Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CCNA ICND1 > LAN Switching Fundamentals > Flashcards

LAN Switching Fundamentals Flashcards

1
Q

What commands are used to troubleshoot err-disabled for port state recovery? (Choose all that apply.)

A. show interfaces status err-disabled

B. show etherchannel summary

C. show detect errdisable

D. show errdisable recovery

A

A. show interfaces status err-disabled
B. show etherchannel summary
D. show errdisable recovery

The following commands are used to troubleshoot err-disabled for port state recovery:

1) show etherchannel summary
2) show errdisable recovery
3) show interfaces status err-disabled

The “show interfaces status err-disabled” command displays the local ports involved in the errdisabled state. The “show etherchannel summary” command displays the current status of the etherchannel. The “show errdisable recovery” command shows the period after which the interfaces are enabled for errdisable conditions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An administrator wants a switch to advertise information about itself to other devices on the network. What commands need to be configured on the switch to accomplish the task?

A. configure terminal
lldp run
end

B. configure terminal
interface fa0-24
lldp
end

C. configure terminal
lldp enable
end

D. configure terminal
lldp transmit
end

A

A. configure terminal
lldp run
end
For a switch to advertise information about itself to other devices on a network, an administrator needs to configure the following commands on the switch.

configure terminal
lldp run
end

Link Layer Discovery Protocol (LLDP) is a neighbor discovery protocol that network devices use to provide information about themselves to other devices on the network. LLDP must be enabled on a device before being enabled or disabled on any interface. LLDP is a non-proprietary discovery protocol that supports multi-vendor networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A new Cisco IOS switch needs to be configured at a San Jose site. Which command is configured on the switch interface to disable auto-negotiation? (Choose all that apply)

A. duplex full

B. speed 100

C. no auto-negotiation

D. auto-negotiation disable

A

A. duplex full
C. no auto-negotiation

To disable auto-negotiation on the switch interface, an administrator needs to configure the following commands under the interface subcommand:

speed 100
duplex full

The default setting for the switch interface is set to duplex, auto, and speed auto. An administrator can’t set a duplex value until the speed is set to a non-default value.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

If a packet is received with the destination MAC address as 1235.ad89.cdb3 on the switch port fa0/20, what action will the switch take? (Choose all that apply.) The output of the MAC address table is shown as follows:

switch#show mac address-table

VLAN Mac-address Ports
1 12dc.45ad.bc78.acd4 fa0.15
1 15ed.cba3.da46.1567 fa0.20
1 00AC.1247.f567.3AC4 fa0.19
1 00aa.1234.cdb5.eacd fa0.21

A. It will forward the packet port fa0.15.

B. It will drop the packet.

C. It will forward the packet to port fa0.19 and fa0.21.

D. It will forward the packet to all the destination listed in the MAC address table.

A

A. It will forward the packet port fa0.15.
C. It will forward the packet to port fa0.19 and fa0.21.

The switch will forward the received packet to the devices connected to switch ports fa0.15, fa0.19, and fa0.21.

The MAC address table does not contain the destination MAC address 1235.ad89.cdb3 to which the packet needs to be transferred. Hence, the switch will forward the packet to all the devices listed in the MAC address table, expect the port on which it has received the packet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What fields define a typical Ethernet frame format? (Choose all that apply.)

A. Frame Check Sequence

B. Type

C. Preamble

D. Physical Layer Compatibility

A

A. Frame Check Sequence
B. Type
C. Preamble

Preamble, Frame Check Sequence, and Type define a typical Ethernet frame format.

Preamble consists of seven bytes. It uses an alternating pattern of ones and zeros, which notifies the receiving stations that a frame is coming. The frame check sequence consists of four bytes. The sequence contains a 32-bit cyclic redundancy check (CRC) value. The frame check sequence is generated across the destination address, source address, length/type, and data fields. Length/Type consists of two bytes. The field indicates the number of MAC client data bytes contained in the data field of the frame.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An administrator needs to configure a Cisco IOS switch that supports IEEE 802.1q frame tagging. What command needs to be configured on the trunk interface for a trunk to use 802.1q?

A. switchport trunk encapsulation dot1q

B. switchport trunk encapsulation negotiate

C. switchport trunk encapsulation 802.1q

D. switchport trunk encapsulation isl

A

A. switchport trunk encapsulation dot1q

The switchport trunk encapsulation dot1q command needs to be configured on the trunk interface for a trunk to use 802.1q frame tagging.

The trunk port is used to carry traffic for all VLANs accessed by a switch. 802.1Q and ISL are the types of encapsulations configured on a switch trunk port. Dot1q defines the interface to use only 802.1Q trunking encapsulation, whereas ISL defines the interface to use only ISL trunking encapsulation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The manager of a sales team wants to restrict the LAN connection to each computer on the floor. What configuration commands need to be executed on the switch port to prohibit computers and laptops from being connected to other ports?

A. switch(config-if)#switchport security mac-address

B. switchport(config-if)#switchport port-security VLAN Sales

C. switchport(config-if)#switchport port-security mac-address AAAA.BBBB.CCCC

D. switchport(config-if)#switchport port-security fa0/0

A

C. switchport(config-if)#switchport port-security mac-address AAAA.BBBB.CCCC

The switch(config-if)#switchport port-security mac-address AAAA.BBBB.CCCC command needs to be executed on each port for every MAC address. The port security feature is used to restrict a computer from entering an interface by limiting and identifying the MAC addresses of the workstations that are allowed to access the port. The administrator can limit the number of secure MAC addresses to ‘one’ by assigning a single secure MAC address. The workstation attached to that port is assured the full bandwidth of the port.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The MAC address table of a newly installed Cisco IOS switch at a remote site is empty. Five computers are connected to the switch. Which statements are true with regard to updating the MAC-address table? (Choose all that apply)

A. Determine whether to forward or drop the frame based on the destination MAC address.

B. Create an entry in a table if the source MAC address and the interface on which the frame has received the On switch don’t exist.

C. The destination MAC address is always ignored during the MAC learning process.

D. Listen to the incoming frame and examine the source MAC-address in the frame.

A

B. Create an entry in a table if the source MAC address and the interface on which the frame has received the On switch don’t exist.
C. The destination MAC address is always ignored during the MAC learning process.
D. Listen to the incoming frame and examine the source MAC-address in the frame.

The following statements are true with regard to updating the MAC-address table.

1) Listen to the incoming frame and examine the source MAC-address in the frame.
2) Create an entry in a table, if the source MAC-address and the interface on which the frame has received the on switch don’t exist.
3) The destination MAC addresses is always ignored during the MAC learning process.

The two main functions of a switch are determining whether to forward or drop the frame based on the destination Mac-address and learning the MAC addresses and interfaces to update its MAC-address table.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

An administrator needs to configure the port security feature on an IOS switch. Which steps should the administrator follow to configure the static MAC address for port security?

A. 1) Ensure the switch port used is an access port.
2) Configure the switchport port-security command at the interface level.
3) Define the port security parameters.
4) Use switchport port-security mac-address [mac-address_id] command to define
MAC-address.

B. 1) Define the port as dynamic desirable.

2) Configure the port-security command on the switch port level.
3) Enable port security on define port.    4) Use the switchport mac-address command to define the MAC-address.

C. 1) Configure the port as an STP port.
2) Define the port security parameters.
3) List the MAC-address statically using the command mac-address switch-port secure.
4) Configure the switchport port-security command under the global configuration
mode.

D. 1) Use the switch port mode access command to configure the switch port.
2) Define the port security parameters.
3) Configure the port-security enable command under the global configuration mode.
4) List the MAC-address statically using the command switch-port secure mac-
address_id.

A

A. 1) Ensure the switch port used is an access port.
2) Configure the switchport port-security command at the interface level.
3) Define the port security parameters.
4) Use switchport port-security mac-address [mac-address_id] command to define
MAC-address.

The following steps help configure the port security feature on a Cisco IOS switch:

1) Ensure the switch port used is an access port.
2) Configure the switchport port-security command at the interface level.
3) Define the port security parameters.
4) Use the switchport port-security mac-address [mac-address] command to define the MAC-address.

Port security helps limit the number of Mac addresses accessing a switch port. By default, port security is disabled on switch ports.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An administrator needs to remotely manage the switch on a different network subnet, 192.16.170.0/28. What commands must be present on the switch for it to be managed remotely? (Choose all that apply.)

A. int range f0/6
switchport mode access
switchport port-security violation restrict

B. int vlan1
ip address 192.16.170.5 255.255.255.240

C. line con 0
password console
login

D. ip default-gateway 192.16.170.1

A

B. int vlan1
ip address 192.16.170.5 255.255.255.240
D. ip default-gateway 192.16.170.1

The following commands must be present on the switch for it to be managed remotely:

1) int vlan1
ip address 192.16.170.5 255.255.255.240
2) ip default-gateway 192.16.170.1

The IP address, mask, and default gateway need to be defined for the administrator to remotely manage the switch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which VLAN ID carries untagged traffic on trunk ports?

A. Data VLAN

B. Native VLAN

C. Voice VLAN

D. Access VLAN

A

B. Native VLAN

The native VLAN ID carries untagged traffic on trunk ports. Native VLAN ID numbers must match at both ends of the trunk. A trunk port can carry untagged packets with the 802.1Q tagged packets. If an administrator assigns a default port VLAN ID to the trunk port, the entire untagged traffic travels on the default port VLAN ID and the entire untagged traffic is assumed to belong to this VLAN.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The HQ site users are unable to reach the devices at a remote site. The remote site IT engineer connects a laptop to the console port of a router to investigate further and finds that the serial interface line protocol is down. The router log details are as follows.

Router log:
Remote-site #show interface serial 0/0/0
Serial 0/0/0 is up, line protocol is down

What can be the cause of this issue? (Choose all that apply)

A. issue with clocking

B. Cable or interface problem

C. Encapsulation mismatch

D. Line protocol mismatch

A

A. issue with clocking
D. Line protocol mismatch

The line protocol can be down if there is an issue with clocking or there is a mismatch in encapsulation.

The serial interface is up, and the line protocol is down. This indicates there is an issue with the Data Link Layer. The output of the interface and line protocol status is the most important statistic of the show interface command. If the output displays serial 0/0/0 and line protocol as up, the interface is assumed to be up and running.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How many bits define the Organizationally Unique Identifier (OUI) in the structure of Unicast Ethernet addresses?

A. 6 bits

B. 24 bits

C. 32 bits

D. 12 bits

A

B. 24 bits

The number of bits that define the Organizationally Unique Identifier in the structure of Unicast Ethernet addresses is 24.
All Ethernet devices are assigned a unique MAC address during the manufacturing process. IEEE assigns the manufacturer a unique 3-byte (24 bits) code called the Organizationally Unique Identifier. The manufacturer then provides the code to all devices. The manufacturer also uses a unique value for the last 3 bytes (24 bits), a number that the manufacturer has never used with the OUI, which results in unique MAC addresses for all devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

The Virtual Trunk Port has been configured on a Cisco IOS switch, but the Switch-floor2 is unable to receive the VLAN information from Switch-floor1. What is the possible cause as per the output of the show VTP status? (Choose all that apply)

Switch-Floor1#sh vtp status
VTP Version : 2
Configuration Revision : 5
Maximum VLANs supported locally : 8
Number of existing VLANs : 6
VTP Operating Mode : Server
VTP Domain Name : Finance
VTP Pruning Mode : Disable
VTP V2 Mode : Disable
VTP Traps Generation : Disable

Switch-Floor2#sh vtp status
VTP Version : 2
Configuration Revision : 8
Maximum VLANs supported locally : 25
Number of existing VLANs : 6
VTP Operating Mode : Server
VTP Domain Name : Sales
VTP Pruning Mode : Disable
VTP V2 Mode : Disable
VTP Traps Generation : Disable

A. On both the switches, VTP Operating Mode is configured as the VTP server

B. Switch-floor1 has a lower revision number than Switch-floor2.

C. VTP domain configured on both the switches are different.

D. The VTP V2 Mode is disabled on both the switches.

A

B. Switch-floor1 has a lower revision number than Switch-floor2.
C. VTP domain configured on both the switches are different.

Here are the possible causes for Switch-floor2 being unable to receive the VLAN information from Switch-floor1:

1) VTP domains configured on both the switches are different.
2) Switch-floor1 has a lower revision number than Switch-floor2.

The switches will share VTP information only if VTP domain names are same on both the switches. The switches in the VTP server mode will share the VLAN information using VTP. To advertise VTP VLAN information, the server should have the highest revision number.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the function of the “switchport port-security mac-address sticky” command?

A. Block secured ports for a specific MAC address or subnet

B. Update the static MAC address in the MAC address table

C. Save the dynamically learned MAC address in running configuration

D. Update CAM table to MAC address of sticky devices

A

C. Save the dynamically learned MAC address in running configuration

The “switchport port-security mac-address sticky” command is used to save the dynamically learned MAC address in running configuration. It provides static MAC address security without the need to type any MAC address on the network as it saves the dynamically learned MAC address in the running configuration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which section of the Ethernet II frame is responsible for error detection?

A. Type

B. SFD

C. Preamble

D. FCS

A

D. FCS

The FCS section of the Ethernet II frame is responsible for error detection. Frame Check Sequence (FCS) is a field at the end of the frame, which is used to store the cyclic redundancy check (CRC) answer. When received by a host, a frame runs the CRC and checks the answer. If it is different, it will discard the frame, assuming that an error has occurred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What will be the duplex setting if the Ethernet interface uses a speed greater than 1 Gbps?

A. Full Duplex

B. Auto

C. 100 Full

D. Half Duplex

A

A. Full Duplex

If the Ethernet interface uses a speed greater than 1 Gbps, the duplex setting will be Full Duplex.

If one device is set to auto-negotiation whereas others have auto-negotiation disabled, the device using auto negotiation will choose the default duplex setting based on the current speed. Half duplex is used by default if the speed setting is set to 10 or 100 Mbps, whereas full duplex is used if the speed is set to 1000 Mbps or above.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A network administrator has configured two switches at a remote site. What commands do they need to use on each switch to verify its configuration? (Choose all that apply.)

A. show ip interface brief

B. show interface vlan 1

C. show ip route

D. show mac address-table

A

A. show ip interface brief
B. show interface vlan 1
D. show mac address-table

The administrator needs to use the following commands on each switch to verify its configuration:

1) show interface vlan 1
2) show mac address-table
3) show ip interface brief

The administrator needs to:

1) Verify the management interface used to access the switches remotely using the “show interface vlan 1” command.
2) Verify the CAM on each switch using the “show mac address-table” command.
3) Verify remote site (device) configurations using the “show ip interface brief” and “show running-config” commands.

19
Q

At an HQ site, five VLANs are created and switch ports are assigned to different VLANs based on their requirements. A network engineer uses the show vlan brief command to verify the configuration and finds that some ports are assigned to wrong VLANs. What changes need to be made to assign a switchport to a correct access VLAN?

A. switchport mode vlan [vlan_id]

B. switchport access vlan [vlan_id] under global configuration mode

C. switchport trunk vlan [vlan_id]

D. switchport access vlan [vlan_id] under inteface subcommand

A

D. switchport access vlan [vlan_id] under inteface subcommand

The switchport access vlan [vlan_id] command under the interface subcommand is used to assign a switch port to a correct access VLAN.

Access ports are used to carry traffic for one VLAN only. It can be assigned to only one VLAN. The data arriving on an access port is assumed to belong to the VLAN assigned to the port as it doesn’t consider the source address.

20
Q

The Link Layer Discovery Protocol has been configured on a Cisco IOS device. The administrator needs to increase the time of the receiving device to store information before discarding it. What command does the administrator need to use?

A. lldp reinit delay

B. lldp timer

C. lldp holdtime

D. lldp received time

A

C. lldp holdtime

The “lldp holdtime” command is used to increase the time of the receiving device to hold information before discarding it.
The default hold time an administrator can configure in the range from 0 to 65535 seconds is 120 seconds. The “show lldp” command can be used to display global information or the hold time for packets being sent, transmission frequency, and delay time before LLDP initializes on an interface.

21
Q

A switch configured at a remote site sends untagged frames from the native VLAN. What command needs to be configured on the Cisco switch to tag all frames coming from the native VLAN?

A. switchport trunk encapsulation dot1Q
switchport tag native vlan

B. vlan dot1Q native tag

C. vlan dot1Q encapsulation
native tag

D. tag native vlan

A

B. vlan dot1Q native tag

The “vlan dot1Q native tag” command needs to be configured on the Cisco switch to tag all frames coming from the native VLAN.

By default, a native VLAN ID carries untagged traffic on trunk ports. If an administrator assigns a default port VLAN ID to the trunk port, the entire untagged traffic travels on the default port VLAN ID and is assumed to belong to this VLAN.

22
Q

Which command needs to be executed to disable the switch port if any security violation occurs?

A. switchport port-security interface shutdown

B. switchport port-security mac-address violation

C. switchport security violation shutdown

D. switchport port-security violation shutdown

A

D. switchport port-security violation shutdown

The switchport port-security violation shutdown command needs to be executed on the switch to disable the switch port if any security violation occurs.
The following events take place when security violation occurs.

  1. The shutdown violation mode puts the interface in an error-disabled state immediately.
  2. The protect violation mode drops packets from unknown source addresses.

The restrict violation mode drops packets from unknown source addresses. It also generates a log message and sends an SNMP trap alert to the administrator.

23
Q

An administrator needs to disable access VLAN 10 on a Cisco IOS switch to prevent a switch to forward any frame to that VLAN 10. Which command should be used to disable VLAN on a switch? (Choose all that apply)

A. Switch(config)#disable vlan 10

B. Switch(config)#no vlan 10

C. Switch(config)#vlan 10
Switch(config-vlan)#shutdown

D. Switch(config)#shutdown vlan 10

A

C. Switch(config)#vlan 10
Switch(config-vlan)#shutdown
D. Switch(config)#shutdown vlan 10

The administrator can use the following commands to disable VLAN on a Cisco IOS switch:

1) Switch(config)#shutdown vlan 10
2) Switch(config)#vlan 10
Switch(config-vlan)# shutdown

The show vlan command helps display the list of VLANs and their current status. Shutting down a VLAN on a switch simply disables the VLAN. However, the switch port assigned to that VLAN is still active.

24
Q

Which of the following options is an Ethernet broadcast MAC address?

A. 1111:1111:1111

B. 00:00:00:00:00:00

C. FF:FF:FF:FF:FF:FF

D. 11:11:11:11:11:11

A

C. FF:FF:FF:FF:FF:FF

FF:FF:FF:FF:FF:FF is an Ethernet broadcast MAC address.

If a frame is addressed to the MAC address FF:FF:FF:FF:FF:FF, the former will reach every computer on a LAN segment. Ethernet frames that contain IP broadcast packages are usually sent to an Ethernet broadcast address. Ethernet broadcasts are used by the Address Resolution Protocol and the Neighbor Discovery Protocol to translate IP addresses to MAC addresses.

25
Q

What commands can be configured on a switch to stop any security violation? (Choose all that apply.)

A. switchport port-security violation mode {shutdown|restrict}

B. switchport port-security violation protect

C. switchport port-security violation shutdown

D. switchport port-security violation restrict

A

B. switchport port-security violation protect
C. switchport port-security violation shutdown
D. switchport port-security violation restrict

The following commands can be configured on a switch to stop any security violation:

1) switchport port-security violation shutdown
2) switchport port-security violation protect
3) switchport port-security violation restrict

The shutdown violation mode immediately places the interface in an error-disabled state. The protect violation mode drops packets from unknown source addresses. The restrict violation mode drops packets from unknown source addresses. It also generates a log message and sends an SNMP trap alert to the administrator.

26
Q

What logic does a switch use to learn the MAC address table? (Choose all that apply)

A. Use STP to prevent loops.

B. Check whether the destination MAC address is a broadcast, multicast, or unknown destination address.

C. Add the details of the MAC address and the interface on which the frame is received, if not updated in the MAC address table.

D. Note the source MAC address and the port on which frames are received.

A

C. Add the details of the MAC address and the interface on which the frame is received, if not updated in the MAC address table.
D. Note the source MAC address and the port on which frames are received.

A switch uses the following logic to learn the MAC address table.

1) Note the source MAC address and the port on which frames are received.
2) Add the details of the MAC address and the interface on which the frame is received, if not updated in the MAC address table.

To view a switch in the MAC address table, use the “show mac address-table” command.

27
Q

A new Cisco IOS switch needs to be configured with ports 1 to 15 assigned to a single VLAN, i.e. VLAN 10. What steps does an administrator need to perform to achieve this?

A. 1) Use the interface fastethernet [interface_id] command under the
global configuration mode to configure the switch port.
2) Ensure that the VLAN10 is associated to the desired interface,
using the switchport access vlan 10 command.
3) Configure the switchport mode access command in the interface
configuration mode.

B. 1) Use the interface fastethernet [interface_id] command under the
privileged configuration mode to configure the switch port.
2) Ensure that the VLAN10 is associated to the desired interface,
using the switchport mode access vlan 10 command.

C. 1) Use the interface fastethernet [interface_id] command under the
interface configuration mode to configure the switch port.
2) Ensure that the VLAN10 is associated to the desired interface,
using the switchport mode access vlan 10 command.

D. 1) Use the interface fastethernet [interface_id] command under the
global configuration mode to configure the switch port.
2) Ensure VLAN10 is associated to the desired interface, using the
switchport trunk vlan 10 command.
3) Configure the switchport mode access command in the interface
configuration mode.

A

A. 1) Use the interface fastethernet [interface_id] command under the
global configuration mode to configure the switch port.
2) Ensure that the VLAN10 is associated to the desired interface,
using the switchport access vlan 10 command.
3) Configure the switchport mode access command in the interface
configuration mode.

The administrator needs to perform the following steps to configure ports 1 to 15 in VLAN 10:

1) Use the interface fastethernet [interface_id] command under the global configuration mode to configure the switch port.
2) Ensure VLAN10 is associated to the desired interface, using the switchport access vlan 10 command.
3) Configure the switchport mode access command in the interface configuration mode.

The following commands need to be configured to assign the switch port to VLAN 10:

interface range fastethernet [interface_id]
switchport access vlan 10
switchport mode access

28
Q

A network engineer found that duplex and speed mismatch logs were being continuously generated on a remote site Cisco switch. Which commands would help check the speed and duplex settings of the switch interface and facilitate further troubleshooting? (Choose all that apply)

A. show interfaces [interface_id]

B. show interfaces status

C. show switch-port details

D. show interface switchport-port summary

A

A. show interfaces [interface_id]
B. show interfaces status

The following commands would help check the speed and duplex settings of the switch interface and facilitate further troubleshooting:

1) show interfaces [interface_id]
2) show interfaces status

The show interfaces [interface_id] command is used to display the detailed information about the interface status, settings, and counters. The show interfaces status is used to display the summary information about the interface status, speed and duplex settings, VLAN Id, and type of connection.

29
Q

An administrator needs to update a network diagram. What command does the administrator need to use to find the neighboring devices and their IP addresses?

A. show cdp entry version

B. show cdp neighbors

C. show cdp neighbors details

D. show cdp

A

C. show cdp neighbors details

The administrator needs to use the “show cdp neighbors details” command to find the neighboring devices and their IP addresses. The “show cdp neighbors details” command provides information about the IOS version, device model, interface to which it is connected, IP addresses of neighboring devices, etc. This command can be run on both routers and switches, and it displays detailed information about each device connected to the device running the command.

30
Q

Two new switches were configured at a remote site to be used as an Ethernet link for the trunk. But trunking failed to work. A network engineer investigated and found that a dynamic auto mode was, by default, set on one of the new switches. What changes had to be made on the switches to activate trunk on a Cisco switch? (Choose all that apply)

A. Configure both the switches to use the dynamic desirable mode.

B. Disable dynamic auto on both the switches.

C. Configure one of the switches to port to the access mode.

D. Configure one of the switches to use the dynamic desirable mode.

A

A. Configure both the switches to use the dynamic desirable mode.
D. Configure one of the switches to use the dynamic desirable mode.

The following changes need to be made on the switches to activate trunk on a Cisco switch:

1) Configure one of the switches to use the dynamic desirable mode.
2) Configure both the switches to use the dynamic desirable mode.

Switches configured in the dynamic desirable mode initiate negotiation. Hence, the switches negotiate the use of trunking. The show interfaces [interface_id] 0/1 switchport command is used to list information regarding administrative settings and operational state of switch interface.

31
Q

Host D needs to send a data frame to host C. The MAC address of host D is 001C.ADCB.ED09, and that of host C is 0001.3ADE.56FC. What actions will the switch take when it receives the frame from host D? (Choose all that apply.)

The switch output is as follows:

switchHQ#show mac address-table

VLAN MAC Address Ports
1 0001.CEFD.3A56 fa0/5
1 0001.3ADE.56FC fa0/9
1 001C.AD78.DF89 fa0/12

A. It will forward the frame to all the ports except the source port.

B. It will update the CAM table.

C. It will discard the packet.

D. It will forward the frame to Host C.

A

A. It will forward the frame to all the ports except the source port.
B. It will update the CAM table.
D. It will forward the frame to Host C.

The switch will take the following actions when it receives the frame from host D.

1) It will update the CAM table.
2) It will forward the frame to Host C.

The MAC address of Host D is not in the forward table (MAC address table). Hence, the switch will first add the source MAC address and port number to which it is connected, and then forward the frame to port fa0/9 of the switch on which host C is connected. The switch forwards the frame to all ports except the source port if the destination port details are not updated on the CAM table.

32
Q

On a Cisco Catalyst switch, an administrator has configured port security on the switch port using the default mode. Which of the following options define the default mode?

A. Maximum 1, violation restrict

B. Maximum 1, violation shutdown

C. Maximum 2, violation protect

D. Maximum 2, violation errdisable

A

B. Maximum 1, violation shutdown

Maximum 1 and violation shutdown define the default mode.

By configuring port security, the administrator can limit the number of MAC addresses that can be assigned dynamically to a port. The following actions can be performed if port violation occurs.

1) Protect
2) Restrict
3) Shutdown

33
Q

At a remote site, the switches are connected in loop for better redundancy. However, each switch is sending infinite duplicate frames, creating a loop in the LAN network. What configuration does the administrator need to add to prevent loops in the network?

A. Create the switch port as a trunk port.

B. Configure port security on switch ports.

C. Configure the spanning tree protocol on all switches.

D. Create the switch port as an access port.

A

C. Configure the spanning tree protocol on all switches.

The administrator needs to configure the spanning tree protocol (STP) on all switches to prevent an infinite loop in the network.

STP is a network protocol that ensures a loop-free topology for a bridged Ethernet network. STP helps prevent loops by blocking one or more links on a switch. If an active link fails, blocked links can be used.

34
Q

An administrator needs to change the trunk port native VALN from VLAN 1 to VLAN 10 for interface fa0/22 due to security reasons. Which command should the administrator use to achieve this?

A. int f0/22
switchport mode native vlan 10

B. int f0/22
switchport trunk native vlan 10

C. int f0/22
switchport mode trunk vlan 10

D. int f0/22
switchport trunkaccess vlan 10

A

B. int f0/22
switchport trunk native vlan 10

To change the trunk port native VALN from VLAN 1 to VLAN 10 for interface fa0/22, the administrator needs to configure the following commands:

int f0/22
switchport trunk native vlan 10

The native VLAN ID carries untagged traffic on trunk ports. Native VLAN ID numbers must match at both ends of the trunk. A trunk port can carry untagged packets with the 802.1Q tagged packets.

35
Q

A network engineer has configured a port security on a Cisco IOS switch. Which commands should be used to verify the port security for a specific interface and for the entire device? (Choose all that apply)

A. show interface [interface_id] port-security

B. show port-security interface [interface_id]

C. show port-security

D. show port-security summary

A

B. show port-security interface [interface_id]
C. show port-security

The show port-security interface [interface_id] command is used to verify port security on a specific interface. The show port-security command is used to verify port security configuration for the entire device.

Port security helps restrict a port’s ingress traffic by limiting the number of MAC addresses allowed to send traffic into the port. The command output includes the maximum number of secure MAC addresses allowed for each interface, the number of security violations occurred, and the violation mode.

36
Q

A network administrator needs to disable the switch interface, GigabitEthernet 1/1, from sending an lldp request. What commands does the administrator need to use?

A. Switch(config)# interface GigabitEthernet 1/1
Switch(config)# no lldp transmit receive

B. Switch(config)# interface GigabitEthernet 1/1
Switch(config-if)#lldp transmit disable

C. Switch(config)# interface GigabitEthernet 1/1
Switch(config)# no lldp transmit run

D. Switch(config)# interface GigabitEthernet 1/1
Switch(config-if)#no lldp transmit

A

A. Switch(config)# interface GigabitEthernet 1/1
Switch(config)# no lldp transmit receive

To disable the switch interface, GigabitEthernet 1/1, from sending an lldp request, an administrator needs to use the following commands:

Switch(config)# interface GigabitEthernet 1/1
Switch(config-if)#no lldp transmit

Link Layer Discovery Protocol (LLDP) is a neighbor discovery protocol used by network devices to provide information about themselves to other devices on the network. LLDP must be enabled on a device before being enabled or disabled on any interface. LLDP is supported only on physical interfaces.

37
Q

The network engineer of an organization has configured trunk ports on Cisco IOS to carry data for multiple VLANs. What commands are used to verify trunk configuration? (Choose all that apply.)

A. show interfaces trunk

B. show port summary

C. show interfaces switchport

D. show switchport mode

A

A. show interfaces trunk
C. show interfaces switchport

The following commands are used to verify trunk configuration on a Cisco IOS router.

1) show interfaces switchport
2) show interfaces trunk

The trunk port is used to carry traffic for all VLANs that a switch can access. The “show interfaces switchport” command is used to list details related to any interface regarding the operational state and administrative settings, whereas the “show interfaces trunk” command is used to list all trunks including VLANs that can be forwarded over trunk.

38
Q

A site engineer connects a laptop on the console port of a Cisco device to check the status of the interface. The show interface command shows the line and protocol status as “down.” What can be the possible cause? (Choose all that apply.)

show interfaces fa0
FastEthernet 0 is down, line protocol is down
Hardware is MCI Ethernet, address is 0abd.0c00.750c (bia 0abd.0c00.750c)
Internet address is 112.98.12.6, subnet mask is 255.255.255.0
MTU 1500 bytes, BW 1000 Kbit, DLY 1000 usec, rely 255/255, load 1/255
Encapsulation ARPA, loopback not set, keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 4:00:00
Last input 0:00:00, output 0:00:00, output hang never

A. The neighboring device is shut down.

B. No cable is connected on the FastEthernet 0 port

C. On the interface Ethernet 0, the shutdown command is configured

D. The WAN link is down

A

A. The neighboring device is shut down.
B. No cable is connected on the FastEthernet 0 port

The line and protocol status shows ‘down’ because:

1) No cable is connected on the FastEthernet 0 port.
2) The neighboring device is shut down.

The show interfaces command is used to display statistics of all interfaces configured on a Cisco device. The interface and line protocol status defines information related to the physical state of the interface and displays the status of messages at the data link level.

39
Q

Which interface does not support Cisco Discovery Protocol (CDP)?

A. Serial interface

B. ATM interface

C. VLAN 1 interface

D. FastEthernet interface

A

B. ATM interface

The ATM interface does not support Cisco Discovery Protocol (CDP).

Cisco Discovery Protocol (CDP) is used to find basic information about neighboring devices such as router, switch, and Cisco IP phones. Routers and switches send CDP messages from each of their interfaces to find information. Devices that support CDP obtain information about other devices by listening for advertisements sent by the latter.

40
Q

What actions does an administrator need to take on unused switch ports to prevent security attacks? (Choose all that apply.)

A. Assign unused ports to desirable mode.

B. Create a spanning tree protocol.

C. Assign unused ports to unused VLANs.

D. Shut down unused ports.

A

C. Assign unused ports to unused VLANs.
D. Shut down unused ports.

All ports in a switch are enabled by default. To protect a network from security threats, the administrator needs to shut down unused ports or assign them to unused VLANs. The administrator needs to use the following commands to disable the switch port:

Switch(config)#interface fa0/19
Switch(config-if)#shutdown.

41
Q

Which protocol is used by a Cisco router to determine whether the device connected to it is a product of Cisco?

A. TCP

B. ARP

C. CDP

D. UCP

A

C. CDP

The CDP protocol is used by a Cisco router to determine whether a device connected to it is a product of Cisco.

CDP is primarily used to obtain protocol addresses of neighboring devices and ascertain the platform of those devices. CDO runs on all Cisco-manufactured equipment, including routers, bridges, access servers, and switches.

42
Q

The HQ site users are unable to reach the devices at a remote site. The remote site IT engineer connects a laptop to the console port of a router to investigate further and finds that the serial interface line protocol is down. The router log details are as follows.

Router log:
Remote-site #show interface serial 0/0/0
Serial 0/0/0 is up, line protocol is down

What can be the cause of this issue? (Choose all that apply)

A. Line protocol mismatch

B. Encapsulation mismatch

C. Cable or interface problem

D. Issue with clocking

A

B. Encapsulation mismatch
D. Issue with clocking

The line protocol can be down if there is an issue with clocking or there is a mismatch in encapsulation.

The serial interface is up, and the line protocol is down. This indicates there is an issue with the Data Link Layer. The output of the interface and line protocol status is the most important statistic of the show interface command. If the output displays serial 0/0/0 and line protocol as up, the interface is assumed to be up and running.

43
Q

A new voice setup needs to be installed at a remote site. What configuration changes need to be made on the switch ports so that the new voice setup can be used for both data and voice VLAN?

A. Remote(config)# vlan 10
Remote (config-vlan)# vlan 20
Remote (config-vlan)# interface range FastEthernet0/1 -5
Remote (config-if)# switchport mode trunk
Remote (config-if)# switchport access vlan 10
Remote (config-if)# switchport voice vlan 20

B. Remote(config)# vlan 10
Remote (config-vlan)# vlan 20
Remote (config-vlan)# interface range FastEthernet0/1 -5
Remote (config-if)# switchport mode access
Remote (config-if)# switchport access vlan 10
Remote (config-if)# switchport mode access vlan 20

C. Remote(config)# vlan 10
Remote (config-vlan)# vlan 20
Remote (config-vlan)# interface range FastEthernet0/1 -5
Remote (config-if)# switchport mode trunk
Remote (config-if)# switchport access vlan 10
Remote (config-if)# switchport mode access vlan 20

D. Remote(config)# vlan 10
Remote (config-vlan)# vlan 20
Remote (config-vlan)# interface range FastEthernet0/1 -5
Remote (config-if)# switchport mode access
Remote (config-if)# switchport access vlan 10
Remote (config-if)# switchport voice vlan 20

A

D. Remote(config)# vlan 10
Remote (config-vlan)# vlan 20
Remote (config-vlan)# interface range FastEthernet0/1 -5
Remote (config-if)# switchport mode access
Remote (config-if)# switchport access vlan 10
Remote (config-if)# switchport voice vlan 20

The following configuration changes need to be made so that the new voice setup can be for used for both data and voice VLAN.

Remote(config)# vlan 10
Remote (config-vlan)# vlan 20
Remote (config-vlan)# interface range FastEthernet0/1 -5
Remote (config-if)# switchport mode access
Remote (config-if)# switchport access vlan 10
Remote (config-if)# switchport voice vlan 20

An access port can be a member of only data and voice VLAN. By default, VLAN 1 is created on a switch and all ports are assigned to this VLAN.

44
Q

An administrator needs to enable port security on a Cisco IOS switch. What steps does the administrator need to take? (Choose all that apply.)

A. Ensure that the port is an access port.

B. Assign the port to the native VLAN.

C. Set port security parameters.

D. Configure the port-security command at the interface level.

A

A. Ensure that the port is an access port.
C. Set port security parameters.
D. Configure the port-security command at the interface level.

To enable port security on a Cisco IOS router, the administrator needs to take the following steps:

  1. Ensure that the port is an access port.
  2. Configure the port-security command at the interface level.
  3. Set port security parameters.

Port security is used to restrict a port’s ingress traffic by limiting the number of MAC addresses allowed to send traffic into the port. The “show port security” command is used to display port-security settings for an interface or a switch.

CCNA ICND1 (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions