Cisco CCNA 200-125 Exam Dumps Latest – New Questions & Answers

Section II: LAN Switching Technologies

II.1. Which statement about Cisco Discovery Protocol is true?

  • It is Cisco-proprietary Protocol
  • It can discover information from routers, firewalls and switches
  • It runs on the network layer
  • It runs on the physical layer and the data link layer.

II.2. A network administrator needs to configure port security on a switch. Which two statements are true? (Choose two.)

  • A. The network administrator can apply port security to dynamic access ports
  • B. The network administrator can configure static secure or sticky secure mac addresses in the voice vlan.
  • C. The sticky learning feature allows the addition of dynamically learned addresses to the running configuration.
  • D. The network administrator can apply port security to EtherChannels.
  • E. When dynamic mac address learning is enabled on an interface, the switch can learn new addresses up to the maximum defined.
Show (Hide) Explanation/Reference
Follow these guidelines when configuring port security:
Port security can only be configured on static access ports, trunk ports, or 802.1Q tunnel ports. -> A is not correct.
+ A secure port cannot be a dynamic access port.
+ A secure port cannot be a destination port for Switched Port Analyzer (SPAN).
+ A secure port cannot belong to a Fast EtherChannel or Gigabit EtherChannel port group. -> D is not correct
You cannot configure static secure or sticky secure MAC addresses on a voice VLAN. -> B is not correct.
+ When you enable port security on an interface that is also configured with a voice VLAN, you must set the maximum allowed secure addresses on the port to at least two.
+ If any type of port security is enabled on the access VLAN, dynamic port security is automatically enabled on the voice VLAN.
+ When a voice VLAN is configured on a secure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and all addresses seen on the access VLAN (to which the port belongs) are learned as sticky secure addresses.
+ The switch does not support port security aging of sticky secure MAC addresses.
+ The protect and restrict options cannot be simultaneously enabled on an interface.

(Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swtrafc.html#wp1038546)

Note: Dynamic access port or Dynamic port VLAN membership must be connected to an end station. This type of port can be configured with the “switchport access vlan dynamic” command in the interface configuration mode. Please read more about Dynamic access port here: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swvlan.html#wp1103064

II.3. Which interface counter can you use to diagnose a duplex mismatch problem?

  • no carrier
  • late collisions
  • giants
  • CRC errors
  • deferred
  • runts
Show (Hide) Explanation/Reference
A late collision is defined as any collision that occurs after the first 512 bits of the frame have been transmitted. The usual possible causes are full-duplex/half-duplex mismatch, exceeded Ethernet cable length limits, or defective hardware such as incorrect cabling, non-compliant number of hubs in the network, or a bad NIC.

We can check the interface counter with the “show interface <interface>” command on a Cisco device. For example:

On an Ethernet connection, a duplex mismatch is a condition where two connected devices operate in different duplex modes, that is, one operates in half duplex while the other one operates in full duplex.

Note:
+ Runts are frames which do not meet the minimum frame size of 64 bytes. Runts are usually created by collisions.
+ Giants: frames that are larger than 1,518 bytes

II.4. Which switching method duplicates the first six bytes of a frame before making a switching decision?

  • fragment-free switching
  • store-and-forward switching
  • cut-through switching
  • ASIC switching
Show (Hide) Explanation/Reference
In cut-through switching, the switch copies into its memory only the destination MAC address (first six bytes of the frame) of the frame. After processing these first six bytes, the switch had enough information to make a forwarding decision and move the frame to the appropriate switchport. This switching method is faster than store-and-forward switching method.

In store-and-forward switching, the switch copies each complete Ethernet frame into the switch memory and computes a Cyclic Redundancy Check (CRC) for errors. If a CRC error is found, the Ethernet frame is dropped. If no CRC error is found then that frame is forwarded.

II.5. Which command can you enter to determine whether a switch is operating in trunking mode?

  • show ip interface brief
  • show vlan
  • show interfaces
  • show interface switchport
Show (Hide) Explanation/Reference
Below is an example of the output of this command. Interface Ethernet1/0 is operating in trunking mode.

II.6. What are three benefits of implementing VLANs? (Choose three.)

  • A higher level of network security can be reached by separating sensitive data traffic from other network traffic.
  • A more efficient use of bandwidth can be achieved allowing many physical groups to use the same network infrastructure.
  • A more efficient use of bandwidth can be achieved allowing many logical networks to use the same network infrastructure.
  • Broadcast storms can be mitigated by increasing the number of broadcast domains, thus reducing their size.
  • Broadcast storms can be mitigated by decreasing the number of broadcast domains, thus increasing their size.
  • VLANs make it easier for IT staff to configure new logical groups, because the VLANs all belong to the same broadcast domain.
  • Port-based VLANs increase switch-port use efficiency, thanks to 802.1Q trunks.

II.7. Which command can you enter to view the ports that are assigned to VLAN 20?

  • Switch#show ip interface vlan 20
  • Switch#show vlan id 20
  • Switch#show ip interface brief
  • Switch#show interface vlan 20

II.8. When an interface is configured with PortFast BPDU guard, how does the interface respond when it receives a BPDU?

  • It continues operating normally.
  • It goes into a down/down state.
  • It becomes the root bridge for the configured VLAN.
  • It goes into an errdisable state.
Show (Hide) Explanation/Reference
PortFast BPDU guard prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port. When you enable BPDU guard on the switch, spanning tree shuts down PortFast-configured interfaces that receive BPDUs instead of putting them into the spanning tree blocking state.

In a valid configuration, PortFast-configured interfaces do not receive BPDUs (because PortFast should only be configured on interfaces which are connected to hosts). If a PortFast-configured interface receives a BPDU, an invalid configuration exists. BPDU guard provides a secure response to invalid configurations because the administrator must manually put the interface back in service.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4000/8-2glx/configuration/guide/stp_enha.html

II.9. What are three advantages of VLANs? (Choose three.)

  • VLANs establish broadcast domains in switched networks.
  • VLANs utilize packet filtering to enhance network security.
  • VLANs provide a method of conserving IP addresses in large networks.
  • VLANs provide a low-latency internetworking alternative to routed networks.
  • VLANs allow access to network services based on department, not physical location.
  • VLANs can greatly simplify adding, moving, or changing hosts on the network.

II.10. Refer to the exhibit.

Which of these statements correctly describes the state of the switch once the boot process has been completed?

  • A. The switch will need a different IOS code in order to support VLANs and ST.
  • B. Remote access management of this switch will not be possible without configuration change.
  • C. As FastEthernet0/12 will be the last to come up, it will be blocked by STP.
  • D. More VLANs will need to be created for this switch.
Show (Hide) Explanation/Reference
From the output we notice that the administrator has just shut down Interface Vlan1, which is the default VLAN so no one can access it remotely (like telnet) -> B is correct.

Answer A is not correct as STP calculation does not depend on which port comes up first or last. STP recalculates when there is a change in the network.

A normal switch can operate without VLAN -> C is not correct.

This IOS does support VLAN because it has VLAN 1 on it -> D is not correct.

II.11. Which condition does the err-disabled status indicate on an Ethernet interface?

  • There is a duplex mismatch.
  • The device at the other end of the connection is powered off.
  • The serial interface is disabled.
  • The interface is configured with the shutdown command.
  • Port security has disabled the interface.
  • The interface is fully functioning.
Show (Hide) Explanation/Reference
There are various reasons for the interface to go into errdisable. The reason can be:

+ Duplex mismatch
+ Port channel misconfiguration
+ BPDU guard violation
+ UniDirectional Link Detection (UDLD) condition
+ Late-collision detection
+ Link-flap detection
+ Security violation
+ Port Aggregation Protocol (PAgP) flap
+ Layer 2 Tunneling Protocol (L2TP) guard
+ DHCP snooping rate-limit
+ Incorrect GBIC / Small Form-Factor Pluggable (SFP) module or cable
+ Address Resolution Protocol (ARP) inspection
+ Inline power

Reference: http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/69980-errdisable-recovery.html

Therefore in fact there are two correct answers in this question, which are “There is a duplex mismatch” and “Port security has disabled the interface” but maybe you should choose the port security answer as it is the most popular reason.

II.12. Which statement about LLDP is true?

  • It is configured in global configuration mode.
  • It is configured in global configuration mode.
  • The LLDP update frequency is a fixed value.
  • It runs over the transport layer.
Show (Hide) Explanation/Reference
Link Layer Discovery Protocol (LLDP) is a industry standard protocol that allows devices to advertise, and discover connected devices, and there capabilities (same as CDP of Cisco). To enable it on Cisco devices, we have to use this command under global configuration mode:

Sw(config)# lldp run

II.13. If the primary root bridge experiences a power loss, which switch takes over?

  • switch 0040.00.90C5
  • switch 00E0.F90B.6BE3
  • switch 0004.9A1A.C182
  • switch 00E0.F726.3DC6
Show (Hide) Explanation/Reference
The switches compare their Bridge ID with each other to find out who will be the root bridge. The root bridge is the bridge with the lowest bridge ID.

Bridge ID = Bridge Priority + MAC Address

In this question the bridge priority was not mentioned so we suppose they are the same. Therefore the switch with lowest MAC address will become the new root bridge.

II.14. Refer to the exhibit.

Each of these four switches has been configured with a hostname, as well as being configured to run RSTP.No other configuration changes have been made. Which three of these show the correct RSTP port roles for the indicated switches and interfaces? (Choose three.)

  • A. SwitchA, Fa0/2, designated
  • B. SwitchA, Fa0/1, root
  • C. SwitchB, Gi0/2, root
  • D. SwitchB, Gi0/1, designated
  • E. SwitchC, Fa0/2, root
  • F. SwitchD, Gi0/2, root
Show (Hide) Explanation/Reference
The question says “no other configuration changes have been made” so we can understand these switches have the same bridge priority. Switch C has lowest MAC address so it will become root bridge and 2 of its ports (Fa0/1 & Fa0/2) will be designated ports -> E is incorrect.

Because SwitchC is the root bridge so the 2 ports nearest SwitchC on SwitchA (Fa0/1) and SwitchD (Gi0/2) will be root ports -> B and F are correct.

Now we come to the most difficult part of this question: SwitchB must have a root port so which port will it choose? To answer this question we need to know about STP cost and port cost.

In general, “cost” is calculated based on bandwidth of the link. The higher the bandwidth on a link, the lower the value of its cost. Below are the cost values you should memorize:

Link speed Cost
10Mbps 100
100Mbps 19
1 Gbps 4

SwitchB will choose the interface with lower cost to the root bridge as the root port so we must calculate the cost on interface Gi0/1 & Gi0/2 of SwitchB to the root bridge. This can be calculated from the “cost to the root bridge” of each switch because a switch always advertises its cost to the root bridge in its BPDU. The receiving switch will add its local port cost value to the cost in the BPDU.

In the exhibit you also we FastEthernet port is connecting to GigabitEthernet port. In this case GigabitEthernet port will operate as a FastEthernet port so the link can be considered as FastEthernet to FastEthernet connection.

One more thing to notice is that a root bridge always advertises the cost to the root bridge (itself) with an initial value of 0.

Now let’s have a look at the topology again

SwitchC advertises its cost to the root bridge with a value of 0. Switch D adds 19 (the cost value of 100Mbps link although the port on Switch D is GigabitEthernet port) and advertises this value (19) to SwitchB. SwitchB adds 4 (the cost value of 1Gbps link) and learns that it can reach SwitchC via Gi0/1 port with a total cost of 23. The same process happens for SwitchA and SwitchB learns that it can reach SwitchC via Gi0/2 with a total cost of 38 -> Switch B chooses Gi0/1 as its root port -> D is not correct.

Now our last task is to identify the port roles of the ports between SwitchA & SwitchB. It is rather easy as the MAC address of SwitchA is lower than that of SwitchB so Fa0/2 of SwitchA will be designated port while Gi0/2 of SwitchB will be alternative port -> A is correct but C is not correct.

Below summaries all the port roles of these switches:

+ DP: Designated Port (forwarding state)
+ RP: Root Port (forwarding state)
+ AP: Alternative Port (blocking state)

II.15. Which feature builds a FIB and an adjacency table to expedite packet forwarding?

  • cut through
  • fast switching
  • process switching
  • Cisco Express Forwarding
Show (Hide) Explanation/Reference
Cisco Express Forwarding (CEF) provides the ability to switch packets through a device in a very quick and efficient way while also keeping the load on the router’s processor low. CEF is made up of two different main components: the Forwarding Information Base (FIB) and the Adjacency Table. These are automatically updated at the same time as the routing table.

The Forwarding Information Base (FIB) contains destination reachability information as well as next hop information. This information is then used by the router to make forwarding decisions. The FIB allows for very efficient and easy lookups.

The adjacency table is tasked with maintaining the layer 2 next-hop information for the FIB.

II.16. What are two reasons that duplex mismatches can be difficult to diagnose? (Choose two.)

  • The interface displays a connected (up/up) state even when the duplex settings are mismatched.
  • 1-Gbps interfaces are full-duplex by default.
  • Full-duplex interfaces use CSMA/CD logic, so mismatches may be disguised by collisions.
  • The symptoms of a duplex mismatch may be intermittent.
  • Autonegotiation is disabled.

II.17. Which command would you configure globally on a Cisco router that would allow you to view directly connected Cisco devices?

  • enable cdp
  • cdp enable
  • cdp run
  • run cdp
Show (Hide) Explanation/Reference
CDP is enabled by default on all Cisco routers. If it is turned off by any reason, we can turn it on again with the following command on global configuration mode:

Router(config)#cdp run

Note: CDP can be turned on or turned off on each interface. For example to turn off CDP on an interface we use this command:

Router(config-if)#no cdp enable

II.18. If all switches are configured with default values, which switch will take over when the primary root bridge experiences a power loss?

  • switch O0E0.F726 3DC6
  • switch 00E0.F90B 6BE3
  • switch 0004.9A1A C182
  • switch 0040.0BC0 90C5

II.19. Which two protocols can detect native VLAN mismatch errors? (Choose two.)

  • STP
  • PAgP
  • Cisco Discovery Protocol
  • DTP
  • VTP

II.20. Which DTP switch port mode allows the port to create a trunk link if the neighboring port is in trunk mode, dynamic desirable mode, or desirable auto mode?

  • trunk
  • access
  • dynamic desirable
  • dynamic auto
Show (Hide) Explanation/Reference
The Dynamic Trunking Protocol (DTP) is a proprietary networking protocol developed by Cisco for the purpose of negotiating trunking on a link between two switches, and for negotiating the type of trunking encapsulation to be used.

In dynamic auto mode, the interface is able to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk or desirable mode. The default switchport mode for newer Cisco switch Ethernet interfaces is dynamic auto. Note that if two Cisco switches are left to the common default setting of auto, a trunk will never form.

In dynamic desirable mode, the interface actively attempt to convert the link to a trunk link. The interface becomes a trunk interface if the neighboring interface is set to trunk, desirable, or auto mode. This is the default switchport mode on older switches, such as the Catalyst 2950 and 3550 Series switches -> This is the best answer in this question.

Reference: http://www.ciscopress.com/articles/article.asp?p=2181837&seqNum=8

II.21. Which DTP switch port mode allows the port to create a trunk link if the neighboring port is in trunk mode, dynamic desirable mode, or desirable or auto mode?

  • Dynamic Auto
  • Dynamic Desirable
  • Access
  • Trunk

II.22. Which three statements about DWDM are true? (Choose three)

  • It allows a single strand of fiber to support bidirectional communications
  • It is used for long-distance and submarine cable systems
  • It can multiplex up to 256 channels on a single fiber
  • It supports both the SDH and SONET standards
  • Each channel can carry up to a 1-Gbps signal
  • It supports simplex communications over multiple strands of fiber
Show (Hide) Explanation/Reference
A newer fiber-optic media development for long-range communications is called dense wavelength-division multiplexing (DWDM). DWDM multiplies the amount of bandwidth that a single strand of fiber can support.

DWDM circuits are used in all modern submarine communications cable systems and other long-haul circuits.

Specifically, DWDM:

Enables bidirectional communications over one strand of fiber -> Answer A is correct
+ Assigns incoming optical signals to specific wavelengths of light (i.e., frequencies)
+ Each channel is capable of carrying a 10-Gbps multiplexed signal -> Answer E is not correct
+ Can multiplex more than 80 different channels of data (i.e., wavelengths) onto a single fiber -> Answer C is not correct
+ Can amplify these wavelengths to boost the signal strength
Supports SONET and SDH standards

Reference: http://www.ciscopress.com/articles/article.asp?p=2202411&seqNum=6

II.23. Which three statements about DTP are true? (Choose three.)

  • It is a proprietary protocol.
  • It is a universal protocol.
  • It is a Layer 2-based protocol.
  • It is enabled by default.
  • It is disabled by default.
  • It is a Layer 3-based protocol.

II.24. Which three commands must you enter to create a trunk that allows VLAN 20? (Choose three.)

  • Switch(config-if)#switchport mode trunk
  • Switch(config-if)#switchport mode dynamic desirableC. Switch(config-if)#switchport trunk native vlan 20
  • Switch(config-if)#switchport trunk encapsulation dot1q
  • Switch(config-if)#switchport trunk allowed vlan 20
  • Switch(config-if)#switchport mode dynamic auto

II.25. Which feature facilitates the tagging of frames on a specific VLAN?

  • Routing
  • Hairpinning
  • Encapsulation
  • Switching

II.26. Which statement about spanning-tree root-bridge election is true?

  • It is always performed automatically
  • Each VLAN must have its own root bridge
  • Each VLAN must use the same root bridge
  • Each root bridge must reside on the same root switch
Show (Hide) Explanation/Reference
Answer A is not correct as we can choose which switch to become root bridge by configuring bridge priority. The switch with lowest bridge priority (value) would become the root bridge.

For answer B, this paragraph from Cisco confirms it is the correct answer:

“When you implement a root bridge in a switching network, you usually refer to the root bridge as the root switch. Each VLAN must have its own root bridge because each VLAN is a separate broadcast domain. The roots for the different VLANs can all reside in a single switch or in various switches.”

Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/5234-5.html

The meaning of answer C is not clear but maybe it means “every VLAN must use the same root bridge” which is not correct as Sw1 can be the root bridge for VLANs 1, 3, 5 but Sw2 can be the root bridge for VLAN 2, 4, 6…

From the quote above we can say answer D is not correct.

II.27. Which two statements about data VLANs on access ports are true? ( Choose two)

  • They can be configured as trunk ports.
  • Two or more VLANs can be configured on the interface.
  • 802.1Q encapsulation must be configured on the interface.
  • Exactly one VLAN can be configured on the interface.
  • They can be configured as host ports.

II.28. Which three options are switchport configurations that can always avoid duplex mismatch errors between two switches? (Choose three.)

  • set both side on auto-negotation.
  • set both sides on half-duplex
  • set one side auto and other side half-duplex
  • set both side of connection to full-duplex
  • set one side auto and other side on full-duplex
  • set one side full-duplex and other side half-duplex
Show (Hide) Explanation/Reference
http://www.pathsolutions.com/network-enemy-1-duplex-mismatch/

II.29. Under normal operations, cisco recommends that you configure switch ports on which vlan?

  • on the default vlan
  • on the management vlan
  • on the native vlan
  • on any vlan except the default vlan
Show (Hide) Explanation/Reference

http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/24330-185.html

Note: There is a potential security consideration with dot1q that the implicit tagging of the native VLAN causes. The transmission of frames from one VLAN to another without a router can be possible. Refer to the Intrusion Detection FAQ leavingcisco.com for further details. The workaround is to use a VLAN ID for the native VLAN of the trunk that is not used for end-user access. In order to achieve this, the majority of Cisco customers simply leave VLAN 1 as the native VLAN on a trunk and assign access ports to VLANs other than VLAN 1.

II.30. Which statement about VLAN operation on Cisco Catalyst switches is true?

  • When a packet is received from an 802.1Q trunk, the VLAN ID can be determined from the source MAC
    address and the MAC address table.
  • Unknown unicast frames are retransmitted only to the ports that belong to the same VLAN.
  • Broadcast and multicast frames are retransmitted to ports that are configured on different VLAN.
  • Ports between switches should be configured in access mode so that VLANs can span across the ports.
Show (Hide) Explanation/Reference
Each VLAN resides in its own broadcast domain, so incoming frames with unknown destinations are only transmitted to ports that reside in the same VLAN as the incoming frame.

II.31. Which two options describe benefits of aggregated chassis technology ( choose 2)?

  • it reduces management overhead.
  • switches can be located anywhere regardless of there physical location.
  • it requires only 1 IP add per VLAN.
  • it requires only 3 IP add per VLAN.
  • it supports HSRP VRRP GLBP.
  • it support redundant configuration files.
Show (Hide) Explanation/Reference
Chassis aggregation is a Cisco technology to make multiple switches operate as a single switch. It is similar to stacking but meant for powerful switches (like the 6500 and 6800 series switches). Chassis aggregation is often used in the core layer and distribution layer (while switching stacking is used for access layer).

The books do not mention about the benefits of chassis aggregation but they are the same as switch stacking.

+ The stack would have a single management IP address.
+ The engineer would connect with Telnet or SSH to one switch (with that one management IP address), not multiple switches.
+ One configuration file would include all interfaces in all physical switches.
+ STP, CDP, VTP would run on one switch, not multiple switches.
+ The switch ports would appear as if all are on the same switch.
+ There would be one MAC address table, and it would reference all ports on all physical switches.

Reference: CCNA Routing and Switching ICND2 200-105 Official Cert Guide

VSS is a chassis aggregation technology but it is dedicated for Cisco Catalyst 6500 Series Switches. VSS increases operational efficiency by simplifying the network, reducing switch management overhead by at least 50 percent -> A is correct

Single point of management, IP address, and routing instance for the Cisco Catalyst 6500 virtual switch
+ Single configuration file and node to manage. Removes the need to configure redundant switches twice with identical policies.
Only one gateway IP address is required per VLAN, instead of the three IP addresses per VLAN used today -> C is correct while D is not correct.
+ Removes the need for Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol (VRRP), and Gateway Load Balancing Protocol (GLBP)-> so maybe E is not correct.

Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-virtual-switching-system-1440/prod_qas0900aecd806ed74b.html

II.32. Refer to the exhibit. Which switch provides the spanning-tree designated port role for the network segment that services the printers? 

  • Switch1
  • Switch2
  • Switch3
  • Switch4
Show (Hide) Explanation/Reference
First, the question asks what switch services the printers, so it can be Switch 3 or Switch 4 which is connected directly to the Printers.

Next, by comparing the MAC address of Switch 3 and Switch 4 we found that the MAC of Switch 3 is smaller. Therefore the interface connected to the Printers of Switch 3 will become designated interface and the interface of Switch 4 will be blocked. The picture below shows the roles of all ports:

DP: Designated Port
RP: Root Port
BP: Blocked Port

(Please notice that Switch 1 will become the root bridge because of its lowest priority, not Switch 3)

II.33. Which type of MAC address is aged automatically by the switch?

  • dynamic
  • manual
  • automatic
  • static

II.34. For what two purposes does the Ethernet protocol use physical addresses? (Choose two.)

  • to uniquely identify devices at Layer 2
  • to allow communication with devices on a different network
  • to differentiate a Layer 2 frame from a Layer 3 packet
  • to establish a priority system to determine which device gets to transmit first
  • to allow communication between different devices on the same network
  • to allow detection of a remote device when its physical address is unknown
Show (Hide) Explanation/Reference
Physical addresses or MAC addresses are used to identify devices at layer 2 -&gt; A is correct.

MAC addresses are only used to communicate on the same network. To communicate on different network we have to use Layer 3 addresses (IP addresses) -&gt; B is not correct; E is correct.

Layer 2 frame and Layer 3 packet can be recognized via headers. Layer 3 packet also contains physical address -&gt; C is not correct.

On Ethernet, each frame has the same priority to transmit by default -&gt; D is not correct.

All devices need a physical address to identify itself. If not, they can not communicate -&gt; F is not correct. 

II.35. When you enable PortFast on a switch port, the port immediately transitions to which state?

  • Blocking
  • Forwarding
  • Learning
  • Listening
Show (Hide) Explanation/Reference
PortFast causes a switch or trunk port to enter the spanning tree forwarding state immediately, bypassing the listening and learning states. You can use PortFast on switch or trunk ports that are connected to a single workstation, switch, or server to allow those devices to connect to the network immediately, instead of waiting for the port to transition from the listening and learning states to the forwarding state.

II.36. Which two EtherChannel PAgP modes can you configure? (Choose two.)

  • on
  • desirable
  • passive
  • auto
  • active

II.37. Which command sequence can you enter to create VLAN 20 and assign it to an interface on a switch?

  • Switch(config)#vlan 20
    Switch(config)#Interface gig x/y
    Switch(config-if)#switchport access vlan 20
  • Switch(config)#Interface gig x/y
    Switch(config-if)#vlan 20
    Switch(config-vlan)#switchport access vlan 20
  • Switch(config)#vlan 20
    Switch(config)#Interface vlan 20
    Switch(config-if)#switchport trunk native vlan 20
  • Switch(config)#vlan 20
    Switch(config)#Interface vlan 20
    Switch(config-if)#switchport access vlan 20
  • Switch(config)#vlan 20
    Switch(config)#Interface vlan 20
    Switch(config-if)#switchport trunk allowed vlan 20

II.38. Which two statements about late collisions are true? (Choose two.)

  • They may indicate a duplex mismatch.
  • By definition, they occur after the 512th bit of the frame has been transmitted.
  • They indicate received frames that did not pass the FCS match.
  • They are frames that exceed 1518 bytes.
  • They occur when CRC errors and interference occur on the cable.
Show (Hide) Explanation/Reference
A late collision is defined as any collision that occurs after the first 512 bits of the frame have been transmitted. The usual possible causes are full-duplex/half-duplex mismatch, exceeded Ethernet cable length limits, or defective hardware such as incorrect cabling, non-compliant number of hubs in the network, or a bad NIC.

Note: On an Ethernet connection, a duplex mismatch is a condition where two connected devices operate in different duplex modes, that is, one operates in half duplex while the other one operates in full duplex.

II.39. Which command can you enter to re-enable Cisco Discovery Protocol on a local router after it has been disabled?

  • Router(config-if)#cdp run
  • Router(config-if)#cdp enable
  • Router(config)#cdp run
  • Router(config)#cdp enable

II.40. Refer to the exhibit. The output that is shown is generated at a switch. Which three of these statements are true? (Choose three.)

  • All ports will be in a state of discarding, learning, or forwarding.
  • Thirty VLANs have been configured on this switch.
  • The bridge priority is lower than the default value for spanning tree.
  • All interfaces that are shown are on shared media.
  • All designated ports are in a forwarding state.
  • This switch must be the root bridge for all VLANs on this switch.
Show (Hide) Explanation/Reference
From the output, we see that all ports are in Designated role (forwarding state) -> A and E are correct.

The command “show spanning-tree vlan 30″ only shows us information about VLAN 30. We don’t know how many VLAN exists in this switch -> B is not correct.

The bridge priority of this switch is 24606 which is lower than the default value bridge priority 32768 -> C is correct.

All three interfaces on this switch have the connection type “p2p”, which means Point-to-point environment – not a shared media -> D is not correct.

The only thing we can specify is this switch is the root bridge for VLAN 30 but we can not guarantee it is also the root bridge for other VLANs -> F is not correct.

II.41. Which two commands can be used to verify a trunk link configuration status on a given Cisco switch interface? (Choose two.)

  • show interface trunk
  • show interface interface
  • show ip interface brief
  • show interface vlan
  • show interface switchport
Show (Hide) Explanation/Reference
The “show interfaces trunk” command and “show interfaces switchport” command can be used to verify the status of an interface (trunking or not). The outputs of these commands are shown below (port Ethernet 1/0 has been configured as trunk):

The “show ip interface brief” command only gives us information about the IP address, the status (up/down) of an interface:

The “show interfaces vlan” command only gives us information about that VLAN, not about which ports are the trunk links:

II.42. Which two states are the port states when RSTP has converged? (Choose two.)

  • discarding
  • listening
  • learning
  • forwarding
  • disabled
Show (Hide) Explanation/Reference
RSTP only has 3 port states that are discarding, learning and forwarding. When RSTP has converged there are only 2 port states left: discarding and forwarding.

II.43. Refer to the exhibit. A technician has installed SwithchB and needs to configure it for remote access from the management workstation connected SwitchA. Which set of commands is required to accomplish this task?

Correct Answer: B

  • SwitchB(config)# interface FastEthernet 0/1
    SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0 SwitchB(config-if)# no shutdown
  • SwitchB(config)# interface vlan 1
    SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0 SwitchB(config-if)# ip default-gateway 192.168.8.254 255.255.255.0 SwitchB(config-if)# no shutdown
  • SwitchB(config)# ip default-gateway 192.168.8.254
    SwitchB(config)# interface vlan 1
    SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0 SwitchB(config-if)# no shutdown
  • SwitchB(config)# ip default-network 192.168.8.254
    SwitchB(config)# interface vlan 1
    SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0 SwitchB(config-if)# no shutdown
  • SwitchB(config)# ip route 192.168.8.254 255.255.255.0
    SwitchB(config)# interface FastEthernet 0/1
    SwitchB(config-if)# ip address 192.168.8.252 255.255.255.0 SwitchB(config-if)# no shutdown

II.43.

A technician has installed SwitchB and needs to configure it for remote access from the management workstation connected SwitchA. Which set of commands is required to accomplish this task?

  • SwitchB(config)#interface FastEthernet 0/1
    SwitchB(config-if)#ip address 192.168.8.252 255.255.255.0
    SwitchB(config-if)#no shutdown
  • SwitchB(config)#ip default-gateway 192.168.8.254
    SwitchB(config)#interface vlan 1
    SwitchB(config-if)#ip address 192.168.8.252 255.255.255.0
    SwitchB(config-if)#no shutdown
  • SwitchB(config)#interface vlan 1
    SwitchB(config-if)#ip address 192.168.8.252 255.255.255.0
    SwitchB(config-if)#ip default-gateway 192.168.8.254 255.255.255.0
    SwitchB(config-if)#no shutdown
  • SwitchB(config)#ip default-network 192.168.8.254
    SwitchB(config)#interface vlan 1
    SwitchB(config-if)#ip address 192.168.8.252 255.255.255.0
    SwitchB(config-if)#no shutdown
Show (Hide) Explanation/Reference
To remote access to SwitchB, it must have a management IP address on a VLAN on that switch. Traditionally, we often use VLAN 1 as the management VLAN (but in fact it is not secure).

In the exhibit, we can recognize that the Management Workstation is in a different subnet from the SwitchB. For intersubnetwork communication to occur, you must configure at least one default gateway. This default gateway is used to forward traffic originating from the switch only, not to forward traffic sent by devices connected to the switch.

II.44. Which of the following are benefits of VLANs? (Choose three.)

  • They increase the size of collision domains.
  • They allow logical grouping of users by function.
  • They can enhance network security.
  • They increase the size of broadcast domains while decreasing the number of collision domains.
  • They increase the number of broadcast domains while decreasing the size of the broadcast domains.
  • They simplify switch administration.
Show (Hide) Explanation/Reference
When using VLAN the number and size of collision domains remain the same -> A is not correct.

VLANs allow to group users by function, not by location or geography -> B is correct.

VLANs help minimize the incorrect configuration of VLANs so it enhances the security of the network -> C is correct.

VLAN increases the size of broadcast domains but does not decrease the number of collision domains -> D is not correct.

VLANs increase the number of broadcast domains while decreasing the size of the broadcast domains which increase the utilization of the links. It is also a big advantage of VLAN -> E is correct.

VLANs are useful but they are more complex and need more administration -> F is not correct.

II.45. Which three statements accurately describe Layer 2 Ethernet switches? (Choose three.)

  • Spanning Tree Protocol allows switches to automatically share VLAN information.
  • Establishing VLANs increases the number of broadcast domains.
  • Switches that are configured with VLANs make forwarding decisions based on both Layer 2 and Layer 3 address information.
  • Microsegmentation decreases the number of collisions on the network.
  • In a properly functioning network with redundant switched paths, each switched segment will contain one root bridge with all its ports in the forwarding state. All other switches in that broadcast domain will have only one root port.
  • If a switch receives a frame for an unknown destination, it uses ARP to resolve the address.
Show (Hide) Explanation/Reference
Microsegmentation is a network design (functionality) where each workstation or device on a network gets its own dedicated segment (collision domain) to the switch. Each network device gets the full bandwidth of the segment and does not have to share the segment with other devices. Microsegmentation reduces and can even eliminate collisions because each segment is its own collision domain

Note: Microsegmentation decreases the number of collisions but it increases the number of collision domains.

II.46. What is the status of port-channel if LACP is misconfigured?

  • Forwarding
  • Enabled
  • Disabled
  • Errdisabled
Show (Hide) Explanation/Reference
EtherChannel misconfiguration occurs when the channel parameters do not match on both sides of the EtherChannel, resulting in the following message:

%PM-SP-4-ERR_DISABLE: channel-misconfig error detected on Po3, putting E1/3 in err-disable state

Therefore from the output above we can see that when miconfigured, the physical (member) interface is put into err-disable state.

But this question asks above “the status of port-channel” (not the physical member interface) so answer “Disabled” is a better choice.

II.47. How to create a trunk port and allow VLAN 20? (Choose Three.)

  • switchport trunk encapsulation dot1q
  • switchport mode trunk
  • switchport trunk allowed vlan 20
  • switchport trunk native vlan 20
  • switchport mode dynamic desirable
Show (Hide) Explanation/Reference
In switches that support both InterSwitch Link (ISL) and 802.1Q trunking encapsulations, we need to specify an trunking protocol so we must use the command “switchport trunk encapsulation dot1q” command first to set the trunk mode to 802.1Q. Then we configure trunking interface with the “switchport mode trunk” command. Then we explicitly allow vlan 20 with the command “switchport trunk allowed vlan 20” command. By default all VLANs are allowed to pass but after entering this command, only VLAN 20 is allowed.

II.48. Which mode is compatible with Trunk, Access, and desirable ports?

  • Trunk Ports
  • Access Ports
  • Dynamic Auto
  • Dynamic Desirable

Show (Hide) Explanation/Reference
Explanation from http://www.9tut.com/trunking-questions
Maybe this question wanted to ask “if the other end is configured with trunk/access/desirable mode” then which mode is compatible so that the link can work. In that case both “dynamic auto” and “dynamic desirable” mode are correct. The difference between these two modes is “dynamic auto” is passively waiting for the other end to request to form a trunk while “dynamic desirable” will actively attempt to negotiate to convert the link into a trunk.

II.49. What parameter can be different on ports within an EtherChannel?

  • speed
  • DTP negotiation settings
  • trunk encapsulation
  • duplex
Show (Hide) Explanation/Reference
All interfaces in an EtherChannel must be configured identically to form an EtherChannel. Specific settings that must be identical include:

Speed settings
Duplex settings
+ STP settings
+ VLAN membership (for access ports)
+ Native VLAN (for trunk ports)
+ Allowed VLANs (for trunk ports)
Trunking Encapsulation (ISL or 802.1Q, for trunk ports)

II.50. Which spanning-tree protocol rides on top of another spanning-tree protocol?

  • MSTP
  • RSTP
  • PVST+
  • Mono Spanning Tree
Show (Hide) Explanation/Reference
Multiple Spanning Tree (MST) rides on top of RSTP so it converges very fast. The idea behind MST is that some VLANs can be mapped to a single spanning tree instance because most networks do not need more than a few logical topologies.

II.51. Which three statements about RSTP are true? (Choose three.)

  • RSTP significantly reduces topology reconverging time after a link failure.
  • RSTP expands the STP port roles by adding the alternate and backup roles.
  • RSTP port states are blocking, discarding, learning, or forwarding.
  • RSTP provides a faster transition to the forwarding state on point-to-point links than STP does.
  • RSTP also uses the STP proposal-agreement sequence.
  • RSTP uses the same timer-based process as STP on point-to-point links

II.52. Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two.)

  • SW1#show port-secure interface FastEthernet 0/12
  • SW1#show switchport port-secure interface FastEthernet 0/12
  • SW1#show running-config
  • SW1#show port-security interface FastEthernet 0/12
  • SW1#show switchport port-security interface FastEthernet 0/12
Show (Hide) Explanation/Reference
We can verify whether port security has been configured by using the “show running-config” or “show port-security interface ” for more detail. An example of the output of “show port-security interface ” command is shown below:

II.53. Refer to the exhibit. Switch port FastEthernet 0/24 on ALSwitch1 will be used to create an IEEE 802.1Q-compliant trunk to another switch. Based on the output shown, what is the reason the trunk does not form, even though the proper cabling has been attached?

  • VLANs have not been created yet.
  • An IP address must be configured for the port.
  • The port is currently configured for access mode.
  • The correct encapsulation type has not been configured.
  • The no shutdown command has not been entered for the port.
Show (Hide) Explanation/Reference
According to the output shown the switchport (layer 2 Switching) is enabled and the port is in access mode. To make a trunk link the port should configured as a trunk port, not an access port, by using the following command: (Config-if)#switchport mode trunk

II.54. Refer to the exhibit. Switch-1 needs to send data to a host with a MAC address of 00b0.d056.efa4. What will Switch-1 do with this data?

  • Switch-1 will drop the data because it does not have an entry for that MAC address.
  • Switch-1 will flood the data out all of its ports except the port from which the data originated.
  • Switch-1 will send an ARP request out all its ports except the port from which the data originated.
  • Switch-1 will forward the data to its default gateway.
Show (Hide) Explanation/Reference
The MAC address of 00b0.d056.efa4 has not been learned in its MAC address table so Switch-1 will broadcast the frame out all of its ports except the port from which the data originated.

II.55. Which option is the industry-standard industrialized protocol for EtherChannel?

  • LACP
  • PAGP
  • PRP
  • REP

II.56. How to enable vlans automatically across multiple switches?

  • Configure VLAN
  • Confiture NTP
  • Configure each VLAN
  • Configure VTP

II.57. What are contained in layer 2 ethernet frame? (Choose Three.)

  • Preamble
  • TTL
  • Type/length
  • Frame check sequence
  • version
  • others
Show (Hide) Explanation/Reference
At the end of each frame there is a Frame Check Sequence (FCS) field. FCS can be analyzed to determine if errors have occurred. FCS uses cyclic redundancy check (CRC) algorithm to detect errors in the transmitted frames. Before sending data, the sending host generates a CRC based on the header and data of that frame. When this frame arrives, the receiving host uses the same algorithm to generate its own CRC and compare them. If they do not match then a CRC error will occur.

Preamble is used to indicate the start of the frame by arranging the first 62 bits as alternating “1/0s” and the last two bits as “1”s. Like so, 010101010101010………………………10101011. Therefore when the receiving end sees the “11” it knows where the actual Ethernet header starts. The alternating 1s and 0s will also allow the two endpoints to sync their internal clocks. In summary, preamble is used for synchronization.

The “Type/Length” field is used to indicate the “Type”of the payload (Layer 3 protocol) which is indicated as a Hexadecimal value.

Note: Ethernet II uses “Type” while the old Ethernet version use “Length”

II.58. Which two of these are characteristics of the 802.1Q protocol? (Choose two.)

  • It is used exclusively for tagging VLAN frames and does not address network reconvergence following switched network topology changes.
  • It modifies the 802.3 frame header, and thus requires that the FCS be recomputed.
  • It is a Layer 2 messaging protocol which maintains VLAN configurations across networks.
  • It includes an 8-bit field which specifies the priority of a frame.
  • It is a trunking protocol capable of carrying untagged frames.
Show (Hide) Explanation/Reference
IEEE 802.1Q is the networking standard that supports Virtual LANs (VLANs) on an Ethernet network. It is a protocol that allows VLANs to communicate with one another using a router. 802.1Q trunks support tagged and untagged frames.

If a switch receives untagged frames on a trunk port, it believes that frame is a part of the native VLAN. Also, frames from a native VLAN are not tagged when exiting the switch via a trunk port.

The 802.1q frame format is same as 802.3. The only change is the addition of 4 bytes fields. That additional header includes a field with which to identify the VLAN number. Because inserting this header changes the frame, 802.1Q encapsulation forces a recalculation of the original FCS field in the Ethernet trailer.

Note: Frame Check Sequence (FCS) is a four-octet field used to verify that the frame was received without loss or error. FCS is based on the contents of the entire frame.

II.59. Which command is used to know the duplex speed of serial link?

  • show line
  • show interface
  • show protocol
  • show run
Show (Hide) Explanation/Reference
Nowadays all serial links are full-duplex (as serial interfaces have separate Rx & Tx pins) so maybe this question wants to ask about how to check the speed of the serial link. The “show interface” command gives us information about this. An example of this command is shown below:

In this output the speed of S0/0 interface is 1544 Kbits.

II.60. A BPDU guard is configured on an interface that has PortFast enabled. Which state does the interface enter when it receives a BPDU?

  • Blocking
  • Shutdown
  • Listening
  • Errdisable
Show (Hide) Explanation/Reference
PortFast BPDU guard prevents loops by moving a nontrunking port into an errdisable state when a BPDU is received on that port.In a valid configuration, PortFast-configured interfaces do not receive BPDUs (because PortFast should only be configured on interfaces which are connected to hosts). If a PortFast-configured interface receives a BPDU, an invalid configuration exists. BPDU guard provides a secure response to invalid configurations because the administrator must manually put the interface back in service.Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4000/8-2glx/configuration/guide/stp_enha.html

II.61. Which mode are in PAgP? (choose two)

  • Auto.
  • Desirable.
  • Active.
  • Passive.
  • On.
Show (Hide) Explanation/Reference
There are two PAgP modes:

Auto Responds to PAgP messages but does not aggressively negotiate a PAgP EtherChannel. A channel is formed only if the port on the other end is set to Desirable. This is the default mode.
Desirable Port actively negotiates channeling status with the interface on the other end of the link. A channel is formed if the other side is Auto or Desirable.

The table below lists if an EtherChannel will be formed or not for PAgP:

PAgP Desirable Auto
Desirable Yes Yes
Auto Yes No

II.62. In an Ethernet network, under what two scenarios can devices transmit? (Choose two.)

  • when they receive a special token.
  • when there is a carrier.
  • when they detect no other devices are sending.
  • when the server grants access.
  • when the medium is idle.

II.63. At the end of an RSTP election process, which access layer switch port will assume the discarding role?

  • Switch3, port fa0/1
  • Switch3, port fa0/12
  • Switch4, port fa0/11
  • Switch4, port fa0/2
  • Switch3, port Gi0/1
  • Switch3, port Gi0/2
Show (Hide) Explanation/Reference
In this question, we only care about the Access Layer switches (Switch3 & 4). Switch 3 has a lower bridge
ID than Switch 4 (because the MAC of Switch3 is smaller than that of Switch4) so both ports of Switch3
will be in forwarding state. The alternative port will surely belong to Switch4.
Switch4 will need to block one of its ports to avoid a bridging loop between the two switches. But how
does Switch4 select its blocked port? Well, the answer is based on the BPDUs it receives from Switch3. A
BPDU is superior to another if it has:
1. A lower Root Bridge ID
2. A lower path cost to the Root
3. A lower Sending Bridge ID
4. A lower Sending Port ID
These four parameters are examined in order. In this specific case, all the BPDUs sent by Switch3 have
the same Root Bridge ID, the same path cost to the Root and the same Sending Bridge ID. The only
parameter left to select the best one is the Sending Port ID (Port ID = port priority + port index). In this
case the port priorities are equal because they use the default value, so Switch4 will compare port index
values, which are unique to each port on the switch, and because Fa0/12 is inferior to Fa0/1, Switch4 will
select the port connected with Fa0/1 (of Switch3) as its root port and block the other port -> Port fa0/11
of Switch4 will be blocked (discarding role). 

II.64. Which switch would STP choose to become the root bridge in the selection process?

  • 32768: 11-22-33-44-55-66
  • 32768: 22-33-44-55-66-77
  • 32769: 11-22-33-44-55-65
  • 32769: 22-33-44-55-66-78

II.65. Refer to the exhibit. What two results would occur if the hub were to be replaced with a switch that is configured with one Ethernet VLAN? (Choose two.)

  • The number of collision domains would remain the same.
  • The number of collision domains would decrease.
  • The number of collision domains would increase.
  • The number of broadcast domains would remain the same.
  • The number of broadcast domains would decrease.
  • The number of broadcast domains would increase.

II.66. For which two protocols can PortFast alleviate potential host startup is-sues? (Choose two.)

  • DHCP
  • DNS
  • OSPF
  • RIP
  • CDP

II.67. Which method does a connected trunk port use to tag VLAN traffic?

  • IEEE 802 1w
  • IEEE 802 1D
  • IEEE 802 1Q
  • IEEE 802 1p
Show (Hide) Explanation/Reference
IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network. When a frame enters the VLAN-aware portion of the network (a trunk link, for example), a VLAN ID tag is added to represent the VLAN membership of that frame. The picture below shows how VLAN tag is added and removed while going through the network.

II.68. Configuration of which option is required on a Cisco switch for the Cisco IP phone to work?

  • PortFast on the interface
  • the interface as an access port to allow the voice VLAN ID
  • a voice VLAN ID in interface and global configuration mode
  • Cisco Discovery Protocol in global configuration mode
Show (Hide) Explanation/Reference
When you connect an IP phone to a switch using a trunk link, it can cause high CPU utilization in the switches. As all the VLANs for a particular interface are trunked to the phone, it increases the number of STP instances the switch has to manage. This increases the CPU utilization. Trunking also causes unnecessary broadcast / multicast / unknown unicast traffic to hit the phone link.

In order to avoid this, remove the trunk configuration and keep the voice and access VLAN configured along with Quality of Service (QoS). Technically, it is still a trunk, but it is called a Multi-VLAN Access Port (MVAP). Because voice and data traffic can travel through the same port, you should specify a different VLAN for each type of traffic. You can configure a switch port to forward voice and data traffic on different VLANs. Configure IP phone ports with a voice VLAN configuration. This configuration creates a pseudo trunk, but does not require you to manually prune the unnecessary VLANs.

The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone. You can configure a voice VLAN with the “switchport voice vlan …” command under interface mode. The full configuration is shown below:

Switch(config)#interface fastethernet0/1
Switch(config-if)#switchport mode access 
Switch(config-if)#switchport access vlan 10 
Switch(config-if)#switchport voice vlan 20

Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-4500-series-switches/69632-configuring-cat-ip-phone.html

II.69. Refer to the exhibit. Which statement describes the effect of this configuration?

  • The VLAN 10 VTP configuration is displayed
  • VLAN 10 spanning-tree output is displayed
  • The VLAN 10 configuration is saved when the router exits VLAN configuration mode
  • VLAN 10 is added to the VLAN database
Show (Hide) Explanation/Reference
With the configuration above, when we type “do show vlan” we would not see VLAN 10 in the VLAN database because it has not been created yet. VLAN 10 is only created when we exits VLAN configuration mode (with “exit” command).

II.70. Which statement about native VLAN traffic is true?

  • Cisco Discovery Protocol traffic travels on the native VLAN by default
  • Traffic on the native VLAN is tagged with 1 by default
  • Control plane traffic is blocked on the native VLAN.
  • The native VLAN is typically disabled for security reasons

II.71. Which statement about unicast frame forwarding on a switch is true?

  • The TCAM table stores destination MAC addresses
  • If the destination MAC address is unknown, the frame is flooded to every port that is configured in the same VLAN except on the port that it was received on.
  • The CAM table is used to determine whether traffic is permitted or denied on a switch
  • The source address is used to determine the switch port to which a frame is forwarded

II.72. Which two statements about VTP are true? (Choose two.)

  • All switches must be configured with the same VTP domain name
  • All switches must be configured to perform trunk negotiation.
  • All switches must be configured with a unique VTP domain name
  • The VTP server must have the highest revision number in the domain
  • All switches must use the same VTP version.

II.73. Which type does a port become when it receives the best BPDU on a bridge?

  • The designated port
  • The backup port
  • The alternate port
  • The root port
Show (Hide) Explanation/Reference
Root port is the port on non-root bridge which is closest to the root bridge (in term of cost). Therefore when a port receives the best BPDU on a non-root bridge it will become the root port.

II.74. Which value can you modify to configure a specific interface as the preferred forwarding interface?

  • The interface number
  • The port priority
  • The VLAN priority
  • The hello time
Show (Hide) Explanation/Reference
We can configure the port priority to change the preferred forwarding interface as we wish. For example we can change the port priority of an interface for VLAN 20 to 64 as follows:

Switch(config-if)#spanning-tree vlan 20 port-priority 64

II.75. Which statement about VLAN configuration is true?

  • The switch must be in VTP server or transparent mode before you can configure a VLAN
  • The switch must be in config-vlan mode before you configure an extended VLAN
  • Dynamic inter-VLAN routing is supported on VLAN2 through VLAN 4064`
  • A switch in VTP transparent mode save the VLAN databases to the running configuration only

II.76. Which two protocols are used by bridges and/or switches to prevent loops in a layer 2 network? (Choose two.)

  • 802.1d
  • VTP
  • 802.1q
  • SAP
  • STP

II.77. How can you disable DTP on a switch port?

  • Configure the switch port as a trunk. (no correct answer, in fact) 
  • Add an interface on the switch to a channel group.
  • Change the operational mode to static access
  • Change the administrative mode to access
Show (Hide) Explanation/Reference
Although some books and websites said DTP is disabled if the switch port is configured as trunk or access mode (via the command “switchport mode trunk” or “switchport mode access”) but in fact DTP is still running in these modes. Please read at http://packetlife.net/blog/2008/sep/30/disabling-dynamic-trunking-protocol-dtp/. The only way to disable DTP on a switch port is to use the “switchport nonegotiate” command. But notice this command can only be used after configuring that switch port in “trunk” or “access” mode.

Therefore this is a question with no correct answer but if we have to choose an answer, we will choose answer A. At least it is correct in theory.

II.78. Which command can you enter on a switch to display the IP addresses associated with connected devices?

  • Show cdp neighbors detail
  • Show cdp neighbor
  • Show cdp interface
  • Show cdp traffic
Show (Hide) Explanation/Reference
Only the “show cdp neighbor detail” gives us information about the IP address of the connected device. Below is an example of this command.

II.79. Which protocol is a Cisco proprietary implementation of STP?

  • CST
  • RSTP
  • MSTP
  • PVST+

II.80. VLAN 3 is not yet configured on your switch. What happens if you set the switchport access vlan 3 command in interface configuration mode?

  • The command is rejected.
  • The port turns amber.
  • The command is accepted and the respective VLAN is added to vlan.dat.
  • The command is accepted and you must configure the VLAN manually.
Show (Hide) Explanation/Reference
The “switchport access vlan 3″will put that interface as belonging to VLAN 3 while also updated the VLAN database automatically to include VLAN 3.

II.81. Three switches are connected to one another via trunk ports. Assuming the default switch configuration, which switch is elected as the root bridge for the spanning-tree instance of VLAN 1?

  • the switch with the highest MAC address
  • the switch with the lowest MAC address
  • the switch with the highest IP address
  • the switch with the lowest IP address
Show (Hide) Explanation/Reference
Each switch in your network will have a Bridge ID Priority value, more commonly referred to as a BID.
This BID is a combination of a default priority value and the switch’s MAC address, with the priority value listed first. The lowest BID will win the election process.
For example, if a Cisco switch has the default priority value of 32,768 and a MAC address of 11-22-33- 44-55-66, the BID would be 32768:11-22-33-44-55-66. Therefore, if the switch priority is left at the default, the MAC address is the deciding factor in the root bridge election.

II.82. Which command enables RSTP on a switch?

  • spanning-tree uplinkfast
  • spanning-tree mode rapid-pvst
  • spanning-tree backbonefast
  • spanning-tree mode mst
Show (Hide) Explanation/Reference
Rapid Spanning Tree Protocol (RSTP) is an enhancement of the original STP 802.1D protocol. The RSTP 802.1w protocol is an IEEE open implementation. Cisco has its own proprietary implementation of RSTP, that includes the benefits of its Per-VLAN spanning tree protocols, called Rapid-PVST+.
To activate the Rapid-PVST+ protocol: switch(config)#spanning-tree mode rapid-pvst

II.83. Cisco Catalyst switches CAT1 and CAT2 have a connection between them using ports FA0/13. An 802.1Q trunk is configured between the two switches. On CAT1, VLAN 10 is chosen as native, but on CAT2 the native VLAN is not specified. What will happen in this scenario?

  • 802.1Q giants frames could saturate the link.
  • VLAN 10 on CAT1 and VLAN 1 on CAT2 will send untagged frames.
  • A native VLAN mismatch error message will appear.
  • VLAN 10 on CAT1 and VLAN 1 on CAT2 will send tagged frames.
Show (Hide) Explanation/Reference
A “native VLAN mismatch” error will appear by CDP if there is a native VLAN mismatch on an 802.1Q link. “VLAN mismatch” can cause traffic from one vlan to leak into another vlan.

II.84. Refer to the exhibit

All switch ports are assigned to the correct VLANs, but none of the hosts connected to SwitchA can communicate with hosts in the same VLAN connected to SwitchB. Based on the output shown, what is the most likely problem?

  • The access link needs to be configured in multiple VLANs.
  • The link between the switches is configured in the wrong VLAN.
  • The link between the switches needs to be configured as a trunk.
  • VTP is not configured to carry VLAN information between the switches.
  • Switch IP addresses must be configured in order for traffic to be forwarded between the switches.
Show (Hide) Explanation/Reference
In order to pass traffic from VLANs on different switches, the connections between the switches must be configured as trunk ports.

II.85. What is the function of the command switchport trunk native vlan 999 on a Cisco Catalyst switch?

  • It creates a VLAN 999 interface.
  • It designates VLAN 999 for untagged traffic.
  • It blocks VLAN 999 traffic from passing on the trunk.
  • It designates VLAN 999 as the default for all unknown tagged traffic.
Show (Hide) Explanation/Reference
Configuring the Native VLAN for Untagged Traffic A trunk port configured with 802.1Q tagging can receive both tagged and untagged traffic. By default, the switch forwards untagged traffic in the native VLAN configured for the port. The native VLAN is VLAN 1 by default.

II.86. Refer to the exhibit. A frame on VLAN 1 on switch S1 is sent to switch S2 where the frame is received on VLAN 2. What causes this behavior?

  • trunk mode mismatches
  • vlans that do not correspond to a unique IP subnet
  • native vlan mismatches
  • allowing only vlan 2 on the destination

II.87. Why will a switch never learn a broadcast address?

  • Broadcast frames are never sent to swiches.
  • Broadcast addresses use an incorrect format for the switching table.
  • A broadcast address will never be the source address of a frame.
  • Broadcasts only use network layer addressing.
  • A broadcast frame is never forwarded by a switch.

II.88. What can you change to select switch as root bridge?

  • make lower priority
  • make higher priority
  • make lower path cost
  • make higher path cost

II.89. Which two types of information are held in the MAC address table? (Choose two)

  • MAC address
  • soure IP address
  • destination IP address
  • Protocols
  • Port numbers
Show (Hide) Explanation/Reference
We can check the MAC address table with the command “show mac address-table”:

As we can see here, the “MAC address” field is the source MAC address and the “Ports” field are the ports of the switch from which the frames (with corresponding source MAC address) were received.

II.90. Which three are valid modes for a switch port used as a VLAN trunk? (choose three)

  • Desirable
  • Auto
  • On
  • Blocking
  • Transparent
  • Forwarding

II.91. Which type of attack can be mitigated by configuring the default native VLAN to be unused?

  • CAM table overflow
  • switch spoofing
  • VLAN hopping
  • MAC spoofing

II.92. Which process is associated with spanning-tree convergence?

  • determining the path cost
  • electing designated ports
  • learning the sender bridge ID
  • assigning the port ID
Show (Hide) Explanation/Reference
SPT must performs three steps to provide a loop-free network topology:

1. Elects one root bridge
2. Select one root port per nonroot bridge
3. Select one designated port on each network segment -> Answer B is correct.

II.93. Which option is a benefit of switch stacking?

  • It provides redundancy with no impact on resource usage
  • It simplifies adding and removing hosts.
  • It supports better performance of high-needs applications.
  • It provides higher port density with better resource usage.
Show (Hide) Explanation/Reference
Switch stacking technology allows the network engineer to make that stack of physical switches act like one switch. The stacking cables together make a ring between the switches. That is, the switches connect in series, with the last switch connecting again to the first.

Answer B is not correct as switch stacking is about connecting switches together so that they act as one switch, not about adding and removing hosts.

Answer C is not correct because switch stacking has nothing to do with performance of high-needs applications.

Surely switch stacking provides redundancy as stacking creates a ring of connection with two opposite paths. Whenever a frame is ready for transmission onto the path, a calculation is made to see which path has the most available bandwidth. The entire frame is then copied onto this half of the path.

With switch stacking, STP, CDP and VTP would run on one switch, not multiple switches. Also there would be one MAC address table, and it would reference all ports on all physical switches so we may say switch stacking has better resource usage. Also if we consider all stacking switches as one logical switch then surely the port density is increase very much. Therefore answer D is the most suitable one.

Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3750-series-switches/prod_white_paper09186a00801b096a.html

II.94. Which port state is introduced by Rapid-PVST?

  • learning
  • listening
  • discarding
  • forwarding
Show (Hide) Explanation/Reference
PVST+ is based on IEEE802.1D Spanning Tree Protocol (STP). But PVST+ has only 3 port states (discarding, learning and forwarding) while STP has 5 port states (blocking, listening, learning, forwarding and disabled). So discarding is a new port state in PVST+.

II.95. What are the possible trunking modes for a switch port? (Choose three.)

  • transparent
  • auto
  • on
  • desirable
  • client
  • forwarding

II.96. Refer to the exhibit. What set of commands was configured on interface Fa0/3 to produce the given the output?

  • interface FastEthernet 0/3
    Channel-group 1 mode desirable
    Switchport trunk encapsulation dot1q
    Switchport mode trunk
  • interface FastEthernet 0/3
    Channel-group 2 mode passive
    Switchport trunk encapsulation dot1q
    Switchport mode trunk
  • interface FastEthernet 0/3
    Channel-group 2 mode on
    Switchport trunk encapsulation dot1q
    Switchport mode trunk
  • interface FastEthernet 0/3
    Channel-group 2 mode active
    Switchport trunk encapsulation dot1q
    Switchport mode trunk

II.97. Which type of secure MAC address must be configured manually?

  • dynamic
  • bia
  • static
  • sticky

II.98. Which two elements are fields in an Ethernet frame? (Choose two.)

  • frame check sequence
  • header
  • source IP address
  • destination IP address
  • type

II.99. What is one benefit of PVST+?

  • PVST+ supports Layer 3 load balancing without loops.
  • PVST+ reduces the CPU cycles for all the switches in the network.
  • PVST+ allows the root switch location to be optimized per VLAN.
  • PVST+ automatically selects the root bridge location, to provide optimized bandwidth usage.
Show (Hide) Explanation/Reference
The PVST+ provides Layer 2 load-balancing for the VLAN on which it runs. You can create different logical topologies by using the VLANs on your network to ensure that all of your links are used but that no one link is oversubscribed. Each instance of PVST+ on a VLAN has a single root switch. This root switch propagates the spanning-tree information associated with that VLAN to all other switches in the network. Because each switch has the same information about the network, this process ensures that the network topology is maintained and optimized per VLAN.

II.100. Which three of these statements regarding 802.1Q trunking are correct? (Choose three.)

  • 802.1Q native VLAN frames are untagged by default.
  • 802.1Q trunking ports can also be secure ports.
  • 802.1Q trunks can use 10 Mb/s Ethernet interfaces.
  • 802.1Q trunks require full-duplex, point-to-point connectivity.
  • 802.1Q trunks should have native VLANs that are the same at both ends.

II.101. Which IEEE standard protocol is initiated as a result of successful DTP completion in a switch over FastEthernet?

  • 802.3ad
  • 802.1w
  • 802.1Q
  • 802.1d
Show (Hide) Explanation/Reference
Dynamic Trunking Protocol (DTP) is a Cisco proprietary protocol for negotiating trunking on a link between two devices and for negotiating the type of trunking encapsulation (802.1Q) to be used.

II.102. Which of the port is not part of STP protocol.

  • Listening
  • Learning
  • Forwarding
  • Discarding

II.103. Assuming the default switch configuration which vlan range can be added modified and removed on a cisco switch?

  • 2 through 1001
  • 1 through 1001
  • 1 through 1002
  • 2 through 1005

II.104. Based on the output below, which two statements are true of the interfaces on Switch1? (Choose two.)

  • A hub is connected directly to FastEthernet0/5
  • FastEthernet0/1 is configured as a trunk link.
  • FastEthernet0/5 has statically assigned mac address
  • Interface FastEthernet0/2 has been disable.
  • Multiple devices are connected directly to FastEthernet0/1.
  • FastEthernet0/1 is connected to a host with multiple network interface cards.
Show (Hide) Explanation/Reference
From the “show mac address-table” output, we see FastEthernet0/1 can receive traffic from multiple VLANs -> it is configured as a trunk. Also from the “show cdp neighbors” output, we see Fa0/1 of this switch is connecting to Switch2 so it is configured as a trunk.

There are two MAC addresses learned from FastEthernet0/5 while FastEthernet0/5 is not configured as trunk (only Fa0/2 & Fa0/3 are configured as trunk links) -> a hub is used on this port.

II.105. Refer to the exhibit. How should the FastEthernet0/1 port on the 2950 model switches that are shown in the exhibit be configured to allow connectivity between all devices?

  • The ports only need to be connected by a crossover cable.
  • SwitchX(config)# interface FastEthernet 0/1
    SwitchX(config-if)# switchport mode trunk
  • SwitchX(config)# interface FastEthernet 0/1 SwitchX(config-if)# switchport mode access SwitchX(config-if)# switchport access vlan 1
  • SwitchX(config)# interface FastEthernet 0/1 SwitchX(config-if)# switchport mode trunk SwitchX(config-if)# switchport trunk vlan 1 SwitchX(config-if)# switchport trunk vlan 10 SwitchX(config-if)# switchport trunk vlan 20

II.106. Which RPVST+ port state is excluded from all STP operations?

  • learning
  • forwarding
  • blocking
  • disabled

II.107. Which option is the industry-standard protocol for EtherChannel?

  • PAgP
  • LACP
  • Cisco Discovery Protocol
  • DTP
Show (Hide) Explanation/Reference
LACP is the IEEE Standard (IEEE 802.3ad) and is the most common dynamic Etherchannel protocol, whereas PAgP is a Cisco proprietary protocol and works only between supported vendors and Cisco devices.

II.108. Which two pieces of information can be shared with LLDP TLVs? (Choose two)

  • device management address.
  • device type
  • spanning-tree topology
  • routing configuration
  • access-list configuration

II.109. Which two statements about stacking Cisco switches are true ?(choose two)

  • It enables the administrator to manage multiple switches from a single management interface
  • The administrator can create only one stack of switches in a network which is under the same administrative domian
  • When a new master switch is elected,it queries the previous master for its running configuration
  • The administrator can add additional switches to the stack as demand increases
  • Each switch manages its own MAC address table

II.110. Refer to the exhibit.If the devices produced the given output, what is the cause of the EtherChannel problem?

  • There is a speed mismatch between SW1’s Fa0/1 and SW2’s Fa0/1 interfaces.
  • There is an MTU mismatch between SW1’s Fa0/1 and SW2’s Fa0/1 interfaces
  • There is an encapsulation mismatch between SW1’s Fa0/1 and SW2’s Fa0/1 interface
  • SW1’s Fa0/1 interface is administratively shut down.

II.111. For which two reasons might be you choose chassis aggregation instead of stacking switches? (Choose two.)

  • to increase the number of devices in use
  • Bto increase the maximum port count
  • to avoid the use of a centralized configuration manager
  • to allow hot-swapping modules
  • to avoid relying solely on Ethernet interfaces

II.112. Refer to the exhibit. The two exhibited devices are the only Cisco devices on the network. The serial network between the two devices has a mask of 255.255.255.252. Given the output that is shown, what three statements are true of these devices? (Choose three.)

  • The Manchester serial address is 10.1.1.1.
  • The Manchester serial address is 10.1.1.2.
  • The London router is a Cisco 2610.
  • The Manchester router is a Cisco 2610.
  • The CDP information was received on port Serial0/0 of the Manchester router.
  • The CDP information was sent by port Serial0/0 of the London router.

II.113. Refer to the exhibit. Based on the information given, which switch will be elected root bridge and why?

  • Switch A, because it has the lowest MAC address
  • Switch A, because it is the most centrally located switch
  • Switch B, because it has the highest MAC address
  • Switch C, because it is the most centrally located switch
  • Switch C, because it has the lowest priority
  • Switch D, because it has the highest priority

II.114. A network interface port has collision detection and carrier sensing enabled on a shared twisted pair network. From this statement, what is known about the network interface port?

  • This is a 10 Mb/s switch port.
  • This is a 100 Mb/s switch port.
  • This is an Ethernet port operating at half duplex.
  • This is an Ethernet port operating at full duplex.
  • This is a port on a network interface card in a PC.
Show (Hide) Explanation/Reference
Modern Ethernet networks built with switches and full-duplex connections no longer utilize CSMA/CD. CSMA/CD is only used in obsolete shared media Ethernet (which uses repeater or hub).

II.115. Refer to the exhibit. Given the output shown from this Cisco Catalyst 2950, what is the reason that interface FastEthernet 0/10 is not the root port for VLAN 2?

  • This switch has more than one interface connected to the root network segment in VLAN 2.
  • This switch is running RSTP while the elected designated switch is running 802.1d Spanning Tree.
  • This switch interface has a higher path cost to the root bridge than another in the topology.
  • This switch has a lower bridge ID for VLAN 2 than the elected designated switch.
Show (Hide) Explanation/Reference
Since the port is in the blocked status, we must assume that there is a shorter path to the root bridge elsewhere.

II.116. Refer to the exhibit. Why has this switch not been elected the root bridge for VLAN1?

  • It has more than one interface that is connected to the root network segment.
  • It is running RSTP while the elected root bridge is running 802.1d spanning tree.
  • It has a higher MAC address than the elected root bridge.
  • It has a higher bridge ID than the elected root bridge.
Show (Hide) Explanation/Reference
The root bridge is determined by the lowest bridge ID, and this switch has a bridge ID priority of 32768, which is higher than the roots priority of 20481.

II.117. Which two link protocols are used to carry multiple VLANs over a single link? (Choose two.)

  • VTP
  • 802.1q
  • IGP
  • ISL
  • 802.3u
Show (Hide) Explanation/Reference
Cisco switches can use two different encapsulation types for trunks, the industry standard 802.1q or the Cisco
proprietary ISL. Generally, most network engineers prefer to use 802.1q since it is standards based and will
interoperate with other vendors.

II.118. Assuming the default switch configuration, which VLAN range can be added, modified, and removed on a Cisco switch?

  • 1 through 1001
  • 2 through 1001
  • 1 through 1002
  • 2 through 1005
Show (Hide) Explanation/Reference
VLAN 1 is the default VLAN on Cisco switch. It always exists and cannot be added, modified or removed.
VLANs 1002-1005 are default VLANs for FDDI & Token Ring and they can’t be deleted or used for Ethernet.

II.119. Refer to the topology shown in the exhibit. Which ports will be STP designated ports if all the links are operating at the same bandwidth? (Choose three.)

  • Switch A – Fa0/0
  • Switch A – Fa0/1
  • Switch B – Fa0/0
  • Switch B – Fa0/1
  • Switch C – Fa0/0
  • Switch C – Fa0/1
Show (Hide) Explanation/Reference
This question is to check the spanning tree election problem.
1. First, select the root bridge, which can be accomplished by comparing the bridge ID, the smallest will be
selected. Bridge-id= bridge priority + MAC address. The three switches in the figure all have the default
priority, so we should compare the MAC address, it is easy to find that SwitchB is the root bridge.
2. Select the root port on the non-root bridge, which can be completed through comparing root path cost. The
smallest will be selected as the root port.
3. Next, select the Designated Port. First, compare the path cost, if the costs happen to be the same, then
compare the BID, still the smallest will be selected. Each link has a DP. Based on the exhibit above, we can
find DP on each link. The DP on the link between SwitchA and SwitchC is SwitchA’Fa0/1, because it has the
smallest MAC address.

II.120. Refer to the exhibit. Which statement is true?

  • The Fa0/11 role confirms that SwitchA is the root bridge for VLAN 20.
  • VLAN 20 is running the Per VLAN Spanning Tree Protocol
  • The MAC address of the root bridge is 0017.596d.1580.
  • SwitchA is not the root bridge, because not all of the interface roles are designated
Show (Hide) Explanation/Reference
Only non-root bridge can have root port. Fa0/11 is the root port so we can confirm this switch is not the root bridge -> A is not correct.

From the output we learn this switch is running Rapid STP, not PVST -> B is not correct.

0017.596d.1580 is the MAC address of this switch, not of the root bridge. The MAC address of the root bridge is 0017.596d.2a00 -> C is not correct.

All of the interface roles of the root bridge are designated. SwitchA has one Root port and 1 Alternative port so it is not the root bridge -> D is correct.

II.121. Which two benefits are provided by creating VLANs? (Choose two.)

  • added security
  • dedicated bandwidth
  • provides segmentation
  • allows switches to route traffic between subinterfaces
  • contains collisions
Show (Hide) Explanation/Reference
A VLAN is a switched network that is logically segmented on an organizational basis, by functions, project teams, or applications rather than on a physical or geographical basis.
Security:
VLANs also improve security by isolating groups. High-security users can be grouped into a VLAN, possible on the same physical segment, and no users outside that VLAN can communicate with them LAN Segmentation VLANs allow logical network topologies to overlay the physical switched infrastructure such that any arbitrary collection of LAN ports can be combined into an autonomous user group or community of interest. The technology logically segments the network into separate Layer 2 broadcast domains whereby packets are switched between ports designated to be within the same VLAN. By containing traffic originating on a particular LAN only to other LANs in the same VLAN, switched virtual networks avoid wasting bandwidth.

II.122. How many broadcast domains are shown in the graphic assuming only the default VLAN is confgured on the switches?

  • one
  • two
  • six
  • twelve
Show (Hide) Explanation/Reference
Only router can break up broadcast domains but in this exhibit no router is used so there is only 1 broadcast domain.

For your information, there are 7 collision domains in this exhibit (6 collision domains between hubs &amp; switches + 1 collision between the two switches).

II.123. Which term describes a spanning-tree network that has all switch ports in either the blocking or forwarding state?

  • converged
  • redundant
  • provisioned
  • spanned
Show (Hide) Explanation/Reference
Spanning Tree Protocol convergence (Layer 2 convergence) happens when bridges and switches have transitioned to either the forwarding or blocking state. When layer 2 is converged, root bridge is elected and all port roles (Root, Designated and Non-Designated) in all switches are selected.

II.124. A network administrator creates a layer 3 EtherChannel, bundling four interfaces into channel group 1. On what interface is the IP address configured?

  • the port-channel 1 interface
  • the highest number member interface
  • all member interfaces
  • the lowest number member interface

II.125. Which Cisco Catalyst feature automatically disables the port in an operational PortFast upon receipt of a BPDU?

  • BackboneFast
  • UplinkFast
  • Root Guard
  • BPDU Guard
  • BPDU Filter
Show (Hide) Explanation/Reference
We only enable PortFast feature on access ports (ports connected to end stations). But if someone does not know he can accidentally plug that port to another switch and a loop may occur when BPDUs are being transmitted and received on these ports. With BPDU Guard, when a PortFast receives a BPDU, it will be shut down to prevent a loop.

II.126. Refer to the exhibit. A technician is troubleshooting host connectivity issues on the switches. The hosts inVLANs 10 and 15 on Sw11 are unable to communicate with hosts in the same VLANs on Sw12. Hosts in the Admin VLAN are able to communicate. The port-to-VLAN assignments are identical on the two switches. What could be the problem?

  • The Fa0/1 port is not operational on one of the switches.
  • The link connecting the switches has not been configured as a trunk.
  • At least one port needs to be configured in VLAN 1 for VLANs 10 and 15 to be able to communicate.
  • Port FastEthernet 0/1 needs to be configured as an access link on both switches.
  • A router is required for hosts on SW11 in VLANs 10 and 15 to communicate with hosts in the same VLAN on Sw12.
Show (Hide) Explanation/Reference
In order for hosts in the same VLAN to communicate with each other over multiple switches, those switches need to be configured as trunks on their connected interfaces so that they can pass traffic from multiple VLANs.

II.127. Refer to the exhibit. Given this output for SwitchC, what should the network administrator’s next action be?

  • Check the trunk encapsulation mode for Switch C’s fa0/1 port.
  • Check the duplex mode for Switch C’s fa0/1 port.
  • Check the duplex mode for Switch A’s fa0/2 port.
  • Check the trunk encapsulation mode for Switch A’s fa0/2 port
Show (Hide) Explanation/Reference
Here we can see that this port is configured for full duplex, so the next step would be to check the duple setting of the port on the other switch. A mismatched trunk encapsulation would not result in input errors and CRC errors.

II.128. In a switched environment, what does the IEEE 802.1Q standard describe?

  • the operation of VTP
  • a method of VLAN trunking
  • an approach to wireless LAN communication
  • the process for root bridge selection
  • VLAN pruning
Show (Hide) Explanation/Reference
A broadcast domain must sometimes exist on more than one switch in the network. To accomplish this, one switch must send frames to another switch and indicate which VLAN a particular frame belongs to. On Cisco switches, a trunk link is created to accomplish this VLAN identification. ISL and IEEE 802.1Q are different methods of putting a VLAN identifier in a Layer 2 frame. The IEEE 802.1Q protocol interconnects VLANs between multiple switches, routers, and servers. With 802.1Q, a network administrator can define a VLAN topology to span multiple physical devices. Cisco switches support IEEE 802.1Q for FastEthernet and Gigabit Ethernet interfaces. An 802.1Q trunk link provides VLAN identification by adding a 4-byte tag to an Ethernet Frame as it leaves a trunk port.

II.129. An administrator is unsuccessful in adding VLAN 50 to a switch. While troubleshooting the problem, the administrator views the output of the show vtp status command, which is displayed in the graphic. What commands must be issued on this switch to add VLAN 50 to the database? (Choose two.)

  • Switch(config-if)# switchport access vlan 50
  • Switch(vlan)# vtp server
  • Switch(config)# config-revision 20
  • Switch(config)# vlan 50 name Tech
  • Switch(vlan)# vlan 50
  • Switch(vlan)# switchport trunk vlan 50

II.130. Refer to the exhibit. How many broadcast domains exist in the exhibited topology?

  • one
  • two
  • three
  • four
  • five
  • six

II.131. Refer to the exhibit. The network administrator has created a new VLAN on Switch1 and added host C and host D. The administrator has properly configured switch interfaces FastEthernet0/13 through FastEthernet0/14 to be members of the new VLAN. However, after the network administrator completed the configuration, host A could communicate with host B, but host A could not communicate with host C or host D. Which commands are required to resolve this problem?

Correct Answer: A

II.132. On a network of one department, there are four PCs connected to a switch, as shown in the following figure: After the Switch1 restarts. Host A (the host on the left) sends the first frame to Host C (the host on the right). What the first thing should the switch do?

  • Switch1 will add 192.168.23.12 to the switching table.
  • Switch1 will add 192.168.23.4 to the switching table.
  • Switch1 will add 000A.8A47.E612 to the switching table.
  • None of the above

II.133. A network administrator is explaining VTP configuration to a new technician. What should the network administrator tell the new technician about VTP configuration? (Choose three.)

  • A switch in the VTP client mode cannot update its local VLAN database.
  • A trunk link must be configured between the switches to forward VTP updates.
  • A switch in the VTP server mode can update a switch in the VTP transparent mode.
  • A switch in the VTP transparent mode will forward updates that it receives to other switches.
  • A switch in the VTP server mode only updates switches in the VTP client mode that have a higher VTP revision number.
  • A switch in the VTP server mode will update switches in the VTP client mode regardless of the configured VTP domain membership.

II.134. A company is installing IP phones. The phones and office computers connect to the same device. To ensure maximum throughput for the phone data, the company needs to make sure that the phone traffic is on a different network from that of the office computer data traffic. What is the best network device to which to directly connect the phones and computers, and what technology should be implemented on this device? (Choose two.)

  • hub
  • router
  • switch
  • STP
  • subinterfaces
  • VLAN

II.135. What are two benefits of using VTP in a switching environment? (Choose two.)

  • It allows switches to read frame tags.
  • It allows ports to be assigned to VLANs automatically.
  • It maintains VLAN consistency across a switched network.
  • It allows frames from multiple VLANs to use a single interface.
  • It allows VLAN information to be automatically propagated throughout the switching environment.

II.136. Which two values are used by Spanning Tree Protocol to elect a root bridge? (Choose two.)

  • amount of RAM
  • bridge priority
  • IOS version
  • IP address
  • MAC address
  • speed of the links

II.137. Which three statements are typical characteristics of VLAN arrangements? (Choose three.)

  • A new switch has no VLANs configured.
  • Connectivity between VLANs requires a Layer 3 device.
  • VLANs typically decrease the number of collision domains.
  • Each VLAN uses a separate address space.
  • A switch maintains a separate bridging table for each VLAN.
  • VLANs cannot span multiple switches.

II.138. Switch ports operating in which two roles will forward traffic according to the IEEE 802.1w standard? (Choose two.)

  • alternate
  • backup
  • designated
  • disabled
  • root

II.139. Refer to the exhibit. This command is executed on 2960Switch: Which two of these statements correctly identify results of executing the command? (Choose two.)

  • Port security is implemented on the fa0/1 interface.
  • MAC address 0000.00aa.aaaa does not need to be learned by this switch.
  • Only MAC address 0000.00aa.aaaa can source frames on the fa0/1 segment.
  • Frames with a Layer 2 source address of 0000.00aa.aaaa will be forwarded out fa0/1.
  • MAC address 0000.00aa.aaaa will be listed in the MAC address table for interface fa0/1 only.

II.140. Refer to the exhibit. The switches on a campus network have been interconnected as shown. All of the switches are running Spanning Tree Protocol with its default settings. Unusual traffic patterns are observed and it is discovered that Switch9 is the root bridge. Which change will ensure that Switch1 will be selected as the root bridge instead of Switch9?

  • Raise the bridge priority on Switch1.
  • Lower the bridge priority on Switch9.
  • Raise the bridge priority on Switch9.
  • Physically replace Switch9 with Switch1 in the topology.
  • Disable spanning tree on Switch9.
  • Lower the bridge priority on Switch1.

II.141. Which statement about DTP is true?

  • It uses the native VLAN.
  • It negotiates a trunk link after VTP has been configured.
  • It uses desirable mode by default.
  • It sends data on VLAN 1.
Show (Hide) Explanation/Reference

Disabling Dynamic Trunking Protocol (DTP)
Cisco’s Dynamic Trunking Protocol can facilitate the automatic creation of trunks between two switches. When two connected ports are configured in dynamic mode, and at least one of the ports is configured as desirable, the two switches will negotiate the formation of a trunk across the link. DTP isn’t to be confused with VLAN Trunking Protocol (VTP), although the VTP domain does come into play.

DTP on the wire is pretty simple, essentially only advertising the VTP domain, the status of the interface, and its DTP type. These packets are transmitted in the native (or access) VLAN every 60 seconds both natively and with ISL encapsulation (tagged as VLAN 1) when DTP is enabled.

II.142. Which feature can you use to monitor traffic on a switch by replicating it to another port or ports on the same switch?

  • copy run start
  • traceroute
  • the ICMP Echo IP SLA
  • SPAN
Show (Hide) Explanation/Reference
Switched Port Analyzer (SPAN) is used to analyze network traffic passing through ports on a switch. For example we can configure the Switch to monitor its interface Fa0/0, which connects to the Core, by sending all traffic to/from Fa0/0 to its Fa0/1 interface. At Fa0/1 interface we connect to a computer and use such a software like Wireshark to capture the packets.

II.143. Refer to the exhibit. While troubleshooting a switch, you executed the show interface port-channel 1 etherchannel command and it returned this output.
Which information is provided by the Load value?

  • the percentage of use of the link
  • the preference of the link
  • the session count of the link
  • the number source-destination pairs on the link
Show (Hide) Explanation/Reference
The way EtherChannel load balancing works is that the switch assigns a hash result from 0-7 based on the configured hash method ( load balancing algorithm ) for the type of traffic. This hash result is commonly called as Result Bundle Hash (RBH).

Now we need to convert Load value from Hexadecimal to Binary numbers. Therefore:
+ Gi1/1: 36 (Hex) = ‭00110110‬ (Bin) -> Bits 3, 4, 6, 7 are chosen
+ Gi1/2: 84 (Hex) = ‭10000100‬ (Bin) -> Bits 1, 6 are chosen
+ Gi1/3: 16 (Hex) = ‭00010110‬ (Bin) -> Bits 4, 6, 7 are chosen

Therefore if the RBH is 3, it will choose Gi1/1. If RBH is 4, it will choose Gi1/1 and Gi1/3 interfaces. If RBH is 6 it will choose all three above interfaces. And the bit sharing ratio is 3:3:2 (from “No of bits” column) hence two links has higher probability of getting utilized as compared to the third link.

II.144. Which statement about slow inter VLAN forwarding is true?

  • The VLAN is experiencing slowness in the point-to-point collisionless connection.
  • The VLANs are experiencing slowness because multiple devices are connected to the same hub.
  • The local VLAN is working normally, but traffic to the alternate VLAN is forwarded slower than expected.
  • The entire VLAN is experiencing slowness.
  • The VLANs are experiencing slowness due to a duplex mismatch.
Show (Hide) Explanation/Reference
Common Causes of Slow IntraVLAN and InterVLAN Connectivity The symptoms of slow connectivity on a VLAN can be caused by multiple factors on different network layers. Commonly the network speed issue may be occurring on a lower level, but symptoms can be observed on a higher level as the problem masks itself under the term “slow VLAN”. To clarify, this document defines the following new terms: “slow collision domain”, “slow broadcast domain” (in other words, slow VLAN), and “slow interVLAN forwarding”. These are defined in the section Three Categories of Causes, below.
In the following scenario (illustrated in the network diagram below), there is a Layer 3 (L3) switch performing interVLAN routing between the server and client VLANs. In this failure scenario, one server is connected to a switch, and the port duplex mode is configured half- duplex on the server side and full-duplex on the switch side. This misconfiguration results in a packet loss and slowness, with increased packet loss when higher traffic rates occur on the link where the server is connected. For the clients who communicate with this server, the problem looks like slow interVLAN forwarding because they do not have a problem communicating to other devices or clients on the same VLAN. The problem occurs only when communicating to the server on a different VLAN. Thus, the problem occurred on a single collision domain, but is seen as slow interVLAN forwarding.

Three Categories of Causes
The causes of slowness can be divided into three categories, as follows:
Slow Collision Domain Connectivity
Collision domain is defined as connected devices configured in a half-duplex port configuration, connected to each other or a hub. If a device is connected to a switch port and full-duplex mode is configured, such a pointto-point connection is collisionless. Slowness on such a segment still can occur for different reasons.
Slow Broadcast Domain Connectivity (Slow VLAN)
Slow broadcast domain connectivity occurs when the whole VLAN (that is, all devices on the same VLAN)
experiences slowness.
Slow InterVLAN Connectivity (Slow Forwarding Between VLANs) Slow interVLAN connectivity (slow forwarding between VLANs) occurs when there is no slowness on the local VLAN, but traffic needs to be forwarded to an alternate VLAN, and it is not forwarded at the expected rate.
Causes for Network Slowness
Packet Loss
In most cases, a network is considered slow when higher-layer protocols (applications) require extended time to complete an operation that typically runs faster. That slowness is caused by the loss of some packets on the network, which causes higher-level protocols like TCP or applications to time out and initiate retransmission.
Hardware Forwarding Issues
With another type of slowness, caused by network equipment, forwarding (whether Layer 2 [L2] or L3) is performed slowly. This is due to a deviation from normal (designed) operation and switching to slow path forwarding. An example of this is when Multilayer Switching (MLS) on the switch forwards L3 packets between
VLANs in the hardware, but due to misconfiguration, MLS is not functioning properly and forwarding is done by the router in the software (which drops the interVLAN forwarding rate significantly).

II.145. Which option describes how a switch in rapid PVST+ mode responds to a topology change?

  • It immediately deletes dynamic MAC addresses that were learned by all ports on the switch.
  • It sets a timer to delete all MAC addresses that were learned dynamically by ports in the same STP instance.
  • It sets a timer to delete dynamic MAC addresses that were learned by all ports on the switch.
  • It immediately deletes all MAC addresses that were learned dynamically by ports in the same STP instance.
Show (Hide) Explanation/Reference
Rapid PVST+This spanning-tree mode is the same as PVST+ except that is uses a rapid convergence based
on the IEEE 802.1w standard. To provide rapid convergence, the rapid PVST+ immediately deletes
dynamically learned MAC address entries on a per-port basis upon receiving a topology change. By contrast,
PVST+ uses a short aging time for dynamically learned MAC address entries.
The rapid PVST+ uses the same configuration as PVST+ (except where noted), and the switch needs only
minimal extra configuration. The benefit of rapid PVST+ is that you can migrate a large PVST+ install base to
rapid PVST+ without having to learn the complexities of the MSTP configuration and without having to
reprovision your network. In rapid-PVST+ mode, each VLAN runs its own spanning-tree instance up to the
maximum supported.

II.146. Which statement about switch access ports is true?

  • They drop packets with 802.1Q tags.
  • A VLAN must be assigned to an access port before it is created.
  • They can receive traffic from more than one VLAN with no voice support
  • By default, they carry traffic for VLAN 10.
Show (Hide) Explanation/Reference
A VLAN does not need to be assigned to any port -> B is not correct.
An access port can only receive traffic from one VLAN -> C is not correct.
If not assigned to a specific VLAN, an access port carries traffic for VLAN 1 by default -> D is not correct.
An access port will drop packets with 802.1Q tags -> A is correct. Notice that 802.1Q tags are used to packets moving on trunk links.

II.147. Which two switch states are valid for 802.1w? (Choose two.)

  • listening
  • backup
  • disabled
  • learning
  • discarding
Show (Hide) Explanation/Reference
IEEE 802.1w is Rapid Spanning Tree Protocol (RSTP). There are only three port states left in RSTP that correspond to the three possible operational states. The 802.1D disabled, blocking, and listening states are merged into the 802.1w discarding state.
* Discarding – the port does not forward frames, process received frames, or learn MAC addresses – but it does listen for BPDUs (like the STP blocking state)
* Learning – receives and transmits BPDUs and learns MAC addresses but does not yet forward frames (same as STP).
* Forwarding – receives and sends data, normal operation, learns MAC address, receives and transmits BPDUs (same as STP).

II.148. Which feature allows a device to use a switch port that is configured for half-duplex to access the network?

  • CSMA/CD
  • IGMP
  • port security
  • split horizon
Show (Hide) Explanation/Reference
Ethernet began as a local area network technology that provided a half-duplex shared channel for stations connected to coaxial cable segments linked with signal repeaters. In this appendix, we take a detailed look at the half-duplex shared-channel mode of operation, and at the CSMA/CD mechanism that makes it work. In the original half-duplex mode, the CSMA/CD protocol allows a set of stations to compete for access to a shared Ethernet channel in a fair and equitable manner. The protocol’s rules determine the behavior of Ethernet stations, including when they are allowed to transmit a frame onto a shared Ethernet channel, and what to do when a collision occurs. Today, virtually all devices are connected to Ethernet switch ports over full-duplex media, such as twisted-pair cables. On this type of connection, assuming that both devices can support the full-duplex mode of operation and that Auto-Negotiation (AN) is enabled, the AN protocol will automatically select the highest-performance mode of operation supported by the devices at each end of the link. That will result in full-duplex mode for the vast majority of Ethernet connections with modern interfaces that support full duplex and AN.

II.149. Which two statements about switch stacking are true? (Choose two)

  • The stack is powered by a single power cable
  • The switches are connected in a daisy-chain fashion
  • The first and last switch in the stack must be connected to one another
  • The switches are connected by crossover cables
  • The switches must be fully meshed

II.150. Which symptom most commonly indicates that two connecting interfaces are configured with a duplex mismatch?

  • the spanning-tree process shutting down
  • collisions on the interface
  • an interface with a down/down status
  • an interface with an up/down status
Show (Hide) Explanation/Reference
A late collision is defined as any collision that occurs after the first 512 bits of the frame have been transmitted. The usual possible causes are full-duplex/half-duplex mismatch, exceeded Ethernet cable length limits, or defective hardware such as incorrect cabling, non-compliant number of hubs in the network, or a bad NIC.

Note: On an Ethernet connection, a duplex mismatch is a condition where two connected devices operate in different duplex modes, that is, one operates in half duplex while the other one operates in full duplex.

Duplex mismatch would not cause the link to be down/down, but would only result in poor performance like increase late collisions on the interface.

II.151. Which option is the main function of congestion management?

  • discarding excess traffic
  • queuing traffic based on priority
  • classifying traffic
  • providing long-term storage of buffered data

II.152. Which feature must you enable to distribute vlans automatically across multiple switch?

  • Configure NTP
  • Configure the native VLAN
  • Define Each vlan
  • Configure VTP

II.153. Which three statements about VTP features are true? (Choose three.)

  • VTP works at Layer 3 of the OSI model and requires that a management VLAN IP address be configured.
  • When properly configured, VTP minimizes VLAN misconfigurations and configuration inconsistencies.
  • When properly configured, VTP maintains VLAN configuration consistency and accelerates trunk link negotiation.
  • Each broadcast domain on a switch can have its own unique VTP domain.
  • VTP pruning is used to increase available bandwidth in trunk links.
  • To configure a switch to be part of two VTP domains, each domain must have its own passwords.
  • Client, server, and transparent are valid VTP modes.

II.154. Which two statements about LLDP are true ?(choose two)

  • It uses mandatory TLVs to discover the neighboring devices
  • It functions at Layer 2 and Layer 3
  • It is a Cisco-proprietary technology
  • It is implemented in accordance with the 802.11a specification
  • It enables systems to learn about one another over the data-link layer

II.155. Which two benefits can you get by stacking Cisco switches?(choose two)

  • Each switch in the stack handles the MAC table independently from the others
  • You can add or remove switches without taking the stack down.
  • Each switch in the stack can use a different IOS image
  • The stack enables any active member to take over as the master switch if the existing master fails.
  • You can license the entire stack with a single master license
Show (Hide) Explanation/Reference
Each stack has only one configuration file, which is distributed to each member in the stack. This allows each switch in the stack to share the same network topology, MAC address, and routing information. In addition, it allows for any member to become the master, if the master ever fails -> Answer D is correct while answer A is not correct.

Switches can be added and deleted to a working stack without affecting stack performance. When a new switch is added, the master switch automatically configures the unit with the currently running Cisco IOS Software image and configuration of the stack. The stack will gather information such as switching table information and update the MAC tables as new addresses are learned. The network manager does not have to do anything to bring up the switch before it is ready to operate. Similarly, switches can be removed from a working stack without any operational effect on the remaining switches. When the stack discovers that a series of ports is no longer present, it will update this information without affecting forwarding or routing. A working stack can accept new members or delete old ones without service interruption -> Answer B is correct.

Reference: https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3750-series-switches/prod_white_paper09186a00801b096a.html

II.156. Which VTP mode cannot make a change to vlan?

  • server
  • off
  • client
  • transparent
Show (Hide) Explanation/Reference
VTP Client
· VTP clients function the same way as VTP servers, but you cannot create, change, or delete VLANs on a VTP client.
· A VTP client only stores the VLAN information for the entire domain while the switch is on.
· A switch reset deletes the VLAN information.
· You must configure VTP client mode on a switch. 

II.157. Which two circumstances can cause collision domain issues on VLAN domain? (Choose two)

  • duplex mismatches on Ethernet segments in the same VLAN
  • multiple errors on switchport interfaces
  • congestion on the switch inband path
  • a failing NIC in an end device
  • an overloaded shared segment
Show (Hide) Explanation/Reference
On an Ethernet connection, a duplex mismatch is a condition where two connected devices operate in different duplex modes, that is, one operates in half duplex while the other one operates in full duplex. Duplex mismatch can easily cause collision domain issue as the device that operates in full duplex mode turns off CSMA/CD. So it is eager to send data immediately without checking if the link is free to use -> A is correct.

An “inband path” is the path which provides path for management traffic (like CDP, VTP, PAgP…) but we are not sure why congestion on the switch inband path can cause collision domain issues. Maybe congestion on inband path prevents the JAM signal (sent when a collision occurs on the link) to be sent correctly on the link.

II.158. Which protocol supports sharing the VLAN configuration between two or more switches?

  • multicast
  • STP
  • VTP
  • split-horizon
Show (Hide) Explanation/Reference
VTP allows a network manager to configure a switch so that it will propagate VLAN configurations to other switches in the network” VTP minimizes misconfigurations and configuration inconsistencies that can cause problems, such as duplicate VLAN names or incorrect VLAN-type specifications. VTP helps you simplify management of the VLAN database across multiple switches. VTP is a Cisco-proprietary protocol and is available on most of the Cisco switches

II.159. Which spanning-tree feature places a port immediately into a forwarding stated?

  • BPDU guard
  • PortFast
  • loop guard
  • UDLD
  • Uplink Fast
Show (Hide) Explanation/Reference
PortFast causes a switch or trunk port to enter the spanning tree forwarding state immediately, bypassing the listening and learning states. You can use PortFast on switch or trunk ports that are connected to a single workstation, switch, or server to allow those devices to connect to the network immediately, instead of waiting for the port to transition from the listening and learning states to the forwarding state.

II.160. In which STP state does MAC address learning take place on a PortFast-enabled port?

  • listening
  • forwarding
  • discarding
  • learning

II.161. Refer to the exhibit.
A network associate needs to configure the switches and router in the graphic so that the hosts in VLAN3 and VLAN4 can communicate with the enterprise server in VLAN2. Which two Ethernet segments would need to be configured as trunk links? (Choose two.)

  • A
  • B
  • C
  • D
  • E
  • F

II.162. Which IEEE standard does PVST+ use to tunnel information?

  • 802.1x
  • 802.1q
  • 802.1w
  • 802.1s
Show (Hide) Explanation/Reference
Cisco developed PVST+ to allow strolling numerous STP instances, even over an 802.1Q network via the use of a tunneling mechanism. PVST+ utilizes Cisco gadgets to hook up with a Mono Spanning Tree area to a PVST+ region. No particular configuration is needed to attain this. PVST+ affords assist for 802.1Q trunks and the mapping of a couple of spanning trees to the single spanning tree of popular 802.1Q switches strolling Mono Spanning Tree.

II.163. What is the default VLAN on an access port?

  • 0
  • 1
  • 10
  • 1024
Show (Hide) Explanation/Reference
If we configure an access port as follows:

Switch(config)#interface fa0/1
Switch(config-if)#switchport mode access

Then this interface, by default, will belong to VLAN 1. Of course we can assign another VLAN to this port via the “switchport access vlan {vlan-number}” command. 

II.164. Which VTP mode prevents you from making changes to VLANs?

  • server
  • off
  • client
  • transparent

II.165. On which type of port can switches interconnect for multi-VLAN communication?

  • interface port
  • access port
  • switch port
  • trunk port

II.166. Which two of these statements regarding RSTP are correct? (Choose two)

  • RSTP cannot operate with PVST+.
  • RSTP defines new port roles.
  • RSTP defines no new port states.
  • RSTP is a proprietary implementation of IEEE 802.1D STP.
  • RSTP is compatible with the original IEEE 802.1D STP.

II.167. If primary and secondary root switches with priority 16384 both experience catastrophic losses, which tertiary switch can take over?

  • a switch with priority 20480
  • a switch with priority 8192
  • a switch with priority 4096
  • a switch with priority 12288
Show (Hide) Explanation/Reference
This is a tricky question. We know the switch with lowest value of priority is elected the root switch. Therefore in this question the switches with priority of 4096, 8192, 12288 (which are lower than the current value of the root bridge 16384) are not joining the root bridge election by somehow. The only suitable answer is the switch with priority 20480 will become the root bridge.

II.168. What is true about Ethernet? (Choose Two.)

  • 802.2 Protocol
  • 802.3 Protocol
  • 10BaseT half duplex
  • CSMA/CD Stops transmitting when congestion occurs
  • CSMA/CA Stops transmitting when congestion occurs
Show (Hide) Explanation/Reference
Carrier sense multiple access with collision detection (CSMA/CD) is a media access control method used most notably in early Ethernet (IEEE 802.3) technology for local area networking. When collision detection (CD) observes a collision (excess current above what it is generating, i.e. > 24 mA for coaxial Ethernet), it stops transmission immediately and instead transmits a 32-bit jam sequence.

Note: CSMA/CA (Carrier Sense Multiple Access/Collision Avoidance) is a protocol for carrier transmission used in wireless networks. Unlike CSMA/CD (Carrier Sense Multiple Access/Collision Detect) which deals with transmissions after a collision has occurred, CSMA/CA acts to prevent collisions before they happen.

II.169. What field is consisted of 6 bytes in the field identification frame in IEEE 802.1Q?

  • SA
  • DA
  • FCS
  • SOF

II.170. Which three options are switchport configurations that can always avoid duplex mismatch errors between theswitches? (Choose three.)

  • Set both side auto-negotiation
  • Set both sides on half duplex
  • Set one side auto and the other side half duplex.
  • Set both sides of connection to full duplex.
  • Set one side auto and the other side on full duplex.
  • Set one side full duplex and the other side half duplex.

II.171. Which technology can enable multiple VLANs to communicate with one another?

  • Intra-vlan routing using a layer 3 switch
  • Inter-vlan routing using a layer 3 switch
  • Inter-vlan routing using a layer 2 switch
  • Intra-vlan routing using router on a stick

II.172. Refer to the exhibit. Which two statements are true about interVLAN routing in the topology that is shown in the exhibit? (Choose two.)

  • Host E and host F use the same IP gateway address.
  • Router1 and Switch2 should be connected via a crossover cable.
  • Router1 will not play a role in communications between host A and host D.
  • The FastEthernet 0/0 interface on Router1 must be configured with subinterfaces.
  • Router1 needs more LAN interfaces to accommodate the VLANs that are shown in the exhibit.
  • The FastEthernet 0/0 interface on Router1 and the FastEthernet 0/1 interface on Switch2 trunk ports must be configured using the same encapsulation type.
Show (Hide) Explanation/Reference
In order for multiple VLANs to connect to a single physical interface on a Cisco router, subinterfaces must be used, one for each VLAN. This is known as the router on a stick configuration. Also, for any trunk to be formed, both ends of the trunk must agree on the encapsulation type, so each one must be configured for 802.1q or ISL.

II.173. What value is primarily used to determine which port becomes the root port on each non-root switch in a spanning-tree topology?

  • path cost
  • lowest port MAC address
  • VTP revision number
  • highest port priority number
  • port priority number and MAC address
Show (Hide) Explanation/Reference
The path cost to the root bridge is the most important value to determine which port will become the root port on each non-root switch. In particular, the port with lowest cost to the root bridge will become root port (on non-root switch).

II.174. How is provided master redundancy on a stacked switches?

  • 1:N
  • N:1
  • 1:1
  • 1+N
Show (Hide) Explanation/Reference
1:N master redundancy: Every switch in the stack can act as the master. If the current master fails, another master is elected from the stack.

1:N master redundancy allows each stack member to serve as a master, providing the highest reliability for forwarding. Each switch in the stack can serve as a master, creating a 1:N availability scheme for network control. In the unlikely event of a single unit failure, all other units continue to forward traffic and maintain operation.

Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-3750-series-switches/prod_white_paper09186a00801b096a.html

Note:

N+1 simply means that there is a power backup in place should any single system component fail. The ‘N’ in this equation stands for the number of components necessary to run your system. The ‘+1’ means there is one independent backup should a component of that system fail. An example of “N+1” is your family has 5 members, so you need 5 cups to drink. But you have one extra cup for redundancy (6 cups in total) so that if any cup breaks, you still have enough cups for the family.

II.175. DRAG DROP. Drag and drop the STP features from the left onto the correct descriptions on the right.

Select and Place:

Correct Answer:

II.176. Which three elements must be used when you configure a router interface for VLAN trunking? (Choose three.)

  • one physical interface for each subinterface
  • one IP network or subnetwork for each subinterface
  • a management domain for each subinterface
  • subinterface encapsulation identifiers that match VLAN tags
  • one subinterface per VLAN
  • subinterface numbering that matches VLAN tags
Show (Hide) Explanation/Reference
This scenario is commonly called a router on a stick. A short, well written article on this operation can be
found here: http://www.thebryantadvantage.com/RouterOnAStickCCNACertificationExamTutorial.htm

II.177. Refer to the exhibit. A network administrator is configuring an EtherChannel between SW1 and SW2. The SW1 configuration is shown. What is the correct configuration for SW2?

Correct Answer: C

II.178. Refer to the exhibit. After HostA pings HostB, which entry will be in the ARP cache of HostA to support this transmission?

Correct Answer: A

Show (Hide) Explanation/Reference
When a host needs to reach a device on another subnet, the ARP cache entry will be that of the Ethernet
address of the local router (default gateway) for the physical MAC address. The destination IP address will not change, and will be that of the remote host (HostB).

II.179. Based on the output below from SwitchB, which statement is true?

  • The MAC address of the root bridge is 0017.596d.1580.
  • The Fa0/11 role confirms that SwitchB is the root bridge for VLAN 40.
  • SwitchB is not the root bridge, because not all of the interface roles are designated.
  • VLAN 40 is running the Per VLAN Spanning Tree Protocol.

II.180. A router has two Fast Ethernet interfaces and needs to connect to four VLANs in the local network. How can you accomplish this task, using the fewest physical interfaces and without decreasing network performance?

  • A. Use a hub to connect the four VLANS with a Fast Ethernet interface on the router.
  • B. Add a second router to handle the VLAN traffic.
  • C. Add two more Fast Ethernet interfaces.
  • D. Implement a router-on-a-stick configuration.
Show (Hide) Explanation/Reference
A router on a stick allows you to use sub-interfaces to create multiple logical networks on a single physical interface.

II.181. Refer to the exhibit, The VLAN configuration of S1 is not being in this VTP enabled environment. The VTP and uplink port configurations for each switch are displayed. Which two command sets, if issued, resolve this failure and allow VTP to operate as expected? (Choose two.)

Correct Answer: BE

II.182. How are VTP advertisements delivered to switches across the network?

  • anycast frames
  • multicast frames
  • broadcast frames
  • unicast frames

II.183. What are two reasons a network administrator would use CDP? (Choose two.)

  • to verify the type of cable interconnecting two devices
  • to determine the status of network services on a remote device
  • to obtain VLAN information from directly connected switches
  • to verify Layer 2 connectivity between two devices when Layer 3 fails
  • to obtain the IP address of a connected device in order to telnet to the device
  • to determine the status of the routing protocols between directly connected routers

II.184. How can you manually configure a switch so that it is selected as the root Switch?

  • increase the priority number
  • lower the port priority number
  • lower the priority number
  • increase the port priority number

II.185. DRAG DROP. Drag and drop the MAC address types from the left onto the correct descriptions on the right?

Select and Place:

Correct Answer:

II.186. Which three options are switch port config that can always avoid duplex mismatch error between the switches? (Choose three.)

  • set both side on auto-negotiation
  • set both sides on half-duplex
  • set one side auto and other side half-duplex
  • set both side of connection to full-duplexE. set one side auto and other side on full-duplex
  • set one side full-duplex and other side half-duplex

II.187. Which option is the master redundancy scheme for stacked switches?

  • 1:N
  • 1:1
  • N:1
  • 1+N

II.188. Under which two circumstances is a switch port that is configured with PortFast BPDU guard error-disabled? (Choose two.)

  • when the switch receives a BPDU from a connected switch
  • when the switch receives a request for an IP address from an individual PC
  • when a connected server has more than one VLAN configured on its NIC
  • when a wireless access point running in bridge mode is connected to a switch
  • when a single IP address is configured on the switch

Related Articles

113
Leave a Reply

avatar
62 Comment threads
51 Thread replies
17 Followers
 
Most reacted comment
Hottest comment thread
66 Comment authors
Null0NarcisAlexGaboAndreas Recent comment authors
newest oldest most voted
Null0
Guest
Null0

For everyone that is gonna take the test these days, just wanna say that more that 80% of the questions in here where in the test that i took today. Just pay attention to details. About LAB i had ACL one and EIGRP, but careful because configuration at EIGRP was a bit diffrent. Cheers

Narcis
Guest
Narcis

Question VII.15…the correct answer is c. hop-by-hop response time

Alex
Guest
Alex

VI.A network administrator needs to allow only one Telnet connection to a router. For anyone viewing the configuration and issuing the show run command, the password for Telnet access should be encrypted. Which set of commands will accomplish this task?

Answer: C

Null0
Guest
Null0

145. Question is wrong, you need to switch single homed with single multihomed…multihomed means two or more different ISP and homed mean to only one ISP.

Null0
Guest
Null0

VIII.136. Which access layer threat mitigation technique provides security by acting as a filter between trusted and untrusted traffic sources?

DHCP snooping
dynamic packet inspection
a nondefault native VLAN
802.1X

It is DHCP Snooping and not 802.1X the correct answer.

” DHCP snooping is a security feature that acts like a firewall between untrusted hosts and trusted DHCP servers. The DHCP snooping feature performs the following activities: ….
The DHCP snooping feature determines whether traffic sources are trusted or untrusted….” from cisco site.

alex
Guest
alex

II.112 Refer to the exhibit. The two exhibited devices are the only Cisco devices on the network. The serial network between the two devices has a mask of 255.255.255.252. Given the output that is shown, what three statements are true of these devices? (Choose three.)

correct answer:

The Manchester serial address is 10.1.1.1
The London router is a Cisco 2610
The CDP information was received on port Serial0/0 of the Manchester router

Andreas
Guest
Andreas

qestion II.24 Which three commands MUST you enter
we cant enter 2 modes. in layer 3 switches we have to put switchport trunk encapsulation dot1q but the question doesnt mention layer 3. any suggestions?

Andreas
Guest
Andreas

question I.71 the answer is different than the explanation. pls be more specific

Adam
Guest
Adam

what does these sections means which pages is current and valid?

Germán Castro
Guest
Germán Castro

hi, guys. I believe the ansewer to the first question “. Which three statements about DWDM are true?” is wrong. It seems to me that the correct ones are A B D, instead of C D E as shown. Could you please comment on that?

Gabo
Guest
Gabo

I think the same too. That question appear in Sect II and IV. In the 2nd is answered correct.

****************************************************
DWDM circuits are used in all modern submarine communications cable systems and other long-haul circuits.

Specifically, DWDM

Enables bidirectional communications over one strand of fiber
Assigns incoming optical signals to specific wavelengths of light (i.e., frequencies)
Each channel is capable of carrying a 10-Gbps multiplexed signal
Can multiplex more than 80 different channels of data (i.e., wavelengths) onto a single fiber
Can amplify these wavelengths to boost the signal strength
Supports SONET and SDH standards

Alin
Guest
Alin

Question 159 the correct answer is 2 no 3 . I’m right?

Null0
Guest
Null0

Nope, its 3… 3 host to one port of a switch with a hub ( one collision), 2 hosts in another port ( two collision) and one port of the switch to the router and we have 3 collision, because it is asking how many collision are seen from the router and the router should be connected to the switch. Hope it helps

Khan
Guest
Khan

did anyone attempt the Cisco 200-125 exam in feb? Plz help out with the lab that came?

Bart
Guest
Bart

I.124. Which three are characteristics of an IPv6 anycast address? (Choose three.)

in that question you have only 2 answers marked instead of 3.

alex
Guest
alex

the third answer is: one-to-nearest communication model

Robin Hatton
Guest
Robin Hatton

I.34. – SA is the only possible answer as DA (although 6bytes) does not have to be a unique address as it can also be a broadcast address.

– Robin

Meek Mars
Guest
Meek Mars

Question 32

Why is not switch 1 the Root as it has the lowest priority?

Is it because switch 3 is at the distribution level?

Festus Morumbasi
Guest
Festus Morumbasi

VIII.232. Which port security violation mode drop traffic from unknown MAC addresses and sends an SNMP trap?

Correct answer: restrict

wasd22
Guest
wasd22

question 201 and 232 are the same with different answers.
VIII.232. Which port security violation mode drop traffic from unknown MAC addresses and sends an SNMP trap?

Protect
Resrict
Shutdown
Shutdown VLAN

still not sure about the answer, becuase the snmp trap is sent on different IOS version of the catalyst series ( https://community.cisco.com/t5/switching/snmp-trap-port-security-violation-shutdown-problem-stumper/td-p/1894494 )
3560X and 3750X, 3570 sent the snmp trap only on restrict, don’t know about newer models.

can somebody please clarify this? even in the netacad platform there isn’t a clear explanation (5.2.2.3 CCNA module 2)

hmm
Guest
hmm

I think #214 is wrong

should be Verify that the devices of interest are included in the device inventory

source: https://www.econfigs.com/ccna-6-4-verify-acls-using-the-apic-em-path-trace-acl-analysis-tool/

Before You Begin
Make sure that you have devices in your inventory. If not, discover devices using the Discovery function.
Ensure that the controller has SSH or Telnet access to the device

Abeer
Guest
Abeer

is it updated ?

vinoth
Guest
vinoth

hi i study CCNA version 6 .next month i will sit for the exam which dump is perfect for me please can you tell me

Alex
Guest
Alex

In qestion 221 I think the corect annswerd is pc to router crossover and sw to hub strait I think

Tanvir
Guest
Tanvir

Someones told me ccna dumps change today last dumps didn’t work, can you give me the latest dumps please

Sabbir
Guest
Sabbir

Q221: PC to Router cable is Crossover and Switch to Wireless Point is Staright-Through.

Farid
Guest
Farid

Hey guys, I wanted to ask a question on if we will get exact same questions on the real exam, and if this is made for practice only?

soni.ritika220@gmail.com
Guest
soni.ritika220@gmail.com

72. Which two statements about VTP are true? (Choose two.)

All switches must be configured with the same VTP domain name*
All switches must be configured to perform trunk negotiation.
All switches must be configured with a unique VTP domain name
The VTP server must have the highest revision number in the domain*
All switches must use the same VTP version.

The answer should be
All switches must be configured with the same VTP domain name*
All switches must use the same VTP version.
Please correct me if I am wrong

Abdi
Guest
Abdi

hey guys. the current CCNA is version 6. but the dump is i think its version 3 how can its compatible? please reply.

Abdi
Guest
Abdi

no one reply?

harlock
Guest
harlock

Is it still vaild?

Jin Kas
Guest
Jin Kas

Hi, is this still valid the questions and labs?

Nirmesh
Guest
Nirmesh

Is it still relevant?

John
Guest
John

Hello,
Can you please provide a downloaded pdf version?
Thank you.

Sasi
Guest
Sasi

Are these questions still valid

xhh
Guest
xhh

are the exams strick about mobile phone in room

Kamil
Guest
Kamil

VIII. 113. Show license udi and show version are correct. There is no command like show license status at all.

Ron
Guest
Ron

I don’t see IP SLA questions in this website. Does anyone know which session it belongs to ?
Thanks,

*.onion
Guest
*.onion

VIII.147
Correct Answer are:
–>Define a dialer interface*
–>**Create a dialer pool and bind it to the physical interface**

(Create a dialer pool and bind it to the virtual template* its not a correct anwser)

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/bbdsl/configuration/xe-3s/bba-xe-3s-book/bba-pppoe-client-xe.html

*.onion
Guest
*.onion

VIII.108
corrects answer are:
–>The interface is error-disabled if packets arrive from a new unknown source address*
–>**It has dynamically learned two secure MAC addresses.**

When violation-mode is protect, violation counter does NOT increment.

(The security violation counter increments if packets arrive from a new unknown source address* its not a correct anwser)

https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/nxos/commands/l2/switchport-port-security-violation.html

Mati
Guest
Mati

–>The interface is error-disabled if packets arrive from a new unknown source address* INCORRECT

–>**It has dynamically learned two secure MAC addresses.** CORRECT

*.onion
Guest
*.onion

VIII.92.
I think, the correct answer is strict:
Strict is used to specify the hop(s) that you want the packet to go through, but no other hop(s) are allowed to be visited.

Record is a very useful option because it displays the address(es) of the hops (up to nine) the packet goes through.

https://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/13730-ext-ping-trace.html

Joseph
Guest
Joseph

VIII.147.Which two actions must you take to correctly configure PPPoE on a client? (Choose two.)
The right answer is a : Define a dialer interface and Create a dialer pool and bind it to the physical
interface.

Rey
Guest
Rey

III.42. According to the routing table, where will the router send a packet destined for 10.1.5.65? – The multiple choice answers given in the VCE file needs to be corrected to the ones displayed here. III.15. Based on the exhibited routing table, how will packets from a host within the 192.168.10.192/26 LAN be forwarded to 192.168.10.1? – No routing table is displayed 🙁 III.109. Which two are advantages of static routing when compared to dynamic routing? (Choose two.) – In the VCE file it only lets you choose one option even though it says choose two. III.65. A router receives… Read more »

Andrew
Guest
Andrew

VIII.25. Which two statements about configuring an Ether Channel on a Cisco switch are true?(Choose two)

The right answers are:
The interfaces configured in the Ether Channel must operate at the same speed and duplex mode*
The interfaces configured in the Ether Channel must be part of the same VLAN or trunk

But not:
The interfaces configured in the Ether Channel must be on the same physical switch*

Kevin
Guest
Kevin

Thank you for the information on your site, it really is very useful. About the file in VCE format please update it with all questions.

Andrew
Guest
Andrew

The question:
I.87. Which protocol does ipv6 use to discover other ipv6 nodes on the same segment?

The right answer is a NDP, not an ARP

Andrey
Guest
Andrey

Question:
I.87.Which protocol does ipv6 use to discover other ipv6 nodes on the same segment?
Right answer is NDP, not an ARP!!!

Tony
Guest
Tony

Are these questions still valid as i will be writing the exam in 2weeks time?

Rey
Guest
Rey

Routing Technologies – III.123. You have configured a router with an OSPF router ID, but its IP address still reflects the physical interface. Which action can you take to correct the problem in the least disruptive way?

Reload the OSPF process
Reboot the router
Specify a loopback address*
Save the router configuration

This one is really confusing. I think the correct answer is Reload the OSPF process.

Rey
Guest
Rey

Section V: Infrastructure Services, Q51: What statement is true about this configuration?

The answer should be C: the number 1 referred to in the ip inside source command references access-list number 1.

Agustin
Guest
Agustin

I had the exam last week. I gave it wrong. But 80% or more of the questions are here. Especially in section 8. My recommendation is to study a lot of labs, section 8 and all drag and drop

Andreea
Guest
Andreea

Hello,

I will go to the exam on 4 November. Could you please tell me if these dumps are still available?

Thank you very much!

tom
Guest
tom

Did you pass it?

Andreea
Guest
Andreea

Yes

tom
Guest
tom

Did you use another source except this website? Or just this questions are enough to pass it? Becase I’ll go memorize it. Thank you

ivan
Guest
ivan

Passed my exam past weekend. This site is very good, highly reccomend.

T.G.
Guest
T.G.

This is a great piece of job. I thank you all for taking the time to put this together. Very helpful. 🙂