Soal Soal Edit

8/13/2019 Soal Soal Edit

1/82

BASIC NETWORK:

Question 5Which two benefits are provided by using a hierarchical addressing network addressing scheme?

(Choose two)

A. reduces routing table entriesB. autonegotiation of media ratesC. efficient utili!ation of "AC addresses#. dedicated communications between devices$. ease of management and troubleshootingAnswer% A $Question 6When a host transmits data across a network to another host& which process does the data go through?

A. standardi!ationB. conversionC. encapsulation#. synchroni!ationAnswer% C$'planation

o transmit to another host& a host must go through the C*+ model (very similar to the ,-+ model). Ateach layer& the message is encapsulated with that layers header (and trailer if it has). his process iscalled encapsulation.

Question 13/efer to the e'hibit. he two connected ports on the switch are not turning orange or green. What wouldbe the most effective steps to troubleshoot this physical layer problem? (Choose three)

A. $nsure that the $thernet encapsulations match on the interconnected router and switch ports.B. $nsure that cables A and B are straightthrough cables.C. $nsure cable A is plugged into a trunk port.#. $nsure the switch has power.$. /eboot all of the devices.

0. /eseat all cables.Answer% B # 0$'planation

he ports on the switch are not up indicating it is a layer 1 (physical) problem so we should check cabletype& power and how they are plugged in.

1


2/82

Question 140or what two purposes does the $thernet protocol use physical addresses? (Choose two)

A. to uni2uely identify devices at 3ayer 4B. to allow communication with devices on a different networkC. to differentiate a 3ayer 4 frame from a 3ayer 5 packet

#. to establish a priority system to determine which device gets to transmit first$. to allow communication between different devices on the same network0. to allow detection of a remote device when its physical address is unknownAnswer% A $$'planation

hysical addresses or "AC addresses are used to identify devices at layer 4 6 A is correct.

"AC addresses are only used to communicate on the same network. o communicate on differentnetwork we have to use 3ayer 5 addresses (+ addresses) 6 B is not correct7 $ is correct.

3ayer 4 frame and 3ayer 5 packet can be recogni!ed via headers. 3ayer 5 packet also contains physicaladdress 6 C is not correct.

,n $thernet& each frame has the same priority to transmit by default 6 # is not correct.All devices need a physical address to identify itself. +f not& they can not communicate 6 0 is not correct.

Question 16Which command can be used from a C to verify the connectivity between host that connect throughpath?A. tracert address

B. ping addressC. arp address#. traceroute addressAnswer% A$'planation

o check the connectivity between a host and a destination (through some networks) we can use both8tracert9 and 8ping9 commands. But the difference between these 4 commands is the 8tracert9 commandcan display a list of nearside router interfaces in the path between the source and the destination.herefore the best answer in this case is A : tracert address.;ote% 8traceroute9 command has the same function of the 8tracert9 command but it is used on Cisco

routers only& not on a C.

Question 17/efer to the e'hibit. A network engineer is troubleshooting an internet connectivity problem on thecomputer. What causing the problem?

A. wrong #;- server

B. wrong default gateway

C. incorrect + address

#. incorrect subnet mask

4


3/82

Answer% C$'planationhe + address of the C (1.11.4*4) is not on the same network with its gateway 1.1.1 6C is correct.

Question 23Which command shows system hardware and software version information?A. show configurationB. show environmentC. show inventory#. show platform$. show version

Answer% $

Question 25Which command shows your active elnet connections?A. show sessions

B. show cdp neighborsC. show users#. show 2ueueAnswer% A$'planationhe 8show users9 shows telnet*ssh connections to your router while 8show sessions9 shows telnet*sshconnections from your router (to other devices). he 2uestion asks about 8your active elnetconnections9& meaning connections from your router so the answer should be A.

Question 28Before installing a new upgraded version of the +,-& what should be checked on the router& and whichcommand should be used to gather this information? (Choose two)

A. the amount of available /,"

B. the amount of available flash and /A" memoryC. the version of the bootstrap software present on the router#. show version$. show processes0. show runningconfigAnswer% B #

5


4/82

$'planation

When upgrading new version of the +,- we need to copy the +,- to the 0lash so first we have to check ifthe 0lash has enough memory or not. Also running the new +,- may re2uire more /A" than the olderone so we should check the available /A" too. We can check both with the 8show version9 command.

Question 30/efer to the e'hibit. What can be determined about the router from the console output?

1 0ast$thernet*+$$$ >@4.5 interface(s)14 bytes of nonvolatile configuration memory.=5= bytes of AA C"C+A card at slot @ (-ector si!e 14bytes) .>1


5/82

Question 37Which router +,- commands can be used to troubleshoot 3A; connectivity problems? (Choose three)A. ping

B. tracertC. ipconfig#. show ip route$. winipcfg0. show interfacesAnswer% A # 0$'planation

he ping command can be used to test if the local device can reach a specific destination 6 A is correct.8tracert9 is not a valid command in Cisco +,- commands& the correct command should be 8traceroute9 6B is not correct.

he ipconfig command is not a valid command in Cisco +,- too 6 C is not correct.he 8show ip route9 command can be used to view the routing table of the router. +t is a very usefulcommand to find out many connectivity problems (like directly connected networks& learned network viarouting protocolsM) 6 # is correct.8winipcfg9 is an old tool in Windows


6/82

A network administrator changes the configuration register to @O414 and reboots the router. What aretwo results of making this change? (Choose two)

A. he +,- image will be ignored.B. he router will prompt to enter initial configuration mode.C. he router will boot to /,".#. Any configuration entries in ;F/A" will be ignored.

$. he configuration in flash memory will be booted.

Answer% B #$'planation

he router bypasses the startup configuration stored in ;F/A" during its boot se2uence so the routerwill enter initial configuration mode. his feature is normally used during a password recovery procedure.

Question 46/efer to the e'hibit. 0or what two reasons has the router loaded its +,- image from the location that isshown? (Choose two)

/outer16 show version

Cisco +nternetwork ,perating -ystem -oftware+,- P Q4@@ -oftware (CQ4@@R")& $'perimental Fersion 11.5tl


7/82

Question 51#ata transfer is slow between the source and destination. he 2uality of service re2uested by thetransport layer in the ,-+ reference model is not being maintained. o fi' this issue& at which layer shouldthe troubleshooting process begin?

A. presentationB. sessionC. transport#. network$. physical

Answer% #

Question 53/efer to the e'hibit. An administrator pings the default gateway at [email protected]@[email protected] and sees the output asshown. At which ,-+ layer is the problem?

C%U6 ping [email protected]@[email protected]

inging [email protected]@[email protected] with 54 bytes of data%/e2uest timed out./e2uest timed out./e2uest timed out./e2uest timed out.ing statistics for [email protected]@[email protected]%ackets% sent : & /eceived V @& 3ost : (1@@G loss)

A. data link layerB. application layerC. access layer#. session layer$. network layer

Answer% $$'planation

he ;etwork layer is responsible for network addressing and routing through the internetwork. -o a pingfails& you may have an issue with the ;etwork layer (although lower layers like #ata 3ink hysical maycause the problem).

Question 55

A network administrator is verifying the configuration of a newly installed host by establishing an 0connection to a remote server. What is the highest layer of the protocol stack that the networkadministrator is using for this operation?

A. applicationB. presentationC. session#. transport$. internet0. data link

Answer% A

$'planation0 belongs to Application layer and it is also the highest layer of the ,-+ model.

Question 58

Q


8/82

Acknowledgement& -e2uencing& and 0low control are characteristics of which ,-+ layer?

A. 3ayer 4B. 3ayer 5C. 3ayer #. 3ayer $. 3ayer =

0. 3ayer Q

Answer% C

Question 60/efer to the e'hibit. What could be possible causes for the 8-erial@*@ is down9 interface status? (Choosetwo)

A. A 3ayer 1 problem e'ists.B. he bandwidth is set too low.C. A protocol mismatch e'ists.#. An incorrect cable is being used.

$. here is an incorrect + address on the -erial @*@ interface.Answer% A #$'planation

he first part of the 8-erial@*@ is down& line protocol is down9 indicates a layer 1 problem while the secondpart indicates a layer 4 problem 6 A is correct.-ome popular layer 1 problems are listed below%N device power offN device power unpluggedN loose network cable connectionN incorrect cable typeN faulty network cableAnswer B 8he bandwidth is set too low9 will not make a layer 1 problem.Answer C is a layer 4 problem.Answer $ is a layer 5 problem.

Question 62he network administrator normally establishes a elnet session with the switch from host A. headministrators attempt to establish a connect via elnet to the switch from host B fails& but pings fromhost B to other two hosts are successful. What is the issue for this problem?

>


9/82

A. Sost B and the switch need to be in the same subnet.B. he switch needs an appropriate default gateway assigned.C. he switch interface connected to the router is down.#. Sost B need to be assigned an + address in vlan 1.Answer% B$'planationSost A (1Q4.1


10/82

I A!!RESSIN"

Question 1Which + address can be assigned to an +nternet interface?

A. [email protected]>@.>.44B.

Answer% B$'planation

he + address which can be assigned to an +nternet interface is a public + address. rivate + address

are found in the following ranges%X 0rom 1@.@.@.@ to [email protected] 0rom 1Q4.1=.@.@ to 1Q4.51.4.4X 0rom 1.@.@ to 1.4.4Also some special + addresses (like the local loopback address 14Q.@[email protected]& multicast addressesM) cantbe assigned to an +nternet interface.+n this 2uestion only answer B doesnt belong to the range of private + address 6 B is the correctanswer.

Question 2What will happen if a private + address is assigned to a public interface connected to an +-?

A. Addresses in a private range will be not routed on the +nternet backbone.B. ,nly the +- router will have the capability to access the public network.C. he ;A process will be used to translate this address in a valid + address.#. -everal automated methods will be necessary on the private network.$. A conflict of + addresses happens& because other public routers can use the same range.

Answer% A

Question 3When is it necessary to use a public + address on a routing interface?

A. Connect a router on a local network.

B. Connect a router to another router.C. Allow distribution of routes between networks.#. ranslate a private + address.$. Connect a network to the +nternet.

Answer% $

Question 4When a #SC server is configured& which two + addresses should never be assignable to hosts?(Choose two)

A. network or subnetwork + address

B. broadcast address on the networkC. + address leased to the 3A;#. + address used by the interfaces$. manually assigned address to the clients0. designated + address to the #SC server

Answer% A B

1@


11/82

$'planation

;etwork or subnetwork + address (for e'ample 11.@.@.@*> or 15.1.@.@*1=) and broadcast address (fore'ample 45.4.1.4*4) should never be assignable to hosts. When try to assign these addresses tohosts& you will receive an error message saying that they cant be assignable.Question 6he network administrator has asked you to check the status of the workstations + stack by pinging the

loopback address. Which address would you ping to perform this task?

A. [email protected]. 14Q.@[email protected]. [email protected]#. 45


12/82

$'planation

he default gateway + address must be on the same network with the configured hosts + address andnot is the network or broadcast address 6 B is correct.Question #Which of the following describe private + addresses? (Choose two)

A. addresses chosen by a company to communicate with the +nternetB. addresses that cannot be routed through the public +nternetC. addresses that can be routed through the public +nternet#. a scheme to conserve public addresses$. addresses licensed to enterprises or +-s by an +nternet registry organi!ation

Answer% B #

Question 11As a CC;A candidate& you must have a firm understanding of the +v= address structure. /efer to +v=address& could you tell me how many bits are included in each filed?

A : 4B : C : 5# : 1=Answer% #$'planation%he format of a +v= address is K%K%K%K%K%K%K%K where K is a 1=bit he'adecimal field. 0or e'ample%11@A%@1QA%154c

Question 12

+n practical +v= application& a technology encapsulates +v= packets inside +v packets& thistechnology is called what?A : tunnelingB : hashingC : routing# : ;AAnswer% AQuestion 13+nternet rotocol version = (+v=) is the ne'tgeneration +nternet rotocol version designated as thesuccessor to +v because +v address space is being e'hausted. Which one of the followingdescriptions about +v= is correct?

A : Addresses are not hierarchical and are assigned at random.B : Broadcasts have been eliminated and replaced with multicasts.C : here are 4.Q billion available addresses.# : An interface can only be configured with one +v= address.Answer% B

Question 14Which two of these statements are true of +v= address representation? (Choose two)

A : he first = bits represent the dynamically created interface +#.

B : A single interface may be assigned multiple +F= addresses of any type.C : $very +F= interface contains at least one loopback address.# : 3eading !eros in an +F= 1= bit he'adecimal field are mandatory.Answer% B C$'planation%3eading !eros in +v= are optional do that @CQ e2uals CQ and @@@@ e2uals @ 6 # is not corect.

14


13/82

Question 15Which three of the following are +v= transition mechanisms? (Choose three)

A : =to tunnelingB : Y/$ tunnelingC : +-AA tunneling

# : eredo tunneling$ : F; tunneling0 : tunnelingAnswer% A C #$'planation%Below is a summary of +v= transition technologies%

6 to 4 tunne$in%: his mechanism allows +v= sites to communicate with each other over the +vnetwork without e'plicit tunnel setup. he main advantage of this technology is that it re2uires no endnode reconfiguration and minimal router configuration but it is not intended as a permanent solution.

ISATA tunne$in%(+ntra-ite Automatic unnel Addressing rotocol)% is a mechanism for transmitting+v= packets over +v network. he word 8automatic9 means that once an +-AA server*router hasbeen set up& only the clients must be configured to connect to it.

Te&e'o tunne$in%:his mechanism tunnels +v= datagrams within +v L# datagrams& allowingprivate +v address and +v ;A traversal to be used.+n fact& Y/$ tunneling is also a +v= transition mechanism but is not mentioned in CC;A so we shouldntchoose it (there are types of +v= transition mechanisms mentioned in CC;A7 they are% manual& =to&eredo and +-AA).Question 16Which two descriptions are correct about characteristics of +v= unicast addressing? (Choose two)

A : Ylobal addresses start with 4@@@%%*5.B : 3inklocal addresses start with 00@@%%*[email protected] : 3inklocal addresses start with 0$@@%*14.# : here is only one loopback address and it is %%1.Answer% A #$'planation%Below is the list of common kinds of +v= addresses%

(oo)*+,-+''&ess

%%1

(in-.$o,+$+''&ess 0$>@%%*1@

Site.$o,+$+''&ess

0$C@%%*1@

"$o*+$ +''&ess 4@@@%%*5

/u$ti,+st+''&ess

00@@%%*>

Question 17-elect the valid +v= addresses. (Choose all apply)

A : %%1%@%1B : 4@@4%c@a>%1@1%%4C : 4@@5%dead%beef%dad%45%=%bb%1@1# : %%$ : 4@@@%%0 : 4@@1%54%5Q%%

15


14/82

Answer% A B C # 0$'planation%

Answers A B C are correct because A and B are the short form of @%@%@%@%1%@%1 and4@@4%c@a>%@1@1%@%@%@%@%@@4 while C are normal +v= address.

Answer # is correct because 8%%9 is named the 8unspecified9 address and is typically used in the source

field of a datagram that is sent by a device that seeks to have its + address configured.

Answer $ is not correct because a globalunicast +v= address is started with binary @@1& denoted as4@@@%%*5 in +v= and it also known as an aggregatable global unicastaddress.he 4@@@%% (in particular&4@@@%%*5) is Tust a prefi' and is not a valid +v= address.

he entire globalunicast +v= address range is from 4@@@%%*14> to5000%0000%0000%0000%0000%0000%0000*14>& resulting in a total usable space of over4&5&4=&11Q&5@Q&


15/82

A. +t sends data in clear te't format.B. +t is no longer supported on Cisco network devices.C. +t is more secure than --S.#. +t re2uires an enterprise license in order to be implemented.$. +t re2uires that the destination device be configured to support elnet connections.

Answer% A $$'planation

elnet& part of the C*+ protocol suite& is a virtual terminal protocol that allows you to makeconnections to remote devices& gather information& and run programs. elnet is considered insecurebecause it transfers all data in clear te't 6 A is correct.

he destination device needs to support elnet connection. 0or e'ample& if a device doesnt supportC*+ protocol suit then maybe we cant telnet to it.

Question 3An administrator issues the command ping 14Q.@[email protected] from the command line prompt on a C. +f a reply is

received& what does this confirm?

A. he C has connectivity with a local host.B. he C has connectivity with a 3ayer 5 device.C. he C has a default gateway correctly configured#. he C has connectivity up to 3ayer of the ,-+ model$. he C has the C*+ protocol stack correctly installed.

Answer% $$'planation

he address 14Q.@[email protected] is called loopback address. When we ping 14Q.@[email protected]& in fact we are pinging the

local network card and test the C*+ protocol suite on our device.

Question 6A C*+ ransfer is diagrammed in the e'hibit.A window si!e of three has been negotiated for this transfer. Which message will be returned from thereceiver to the sender as part of this C*+ transfer?

A. -end AC 15B. -end AC 5C. -end AC #. -end AC =$. -end AC =0. -end AC Q

Answer% C$'planation+n response& the receiver replies with an AC. he acknowledgment number is set to one more than thereceived se2uence number. he AC means 8+ have got all messages up to se2uence number n1 soplease send me the message for se2uence number n9.

Question 8

1


16/82

A network admin wants to know every hop the packets take when he accesses cisco.com. Whichcommand is the most appropriate to use?

A. path cisco.comB. debugcisco.comC. trace cisco.com#. traceroute cisco.com

Answer% #

Question 10Sost 1 is trying to communicate with Sost 4. he e@ interface on /outer C is down. Which of the followingare true? (Choose two)

A. /outer C will use +C" to inform Sost 1 that Sost 4 cannot be reached.B. /outer C will use +C" to inform /outer B that Sost 4 cannot be reached.C. /outer C will use +C" to inform Sost 1& /outer A& and /outer B that Sost 4 cannot be reached.#. /outer C will send a #estination Lnreachable message type.$. /outer C will send a /outer -election message type.0. /outer C will send a -ource [uench message type.

Answer% A #$'planation

he last known good router will try to inform you that the destination cannot be reached (with a#estination Lnreachable message type) so from that information you can learn how far your packets cantravel to and where the problem is.

Question 14Which layer of the ,-+ reference model uses flow control& se2uencing& and acknowledgments to ensurethat reliable networking occurs?A. data linkB. network

C. transport#. presentation$. physical

Answer% C

Question 16#ata transfer is slow between the source and destination. he 2uality of service re2uested by thetransport layer in the ,-+ reference model is not being maintained. o fi' this issue& at which layer shouldthe troubleshooting process begin?

A. presentation

B. sessionC. transport#. network$. physical

Answer% #

1=


17/82

Question 17Which protocols are found in the network layer of the ,-+ reference model and are responsible for pathdetermination and traffic switching?

A. 3A;B. routingC. WA;

#. network

Answer% B

Question 18/efer to the e'hibit. An administrator pings the default gateway at [email protected]@[email protected] and sees the output asshown. At which ,-+ layer is the problem?

C%U6 ping [email protected]@[email protected] [email protected]@[email protected] with 54 bytes of data%/e2uest timed out./e2uest timed out./e2uest timed out.

/e2uest timed out.ing statistics for [email protected]@[email protected]%ackets% sent : & /eceived V @& 3ost : (1@@G loss)

A. data link layerB. application layerC. access layer#. session layer$. network layer

Answer% $$'planationhe ;etwork layer is responsible for network addressing and routing through the internetwork. -o a pingfails& you may have an issue with the ;etwork layer (although lower layers like #ata 3ink hysical maycause the problem).

Question 20A network administrator is verifying the configuration of a newly installed host by establishing an 0connection to a remote server. What is the highest layer of the protocol stack that the networkadministrator is using for this operation?

A. applicationB. presentation

C. session#. transport$. internet0. data link

Answer% A$'planation0 belongs to Application layer and it is also the highest layer of the ,-+ model.

Question 23Acknowledgement& -e2uencing& and 0low control are characteristics of which ,-+ layer?

A. 3ayer 4B. 3ayer 5C. 3ayer #. 3ayer $. 3ayer =0. 3ayer Q

1Q


18/82

Answer% C

ROTIN" I

Question 13

1>


19/82

A mediumsi!ed company has a Class C + address. +t has two Cisco routers and one nonCisco router.All three routers are using /+ version 1.he company network is using the block of 1.155.41


20/82

send any update for same network out of interface s@*@. o solve this problem we can configure subinterfaces on s@*@ or e'plicitly allow the update to be sent back on the same interface.

ROTIN" RI

Question 12/efer to the graphic. Sost 1 cannot receive packets from Sost 4. Assuming that /+ v1 is the routingprotocol in use& what is wrong with the + configuration information shown? (Choose two)

4@


21/82

A. he fa@*1 interface of router /4 has been assigned a broadcast address.B. he fa@*1 network on router /4 overlaps with the 3A; attached to /1.C. Sost 4 has been assigned the incorrect subnet mask.#. Sost 1 has been configured with the 4.4.4>.@ subnet mask.$. Sost 4 on router /4 is on a different subnet than its gateway.Answer% B C$'planationhe fa@*1 interface of /4 is assigned an + address of [email protected][email protected]*4@. +t seems to be a broadcastaddress but it is not. +f we calculate the range of this network we will understand why%;etwork [email protected][email protected]*4@+ncrement% 1= (*4@ V 1111 1111.1111 1111.1111 @@@@.@@@@ @@@@);etwork address% [email protected].@Broadcast address% [email protected]

6 [email protected][email protected]*4@ is an usable host address 6 A is not correct.he + address of host 1 ([email protected].>) belongs to the range of interface fa@*1 on /4 as shown above 6 Bis correct.+n the topology above& all subnet masks are *4@ (4.4.4@.@) e'cepting the subnet mask of Sost 4(4.4.44.@) so C can be incorrect.

he subnet mask of Sost 1 is 4.4.4@.@& not 4.4.4>.@ 6 # is not correct.Sost 4 is not on a different subnet than its gateway even if the subnet mask 4.4.44.@ is used. 3etsanaly!e the range of Sost 4 network%;etwork [email protected].@.


22/82

ROTIN" OS

Question 2:

Why /1 cant establish an ,-0 neighbor relationship with /5 according to the following graphic?(Choose two)

A : Configure $+Y/ on these routers with a lower administrative distanceB : All routers should be configured for backbone Area 1

C : /1 and /5 have been configured in different areas# : he hello and dead interval timers are not configured the same values on /1 and /5

Answer% C #$'planation%

A is not correct because configure $+Y/ on these routers (with a lower administrative distance) willforce these routers to run $+Y/& not ,-0.

B is not correct because the backbone area of ,-0 is always Area @.C and # are correct because these entries must match on neighboring routers% e$$o +n' 'e+' inte&+$s

: A&e+ I!(Area @ in this case): Authentication password: -tub area flag

44


23/82

ROTIN" EI"R

Question #A router has learned three possible routes that could be used to reach a destination network. ,ne routeis from $+Y/ and has a composite metric of 4@1=@. Another route is from ,-0 with a metric ofQ>4. he last is from /+v4 and has a metric of . Which route or routes will the router install in therouting table?A. the ,-0 routeB. the $+Y/ route

C. the /+v4 route#. all three routes$. the ,-0 and /+v4 routes

Answer% B$'planationWhen one route is advertised by more than one routing protocol& the router will choose to use the routingprotocol which has lowest Administrative #istance. he Administrative #istances of popular routingprotocols are listed below%

Question 14/efer to the e'hibit. 0rom /outerA& a network administrator is able to ping the serial interface of /outerBbut unable to ping any of the subnets attached to /outerB. Based on the partial outputs in the e'hibit&

what could be the problem?

45


24/82

A. $+Y/ does not support F3-".B. he $+Y/ network statements are incorrectly configured.C. he + addressing on the serial interface of /outerA is incorrect.#. he routing protocol has summari!ed on the classful boundary.$. $+Y/ has been configured with an invalid autonomous system number.

Answer% #$'planation

0rom the output of 8show ip route9 command on /outerB& we learn that /outerB does not learn anynetworks in /outerA. Also the 81Q4.1=.@.@*4= is a summary& @@%@@%@5& ;ull@line tells us this netwok issummari!ed.;ote% $+Y/ performs autosummari!ation each time it crosses a border between two maTor networks.0or e'ample& /outerA has networks of 1Q4.1=.'.'. +t will perform autosummari!ation when sending overnetwork [email protected].@*5@& which is in different maTor network (1Q4.1=.@.@*1= and 1@.@.@.@*> are called maTornetworks in this case).

4


25/82

SWITCIN"

Question 2/efer to the e'hibit. he following commands are e'ecuted on interface fa@*1 of 4


26/82

A. Backbone0astB. Lplink0astC. /oot Yuard#. B#L Yuard$. B#L 0ilterAnswer% #

$'planationWe only enable ort0ast feature on access ports (ports connected to end stations). But if someone doesnot know he can accidentally plug that port to another switch and a loop may occur when B#Ls arebeing transmitted and received on these ports.

With B#L Yuard& when a ort0ast receives a B#L& it will be shut down to prevent a loop 6 # iscorrect.

Question 6-witch ports operating in which two roles will forward traffic according to the +$$$ >@4.1w standard?(Choose two)

A. alternateB. backupC. designated#. disabled$. rootAnswer% C $$'planation

+$$$ >@4.1w is the standard of /apid -panning ree rotocol (/-). here are port roles in thisstandard% /oot port& #esignated port& Alternative port& Backup port and #isabled port. +n these portroles& only /oot port and #esignated port can forward traffic.

Question 7-elect the action that results from e'ecuting these commands%

Switch(config-if)# switchport port-securitySwitch(config-if)# switchport port-security mac-address sticky

A. A dynamically learned "AC address is saved in the startupconfiguration file.B. A dynamically learned "AC address is saved in the runningconfiguration file.C. A dynamically learned "AC address is saved in the F3A; database.#. -tatically configured "AC addresses are saved in the startupconfiguration file if frames from that

address are received.$. -tatically configured "AC addresses are saved in the runningconfiguration file if frames from that

address are received.Answer% B$'planationhe full synta' of the second command is%sit,)o&t )o&t.se,u&it +,.+''&ess sti,- 9/AC+f we dont specify the "AC address (like in this 2uestion) then the switch will dynamically learn theattached "AC Address and place it into your runningconfiguration 6 B is correct.Question 8What is valid reason for a switch to deny port access to new devices when port security is enabled?

A. he denied "AC addresses have already been learned or configured on another secure interface in

the same F3A;.B. he denied "AC address are statically configured on the port.C. he minimum "AC threshold has been reached.#. he absolute aging times for the denied "AC addresses have e'pired.Answer% A$'planation

4=


27/82

A security violation occurs in either of these situations%

When the ma'imum number of secure "AC addresses is reached on a secure port and the source

"AC address of the ingress traffic is different from any of the identified secure "AC addresses& portsecurity applies the configured violation mode.

X +f traffic with a secure "AC address that is configured or learned on one secure port attempts to

access another secure port in the same F3A;& applies the configured violation mode.0rom the second statement we can figure out A is the correct answer. But for your information we will

discuss other answers as well.

Answer B is not correct because we cant configured which "AC address will be denied. We can onlyconfigure which "AC is allowed.

We can only configure the ma'imum "AC threshold& not the minimum threshold 6 C is not correct.

he aging times are only configured for allowed "AC addresses& not for denied "AC 6 # is correct.

0or your information about aging time%When the aging type is configured with the absolute keyword& all the dynamically learned secureaddresses age out when the aging time e'pires

his is how to configure the secure "AC address aging type on the port%Route&;,on


28/82

/efer to the e'hibit. Which statement is true?

A. he 0a@*11 role confirms that -witchA is the root bridge for F3A; [email protected]. F3A; 4@ is running the er F3A; -panning ree rotocol.

C. he "AC address of the root bridge is @@1Q.@.#. -witchA is not the root bridge& because not all of the interface roles are designated.Answer% #$'planation,nly nonroot bridge can have root port. 0a@*11 is the root port so we can confirm this switch is not theroot bridge 6 A is not correct.

0rom the output we learn this switch is running /apid -& not F- 6 B is not correct.@@1Q.@ is the "AC address of this switch& not of the root bridge. he "AC address of the rootbridge is @@1Q.


29/82

Also we often define what will the switch do if the security is violated%-witch(configif)Jswitchport portsecurity violation shutdown

Question 13he network security policy re2uires that only one host be permitted to attach dynamically to each switchinterface. +f that policy is violated& the interface should shut down. Which two commands must thenetwork administrator configure on the 4


30/82

Which two of these changes are necessary for -witchA to meet the re2uirements? (Choose two)

A. ort security needs to be globally enabled.B. ort security needs to be enabled on the interface.C. ort security needs to be configured to shut down the interface in the event of a violation.#. ort security needs to be configured to allow only one learned "AC address.$. ort security interface counters need to be cleared before using the show command.0. he port security configuration needs to be saved to ;F/A" before it can become active.Answer% B #$'planation

As we see in the output& the 8ort -ecurity9 is in 8#isabled9 state (line 4 in the output). o enable ortsecurity feature& we must enable it on that interface first with the command%-witchA(configif)Jswitchport portsecurity6 B is correct.

Also from the output& we learn that the switch is allowing 4 devices to connect to it (switchport portsecurity ma'imum 4) but the 2uestion re2uires allowing only C]A to access the network so we need toreduce the ma'imum number to 1 6 # is correct.

Question 17A company implements video conferencing over + on their $thernet 3A;. he users notice that thenetwork slows down& and the video either stutters or foils completely. What is the most likely reason for

this?

A. minimum cell rate ("C/)B. 2uality of service ([o-)C. modulation#. packet switching e'change (-$)$. reliable transport protocol (/)Answer% B$'planation

+f the [o- is not configured correctly on the network& video traffic can slow down all your traffic. hat

company implemented video traffic and the network slows down 6 maybe they dont configure [o- sovideo traffic (which is very high and bursty) and data traffic have the same priority and video traffic eatsall the bandwidth. [o- can solve this problem by giving higher priority for data (or voice) traffic over videotraffic.

5@


31/82

Question 18Computer 1 is consoles into switch A. elnet connections and pings run from the command prompt onswitch A fail. Which of the following could cause this problem?

A. switch A does not have a cdp entry for switch B or router RAKB. switch A does not have an + addressC. port 1 on switch A should be an access port rather than a trunk port

#. switch A is not directly connected to router RAK$. switch A does not have a default gateway assignedAnswer% B$'planation+ts a hard 2uestion to answer although it looks simpleZ 0rom the output above we are sure that switch Adoes not have an + address (on both 0a@*1 and on F3A; 1) so it can not ping or telnet to any otherdevice 6 B is correct.

Another answer seems to be correct is answer $ : switch A does not have a default gateway assigned.We know that -witch A can not telnet to other device outside its subnet without having a default gateway.But the 2uestion only says 8elnet connections and pings run from the command prompt on switch A fail9

without telling us where -witch A is trying to telnet or ping to. +f it tries to connect to the outside networkthen $ is correct. +f it only want to connect to a device inside its subnet then a default gateway is notnecessary.

-o the best answer for this 2uestion is BZ

Question 1#/efer to the e'hibit. Yive this output for -witchC& what should the network administrators ne't action be?

51


32/82

A. Check the trunk encapsulation mode for -witchCs fa@*1 port.B. Check the duple' mode for -witchCs fa@*1 port.C. Check the duple' mode for -witchAs fa@*4 port.#. Check the trunk encapsulation mode for -witchAs fa@*4 port.Answer% C

Question 20/efer to the graphic

A host is connected to switch port 0a@*5 with a crossover cable. Sowever& the port indicator on switch

port 0a@*5 is not on& and the host can not communicate with hosts that belong to F3A;4 on the sameswitch. Based on the information given& where is the problem?

A. he switch has been assigned an incorrect subnet mask 1B. -witch port 0a@*5 is not configured as a trunk portC. -witch port 0a@*5 has been blocked by -#. he switch and the hosts must be in the same subnet$. he cable type is wrongAnswer% $$'planation

o specify when we use crossover cable or straightthrough cable& we should remember%"&ou) 1:/outer& Sost& -erver"&ou) 2:Sub& -witch,ne device in group 1 N ,ne device in group 4% use st&+i%t.t&ou%cablewo devices in the same group% use ,&ossoe& cable+n this case we connect a switch and a host so we need a straightthrough cable 6 $ is correct.

Question 21/efer to the e'hibit. -ome 4


33/82

B. Configure an AC3 to allow only a single "AC address to connect to the switch at one time.C. Lse the macaddresstable 1 global configuration command to limit each port to one source "AC

address.#. +mplement ort -ecurity on all interfaces and use the portsecurity ma'imum 1 command to limit port

access to a single "AC address$. +mplement ort -ecurity on all interfaces and use the portsecurity macaddress sticky command to

limit access to a single "AC address

0. +mplement ort -ecurity at global configuration mode and use the portsecurity ma'imum 1 commandto allow each switch only one attached hub

Answer% #$'planationhe ort -ecurity filters frames based on its "AC so it can effectively prevent people connecting to theswitch via hubs.

Question 23A network administrator must configure 4@@ switch ports to accept traffic from only the currently attachedhost devices. What would be the most efficient way to configure "AClevel security on all these ports?

A. Fisually verify the "AC addresses and then telnet to the switches to enter the switchportport securitymacaddress command.

B. Save end users email their "AC addresses. elnet to the switch to enter the switchportport securitymacaddress command.

C. Lse the switchport portsecurity "AC address sticky command on all the switch ports that have enddevices connected to them.

#. Lse show macaddresstable to determine the addresses that are associated with each port and thenenter the commands on each switch for "AC address portsecurity.

Answer% C$'planation

We can use the 8interface range9 command (for e'ample 8interface range 0ast$thernet @*1 : >) toconfigure many ports as the same time and use the 8portsecurity "AC address sticky9 command(without a specific "AC address) to dynamically learn the attached "AC Address and place it into theswitchs runningconfiguration 6 C is correct.

Question 24Which of the following are true regarding bridges and switches? (Choose two)A. Bridges are faster than switches because they have fewer ports.B. A switch is a multiport bridge.C. Bridges and switches learn "AC addresses by e'amining the source "AC address of each framereceived.

#. A bridge will forward a broadcast but a switch will not.$. Bridges and switches increase the si!e of a collision domain.Answer% B CQuestion 25Which two commands correctly verify whether port security has been configured on port 0ast$thernet@*14 on a switch? (Choose two)

A. -W1J show switchport portsecurity interface 0ast$thernet @*14B. -W1J show switchport portsecure interface 0ast$thernet @*14C. -W1J show portsecurity interface 0ast$thernet @*14#. -W1J show runningconfig

Answer% C #$'planationWe can verify whether port security has been configured by using the 8show runningconfig9 or 8showportsecurity interface 9 for more detail. An e'ample of the output of 8show portsecurity interface 9command is shown below%

55


34/82

Question 26Assuming the default switch configuration which vlan range can be added modified and removed on aCisco switch?A. 4 through 1@@1B. 1 through 1@@1C. 1 through 1@@4#. 4 through 1@@

Answer% A$'planation

F3A; 1 is the default F3A; on Cisco switch. +t always e'ists and can not be added& modified orremoved.

F3A;s 1@@41@@ are default F3A;s for 0##+ oken /ing and they cant be deleted or used for$thernet.

Question 28Which set of commands is recommended to prevent the use of a hub in the access layer?A.switch(configif)Jswitchport mode trunkswitch(configif)Jswitchport portsecurity ma'imum 1B.

switch(configif)Jswitchport mode trunkswitch(configif)Jswitchport portsecurity macaddress 1C.switch(configif)Jswitchport mode accessswitch(configif)Jswitchport portsecurity ma'imum 1

5


35/82

#.switch(configif)Jswitchport mode accessswitch(configif)Jswitchport portsecurity macaddress 1Answer% C$'planation

ort security is only used on access port (which connects to hosts) so we need to set that port to8access9 mode& then we need to specify the ma'imum number of hosts which are allowed to connect tothis port 6 C is correct.;ote% +f we want to allow a fi'ed "AC address to connect& use the 8switchport portsecurity macaddress9 command.

Question 31Which two of these are characteristics of the >@4.1[ protocol? (Choose two)

A. +t is a layer 4 messaging protocol which maintains vlan configurations across network.

B. +t includes an >bit field which specifies the priority of a frame.C. +t is used e'clusively for tagging vlan frames and dose not address network reconvergence followingswitched network topology changes.#. +t modifies the >@4.5 frame header and thus re2uires that the 0C- be recomputed.$. +t is a trunking protocol capable of earring untagged frames.Answer% # $$'planation

+$$$ >@4.1[ is the networking standard that supports Firtual 3A;s (F3A;s) on an $thernet network. +t isa protocol that allows F3A;s to communicate with one another using a router. >@4.1[ trunks supporttagged and untagged frames.

+f a switch receives untagged frames on a trunk port& it believes that frame is a part of the native F3A;.Also& frames from a native F3A; are not tagged when e'iting the switch via a trunk port.

he >@4.12 frame format is same as >@4.5. he only change is the addition of bytes fields. hatadditional header includes a field with which to identify the F3A; number. Because inserting this headerchanges the frame& >@4.1[ encapsulation forces a recalculation of the original 0C- field in the $thernettrailer.

;ote% 0rame Check -e2uence (0C-) is a fouroctet field used to verify that the frame was receivedwithout loss or error. 0C- is based on the contents of the entire frame.

?(AN

5


36/82

Question 1/efer to the e'hibit. A network associate needs to configure the switches and router in the graphic so thatthe hosts in F3A;5 and F3A; can communicate with the enterprise server in F3A;4. Which two$thernet segments would need to be configured as trunk links? (Choose two)

A. AB. BC. C#. #$. $0. 0

Answer% C 0$'planationhe link between the switches and the link between switch router should be configured as trunks.,ther links (connected to hosts) should be configured as access links.

Question 2Which three statements are typical characteristics of F3A; arrangements? (Choose three)

A. A new switch has no F3A;s configured.B. Connectivity between F3A;s re2uires a 3ayer 5 device.C. F3A;s typically decrease the number of collision domains.#. $ach F3A; uses a separate address space.$. A switch maintains a separate bridging table for each F3A;.0. F3A;s cannot span multiple switches.

Answer% B # $

$'planation

By default& all ports on a new switch belong to F3A; 1 (default native F3A;). here are also somewellknown F3A;s (for e'ample% F3A; 1@@4 for fddidefault7 F3A; 1@@5 for tokenringM) configured bydefault 6 A is not correct.

o communicate between two different F3A;s we need to use a 3ayer 5 device like router or 3ayer 5switch 6 B is correct.

F3A;s dont affect the number of collision domains& they are the same 6 C is not correct. ypically&F3A;s increase the number of broadcast domains.We must use a different network (or subnetwork) for each F3A;. 0or e'ample we can use

1.1.@*4 for F3A; 1& 1.4.@*4 for F3A; 4 6 # is correct.

A switch maintains a separate bridging table for each F3A; so that it can send frame to ports on thesame F3A; only. 0or e'ample& if a C in F3A; 4 sends a frame then the switch lookups its bridgingtable and only sends frame out of its ports which belong to F3A; 4 (it also sends this frame on trunkports) 6 $ is correct.We can use multiple switches to e'pand F3A; 6 0 is not correct.

5=


37/82

Question 3By default& each port in a Cisco Catalyst switch is assigned to F3A;1. Which two recommendations arekey to avoid unauthori!ed management access? (Choose two)A. Create an additional AC3 to block the access to F3A; 1.B. "ove the management F3A; to something other than default.C. "ove all ports to another F3A; and deactivate the default F3A;.

#. 3imit the access in the switch using port security configuration.$. Lse static F3A; in trunks and access ports to restrict connections.0. -hutdown all unused ports in the Catalyst switch.

Answer% B 0

Question 4Which two benefits are provided by creating F3A;s? (Choose two)A. added securityB. dedicated bandwidthC. provides segmentation#. allows switches to route traffic between subinterfaces

$. contains collisions

Answer% A C

Question 5Which two link protocols are used to carry multiple F3A;s over a single link? (Choose two)A. FB. >@4.12C. +Y#. +-3$. >@4.5u

Answer% B #$'planationCisco switches support two trunking protocols >@4.12 +-3. >@4.12 is an open standard and is thuscompatible between most vendors e2uipment while +nter-witch 3ink (+-3) is Cisco proprietary.

Question 6A switch is configured with all ports assigned to vlan 4 with full duple' 0ast$thernet to segment e'istingdepartmental traffic. What is the effect of adding switch ports to a new F3A; on the switch?A. "ore collision domains will be created.B. + address utili!ation will be more efficient.C. "ore bandwidth will be re2uired than was needed previously.#. An additional broadcast domain will be created.

Answer% #

Question 7Which two statements about the use of F3A;s to segment a network are true? (Choose two)A. F3A;s increase the si!e of collision domains.B. F3A;s allow logical grouping of users by function.C. F3A;s simplify switch administration.#. F3A;s enhance network security.

Answer% B #Question 8

Cisco Catalyst switches CA1 and CA4 have a connection between them using ports 0a@*15. An>@4.1[ trunk is configured between the two switches. ,n CA1& F3A; 1@ is chosen as native& but onCA4 the native F3A; is not specified. What will happen in this scenario?A. >@4.1[ giants frames could saturate the link.B. F3A; 1@ on CA1 and F3A; 1 on CA4 will send untagged frames.C. A native F3A; mismatch error message will appear.#. F3A; 1@ on CA1 and F3A; 1 on CA4 will send tagged frames.

5Q


38/82

Answer% C$'planationA 8native F3A; mismatch9 error will appear by C# if there is a native F3A; mismatch on an >@4.1[link. 8F3A; mismatch9 can cause traffic from one vlan to leak into another vlan.

Question #

Which two statements describe the Cisco implementation of F3A;s? (Choose two)A. F3A; 1 is the default $thernet F3A;.B. C# advertisements are only sent on F3A; 1@@4.C. By default& the management F3A; is F3A; 1@@.#. By default& the switch + address is in F3A; 1@@.$. F3A;s 1@@4 through 1@@ are automatically created and cannot be deleted.

Answer% A $

Question 10What are three advantages of F3A;s? (Choose three)A. F3A;s establish broadcast domains in switched networks.

B. F3A;s utili!e packet filtering to enhance network security.C. F3A;s provide a method of conserving + addresses in large networks.#. F3A;s provide a lowlatency internetworking alternative to routed networks.$. F3A;s allow access to network services based on department& not physical location.0. F3A;s can greatly simplify adding& moving& or changing hosts on the network.

Answer% A $ 0

Question 11Which of the following are benefits of F3A;s? (Choose three)A. hey increase the si!e of collision domains.B. hey allow logical grouping of users by function.

C. hey can enhance network security.#. hey increase the si!e of broadcast domains while decreasing the number of collision domains.$. hey increase the number of broadcast domains while decreasing the si!e of the broadcast domains.0. hey simplify switch administration.

Answer% B C $$'planation

When using F3A; the number and si!e of collision domains remain the same 6 A is not correct.F3A;s allow to group users by function& not by location or geography 6 B is correct.F3A;s help minimi!e the incorrect configuration of F3A;s so it enhances the security of the network 6C is correct.

F3A; increases the si!e of broadcast domains but does not decrease the number of collision domains 6# is not correct.

F3A;s increase the number of broadcast domains while decreasing the si!e of the broadcast domainswhich increase the utili!ation of the links. +t is also a big advantage of F3A; 6 $ is correct.F3A;s are useful but they are more comple' and need more administration 6 0 is not correct.

Question 14What are three valid reasons to assign ports to F3A;s on a switch? (Choose three)A. to make F easier to implement

B. to isolate broadcast trafficC. to increase the si!e of the collision domain#. to allow more devices to connect to the network$. to logically group hosts according to function0. to increase network security

Answer% B $ 0

5>


39/82

?T

Question 1

/efer to the e'hibit. After -witchB was added to the network& F3A; connectivity problems started tooccur. What caused this problem?

A. Both switches are in server mode in the same domain.B. he revision number of -witchB was higher than the revision number of -witchA.C. -witchA was not rebooted prior to adding -witchB to the network.#. F4mode is not enabled.$. F pruning is not activated& so the new paths in the network have not been recalculated.Answer% B$'planation-witchB has the same F #omain ;ame with -witchA and it has a higher Configuration /evisionnumber (Q 6 1) so it will overwrite F3A; information of -witchA. Because -witchB is a new switch so its

F3A; information is different from -witchA 6 F3A; connectivity problem occurs.

Question 2A network administrator is e'plaining F configuration to a new technician. What should the networkadministrator tell the new technician about F configuration? (Choose three)

A. A switch in the F client mode cannot update its local F3A; database.B. A trunk link must be configured between the switches to forward F updates.C. A switch in the F server mode can update a switch in the F transparent mode.#. A switch in the F transparent mode will forward updates that it receives to other switches.$. A switch in the F server mode only updates switches in the F client mode that have a higher

F revision number.

0. A switch in the F server mode will update switches in the F client mode regardless of theconfigured F domain membership.

Answer% A B #

Question 3What are two benefits of using F in a switching environment? (Choose two)

A.+t allows switches to read frame tags.B. +t allows ports to be assigned to F3A;s automatically.C. +t maintains F3A; consistency across a switched network.#. +t allows frames from multiple F3A;s to use a single interface.

$. +t allows F3A; information to be automatically propagated throughout the switching environment.Answer% C $

5


40/82

Question 4What is the name of the F mode of operation that enables a switch to forward only Fadvertisements while still permitting the editing of local F3A; information?A. serverB. clientC. tunnel

#.transparentAnswer% #

Question 5Which F mode is capable of creating only local F3A;s and does not synchroni!e with other switchesin the F domain?A. clientB. dynamicC. server#. static$. transparent

Answer% $

Question 6An administrator is unsuccessful in adding F3A; @ to a switch. While troubleshooting the problem& theadministrator views the output of the so t) st+tuscommand& which is displayed in the graphic. Whatcommands must be issued on this switch to add F3A; @ to the database? (Choose two)

A. -witch(configif)J switchport access vlan @B. -witch(config)Jvtp mode serverC. -witch(config)J configrevision 4@#. -witch(config)Jvlan @ name ech

$. -witch(vlan)J vlan @0. -witch(vlan)J switchport trunk vlan @Answer% B $$'planation

0irst we notice that the 8F ,perating "ode9 of this switch is 8Client9. +n this mode we cant add newF3A; so we must change to 8-erver9 mode 6 B is correct.

;ow we can add a new F3A;& $ is the correct configuration for adding a new F3A;.

Question 7

@


41/82

o configure the F3A; trunking protocol to communicate F3A; information between two switches& whattwo re2uirements must be met? (Choose two)A. $ach end of the trunk line must be set to +$$$ >@4.1$ encapsulation.B. he F management domain name of both switches must be set the same.C. All ports on both the switches must be set as access ports.#. ,ne of the two switches must be configured as a F server.$. A rollover cable is re2uired to connect the two switches together.

0. A router must be used to forward F traffic between F3A;s.Answer% B #$'planation

+n Cisco switches there are two encapsulations% >@4.12 and +-3 so we can set two ends to +-3 instead 6A is not correct.

he ports between two switches must be set to trunk ports so that they can e'change F3A; informationthrough F 6 C is not correct.

o connect two switches we can use crossover cable or straightthrough cable (because modern Cisco

switches can 8autosense9) but not rollover cable 6 $ is not correct.

o forward traffic in the same F3A; (between two or more switches) we can use switches only. +f wewant to forward F traffic between different F3A;s we can use either a router or a 3ayer 5 switch 6 0is not correct.

wo switches can only communicate when they are set to the same F domain name (and the sameF password) 6 B is correct.

,ne of the two switches must be set to F -erver so that it can create F updates and advertise itsF3A; information.

Question 8Which statements describe two of the benefits of F3A; runking rotocol? (Choose two)

A. F allows routing between F3A;s.B. F allows a single switch port to carry information to more than one F3A;.C. F allows physically redundant links while preventing switching loops.#. F simplifies switch administration by allowing switches to automatically share F3A; configurationinformation.$. F helps to limit configuration errors by keeping F3A; naming consistent across the F domain.0. F enhances security by preventing unauthori!ed hosts from connecting to the F domain.Answer% # $

$'planation

he main purposes of F are to simplify switch administration and limit F3A; configuration errors byallowing switches to automatically share F3A; configuration information. +t doesnt re2uire theadministrator to go to every switch to configure F3A;s.

"aybe you will feel 0 is also a correct answer but it is not true because F only enhances security bypreventing unauthori!ed sit,es (not hosts) from connecting to the F domain (by configuring a Fdomain name F password). An unauthori!ed host can easily use the network cable of an authori!edhost to access the network.

Question #What are two results of entering the Sit,;,ont) o'e ,$ientcommand on a Catalyst switch?(Choose two)

1


42/82

A. he switch will ignore F summary advertisements.B. he switch will forward F summary advertisements.C. he switch will process F summary advertisements.#. he switch will originate F summary advertisements.$. he switch will create& modify and delete F3A;s for the entire F domain.

Answer% B C

Question 10/efer to the e'hibit. he so t) st+tuscommand is e'ecuted at a switch that is generating thee'hibited output. Which statement is true for this switch?

A. he switch forwards its F3A; database to other switches in the +C;# F domain.B. he configuration revision number increments each time the F3A; database is updated&C. he switch forwards F updates that are sent by other switches in the +C;# domain. he F3A; database is updated when F information is received from other switches.Answer% C$'planation

+n ransparent mode switch Tust forwards update sent by other switches without reading it. +t doesntupdate its F3A; database so the Configuration /evision doesnt increase.

Question 11/efer to the e'hibit& he F3A; configuration of -1 is not being in this F enabled environment. heF and uplink port configurations for each switch are displayed. Which two command sets& if issued&resolve this failure and allow F to operate as e'pected? (choose two)

4


43/82

A. -4(config)Jvtp mode transparentB. -1(config)Jvtp mode clientC. -4(config)Jinterface f@*4-4(configif)Jswitchport mode access-4(configif)Jend#. -4(config)Jvtp mode client$. -1(config)Jinterface f@*4-1(configif)Jswitchport mode trunk-1(configif)JendAnswer% B $$'planation

0irst from the output of -1& we learn that it is running under 8vtp transparent mode9. +n this mode& -1 stillreceives F updates but not learns them. Also in this mode& no trunking is created 6 +t should be inclient or server mode

but -4 is already in server mode 6 -1 should be in client mode 6 B is correct.

Also& F updates are only sent on trunk links so the link between -1 and -4 must be set as trunk 6port f@*4 on -1 should be configured as trunked port 6 $ is correct.

SNNIN" TREE ROTOCO( ;ST=

5


44/82

Question 1Which three statements about /- are true? (choose three)A. /- significantly reduces topology reconverging time after a link failure.B. /- e'pends the - port roles by adding the alternate and backup roles.C. /- port states are blocking& discarding& learning& or forwarding.#. /- also uses the - proposalagreement se2uence.

$. /- use the same timerbased process as - on pointtopoint links.0. /- provides a faster transition to the forwarding state on pointtopoint links than - does.

Answer% A B 0

Question 2Which two states are the port states when /- has converged? (choose two)A. blockingB. learningC. disabled#. forwarding$. listening


/- only has 5 port states that are discarding& learning and forwarding. When /- has convergedthere are only 4 port states left% discarding and forwarding but the answers dont mention aboutdiscarding state so blocking state (answer A) may be considered the best alternative answer.

Question 3Which command enables /- on a switch?

A. spanningtree mode rapidpvst

B. spanningtree uplinkfastC. spanningtree backbonefast#. spanningtree mode mst

Answer% A

Question 5/efer to the e'hibit. Yiven the output shown from this Cisco Catalyst 4 so s)+nnin%.t&ee inte&@4.1# -.$. /- is compatible with the original +$$$ >@4.1# -.


45/82

Answer% B $

Question 7/efer to the e'hibit. $ach of these four switches has been configured with a hostname& as well as beingconfigured to run /-. ;o other configuration changes have been made. Which three of these showthe correct /- port roles for the indicated switches and interfaces? (Choose three)

A. -witchA& 0a@*4& designatedB. -witchA& 0a@*1& rootC. -witchB& Yi@*4& root#. -witchB& Yi@*1& designated$. -witchC& 0a@*4& root0. -witch#& Yi@*4& root

Answer% A B 0$'planation

he 2uestion says 8no other configuration changes have been made9 so we can understand theseswitches have the same bridge priority. -witch C has lowest "AC address so it will become root bridgeand 4 of its ports (0a@*1 0a@*4) will be designated ports 6 $ is incorrect.

Because -witchC is the root bridge so the 4 ports nearest -witchC on -witchA (0a@*1) and -witch#(Yi@*4) will be root ports 6 B and 0 are correct.

;ow we come to the most difficult part of this 2uestion% -witchB must have a root port so which port will itchoose? o answer this 2uestion we need to know about - cost and port cost.

+n general& 8cost9 is calculated based on bandwidth of the link. he higher the bandwidth on a link& the

lower the value of its cost. Below are the cost values you should memori!e%(in-s)ee'

Cost

1@"bps 1@@

1@@"bps 1. he same process happens for -witchA and -witchB learnsthat it can reach -witchC via Yi@*4 with a total cost of 45 6 -witch B chooses Yi@*1 as its root port 6 #is not correct.

;ow our last task is to identify the port roles of the ports between -witchA -witchB. +t is rather easy asthe "ACaddress of -witchA is lower than that of -witchB so 0a@*4 of -witchA will be designated port while Yi@*4of-witchB will be alternative port 6 A is correct but C is not correct.

Below summaries all the port roles of these switches%

N #% #esignated ort (forwarding state)N /% /oot ort (forwarding state)N A% Alternative ort (blocking state)

Question #Which switch would - choose to become the root bridge in the selection process?

A. 54Q=>% 114455==B. 54Q=>% 4455==QQC. 54Q=


47/82

A. -witch A : 0a@*@B. -witch A : 0a@*1C. -witch B : 0a@*@

#. -witch B : 0a@*1$. -witch C : 0a@*@0. -witch C : 0a@*1

Answer% B C #$'planation

0irst by comparing their "AC addresses we learn that switch B will be root bridge as it has lowest "AC.herefore all of its ports are designated ports 6 C # are correct.

,n the link between switch A switch C there must have one designated port and one nondesignated(blocked) port. We can figure out which port is designated port by comparing their "AC address again. A

has lower "AC so 0a@*1 of switch A will be designated port while 0a@*1 of switch C will be blocked 6 Bis correct.

Question 12Which two values are used by -panning ree rotocol to elect a root bridge? (Choose two)

A. amount of /A"B. bridge priorityC. +,- version

#. + address$. "AC address0. speed of the links

Answer% B $$'planation

Bridge +# V Bridge riority N "AC Address

0or e'ample%

he bridge priority of -wA is 54Q=> and its "AC address is @@@@.@@@@.


48/82

A. spanningtree backbonefastB. spanningtree uplinkfastC. spanningtree portfast#. spanningtree cost14


By using ort0ast feature& the port wont spend @ seconds to move from blocking (4@sec)& listening(1sec)& learning (1sec) and finally forwarding but will Tump directly to the forwarding state. his featureshould be used on ports connected to hosts only because hosts surely dont send B#L. An e'ample ofconfiguring ort0ast on an interface is shown below%

-w(config)Jinterface 0ast$thernet@*1-w(configif)Jspanningtree portfast

Question 14Which two of these are used by bridges and switches to prevent loops in a layer 4 network? (Choosetwo)

A. >@4.1#B. FC. >@4.1[#. -$. -A


Both >@4.1# and - are referred to the - standard which is used by bridges and switches to preventloops in a layer 4 network.

Question 15/efer to the e'hibit. he output that is shown is generated at a switch. Which three of these statementsare true? (Choose three)

A. All ports will be in a state of discarding& learning or forwarding.B. hirty F3A;s have been configured on this switch.C. he bridge priority is lower than the default value for spanning tree.#. All interfaces that are shown are on shared media.$. All designated ports are in a forwarding state.0. he switch must be the root bridge for all F3A;s on this switch.

>


49/82

Answer% A C $$'planation

0rom the output& we see that all ports are in #esignated role (forwarding state) 6 A and $ are correct.

he command 8show spanningtree vlan 5@only shows us information about F3A; 5@. We dont know

how many F3A; e'ists in this switch 6 B is not correct.

he bridge priority of this switch is 4=@= which is lower than the default value bridge priority 54Q=> 6 Cis correct.

All three interfaces on this switch have the connection type 8p4p9& which means ointtopointenvironment : not a shared media 6 # is not correct.

he only thing we can specify is this switch is the root bridge for F3A; 5o but we can not guarantee it isalso the root bridge for other F3A;s 6 0 is not correct.Question 16What is one benefit of F-N?

A. F-N reduces the CL cycles for all the switches in the network.B. F-N automatically selects the root bridge location& to provide optimi!ation.C. F-N allows the root switch location to be optimi!ed per vlan.#. F-N supports 3ayer 5 load balancing without loops.


er F3A; -panning ree (F-) maintains a spanning tree instance for each F3A; configured in thenetwork. +t means a switch can be the root bridge of a F3A; while another switch can be the root bridgeof other F3A;s in a common topology. 0or e'ample& -witch 1 can be the root bridge for Foice data while

-witch 4 can be the root bridge for Fideo data. +f designed correctly& it can optimi!e the network traffic.

Question 17Which +$$$ standard protocol is initiated as a result of successful # completion in a switch over0ast$thernet?

A. >@4.5adB. >@4.1wC. >@4.1[#. >@4.1d

Answer% C

$'planation#ynamic runking rotocol (#) is a Cisco proprietary protocol for negotiating trunking on a linkbetween two devices and for negotiating the type of trunking encapsulation (>@4.1[) to be used.

Question 18What value is primarily used to determine which port becomes the root port on each nonroot switch in aspanningtree topology?

A. lowest port "AC addressB. port priority number and "AC address.C. F revision number#. highest port priority number.

$. path cost

Answer% $$'planationhe path cost to the root bridge is the most important value to determine which port will become the rootport on each nonroot switch. +n particular& the port with lowest cost to the root bridge will become rootport (on nonroot switch).


50/82

Question 1#When F-N in work on F3A;1 of the switch& what will affect on selection of one of switches in theF3A; as rootbridge?

A. 3owest + addressB. Sighest "AC address

C. 3owest "AC address#. Sighest + address

Answer% C$'planationhe two values used to select the root bridge are Bridge riority "AC address (the lower is better) 6 Cis correct.Question 20/efer to the e'hibit. A network administrator wants -witch5 to be the root bridge. What could be done toensure -witch5 will be the root?

A. Configure the + address on -witch5 to be higher than the + addresses of -witch1 and -witch4.B. Configure the priority value on -witch5 to be higher than the priority values of -witch 1 and -witch4.

C. Configure the B+# on -witch5 to be lower than the B+#s of -witch1 and -witch4.#. Configure the "AC address on -witch5 to be higher than the -witch1 and -witch4 "AC addresses.$. Configure a loopback interface on -witch5 with an + address lower than any + address on -witch1and -witch4.


o become root bridge& a switch must have lower Bridge +# (B+#) than that of the others. he Bridge +# VBridge riority N "AC address7 but "AC address is a fi'ed value so we can only change the B+# bychanging the Bridge riority of that switch.

Question 21Which port state is introduced by /apidF-?A. learningB. listeningC. discarding#. forwarding


F-N is based on +$$$>@4.1# -panning ree rotocol (-). But F-N has only 5 port states(discarding& learning and forwarding) while - has port states (blocking& listening& learning& forwarding

and disabled). -o discarding is a new port state in F-N.

Question 23/efer to the e'hibit. At the end of an /- election process& which access layer switch port will assumethe discarding role?

@


51/82

A. -witch5& port fa@*1B. -witch5& port fa@*14C. -witch& port fa@*11#. -witch& port fa@*4

$. -witch5& port Yi@*1Answer% C$'planation

+n this 2uestion& we only care about the Access 3ayer switches (-witch5 ). -witch 5 has a lowerbridge +# than -witch (because the "AC of -witch5 is smaller than that of -witch) so both ports of-witch5 will be in forwarding state. he alternative port will surely belong to -witch.

-witch will need to block one of its ports to avoid a bridging loop between the two switches. But howdoes -witch select its blocked port? Well& the answer is based on the B#Ls it receives from -witch5.A B#L is superior than another if it has%

1. A lower /oot Bridge +#4. A lower path cost to the /oot5. A lower -ending Bridge +#. A lower -ending ort +#

hese four parameters are e'amined in order. +n this specific case& all the B#Ls sent by -witch5 havethe same /oot Bridge +#& the same path cost to the /oot and the same -ending Bridge +#. he onlyparameter left to select the best one is the -ending ort +# (ort +# V port priority N port inde'). +n thiscase the port priorities are e2ual because they use the default value& so -witch will compare port inde'values& which are uni2ue to each port on the switch& and because 0a@*14 is inferior to 0a@*1& -witch willselect the port connected with 0a@*1 (of -witch5) as its root port and block the other port 6 ort fa@*11 of-witch will be blocked (discarding role).

SBNETTIN"

Question 1Yiven a subnet mask of 4.4.4.44& which of the following addresses can be assigned to networkhosts? (Choose three)

1


52/82

A : 1.45.11>.=5B : ..1>.=# : 1.1=.>Q$ : [email protected]=.1@


81/82

is an allsubnets broadcast (destination + address of 4.4.4.4& which is a layer 5 broadcastaddress). he client does not have a configured + address& so the source + address of @.@.@.@ is used.

Question 4What is the default behavior of /1 when C1 re2uests service from #SC server?A : #rop the re2uestB : Broadcast the re2uest to /4 and /5

C : 0orward the re2uest to /4# : Broadcast the re2uest to /4& /5 and +-

Answer% A$'planation%When C1 re2uests service from #SC server (for e'ample& it re2uests an + address)& it sends abroadcast packet. But /1 router& by default& will not forward broadcast packet and drop it.0or your information& if you want to use the #SC server from another network (like in this case) you canuse the ip helper-addresscommand which will make the router forward L# broadcasts.

+n the real e'am you will be taken to a 3AB simulation environment but it is& in fact& Tust a group of multichoice 2uestionsZ

Question 1/efer to the e'hibit. Which rule does the #SC server use when there is an + address conflict?

A. he address is removed from the pool until the conflict is resolved.B. he address remains in the pool until the conflict is resolved.C. ,nly the + detected by Yratuitous A/ is removed from the pool.

#. ,nly the + detected by ing is removed from the pool.$. he + will be shown& even after the conflict is resolved.

Answer% A

Question 2Sow dose a #SC server dynamically assign + address to host?

A. Addresses are allocated after a negotiation between the server and the host to determine the lengthof the agreement.

B. Addresses are assigned for a fi'ed period of time. At the end of period& a new 2uest for an addressmust be made& and another address is then assigned.

C. Addresses are leased to host. A host will usually keep the same address by periodically contactingthe #SC sever to renew the lease.

#. Addresses are permanently assigned so that the host uses the same address at all times.

Answer% C

Question 3

Which two tasks does the #ynamic Sost Configuration rotocol perform? (Choose two)

A. -et the + gateway to be used by the network.B. erform host discovery used #SC#+-C,F$/ message.C. Configure + address parameters from #SC server to a host.#. rovide an easy management of layer 5 devices.

>1


82/82

$. "onitor + performance using the #SC server.0. Assign and renew + address from the default pool.

Answer% C 0

Question 4Which statement is correct regarding the operation of #SC?

A. A #SC client uses a ping to detect address conflicts.B. A #SC server uses a gratuitous A/ to detect #SC clients.C. A #SC client uses a gratuitous A/ to detect a #SC server.#. +f an address conflict is detected& the address is removed from the pool and an administrator must

resolve the conflict.$. +f an address conflict is detected& the address is removed from the pool for an amount of time

configurable by the administrator.0. +f an address conflict is detected& the address is removed from the pool and will not be reused until

the server is rebooted.

Answer% #$'planation

An address conflict occurs when two hosts use the same + address. #uring address assignment& #SCchecks for conflicts using ping and gratuitous A/. +f a conflict is detected& the address is removed fromthe pool. he address will not be assigned until the administrator resolves the conflict.

Soal Soal Edit

Documents

Transcript of Soal Soal Edit