used when a switch has only one port per VLAN or subnet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

On a multilayer Cisco Catalyst switch, which interface command is used to convert a Layer 3
interface to a Layer 2 interface?

A

switchport

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Refer to the exhibit.

All network links are FastEthernet. Although there is complete connectivity throughout the network,
Front Line users report that they experience slower network performance when accessing the
server farm than the Reception office experiences. Which two statements are true? (Choose two.)

A

Changing the bridge priority of S1 to 36864 would improve network performance.

Changing the bridge priority of S3 to 4096 would improve network performance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Refer to the exhibit.

#interface FastEthernet 0/13
#channel-group 1 mode desirable

What does the command channel-group 1 mode desirable do?

A

enables PAgP unconditionally

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Refer to the exhibit.

Which two statements are true? (Choose two.)

A

Interface gigabitethernet 0/1 does not appear in the show vlan output because it is configured
as a trunk interface.

Traffic on VLAN 2 that is sent out gigabitethernet 0/1 will have an 802.1q header applied.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Refer to the exhibit and the partial configuration of switch SW_A and SW_B.

STP is configured on all switches in the network. SW_B receives this error message on the
console port:
00:06:34: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/5 (not
half duplex), with SW_A FastEthernet0/4 (half duplex), with TBA05071417 (Cat6K-B) 0/4 (half
duplex).

What is the possible outcome of the problem?

A

Interface Fa 0/6 on switch SW_B will transition to a forwarding state and create a bridging loop.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the result of entering the command port-channel load-balance src-dst-ip on an
EtherChannel link?

A

Packets are distributed across the ports in the channel based on both the source and
destination IP addresses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which statement about the Port Aggregation Protocol is true?

A

Configuration changes made on the port-channel interface apply to all physical ports assigned
to the port-channel interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Refer to the Exhibit.

For the configuration shown, which is the recommended method of providing interVLAN routing?

A

configure SVIs on the distribution switches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Under what circumstances should an administrator prefer local VLANs over end-to-end VLANs?

A

Eighty percent of traffic on the network is destined for Internet sites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are some virtues of implementing end-to-end VLANs? (Choose two)

A

Users are grouped into VLANs independent of a physical location

Each VLAN has a common set of security and resource requirements for all members.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following statements is true about the 80/20 rule (Select all that apply)?

A

no more than 20 percent of the network traffic should be able to move across a backbone

80 percent of the traffic on a network segment should be local

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What are three results of issuing the switchport host command? (Choose three.) Select 3
response(s).

A

enables PortFast

disables trunking

disables EtherChannel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Given the configurations on SwitchA and SwitchB, which statement is true?

A

The link is not a trunk link so both interfaces must be on the same VLAN and only that single
VLAN is transmitted across the link.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Given the configurations on SwitchA and SwitchB, which two statements are true? (Choose two.)

A

The trunk is currently using the 802.1q trunking protocol.

By default, all VLANs will be transmitted across this trunk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

A network administrator enters the following switch commands:
Switch(config)#interface range fa0/0-5
Switch(config-if-range)#switchport access vlan 2
What is the result of these commands?

A

One new vlan is created with the vlan number 2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

When a VLAN port configured as a trunk receives an untagged frame, what will happen?

A

The frame will be processed as a native VLAN frame

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

By default, which statement is correct when an IEEE 802.1Q trunk port receives an untagged
frame?

A

The frame is considered in the native VLAN and forwarded to the ports associated with that
VLAN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Refer to the exhibit.

A

The ping command will be successful without any further configuration changes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Refer to the exhibit. VLAN 1 and VLAN 2 are configured on the trunked links between Switch A
and Switch B. Port Fa 0/2 on Switch B is currently in a blocking state for both VLANs. What
should be done to load balance VLAN traffic between Switch A and Switch B?

A

Lower the port priority for VLAN 1 on port 0/2 for Switch A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Refer to the exhibit.

A

Devices connected to interfaces FastEthernet3/1 and FastEthernet3/2 are sending BPDUs with
a superior root bridge parameter and no traffic is forwarded across the ports. After the inaccurate
BPDUs have been stopped, the interfaces automatically recover and resume normal operation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What are three results of issuing the switchport host command? (Choose three.)

A

disables EtherChannel

enables PortFast

disables trunking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Refer to the exhibit.

All links in this network are layer 2, fast Ethernet 100 Mb/s and operating as trunks. After a failure,
the link between ASW-1 and DSW-1 has incorrectly come back up at 10Mb/s although it is
connected.
Which one of the following will occur as a result of this failure?

A

ASW-1 will block Fa0/23 in order to maintain the shortest path to the root bridge DSW-1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

What is the result of entering the command spanning-tree loopguard default?

A

The command changes the status of loop guard from the default of disabled to enabled.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What is the effect of applying the switchport trunk encapsulation dot1q command to a port on a
Cisco Catalyst switch?

A

The interface supports the reception of tagged and untagged traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Refer to the exhibit.

Switch S1 has been configured with the command spanning-tree mode rapid-pvst. Switch S3 has
been configured with the command spanning-tree mode mst. Switch S2 is running the IEEE
802.1D instance of Spanning Tree. What is the result?

A

Switches S1, S2, and S3 can pass traffic between themselves.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Which statement about 802.1Q trunking is true?

A

In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Refer to the exhibit.

Which three statements are true? (Choose three.)

A

A trunk link will be formed.

The native VLAN for switch B is VLAN 1.

DTP packets are sent from switch B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

The Company LAN is becoming saturated with broadcasts and multicast traffic. What could you
do to help a network with many multicasts and broadcasts?

A

Creating smaller broadcast domains by implementing VLANs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

You are the network administrator tasked with designing a switching solution for the Company
network. Which of the following statements describing trunk links are INCORRECT? (Select all
that apply)

A

The trunk link belongs to a specific VLAN.
Multiple trunk links are used to connect multiple end user devices.
A trunk link only supports native VLAN.
Trunk links use 802.10 to identify a VLAN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Which of the following specifications is a companion to the IEEE 802.1w Rapid Spanning Tree
Protocol (RSTP) algorithm, and warrants the use multiple spanning-trees?

A

IEEE 802.1s (MST)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Which of the following specification will allow you to: associate VLAN groups to STP instances so
you can provide multiple forwarding paths for data traffic and enable load balancing?

A

IEEE 802.1s (MST)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Which two statements correctly describe VTP? (Choose two.)

A

Transparent mode always has a configuration revision number of 0.

Client mode synchronizes its VLAN database from VTP advertisements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Which two DTP modes permit trunking between directly connected switches? (Choose two.)

A

dynamic desirable (VTP domain A) to dynamic desirable (VTP domain A)

nonegotiate (VTP domain A) to nonegotiate (VTP domain B)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Which two RSTP port roles include the port as part of the active topology? (Choose two.)

A

root
designated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Which two statements correctly describe characteristics of the PortFast feature? (Choose two.)

A

PortFast can also be configured on trunk ports

PortFast is used for STP and RSTP host ports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Which statement correctly describes the Cisco implementation of RSTP?

A

RSTP is enabled globally and uses existing STP configuration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

You are the administrator of a switch and currently all host-connected ports are configured with the
portfast command. You have received a new directive from your manager that states that, in the
future, any host-connected port that receives a BPDU should automatically disable PortFast and
begin transmitting BPDUs. Which command will support this new requirement?

A

Switch(config)#spanning-tree portfast bpdufilter default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

A port in a redundant topology is currently in the blocking state and is not receiving BPDUs. To
ensure that this port does not erroneously transition to the forwarding state, which command
should be configured?

A

Switch(config)#spanning-tree loopguard default

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Which command can be issued without interfering with the operation of loop guard?

A

Switch(config-if)#switchport mode trunk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Which statement is a characteristic of multi-VLAN access ports?

A

The port hardware is set as an 802.1Q trunk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Which two statements are true about recommended practices that are to be used in a local VLAN
solution design where layer 2 traffic is to be kept to a minimum? (Choose two.)

A

Routing may be performed at all layers but is most commonly done at the core and distribution
layers.

VLANs should be local to a switch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Refer to the exhibit.

BPDUGuard is enabled on both ports of SwitchA. Initially, LinkA is connected and forwarding
traffic. A new LinkB is then attached between SwitchA and HubA. Which two statements about the
possible result of attaching the second link are true? (Choose two.)

A

One or both of the two switch ports attached to the hub goes into the err-disabled state when a
BPDU is received

A heavy traffic load could cause BPDU transmissions to be blocked and leave a switching loop.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

What action should a network administrator take to enable VTP pruning on an entire management
domain?

A

Enable VTP pruning on a VTP server in the management domain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

How does VTP pruning enhance network bandwidth?

A

by reducing unnecessary flooding of traffic to inactive VLANs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Refer to the exhibit.

The network operations center has received a call stating that users in VLAN 107 are unable to
access resources through router 1. What is the cause of this problem?

A

VTP is pruning VLAN 107.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

What two things occur when an RSTP edge port receives a BPDU? (Choose two.)

A

The switch generates a Topology Change Notification BPDU.

The port becomes a normal STP switch port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

What is the effect of configuring the following command on a switch?
Switch(config) # spanning-tree portfast bpdufilter default

A

If BPDUs are received by a port configured for PortFast, then PortFast is disabled and the
BPDUs are processed normally.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Which statement correctly describes enabling BPDU guard on an access port that is also enabled
for PortFast?

A

If the port receives a BPDU, it is placed into the error-disable state.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Which three items are configured in MST configuration submode? (Select three)

A

Region name
Configuration revision number

VLAN instance map

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

By default, all VLANs will belong to which MST instance when using Multiple STP?

A

MST00

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Which MST configuration statement is correct?

A

MST configurations can be propagated to other switches using VTP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

Which trunking protocol inserts a four byte tag into the Ethernet frame and recalculates the CRC
value?

A

802.1Q

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

Which description correctly describes a MAC address flooding attack?

A

Frames with unique, invalid source MAC addresses flood the switch and exhaust CAM table
space. The result is that new entries cannot be inserted because of the exhausted CAM table
space, and traffic is subsequently flooded out all ports.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

Refer to the exhibit.

An attacker is connected to interface Fa0/11 on switch A-SW2 and attempts to establish a DHCP
server for a man-in-middle attack. Which recommendation, if followed, would mitigate this type of
attack?

A

All switch ports connecting to hosts in the Building Access block should be configured as DHCP
untrusted ports.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

Refer to the exhibit.

A

The switch ports 3/1 and 3/2 are defined as secondary VLAN isolated ports. The ports
connecting to the two firewalls are defined as primary VLAN promiscuous ports.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

What does the command udld reset accomplish?

A

resets all UDLD enabled ports that have been shutdown

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

Refer to the exhibit.

Dynamic ARP Inspection is enabled only on switch SW_A. Host_A and Host_B acquire their IP
addresses from the DHCP server connected to switch SW_A. What would the outcome be if
Host_B initiated an ARP spoof attack toward Host_A?

A

The spoof packets are not inspected at the ingress port of switch SW_A and are permitted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

Which statement is true about Layer 2 security threats?

A

MAC spoofing attacks allow an attacking device to receive frames intended for a different
network host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

On a Company switch named R1 you configure the following:
ip arp inspection vlan 10-12, 15
What is the purpose of this global configuration command made on R1?

A

Intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

Refer to the exhibit.

Which two of the following statements are true? (Choose two)

A

DHCP snooping is enabled for a single Vlan

Option 82 is enabled for a VLAN 155

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

What are two methods of mitigating MAC address flooding attacks? (Choose two.)

A

Implement port security.
Implement VLAN access maps

74
Q

What is one method that can be used to prevent VLAN hopping?

A

Explicitly turn off DTP on all unused ports.

75
Q

Why is BPDU guard an effective way to prevent an unauthorized rogue switch from altering the
spanning-tree topology of a network?

A

BPDU guard can be utilized along with PortFast to shut down ports when a switch is connected
to the port.

76
Q

What two steps can be taken to help prevent VLAN hopping? (Choose two.)

A

Place unused ports in a common unrouted VLAN

Prevent automatic trunk configurations

77
Q

When an attacker is using switch spoofing to perform VLAN hopping, how is the attacker able to
gather information?

A

The attacking station uses DTP to negotiate trunking with a switch port and captures all traffic
that is allowed on the trunk.

78
Q

Refer to the exhibit.

DHCP snooping is enabled for selected VLANs to provide security on the network. How do the
switch ports handle the DHCP messages?

A

A DHCP packet received on ports Fa2/1 and Fa2/2 is forwarded without being tested

79
Q

Which three statements about Dynamic ARP Inspection are true? (Choose three.)

A

It determines the validity of an ARP packet based on the valid MAC address-to-IP address
bindings stored in the DHCP snooping database.
It forwards all ARP packets received on a trusted interface without any checks.

It intercepts all ARP packets on untrusted ports

80
Q

You are tasked with designing a security solution for your network. What information should be
gathered before you design the solution?

A

a list of the customer requirements

81
Q

Which two components should be part of a security implementation plan? (Choose two.)

A

a Layer 2 spanning-tree design topology
rollback guidelines

82
Q

When creating a network security solution, which two pieces of information should you have
obtained previously to assist in designing the solution? (Choose two.)

A

a list of existing network applications currently in use on the network

network audit results to uncover any potential security holes

83
Q

What action should you be prepared to take when verifying a security solution?

A

having a rollback plan in case of unwanted or unexpected results

84
Q

When you enable port security on an interface that is also configured with a voice VLAN, what is
the maximum number of secure MAC addresses that should be set on the port?

A

No more than two secure MAC addresses should be set.

85
Q

Refer to the exhibit.

From the configuration shown, what can be determined?

A

The remaining secure MAC addresses are learned dynamically, converted to sticky secure
MAC addresses, and added to the running configuration.

86
Q

By itself, what does the command aaa new-model enable?

A

It globally enables AAA on the switch, with default lists applied to the VTYs.

87
Q

What is needed to verify that a newly implemented security solution is performing as expected?

A

results from audit testing of the implemented solution

88
Q

When configuring port security on a Cisco Catalyst switch port, what is the default action taken by
the switch if a violation occurs?

A

shut down (access or trunk port)

89
Q

Refer to the exhibit

What happens when one more user is connected to interface FastEthernet 5/1?

A

The interface is placed into the error-disabled state immediately, and an SNMP trap notification
is sent.

90
Q

Refer to the exhibit.

What happens to traffic within VLAN 14 with a source address of 172.16.10.5?

A

The traffic is dropped

91
Q

What does the global configuration command ip arp inspection vlan 10-12, 15 accomplish?

A

intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings

92
Q

The DAI feature has been implemented in the ACME switched LAN. Which three statements are
true about the dynamic ARP inspection (DAI) feature? (Select three)

A
  • DAI can be performed on ingress ports only.
  • DAI is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports.

-DAI should be configured on all access switch ports as untrusted and on all switch ports
connected to other switches as trusted.

93
Q

You are implementing basic switch security best practices. Which of these is a tactic that you can
use to mitigate compromises from being launched through the switch?

A

Proactively configure unused switch ports as access ports.

94
Q

Which three statements apply to access control of both bridged and routed traffic for VLANs?

(Choose three.)

A
  • Router ACLs can be applied to the input and output directions of a VLAN interface.
  • Only router ACLs can be applied to a VLAN interface.
  • VLAN maps and router ACLs can be used in combination.
95
Q

Refer to the exhibit. Which statement is true about the show running-config output?

A

Interface FastEthernet0/6 is configured for port-based authentication.

96
Q

Refer to the exhibit.
The show port-security interface fa0/1 command was issued on switch SW1. Given the output
that was generated, which two security statement are true? (Choose two.)

A

-Interface FastEthernet 0/1 was configured with the switchport port-security protect command.
-When the number of secure MAC addresses reaches 10, packets from unknown MAC
addresses will be dropped.

97
Q

What is a characteristic of a VLAN map that does not contain a match clause?

A

implicit forward feature at end of list

98
Q

Which three items are types of PVLAN ports? (Choose three.)

A

community
isolated
promiscuous

99
Q

Which optional feature of an Ethernet switch disables a port on a point-to-point link if the port does
not receive traffic while Layer 1 status is up?

A

UDLD aggressive mode

100
Q

When configuring private VLANs, which configuration task must you do first?

A

Set the VTP mode to transparent.

101
Q

Which statement about the configuration and application of port access control lists is true?

A

When you apply a port ACL to a trunk port, the ACL filters traffic on all VLANs present on the
trunk port.

102
Q

Refer to the exhibit.

Which statement about the command output is true?

A

The port is operational and has reached its configured maximum allowed number of MAC
addresses.

103
Q

Refer to the exhibit.

Which statement is true?

A

All VLAN traffic in VLANs 5-10 that match access list ABC is forwarded, and all other traffic is
dropped.

104
Q

Refer to the exhibit.

What can be concluded about VLANs 200 and 202?

A

VLAN 202 carries traffic from promiscuous ports to isolated, community, and other promiscuous
ports in the same VLAN. VLAN 200 carries traffic from isolated ports to a promiscuous port.

105
Q

A switch has been configured with PVLANs. With what type of PVLAN port should the default
gateway be configured?

A

promiscuous

106
Q

Refer to the exhibit.

Which statement about the private VLAN configuration is true?

A

VLAN 502 is a secondary VLAN.

107
Q

Which Cisco IOS command globally enables port-based authentication on a switch?

A

dot1x system-auth-control

108
Q

Private VLANS can be configured as which three of these port types? (Choose three.)

A

isolated

promiscuous

community

109
Q

What is the method used to filter traffic being bridged within a VLAN?

A

VLAN maps

110
Q

Which statement about when standard access control lists are applied to an interface to control
inbound or outbound traffic is true?

A

They use source IP information for matching operations.

111
Q

Refer to the exhibit.

Which two statements about this Layer 3 security configuration example are true? (Choose two.)

A

Source IP and MAC filtering on VLANs 10 and 11 will occur.

IP Source Guard is enabled

112
Q
A
113
Q

A network administrator wants to configure 802.1x port-based authentication, however, the client
workstation is not 802.1x compliant. What is the only supported authentication server that can be
used?

A

RADIUS with EAP extensions

114
Q

Which statement about 802.1x port-based authentication is true?

A

RADIUS is the only supported authentication server type.

115
Q

In the use of 802.1X access control, which three protocols are allowed through the switch port
before authentication takes place? Select three.

A

STP
CDP

EAP-over-LAN

116
Q

Which two characteristics apply to Cisco Catalyst 6500 Series Switch supervisor redundancy
using NSF? (Choose two.)

A

uses the FIB table

prevents route flapping

117
Q

Which statement best describes implementing a Layer 3 EtherChannel?

A

Implementation requires disabling switchport mode.

118
Q

Refer to the exhibit.

You have configured an interface to be an SVI for Layer 3 routing capabilities. Assuming that all
VLANs have been correctly configured, what can be determined?

A

The configured port is excluded in the calculation of the status of the SVI.

119
Q

Refer to the exhibit.

Which statement is true?

A

SVI VLAN 30 connects directly to the 10.1.30.0/24 network due to a valid glean adjacency

120
Q

show eigrp neighbors

Refer to exhibit as:

EIGRP-IPV4:(20) neighbors for process 20
Which statement about the EIGRP routing being performed by the switch is true?

A

The switch has not established any neighbor relationships. Further network testing and
troubleshooting must be performed to determine the cause of the problem.

121
Q

You have configured a Cisco Catalyst switch to perform Layer 3 routing via an SVI and you have
assigned that interface to VLAN 20. To check the status of the SVI, you issue the show interfaces
vlan 20 command at the CLI prompt. You see from the output display that the interface is in an
up/up state. What must be true in an SVI configuration to bring the VLAN and line protocol up?

A

At least one port in VLAN 20 must be active

122
Q

Refer to the exhibit, which is from a Cisco Catalyst 3560 Series Switch.
Which statement about the Layer 3 routing functionality of the interface is true?

A

The interface is configured correctly for Layer 3 routing capabilities

123
Q

Refer to the exhibit.

Host A and Host B are connected to the Cisco Catalyst 3550 switch and have been assigned to
their respective VLANs. The rest of the 3550 configuration is the default configuration. Host A is
able to ping its default gateway, 10.10.10.1, but is unable to ping Host B. Given the output in the
exhibit, which statement is true?

A

The global configuration command ip routing must be configured on the SW1 switch.

124
Q

Which three statements about routed ports on a multilayer switch are true? (Choose three.)

A

A routed port takes an IP address assignment.
A routed port can be configured with routing protocols.

A routed port is a physical interface on the multilayer switch.

125
Q

Which two steps are necessary to configure inter-VLAN routing between multilayer switches?

(Choose two.)

A

Configure a dynamic routing protocol.
Configure SVI interfaces with IP addresses and subnet masks.

126
Q

When configuring a routed port on a Cisco multilayer switch, which configuration task is needed to
enable that port to function as a routed port?

A

Enter the no switchport command to disable Layer 2 functionality at the interface level.

127
Q

A standalone wireless AP solution is being installed into the campus infrastructure. The access
points appear to boot correctly, but wireless clients are not obtaining correct access. You verify
that this is the local switch configuration connected to the access point:
interface ethernet 0/1
switchport access vlan 10
switchport mode access
spanning-tree portfast
mls qos trust dscp
What is the most likely cause of the problem?

A

switchport mode should be defined as “trunk” with respective QoS.

128
Q

During the implementation of a voice solution, which two required items are configured at an
access layer switch that will be connected to an IP phone to provide VoIP communication?
(Choose two.)

A

untagged VLAN
auxiliary VLAN

129
Q

Which two statements best describe Cisco IOS IP SLA? (Choose two.)

A

measures delay, jitter, packet loss, and voice quality
provides active monitoring

130
Q

Which two items best describe a Cisco IOS IP SLA responder? (Choose two.)

A

improves measurement accuracy
required for VoIP jitter measurements

131
Q

What does the interface subcommand switchport voice vlan 222 indicate?

A

The port is configured for both data and voice traffic.

132
Q

This is a drag and drop question which is about the correct sequence of steps that a wireless client
takes during the process of association with an access point (AP). Drag the items to the proper
locations.

A
133
Q

A campus infrastructure supports wireless clients via Cisco Aironet AG Series 1230, 1240, and
1250 access points. With DNS and DHCP configured, the 1230 and 1240 access points appear to
boot and operate normally. However, the 1250 access points do not seem to operate correctly.
What is the most likely cause of this problem?

A

PoE

134
Q

A network is deployed using recommended practices of the enterprise campus network model,
including users with desktop computers connected via IP phones. Given that all components are
QoS-capable, where are the two optimal locations for trust boundaries to be configured by the
network administrator? (Choose two.)

A

IP phone
access layer switch

135
Q
A
136
Q

Refer to the exhibit.
Assume that Switch_A is active for the standby group and the standby device has only the default
HSRP configuration. Which statement is true?

A

If port Fa1/1 on Switch_A goes down, the new priority value for the switch would be 190.

137
Q

Refer to the exhibit.

GLBP has been configured on the network. When the interface serial0/0/1 on router R1 goes
down, how is the traffic coming from Host1 handled?

A

The traffic coming from Host1 and Host2 is forwarded through router R2 with no disruption

138
Q

Refer to the exhibit and the partial configuration on routers R1 and R2.

HSRP is configured on the network to provide network redundancy for the IP traffic. The network
administrator noticed that R2 does not become active when the R1 serial0 interface goes down.
What should be changed in the configuration to fix the problem?

A

The Serial0 interface on router R1 should be configured with a decrement value of 20

139
Q

The following command was issued on a router that is being configured as the active HSRP
router.

standby ip 10.2.1.1
Which statement about this command is true?

A

The HSRP MAC address will be 0000.0c07.ac00

140
Q

hostname Switch1
interface Vlan10
ip address 172.16.10.32 255.255.255.0
no ip redirects
standby 1 ip 172.16.10.110
standby 1 timers msec 200 msec 700
standby 1 preempt
hostname Switch2
interface Vlan10
ip address 172.16.10.33 255.255.255.0
no ip redirects
standby 1 ip 172.16.10.110
standby 1 timers msec 200 msec 750
standby 1 priority 110
standby 1 preempt
hostname Switch3
interface Vlan10
ip address 172.16.10.34 255.255.255.0
no ip redirects
standby 1 ip 172.16.10.110
standby 1 timers msec 200 msec 750
standby 1 priority 150
standby 1 preempt
Refer to the above. Three switches are configured for HSRP.
Switch1 remains in the HSRP listen state. What is the most likely cause of this status?

A

This is normal operation

141
Q

Jan 9 08:00:42.623: %STANDBY-6-STATECHANGF. Standby: 49:
Vlan149 state Standby -> Active
Jan 9 08:00:56.011: %STANDBY-6-STATECHANGF. Standby: 49:
Vlan149 state Active -> Speak
Jan 9 08:01:03.011: %STANDBY-6-STATECHANGF. Standby: 49:
Vlan149 state Speak -> Standby
Jan 9 08:01:29.427: %STANDBY-6-STATECHANGF. Standby: 49:
Vlan149 state Standby -> Active
Jan 9 08:01:36.808: %STANDBY-6-STATECHANGF. Standby: 49:
Vlan149 state Active -> Speak
Jan 9 08:01:43.808: %STANDBY-6-STATECHANGF. Standby: 49:
Vlan149 state Speak -> Standby
What conclusion can you infer from this information?

A

HSRP is not exchanging three hello messages properly

142
Q

Refer to the exhibit.
Which statement best describes first-hop redundancy protocol status?

A

HSRP is configured for group 11.

143
Q

In the hardware address 0000.0c07.ac0a, what does 07.ac represent?

A

HSRP well-known virtual MAC address

144
Q

Which protocol will enable a group of routers to form a single virtual router and will use the real IP
address of a router as the gateway address?

A

VRRP

145
Q

Refer to the exhibit.
What can be determined about the HSRP relationship from the displayed debug output?

A

The preempt feature is not enabled on the 172.16.11.111 router.

146
Q

Refer to the exhibit.
Based on the debug output, which three statements about HSRP are true? (Choose three.)

A

The final active router is the router with IP address 172.16.11.111.
The router with IP address 172.16.11.111 has preempt configured.
The IP address 172.16.11.115 is the virtual HSRP IP address.

147
Q

Refer to the exhibit.
Which two problems are the most likely cause of the exhibited output? (Choose two.)

A

HSRP misconfiguration
physical layer issues

148
Q

Which two statements about HSRP, VRRP, and GLBP are true? (Choose two.)

A

-GLBP allows for router load balancing of traffic from a network segment without the different
host IP configurations needed to achieve the same results with HSRP.

-Unlike HSRP and VRRP, GLBP allows automatic selection and simultaneous use of multiple
available gateways.

149
Q

Which two statements about HSRP are true? (Choose two.)

A

Load sharing with HSRP is achieved by creating HSRP groups on the HSRP routers.
Routers configured for HSRP can belong to multiple groups and multiple VLANs.

150
Q

Refer to the exhibit.
Both routers are configured for the GLBP. Which statement is true?

A

The default gateway address of each host should be set to the virtual IP address.

151
Q

hostname Switch1
interface Vlan10
ip address 172.16.10.32 255.255.255.0
no ip redirects
standby 1 ip 172.16.10.110
standby 1 timers 1 5
standby 1 priority 130
hostname Switch2
interface Vlan10
Âip address 172.16.10.33 255.255.255.0
no ip redirects
standby 1 ip 172.16.10.110
standby 1 timers 1 5
standby 1 priority 120
Refer to the above. HSRP was implemented and configured on two switches while scheduled
network maintenance was performed.
After the two switches have finished rebooting, you notice via show commands that Switch2 is the
HSRP active router. Which two items are the most likely cause of Switch1 not becoming the active
router? (Choose two.)

A

Booting has been delayed.
Preemption is disabled.

152
Q

Which protocol allows for the automatic selection and simultaneous use of multiple available
gateways as well as automatic failover between those gateways?

A

GLBP

153
Q

Match the HSRP states on the left with the correct definition on the right.

A
154
Q
A
155
Q

What are three possible router states of HSRP routers on a LAN? (Choose three.)

A

standby

active

initial

156
Q

Which statement describes Virtual Router Redundancy Protocol (VRRP)?

A

A VRRP group has one master and one or more backup virtual routers.

157
Q 
What three tasks will a network administrator perform to successfully configure Hot Standby
Routing Protocol (HSRP)? (Choose three.)
A

Define the standby router

Define the standby IP address
Enable HSRP

158
Q

Which three protocols have been developed for IP routing redundancy to protect against first-hop
router failure? (Choose three.)

A

HSRP
VRRP
GLBP

159
Q

Which command will ensure that External_B will be the primary router for traffic using the gateway
address of 172.16.15.20?

A

On External_A add the command standby 1 priority 80

160
Q

Which describes the default load balancing scheme used by the Gateway Load Balancing Protocol
(GLBP)?

A

per host basis using a round-robin scheme

161
Q

Which First Hop Redundancy protocol cannot be configured for interface tracking?

A

VRRP

162
Q

Which high availability service is verified by the show standby command?

A

HSRP

163
Q

Observe the topology in the exhibit. HSRP is configured between RTB and RTC with RTC as the
active router. SW2 is configured as the root bridge for the Spanning Tree Protocol. What will
happen if the serial connection on RTC is down?

A

RTB and RTC will flap between active and standby because the timers for STP are greater than
the timers for HSRP.

164
Q

What is the maximum number of HSRP standby groups that can be configured on a Cisco router?

A

256

165
Q

Refer to the exhibit. What statement is true based upon the configuration of router R1 and router
R2?

A

Router R1 will become the active virtual gateway.

166
Q

Refer to the exhibit. Routers R1 and R2 are configured in an HSRP group to provide redundancy
for the users on Network A. The T1 link between R1 and Network B has failed. How will HSRP
respond to the failure?

A

R2 will assume the role of active router and will use its T1 link to forward the traffic to Network
B.

167
Q

Refer to the exhibit. HSRP has been configured and Link A is the primary route to router R4.
When Link A fails, router R2 (Link B) becomes the active router. Which router will assume the
active role when Link A becomes operational again?

A

The primary router R1 will reassume the active role when it comes back online.

168
Q

Refer to the exhibit. Which two sets of procedures are best practices for Layer 2 and 3 failover
alignment? (Choose two.)
Cisco 642-813 Exam

A

-Configure the D-SW1 switch as the active HSRP router and the STP root for VLANs 11 and
110. Configure the D-SW2 switch as the active HSRP router and the STP root for VLANs 12 and
120.
-Configure the D-SW1 switch as the standby HSRP router and the backup STP root for VLANs
12 and 120. Configure the D-SW2 switch as the standby HSRP router and the backup STP root
for VLANs 11 and 110.

169
Q

Which two statements about HSRP priority are true? (Choose two.)

A

-The no standby priority command assigns a priority of 100 to the router.
-When two routers in an HSRP standby group are configured with identical priorities, the router
with the highest configured IP address becomes the active router.

170
Q

Which two items are most important for managing the long-term success of high availability?

(Choose two.)

A

company and user expectations
change control processes

171
Q

Which four statements about this GLBP topology are true? (Choose four.)

A

-Router A is responsible for answering ARP requests sent to the virtual IP address.
-If router A becomes unavailable, router B forwards packets sent to the virtual MAC address of
router A.
-If another router is added to this GLBP group, there would be two backup AVGs.
-Router A alternately responds to ARP requests with different virtual MAC addresses.

172
Q

Which VRRP statement about the roles of the master virtual router and the backup virtual router is
true?

A

Router A is the master virtual router, and Router B is the backup virtual router. When Router A
fails, Router B will become the master virtual router. When Router A recovers, it will regain the
master virtual router role.

173
Q

In the MAC address 0000.0c07.ac03, what does the “03” represent?

A

HSRP group number

174
Q

Host A has sent an ARP message to the default gateway IP address 10.10.10.1. Which statement
is true?

A

DSw2 replies with the MAC address of the next AVF

175
Q

In which three HSRP states do routers send hello messages? (Choose three.)

A

standby
speak
active

176
Q

The VLANs in switch TK1 are being modified. Which of the following are updated in TK1
every time a VLAN is modified? (Select all that apply)

A

Configuration revision number
Configuration revision database

177
Q

What is a characteristic of assigning a static VLAN membership?

A

Easy to configure

178
Q

Static VLANs are being used on the TestKing network. What is true about static VLANs?

A

Attached devices are unaware of any VLANs

179
Q

You need to investigate a VTP problem between two TestKing switches. The lack of which
two prevents VTP information from propagating between switches? (Select two)

A

A trunk port
VLAN 1

180
Q

TK1 and TK2 are switches that communicate via VTP. What is the default VTP
advertisement intervals in Catalyst switches that are in server or client mode?

A

5 minutes

181
Q
A

CCNP Switch (1 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions