CCNA Qs
In a switch that disables VTP, an engineer configures the commands vlan 30 and shutdown vlan 30. Which answers should be true about this switch? (Choose two answers.) a. The show vlan brief command should list VLAN 30. b. The show running-config command should list VLAN 30. c. The switch should forward frames that arrive in access ports in VLAN 30. d. The switch should forward frames that arrive in trunk ports tagged with VLAN 30.
A and B. On switches that do not use VTP (by using VTP modes off or transparent), the switch lists all VLAN configuration in the configuration file (making one answer correct). Also, the show vlan brief command lists all defined VLANs, regardless of VTP mode and regardless of shutdown state. As a result, the two answers that mention commands are correct.
In what modes can you type the command show mac address-table and expect to get a response with MAC table entries? (Choose two answers.) a. User mode b. Enable mode c. Global configuration mode d. Interface configuration mode
A and B. The command in the question is an EXEC command that happens to require only user mode access. As such, you can use this command in both user mode and enable mode. Because it is an EXEC command, you cannot use the command (as shown in the question) in configuration mode. Note that you can put the word do in front of the EXEC command while in configuration mode (for example, do show mac address-table) to issue the command from inside any configuration mode.
A switch has just arrived from Cisco. The switch has never been configured with any VLANs, but VTP has been disabled. An engineer configures the vlan 22 and name Hannahs-VLAN commands and then exits configuration mode. Which of the following are true? (Choose two answers.) a. VLAN 22 is listed in the output of the show vlan brief command. b. VLAN 22 is listed in the output of the show running-config command. c. VLAN 22 is not created by this process. d. VLAN 22 does not exist in that switch until at least one interface is assigned to that VLAN.
A and B. The configured VTP setting of VTP transparent mode means that the switch can configure VLANs, so the VLAN is configured. In addition, the VLAN configuration details, including the VLAN name, show up as part of the running-config file.
Which of the following are functions of a routing protocol? (Choose two answers.) a. Advertising known routes to neighboring routers b. Learning routes for subnets directly connected to the router c. Learning routes and putting those routes into the routing table for routes advertised to the router by its neighboring routers d. Forwarding IP packets based on a packet's destination IP address
A and C. Routers do all the actions listed in all four answers; however, the routing protocol does the functions in the two listed answers. Independent of the routing protocol, a router learns routes for IP subnets and IP networks directly connected to its interfaces. Routers also forward (route) IP packets, but that process is called IP routing, or IP forwarding, and is an independent process compared to the work of a routing protocol.
Imagine that you are told that switch 1 is configured with the dynamic auto parameter for trunking on its Fa0/5 interface, which is connected to switch 2. You have to configure switch 2. Which of the following settings for trunking could allow trunking to work? (Choose two answers.) a. on b. dynamic auto c. dynamic desirable d. access e. None of the other answers are correct.
A and C. The dynamic auto setting means that the switch can negotiate trunking, but it can only respond to negotiation messages, and it cannot initiate the negotiation process. So, the other switch must be configured to trunk or to initiate the negotiation process (based on being configured with the dynamic desirable option).
Each answer lists two types of devices used in a 100BASE-T network. If these devices were connected with UTP Ethernet cables, which pairs of devices would require a straight-through cable? (Choose three answers.) a. PC and router b. PC and switch c. Hub and switch d. Router and hub e. Wireless access point (Ethernet port) and switch
B, D, and E. Routers, wireless access point Ethernet ports, and PC NICs all send using pins 1 and 2, whereas hubs and LAN switches transmit on pins 3 and 6. Straightthrough cables connect devices that use opposite pin pairs for sending, because the cable does not need to cross the pairs.
Switch SW1 sends a frame to switch SW2 using 802.1Q trunking. Which of the answers describes how SW1 changes or adds to the Ethernet frame before forwarding the frame to SW2? a. Inserts a 4-byte header and does change the MAC addresses b. Inserts a 4-byte header and does not change the MAC addresses c. Encapsulates the original frame behind an entirely new Ethernet header d. None of the other answers are correct
B. 802.1Q defines a 4-byte header, inserted after the original frame's destination and source MAC address fields. The insertion of this header does not change the original frame's source or destination address. The header itself holds a 12-bit VLAN ID field, which identifies the VLAN associated with the frame.
In a LAN, which of the following terms best equates to the term VLAN? a. Collision domain b. Broadcast domain c. Subnet d. Single switch e. Trunk
B. A VLAN is a set of devices in the same Layer 2 broadcast domain. A subnet often includes the exact same set of devices, but it is a Layer 3 concept. A collision domain refers to a set of Ethernet devices, but with different rules than VLAN rules for determining which devices are in the same collision domain.
Which of the following is true about Ethernet crossover cables for Fast Ethernet? a. Pins 1 and 2 are reversed on the other end of the cable. b. Pins 1 and 2 on one end of the cable connect to pins 3 and 6 on the other end of the cable. c. Pins 1 and 2 on one end of the cable connect to pins 3 and 4 on the other end of the cable. d. The cable can be up to 1000 meters long to cross over between buildings. e. None of the other answers is correct.
B. Crossover cables cross the wire at one node's transmit pin pair to the different pins used as the receive pins on the other device. For 10- and 100-Mbps Ethernet, the specific crossover cable wiring connects the pair at pins 1 and 2 on each end of the cable to pins 3 and 6 on the other end of the cable, respectively.
Imagine that you have configured the enable secret command, followed by the enable password command, from the console. You log out of the switch and log back in at the console. Which command defines the password that you had to enter to access privileged mode? a. enable password b. enable secret c. Neither d. The password command, if it is configured
B. If both commands are configured, IOS accepts only the password as configured in the enable secret command.
Which of the following are advantages of using multimode fiber for an Ethernet link instead of UTP or single-mode fiber? a. To achieve the longest distance possible for that single link. b. To extend the link beyond 100 meters while keeping initial costs as low as possible. c. To make use of an existing stock of laser-based SFP/SFP+ modules. d. To make use of an existing stock of LED-based SFP/SFP+ modules.
B. Multimode fiber works with LED-based transmitters rather than laser-based transmitters. Two answers mention the type of transmitters, making one of those answers correct and one incorrect. Two answers mention distance. The answer that mentions the longest distance possible is incorrect because single-mode cables, not multimode cables, provide the longest distances. The other (correct) answer mentions the tradeoff of multimode being used for distances just longer than UTP's 100 meter limit, while happening to use less expensive hardware than single mode.
Which of the following is true about the CSMA/CD algorithm? a. The algorithm never allows collisions to occur. b. Collisions can happen, but the algorithm defines how the computers should notice a collision and how to recover. c. The algorithm works with only two devices on the same Ethernet. d. None of the other answers is correct.
B. NICs (and switch ports) use the carrier sense multiple access with collision detection (CSMA/CD) algorithm to implement half-duplex logic. CSMA/CD attempts to avoid collisions, but it also notices when collisions do occur, with rules about how the Ethernet nodes should stop sending, wait, and try again later.
Which of the following facts determines how often a nonroot bridge or switch sends an STP Hello BPDU message? a. The Hello timer as configured on that switch. b. The Hello timer as configured on the root switch. c. It is always every 2 seconds. d. The switch reacts to BPDUs received from the root switch by sending another BPDU 2 seconds after receiving the root BPDU.
B. Nonroot switches forward Hellos received from the root; the root sends these Hellos based on the root's configured Hello timer.
Which of the following is a difference between Telnet and SSH as supported by a Cisco switch? a. SSH encrypts the passwords used at login, but not other traffic; Telnet encrypts nothing. b. SSH encrypts all data exchange, including login passwords; Telnet encrypts nothing. c. Telnet is used from Microsoft operating systems, and SSH is used from UNIX and Linux operating systems. d. Telnet encrypts only password exchanges; SSH encrypts all data exchanges.
B. SSH provides a secure remote login option, encrypting all data flows, including password exchanges. Telnet sends all data (including passwords) as clear text.
Which of the following comparisons does a switch make when deciding whether a new MAC address should be added to its MAC address table? a. It compares the unicast destination address to the bridging, or MAC address, table. b. It compares the unicast source address to the bridging, or MAC address, table. c. It compares the VLAN ID to the bridging, or MAC address, table. d. It compares the destination IP address's ARP cache entry to the bridging, or MAC address, table.
B. Switches need to learn the location of each MAC address used in the LAN relative to that local switch. When a switch receives a frame, the source MAC identifies the sender. The interface in which the frame arrives identifies the local switch interface closest to that node in the LAN topology.
In which of the following modes of the CLI could you type the command reload and expect the switch to reboot? a. User mode b. Enable mode c. Global configuration mode d. Interface configuration mode
B. The command referenced in the question, the reload command, is an EXEC command that happens to require privileged mode, also known as enable mode. This command is not available in user mode. Note that you can put the word do in front of the EXEC command while in configuration mode (for example, do reload) to issue the command from inside any configuration mode.
The show interfaces g0/1 trunk command provides three lists of VLAN IDs. Which items would limit the VLANs that appear in the first of the three lists of VLANs? a. A shutdown vlan 30 global command b. A switchport trunk allowed vlan interface subcommand c. An STP choice to block on G0/1 d. A no vlan 30 global command
B. The first list of VLAN IDs includes all VLANs (1-4094) except those overtly removed per the details in any switchport trunk allowed vlan interface subcommands on the trunk interface. If no such commands are configured, the first list in the output will include 1-4094. The two incorrect answers that mention VLAN 30 both list conditions that change the second of two lists of VLANs in the command output, while STP's choice to block an interface would impact the third list.
Which of the following terms describe Ethernet addresses that can be used to send one frame that is delivered to multiple devices on the LAN? (Choose two answers.) a. Burned-in address b. Unicast address c. Broadcast address d. Multicast address
C and D. Ethernet supports unicast addresses, which identify a single Ethernet node, and group addresses, which can be used to send one frame to multiple Ethernet nodes. The two types of group addresses are the broadcast address and multicast address.
Which of the following are transitory port states used only during the process of STP convergence? (Choose two answers.) a. Blocking b. Forwarding c. Listening d. Learning e. Discarding
C and D. Listening and learning are transitory port states used only when moving from the blocking to the forwarding state. Discarding is not an STP port state. Forwarding and blocking are stable states.
Which of the following statements describes part of the process of how a LAN switch decides to forward a frame destined for a broadcast MAC address? a. It compares the unicast destination address to the bridging, or MAC address, table. b. It compares the unicast source address to the bridging, or MAC address, table. c. It forwards the frame out all interfaces in the same VLAN except for the incoming interface. d. It compares the destination IP address to the destination MAC address. e. It compares the frame's incoming interface to the source MAC entry in the MAC address table.
C. A switch floods broadcast frames, multicast frames (if no multicast optimizations are enabled), and unknown unicast destination frames (frames whose destination MAC address is not in the MAC address table).
A company implements a TCP/IP network, with PC1 sitting on an Ethernet LAN. Which of the following protocols and features requires PC1 to learn information from some other server device? a. ARP b. ping c. DNS d. None of these answers is correct.
C. Address Resolution Protocol (ARP) does allow PC1 to learn information, but the information is not stored on a server. The ping command does let the user at PC1 learn whether packets can flow in the network, but it again does not use a server. With the Domain Name System (DNS), PC1 acts as a DNS client, relying on a DNS server to respond with information about the IP addresses that match a given hostname.
A Cisco Catalyst switch needs to send frames over a Layer 2 EtherChannel. Which answer best describes how the switch balances the traffic over the four active links in the channel? a. Breaks each frame into fragments of approximately one-fourth of the original frame, sending one fragment over each link b. Sends the entire frame over one link, alternating links in sequence for each successive frame c. Sends the entire frame over one link, choosing the link by applying some math to fields in each frame's headers d. Sends the entire frame over one link, using the link with the lowest percent utilization as the next link to use
C. EtherChannel load distribution, or load balancing, on Cisco Catalyst switches uses an algorithm. The algorithm examines some fields in the various headers, so messages that have the same values in those fields always flow over the same link in a particular EtherChannel. Note that it does not break the frames into smaller fragments nor use a round-robin approach that ignores the header values, and it does not examine link utilization when making the choice.
Which of the following are true about a LAN-connected TCP/IP host and its IP routing (forwarding) choices? a. The host always sends packets to its default gateway. b. The host never sends packets to its default gateway. c. The host sends packets to its default gateway if the destination IP address is in a different subnet than the host. d. The host sends packets to its default gateway if the destination IP address is in the same subnet as the host.
C. IPv4 hosts generally use basic two-branch logic. To send an IP packet to another host on the same IP network or subnet that is on the same LAN, the sender sends the IP packet directly to that host. Otherwise, the sender sends the packet to its default router (also called the default gateway).
Which of the following does a router normally use when making a decision about routing TCP/IP packets? a. Destination MAC address b. Source MAC address c. Destination IP address d. Source IP address e. Destination MAC and IP addresses
C. Routers compare the packet's destination IP address to the router's IP routing table, making a match and using the forwarding instructions in the matched route to forward the IP packet.
Which of the following is true about the Ethernet FCS field? a. Ethernet uses FCS for error recovery. b. It is 2 bytes long. c. It resides in the Ethernet trailer, not the Ethernet header. d. It is used for encryption.
C. The 4-byte Ethernet FCS field, found in the Ethernet trailer, allows the receiving node to see what the sending node computed with a math formula that is a key part of the error-detection process. Note that Ethernet defines the process of detecting errors (error detection), but not error recovery.
Which of the following Ethernet standards defines Gigabit Ethernet over UTP cabling? a. 10GBASE-T b. 100BASE-T c. 1000BASE-T d. None of the other answers is correct.
C. The number before the word BASE defines the speed, in megabits per second (Mbps). 1000 Mbps equals 1 gigabit per second (1 Gbps). The T in the suffix implies twisted-pair or UTP cabling, so 1000BASE-T is the UTP-based Gigabit Ethernet standard name.
A Cisco Catalyst switch has 24 10/100 ports, numbered 0/1 through 0/24. Ten PCs connect to the 10 lowest numbered ports, with those PCs working and sending data over the network. The other ports are not connected to any device. Which of the following answers lists facts displayed by the show interfaces status command? a. Port Ethernet 0/1 is in a connected state. b. Port Fast Ethernet 0/11 is in a connected state. c. Port Fast Ethernet 0/5 is in a connected state. d. Port Ethernet 0/15 is in a notconnected state.
C. The show interfaces status command lists one line of output per interface. Cisco Catalyst switches name the type of interface based on the fastest speed of the interface, so 10/100 interfaces would be Fast Ethernet. With a working connection, ports from FastEthernet 0/1 through 0/10 would be listed in a connected state, while the rest would be listed in a not connected state.
Which of the following bridge IDs wins election as root, assuming that the switches with these bridge IDs are in the same network? a. 32769:0200.1111.1111 b. 32769:0200.2222.2222 c. 4097:0200.1111.1111 d. 4097:0200.2222.2222 e. 40961:0200.1111.1111
C. The smallest numeric bridge ID wins the election.
Imagine a switch with three configured VLANs. How many IP subnets are required, assuming that all hosts in all VLANs want to use TCP/IP? a. 0 b. 1 c. 2 d. 3 e. You cannot tell from the information provided.
D. Although a subnet and a VLAN are not equivalent concepts, the devices in one VLAN are typically in the same IP subnet and vice versa.
Consider the following output from a Cisco Catalyst switch: SW1# show mac address-table dynamic Mac Address Table ------------------------------------------- Vlan Mac Address Type Ports ---- ----------- -------- ----- 1 02AA.AAAA.AAAA DYNAMIC Gi0/1 1 02BB.BBBB.BBBB DYNAMIC Gi0/2 1 02CC.CCCC.CCCC DYNAMIC Gi0/3 Total Mac Addresses for this criterion: 3 Which of the following answers is true about this switch? a. The output proves that port Gi0/2 connects directly to a device that uses address 02BB.BBBB.BBBB. b. The switch has learned three MAC addresses since the switch powered on. c. The three listed MAC addresses were learned based on the destination MAC address of frames forwarded by the switch. d. 02CC.CCCC.CCCC was learned from the source MAC address of a frame that entered port Gi0/3.
D. For the correct answer, each entry lists the learned MAC address. By definition, dynamically learned MAC addresses are learned by looking at the source MAC address of received frames. (That fact rules out one of the incorrect answers as well.) The show mac address-table dynamic command lists the current list of MAC table entries, with three known entries at the point at which the command output was gathered. The counter in the last line of output lists the number of current entries, not the total number of learned MAC addresses since the last reboot. For instance, the switch could have learned other MAC addresses whose entries timed out from the MAC address table. Finally, the answer that claims that port Gi0/2 connects directly to a device with a particular MAC address may or may not be true. That port could connect to another switch, and another, and so on, with one of those switches connecting to the device that uses the listed MAC address.
Switch SW1 connects via a cable to switch SW2's G0/1 port. Which of the following conditions is the most likely to cause SW1's late collision counter to continue to increment? a. SW2's G0/1 has been configured with a shutdown interface subcommand. b. The two switches have been configured with different values on the speed interface subcommand. c. A duplex mismatch exists with SW1 set to full duplex. d. A duplex mismatch exists with SW1 set to half duplex.
D. For the two answers about a duplex mismatch, that condition does cause collisions, particularly late collisions, but only the side using CSMA/CD logic (the half-duplex side) has any concept of collisions. So, if switch SW1 was using half duplex, and switch SW2 using full duplex, SW1 would likely see late collisions and see that counter increment over time. If switch SW2 had shut down its interface, switch SW1's interface would be in a down/down state, and none of the counters would increment. Also, if both switch ports had been configured with different speeds, again the ports would be in a down/down state, and none of the interface counters would increment.
An engineer configures a switch to put interfaces G0/1 and G0/2 into the same Layer 2 EtherChannel. Which of the following terms is used in the configuration commands? a. EtherChannel b. PortChannel c. Ethernet-Channel d. Channel-group
D. IOS uses the channel-group configuration command to create an EtherChannel. Then the term etherchannel is used in the show etherchannel command, which displays the status of the channel. The output of this show command then names the channel a PortChannel. The only answer that is not used somewhere in IOS to describe this multilink channel is Ethernet-Channel.
In which of the following modes of the CLI could you configure the duplex setting for interface Fast Ethernet 0/5? a. User mode b. Enable mode c. Global configuration mode d. VLAN mode e. Interface configuration mode
E. Cisco switches can be configured for speed (with the speed command) and duplex (with the duplex command) in interface configuration mode.
What command copies the configuration from RAM into NVRAM? a. copy running-config tftp b. copy tftp running-config c. copy running-config start-up-config d. copy start-up-config running-config e. copy startup-config running-config f. copy running-config startup-config
F. The startup-config file is in NVRAM, and the running-config file is in RAM.
Which OSI encapsulation term can be used instead of the term frame? a. Layer 1 PDU b. Layer 2 PDU c. Layer 3 PDU d. Layer 5 PDU e. Layer 7 PDU
b. Layer 2 PDU The term frame refers to the data-link (that is, Layer 2) data structure created by a Layer 2 protocol. As a result, the matching OSI term for protocol data units (PDUs) mentions that same layer, that is, Layer 2 PDU, or L2PDU.
The process of TCP on one computer marking a TCP segment as segment 1, and the receiving computer then acknowledging the receipt of TCP segment 1 is an example of what? a. Data encapsulation b. Same-layer interaction c. Adjacent-layer interaction d. OSI model e. All of these answers are correct.
b. Same-layer interaction Same-layer interaction occurs on multiple computers. The functions defined by that layer typically need to be accomplished by multiple computers—for example, the sender setting a sequence number for a segment and the receiver acknowledging receipt of that segment. A single layer defines that process, but the implementation of that layer on multiple devices is required to accomplish the function.
Which of the following terms is used specifically to identify the entity created when encapsulating data inside data-link layer headers and trailers? a. Data b. Chunk c. Segment d. Frame e. Packet
d. Frame By convention, the term frame refers to the part of a network message that includes the data-link header and trailer, with encapsulated data. The term packet omits the data-link header and trailer, leaving the network layer header with its encapsulated data. The term segment omits the network layer header, leaving the transport layer header and its encapsulated data.
Which of the following port states are stable states used when STP has completed convergence? (Choose two answers.) a. Blocking b. Forwarding c. Listening d. Learning e. Discarding
A and B. Listening and learning are transitory port states, used only when moving from the blocking to the forwarding state. Discarding is not an STP port state.
RSTP adds features beyond STP that enable ports to be used for a role if another port on the same switch fails. Which of the following statements correctly describe a port role that is waiting to take over for another port role? (Choose two answers.) a. An alternate port waits to become a root port. b. A backup port waits to become a root port. c. An alternate port waits to become a designated port. d. A backup port waits to become a designated port.
A and D. With RSTP, an alternate port is an alternate to the root port when a switch's root port fails. A backup port takes over for a designated port if the designated port fails.
With the Cisco RPVST+, which of the following action(s) does a switch take to identify which VLAN is described by a BPDU? (Choose three answers.) a. Adds a VLAN tag when forwarding a BPDU on trunks b. Adds the VLAN ID in an extra TLV in the BPDU c. Lists the VLAN ID as the middle 12 bits of the System ID field of the BPDU d. Lists the VLAN ID in the System ID Extension field of the BPDU
A, B, and D. The Cisco Rapid Per VLAN Spanning Tree (RPVST+) creates one spanning tree instance per VLAN. To do so, it sends BPDUs per-VLAN. Each switch identifies itself with a unique Bridge ID (BID) per VLAN, made unique per-VLAN by adding the VLAN ID to the system ID extension 12-bit field of the BID. RVPST also adds a new Type-Length Value (TLV) to the BPDU itself, which includes a place to list the VLAN ID. Finally, when transmitting the BPDUs over VLAN trunks, the switch uses a trunking header that lists the VLAN ID (a practice sometimes called tunneling in 802.1Q.) The receiving switch can check all three locations that list the VLAN ID to ensure that they all agree about what VLAN the BPDU is describing. Of the four answers, the three correct answers describe the three actual locations in which RPVST+ lists the VLAN ID.
An engineer's desktop PC connects to a switch at the main site. A router at the main site connects to each branch office through a serial link, with one small router and switch at each branch. Which of the following commands must be configured on the branch office switches, in the listed configuration mode, to allow the engineer to telnet to the branch office switches and supply only a password to login? (Choose three answers.) a. The ip address command in interface configuration mode b. The ip address command in global configuration mode c. The ip default-gateway command in VLAN configuration mode d. The ip default-gateway command in global configuration mode e. The password command in console line configuration mode f. The password command in vty line configuration mode
A, D, and F. To allow access through Telnet, the switch must have password security enabled, at a minimum using the password vty line configuration subcommand. In addition, the switch needs an IP address (configured under one VLAN interface) and a default gateway when the switch needs to communicate with hosts in a different subnet.
Which of the following statements describes part of the process of how a switch decides to forward a frame destined for a known unicast MAC address? a. It compares the unicast destination address to the bridging, or MAC address, table. b. It compares the unicast source address to the bridging, or MAC address, table. c. It forwards the frame out all interfaces in the same VLAN except for the incoming interface. d. It compares the destination IP address to the destination MAC address. e. It compares the frame's incoming interface to the source MAC entry in the MAC address table.
A. A switch compares the destination MAC address to the MAC address table. If a matching entry is found, the switch forwards the frame out the appropriate interface. If no matching entry is found, the switch floods the frame.
Which of the following statements best describes what a switch does with a frame destined for an unknown unicast address? a. It forwards out all interfaces in the same VLAN except for the incoming interface. b. It forwards the frame out the one interface identified by the matching entry in the MAC address table. c. It compares the destination IP address to the destination MAC address. d. It compares the frame's incoming interface to the source MAC entry in the MAC address table.
A. A switch floods broadcast frames, multicast frames (if no multicast optimizations are enabled), and unknown unicast destination frames (frames whose destination MAC address is not in the MAC address table).
Which type value on the spanning-tree mode type global command enables the use of RSTP? a. rapid-pvst b. pvst c. rstp d. rpvst
A. Of the four answers, only pvst and rapid-pvst are valid options on the command. Of those, the rapid-pvst option enables Rapid Per VLAN Spanning Tree (RPVST+), which uses RSTP. The pvst option enables Per VLAN Spanning Tree (PVST) which uses STP, not RSTP. The other two options, if attempted, would cause the command to be rejected because the option does not exist.
An engineer wants to set up simple password protection with no usernames for some switches in a lab, for the purpose of keeping curious coworkers from logging in to the lab switches from their desktop PCs. Which of the following commands would be a useful part of that configuration? a. A login vty mode subcommand b. A password password console subcommand c. A login local vty subcommand d. A transport input ssh vty subcommand
A. To answer this question, it might be best to first think of the complete configuration and then find any answers that match the configuration. The commands, in vty line configuration mode, would be password password and login. Only one answer lists a vty subcommand that is one of these two commands. Of note in the incorrect answers: One answer mentions console subcommands. The console does not define what happens when remote users log in; those details sit in the vty line configuration. One answer mentions the login local command; this command means that the switch should use the local list of configured usernames/passwords. The question stated that the engineer wanted to use passwords only, with no usernames. One answer mentions the transport input ssh command, which, by omitting the telnet keyword, disables Telnet. While that command can be useful, SSH does not work when using passwords only; SSH requires both a username and a password. So, by disabling Telnet (and allowing SSH only), the configuration would allow no one to remotely log in to the switch.
Which of the following fields in the HDLC header used by Cisco routers does Cisco add, beyond the ISO standard HDLC? a. Flag b. Type c. Address d. FCS
B. The standard HDLC header does not include a Type field, which identifies the type of packet encapsulated inside the HDLC frame.
What STP feature causes an interface to be placed in the forwarding state as soon as the interface is physically active? a. STP b. EtherChannel c. Root Guard d. PortFast
D. The PortFast feature allows STP to move a port from blocking to forwarding without going through the interim listening and learning states. STP allows this exception when the link is known to have no switch on the other end of the link, removing the risk of a switching loop. BPDU Guard is a common feature to use at the same time as PortFast because it watches for incoming bridge protocol data units (BPDU), which should not happen on an access port, and prevents the loops from a rogue switch by disabling the port.
Which of the following protocols are examples of TCP/IP transport layer protocols? (Choose two answers.) a. Ethernet b. HTTP c. IP d. UDP e. SMTP f. TCP
D. UDP F. TCP Of the remaining answers, Ethernet defines both physical and data-link protocols, PPP is a data-link protocol, IP is a network layer protocol, and SMTP and HTTP are application layer protocols.
Which of the following describes a way to disable IEEE standard autonegotiation on a 10/100 port on a Cisco switch? a. Configure the negotiate disable interface subcommand b. Configure the no negotiate interface subcommand c. Configure the speed 100 interface subcommand d. Configure the duplex half interface subcommand e. Configure the duplex full interface subcommand f. Configure the speed 100 and duplex full interface subcommands
F. Cisco switches do not have a command to disable autonegotiation of speed and duplex. Instead, a switch port that has both speed and duplex configured disables autonegotiation.
The process of a web server adding a TCP header to the contents of a web page, followed by adding an IP header and then adding a data-link header and trailer, is an example of what? a. Data encapsulation b. Same-layer interaction c. OSI model d. All of these answers are correct.
a. Data encapsulation Encapsulation is defined as the process of adding a header in front of data supplied by a higher layer (and possibly adding a trailer as well).
The process of HTTP asking TCP to send some data and making sure that it is received correctly is an example of what? a. Same-layer interaction b. Adjacent-layer interaction c. OSI model d. All of these answers are correct.
b. Adjacent-layer interaction Adjacent-layer interaction occurs on one computer, with two adjacent layers in the model. The higher layer requests services from
Examine the following output from the show spanning-tree vlan 5 command, which describes a root switch in a LAN. Which answers accurately describe facts related to the root's bridge ID? SW1# show spanning-tree vlan 5 VLAN0005 Spanning tree enabled protocol rstp Root ID Priority 32773 Address 1833.9d7b.0e80 Cost 15 Port 25 (GigabitEthernet0/1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec. a. The system ID extension value, in decimal, is 5. b. The root's configured priority value is 32773. c. The root's configured priority value is 32768. d. The system ID extension value, in hexadecimal, is 1833.9d7b.0e80.
A and C. The system ID extension (or extended system ID) part of a bridge ID contains 12 bits and sits after the 4-bit priority field and before the 48-bit system ID. Switches use this field to store the VLAN ID when using STP or RSTP to build spanning trees per VLAN. So of the two answers that mention the system ID extension, the one that lists the VLAN ID, in this case 5, is correct. The output also lists a priority of 32773. However, that output lists the decimal equivalent of the 16-bit priority value. In reality, this decimal value is the sum of the configured decimal priority plus the VLAN ID: 32768 + 5 = 32773. So in this case, the root's configured priority is 32,768.
Switch SW1 uses its Gigabit 0/1 interface to connect to switch SW2's Gigabit 0/2 interface. SW2's Gi0/2 interface is configured with the speed 1000 and duplex full commands. SW1 uses all defaults for interface configuration commands on its Gi0/1 interface. Which of the following are true about the link after it comes up? (Choose two answers.) a. The link works at 1000 Mbps (1 Gbps). b. SW1 attempts to run at 10 Mbps because SW2 has effectively disabled IEEE standard autonegotiation. c. The link runs at 1 Gbps, but SW1 uses half duplex and SW2 uses full duplex. d. Both switches use full duplex.
A and D. SW2 has effectively disabled IEEE standard autonegotiation by configuring both speed and duplex. However, Cisco switches can detect the speed used by the other device, even with autonegotiation turned off. Also, at 1 Gbps, the IEEE autonegotiation standard says to use full duplex. If the duplex setting cannot be negotiated, both ends use 1 Gbps, full duplex.
A Cisco Catalyst switch connects with its Gigabit0/1 port to an end user's PC. The end user, thinking the user is helping, manually sets the PC's OS to use a speed of 1000 Mbps and to use full duplex, and disables the use of autonegotiation. The switch's G0/1 port has default settings for speed and duplex. What speed and duplex settings will the switch decide to use? (Choose two answers.) a. Full duplex b. Half duplex c. 10 Mbps d. 1000 Mbps
A and D. The IEEE autonegotiation rules dictate that if a device attempts autonegotiation but the other side does not participate, use the slowest speed it supports. However, Cisco switches override that logic, instead sampling the electrical signal to detect the speed used by the connected device, so the switch will operate at 1000 Mbps. The switch uses the IEEE default setting for duplex based on the speed, and the IEEE default for duplex when using 1000 Mbps is to use full duplex. So in this case, the switch will match both the speed and the duplex setting made on the PC.
The output of the show interfaces status command on a 2960 switch shows interface Fa0/1 in a "disabled" state. Which of the following is true about interface Fa0/1? (Choose three answers.) a. The interface is configured with the shutdown command. b. The show interfaces fa0/1 command will list the interface with two status codes of administratively down and line protocol down. c. The show interfaces fa0/1 command will list the interface with two status codes of up and down. d. The interface cannot currently be used to forward frames. e. The interface can currently be used to forward frames.
A, B, and D. The disabled state in the show interfaces status command is the same as an "administratively down and down" state shown in the show interfaces command. The interface must be in a connected state (per the show interfaces status command) before the switch can send frames out the interface.
Which of the following protocols are examples of TCP/IP data-link layer protocols? (Choose two answers.) a. Ethernet b. HTTP c. IP d. UDP e. SMTP f. TCP g. PPP
A. Ethernet G. PPP Of the remaining answers, IP is a network layer protocol, TCP and UDP are transport layer protocols, and SMTP and HTTP are application layer protocols.
Imagine a network with two routers that are connected with a point-to-point HDLC serial link. Each router has an Ethernet, with PC1 sharing the Ethernet with Router1 and PC2 sharing the Ethernet with Router2. When PC1 sends data to PC2, which of the following is true? a. Router1 strips the Ethernet header and trailer off the frame received from PC1, never to be used again. b. Router1 encapsulates the Ethernet frame inside an HDLC header and sends the frame to Router2, which extracts the Ethernet frame for forwarding to PC2. c. Router1 strips the Ethernet header and trailer off the frame received from PC1, which is exactly re-created by Router2 before forwarding data to PC2. d. Router1 removes the Ethernet, IP, and TCP headers and rebuilds the appropriate headers before forwarding the packet to Router2.
A. PC1 will send an Ethernet frame to Router 1, with PC1's MAC address as the source address and Router 1's MAC address as the destination address. Router 1 will remove the encapsulated IP packet from that Ethernet frame, discarding the frame header and trailer. Router 1 will forward the IP packet by first encapsulating it inside an HDLC frame, but Router 1 will not encapsulate the Ethernet frame in the HDLC frame but rather the IP packet. Router 2 will de-encapsulate the IP packet from the HDLC frame and forward it onto the Ethernet LAN, adding a new Ethernet header and trailer, but this header will differ. It will list Router 2's MAC address as the source address and PC2's MAC address as the destination address.
What type of switch memory is used to store the configuration used by the switch when it is up and working? a. RAM b. ROM c. Flash d. NVRAM e. Bubble
A. Switches (and routers) keep the currently used configuration in RAM, using NVRAM to store the configuration file that is loaded when the switch (or router) next loads the IOS.
In the LAN for a small office, some user devices connect to the LAN using a cable, while others connect using wireless technology (and no cable). Which of the following is true regarding the use of Ethernet in this LAN? a. Only the devices that use cables are using Ethernet. b. Only the devices that use wireless are using Ethernet. c. Both the devices using cables and those using wireless are using Ethernet. d. None of the devices are using Ethernet.
A. The IEEE defines Ethernet LAN standards, with standard names that begin with 802.3, all of which happen to use cabling. The IEEE also defines wireless LAN standards, with standard names that begin with 802.11, which are separate standards from Ethernet.
Which of the following line subcommands tells a switch to wait until a show command's output has completed before displaying log messages on the screen? a. logging synchronous b. no ip domain-lookup c. exec-timeout 0 0 d. history size 15
A. The logging synchronous line subcommand synchronizes the log message display with other command output so the log message does not interrupt a show command's output. The no ip domain-lookup command is not a line subcommand. The other two incorrect answers are line subcommands but do not configure the function listed in the question.
An engineer had formerly configured a Cisco 2960 switch to allow Telnet access so that the switch expected a password of mypassword from the Telnet user. The engineer then changed the configuration to support Secure Shell. Which of the following commands could have been part of the new configuration? (Choose two answers.) a. A username name secret password vty mode subcommand b. A username name secret password global configuration command c. A login local vty mode subcommand d. A transport input ssh global configuration command
B and C. SSH requires the use of usernames in addition to a password. Using the username global command would be one way to define usernames (and matching passwords) to support SSH. The vty lines would also need to be configured to require the use of usernames, with the login local vty subcommand being one such option. The transport input ssh command could be part of a meaningful configuration, but it is not a global configuration command (as claimed in one wrong answer). Likewise, one answer refers to the username command as a command in vty config mode, which is also the wrong mode.
A switch user is currently in console line configuration mode. Which of the following would place the user in enable mode? (Choose two answers.) a. Using the exit command once b. Using the end command once c. Pressing the Ctrl+Z key sequence once d. Using the quit command
B and C. The exit command moves the user one config mode backward, toward global configuration mode, or if already in global configuration mode, it moves the user back to enable mode. From console mode, it moves the user back to global configuration mode. The end command and the Ctrl+Z key sequence both move the user back to enable mode regardless of the current configuration submode.
Which of the following commands identify switch interfaces as being trunking interfaces: interfaces that currently operate as VLAN trunks? (Choose two answers.) a. show interfaces b. show interfaces switchport c. show interfaces trunk d. show trunks
B and C. The show interfaces switchport command lists both the administrative and operational status of each port. When a switch considers a port to be trunking, this command lists an operational trunking state of "trunk." The show interfaces trunk command lists a set of interfaces—the interfaces that are currently operating as trunks. So, both of these commands identify interfaces that are operational trunks.
A Layer 2 switch configuration places all its physical ports into VLAN 2. The IP addressing plan shows that address 172.16.2.250 (with mask 255.255.255.0) is reserved for use by this new LAN switch and that 172.16.2.254 is already configured on the router connected to that same VLAN. The switch needs to support SSH connections into the switch from any subnet in the network. Which of the following commands are part of the required configuration in this case? (Choose two answers.) a. The ip address 172.16.2.250 255.255.255.0 command in interface vlan 1 configuration mode. b. The ip address 172.16.2.250 255.255.255.0 command in interface vlan 2 configuration mode. c. The ip default-gateway 172.16.2.254 command in global configuration mode. d. The switch cannot support SSH because all its ports connect to VLAN 2, and the IP address must be configured on interface VLAN 1.
B and C. To allow SSH or Telnet access, a switch must have a correct IP configuration. That includes the configuration of a correct IP address and mask on a VLAN interface. That VLAN interface then must have a path out of the switch via ports assigned to that VLAN. In this case, with all ports assigned to VLAN 2, the switch must use interface VLAN 2 (using the interface vlan 2 configuration command). To meet the requirement to support login from hosts outside the local subnet, the switch must configure a correct default gateway setting with the ip default-gateway 172.16.2.254 global command in this case.
Which of the following RSTP port states have the same name and purpose as a port state in traditional STP? (Choose two answers.) a. Blocking b. Forwarding c. Listening d. Learning e. Discarding
B and D. RSTP uses port state forwarding, learning, and discarding. Forwarding and learning perform the same functions as the port states used by traditional STP.
Which combinations of keywords on the channel-group interface subcommand on two neighboring switches will cause the switches to use LACP and attempt to add the link to the EtherChannel? (Choose two answers.) a. desirable and active b. passive and active c. active and auto d. active and active
B and D. The channel-group command will direct the switch to use LACP to dynamically negotiate to add a link to an EtherChannel when the command uses the active and passive keywords, respectively. The desirable and passive keywords direct the switch to use PaGP instead of LACP. Of the four answers, the two correct answers use two LACP values, while the two incorrect answers use at least one value that would cause the switch to use PaGP, making the answer incorrect.
Two routers, R1 and R2, connect using an Ethernet over MPLS service. The service provides point-to-point service between these two routers only, as a Layer 2 Ethernet service. Which of the following are the most likely to be true about this WAN? (Choose two answers.) a. R1 will connect to a physical Ethernet link, with the other end of the cable connected to R2. b. R1 will connect to a physical Ethernet link, with the other end of the cable connected to a device at the WAN service provider point of presence. c. R1 will forward data-link frames to R2 using an HDLC header/trailer. d. R1 will forward data-link frames to R2 using an Ethernet header/trailer.
B and D. The physical installation uses a model in which each router uses a physical Ethernet link to connect to some SP device in an SP facility called a point of presence (PoP). The Ethernet link does not span from each customer device to the other. From a data-link perspective, both routers use the same Ethernet standard header and trailer used on LANs; HDLC does not matter on these Ethernet WAN links.
Which of the following are true about the format of Ethernet addresses? (Choose three answers.) a. Each manufacturer puts a unique OUI code into the first 2 bytes of the address. b. Each manufacturer puts a unique OUI code into the first 3 bytes of the address. c. Each manufacturer puts a unique OUI code into the first half of the address. d. The part of the address that holds this manufacturer's code is called the MAC. e. The part of the address that holds this manufacturer's code is called the OUI. f. The part of the address that holds this manufacturer's code has no specific name.
B, C, and E. The pre-assigned universal MAC address, given to each Ethernet port when manufactured, breaks the address into two 3-byte halves. The first half is called the organizationally unique identifier (OUI), which the IEEE assigns to the company that builds the product as a unique hex number to be used only by that company.