You are on page 1of 38

CCNP SWITCHING FINAL – STUDY GUIDE

In its network design, a company lists this equipment :

Two Catalyst 4503 Layer 3 switches

One 5500 security appliance firewall
Two Catalyst 6509 switches

Two lightweight access points

Two Catalyst 2960 switches

Which two types of devices from the list would be appropriate to use at the access layer to provide end-user connectivity? (Choose two.)

Catalyst 4503 switches

Cisco 5500 security appliance firewall

Catalyst 6509 switches

lightweight access points

Catalyst 2960 switches

What two traffic types must be included when calculating the bandwidth requirements to support a voice stream in an IP telephony network? (Choose two.)

voice queues

voice carrier stream

voice services traffic

call control signaling

routing updates

What are three properties of peer-to-peer applications? (Choose three.)

require dedicated bandwidth allocation

can be used in video conference applications

may require real-time interaction between peer devices

can be used to fulfill the requirements for IP phone calls

may require a direct physical connection between devices

require centralized authentication

What are the responsibilities of devices that are located at the core layer of the hierarchical design model? (Choose two.)

access list filtering

packet manipulation

high-speed backbone switching

interconnection of distribution layer devices

redundancy between the core devices only

A network designer must provide a rationale to a customer for a design that will move an enterprise from a flat network topology to a hierarchical network topology. Which two
features of the hierarchical design make it the better choice? (Choose two.)

reduced cost

scalability

less equipment required

higher availability

lower bandwidth requirements

During an evaluation of the currently installed network, the IT staff performs a gap analysis to determine whether the existi ng network infrastructure can support certain new
features. At which stage of the Cisco Lifecycle Services approach does this activity occur?

prepare phase

plan phase

design phase

implement phase

operate phase

optimize phase

Which phase of the Cisco Lifecycle Services strategy may prompt a network redesign if too many network problems and errors arise in the network?

prepare

plan

design

implement

operate

optimize

Which portion of the enterprise network provides access to network communication services for the end users and devices that are spread over a single geographic location?

enterprise edge

campus module

WAN module

Internet edge

data center

Which family of Cisco switches is specifically designed for data centers?

Catalyst 6500

Catalyst 2000

Nexus 7000

Catalyst 4500

What type of specialized memory is used to facilitate high performance switching in Cisco multilayer switches?

content-addressable memory (CAM)

ternary content addressable memory (TCAM)

address resolution protocol (ARP) memory

Cisco Express Forwarding (CEF) memory

Which Catalyst 6500 switch component integrates on individual line modules as well as on the supervisor engine?

CPU

Flash

ASIC

NVRAM

Which technology consistently increases CPU load on multilayer Catalyst switches?

quality of service (QoS)

access control lists (ACLs)

policy-based routing (PBR)

network address translation (NAT)

Which family of Cisco switches supports Fibre Channel over Ethernet (FCoE)?

Catalyst 4948G

Catalyst 4500

Catalyst 6500

Nexus 5000

Which family of Cisco switches supports the greatest number of slots?

Catalyst 4500

Catalyst 6500

Nexus 5000

Nexus 7000

Which two features are unavailable on a Layer 2 switch? (Choose two.)

use of ASICs

Internet Group Management Protocol (IGMP) snooping

QoS marking

Time to Live (TTL) decrementing

rewrite of the source and destination MAC addresses

What is the purpose of the Cisco Enterprise Architecture?

It replaces the three-layer hierarchical model with a flat network approach.

It provides an enterprise-wide system network architecture that helps protect, optimize, and grow the network infrastructure that supports the business processes of a
company.

It provides services and functionality to the core layer by grouping various components into a single component that is located in the access layer.

It reduces overall network traffic by grouping server farms, the management server, corporate intranet, and e-commerce routers in the same la

On what is Layer 3 switching fundamentally based?

access control

the ability to circumvent CPU processing

software-based forwarding

Parallel eXpress Forwarding (PXF) A user needs to access a file server that is located in another department. Which layer of the Cisco Hierarchical Network Model will process the traffic first? access core distribution control Refer to the exhibit. Which option correctly describes the function of a switch that is configured in VTP transparent mode? option 1 option 2 option 3 option 4 option 5 Refer to the exhibit. How should SW2 be configured in order to participate in the same VTP domain and populate the VLAN infor mation across the domain? .

Configure switch SW2 with the same VTP domain name that SW1 has . Configure switch SW2 with VTP version 1. a network administrator included switch SW2 in the network. Configure switch SW2 with the higher revision number. During the network upgrade process. A server is only allowed to communicate with its default gateway and other related servers. Switch SW2 should be configured as a VTP server with a higher revision number A network administrator is tasked with protecting a server farm by implementing private VLANs (PVLANs). Which type of PVLAN should be configured on the switch ports that connect to the servers? isolated promiscuous secondary VLAN community Refer to the exhibit. Immedia tely afterward. what could be done to remedy the problem? Configure switch SW2 in VTP client mode. Based on the show vtp status command outputs that are provided. Switch SW2 should be configured for VTP version 1. Switch SW2 should be configured as a VTP client. the users on VLAN10 who were connected to SW10 lost connectivity to the network. Switch SW2 should be configured with no VTP domain password.

Ports Fa3/34 and Fa3/35 will be defined as primary VLAN promiscuous ports . Fa3/2. and Fa3/35 on DSW1 will be defined as primary VLAN promiscuous ports. Ports Fa3/1. Ports Fa3/1 and Fa3/2 on DSW1 will be defined as secondary VLAN isolated ports. Before a trunk link has been connected between the two switches SW1 and SW2. Fa3/34. which causes pruning of all VLANs from the trunk port. Ports Fa3/1 and Fa3/2 on DSW1 will be defined as secondary VLAN community ports. For security reasons. Switch SW2 has a higher VTP server revision number. a network administrator issued the show vtp status command as displayed in the exhibit. Fa3/2. which causes deletion of the VLAN information in the VTP domain Refer to the exhibit.Refer to the exhibit. Which configuration will isolate the servers from inside attacks? Ports Fa3/1. all users lost connectivity to the network. Switch SW2 receives more VLANs from switch SW1 than can be supported. Ports Fa3/34 and Fa3/35 will be defined as pr imary VLAN promiscuous ports. The web servers WS_1 and WS_2 need to be accessed by external and internal users. Switch SW2 was tested in a lab environment and later inserted into the production network. Fa3/34. Switch SW2 has the pruning eligible parameter enabled. and Fa3/35 on DSW1 will be defined as primary VLAN community ports. the servers do not have to communicate with each other although they are located on the same subnet. Both servers need to communicate with the data server that is locate d on the inside network. What could be the possible reason for the problem? The switches can exchange VTP information only through an access link. Immediately after the switches were interconnected.

Refer to the exhibit. All isolated VLANs should be in the same primary VLAN. given that one end of the link is configured with PAgP mode desirable. An access port is associated with a single VLAN. An access port is created with the switchport mode access command and then associated with a VLAN with the switchport access vlan command. What private VLAN design should be implemented? All servers should be configured in separate isolated VLANs. Both the community and isolated VLANs should be in the same primary VLAN When configuring an EtherChannel. The web server and the SMTP server need to communicate with the Internet.) off on desirable auto Which three effects does the interface command switchport host have when entered on a switch? (Choose three.1q encapsulation associated with it. but for security purposes the web and the SMTP servers should not be reachable from the DNS servers. An access port should have the 802. Both the community and isolated VLANs should be part of the primary VLAN. The web and SMTP servers should be configured in a community VLAN.) A switch port can become an access port through static or dynamic configuration. The DNS1 and DNS2 servers should be configured in a community VLAN. An access port created with the switchport mode access command will send DTP frames by default. The DNS1 and DNS2 servers should be configured in an isolated VLAN. The web and SMTP servers should be configured in an isolated VLAN. The VLAN that the access port is assigned to will be automatically deleted if it does not exist in the VLAN database of the s witch . The DNS servers DNS1 and DNS2 are redundant copies so they need to communicate with each other and to the Internet. All servers should be configured in separate community VLANs.) sets the switch port mode to access enables BPDU guard enables spanning tree PortFast enables root guard disables channel grouping enables BPDU filtering What are three characteristics of a VLAN access port? (Choose three. which PAgP modes can be configured on the opposite end of the link in order to form an active channel? (Choose two. All community VLANs should be in the same primary VLAN.

A network administrator is unable to ping between two workstations. Both workstations are in the default VLAN. The VLAN interface is administratively shut down.Refer to the exhibit. PC1 and PC2. which statement is true? Both workstations are on the same VLAN. Inter-VLAN routing is not properly configured. Given the output of the show vlan command. PC1 is connected to port Fa0/19. that are connected to switch3548. PC2 is connected to a trunk port instead of an access port . and PC2 is connected to port Gi0/2.

Refer to the exhibit. What is the problem betwee n the connection on Switch1 and Switch2? encapsulation mismatch switchport mode mismatch MTU mismatch VTP mismatch DTP mismatch native VLAN mismatch . Switch1 and Switch2 are unable to establish an operational trunk connection.

Interface Fa0/1 is configured for 802.1Q trunking Refer to the exhibit. Both switches will initiate channeling negotiation and will form a channel between them. Given the exhibited command output.Refer to the exhibit. Interface Fa0/1 is configured as an SVI. Neither switch will initiate channeling negotiation and will not be able to form a channel between them. Both SW1 and SW2 are configured with the PAgP desirable mode. Neither switch will initiate channeling negotiation but will form a channel between them . Which statement is true? Both switches will initiate channeling negotiation and will not be able to form a channel. Interface Fa0/1 is configured as an access port. which statement is true? Interface Fa0/1 is configured for ISL trunking.

High availability is made possible because local VLAN traffic on access switches can now be passed directly to the core switc hes across an alternate Layer 3 path.) . LACP will not form a channel between the switc hes. Given the configuration information of the CAT1 and CAT2 switches. LACP will form a 200-Mb/s channel between the switches Which two items are benefits of implementing local VLANs within the Enterprise Architecture? (Choose two. Local VLANs are limited to the access and distribution layer Which two statements describe Cisco best practices for VLAN design? (Choose two. Because the channel-group commands on SW2 should be set to "on.) Local VLANs should extend no further than the local core router. which statement is true? LACP will form a channel between the switches.) A single VLAN can extend further than its associated distribution-layer switch. Local VLANs eliminate the need for redundant access to distribution layer links. Local VLANs provide a simple design that is easy to troubleshoot Which two statements are true about the 802. Failures at Layer 2 are isolated to a small subset of users. Because the port-channel numbers do not match. Local VLANs should extend no further than the local distribution layer switch." LACP will not form a channel between the switches.Refer to the exhibit. Layer 3 routing between VLANs can now be applied at the access layer.1Q trunking protocol? (Choose two.

Local VLANs should be advertised to all switches in the network Refer to the exhibit. Local VLANs do not extend beyond the building distribution layer.1D spanning tree for all VLANs. Local VLANs should be created based upon the job function of the end user. VLAN 100 has no active access ports One switch in a Layer 2 switched spanning-tree domain is converted to PVRST+ using the spanning-tree mode rapid-pvst global configuration mode command. The native VLAN interface configurations must match at both ends of the link or frames could be dropped In the context of the Enterprise Composite Architecture.1D BPDUs. but does not participate as a node in any spanning tree. Private VLAN configurations are not supported. It is a proprietary protocol that is supported on Cisco switches only. The remaining switches are running PVST+. Untagged frames will be placed in the configured native VLAN of a port. The PVSRT+ reverts to PVST+ to interoperate with the PVST+ switches . Which two statements are true about the switch CAT2? (Choose two. which statement is true about best-practice design of local VLANs? Local VLAN is a feature that has only local significance to the switch. Six VLANs were either manually configured on the switch or learned via VTP. VLAN 100 is in dynamic desirable mode. Interfaces Fa0/13 and Fa0/14 are in VLAN 1. What is the effect on the spanning-tree operation? Spanning tree is effectively disabled in the network. All switches default to one 802.) Eleven VLANs were manually configured on the switch. The PVRST+ switch forwards 802. Interfaces Fa0/13 and Fa0/14 are in an unspecified VLAN.

The forward delay timer has been changed from the default value.1D behavior is shown . Standard IEEE 802.1D IEEE 802.w IEEE 802. What implementation of spanning tree best describes the spanning-tree operational mode of the switch? IEEE 802. IEEE 802.1w is enabled on VLAN 1. What conclusion does the output support? PortFast is enabled on interface Fa0/6.1s PVRST+ Refer to the exhibit.Refer to the exhibit.

DLS1 is the root bridge for instance 1.) port costs on trunk ports configuration name revision number . After the sequence of commands is entered. how many VLANs will be assigned to the default instance? 4094 4064 4062 4061 Refer to the exhibit.Refer to the exhibit. Interface Fa0/12 will move into the errdisable state if a BPDU is received. What two conclusions does the output show to be true? (Choose two.1s on instance 1.) DLS1 is running IEEE 802.1D on instance 1. DLS1 is running IEEE 802. Interfaces Fa0/1 through Fa0/6 are trunk ports Which three parameters should match all switches within an MST region? (Choose three.

The port will be disabled and the administrator must re-enable it manually.) Confirm MAC port security is enabled on all access switches. However. Switch SW1 is receiving traffic from SW2. Which STP feature should be implemented to prevent inadvertent loops in the network? UDLD PortFast BPDU guard BPDU filtering Which interfaces should loop guard be enabled on? root ports designated ports root port and alternate ports ports configured with PortFast root port and ports configured with PortFast What will happen when a BPDU is received on a loop guard port that is in a loop-inconsistent state? The port will transition to blocking state. The port will transition to the appropriate state as determined by the normal function of the spanning tree . Verify that the management VLAN is properly configured on all root bridges. trunk encapsulation method bridge priority VLAN-to-instance mappings Users complain that they lost connectivity to all resources in the network. The port will transition to forwarding state automatically. Check the port utilization on devices and look for abnormal values. Ensure that the root guard and loop guard are properly configured on all distribution links Refer to the exhibit. Capture the traffic on the saturated link and verify if duplicate packets are seen. SW2 is not receiving traffic from SW1. Which two actions will determine the existence of the bridging loop? (Choose two. A network administrator suspects the presence of a bridging loop as a root cause of the problem.

the user on workstation A lost connectivity to the rest of the network. Administratively disable ports that should be blocking and check to see if connectivity is restored. The port on switch A that connects to switch B is half duplex. PAgP has removed port 2/1 from the EtherChannel bundle. Adjust BPDU timers so that there is less overhead traffic on the switching fabric. Capture traffic on a saturated link and check whether identical frames are traversing multiple links Which statement is true about UDLD? It is automatically enabled. Switch B may unblock its port to switch C. BPDUs may not successfully negotiate port states on the link between switch A and switch B. thereby creating a loop. the administrator received the console message: %SPANTREE-2-RX_PORTFAST:Received BPDU on PortFast enable port. Autonegotiation results in both switch A and switch B failing to perform carrier sense.Disabling 2/1 What is the cause of the problem? STP PortFast feature has been disabled on port 2/1.Refer to the exhibit. Recently. and switc h B is not.) Administratively create bridge loops and see what path the traffic takes. Spanning tree will keep re-calculating.) Switch B will become the root switch. thereby consuming all the CPU normally used for traffic Refer to the exhibit. Check each side of a point-to-point link for duplex mismatch. STP is configured on all switches in the network. The STP PortFast BPDU Guard feature has disabled port 2/1 on the switch What are three important steps in troubleshooting STP problems? (Choose three. Switch A is performing carrier sense and collision detection. At the same time. Administratively disable multicasting and check to see if connectivity is restored. The port on switch B that connects to switch A is full duplex. STP is enabled on all switches in the network. What are three problems that this scenario could create? (Choose three. . STP PortFast feature has been enabled on port 2/1.

RSTP is capable of reverting back to 802. Root guard should be configured on all ports on the desired root bridge to prevent another bridge from becoming the root. RSTP elects a root bridge in exactly the same way as 802. It allows devices to transmit traffic one way.1w Rapid Spanning Tree (RST) algorithm to multiple spanning trees? STP RSTP+ CST MST Which protocol should an administrator recommend to manage bridged links when the customer requires a fully redundant network that can utilize load balancing technologies and reconverge on link failures in less than a second? . Root guard re-enables a switch port once it stops receiving superior BPDUs. It will disable an EtherChannel bundle if one link has failed. There are only three RSTP port states: discarding. If a root guard enabled port receives a inferior BPDU from a nonroot switch. RSTP is recognized as the IEEE 802.) An RSTP BPDU carries information about port roles and is sent to neighbor switches only. the port transitions to the blocking state to pr event a root bridge election What happens when a switch running IEEE 802. listening.1w standard. The switch uses the max-age timer to age out entries in the MAC address table.1D but still maintains the benefits of 802. and forwarding. It allows a switch to detect a unidirectional link and shut down the affected interface Which two statements are true about STP root guard? (Choose two.1D. Root guard requires that PortFast be enabled on a switch port.1w. The switch uses the forward delay and the max-age timer to age out entries in the MAC address table Which STP timer defines the length of time spent in the listening and learning states? hello time forward aging forward delay max age max delay Which three statements about RSTP are true? (Choose three.) Root guard is enabled on a per-port basis. UplinkFast and BackboneFast are compatible with RSTP Which protocol extends the IEEE 802.1D receives a topology change message from the root bridge? The switch uses the forward delay timer to age out entries in the MAC address table. The switch uses the hello to age out entries in the MAC address table.

Which DHCP message to the client will provide the configuration pa rameters that include an IP address. and a lease for the IP address? DHCPDISCOVER DHCPOFFER DHCPREQUEST DHCPACK A DHCPREQUEST message has been sent from the client to the DHCP server. a domain name. The client accepts the offer from the DHCP server for the 10. which statement is true? The client sends a DHCPDISCOVER that contains IP address 10.1.10.21 IP address What is an advantage to using a trunk link to connect a switch to an external router that is providing inter-VLAN routing? works with any switch that supports VLANs and trunking lowers latency provides redundancy to the VLANs reduces CPU overhead . What information is included in the message? initial message to locate a DHCP server formal request for the offered IP address confirmation that the IP address has been allocated to the client denial message to reject the first offer from the DHCP server Refer to the exhibit.10. The client sends the BOOTREPLY broadcast message to inquire for a new IP address.1Q (CST) IEEE 802. The client sends a DHCPREQUEST that contains IP address 10.1s (MST) Cisco PVST+ IEEE 802.21 to the DHCP server. Based on the debug ip dhcp server packet output.21 to the DHCP server. IEEE 802.10.1.1D(STP) client sends a request for an IP address to a DHCP server.1.

Two static routes should be configured on the router. each pointing to each subnet.Refer to the exhibit and the partial configuration taken on router RTA. It should contain routes to the 10.0.10.10.1/24 and a secondary IP address of 10.0/24 networks.0. It will show one trunking route to 10.5. The router has been properly configured for the trunking interface. the routing table of the router will not show routes to either VLAN . The subinterfaces of the router should be configured with 802.1Q encapsulation Refer to the exhibit. The Fa0/0 interface should be configured with a primary IP address of 10. What should be done to fix the problem? A dynamic routing protocol should be configured on the router.1/24.10.0/8. Because the switch is not configured properly to trunk VLAN 1 and VLAN 2.11. Which statement is true about the routing table on the router? It will show a next hop address of the switch for both VLANs.0/24 and the 10. Because the switch port fa0/1 is in access mode.10.10. the routing table of the router will not show any routes .10. Users on VLAN 5 cannot communicate with the users on VLAN 10.

The default gateway for hosts on VLAN 10 should be the Fa0/0 IP address of the router. A routed switch port provides an interface that may provide a Layer 3 connection to a next-hop router. To create an SVI requires removal of Layer 2 port functionality with the no switchport interface configuration command Which three statements about a routed switch interface are true? (Choose three. A routed port is a physical switch port with Layer 2 capability. A routed switch port is a virtual Layer 3 interface that can be configured for any VLAN that exists on a Layer 3 switch.2 IP address of the router. By default.Refer to the exhibit. The default gateway for hosts on VLAN 10 should be the Fa0/0.) A routed port behaves like a regular router interface and supports VLAN subinterfaces. the router will not forward packets between workstations. an SVI is created for the default VLAN (VLAN1).) A routed switch port is a physical device that is associated with several VLANs. A routed port is not associated with a particular VLAN. The default gateway for hosts on VLAN 10 should be the Fa0/0.) An SVI behaves like a regular router interface but does not support VLAN subinterfaces. The interface vlan global configuration command is used to create a routed port Which two statements are true about switched virtual interfaces (SVI) on a multilayer switch? (Choose two. A routed switch port is created by configuring a Layer 2 port with the no switchport interface configuration command and assigning an IP address. Because their packets are being trunked. To create a routed port requires removal of Layer 2 port functionality with the no switchport interface configuration command. A routed switch port is created by entering VLAN interface configuration mode and assigning an IP address. . Which statement is true regarding the diagram and show ip route command output? Because no routing protocol has been configured. hosts on VLAN 10 do not need a default gateway Which two statements are true about routed ports on a multilayer switch? (Choose two.1 IP address of the router. Only one SVI can be associated with a VLAN. An SVI is a physical switch port with Layer 3 capability.

The router replaces the broadcast destination IP address of the DHCP request with the unicast IP address that is specified wi th the ip helper-address command. All users can ping their gateways. each with ISL encapsulation. A routed switch port can serve as a default gateway for devices Refer to the exhibit and the partial configuration taken on routers RTA and RTB. RTA interface Fa0/1 and RTB Fa0/1 should be configured with three subinterfaces.1Q encapsulation Which statement describes what occurs when a DHCP request is forwarded through a router that has been configured with the ip helper-address command? The router replaces the source MAC address included in the DHCP request with its own MAC address. What should be done to solve the problem? A dynamic routing protocol or static routes should be configured on the routers. The router replaces the source IP address of the DHCP request with the IP address that is specified with the ip helper-address command. A trunk should be configured between routers RTA and RTB. which respo nse will enable the client to begin using the assigned address immediately? DHCPACK DHCPREQUEST DHCPOFFER DHCPDISCOVER . The router replaces the unicast destination IP address of the DHCP request with the unicast IP address that is specified with the ip helper-address command A client computer is set up for DHCP and needs an IP configuration. During the DHCP client configuration process. but users on VLAN 5 and VLAN 10 cannot communicate with the users on VLAN 20. RTA interface Fa0/1 and RTB Fa0/1 should be configured with three subinterfaces. each with 802.

The TCAM table is flushed and reactivated.2.2. The adjacency table eliminates the need for the ARP protocol.1. The FIB table is cleared with the clear fib adjacency * command. The ip dhcp information option command is required on interface Fa0/1. What additional configuration is required for host A to receive IP configuration from the DHCP server? The ip address dhcp command is required on interface Fa0/0. The routing table entry for a prefix changes Which condition will cause a packet to be process-switched instead of CEF switched? packets that are switched to an outgoing interface with an outbound ACL applied packets with a destination interface that is chosen by a routing protocol packets that need to be fragmented on the outgoing interface packets with a destination interface that is chosen by a static route packets that use TCP header options Which statement is true about the CEF forwarding process? The FIB table contains the Layer 2 rewrite information. After an IP prefix match is made.1.2.Refer to the exhibit.10. ages out.10 Which three events will cause the Forwarding Information Base (FIB) table to be updated? (Choose three. The ip forward-protocol 37 global configuration command is required to forward DNS requests to IP address 10.10. The IP packets have an expiring TTL counter. or is removed. the process determines the associated Layer 2 header rewrite information from the adjacency table .10 command is required on interface Fa0/0. The routing table entry for the next hop changes.) An ARP entry for the destination next hop changes. The ip helper-address 10.2.1.1. The ip forward-protocol 67 global configuration command is required to forward DHCP requests to IP address 10. The ip forward-protocol 69 global configuration command is required to forward TFTP requests to IP address 10. Adjacency table lookups use the closest Layer 3 prefix match.

10.10.10. A single TCAM lookup provides Layer 2.1 10.2 Refer to the exhibit and the show ip cef output. TCAM lookup tables are used only for the rapid processing of ACLs within CEF Refer to the exhibit. The cached adjacency address is 10.5.1.10.2 10.0/24 is correct.10.0/24 have not been processed by CEF .10.1 10. The next hop address is 10.10.10.10.1. Layer 3. An administrator wants to ensure that CEF is functioning properly on the switches between hosts A and B.5. The output shows that packets destined to 10.10. and ACL information TCAM lookup tables are used only for the Layer 3 forwarding operation.What is true about TCAM lookups that are associated with CEF switching? TCAM includes only Layer 3 lookup information.0/24 on Sw_MLSA.5. what should the adjacency IP address be? 10.5.10. What can be concluded from the output? The output validates that the CEF FIB entry for 10.5. If the administrator wants to verify the CEF FIB table entry for the route 10.10.10.

The router is currently forwarding packets.21. It tracks the state of the Serial0/0/0 interface on R1 and brings down the priority of standby group 1 if the interface goes down Refer to the exhibit.168.168. What action does the command standby 1 track Serial0/0/0 on router R1 perform? It links the default gateway virtual address 192. What statement is true about the output of the show standby command? The current priority of this router is 120.Refer to the exhibit.10 to the IP address 192.21.31.2 on interface Serial0/0/0. This router is in the HSRP down state because its tracked interfaces are down . This router is tracking two properly operating interfaces.168.42.10 to the IP address 192.1 on interface Serial0/0/0. It tracks the state of the Fa0/0 interface on R1 and brings down the priority of standby group 1 if the interface goes down.168. It links the default gateway virtual address 192.

The IP address of the real server is never announced to the external network How is server IP addressing handled by Cisco IOS server load balancing (SLB) in dispatched mode? The default gateway address for the subnet is assigned to the virtual server. Router R2 is the master for Host3 and Host4. switch DSw1 returns the physical MAC address of switch DSw2 Refer to the exhibit. which relies only on MAC addresses. Switch DSw1 assigns the virtual IP addresses to switch DSw2. and router R2 is the backup for all hosts in the group. Router R1 is the master for Host1 and Host2.) GLBP is a Cisco proprietary protocol and is supported on all Cisco Catalyst and Cisco router platforms. Because of incorrect configuration of the default gateway on the hosts. none of the routers is the master for the VRRP group How does Cisco IOS server load balancing (SLB) enhance security of a real server? The IP address of the real server is not needed with IOS SLB. Based on the provided configuration. which two GLBP statements are true? (Choose two. Switch DSw2 has been configured with the glbp 1 priority 95 command. Router R2 is the backup for Host3 and Host4. Switch DSw1 is the active virtual gateway (AVG) and DSw2 is an active virtual forwarder (AVF). Two more multilayer switches could join this group. Router R1 is the master for Host3 and Host4.Refer to the exhibit. Based on this information. None of the switches have had their priority configured. which routers are the master and the backup virtual routers for the hosts that are connected to the VRRP group 1? Router R1 is the master for all hosts. The IP address of the real server is translated with Network Address Translation (NAT). When host A sends an ARP message for the gateway IP address. . The IP address of the real server is advertised as part of a distinct network.

Define the server farm. Based on the output. how many virtual servers are required? zero one two three four five Refer to the exhibit. The real servers are configured with IP addresses that differ by a power of 2 What three steps will configure Cisco IOS server load balancing (SLB) in a server farm that is in a data center with real servers? (Choose three.) Globally enable IOS SLB. Associate the real server with the server farm. Define the virtual IP address. What is the effect of the serverfarm RESTRICTED command? associates the primary serverfarm RESTRICTED_HTTP to the virtual server RESTRICTED enables the virtual server RESTRICTED_HTTP associates the primary serverfarm RESTRICTED to the virtual server RESTRICTED_HTTP enables the virtual server RESTRICTED . The virtual server is assigned an IP address unknown to any of the real servers. The real servers are configured with the virtual server address as loopback addresses or secondary IP addresses. Enable the real server and define it to be used for the server farm Refer to the exhibit. Add a trunk link to the switch to connect the real servers.

1 %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/3 (not half duplex).1. From the syslog output. changed state to down Mar 17 06:42:22: 10.1. changed state to up Refer to the exhibit. defines the virtual server RESTRICTED defines the virtual server RESTRICTED_HTTP Which syslog entry has a severity code that indicates the most serious situation? Mar 17 06:03:21: 10. changed state to down Mar 17 06:43:02: 10.1.1 %SYS-5-CONFIG_I: Configured from console by mwmwm on vty0 (192.168.1 %LINK-3-UPDOWN: Interface FastEthernet0/3.254.1. what option is set on the switch sending the messages? The sequence number is set.16. The logging facility number is set to sys12 What SNMP attribute provides the best security? authNoPriv authPriv community string noAuthNoPriv SNMPv2 Refer to the exhibit. Mar 17 06:42:22: 10.1. The logging severity level is set to 3.1.1 %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3. Which feature does a SNMP manager need in order to set a parameter on switch ACSW1? a manager using an SNMP string of K44p0ut a manager using host 172.1 %SYS-6-BOOTTIME: Time taken to reboot after reload = 551932 seconds Mar 17 06:42:20: 10.1.1.com FastEthernet0/24 (half duplex).1 %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/3.30. with NA-1.5) Mar 17 06:42:21: 10.50 a manager using SNMPv1.1. The time stamp is set for uptime.foo.1. 2.1. or 2c a manager using authPriv .128.1.

A third distribution switch should be installed to create redundancy in the event the root bridge fails Refer to the exhibit. A Layer 2 access link is required between the two access switches to ensure optimal redundancy. what two events can trigger a switchover from the active to the standby Supervisor Engine? (Choose two.) clock synchronization failure between the Supervisor Engines loss of packets from the root bridge an RP or SP crash on the active Supervisor Engine frames received on a port that is in blocking mode port failure . Which statement is correct about the network? A Layer 3 link should be installed between the two distribution switches to avoid unexpected traffic paths and multiple convergence events. to keep a backup copy of the latest MAC table in the event of RAM failure. The root bridge and HSRP active router should be two different devices. Which statement is true about best practice and the exhibited network design? The Layer 2 VLAN number should be mapped to the Layer 3 subnet for ease of use and management.Refer to the exhibit. The HSRP active router for VLAN 55 and VLAN 60 should be the same switch. to move switch ports that are currently in blocking mode to forwarding mode with minimal packet loss When using RPR. A Layer 2 access port should be placed between the access switches. The uplink between the access switches and the distribution switches should be trunk links What is the main purpose of implementing Cisco NSF? to continue forwarding IP packets following an RP switchover to forward all STP updates to all switches in the network.

IP SLA operation 100 has stopped monitoring the target device. A router in the speak state sends periodic hello messages and actively participates in the election of the active or standby router. The router in the standby state is a candidate to become the next active router. IP SLA operation 100 had 211 successful replies from the target device Which two statements are true about the Hot Standby Router Protocol (HSRP)? (Choose two. A port can be configured to act as a source and destination port for a single SPAN session. as necessary Which statement is true about a local SPAN configuration? A port can act as the destination port for all SPAN sessions configured on the switch. What is considered a best practice for an optimal redundant network? Access switches should have redundant connections to redundant distribution switches. Three distribution switches should be implemented so that the third switch can take the role of active or standby. IP SLA operation 100 has been incorrectly configured.Refer to the exhibit. IP SLA operation 99 had 211 successful replies from the target device. Both Layer 2 and Layer 3 switched ports can be configured as source or destination ports for a single SPAN session.) A router in the speak state sends periodic hello messages to all routers in the group to acquire a virtual IP address. The router that is not the standby or active router will remain in the speak state. Port channel interfaces (EtherChannel) can be configured as source and destination ports for a single SPAN session . A router in the standby state forwards packets that are sent to the group virtual MAC address. Access switches should have a backup connection to at least one core device Dual distribution switches should connect individually to separate core switches. Which IP SLA statement is true? IP SLA operation 99 has been incorrectly configured. IP SLA operation 99 has stopped monitoring the target device.

Refer to the exhibit. but only if port Fa3/1 is configured in VLAN 10. An attacker. The SPAN session transmits to a device on port Fa3/21 a copy of all traffic that is monitored on port Fa3/1. SW2. A network engineer is securing a network against DHCP spoofing attacks. On all switches. The VSPAN session transmits a copy of the ingress traffic for VLAN 10 and the egress traffic for VLAN 20 out interface Fa3/4 Which configuration guideline applies to using the capture option in VACL? Capture ports transmit traffic that belongs to all VLANs. The capture port captures all packets that are received on the port. Issue the ip dhcp snooping trust command on all interfaces on SW1. Issue the ip dhcp snooping trust command on all interfaces on SW2 and SW3. The SPAN session transmits to a device on port Fa3/21 only a copy of unicast traffic that is monitored on port Fa3/1. Which statement is true about the local SPAN configuration on switch SW1? The SPAN session transmits to a device on port Fa3/21 a copy of all traffic that is monitored on port Fa3/1. All multicast and BPDU frames will be excluded from the monitoring process Refer to the exhibit. What additional step should be taken to configure the security required on the network? Issue the ip dhcp snooping trust command on all uplink interfaces on SW1. The switch has a restriction on the number of capture ports. and SW3. Issue the ip dhcp snooping trust command on all interfaces on SW1. but only if port Fa3/1 is configured as trunk. connected to one of the ports. Port Fa3/4 must be associated with VLAN 10 or VLAN 20 in order to monitor the traffic for any of the VLANs. SW2. Which statement is true about the VSPAN configuration on switch SW1? The VSPAN session that is configured on port Fa3/4 can monitor only the ingress traffic for any of the VLANs. The capture port needs to be in the spanning-tree forwarding state for the VLAN All access ports on a switch are configured with the administrative mode of dynamic auto. sends a malicious DTP frame. and SW3 except interface Fa0/1 on SW1 . the engineer applied the ip dhcp snooping command and enabled DHCP snooping on all VLANs with the ip dhcp snooping vlan command. The VSPAN session that is configured on port Fa3/4 can monitor only the egress traffic for any of the VLANs. What is the intent of the attacker? VLAN hopping DHCP spoofing attack MAC flooding attack ARP poisoning attack Refer to the exhibit. SW2 and SW3. The SPAN session transmits to a device on port Fa3/21 a copy of all traffic that is monitored on port Fa3/1.

10.12 key secret SW-1(config)# aaa authentication default group-radius enable local SW-1(config)# aaa new-model SW-1(config)# radius-server host 10.10.10. which three statements are correct? (Choose three. what is the end result? forces all hosts that are attached to a port to authenticate before being allowed access to the network disables 802. the enable password as the second method.) .12 key secret SW-1(config)# aaa authentication login default group radius enable local SW-1(config)# aaa new-model SW-1(config)# radius server host 10. and the local database as the final method? SW-1(config)# aaa new-model SW-1(config)# radius-server host 10. Configure them with the PAgP protocol. Which configuration would create a default login authentication list that uses RADIUS as the first authentication method. Given the configuration on the ALSwitch.10. Given the information in the exhibit. Configure them as trunk ports for the native VLAN 1. based on the valid MAC-address-to-IP address bindings stored in a DHCP snooping database? DHCP spoofing dynamic ARP inspection CAM table inspection MAC snooping How should unused ports on a switch be configured in order to prevent VLAN hopping attacks? Configure them with the UDLD feature.10. Network policy dictates that security functions should be administered using AAA.12 key secret SW-1(config)# aaa authentication login default group radius enable local none SW-1(config)# aaa new-model SW-1(config)# radius server host 10.10.10.10.1x authentication Refer to the exhibit.1x port-based authentication and causes the port to allow normal traffic without authenticating the client enables 802.12 key secret SW-1(config)# aaa authentication login default group-radius enable local none Refer to the exhibit. A switch is being configured to support AAA authentication on the console connection. Configure them as access ports and associate them with an unused VLAN Refer to the exhibit.10.1x authentication on the port globally disables 802.10.Which countermeasure can be implemented to determine the validity of an ARP packet.12 key secret SW-1(config)# aaa authentication default group-radius local SW-1(config)# aaa new-model SW-1(config)# radius-server host 10.

frames that are bound for the node on port FastEthe rnet 0/1 are periodically being dropped. Use the switchport mode trunk command in the interface configuration. and none as the last method. Change the port speed to speed auto with the interface configuration mode. the local username database as the second method.) to initiate a man-in-the-middle attack to initiate a denial of service (DoS) attack to capture data from the network to gather network topology information to exhaust the address space available to the DHCP Refer to the exhibit. After the configuration has been applied to ACSw22. The none keyword specifies that a user cannot log in if all other methods have failed What is one way to mitigate spanning-tree compromises? Statically configure the primary and backup root bridge. The login authentication admin line console command is required. Remove the switchport command from the interface configuration . Configure MAC address VLAN access maps. and none as the last method. What should be done to correct the issue? Add the switchport port-security mac-address sticky command to the interface configuration. the enable password as the third method. The configuration creates an authentication list that uses a named access list called group as the first authentication method. the enable password as the fourth method. Enable root guard. Place all unused ports into a common VLAN (not VLAN 1). The configuration creates an authentication list that uses a TACACS+ server as the first authentication method. Implement private VLANs. a TACACS+ server as the second method. Implement private VLANs What are two purposes for an attacker launching a MAC table flood? (Choose two. The none keyword enables any user logging in to successfully authenticate if all other methods return an error. The authentication login admin line console command is required. the local username database as the third method. Configure MAC address VLAN access maps What is one way to mitigate ARP spoofing? Enable dynamic ARP inspection.

VLAN ACLs can be used to capture traffic on a spanning-tree blocked port. or 4 information. What is the state of the monitoring session? This is a remote monitored session. The session is only monitoring data sent out Fa0/1 What is the function of the 6500 Network Analysis Module? monitors traffic on ingress ports sends TCP resets to an attacker TCP session gathers multilayer information from data flows that pass through the switch provides remote monitoring of multiple switches across a switched network What technology can be used to help mitigate MAC address flooding attacks? root guard Private VLANs DHCP snooping VLAN access maps Dynamic ARP Inspection What advantage for monitoring traffic flows does using VACLs with the capture option offer over using SPAN? VLAN ACLs can be used to capture denied traffic. VLAN ACLs can be used to capture traffic to the CPU separate from the traffic that is hardware switched .Refer to the exhibit. VLAN ACLs can be used to capture traffic based on Layer 2. 3. No data is being sent from the session. SPAN session number 2 is being used.

13 224.0.0.13 224. The router sends group-to-RP mapping messages to 224.1.1.0.1.39 224.1.0. Enable multicast routing in global configuration mode. The router advertises itself as the RP by sending messages to the 224. what is the purpose of the global configuration mode command ip pim send-rp-announce 10.1 as the rendezvous point for all multicast groups enables protocol independent multicast (PIM) with router ID 10.1.1.1. Configure the IGMP snooping method.1.39 so that other routers can automatically discover the RP.1.1 assigns the role of rendezvous point mapping agent to the router with IP address 10.0.1.0.1.40 so that other routers can automatically discover the RP.1.1 announces the candidacy of the router with IP address 10.13 224.39 address What is the IP address for the Cisco-RP-announce multicast group? 224.IGMP snooping is enabled globally by default For configuring IP multicast routing. The routers sends group-to-RP mapping messages to 224.0.What Cisco tool can be used to monitor events happening in the switch? Embedded Event Manager Intrusion Prevention System Network Analysis module Switched Port Analyzer Which configuration-related step is required for IGMP snooping on a Catalyst switch? Enable IGMP snooping in global configuration mode.0.0.1 What is the result of the global configuration command ip pim send-rp-discovery Loopback0 scope 3? The router sends broadcast group-to-RP mapping messages so that other routers can automatically discover the RP.1. None .0.1.13 .1.1.1 224.0.40 The bootstrap router (BSR) mechanism of automating the distribution of rendezvous point (RP) information uses which IP address to disseminate information to all protocol independent multicast (PIM) routers? 224.1.1.1.1.0.40 224.1? enables IP multicast routing with router ID 10.

The multicast traffic will be sent back to the rendezvous point (RP) through the R4-R2-R1 path Refer to the exhibit. The routers between the Source and the rendezvous point (RP) have (S.1. which will drop the traffic.1.G) state in their multicast routing tables. Router R6 has sent a join message to router R4 requesting multicast traffic for users in the multicast group 224. PIM is a multicast routing protocol that makes packet-forwarding decisions independent of the unicast IP routing protocol that is running in the network. The traffic will flow via shared tree from the Source to the RP and via shared tree from the RP to the Receivers. The multicast traffic will be sent to switch SW1. PIM Sparse Mode is most useful when there are few senders.1. and the volume of multicast traffic is high. PIM Sparse Mode (PIM-SM).) PIM does not require an IGP protocol to be configured in the network. After the first multicast packet is received by the Receivers and the switchover takes place.1. The network has EIGRP configured on all routers and has converged on the routes advertised. PIM should be configured on the device that hosts the source of the muticast traffic. How will the multicast traffic that is sent from the multicast server SRC through the R1-R3-R5 path be handled at router R6? The multicast traffic will be dropped.Refer to the exhibit. many receivers. PIM sparse mode has been also configured on a ll routers. PIM should be configured only on the first and the last hop routers in the multicast tree.1. Three of the forwarding modes for PIM are PIM Dense Mode (PIM-DM). The traffic will flow via source tree from the Source to the RP and via shared tree from the RP to the Receivers Which two statements about Protocol Independent Multicast (PIM) are true? (Choose two. The traffic will flow via shared tree from the Source to the RP and via source tree from the RP to the Receivers. how will the multicast traffic continue to flow from the Source to the Receivers? The traffic will flow via source tree from the Source to the Receivers. and PIM Sparse-Dense Mode . The multicast traffic will be forwarded to all users in the multicast group 224.1.G) state in the multicast routing table and the routers between the RP and the Receivers have (*.

1. Which three statements are true about Protocol Independent Multicast (PIM) implementation on Cisco routers? (Choose three. GLOP addresses and limited scope addresses are two types of IP multicast addresses.50.0A.0. and the data stream begins to flow from sender to RP to receiver.) increased security increased mobility increased productivity increased cost savings increased throughput What is true about the differences between wireless LANs (WLANs) and LANs? A VPN connection that uses IPsec is not possible with WLANs.5E.255. a multicast sender first registers with the RP. In PIM-SM deployment.255 are reserved link-local addresses. .0. All IP multicast group addresses fall in the range from 224. WLANs use CSMA/CD rather than CSMA/CA because wireless LANs operate on multiple frequencies.G) entries for the multicast groups.32.5 identifies the all-routers group.Which MAC multicast address correctly maps to the IP multicast address 224.00.0.04 Which two statements about IP multicast addresses are true? (Choose two.0.) Bidir-PIM is suited for multicast with larger numbers of sources.04 01.04 01.32.0.5E.255. IP addresses between 233.255.1.40) multicast group.) IP address 224.04 01.50. IP addresses between 224. IP address 224.0 and 233.0 through 254.255 can be assigned to the sources of multicast traffic. all routers create only (*.0. WLANs use CSMA/CA rather than CSMA/CD because WLANs operate at half-duplex.10.1 and 239.0. In PIM-DM. All routers in the PIM network learn about the active group-to-RP mapping from the RP mapping agent by automatically joining the Cisco-RP-discovery (224.00.1 is a globally scoped address that has been reserved for the Network Time Protocol (NTP).255.11 data and management protocols between a lightweight access point and a centralized WLAN controller.00.10.255.255.255. In a PIM-SM network.0.0.0.10.5E.4? 01. WLANs use CSMA/CD rather than CSMA/CA because WLANs operate at full-duplex Which statement is true about the split MAC architecture? It distributes the processing of 802. WLANs use CSMA/CA rather than CSMA/CD because WLANs cannot detect collisions.0A.50. Available network bandwidth is overutilized outside of the multicast routing zone because multiple streams of data are required between distant routers in place of a single transmission.5E. WLANs do not use MAC addresses. the routers have the SPT threshold set to 0 by default which guarantees that the last-hop router switches to SPT mode as soon as the host starts receiving the multicast What are two reasons to implement wireless in a network? (Choose two.00.

What are two reasons to implement voice in a network? (Choose two. . and address translation provides real-time connectivity for participants in multiple locations to attend the same video conference or meeting provides call control for IP phones.) cost savings increased productivity stronger security increased data throughput easier administration What method of QoS gives preferential handling for predefined classes of traffic? best-effort services differentiated services hard QoS services integrated services What is a major difference between traffic shaping and policing? Traffic shaping buffers excessive traffic to smooth traffic whereas policing drops excessive traffic. CAC. The conversation flow can be split between multiple switches. The conversation flow can be split between multiple routers. Remove all QoS policies that are applied in the network. bandwidth control and management. Utilize Power over Ethernet. Multiple devices can be grouped together to combine total bandwidth. Traffic shaping controls the rate traffic flows through a switch whereas policing controls traffic flows through a router.) Create a separate VLAN for voice traffic. bandwidth control and management. Traffic shaping marks traffic with Layer 2 class of service (CoS) whereas policing marks traffic with the ToS bits in the IP header Where should QoS classification and marking be done? access layer at the first router interface core layer distribution layer What is the function of a gateway within a VoIP network? provides translation between VoIP and non-VoIP networks provides connection admission control (CAC). and address translation What are two best practices when implementing voice in a network? (Choose two. Traffic shaping is preferred for traffic flows such as voice and video whereas policing is better for TCP flows. Minimize the volume of the data traffic.

Implement access control lists at the distribution layer .