What is the command to display the Switch Database Management (SDM) template?
show sdm prefer
What are the types of SDM templates for IPv4?
Routing, VLAN, Default and Access
Which of the SDM templates does not allocate resources for Policy-based routing ACEs?
Default and VLAN
Which SDM template does not allocate resources to Unicast routes?
VLAN
Which SDM Templates is feature resources has 512 and 1K resources allocated to it?
A) Policy-based routing ACEs
B) IGMP groups and multicast routes
C) Security ACEs
D) Unicast MAC addresses
E) Layer 2 VLANs
F) QoS classification ACEs
B,E,F
Which of the IPv4 SDM Template maximizes on the ACLs?
Access
What is the number of resources allocated to the Unicast MAC address for the VLAN SDM template?
12K
What SDM template can be set to allow for IPv6 functionality?
dual-ipv4-and-ipv6
What is required to be done to the switch after the SDM template has been changed?
Reload
Which SDM template is displayed below:
Routing
Which SDM template is displayed below:
Access
Which SDM template is displayed below:
Desktop default
Which SDM template is displayed below:
VLAN
Which SDM template is displayed below:
Desktop IPv4 and IPv6 default
Which SDM template is displayed below:
Desktop IPv4 and IPv6 Routing
Which SDM template is displayed below:
Desktop IPv4 and IPv6 VLAN
Name the three (3) Layers in the Enterprise Campus Network Design?
Access Layer
Distribution Layer
Core Layer
Which Enterprise Campus Network Layer aggregates multiples access layer switches?
Distribution layer
Which characteristics determine the size of a switch block?
a) Traffic types and behavior
b) Type of users
c) size and number of common workgroups
d) number of users
e) Where the server resource is located
A, C
What are the type of Core Design?
Dual Core
Mutli-node Core
Collapse Core
What is the process called when the frame is forwarded in a "best effort" fashion by flooding it out all switch ports assigned to the source VLAN?
Unknown unicast flooding
What are the two types of Multilayer Switching?
1) Route caching
2) Topology based
What are the other names for the MLS type Route caching?
a) NetFlow LAN switching
b) Flow-based switching
c) Demand-based switching
d) Route once, Switch many
e) Cisco Express Forwarding (CEF)
a, b, c, d
Which statements are true?
a) The data plane exists in the RP (Route Processor)
b) The data plane exists in the SE (Switch Engine)
c) The control plane exists in the SE
d) The control plane exists in the RP
B, D
What is the default aging time for the MAC address table?
300 seconds
What two features are part of the TCAM operation?
Feature Manager (FM)
Switching Database Manager (SDM)
Which component compiles or merges the ACEs into entries in the TCAM table?
Feature Manager (FM)
Which component is responsible for partitioning the TCAM into several areas that support different functions?
SDM (Switch Database Manager)
The TCAM entries are consist of which three (3) combinations?
a) Value
b) 1
c) Mask
d) Subnet
e) ACE
f) Result
A, C, F
What is the maximum size of the values and mask for the TCAM entries?
134-bits
The TCAM tables is always organized by this entry:
C)
Which operator or operand are compiled and store in the (Logical operation unit) LOU register:
a) gt
b) lt
c) neq
d) range
e) eq
f) one of the above
A, B, C, D
Please which technology are the following standards are based on?
a) Disabled
b) Disable
c) Blocking
d) Listening
d) Learning
e) Active
A,C,D,E
What is the default STP priority?
32768
In which VTP mode and version that allows for extended vlan id?
VTP transparent mode
VTPv3
What is the STP multicast address?
01-80-c2-00-00-00
What us the default load-balancing method for the Etherchannel group?
Source MAC address
Which EtherChannel Negotiation Protocol is Cisco proprietary?
PAgP
Which method is used to load-balance two or more IP address or MAC address for the EtherChannel bundle link?
Exclusive-OR (XOR)
Which of the Etherchannel Negotiation protcol used the mode Active- Passive?
LACP
Which of the Etherchannel negotiation protocol uses the Auto - Desirable?
PAgP
What are the three session modes?
User EXEC mode
Privileged EXEC mode
Global Configuration mode
What features needs to enabled for DAI to Work?
D)
Which features prevents a switch from connect to an end device port?
D)
Which features protects an end user port from CAM table overflow?
D)
Which features prevents a rogue device from snooping the default gateway ip address?
C)
What is the command to enable dhcp snooping for vlan 10 and setting port fa0/24 as trusted port?
Sw(config)# Ip dhcp snooping
Sw(config)# ip dhcp snooping vlan 10
Sw(config)# Interface f0/24
Sw(config-if)# ip dhcp snooping trust
What is the command to enable DAI for vlan 100 and while configuring the 24-ports switch interface f0/1 - f0/20 to be untrusted?
Sw(config)# ip dhcp snooping
Sw(config)#ip dhcp snooping for vlan 100
Sw(config)# ip arp inspection vlan 100
Sw(config)# interface range f0/21-24
Sw(config-if-range)#ip dhcp snooping trust
Sw(config-if-range)#ip arp inspection trust
Sw(config)#
What is the default packet rate limit for DAI per port?
15
What is the command to set the packet rate limit of 10 for DAI on switch interface?
ip arp inspection limit rate 10
What can be done to exempt a router from arp inspection without trusting the port?
ARP Access List
Show the command to to configure an access list to prevent arp inspection for dhcp server with ip address 10.1.2.100 and MAC address 002a.0f31.0012 for vlan 100?
Sw(config)# arp access-list Allow-DCHP-ARP
Sw (config-nacl)# permit ip host 10.1.2.100 Mac host 002a.0f31.0012
Sw(config)# ip arp inspection filter Allow-DHCP-ARP vlan 100
What feature prevent a Man-in-Middle attack on a switch?
Dynamic ARP Inspection (DAI)
Which statement is true about VTP version 2:
A) the vtp server will accept updates from a newly added vtp client switch with the same domain name and higher revision number.
B) the vtp server with no domain name will accept the first vtp update over a trunk link and reject any other update regardless of it revision number.
C) the vtp client will accept all updates from a vtp server with the same domain name even with a lower revision number.
D) the vtp client and server has to have the same domain name and revision number in order to exchange vlan information.
A, D
Which VTP parameters must match in order for the switch to exchange vlan information:
A) Management Domain
B) vtp password
C) revision number
D) version
E) vtp mode
A, B, D
What can be done to reset a VTP revision number to zero:
A) switch to vtp mode transparent and back to vtp mode server
B) change vtp domain name to a non- existent domain name and back to same domain name
C) switch the vtp version from 1 to 2 and back
D) change the vtp password to reset revision number
A, B
Which information is correct about the different vtp modes:
A) vtp server mode does not saves VLAN configuration information to NVRAM but in vlan database.
B) vtp client mode stores VLAN information to the NVRAM.
C) vtp transparent mode saves VLAN configuration information in the NVRAM
D) vtp server mode saves VLAN configuration in the NVRAM.
C, D
What features are presentitled in vtp version 2 that are not supported in version 1?
Unrecognized TLV support
Version-Dependent transparent mode
Token ring support
Consistency check (check md5 digest on new vtp message for new info received and validate new vlan name and values entered)
Which feature allows a switch to increase on network available bandwidth by restricting flooded traffic over trunk links?
VTP PRUNING
Which vlans are eligible for vtp pruning?
Vlan 2 - 1001
Vtp pruning can operate in all vtp modes except for transparent mode. True or false
True
Vtp pruning can be enables for only one switch in a VTP management domain and disabled for the others? True or False
False
Explanation: When vtp pruning is enabled it is enabled for all switches in the same vtp management domain. it is also support in version 1 and 2
What are the two ways in which the VTP settings can be configured?
1. Using Vtp global configuration mode
2. Using vlan database configuration mode
How can the vtp domain name be removed from a switch?
It cant be removed, can only be changed.
How can vtp be disabled on a switch?
Change VTP mode to transparent (for version 1 & 2) or for VTPv3 set the mode to Off
Which statements are true about private-vlans?
B)
Which command is the correct method in configuring a promiscuous mode port:
A)
What is the command to assigned a port to an Isolated VLAN 210 which is associated with the primary VLAN 200?
switchport mode private-vlan host
switchport private-vlan host-association 200 210
What is the command to create the following Private VLAN configuration and creating the necessary association:
Primary VLAN 100
Isolated VLAN 200
Community VLAN 300
sw1(config)# vlan 200
sw1(config-vlan)# private-vlan isolated
sw1(config)#vlan 300
sw1(config-vlan)# private-vlan community
sw1(config)# vlan 100
sw1(config-vlan)# private-vlan primary
sw1(config-vlan)# private-vlan association 200,300
What is the command to create a promiscuous mode port with VLAN 100 as the primary and VLAN 150-200 as the secondary?
switchport mode private-vlan promiscuous
switchport private-vlan mapping 100 150-200
Identify the issue with the private-vlan configuration that is preventing the line protocol for the switch port Fa0/11 is not up.
The secondary PVLANs 200,300 are not associated with the primary PVLAN 100 under the vlan configuration.
Correcting the configuration:
sw(config)# vlan 100
sw(config-vlan)# private-vlan association 200,300
Select the types of secondary vlans:
a) Promiscuous
b) host
c) Primary
d) Isolated
e) Community
D, E
Select the port types associated with Private-vlans:
a) Promiscuous
b) host
c) Primary
d) Isolated
e) Community
A, B
Which port type can communicate with all devices in either Isolated and Community VLANs?
E)
Which statements are False about private-vlans configuration on multiple switch:
A)
Which SDM template must be configured to fully support Private-vlans on a switch?
Desktop Default
command: sdm prefer default
True or False: One instance of STP runs for each primary and secondary VLANs.
False
Explanation:
Only one STP instance runs for the entire private VLAN. The STP instance parameters are propagated to the secondary VLANs associated with the primary VLAN.
What is the command to remove an ARP entry of an IP address from the private VLAN?
no arp [ip-address]
What is the command to add an ARP entry for a private-VLANs?
arp [ip-address][hardware-address] type
What are the two values sent by an Cisco IP Phone within the voice traffic?
1. Layer 3 IP precedence
2. Layer 2 CoS (Class of Service)
What is the protocol used to communicate vlan information to a Cisco IP Phone?
CDP (Cisco Discovery Protocol)
What are the RSTP cost for the following link speed:
a) 100 Mbps
b) 1 Gbps
c) 10 Mbps
d) 10 Gbps
a) 19
b) 4
c) 100
d) 2
What is meant by the STP port type for interface Po2 in the image below:
It means that the switch connected to the port is running 802.1D STP.
What is meant by the STP port type for interface Po2 on this switch:
It means that the Port-channel Po2 is operating at speed of 10 Mbps (hub speed)
What is the command to create a HSRP group with number 100 using virtual ip address 10.10.10.1 on a switch?
standby 100 ip 10.10.10.1
Which of the following features can be used when private-vlans are configured on a interface?
a) Voice VLANs
b) Etherchannel (PAgP/LACP)
c) 802.1X
d) PortFast
e) SPAN
C, D
What is the command to configure an SVI for the primary VLAN 20 and mapping the secondary VLANs 20,30,40 to it?
(Assuming that all PVLANs has already been created)
sw1(config)# interface vlan 10
sw1(config-if)# private-vlan mapping 20,30,40
Which protocols are used to advise the VoIP device of the voice vlan to use on a switch?
a) CDP
b) LLDP
c) DTP
d) STP
e) LACP/PAgP
A, B
How is QoS enabled on a switch and configuring the port to a trust state for the voice VLAN?
sw1(config)# mls qos
sw1(config-if) # mls qos trust cos
Which feature is automatically enabled when the voice VLAN is configured on an interface?
A)
Which switchport mode must the interface be configured for in order to apply the Voice Vlan configuration?
B)
What is the command enable tagging of native vlans packets on all IEEE 802.1Q trunk ports?
sw(config)# vlan dot1q tag native
What is the command for showing the IEEE 802.1Q native vlan tagging status?
show vlan dot1q tag native
Which methods does Storm Control use to measure traffic activities:
a) Bandwidth as a percentage of the total available bandwidth of the port.
b) Traffic rate in packets per second
c) Traffic rate in bits per second
d) Traffic rate on number of known unicast packets
A,B,C
Which mutlicast traffic is not blocked by Storm Control implementation when the threshold is reached?
a) CDP
b) FHRP
c) Routing protocols
d) BPDU
e) UDLD
A,D
What is the default settings of the storm control on the port for the threshold level?
D)
What does the following command mean:
!
interface Fa0/1
storm-control broadcast level 80 60
!
D)
What is the default action for Storm Control when it is enabled on an interface?
A)
Which configured mode prevents a port from communicating with another port in the same mode via Layer 2 but it can communicate with all other ports?
B)
Which features allows can allow the blocking of all or none of the unknown multicast and unicast traffic out of a port?
a) Storm Control
b) Port Blocking
c) Port Security
d) Private-VLAN
B
Which interface commands blocks unknown unicast traffic from a port?
B)
Which switchport modes are not supported when configuring port security on the interface?
a) Dynamic Auto
b) Dynamic desirable
c) Access
d) Trunk
A,B
How long does FHRP potocol fails over to the backup when an interface is shutdown?
C)
Note: When an FHRP interface is shutdown, a shutdown signal is send to the next router so it can take over.
Which FHRP protocol has its virtual MAC starts with 0000.b400?
GLBP - Gateway Load Balancing Protocol
Which FHRP protocol has its virtual MAC starts with 0000.5e?
VRRP - Virtual Redundancy Router Protocol
Which FHRP protocol has its virtual MAC starts with 0000.0c?
HSRP - Hot Standby Routing Protocol
Which FHRP protocol feature allows the backup/standby router to take over when the primary failed?
Preempt
What is the command to turn an L2 interface to a routed interface?
switch(config-if)# no switchport
Which MAC address configuration is not supported by the port security aging time?
D)
Note:
A is configured using the following command:
switchport port-security mac-address sticky
B is configure using the following command:
switchport port-security mac-address [MAC]
C is configured by default
D dont exist
Cisco Discover Protocol operates at which layer of the OSI model?
Layer 2
(True or False) CDP runs on all media that support Subnetwork Access Protocol (SNAP). Because CDP runs over the data-link layer only, two systems that support different network-layer protocols can learn about each other.
True
What is CDP holdtime and update timer?
Hold time 180 secs
Update timer 60 secs
True or False, CDP version 2 advertisement are enabled by default on a switch?
True
Autonegotiation of link speed and duplex operates at which layer of the OSI model?
Layer 1
What is the command to configure UDLD in normal mode?
UDLD renable
What is the command to reneable a port disabled by UDLD?
UDLD reset
In which UDLD mode disables a port when it is operating in a unidirectional way?
Aggressive
Note: UDLD mode aggresive
The STP Cost of a switch interface is based on which of the following:
C)
Which type of traffic is NOT allowed on an IEEE 802.1X unauthenticated port?
C)
What are two port roles in STP that are always in the forwarding state?
a) Root
B) Designated
C) Backup
D) Alternate
A, B
Which port role in STP is a block port in a loopback configuration?
D)
Which port role never exist on a root bridge?
A)
Which port role is always on a switch that is not the root?
B)
True or False: When a superior BPDU is received on the root port of the switch, the switch forwards it with an updated message out all designated ports.
True
What is the order of states of an shutdown port when it is transition to forwarding state?
B)
Note: it said the state of an shutdown port so disabled will have to be included.
Which statement is NOT true about an STP blocked port:
B)
What is the order of priority in relation to the STP selection?
a) G0/2
b) old switch
c) Lower Priority
d) Higher Priority
e) new switch
f) G0/24
C, D, B, E, A, F
Explanation:
1. Priority is checked first
2. If the Priority is the same then it check the mac address (old switch has the lowest MAC address)
3. Port Priority (lower interface has the lower priority)
Default Mac Address aging time?
5 minutes / 300 secs
What happens to the MAC address aging time if STP is going through reconfiguration?
The MAC address aging time is set the the forwarding-delay value. (default 15 secs)
What is the default STP running on an switch interface:
D)
Explanation PVST+ is the default STP running on a switch interface using the IEEE 802.1D standards with Cisco proprietary extensions.
True or False: You cannot run MST without RSTP
True
What is the maximum number of PVST+ or RPVST+ instances supported on a switch?
128
What is the command to remove STP from a vlan instance.?
Sw1 (config)# No spanning-tree vlan [vlan-id]
What is the switch priority set when you enter the command spanning-tree vlan 1 root?
24576 and if other switches are love then it be oms 4096
What is the virtual mac address for GLBP?
0007.b4
What does the parameter "if-authenticated" does in the command:
aaa authorization group radius if-authenticated
.
Only if the Radius server is unreachable, all command enter by the user if authenticated successfully is allowed.
Which statement is NOT True about the following command output:
C)
Which FHRP is command output is shown here:
VRRP - Virtual Redundancy Router Protocol
Which FHRP protocol is shown in the output below:
GLBP - Gateway Load Balancing Protocol
Which FHRP command output is displayed below:
HSRP - Hot Standby Redundancy Protocol
Which performance metric is not collected by IP SLA?
D)
True or False: IP SLAs is Layer 2 transport independent hence it can configure end-to-end operations over disparate networks to best reflect the metrics that an end user is likely to experience.
True
Which privileged EXEC command can be used to see the IP SLA supported operation types?
C)
True or False: Any device can be a source for a destination ip sla responder.
False.
Note: The responder uses the Cisco IOS IP SLAs Control Protocol to provide a mechanism through which it can be notified on which port it should listen and respond