You are on page 1of 9

I passed yesterday 10/26/2011 934/1000. Thanks to Nonentity and Viao (I owe you two).

Got 3 Labs (AAA, MLS EIGRP, LACP), 6 DND (ALL in nonentity s Cisco.ActualTes ts.642-813.v7.6.by.nonentity.346Q.Rev3), 2- voice and 1- wireless MCQ. Below are the questions encountered regarding voice and wireless. Life is Peachy Folks !! ! TSHOOT here I come :-) ==================Voice=========================================== QUESTION NO: 292 Which statement is true about voice VLANs? A. The voice VLAN feature is enabled by default. B. When the voice VLAN feature is enabled, all untagged voice and data traffic i s sent through the voice VLAN. C. The default CoS value is 1 for incoming voice and data traffic. D. The IP phone overrides the priority of all incoming data traffic (tagged and untagged) and sets the CoS value to 0. Answer: D QUESTION NO: 312 During voice implementation, which two required items are configured at an acces s layer switch connected to an IP phone to provide VoIP communication? (Choose two.) A. allowed codecs B. native VLAN C. auxiliary VLAN D. Cisco Unified Communications Manager IP address E. RSTP Answer: B,C =========Wireless============================================ QUESTION NO: 309 A standalone wireless AP solution is being installed into the campus infrastruct ure. The access points appear to boot correctly, however, wireless clients are not obtaining cor rect access. You verify that the local switch configuration connected to the access point appears as the following: interface ethernet 0/1 switchport access vlan 10 switchport mode access spanning-tree portfast mls qos trust dscp What is the most likely issue causing the problem? A. QoS trust should not be configured on a port attached to a standalone AP. B. QoS trust for switchport mode access should be defined as cos . C. switchport mode should be defined as trunk with respective QoS. D. switchport access vlan should be defined as 1?. Answer: C ================Other MCQ I remember (same on Byrant Post)================ QUESTION NO: 421 Which of the following will generate an RSTP topology change notification? (Sele ct the best answer.) A. an edge port that transitions to the forwarding state B. a non-edge port that transitions to the blocking state

Upon startup. disables trunking F. NSF combined with SSO enables supervisor engine load balancing C. C. any port that transitions to the forwarding state Answer: C QUESTION NO: 248 Which two characteristics apply to Cisco Catalyst 6500 Series Switch supervisor redundancy using NSF? (Choose two.E QUESTION NO: 333 hostname Switch1 interface Vlan10 . D. independent of SSO B. Answer: C QUESTION NO: 383 Which statement correctly describes the Cisco implementation of RSTP? A. the port transmits 10 BPDUs.F QUESTION NO: 381 Which statement correctly describes enabling BPDU guard on an access port that i s also enabled for PortFast? A. PortF ast and BPDU guard are disabled on that port and it assumes normal STP operation. Answer: B QUESTION NO: 377 Which two statements correctly describe VTP? (Choose two. Server mode can synchronize across VTP domains. supported by RIPv2. Convergence is improved by using sub-second timers for the blocking. Transparent mode always has a configuration revision number of 0. If the port receives a BPDU. B. any port that transitions to the blocking state F. enables port security C.) A. OSPF. Transparent mode cannot modify a VLAN database. IS-IS. Root and alternative ports transition immediately to the forwarding state. enables PortFast E. and EIGRP D. PortFast. dependent on FIB tables Answer: E.) A. Client mode synchronizes its VLAN database from VTP advertisements. Client mode cannot forward received VTP advertisements. UplinkFast. C. BPDU guard is only configured globally and the BPDU filter is required for po rt-level configuration. an edge port that transitions to the blocking state E. and forwarding port states. disables Cisco Discovery Protocol D. prevents route flapping F. it is placed into the error-disable state.D. The access port ignores any received BPDU. C. D.) A.D QUESTION NO: 338 What are three results of issuing the switchport host command? (Choose three. learning. RSTP is enabled globally and uses existing STP configuration. E. a non-edge port that transitions to the forwarding state D. D. enables loopguard Answer: A. disables EtherChannel B. and BackboneFast specific configurations are ignored in Rapid PVST mode. B. B. listenin g. supports IPv4 and IPv6 multicast E. Answer: A.C. If the port receives a BPDU.

110 standby 1 timers 1 5 standby 1 priority 120 HSRP was implemented and configured on two switches while scheduled network main tenance was performed.D QUESTION NO: 490 Which two statements are true about recommended practices in VLAN design? (Choos e two) A.32 255. Configure switch ports with the autostate exclude command. Configure a dynamic routing protocol. you issue th e show interfaces vlan 20 command at the CLI prompt.) A.255.255. E. booting delays B.255.10. D. To check the status of the SVI. B. After the two switches have finished rebooting. you notice via show commands tha t Switch2 is the HSRP active router. incorrect standby timers F.0 no ip redirects standby 1 ip 172. Configure switch ports with network addresses.0 no ip redirects standby 1 ip 172.16.10.255. standby group number does not match VLAN number C. What must be true in an SVI configuration to bring the VLAN and line protocol up? .110 standby 1 timers 1 5 standby 1 priority 130 hostname Switch2 interface Vlan10 ip address 172.B QUESTION NO: 352 You have configured a Cisco Catalyst switch to perform Layer 3 routing via an SV I and have assigned that interface to VLAN 20. Which two items are most likely the cause of Switch1 not bec oming the active router? (Choose two.16. routing should occur at the distribution Layer.ip address 172. VLANs should be localized to a single switch unless voice VLANs are being uti lized Answer: B. Document the MAC addresses of the switch ports. Routing should occur at the access layer if voice VLANs are utilized.10.D QUESTION NO: 375 Which two of the following steps are necessary to configure inter-VLAN routing b etween multilayer switches? (Choose two.16. IP addressing is incorrect D.33 255. Routing should not be performed between VLANs located on separate switches D. C. Answer: A. VLANs should be local to a switch E.) A. You see from the output display that the inte rface is in an up/up state.16. B. IP redirect is disabled Answer: A. Otherwi se. Routing may be performed at all layers but is most commonly done at the core and distribution layers C. premption is disabled E.10. Configure SVI interfaces with IP addresses and subnet masks.

Because this is a virtual interface. packet loss. VRRP is configured for group 11. B.233. The port must be physically connected to another Layer 3 device. CLI. Answer: C . E. D. jitter. D.ac0bARPAVlan10 A.f892ARPAVlan10 Internet172. Answer: B QUESTION NO: 380 Which two statements correctly describe characteristics of the PortFast feature? (Choose two. The Layer 3 routing protocol must be operational and receiving routing update s from neighboring peer devices. the operational status will always be in an up/up state. D. Answer: B. switchport access vlan should be defined as 1?. C. given the c ommand output in the exhibit? Switch# show ip arp ProtocolAddressAge(min)Hardware AddrTypeInterface Internet172. PortFast can also be configured on trunk ports.0c07.19-0000.2180000. however. HSRP is configured for group 11.233. C. F. PortFast is used for both STP and RSTP host ports. E. STP will be disabled on the port. and voice quality D.16.E QUESTION NO: 309 A standalone wireless AP solution is being installed into the campus infrastruct ure. D.D QUESTION NO: 347 Which statement best describes first-hop redundancy protocol status. Answer: C QUESTION NO: 317 Which two statements best describe Cisco IOS IP SLA? (Choose two. The first-hop redundancy protocol is not configured for this interface. B. B. C. PortFast is used for STP-only host ports. statistics provided by syslog. provides passive monitoring Answer: C. B.16.A. only implemented between Cisco source and destination-capable devices B. wireless clients are not obtaining cor rect access. You verify that the local switch configuration connected to the access point appears as the following: interface ethernet 0/1 switchport access vlan 10 switchport mode access spanning-tree portfast mls qos trust dscp What is the most likely issue causing the problem? A. measures delay. QoS trust for switchport mode access should be defined as cos .) A. and SNMP C. QoS trust should not be configured on a port attached to a standalone AP. The access points appear to boot correctly.0c59.1300ARPAVlan10 Internet172. At least one port in VLAN 20 must be active. HSRP is configured for group 10.2290000.) A.16. PortFast is required to enable port-based BPDU guard. only monitors VoIP traffic flows E. switchport mode should be defined as trunk with respective QoS. VRRP is configured for group 10.233. provides active monitoring F.0c63. GLBP is configured with a single AVF. C.

SW_B receives this error message on the console por t: 00:06:34: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/5 (not half duplex). B. There are 20 neighbors in the EIGRP neigbor table. enables LACP unconditionally B. C. Port Fa3/1 is eligible to so urce all DHCP messages and respond to DHCP requests. B. with SW_A FastEthernet0/4 (half duplex) . Fa2/2. What would be the possible outcome of the problem? A. Port Fa3/1 is eligible t o source all DHCP messages. Fa2/1. EIGRP status cannot be determined. what can you dete rmine regarding EIGRP routing being performed by the switch? A. Ports Fa2/1 and Fa2/2 source DHCP requests only. C. All three ports. Port Fa3/1 can source DHCP request only. B. Based on the output of the show command. enables PAgP only if a PAgP device is detected C.QUESTION NO: 457 ScreenShot Refer to the exhibit and the partial configuration of switch SW_A and SW_B. and Fa3/1. enables PAgP unconditionally D. The switch has not established any neighbor relationships. EIGRP is running normally and receiving IPv4 routing updates. D. D. DHCP snooping is enabled for selected VLANs to provide sec urity on the network. D. Ports Fa2/1 and Fa2/2 respond to DHCP requests only. The root port on switch SW_B will fallback to full-duplex mode. The command show ip eigrp topology would d etermine the routing protocol status. enables LACP only if a LACP device is detected Answer: C QUESTION NO: 341 Screenshot Refer to the exhibit. what can you determine about . Interface Fa 0/6 on switch SW_B will transition to a forwarding state and cre ate a bridging loop. Answer: D QUESTION NO: 359 ScreenShot Refer to the exhibit. The interfaces between switches SW_A and SW_B will transition to a blocking s tate. Answer: D QUESTION NO: 295 Screenshot Refer to the exhibit. Answer: C QUESTION NO: 461 Screenshot Refer to the exhibit. The root port on switch SW_A will automatically transition to full-duplex mod e. enables Etherchannel only E. Further network te sting and troubleshooting must be performed to determine the cause of the problem. Ports Fa2/1 and Fa2/2 are eligible to source all DHCP messages and respond to DHCP requests. C. are eligible to source all DHCP mes sages and respond to DHCP requests. From the configuration shown. What does the command channel-group 1 mode desirable do? A.How do the switch ports handle the DHCP messages? A.with TBA05071417(Cat6K-B) 0/4 (half duplex). STP is configured on all switches in the network.

B. Answer: E QUESTION NO: 338 What are three results of issuing the switchport host command? (Choose three. D.D QUESTION NO: 396 Which statement is correct about 802. F.) A. Answer: A QUESTION NO: 456 Which two statements are true about BPDU port-guard and BPDU filtering? (Choose two. E. B. except the native VLAN. Run a network audit to determine types of traffic in use on the network. the interface goes into the errdisabled state. D. When a BPDU is received on a BPDU filtering enabled port. Both switches must be in the same VTP domain. BPDU port-guard can be enabled globally. C. disables EtherChannel B. Answer: B. D. C. When globally enabled. BPDU port-guard and BPDU filtering apply only to trunk ing-enabled ports. B. Test the design on a pilot network for expected results prior to implementing on the production network. When globally enabled.) A. Launch campus updates into the production network and monitor impact to see i f configuration changes are needed. VLAN 502 will be a standalone VLAN because it is not associated with any othe r VLANs. all VLAN packets are tagged on the trunk link. B. the interface goes into the STP blocking state. The native VLAN on both ends of the trunk must be VLAN 1. When a BPDU is received on a BPDU port-guard enabled port. Users of VLANs 501 and 503 will be able to communicate. In 802. Only VLAN 503 will be the community PVLAN because multiple community PVLANs a re not allowed.the private VLAN configuration? A.1Q trunking. When a BPDU is received on a BPDU filtering enabled port. The encapsulation type on both ends of the trunk does not have to match.1Q trunking can only be configured on a Layer 2 port. the interface goes into the errdisabled state. VLAN 502 is a secondary VLAN. enables PortFast . disables Cisco Discovery Protocol D. C.1Q trunking? A. whereas BPDU filtering must be enabl ed on a perinterface basis. Answer: C ============================================================ QUESTION NO: 329 What is an important step to take when verifying a newly proposed network securi ty solution? A. enables port security C. BPDU port-guard and BPDU filtering apply only to PortF ast enabled ports. C. 802. E. Create an interruption of data flow to determine test back-door access methods. D.

D. The command will enable BPDU filtering on all ports regardless of whether the y are configured for BPDU filtering at the interface level. enables loopguard Answer: A. D. auxiliary VLAN D.E. Answer: D QUESTION NO: 299 Refer to the exhibit. allowed codecs B. RSTP Answer: B.) A. The IP phone overrides the priority of all incoming data traffic (tagged and untagged) and sets the CoS value to 0. The default CoS value is 1 for incoming voice and data traffic. Answer: B QUESTION NO: 312 During voice implementation. If BPDUs are received by a port configured for PortFast. they are ignored and none are sent.C QUESTION NO: 400 What is the effect of configuring the following command on a switch? Switch(config) # spanning-tree portfast bpdufilter default A. all untagged voice and data traffic i s sent through the voice VLAN. which two required items are configured at an acces s layer switch connected to an IP phone to provide VoIP communication? (Choose two.E QUESTION NO: 292 Which statement is true about voice VLANs? A. Router A is responsible for answering ARP requests sent to the virtual IP add ress. Cisco Unified Communications Manager IP address E. Answer: A QUESTION NO: 267 Refer to the exhibit. C. Which three statements accurately describe this GLBP topology? (Choose three. IP routing needs to be enabled on the switch. Encapsulation on the switch is wrong. If Router A becomes unavailable. B. C. then PortFast is dis abled and the BPDUs are processed normally. The native VLAN is wrong. the port will transi tion to forwarding state. The voice VLAN feature is enabled by default. When the voice VLAN feature is enabled. native VLAN C. Trunking needs to be enabled on Fa0/1. Router A alternately responds to ARP requests with different virtual MAC addr esses. Router B will forward packets sent to the vi rtual MAC address of Router A.) A. C. B. Router B will transition from blocking state to forwarding state when it beco mes the AVG. VLAN 1 needs the no shutdown command. disables trunking F.D. D. D. C. If BPDUs are received by a port configured for PortFast. Why are users from VLAN 100 unable to ping users on VLAN 2 00? A. If BPDUs are received by a port configured for Portfast. . B. E. B.

10.1/24 to VLAN3. On the basis of the information provided in the exhibit. Answer: A. Enable IP routing on the switch D-SW1. Port scanners are the most effective defense against dynamic ARP inspection. C. None of the other alternatives apply. w hich two sets of procedures are best practices for Layer 2 and 3 failover alignment? (Choose two. F. MAC spoofing. Router B is in GLBP listen state. Configure the D-SW2 switch as the standby HSRP router and backup STP root for al l VLANs. Because of the invalid timers that are configured. DSw2 will reply with the MAC address of the next AVF. VLAN3.1. C. Answer: A QUESTION NO: 3 Refer to the exhibit. F. servers are on VLAN 3 (10. Assign an IP address of 10.1. DSw1 will not reply. E. Answer: A QUESTION NO: 93 Which statement is true about Layer 2 security threats? A.0). is the most effective counter -measure against reconnaissance attacks that use dynamic ARP inspection (DAI) to determin e vulnerable attack points. ) A. Which statement is true? A. Answer: F QUESTION NO: 120 Refer to the exhibit. which configuration solution coul d rectify the problem? A. Because of the invalid timers that are configured.1 on each host.1. D. . DSw2 will not reply.3. Configure the D-SW1 switch as the active HSRP router and the STP root for all VLANs. DSw2 will reply with the IP address of the next AVF. Configure default gateways to IP address 10.C QUESTION NO: 261 Refer to the exhibit. DSw1 will reply with the IP address of the next AVF. C.1.1. ARP spoofing can be used to redirect traffic to counter dynamic ARP inspectio n. Configure default gateways to IP address 10. On the basis of the exhibited output.2 on each host.1.2. B.0). DSw1 will reply with the MAC address of the next AVF.1. Configure default gateways to IP address 200.10. and the ma nagement VLAN is on VLAN10 (10. Host A has sent an ARP message to the default gateway IP a ddress 10. D.0/24.0).1. E.10.1. and VLAN10 are configured on the switch D-SW 1.E. B. there would be two backup AV Gs. Host computers are on VLAN 2 (10.10. Hosts are able to ping each other but are unable to reach the servers. DHCP snooping sends unauthorized replies to DHCP queries. D. Configure a default route that points toward network 200. B.2.1. in conjunction with ARP snooping. If another router were added to this GLBP group.B. Dynamic ARP inspection in conjunction with ARP spoofing can be used to counte r DHCP snooping attacks.1 on each host.1. VLAN2. F.3. F. MAC spoofing attacks allow an attacking device to receive frames intended for a different network host. E. G.

Configure the D-SW1 switch as the standby HSRP router and the backup STP root for VLANs 12 and 120. F. C. Configure the D-SW1 switch as the active HSRP router and the backup STP root for VLANs 11 and 110. Encapsulation mismatch between switches. Configure the D-SW1 switch as the active HSRP router and the STP root for VLA Ns 11 and 110. D.F QUESTION NO: 300 Refer to the exhibit. E. Configure the D-SW2 switch as the active HSRP router and the backup STP root for VLANs 12 and 120. D. Subinterfaces should be created on Fa0/7 and Fa0/8 on DLS1. Configure the D-SW2 switch as the active HSRP router and the STP root for all VLANs.B. Configure the D-SW1 switch as the standby HSRP router and the STP root for VL ANs 11 and 110. What problem is preventing users on VLAN 100 from pinging addresses on VLAN 200? A. F. B. Native VLAN mismatch. No default route on DLS1. Trunking needs to be enabled. The ip routing command is missing on DLS1. C. E. Configure the D-SW2 switch as the standby HSRP router and the backup STP root for VLANs 11 and 110. Configure the D-SW2 switch as the active HSRP router and the STP root for V LANs 12 and 120. Configure the D-SW2 switch as the standby HSRP router and the STP root for VLANs 12 and 120. Answer: F . Configure the D-SW1 switch as the standby HSRP router and backup STP root for al l VLANs. Answer: C.