Académique Documents
Professionnel Documents
Culture Documents
Points 20
Questions 20
Attempt History
Attempt
Time
Score
KEPT
Attempt 2
7 minutes
20 out of 20
LATEST
Attempt 2
7 minutes
20 out of 20
Attempt 1
25 minutes
17 out of 20
Question 1
1 / 1 pts
What is the suggested solution for routing when Layer 3 routing is extended to the access layer?
Correct!
run an IGP between the distribution and core layers and use static default routes at the access layer
use static rotue from the access to the distribution layer, use default static routes from the distribtuion to the core layer and use IGP
amongst core layer devices
run an IGP between distribution and core layers and rely on proxy ARP between the access and distribution layers
Question 2
1 / 1 pts
Correct!
management plane
control plane
forwarding plane
CAM
Question 3
1 / 1 pts
Which two types of devices from the list would be appropriate to use at the access layer to provide end-user connectivity? (Choose two.)
Question 4
1 / 1 pts
Why does extending layer 3 switching to the access layer improve scalability?
Correct!
The access and distribution layers would not participate in the routing scheme.
Question 5
1 / 1 pts
the catalyst switch does not have a Control Plane; it has a Management Plane
Correct!
Question 6
Which layer 3 switching method used by Catalyst switches offers the greatest performance?
process switching
Correct!
CEF
fast switching
TCAM
1 / 1 pts
Question 7
1 / 1 pts
In terms of design, which layer of the hierarchical model is the most complex?
access Layer
Correct!
distribution Layer
core Layer
Refer to Chapter 2.
Question 8
1 / 1 pts
What is the purpose of the Cisco Enterprise Architecture and the hierarchical desgin?
Correct!
Each element in the hierarchy has a specific set of functions and services that it offers and specific role.
It provides services and functionality to the core layer by grouping various components into a single component that is located in the access layer.
It reduces overall network traffic by grouping server farms, the management server, corporate intranet, and e-commerce routers in the same layer.
Question 9
1 / 1 pts
What are two responsibilities of devices that are located at the core layer of the hierarchical design model? (Choose two.)
packet manipulation
Correct!
Correct!
Question 10
The adjacency table eliminates the need for the ARP protocol.
Correct!
After an IP prefix match is made, the process determines the associated Layer 2 header rewrite information from the adjacency table.
1 / 1 pts
Question 11
1 / 1 pts
Question 12
1 / 1 pts
Question 13
1 / 1 pts
What feature of CEF allows for Layer 3 switches to use multiple paths?
Correct!
load-balancing
hardware based forwarding
route caching
At what layer of the hierarchical design model would redistribution and summarization occur?
core layer
backbone layer
access layer
Correct!
distribution layer
Which portion of the enterprise network provides access to network communication services for the end users and
devices that are spread over a single geographic location?
enterprise edge
Correct!
campus module
WAN module
Internet edge
data center
Refer to curriculum topic: 1.1.1
Question 14
What type of specialized memory is used to facilitate high performance switching in Cisco multilayer switches?
Correct!
1 / 1 pts
Question 15
1 / 1 pts
Question 16
1 / 1 pts
What is true about TCAM lookups that are associated with CEF switching?
Correct!
TCAM lookup tables are used only for the Layer 3 forwarding operation.
TCAM lookup tables are used only for the rapid processing of ACLs within CEF.
A user needs to access a file server that is located in another department. Which layer of the Cisco Hierarchical Network
Model will process the traffic first?
Correct!
access
core
distribution
control
Question 17
1 / 1 pts
Question 18
1 / 1 pts
Catalyst 6500
Catalyst 2000
Correct!
Nexus 7000
Catalyst 4500
use of ASICs
QoS marking
Correct!
Correct!
Question 19
1 / 1 pts
A network designer must provide a rationale to a customer for a design that will move an enterprise from a flat network topology to a
hierarchical network topology. Which two features of the hierarchical design make it the better choice? (Choose two.)
reduced cost
scalability
Correct!
Question 20
1 / 1 pts
At what layer of the hierarchical model are MAC-based security controls implemented?
Correct!
access layer
distribution layer
core layer
https://1375232.netacad.com/courses/362224/quizzes/2742636
Chapter 3 Exam
Due No due date
Points 20
Questions 20
Attempt History
LATEST
Attempt
Time
Score
Attempt 1
7 minutes
18 out of 20
Question 1
1 / 1 pts
Refer to the exhibit. What would be the result if a new switch with a default configuration is inserted in the existing VTP domain Lab_Network?
Correct!
The switch will operate as a VTP server but will not impact the existing VLAN configuration in the domain.
Question 2
1 / 1 pts
Refer to the exhibit. Both SW1 and SW2 are configured with the PAgP desirable mode. Which statement is true?
Correct!
Both switches will initiate channeling negotiation and will form a channel between them.
1 de 10
02/05/2016 17:57
https://1375232.netacad.com/courses/362224/quizzes/2742636
Question 3
1 / 1 pts
When configuring an EtherChannel, given that one end of the link is configured with PAgP mode desirable, which PAgP modes can be configured
on the opposite end of the link in order to form an active channel? (Choose two.)
Correct!
desirable
Correct!
auto
Question 4
1 / 1 pts
Which two items are benefits of implementing local VLANs within the Enterprise Architecture? (Choose two.)
Correct!
Correct!
Question 5
1 / 1 pts
2 de 10
02/05/2016 17:57
https://1375232.netacad.com/courses/362224/quizzes/2742636
Refer to the exhibit. All switches in the VTP domain are new switches. Which switch or switches will receive and maintain the list for all VLANs that
are configured on the VTP server?
Correct!
SW4
Question 6
1 / 1 pts
Refer to the exhibit. Given that no VLANs have been deleted, what can be concluded about interface Fa0/7?
Correct!
It is a trunk port.
Question 7
0 / 1 pts
3 de 10
02/05/2016 17:57
https://1375232.netacad.com/courses/362224/quizzes/2742636
Refer to the exhibit. Which option correctly describes the function of a switch that is configured in VTP transparent mode?
You Answered
option 2
Correct Answer
option 4
Question 8
1 / 1 pts
In the context of the Enterprise Composite Architecture, which statement is true about best-practice design of local VLANs?
Correct!
Question 9
1 / 1 pts
Refer to the exhibit. How should SW2 be configured in order to participate in the same VTP domain and populate the VLAN information across the
domain?
4 de 10
02/05/2016 17:57
Correct!
https://1375232.netacad.com/courses/362224/quizzes/2742636
Switch SW2 should be configured as a VTP server with a higher revision number.
Question 10
1 / 1 pts
Refer to the exhibit. What will happen when switch SW2 is added to the network?
Correct!
Switch SW2 will drop all VTP advertisements and will not propagate them through the VTP domain.
Question 11
Refer to the exhibit. Given the configuration information of the CAT1 and CAT2 switches, which statement is true?
1 / 1 pts
5 de 10
02/05/2016 17:57
Correct!
https://1375232.netacad.com/courses/362224/quizzes/2742636
Question 12
1 / 1 pts
Refer to the exhibit. Switch SW2 was tested in a lab environment and later inserted into the production network. Before the trunk link was
connected between SW1 and SW2, the network administrator issued the show vtp status command as displayed in the exhibit. Immediately after
the switches were interconnected, all users lost connectivity to the network. What could be a possible reason for the problem?
Correct!
Switch SW2 has a higher VTP revision number, which causes deletion of the VLAN information in the VTP domain.
Question 13
Refer to the exhibit. Which two statements are true about the switch CAT2? (Choose two.)
1 / 1 pts
6 de 10
02/05/2016 17:57
Correct!
Six VLANs were either manually configured on the switch or learned via VTP.
Correct!
https://1375232.netacad.com/courses/362224/quizzes/2742636
Question 14
1 / 1 pts
Which two statements are true about the 802.1Q trunking protocol? (Choose two.)
Correct!
Correct!
The native VLAN interface configurations must match at both ends of the link or frames could be dropped.
Question 15
1 / 1 pts
A switch port can become an access port through static or dynamic configuration.
Correct!
Correct!
An access port is created with the switchport mode access command and then associated with a VLAN with the switchport access vlan command.
Question 16
1 / 1 pts
7 de 10
02/05/2016 17:57
https://1375232.netacad.com/courses/362224/quizzes/2742636
Refer to the exhibit. What statement is true about the switch port?
Correct!
Question 17
1 / 1 pts
Which three effects does the interface command switchport host have when entered on a switch? (Choose three.)
Correct!
Correct!
Correct!
Question 18
0 / 1 pts
8 de 10
02/05/2016 17:57
https://1375232.netacad.com/courses/362224/quizzes/2742636
Refer to the exhibit. Switch1 and Switch2 are unable to establish an operational trunk connection. What is the problem between the connection on
Switch1 and Switch2?
You Answered
Correct Answer
encapsulation mismatch
Question 19
1 / 1 pts
Which two VTP parameters must be identical on all switches in the network in order to participate in the same VTP domain? (Choose two.)
Correct!
Correct!
Question 20
What is a best practice for VLAN design?
Correct!
1 / 1 pts
9 de 10
02/05/2016 17:57
https://1375232.netacad.com/courses/362224/quizzes/2742636
10 de 10
02/05/2016 17:57
Chapter 3 Exam
Due No due date
Points 20
Questions 20
Attempt History
Attempt
Time
Score
KEPT
Attempt 2
7 minutes
20 out of 20
LATEST
Attempt 2
7 minutes
20 out of 20
Attempt 1
20 minutes
12.5 out of 20
Question 1
1 / 1 pts
Refer to the exhibit. Switch SW2 was tested in a lab environment and later inserted into the production network. Before the
trunk link was connected between SW1 and SW2, the network administrator issued the show vtp status command as displayed
in the exhibit. Immediately after the switches were interconnected, all users lost connectivity to the network. What could be a
possible reason for the problem?
Switch SW2 is in the wrong VTP operating mode.
Switch SW2 has the pruning eligible parameter enabled, which causes pruning of all VLANs.
Correct!
Switch SW2 has a higher VTP revision number, which causes deletion of the VLAN information in the VTP domain.
Question 2
1 / 1 pts
Refer to the exhibit. All switches in the VTP domain are new switches. Which switch or switches will receive and maintain the
list for all VLANs that are configured on the VTP server?
SW2
Correct!
SW4
Question 3
1 / 1 pts
Which two statements are true about the 802.1Q trunking protocol? (Choose two.)
Correct!
Correct!
The native VLAN interface configurations must match at both ends of the link or frames could be dropped.
Question 4
Refer to the exhibit. What would be the result if a new switch with a default configuration is inserted in the existing
VTP domain Lab_Network?
The switch will operate as a VTP client.
1 / 1 pts
The switch will operate as a VTP server and will delete the existing VLAN configuration in the domain.
Correct!
The switch will operate as a VTP server but will not impact the existing VLAN configuration in the domain.
Question 5
1 / 1 pts
Refer to the exhibit. Given that no VLANs have been deleted, what can be concluded about interface Fa0/7?
It is not configured.
It is shutdown.
It is a trunk port.
Question 6
1 / 1 pts
Refer to the exhibit. Switch1 and Switch2 are unable to establish an operational trunk connection. What is the problem
between the connection on Switch1 and Switch2?
encapsulation mismatch
MTU mismatch
VTP mismatch
DTP mismatch
Correct!
Question 7
1 / 1 pts
Refer to the exhibit. Which two statements are true about the switch CAT2? (Choose two.)
Correct!
Six VLANs were either manually configured on the switch or learned via VTP.
Correct!
Question 8
1 / 1 pts
Refer to the exhibit. What statement is true about the switch port?
Correct!
The port can carry data from multiple VLANs if pruning is disabled.
The port will be disabled if the current device is unplugged and a second device is attached.
The port has manually been placed into trunking mode and is using the 802.1Q trunking protocol.
Question 9
1 / 1 pts
When configuring an EtherChannel, given that one end of the link is configured with PAgP mode desirable, which PAgP
modes can be configured on the opposite end of the link in order to form an active channel? (Choose two.)
off
on
Correct!
desirable
auto
Correct!
Question 10
1 / 1 pts
Refer to the exhibit. How should SW2 be configured in order to participate in the same VTP domain and populate the VLAN
information across the domain?
Switch SW2 should be configured as a VTP client.
Correct!
Switch SW2 should be configured as a VTP server with a higher revision number.
Question 11
1 / 1 pts
Refer to the exhibit. Given the configuration information of the CAT1 and CAT2 switches, which statement is true?
Correct!
Because the port-channel numbers do not match, LACP will not form a channel between the switches.
Because the channel-group commands on SW2 should be set to "on," LACP will not form a channel between the switches.
Question 12
1 / 1 pts
Refer to the exhibit. What will happen when switch SW2 is added to the network?
Switch SW2 will delete all existing VLANs and introduce new VLANs in the VTP domain.
Correct!
Switch SW2 will drop all VTP advertisements and will not propagate them through the VTP domain.
Switch SW2 will include its own VLANs in the total number of VLANs configured in the VTP domain.
Refer to curriculum topic: 2.2.3
Question 13
1 / 1 pts
Correct!
VLANs should be designed in a hierarchical fashion with access VLANs at the access layer and local server VLANs at the core layer.
Refer to curriculum topic: 2.1.3
Question 14
Which three effects does the interface command switchport host have when entered on a switch? (Choose three.)
Correct!
Correct!
Correct!
1 / 1 pts
Question 15
1 / 1 pts
Refer to the exhibit. Both SW1 and SW2 are configured with the PAgP desirable mode. Which statement is true?
Both switches will initiate channeling negotiation and will not be able to form a channel.
Correct!
Both switches will initiate channeling negotiation and will form a channel between them.
Neither switch will initiate channeling negotiation and will not be able to form a channel between them.
Neither switch will initiate channeling negotiation but will form a channel between them.
Refer to curriculum topic: 2.3.1
Question 16
1 / 1 pts
Which two items are benefits of implementing local VLANs within the Enterprise Architecture? (Choose two.)
A single VLAN can extend further than its associated distribution-layer switch.
Correct!
High availability is made possible because local VLAN traffic on access switches can now be passed directly to the core switches
across an alternate Layer 3 path.
Layer 3 routing between VLANs can now be applied at the access layer.
Question 17
1 / 1 pts
In the context of the Enterprise Composite Architecture, which statement is true about best-practice design of local VLANs?
Local VLAN is a feature that has only local significance to the switch.
Correct!
Local VLANs should be created based upon the job function of the end user.
Question 18
1 / 1 pts
Refer to the exhibit. Which option correctly describes the function of a switch that is configured in VTP transparent mode?
option 1
option 2
option 3
Correct!
option 4
option 5
Question 19
1 / 1 pts
Correct!
Correct!
An access port should have the 802.1q encapsulation associated with it.
An access port created with the switchport mode access command will send DTP frames by default.
An access port is created with the switchport mode access command and then associated with a VLAN with the switchport access
Correct!
vlan command.
The VLAN that the access port is assigned to will be automatically deleted if it does not exist in the VLAN database of the switch.
Question 20
Which two VTP parameters must be identical on all switches in the network in order to participate in the same VTP
domain? (Choose two.)
Correct!
Correct!
1 / 1 pts
Chapter 4 Exam
Due No due date
Points 20
Questions 20
Attempt History
Attempt
Time
Score
KEPT
Attempt 2
11 minutes
19 out of 20
LATEST
Attempt 2
11 minutes
19 out of 20
Attempt 1
13 minutes
19 out of 20
Question 1
1 / 1 pts
Which protocol extends the IEEE 802.1w Rapid Spanning Tree (RST) algorithm to multiple spanning trees?
STP
RSTP+
CST
Correct!
MST
Question 2
0 / 1 pts
Each switch determines a designated port that provides the best path to the root switch.
Correct Answer
The designated port will be on the switch with the best path to the root switch.
With each network change, the STP algorithm is run on all switches that have a root port.
You Answered
A topology change will cause the switch where the change occurred to send messages about the change throughout the tree.
Question 3
1 / 1 pts
Refer to the exhibit. The configuration on the switch was changed between Output #1 and Output #2. What was done on the switch?
The command spanning-tree etherchannel guard misconfig was issued in global configuration mode.
The command spanning-tree etherchannel guard misconfig was issued in interface configuration mode.
Correct!
The command spanning-tree portfast bpduguard default was issued in global configuration mode.
The command spanning-tree portfast bpduguard default was issued in interface configuration mode.
Refer to curriculum topic: 3.3.2
Question 4
1 / 1 pts
Refer to the exhibit. Switch SW1 is receiving traffic from SW2. However, SW2 is not receiving traffic from SW1. Which STP
feature should be implemented to prevent inadvertent loops in the network?
Correct!
UDLD
PortFast
BPDU guard
BPDU filtering
Refer to curriculum topic: 3.3.6
Question 5
1 / 1 pts
hello time
forward aging
Correct!
forward delay
max age
max delay
Refer to curriculum topic: 3.1.1
Question 6
1 / 1 pts
Refer to the exhibit. What two conclusions does the output show to be true? (Choose two.)
Correct!
Correct!
Interface Fa0/12 will move into the errdisable state if a BPDU is received.
Question 7
One switch in a Layer 2 switched spanning-tree domain is converted to PVRST+ using the spanning-tree mode rapid-pvst global
configuration mode command. The remaining switches are running PVST+. What is the effect on the spanning-tree operation?
Spanning tree is effectively disabled in the network.
The PVRST+ switch forwards 802.1D BPDUs, but does not participate as a node in any spanning tree.
All switches default to one 802.1D spanning tree for all VLANs.
1 / 1 pts
Correct!
Question 8
1 / 1 pts
What priority value should be entered on a switch, via the spanning-tree vlan 20 priority priority command, if the desired
priority for VLAN 20 is 4116?
4116
4106
Correct!
4096
32788
Question 9
1 / 1 pts
Refer to the exhibit. STP is configured on all switches in the network. Recently, the user on workstation A lost connectivity to
the rest of the network. At the same time, the administrator received the console message:
%SPANTREE-2-RX_PORTFAST:Received BPDU on PortFast enable port.Disabling 2/1
What is the cause of the problem?
The STP PortFast BPDU Guard feature has disabled port 2/1 on the switch.
Question 10
1 / 1 pts
Which protocol should an administrator recommend to manage bridged links when the customer requires a fully redundant
network that can utilize load balancing technologies and reconverge on link failures in less than a second?
IEEE 802.1Q (CST)
Correct!
Cisco PVST+
IEEE 802.1D(STP)
Question 11
1 / 1 pts
What are three important steps in troubleshooting STP problems? (Choose three.)
Administratively create bridge loops and see what path the traffic takes.
Correct!
Adjust BPDU timers so that there is less overhead traffic on the switching fabric.
Correct!
Administratively disable ports that should be blocking and check to see if connectivity is restored.
Capture traffic on a saturated link and check whether identical frames are traversing multiple links.
Correct!
Question 12
1 / 1 pts
Correct!
bridge ID
STP ID
Correct!
port ID
link-state ID
Correct!
cost of path
Question 13
1 / 1 pts
Users complain that they lost connectivity to all resources in the network. A network administrator suspects the presence of a bridging
loop as a root cause of the problem. Which two actions will determine the existence of the bridging loop? (Choose two.)
Confirm MAC port security is enabled on all access switches.
Check the port utilization on devices and look for abnormal values.
Correct!
Verify that the management VLAN is properly configured on all root bridges.
Capture the traffic on the saturated link and verify if duplicate packets are seen.
Correct!
Ensure that the root guard and loop guard are properly configured on all distribution links.
Question 14
1 / 1 pts
What effect does the global configuration command spanning-tree portfast bpdufilter default have when enabled on an access switch?
All switch ports start filtering the superior BPDUs coming from other switches and the access switch becomes a root bridge.
Correct!
All PortFast enabled ports stop sending BPDUs, but if a BPDU is received on the port, the port gets out of the PortFast state, thereby
disabling the BPDU filtering.
Question 15
1 / 1 pts
root ports
designated ports
Correct!
Question 16
1 / 1 pts
The forward delay timer has been changed from the default value.
Correct!
Question 17
1 / 1 pts
What will happen when a BPDU is received on a loop guard port that is in a loop-inconsistent state?
The port will be disabled and the administrator must re-enable it manually.
Correct!
The port will transition to the appropriate state as determined by the normal function of the spanning tree.
Question 18
1 / 1 pts
Refer to the exhibit. What implementation of spanning tree best describes the spanning-tree operational mode of the switch?
Correct!
IEEE 802.1D
IEEE 802.w
IEEE 802.1s
PVRST+
Question 19
pts
1/1
Which two statements are true about the RSTP negotiations between switches? (Choose two.)
All ports that are directly connected to end stations must be enabled as designated ports.
Correct!
It greatly improves the restoration times for any VLAN that requires a topology convergence due to link up.
Refer to curriculum topic: 3.1.3
Question 20
1 / 1 pts
What happens when a switch running IEEE 802.1D receives a topology change message from the root bridge?
Correct!
The switch uses the forward delay timer to age out entries in the MAC address table.
The switch uses the max-age timer to age out entries in the MAC address table.
The switch uses the hello to age out entries in the MAC address table.
The switch uses the forward delay and the max-age timer to age out entries in the MAC address table.
Refer to curriculum topic: 3.1.1
Chapter 4 Exam
Due No due date
Points 20
Questions 20
Attempt History
Attempt
Time
Score
KEPT
Attempt 3
10 minutes
20 out of 20
LATEST
Attempt 3
10 minutes
20 out of 20
Attempt 2
11 minutes
19 out of 20
Attempt 1
13 minutes
19 out of 20
Question 1
1 / 1 pts
Which three parameters should match all switches within an MST region? (Choose three.)
configuration name
Correct!
revision number
bridge priority
Correct!
VLAN-to-instance mappings
Refer to curriculum topic: 3.2.4
Question 2
1 / 1 pts
What priority value should be entered on a switch, via the spanning-tree vlan 20 priority priority command, if the desired priority for
VLAN 20 is 4116?
4116
4106
Correct!
4096
32788
Question 3
1 / 1 pts
Refer to the exhibit. Switch SW1 is receiving traffic from SW2. However, SW2 is not receiving traffic from SW1. Which STP
feature should be implemented to prevent inadvertent loops in the network?
Correct!
UDLD
PortFast
BPDU guard
BPDU filtering
Refer to curriculum topic: 3.3.6
Question 4
1 / 1 pts
What are three important steps in troubleshooting STP problems? (Choose three.)
Administratively create bridge loops and see what path the traffic takes.
Correct!
Adjust BPDU timers so that there is less overhead traffic on the switching fabric.
Correct!
Administratively disable ports that should be blocking and check to see if connectivity is restored.
Capture traffic on a saturated link and check whether identical frames are traversing multiple links.
Correct!
Question 5
1 / 1 pts
The forward delay timer has been changed from the default value.
Correct!
Question 6
1 / 1 pts
One switch in a Layer 2 switched spanning-tree domain is converted to PVRST+ using the spanning-tree mode rapid-pvst global
configuration mode command. The remaining switches are running PVST+. What is the effect on the spanning-tree operation?
Spanning tree is effectively disabled in the network.
The PVRST+ switch forwards 802.1D BPDUs, but does not participate as a node in any spanning tree.
All switches default to one 802.1D spanning tree for all VLANs.
Correct!
Question 7
1 / 1 pts
Refer to the exhibit. What implementation of spanning tree best describes the spanning-tree operational mode of the switch?
Correct!
IEEE 802.1D
IEEE 802.w
IEEE 802.1s
PVRST+
Question 8
1 / 1 pts
What happens when a switch running IEEE 802.1D receives a topology change message from the root bridge?
Correct!
The switch uses the forward delay timer to age out entries in the MAC address table.
The switch uses the max-age timer to age out entries in the MAC address table.
The switch uses the hello to age out entries in the MAC address table.
The switch uses the forward delay and the max-age timer to age out entries in the MAC address table.
Refer to curriculum topic: 3.1.1
Question 9
1 / 1 pts
Which two statements are true about the RSTP negotiations between switches? (Choose two.)
Correct!
All ports that are directly connected to end stations must be enabled as designated ports.
Correct!
It greatly improves the restoration times for any VLAN that requires a topology convergence due to link up.
Question 10
1 / 1 pts
Refer to the exhibit. STP is configured on all switches in the network. Recently, the user on workstation A lost connectivity to
the rest of the network. At the same time, the administrator received the console message:
%SPANTREE-2-RX_PORTFAST:Received BPDU on PortFast enable port.Disabling 2/1
What is the cause of the problem?
Correct!
The STP PortFast BPDU Guard feature has disabled port 2/1 on the switch.
Question 11
1 / 1 pts
Question 12
1 / 1 pts
Which STP timer defines the length of time spent in the listening and learning states?
hello time
forward aging
Correct!
forward delay
max age
max delay
Refer to curriculum topic: 3.1.1
Refer to the exhibit. After the sequence of commands is entered, how many VLANs will be assigned to the default instance?
4094
4064
4062
Correct!
4061
Question 13
Each switch determines a designated port that provides the best path to the root switch.
Correct!
The designated port will be on the switch with the best path to the root switch.
1 / 1 pts
With each network change, the STP algorithm is run on all switches that have a root port.
A topology change will cause the switch where the change occurred to send messages about the change throughout the tree.
Question 14
1 / 1 pts
Refer to the exhibit. What two conclusions does the output show to be true? (Choose two.)
Correct!
Correct!
Interface Fa0/12 will move into the errdisable state if a BPDU is received.
Question 15
1 / 1 pts
Which protocol should an administrator recommend to manage bridged links when the customer requires a fully redundant
network that can utilize load balancing technologies and reconverge on link failures in less than a second?
IEEE 802.1Q (CST)
Correct!
Cisco PVST+
IEEE 802.1D(STP)
Refer to curriculum topic: 3.1.3
Question 16
1 / 1 pts
Refer to the exhibit. STP is enabled on all switches in the network. The port on switch A that connects to switch B is half duplex. The port
on switch B that connects to switch A is full duplex. What are three problems that this scenario could create? (Choose three.)
Switch B will become the root switch.
Switch A is performing carrier sense and collision detection, and switch B is not.
Correct!
Autonegotiation results in both switch A and switch B failing to perform carrier sense.
BPDUs may not successfully negotiate port states on the link between switch A and switch B.
Correct!
Spanning tree will keep re-calculating, thereby consuming all the CPU normally used for traffic.
Question 17
1 / 1 pts
Correct!
bridge ID
STP ID
Correct!
port ID
link-state ID
Correct!
cost of path
Question 18
1 / 1 pts
Assuming that all switches in a network have the default bridge priority for each MST instance, what effect does the command
spanning-tree mst 10 root primary have when entered on a single switch?
sets the bridge priority on the switch to 24586 for MST instance 10
Correct!
sets the bridge priority on the switch to 24576 for MST instance 10
sets the bridge priority on the switch to 28672 for MST instance 10
sets the bridge priority on the switch to 24582 for MST instance 10
Question 19
1 / 1 pts
root ports
designated ports
Correct!
Question 20
1 / 1 pts
Which two statements are true about STP root guard? (Choose two.)
Correct!
Correct!
Root guard re-enables a switch port once it stops receiving superior BPDUs.
Root guard should be configured on all ports on the desired root bridge to prevent another bridge from becoming the root.
If a root guard enabled port receives a inferior BPDU from a nonroot switch, the port transitions to the blocking state to prevent a root
bridge election.
Chapter 4 Exam
Due No due date
Points 20
Questions 20
Attempt History
LATEST
Attempt
Time
Score
Attempt 1
13 minutes
19 out of 20
Question 1
1 / 1 pts
root ports
designated ports
Correct!
Question 2
1 / 1 pts
Refer to the exhibit. The configuration on the switch was changed between Output #1 and Output #2. What was done on the switch?
The command spanning-tree etherchannel guard misconfig was issued in global configuration mode.
The command spanning-tree etherchannel guard misconfig was issued in interface configuration mode.
Correct!
The command spanning-tree portfast bpduguard default was issued in global configuration mode.
The command spanning-tree portfast bpduguard default was issued in interface configuration mode.
Question 3
1 / 1 pts
Which two statements are true about STP root guard? (Choose two.)
Correct!
Correct!
Root guard re-enables a switch port once it stops receiving superior BPDUs.
Root guard should be configured on all ports on the desired root bridge to prevent another bridge from becoming the root.
If a root guard enabled port receives a inferior BPDU from a nonroot switch, the port transitions to the blocking state to prevent a root
bridge election.
Question 4
1 / 1 pts
Refer to the exhibit. What two conclusions does the output show to be true? (Choose two.)
Correct!
Correct!
Interface Fa0/12 will move into the errdisable state if a BPDU is received.
Question 5
pts
1/1
Users complain that they lost connectivity to all resources in the network. A network administrator suspects the presence of a bridging
loop as a root cause of the problem. Which two actions will determine the existence of the bridging loop? (Choose two.)
Confirm MAC port security is enabled on all access switches.
Correct!
Check the port utilization on devices and look for abnormal values.
Verify that the management VLAN is properly configured on all root bridges.
Correct!
Capture the traffic on the saturated link and verify if duplicate packets are seen.
Ensure that the root guard and loop guard are properly configured on all distribution links.
Refer to curriculum topic: 3.4.2
Question 6
1 / 1 pts
What are three important steps in troubleshooting STP problems? (Choose three.)
Administratively create bridge loops and see what path the traffic takes.
Correct!
Adjust BPDU timers so that there is less overhead traffic on the switching fabric.
Correct!
Administratively disable ports that should be blocking and check to see if connectivity is restored.
Capture traffic on a saturated link and check whether identical frames are traversing multiple links.
Correct!
Question 7
The forward delay timer has been changed from the default value.
Correct!
1 / 1 pts
Question 8
1 / 1 pts
Which protocol extends the IEEE 802.1w Rapid Spanning Tree (RST) algorithm to multiple spanning trees?
STP
RSTP+
CST
Correct!
MST
Question 9
1 / 1 pts
Assuming that all switches in a network have the default bridge priority for each MST instance, what effect does the command
spanning-tree mst 10 root primary have when entered on a single switch?
sets the bridge priority on the switch to 24586 for MST instance 10
Correct!
sets the bridge priority on the switch to 24576 for MST instance 10
sets the bridge priority on the switch to 28672 for MST instance 10
sets the bridge priority on the switch to 24582 for MST instance 10
Refer to curriculum topic: 3.2.4
Question 10
1 / 1 pts
Refer to the exhibit. STP is enabled on all switches in the network. The port on switch A that connects to switch B is half duplex. The port
on switch B that connects to switch A is full duplex. What are three problems that this scenario could create? (Choose three.)
Switch B will become the root switch.
Correct!
Switch A is performing carrier sense and collision detection, and switch B is not.
Autonegotiation results in both switch A and switch B failing to perform carrier sense.
Correct!
BPDUs may not successfully negotiate port states on the link between switch A and switch B.
Spanning tree will keep re-calculating, thereby consuming all the CPU normally used for traffic.
Question 11
1 / 1 pts
Correct!
bridge ID
STP ID
Correct!
port ID
link-state ID
Correct!
cost of path
Question 12
1 / 1 pts
Refer to the exhibit. STP is configured on all switches in the network. Recently, the user on workstation A lost connectivity to
the rest of the network. At the same time, the administrator received the console message:
%SPANTREE-2-RX_PORTFAST:Received BPDU on PortFast enable port.Disabling 2/1
What is the cause of the problem?
Correct!
The STP PortFast BPDU Guard feature has disabled port 2/1 on the switch.
Question 13
What will happen when a BPDU is received on a loop guard port that is in a loop-inconsistent state?
1 / 1 pts
The port will be disabled and the administrator must re-enable it manually.
Correct!
The port will transition to the appropriate state as determined by the normal function of the spanning tree.
Question 14
1 / 1 pts
One switch in a Layer 2 switched spanning-tree domain is converted to PVRST+ using the spanning-tree mode rapid-pvst global
configuration mode command. The remaining switches are running PVST+. What is the effect on the spanning-tree operation?
Spanning tree is effectively disabled in the network.
The PVRST+ switch forwards 802.1D BPDUs, but does not participate as a node in any spanning tree.
All switches default to one 802.1D spanning tree for all VLANs.
Correct!
Question 15
1 / 1 pts
Which two statements are true about the RSTP negotiations between switches? (Choose two.)
Correct!
All ports that are directly connected to end stations must be enabled as designated ports.
Correct!
It greatly improves the restoration times for any VLAN that requires a topology convergence due to link up.
Question 16
1 / 1 pts
What effect does the global configuration command spanning-tree portfast bpdufilter default have when enabled on an access switch?
All switch ports start filtering the superior BPDUs coming from other switches and the access switch becomes a root bridge.
Correct!
All PortFast enabled ports stop sending BPDUs, but if a BPDU is received on the port, the port gets out of the PortFast state, thereby
disabling the BPDU filtering.
Question 17
1 / 1 pts
Which three parameters should match all switches within an MST region? (Choose three.)
Correct!
configuration
name
revision number
Correct!
bridge priority
VLAN-to-instance mappings
Correct!
Question 18
1 / 1 pts
Refer to the exhibit. Switch SW1 is receiving traffic from SW2. However, SW2 is not receiving traffic from SW1. Which STP
feature should be implemented to prevent inadvertent loops in the network?
Correct!
UDLD
PortFast
BPDU guard
BPDU filtering
Refer to curriculum topic: 3.3.6
Question 19
0 / 1 pts
What priority value should be entered on a switch, via the spanning-tree vlan 20 priority priority command, if the desired
priority for VLAN 20 is 4116?
4116
You Answered
4106
Correct Answer
4096
32788
Question 20
1 / 1 pts
Which STP timer defines the length of time spent in the listening and learning states?
hello time
forward aging
Correct!
forward delay
max age
max delay
Refer to curriculum topic: 3.1.1
Chapter 5 Exam
Due No due date
Points 20
Questions 20
Attempt History
Attempt
Time
Score
KEPT
Attempt 2
10 minutes
20 out of 20
LATEST
Attempt 2
10 minutes
20 out of 20
Attempt 1
10 minutes
19 out of 20
Question 1
1 / 1 pts
Refer to the exhibit. The router has been properly configured for the trunking interface. Which statement is true about the
routing table on the router?
It will show a next hop address of the switch for both VLANs.
Correct!
Because the switch is not configured properly to trunk VLAN 1 and VLAN 2, the routing table of the router will not show routes to either VLAN .
Because the switch port fa0/1 is in access mode, the routing table of the router will not show any routes.
Question 2
1 / 1 pts
What is an advantage to using a trunk link to connect a switch to an external router that is providing inter-VLAN routing?
Correct!
Question 3
1 / 1 pts
Which message will be sent back to the client by the DHCP server to confirm that the IP address has been allocated to the client?
DHCPDISCOVER unicast
DHCPDISCOVER broadcast
DHCPOFFER unicast
DHCPOFFER broadcast
DHCPREQUEST unicast
DHCPREQUEST broadcast
Correct!
DHCPACK unicast
Question 4
1 / 1 pts
Refer to the exhibit. A network administrator attempts to ping the IP address 172.16.20.1 from RouterA. What will the router output be?
Correct!
Question 5
1 / 1 pts
Refer to the exhibit and the partial configuration taken on router RTA. Users on VLAN 5 cannot communicate with the users on
VLAN 10. What should be done to fix the problem?
A dynamic routing protocol should be configured on the router.
Two static routes should be configured on the router, each pointing to each subnet.
The Fa0/0 interface should be configured with a primary IP address of 10.10.5.1/24 and a secondary IP address of 10.10.10.1/24.
Correct!
Question 6
1 / 1 pts
Which two statements are true about switched virtual interfaces (SVI) on a multilayer switch? (Choose two.)
An SVI behaves like a regular router interface but does not support VLAN subinterfaces.
Correct!
Correct!
To create an SVI requires removal of Layer 2 port functionality with the no switchport interface configuration command.
Question 7
1 / 1 pts
Which statement describes what occurs when a DHCP request is forwarded through a router that has been configured with the
ip helper-address command?
The router replaces the source MAC address included in the DHCP request with its own MAC address.
The router replaces the source IP address of the DHCP request with the IP address that is specified with the ip helper-address command.
Correct!
The router replaces the broadcast destination IP address of the DHCP request with the unicast IP address that is specified with the ip
helper-address command.
The router replaces the unicast destination IP address of the DHCP request with the unicast IP address that is specified with the ip
helper-address command.
Question 8
1 / 1 pts
Refer to the exhibit. Based on the debug ip dhcp server packet output, which statement is true?
The client sends a DHCPDISCOVER that contains IP address 10.1.10.21 to the DHCP server.
The client sends a DHCPREQUEST that contains IP address 10.1.10.21 to the DHCP server.
The client sends the BOOTREPLY broadcast message to inquire for a new IP address.
Correct!
The client accepts the offer from the DHCP server for the 10.1.10.21 IP address.
Question 9
1 / 1 pts
A client computer is set up for DHCP and needs an IP configuration. During the DHCP client configuration process, which
response will enable the client to begin using the assigned address immediately?
Correct!
DHCPACK
DHCPREQUEST
DHCPOFFER
DHCPDISCOVER
Question 10
1 / 1 pts
Refer to the exhibit and the partial configuration taken on routers RTA
and RTB. All users can ping their gateways, but users on VLAN 5 and
VLAN 10 cannot communicate with the users on VLAN 20. What should
be done to solve the problem?
Correct!
RTA interface Fa0/1 and RTB Fa0/1 should be configured with three subinterfaces, each with ISL encapsulation.
RTA interface Fa0/1 and RTB Fa0/1 should be configured with three subinterfaces, each with 802.1Q encapsulation.
Question 11
1 / 1 pts
A client sends a request for an IP address to a DHCP server. Which DHCP message to the client will provide the
configuration parameters that include an IP address, a domain name, and a lease for the IP address?
DHCPDISCOVER
Correct!
DHCPOFFER
DHCPREQUEST
DHCPACK
Question 12
1 / 1 pts
Question 13
1 / 1 pts
How is the Layer 2 functionality restored to a port configured for Layer 3 operation?
no switchport
Correct!
switchport
A DHCPREQUEST message has been sent from the client to the DHCP server. What information is included in the message?
Question 14
Which two statements are true about routed ports on a multilayer switch? (Choose two.)
A routed port behaves like a regular router interface and supports VLAN subinterfaces.
Correct!
Correct!
To create a routed port requires removal of Layer 2 port functionality with the no switchport interface configuration command.
The interface vlan global configuration command is used to create a routed port.
1 / 1 pts
Question 15
1 / 1 pts
Which three statements about a routed port are true? (Choose three.)
A routed switch port is a physical device that is associated with several VLANs.
Correct!
A routed switch port is created by configuring a Layer 2 port with the no switchport interface configuration command and assigning
an IP address.
A routed switch port is created by entering VLAN interface configuration mode and assigning an IP address.
A routed switch port is a virtual Layer 3 interface that can be configured for any VLAN that exists on a Layer 3 switch.
A routed switch port provides an interface that may provide a Layer 3 connection to a next-hop
Correct!
router. A routed switch port can serve as a default gateway for devices.
Correct!
Question 16
1 / 1 pts
Refer to the exhibit. Which statement is true regarding the diagram and show ip route command output?
Because no routing protocol has been configured, the router will not forward packets between workstations.
The default gateway for hosts on VLAN 10 should be the Fa0/0 IP address of the router.
Correct!
The default gateway for hosts on VLAN 10 should be the Fa0/0.1 IP address of the router.
The default gateway for hosts on VLAN 10 should be the Fa0/0.2 IP address of the router.
Because their packets are being trunked, hosts on VLAN 10 do not need a default gateway.
Refer to curriculum topic: 4.1.2
Question 17
1 / 1 pts
Refer to the exhibit. What additional configuration is required for host A to receive IP configuration from the DHCP server?
Correct!
The ip forward-protocol 37 global configuration command is required to forward DNS requests to IP address 10.1.2.10.
The ip forward-protocol 67 global configuration command is required to forward DHCP requests to IP address 10.1.2.10.
The ip forward-protocol 69 global configuration command is required to forward TFTP requests to IP address 10.1.2.10.
Question 18
1 / 1 pts
Refer to the exhibit. A network administrator attempts to ping the IP address 172.16.20.1 from RouterA. What will the router output be?
Correct!
Question 19
1 / 1 pts
Refer to the exhibit. Which configuration should be applied on router R1 in order for host 1 to receive its IP configuration from
the DHCP server?
ip helper-address 10.1.1.2 applied to the Fa0/0 interface
Question 20
Refer to the exhibit. Host A is unable to obtain an IP address from the DHCP server. Which procedure would solve this problem?
Correct!
1 / 1 pts
Quiz Score:
out of 2
Chapter 6 Exam
Due No due date
Points 15
Questions 15
Attempt History
Attempt
Time
Score
KEPT
Attempt 2
7 minutes
15 out of 15
LATEST
Attempt 2
7 minutes
15 out of 15
Attempt 1
22 minutes
13 out of 15
Question 1
1 / 1 pts
Refer to the exhibit. What action does the command standby 1 track Serial0/0/0 on router R1 perform?
It links the default gateway virtual address 192.168.21.10 to the IP address 192.168.31.1 on interface Serial0/0/0.
It links the default gateway virtual address 192.168.21.10 to the IP address 192.168.42.2 on interface Serial0/0/0.
It tracks the state of the Fa0/0 interface on R1 and brings down the priority of standby group 1 if the interface goes down.
Correct!
It tracks the state of the Serial0/0/0 interface on R1 and brings down the priority of standby group 1 if the interface goes down.
Question 2
GLBP allows multiple routers to participate in a virtual router group that is configured with a virtual IP address. One member is elected to
be the active router for the group and the other routers are passive until the active router fails.
Correct!
By making use of a single virtual IP address and multiple virtual MAC addresses, GLBP provides load balancing over multiple routers
(gateways) . All routers in the virtual router group participate in forwarding packets.
1 / 1 pts
By making use of a single virtual IP address and multiple virtual MAC addresses, HSRP provides load balancing over multiple routers
(gateways). All routers in the virtual router group participate in forwarding packets.
By making use of a single virtual IP address and multiple virtual MAC addresses, VRRP provides load balancing over multiple routers
(gateways). All routers in the virtual router group participate in forwarding packets.
Question 3
1 / 1 pts
Which of the following GLBP load-balancing options is configured if the host is guaranteed the use of the same virtual MAC address?
Correct!
host-dependent
round-robin
weighted load-balancing
none
Question 4
1 / 1 pts
Question 5
1 / 1 pts
The priority value of 255 means the router is ineligible to become the master router for the VRRP group.
The priority value of 255 means the router has stopped participating in the VRRP group.
Correct!
The priority value of 0 means the router has stopped participating in the VRRP group.
The priority value of 0 means the router is ineligible to become the master router for the VRRP group.
Refer to the exhibit. Which statement is true about best practice and the exhibited network design?
Correct!
The Layer 2 VLAN number should be mapped to the Layer 3 subnet for ease of use and management.
The HSRP active router for VLAN 55 and VLAN 60 should be the same switch.
The uplink between the access switches and the distribution switches should be trunk links.
Question 6
1 / 1 pts
Two routers are configured for an HSRP group. One router uses the default HSRP priority. What priority should be assigned to
the other router to make it more likely to be the active router?
1
100
Correct!
200
500
Question 7
1 / 1 pts
What are two functions of the standby router in an HSRP group? (Choose two.)
Correct!
to physically forward packets that are sent to the MAC address of the virtual router
to reply with the virtual router MAC address in the event an ARP request is received
Correct!
to contend for the active router role with all other routers in the group in the event the active fails
Question 8
1 / 1 pts
Refer to the exhibit. What statement is true about the output of the show standby command?
Correct!
This router is in the HSRP down state because its tracked interfaces are down.
Question 9
1 / 1 pts
Refer to the exhibit. Switch DSw1 is the active virtual gateway (AVG) and DSw2 is an active virtual forwarder (AVF). Based on this
information, which two GLBP statements are true? (Choose two.)
GLBP is a Cisco proprietary protocol and is supported on all Cisco Catalyst and Cisco router platforms.
Switch DSw2 has been configured with the glbp 1 priority 95 command.
Correct!
When host A sends an ARP message for the gateway IP address, switch DSw1 returns the physical MAC address of switch DSw2.
Question 10
1 / 1 pts
What are two characteristics of Gateway Load Balancing Protocol (GLBP) operation? (Choose two.)
GLBP will attempt to balance traffic on a per-router basis by the use of the round-robin algorithm.
Correct!
GLBP will attempt to balance traffic on a per-host basis by the use of the round-robin algorithm.
Correct!
The active virtual forwarder (AVF) is assigned a virtual MAC address and forwards packets sent to that MAC address.
The active virtual gateway (AVG) is the backup for the AVF.
GLBP members communicate with each other through hello messages sent every 3 seconds to the multicast address 224.0.0.104.
Question 11
1 / 1 pts
Refer to the exhibit. Router RTA has been configured as the active HSRP router. Router RTB is to be the standby HSRP router.
However, once the indicated configuration was applied to router RTB, the console began to display the message %HSRP-4DIFFVIP1. What is the cause of the message?
The command standby preempt should only be applied on the active router.
Correct!
The ports on the switch must be configured with the spanning-tree PortFast feature.
Question 12
1 / 1 pts
Which two statements are true about the Hot Standby Router Protocol (HSRP)? (Choose two.)
A router in the speak state sends periodic hello messages to all routers in the group to acquire a virtual IP address.
Correct!
A router in the speak state sends periodic hello messages and actively participates in the election of the active or standby router.
A router in the standby state forwards packets that are sent to the group virtual MAC address.
Correct!
The router in the standby state is a candidate to become the next active router.
The router that is not the standby or active router will remain in the speak state.
Question 13
1 / 1 pts
Refer to the exhibit. Based on the provided configuration, which routers are the master and the backup virtual routers for the
hosts that are connected to the VRRP group 1?
Router R1 is the master for all hosts, and router R2 is the backup for all hosts in the group.
Correct!
Router R1 is the master for Host1 and Host2. Router R2 is the master for Host3 and Host4.
Router R1 is the master for Host3 and Host4. Router R2 is the backup for Host3 and Host4.
Because of incorrect configuration of the default gateway on the hosts, none of the routers is the master for the VRRP group.
Question 14
1 / 1 pts
AVF
Correct!
AVG
Active
MVP
Question 15
1 / 1 pts
Correct!
A VRRP group has one master router and one or more backup routers.
The virtual IP address for the VRRP group must be different from active and standby IP addresses.
Correct!
VRRP provides redundancy for the IP address of a router or for a virtual IP address shared among the VRRP group members.
Chapter 7 Exam
Due No due date
Points 15
Questions 15
Attempt History
LATEST
Attempt
Time
Score
Attempt 1
4 minutes
15 out of 15
Question 1
1 / 1 pts
Network devices will always synchronize with NTP server with the highest stratum number.
1 / 1 pts
Question 2
In a AAA architecture, what is the name of the role given to the client running 802.1x software?
AAA peer
authenticator
authentication server
Correct!
supplicant
Question 3
1 / 1 pts
Correct!
Authentication
Correct!
Authorization
Correct!
Accounting
Question 4
1 / 1 pts
ntp master
Question 5
1 / 1 pts
Correct!
SNTP and NTP cannot coexist on the same device because they use the same port
number. SNTP is a simplified, client-only version of the NTP.
Correct!
Correct!
Question 6
1 / 1 pts
Refer to the exhibit. Which feature does a SNMP manager need in order to set a parameter on switch ACSW1?
Correct!
Question 7
authNoPriv
Correct!
authPriv
community string
noAuthNoPriv
SNMPv2
1 / 1 pts
Question 8
1 / 1 pts
Correct!
When a host comes up that is attached to a switch port, the authentication server queries the host for 802.1x authentication information.
Question 9
1 / 1 pts
Refer to the exhibit. Network policy dictates that security functions should be administered using AAA. Which configuration
would create a default login authentication list that uses RADIUS as the first authentication method, the enable password as
the second method, and the local database as the final method?
SW-1(config)# aaa new-model
SW-1(config)# radius-server host 10.10.10.12 key secret
SW-1(config)# aaa authentication default group-radius local
Correct!
Question 10
Which three commands are necessary to configure NTP authentication between devices? (Choose three.)
Correct!
ntp authenticate
Correct!
1 / 1 pts
Correct!
ntp trusted-key 1
ntp authentication
Question 11
1 / 1 pts
Question 12
1 / 1 pts
get response
inform request
Correct!
set request
trap
Which SNMP version provides authentication and encryption for transmission of critical data between managed devices?
SNMPV2
SNMPv3noAuthnoPriv
Correct!
SNMPv3authPriv
SNMPv3 authNoPriv
Question 13
1 / 1 pts
Refer to the exhibit. Given the configuration on the ALSwitch, what is the end result?
forces all hosts that are attached to a port to authenticate before being allowed access to the network
Correct!
disables 802.1x port-based authentication and causes the port to allow normal traffic without authenticating the client
Question 14
1 / 1 pts
Faster convergence
Question 15
1 / 1 pts
Refer to the exhibit. A switch is being configured to support AAA authentication on the console connection. Given the
information in the exhibit, which three statements are correct? (Choose three.)
The authentication login admin line console command is required.
Correct!
The configuration creates an authentication list that uses a named access list called group as the first authentication method, a TACACS+ server as the
second method, the local username database as the third method, the enable password as the fourth method, and none as the last method.
The configuration creates an authentication list that uses a TACACS+ server as the first authentication method, the local username
Correct!
database as the second method, the enable password as the third method, and none as the last method.
The none keyword enables any user logging in to successfully authenticate if all other methods return an error.
Correct!
The none keyword specifies that a user cannot log in if all other methods have failed.
Chapter 8 Exam
Due No due date
Points 15
Questions 15
Attempt History
LATEST
Attempt
Time
Score
Attempt 1
8 minutes
15 out of 15
Question 1
1 / 1 pts
A port can act as the destination port for all SPAN sessions configured on the switch.
A port can be configured to act as a source and destination port for a single SPAN session.
Correct!
Both Layer 2 and Layer 3 switched ports can be configured as source or destination ports for a single SPAN session.
Port channel interfaces (EtherChannel) can be configured as source and destination ports for a single SPAN session.
Question 2
1 / 1 pts
The PoE switch keeps the power on a disabled port up, just in case a device that needs PoE will be connected.
Correct!
With 802.3af and 802.3at, the switch tries to detect the powered device by supplying a small voltage across the Ethernet cable.
Cisco Inline Power has the same method of negotiating power as both of the IEEE standards.
Question 3
1 / 1 pts
Which two statements are true about SDM templates? (Choose two.)
The show SDM version command is used to display the current SDM template.
Correct!
Correct!
Modifying the SDM template requires a reload on the switch before the settings take effect.
The current template can be viewed using the show platform tcam utilization command.
Question 4
1 / 1 pts
Correct!
IP SLA operation 99 had 211 successful replies from the target device.
IP SLA operation 100 had 211 successful replies from the target device.
Question 5
1 / 1 pts
Correct!
The communication protocol that is used for SLA communications must be configured.
Question 6
1 / 1 pts
It is automatically enabled.
Correct!
It allows a switch to detect a unidirectional link and shut down the affected interface.
Question 7
1 / 1 pts
Refer to the exhibit. Which statement is true about the local SPAN configuration on switch SW1?
Correct!
The SPAN session transmits to a device on port Fa3/21 a copy of all traffic that is monitored on port Fa3/1.
The SPAN session transmits to a device on port Fa3/21 a copy of all traffic that is monitored on port Fa3/1, but only if port Fa3/1 is configured in
VLAN 10.
The SPAN session transmits to a device on port Fa3/21 a copy of all traffic that is monitored on port Fa3/1, but only if port Fa3/1 is
configured as trunk.
The SPAN session transmits to a device on port Fa3/21 only a copy of unicast traffic that is monitored on port Fa3/1. All multicast and
BPDU frames will be excluded from the monitoring process.
Question 8
1 / 1 pts
Question 9
1 / 1 pts
Refer to the exhibit. A network technician is trying to resolve an execution problem with an IP SLA. What is the problem?
Correct!
Question 10
1 / 1 pts
Refer to the exhibit. Which statement is true about the VSPAN configuration on switch SW1?
The VSPAN session that is configured on port Fa3/4 can monitor only the ingress traffic for any of the VLANs.
The VSPAN session that is configured on port Fa3/4 can monitor only the egress traffic for any of the VLANs.
Port Fa3/4 must be associated with VLAN 10 or VLAN 20 in order to monitor the traffic for any of the VLANs.
Correct!
The VSPAN session transmits a copy of the ingress traffic for VLAN 10 and the egress traffic for VLAN 20 out interface Fa3/4.
Question 11
1 / 1 pts
full
Correct!
normal
bidirectional
Correct!
aggressive
active
Question 12
Refer to the exhibit. What can be determined about this SLA monitor?
Correct!
1 / 1 pts
Question 13
1 / 1 pts
Correct!
Question 14
1 / 1 pts
Correct!
LLDP supports enabling or disabling either transmitting or receiving capabilities per port
Correct!
LLDP allows network management applications to automatically discover and learn about network devices.
Correct!
Question 15
Which SDM template should be enabled if you have a large number of VLANs to support?
1 / 1 pts
Quiz Score:
out of 1
Chapter 9 Exam
Due No due date
Points 15
Questions 15
Attempt History
Attempt
Time
Score
KEPT
Attempt 3
2 minutes
15 out of 15
LATEST
Attempt 3
2 minutes
15 out of 15
Attempt 2
3 minutes
14.67 out of 15
Attempt 1
21 minutes
10 out of 15
Question 1
1 / 1 pts
SSO
RPR
RPR+
NSF
Question 2
1 / 1 pts
Which three redundancy modes are supported by Catalyst 6500 Series switches? (Choose three.)
Correct!
Correct!
Manual Switchover
Correct!
Question 3
1 / 1 pts
When using RPR, what two events can trigger a switchover from the active to the standby Supervisor Engine? (Choose two.)
Correct!
Correct!
port failure
Question 4
1 / 1 pts
What is the expected failover time for SSO mode for Layer 2 switching on the Catalyst 4500 family of switches?
Subsecond
1 to 2 minutes
Question 5
1 / 1 pts
RPR
SSO
RPR+
Correct!
NSF
Question 6
1 / 1 pts
Correct!
VSS is implemented in the access layer which supports a more simplistic design.
Correct!
Correct!
Question 7
Correct!
to keep a backup copy of the latest MAC table in the event of RAM failure
to move switch ports that are currently in blocking mode to forwarding mode with minimal packet loss
1 / 1 pts
Question 8
1 / 1 pts
Which one of the following features provides the fastest failover for supervisor or route processor redundancy?
RPR+
NSF
RPR
Correct!
SS0
Question 9
1 / 1 pts
Correct!
Correct!
Once the VSS is formed, only the control plan of one of the member's is active.
VSS is a network system virutalization technology that combine a pair of Catalyst 3500, 4500 or 6500 series switches into one virtual switch.
Correct!
Question 10
1 / 1 pts
Which command can be used to verify StackWise configuration to include their stack number, stack role, MAC address,
hardware priority, hardware version and current state?
show version
show stack
Correct!
show switch
show platform
Question 11
1 / 1 pts
Correct!
Access switches should have a backup connection to at least one core device
Three distribution switches should be implemented so that the third switch can take the role of active or standby, as necessary.
Question 12
Which two technologies can be used to reduce the number of logical network devices and simplify Layer 2 and Layer
3 network toplogies? (Choose two.)
Correct!
1 / 1 pts
VSS
TCAM
NSF
VRRP
Correct!
StackWise
Question 13
1 / 1 pts
The StackWise technology creates a virtual connection between the devices without additional cabling.
Correct!
Correct!
Question 14
1 / 1 pts
A network administrator is designing a network with redundancy features such SSO with NSF. What protocol is should the administrator
avoid while designing the routing topology?
BGP
Correct!
RIP
OSPF
EIGRP
ISIS
Question 15
1 / 1 pts
To display configuration and status information for a VSS, which show command can be used?
Correct!
Chapter 10 Exam
Due No due date
Points 20
Questions 20
Attempt History
Attempt
Time
Score
KEPT
Attempt 2
9 minutes
20 out of 20
LATEST
Attempt 2
9 minutes
20 out of 20
Attempt 1
24 minutes
19 out of 20
Question 1
1 / 1 pts
How should unused ports on a switch be configured in order to prevent VLAN hopping attacks?
Correct!
Configure them as access ports and associate them with an unused VLAN.
Question 2
1 / 1 pts
Refer to the exhibit. The web servers WS _1 and WS_2 need to be accessed by external and internal users. For security reasons, the
servers do not have to communicate with each other although they are located on the same subnet. Both servers need to communicate
with the data server that is located on the inside network. Which configuration will isolate the servers from inside attacks?
Ports Fa3/1, Fa3/2, Fa3/34, and Fa3/35 on DSW1 will be defined as primary VLAN promiscuous ports.
Ports Fa3/1, Fa3/2, Fa3/34, and Fa3/35 on DSW1 will be defined as primary VLAN community ports.
Correct!
Ports Fa3/1 and Fa3/2 on DSW1 will be defined as secondary VLAN isolated ports. Ports Fa3/34 and Fa3/35 will be defined as primary
VLAN promiscuous ports.
Ports Fa3/1 and Fa3/2 on DSW1 will be defined as secondary VLAN community ports. Ports Fa3/34 and Fa3/35 will be defined as primary
VLAN promiscuous ports.
Question 3
1 / 1 pts
Correct!
Place all unused ports into a common VLAN (not VLAN 1).
Question 4
1 / 1 pts
Refer to the exhibit. A network engineer is securing a network against DHCP spoofing attacks. On all switches, the engineer
applied the ip dhcp snooping command and enabled DHCP snooping on all VLANs with the ip dhcp snooping vlan command.
What additional step should be taken to configure the security required on the network?
Correct!
Issue the ip dhcp snooping trust command on all uplink interfaces on SW1, SW2 and SW3.
Issue the ip dhcp snooping trust command on all interfaces on SW2 and SW3.
Issue the ip dhcp snooping trust command on all interfaces on SW1, SW2, and SW3.
Issue the ip dhcp snooping trust command on all interfaces on SW1, SW2, and SW3 except interface Fa0/1 on SW1.
Refer to curriculum topic: 6.4.2
Question 5
1 / 1 pts
Refer to the exhibit. The DNS servers DNS1 and DNS2 are redundant copies so they need to communicate with each other
and to the Internet. The SMTP server should not be reachable from the DNS Servers. Based on the partial configuration that
is provided, what private VLANs design will be implemented?
Correct!
Community VLAN 202 will be created to host both DNS servers, and this VLAN will be associated with the primary VLAN 100.
Isolated VLAN 202 will be created to host both DNS servers, and this VLAN will be associated with the primary VLAN 100.
Community VLAN 100 will be created to host both DNS servers, and this VLAN will be associated with the primary VLAN 202.
Isolated VLAN 100 will be created to host both DNS servers, and this VLAN will be associated with the primary VLAN 202.
Refer to curriculum topic: 2.2.5
Question 6
1 / 1 pts
Correct!
Question 7
1 / 1 pts
Correct!
Add the switchport port-security mac-address sticky command to the interface configuration.
Change the port speed to speed auto with the interface configuration mode.
Question 8
1 / 1 pts
What technology can be used to help mitigate MAC address flooding attacks?
root guard
Private VLANs
DHCP snooping
Correct!
Question 9
1 / 1 pts
What switchport port-security keyword causes MAC addresses to be added to the running configuration?
aging
Correct!
mac-address sticky
maximum
violation
Refer to curriculum topic: 6.6.2
Question 10
a DMZ segment
Correct!
1 / 1 pts
Question 11
1 / 1 pts
Which statement best describes how traffic is handled between different port types within a primary pVLAN?
The traffic is forwarded from promiscuous ports to promiscuous ports in the same primary VLAN.
The traffic is forwarded from promiscuous ports to community and promiscuous ports in the same primary VLAN.
The traffic is forwarded from promiscuous ports to isolated and community ports in the same primary VLAN.
Correct!
The traffic is forwarded from promiscuous ports to isolated, community, and other promiscuous ports in the same primary VLAN.
Question 12
1 / 1 pts
Refer to the exhibit. The DNS servers DNS1 and DNS2 are redundant copies so they need to communicate with each other and to the
Internet. The web server and the SMTP server need to communicate with the Internet, but for security purposes the web and the SMTP
servers should not be reachable from the DNS servers. What private VLAN design should be implemented?
All servers should be configured in separate isolated VLANs. All isolated VLANs should be in the same primary VLAN.
All servers should be configured in separate community VLANs. All community VLANs should be in the same primary VLAN.
Correct!
The DNS1 and DNS2 servers should be configured in a community VLAN. The web and SMTP servers should be configured in an isolated
VLAN. Both the community and isolated VLANs should be part of the primary VLAN.
The DNS1 and DNS2 servers should be configured in an isolated VLAN. The web and SMTP servers should be configured in a community
VLAN. Both the community and isolated VLANs should be in the same primary VLAN.
Question 13
1 / 1 pts
It is meant to disable any rogue DHCP servers that are attached to VLAN 3.
Correct!
It is meant to monitor VLAN 3 for DHCP attacks that will deplete the DHCP pool.
It is meant to monitor VLAN 3 and disable any hosts that are using static IP addresses rather than DHCP addresses.
Refer to curriculum topic: 6.4.2
Question 14
1 / 1 pts
What are two purposes for an attacker launching a MAC table flood? (Choose two.)
Question 15
1 / 1 pts
The capture port captures all packets that are received on the port.
Correct!
The capture port needs to be in the spanning-tree forwarding state for the VLAN.
Question 16
1 / 1 pts
Correct!
The CAM table will be full, causing legitimate frames to be forwarded out all ports within the VLAN and allowing unauthorized users to
capture data.
An attacking device can send or receive packets on various VLANs and bypass Layer 3 security measures.
An attacking device can exhaust the address space available to the DHCP servers for a period of time or establish itself as a DHCP server in
man-in-the-middle attacks.
Information that is sent through CDP is transmitted in clear text and is unauthenticated, allowing it to be captured and to divulge network
topology information.
Question 17
1 / 1 pts
Which countermeasure can be implemented to determine the validity of an ARP packet, based on the valid MAC-address-to-IP
address bindings stored in a DHCP snooping database?
DHCP spoofing
Correct!
MAC snooping
Refer to curriculum topic: 6.4.1
Question 18
1 / 1 pts
A network administrator is tasked with protecting a server farm by implementing private VLANs (PVLANs). A server is only
allowed to communicate with its default gateway and other related servers. Which type of PVLAN should be configured on
the switch ports that connect to the servers?
isolated
promiscuous
secondary VLAN
Correct!
community
Question 19
1 / 1 pts
Which type of output would be produced on a switch after entering the command, Switch# show ip dhcp snooping binding?
DHCP clients that are connected to DHCP snooped ports on the switch
all active protocols on all DHCP clients that are connected to DHCP snooped ports on the switch
Refer to curriculum topic: 6.4.2
Question 20
1 / 1 pts
All access ports on a switch are configured with the administrative mode of dynamic auto. An attacker, connected to one
of the ports, sends a malicious DTP frame. What is the intent of the attacker?
Correct!
VLAN hopping