Category Archives: CCNA 2 v5

CCNA 2 v5.02 RSE Chapter 5 Exam Answers

1. Refer to the exhibit. The switch does the routing for the hosts that connect to VLAN 5. If the PC accesses a web server from the Internet, at what point will a VLAN number be added to the frame?

point A

point B

point C

point D

point E

No VLAN number is added to the frame in this design.*

2. Which type of inter-VLAN communication design requires the configuration of multiple subinterfaces?

router on a stick*

routing via a multilayer switch

routing for the management VLAN

legacy inter-VLAN routing

3. What is a disadvantage of using router-on-a-stick inter-VLAN routing?

does not support VLAN-tagged packets

requires the use of more physical interfaces than legacy inter-VLAN routing

does not scale well beyond 50 VLANs*

requires the use of multiple router interfaces configured to operate as access links

4. How is traffic routed between multiple VLANs on a multilayer switch?

Traffic is routed via physical interfaces.

Traffic is routed via internal VLAN interfaces.*

Traffic is broadcast out all physical interfaces.

Traffic is routed via subinterfaces.

5. A small college uses VLAN 10 for the classroom network and VLAN 20 for the office network. What is needed to enable communication between these two VLANs while using legacy inter-VLAN routing?

A router with at least two LAN interfaces should be used.*

Two groups of switches are needed, each with ports that are configured for one VLAN.

A router with one VLAN interface is needed to connect to the SVI on a switch.

A switch with a port that is configured as trunk is needed to connect to a router.

6. Which statement describes a disadvantage of using router subinterfaces for inter-VLAN routing?

It is more expensive than using individual router interfaces.

Routed traffic must contend for bandwidth on a single router interface.*

Trunking cannot be used to connect the router to the switch.

All untagged traffic is dropped.

7. Refer to the exhibit. A network administrator needs to configure router-on-a-stick for the networks that are shown. How many subinterfaces will have to be created on the router if each VLAN that is shown is to be routed and each VLAN has its own subinterface?

1

2

3

4*

5

8. Refer to the exhibit. A network administrator has configured router CiscoVille with the above commands to provide inter-VLAN routing. What command will be required on a switch that is connected to the Gi0/0 interface on router CiscoVille to allow inter-VLAN routing?

switchport mode access

no switchport

switchport mode trunk*

switchport mode dynamic desirable

9. Refer to the exhibit. Router RA receives a packet with a source address of 192.168.1.35 and a destination address of 192.168.1.85. What will the router do with this packet?

The router will drop the packet.

The router will forward the packet out interface FastEthernet 0/1.1.

The router will forward the packet out interface FastEthernet 0/1.2.*

The router will forward the packet out interface FastEthernet 0/1.3.

The router will forward the packet out interface FastEthernet 0/1.2 and interface FastEthernet 0/1.3.

10. Refer to the exhibit. Communication between the VLANs is not occurring. What could be the issue?

The wrong port on the router has been used.

The Gi1/1 switch port is not in trunking mode.*

A duplex issue exists between the switch and the router.

Default gateways have not been configured for each VLAN.

11. Inter-VLAN communication is not occurring in a particular building of a school. Which two commands could the network administrator use to verify that inter-VLAN communication was working properly between a router and a Layer 2 switch when the router-on-a-stick design method is implemented? (Choose two.)

From the router, issue the show ip route command.*

From the router, issue the show interfaces trunk command.

From the router, issue the show interfaces interface command.

From the switch, issue the show vlans command.

From the switch, issue the show interfaces trunk command.*

From the switch, issue the show interfaces interface command.

12. Refer to the exhibit. A network administrator is verifying the configuration of inter-VLAN routing. Users complain that PCs on different VLANs cannot communicate. Based on the output, what are two configuration errors on switch interface Gi1/1? (Choose two.)

Gi1/1 is in the default VLAN.*

Voice VLAN is not assigned to Gi1/1.

Gi1/1 is configured as trunk mode.*

Negotiation of trunking is turned on on Gi1/1.

The trunking encapsulation protocol is configured wrong.

13. Refer to the exhibit. A network administrator is verifying the configuration of inter-VLAN routing. Users complain that PC2 cannot communicate with PC1. Based on the output, what is the possible cause of the problem?

Gi0/0 is not configured as a trunk port.

The command interface GigabitEthernet0/0.5 was entered incorrectly.

There is no IP address configured on the interface Gi0/0.

The no shutdown command is not entered on subinterfaces.

The encapsulation dot1Q 5 command contains the wrong VLAN.*

14. Refer to the exhibit. After attempting to enter the configuration that is shown in router RTA, an administrator receives an error and users on VLAN 20 report that they are unable to reach users on VLAN 30. What is causing the problem?

Dot1q does not support subinterfaces.

There is no address on Fa0/0 to use as a default gateway.

RTA is using the same subnet for VLAN 20 and VLAN 30.*

The no shutdown command should have been issued on

Fa0/0.20 and Fa0/0.30.

15. Refer to the exhibit. A router-on-a-stick configuration was implemented for VLANs 15, 30, and 45, according to the show running-config command output. PCs on VLAN 45 that are using the 172.16.45.0 /24 network are having trouble connecting to PCs on VLAN 30 in the 172.16.30.0 /24 network. Which error is most likely causing this problem?

The wrong VLAN has been configured on GigabitEthernet 0/0.45.

The command no shutdown is missing on GigabitEthernet 0/0.30.

The GigabitEthernet 0/0 interface is missing an IP address.

There is an incorrect IP address configured on GigabitEthernet 0/0.30.*

16. Refer to the exhibit. A network administrator is configuring RT1 for inter-VLAN routing. The switch is configured correctly and is functional. Host1, Host2, and Host3 cannot communicate with each other. Based on the router configuration, what is causing the problem?

Interface Fa0/0 is missing IP address configuration information.

IP addresses on the subinterfaces are incorrectly matched to the VLANs.*

Each subinterface of Fa0/0 needs separate no shutdown commands.

Routers do not support 802.1Q encapsulation on subinterfaces.

17. What condition is required to enable Layer 3 switching?

The Layer 3 switch must have IP routing enabled.*

All participating switches must have unique VLAN numbers.

All routed subnets must be on the same VLAN.

Inter-VLAN portions of Layer 3 switching must use router-on-a-stick.

18. Refer to the exhibit. Which command can the administrator issue to change the VLAN10 status to up?

Switch1(config)# interface vlan 10
Switch1(config-if)# no shutdown?

Switch1(config)# interface vlan 10
Switch1(config-if)# ip address 192.168.10.1 255.255.255.0?

Switch1(config)# interface vlan 10
Switch1(config-if)# ip address 192.168.10.1 255.255.255.0
Switch1(config-if)# no shutdown?

Switch1(config)# vlan 10
Switch1(config-vlan)# exit*

19. While configuring inter-VLAN routing on a multilayer switch, a network administrator issues the no switchport command on an interface that is connected to another switch. What is the purpose of this command?

to create a routed port for a single network*

to provide a static trunk link

to create a switched virtual interface

to provide an access link that tags VLAN traffic

20. What is a disadvantage of using multilayer switches for inter-VLAN routing?

Multilayer switches have higher latency for Layer 3 routing.

Multilayer switches are more expensive than router-on-a-stick implementations.*

Spanning tree must be disabled in order to implement routing on a multilayer switch.

Multilayer switches are limited to using trunk links for Layer 3 routing.

21. Fill in the blank with an acronym.

While configuring inter-VLAN routing on a multilayer switch, a/an svi is used as a virtual-routed VLAN interface.

22. Fill in the blank. Do not use abbreviations.

A network engineer is troubleshooting the configuration of new VLANs on a network. ?Which command is used to display the list of VLANs that exists on the switch?

show vlan

23. Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.

Fill in the blank. Do not use abbreviations.

Which command is missing on the Layer 3 switch to restore the full connectivity between PC1 and the web server?

ip address 192.168.20.1 255.255.255.0

 

CCNA 2 v5.02 RSE Chapter 4 Exam Answers

1. What are two functions of a router? (Choose two.)

It connects multiple IP networks.*

It controls the flow of data via the use of Layer 2 addresses.

It determines the best path to send packets.*

It manages the VLAN database.

It increases the size of the broadcast domain.

2. In order for packets to be sent to a remote destination, what three pieces of information must be configured on a host? (Choose three.)

hostname

IP address*

subnet mask*

default gateway*

DNS server address

DHCP server address

3. Refer to the exhibit. A network administrator has configured R1 as shown. When the administrator checks the status of the serial interface, the interface is shown as being administratively down. What additional command must be entered on the serial interface of R1 to bring the interface up?

IPv6 enable

clockrate 128000

end

no shutdown*

4. What is one feature that distinguishes routers from Layer 2 switches?

Routers can be configured with IP addresses. Switches cannot.

Switches move packets from one physical interface to another. Routers do not.

Switches use tables of information to determine how to process data traffic. Routers do not.

Routers support a variety of interface types. Switches typically support Ethernet interfaces.*

5. Which command is used to configure an IPv6 address on a router interface so that the router will combine a manually specified network prefix with an automatically generated interface identifier?

ipv6 enable

ipv6 address ipv6-address/prefix-length

ipv6 address ipv6-address/prefix-length eui-64*

ipv6 address ipv6-address/prefix-length link-local

6. What type of IPv6 address is required as a minimum on IPv6 enabled interfaces?

loopback

unique local

link-local*

static

global unicast

7. What two pieces of information are displayed in the output of the show ip interface brief command? (Choose two.)

IP addresses*

MAC addresses

Layer 1 statuses*

next-hop addresses

interface descriptions

speed and duplex settings

8. When a computer is pinging another computer for the first time, what type of message does it place on the network to determine the MAC address of the other device?

an ICMP ping

an ARP request*

an RFI (Request for Information) message

a multicast to any Layer 3 devices that are connected to the local network

9. Refer to the exhibit. PC1 attempts to connect to File_server1 and sends an ARP request to obtain a destination MAC address. Which MAC address will PC1 receive in the ARP reply?

the MAC address of S1

the MAC address of the G0/0 interface on R1*

the MAC address of the G0/0 interface on R2

the MAC address of S2

the MAC address of File_server1

10. A packet moves from a host on one network to a device on a remote network within the same company. If NAT is not performed on the packet, which two items remain unchanged during the transfer of the packet from source to destination? (Choose two.)

destination IP address*

source ARP table

source IP address*

source MAC address

destination MAC address

Layer 2 header

11. What address changes as a packet travels across multiple Layer 3 Ethernet hops to its final destination?

source IP

destination IP

source Layer 2 address*

destination port

12. Which two items are used by a host device when performing an ANDing operation to determine if a destination address is on the same local network? (Choose two.)

destination IP address*

destination MAC address

source MAC address

subnet mask*

network number

13. Refer to the exhibit. What will the router do with a packet that has a destination IP address of 192.168.12.227?

Drop the packet.

Send the packet out the Serial0/0/0 interface.*

Send the packet out the GigabitEthernet0/0 interface.

Send the packet out the GigabitEthernet0/1 interface.

14. Which two statements correctly describe the concepts of administrative distance and metric? (Choose two.)

Administrative distance refers to the trustworthiness of a particular route.*

A router first installs routes with higher administrative distances.

The value of the administrative distance can not be altered by the network administrator.

Routes with the smallest metric to a destination indicate the best path.*

The metric is always determined based on hop count.

The metric varies depending which Layer 3 protocol is being routed, such as IP.

15. Refer to the exhibit. A network administrator issues the show ipv6 route command on R1. Which two types of routes are displayed in the routing table? (Choose two.)

static route

local host route*

directly connected network*

route that is learned through the OSPF routing protocol

route that is learned through the EIGRP routing protocol

16. Refer to the exhibit. A network administrator issues the show ipv6 route command on R1. What two conclusions can be drawn from the routing table? (Choose two.)

static route*

local host route

directly connected network*

route that is learned through the OSPF routing protocol

route that is learned through the EIGRP routing protocol

17. A network administrator configures the interface fa0/0 on the router R1 with the command ip address 172.16.1.254 255.255.255.0. However, when the administrator issues the command show ip route, the routing table does not show the directly connected network. What is the possible cause of the problem?

The interface fa0/0 has not been activated.*

The configuration needs to be saved first.

No packets with a destination network of 172.16.1.0 have been sent to R1.

The subnet mask is incorrect for the IPv4 address.

18. A network administrator configures a router by the command ip route 0.0.0.0 0.0.0.0 209.165.200.226. What is the purpose of this command?

to forward all packets to the device with IP address 209.165.200.226

to add a dynamic route for the destination network 0.0.0.0 to the routing table

to forward packets destined for the network 0.0.0.0 to the device with IP address 209.165.200.226

to provide a route to forward packets for which there is no route in the routing table*

19. A network administrator is implementing dynamic routing protocols for a company. Which command can the administrator issue on a router to display the supported routing protocols?

Router(config)# router ?*

Router(config)# service ?

Router(config)# ip route ?

Router(config)# ip forward-protocol ?

20. Refer to the exhibit. A network administrator issues the show ip route command on R2. What two types of routes are installed in the routing table? (Choose two.)

a configured default route

directly connected networks*

routes that are learned through the OSPF routing protocol

routes that are learned through the EIGRP routing protocol*

a configured static route to the network 209.165.200.224

21. Refer to the exhibit. What is the purpose of the highlighted field in the line that is displayed from the show ip route command?

It indicates that this is a default route.

It indicates that this route was learned via EIGRP.*

It indicates that this is a directly connected route.

It indicates that this route has been deleted from the routing table.

22. Which statement describes a route that has been learned dynamically?

It is automatically updated and maintained by routing protocols.*

It is unaffected by changes in the topology of the network.

It has an administrative distance of 1.

It is identified by the prefix C in the routing table.

23. Fill in the blank.

When a router receives a packet, it examines the destination address of the packet and looks in the Routing table to determine the best path to use to forward the packet.

24. Refer to the exhibit. Match the description with the routing table entries. (Not all options are used.)

172.16.2.2 -> next hop
10.3.0.0 -> destination network
21024000 -> metric
1 -> administrative distance
00:22:15 -> route timestamp
D -> route  source protocol

CCNA 2 v5.02 RSE Chapter 3 Exam Answers

1. Which two statements are true about VLAN implementation? (Choose two.)

The size of the collision domain is reduced.

The number of required switches in a network decreases.

VLANs logically group hosts, regardless of physical location.*

The network load increases significantly because of added trunking information.

Devices in one VLAN do not hear the broadcasts from devices in another VLAN.*

2. Which three statements accurately describe VLAN types? (Choose three).

A management VLAN is any VLAN that is configured to access management features of the switch.*

A data VLAN is used to carry VLAN management data and user-generated traffic.

After the initial boot of an unconfigured switch, all ports are members of the default VLAN.*

An 802.1Q trunk port, with a native VLAN assigned, supports both tagged and untagged traffic.*

Voice VLANs are used to support user phone and e-mail traffic on a network.

VLAN 1 is always used as the management VLAN.

3. A network administrator is determining the best placement of VLAN trunk links. Which two types of point-to-point connections utilize VLAN trunking? (Choose two.)

between two switches that utilize multiple VLANs*

between a switch and a client PC

between a switch and a server that has an 802.1Q NIC*

between a switch and a network printer

between two switches that share a common VLAN

4. Refer to the exhibit. A frame is traveling between PC-A and PC-B through the switch. Which statement is true concerning VLAN tagging of the frame?

A VLAN tag is added when the frame leaves PC-A.

A VLAN tag is added when the frame is accepted by the switch.

A VLAN tag is added when the frame is forwarded out the port to PC-B.

No VLAN tag is added to the frame.*

5. What is the effect of issuing a switchport access vlan 20 command on the Fa0/18 port of a switch that does not have this VLAN in the VLAN database?

The command will have no effect on the switch.

VLAN 20 will be created automatically.*

An error stating that VLAN 20 does not exist will be displayed and VLAN 20 is not created.

Port Fa0/18 will be shut down.

6. Port Fa0/11 on a switch is assigned to VLAN 30. If the command no switchport access vlan 30 is entered on the Fa0/11 interface, what will happen?

Port Fa0/11 will be shutdown.

An error message would be displayed.

Port Fa0/11 will be returned to VLAN 1.*

VLAN 30 will be deleted.

7. Which command is used to remove only VLAN 20 from a switch?

delete vlan.dat

delete flash:vlan.dat

no vlan 20*

no switchport access vlan 20

8. Which command displays the encapsulation type, the voice VLAN ID, and the access mode VLAN for the Fa0/1 interface?

show vlan brief

show interfaces Fa0/1 switchport*

show mac address-table interface Fa0/1

show interfaces trunk

9. What must the network administrator do to remove Fast Ethernet port fa0/1 from VLAN 2 and assign it to VLAN 3?

Enter the no vlan 2 and the vlan 3 commands in global configuration mode.

Enter the switchport access vlan 3 command in interface configuration mode.*

Enter the switchport trunk native vlan 3 command in interface configuration mode.

Enter the no shutdown in interface configuration mode to return it to the default configuration and then configure the port for VLAN 3.

10. A Cisco Catalyst switch has been added to support the use of multiple VLANs as part of an enterprise network. The network technician finds it necessary to clear all VLAN information from the switch in order to incorporate a new network design. What should the technician do to accomplish this task?

Erase the startup configuration and reboot the switch.

Erase the running configuration and reboot the switch.

Delete the startup configuration and the vlan.dat file in the flash memory of the switch and reboot the switch.*

Delete the IP address that is assigned to the management VLAN and reboot the switch.

11. A Cisco switch currently allows traffic tagged with VLANs 10 and 20 across trunk port Fa0/5. What is the effect of issuing a switchport trunk allowed vlan 30 command on Fa0/5?

It allows VLANs 1 to 30 on Fa0/5.

It allows VLANs 10, 20, and 30 on Fa0/5.

It allows only VLAN 30 on Fa0/5.*

It allows a native VLAN of 30 to be implemented on Fa0/5.

12. What VLANs are allowed across a trunk when the range of allowed VLANs is set to the default value?

All VLANs will be allowed across the trunk.*

Only VLAN 1 will be allowed across the trunk.

Only the native VLAN will be allowed across the trunk.

The switches will negotiate via VTP which VLANs to allow across the trunk.

13. Which command should the network administrator implement to prevent the transfer of DTP frames between a Cisco switch and a non-Cisco switch?

S1(config-if)# switchport mode trunk

S1(config-if)# switchport nonegotiate*

S1(config-if)# switchport mode dynamic desirable

S1(config-if)# switchport mode access

S1(config-if)# switchport trunk allowed vlan none

14. Under which two occasions should an administrator disable DTP while managing a local area network? (Choose two.)

when connecting a Cisco switch to a non-Cisco switch*

when a neighbor switch uses a DTP mode of dynamic auto

when a neighbor switch uses a DTP mode of dynamic desirable

on links that should not be trunking*

on links that should dynamically attempt trunking

15. Refer to the exhibit. PC-A and PC-B are both in VLAN 60. PC-A is unable to communicate with PC-B. What is the problem?

The native VLAN should be VLAN 60.

The native VLAN is being pruned from the link.

The trunk has been configured with the switchport nonegotiate command.

The VLAN that is used by PC-A is not in the list of allowed VLANs on the trunk.*

16. Refer to the exhibit. DLS1 is connected to another switch, DLS2, via a trunk link. A host that is connected to DLS1 is not able to communicate to a host that is connected to DLS2, even though they are both in VLAN 99. Which command should be added to Fa0/1 on DLS1 to correct the problem?

switchport nonegotiate

switchport mode dynamic auto

switchport trunk native vlan 66*

switchport trunk allowed vlan add 99

17. What happens to a port that is associated with VLAN 10 when the administrator deletes VLAN 10 from the switch?

The port becomes inactive.*

The port goes back to the default VLAN.

The port automatically associates itself with the native VLAN.

The port creates the VLAN again.

18. In a basic VLAN hopping attack, which switch feature do attackers take advantage of?

an open Telnet connection

automatic encapsulation negotiation

forwarding of broadcasts

the default automatic trunking configuration*

19. Which switch feature ensures that no unicast, multicast, or broadcast traffic is passed between ports that are configured with this feature?

VLAN

PVLAN protected port*

ACL

switch port security

20. Which two Layer 2 security best practices would help prevent VLAN hopping attacks? (Choose two.)

Change the native VLAN number to one that is distinct from all user VLANs and is not VLAN 1.*

Change the management VLAN to a distinct VLAN that is not accessible by regular users.

Statically configure all ports that connect to end-user host devices to be in trunk mode.

Disable DTP autonegotiation on end-user ports.*

Use SSH for all remote management access.

21. Refer to the exhibit. Interface Fa0/1 is connected to a PC. Fa0/2 is a trunk link to another switch. All other ports are unused. Which security best practice did the administrator forget to configure?

Disable autonegotiation and set ports to either static access or static trunk.

Change the native VLAN to a fixed VLAN that is distinct from all user VLANs and to a VLAN number that is not VLAN 1.

Configure all unused ports to a ‘black-hole’ VLAN that is not used for anything on the network.

All user ports are associated with VLANs distinct from VLAN 1 and distinct from the ‘black-hole’ VLAN.*

22. Fill in the blank

Use the full command syntax.

The show vlan command displays the VLAN assignment for all ports as well as the existing VLANs on the switch.

23. Match the DTP mode with its function. (Not all options are used.)


Place the options in the following order:

– not scored –

dynamic auto

nonegotiate

dynamic desirable

trunk

24. Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.

Which PCs will receive the broadcast sent by PC-C?

PC-A, PC-B

PC-D, PC-E*

PC-A, PC-B, PC-E

PC-A, PC-B, PC-D, PC-E

PC-A, PC-B, PC-D, PC-E, PC-F

CCNA 2 v5.02 RSE Chapter 2 Exam Answers

1. Which interface is the default location that would contain the IP address used to manage a 24-port Ethernet switch?

VLAN 1*

Fa0/0

Fa0/1

interface connected to the default gateway

VLAN 99

2. In which type of attack does a malicious node request all available IP addresses in the address pool of a DHCP server in order to prevent legitimate hosts from obtaining network access?

CAM table overflow

MAC address flooding

DHCP starvation*

DHCP spoofing

3. What impact does the use of the

mdix auto

configuration command have

on an Ethernet interface on a switch?

automatically detects duplex settings

automatically detects interface speed

automatically detects copper cable type*

automatically assigns the first detected MAC address to an interface

4. Which type of cable does a network administrator need to connect a PC to a switch to recover it after the Cisco IOS software fails to load?

a coaxial cable

a console cable*

a crossover cable

a straight-through cable

5. While troubleshooting a connectivity problem, a network administrator notices that a switch port status LED is alternating between green and amber. What could this LED indicate?

The port has no link.

The port is experiencing errors.*

The port is administratively down.

A PC is using the wrong cable to connect to the port.

The port has an active link with normal traffic activity.

6. A production switch is reloaded and finishes with a

Switch>

prompt. What two facts can be determined? (Choose two.)

POST occurred normally.*

The boot process was interrupted.

There is not enough RAM or flash on this router.

A full version of the Cisco IOS was located and loaded.*

The switch did not locate the Cisco IOS in flash, so it defaulted to ROM.

7. Which command displays information about the auto-MDIX setting for a specific interface?

show interfaces

show controllers*

show processes

show running-config

8. Refer to the exhibit. What media issue might exist on the link connected to Fa0/1 based on the show interface command?

The bandwidth parameter on the interface might be too high.

There could be an issue with a faulty NIC.

There could be too much electrical interference and noise on the link.*

The cable attaching the host to port Fa0/1 might be too long.

The interface might be configured as half-duplex.

9.Refer to the exhibit. The network administrator wants to configure Switch1 to allow SSH connections and prohibit Telnet connections. How should the network administrator change the displayed configuration to satisfy the requirement?

Use SSH version 1.

Reconfigure the RSA key.

Configure SSH on a different line.

Modify the transport input command.*

10. Which protocol or service sends broadcasts containing the Cisco IOS software version of the sending device, and the packets of which can be captured by malicious hosts on the network?

CDP*

DHCP

DNS

SSH

11. Which two statements are true about using full-duplex Fast Ethernet? (Choose two.)

Performance is improved with bidirectional data flow.*

Latency is reduced because the NIC processes frames faster.

Nodes operate in full-duplex with unidirectional data flow.

Performance is improved because the NIC is able to detect collisions.

Full-duplex Fast Ethernet offers 100 percent efficiency in both directions.*

12. Which method would mitigate a MAC address flooding attack?

increasing the size of the CAM table

configuring port security*

using ACLs to filter broadcast traffic on the switch

increasing the speed of switch ports

13. Which two basic functions are performed by network security tools? (Choose two.)

revealing the type of information an attacker is able to gather from monitoring network traffic*

educating employees about social engineering attacks

simulating attacks against the production network to*

determine any existing vulnerabilities

writing a security policy document for protecting networks

controlling physical access to user devices

14. Which action will bring an error-disabled switch port back to an operational state?

Remove and reconfigure port security on the interface.

Issue the switchport mode access command on the interface.

Clear the MAC address table on the switch.

Issue the shutdown and then no shutdown interface commands.*

15. Refer to the exhibit. Which S1 switch port interface or interfaces should be configured with the ip dhcp snooping trust command if best practices are implemented?

only the G0/1 port

only unused ports

only the G0/1 and G0/24 ports*

only the G0/2, G0/3, and G0/4 ports

only the G0/1, G0/2, G0/3, and G0/4 ports

16. Refer to the exhibit. Port Fa0/2 has already been configured appropriately. The IP phone and PC work properly. Which switch configuration would be most appropriate for port Fa0/2 if the network administrator has the following goals?

SWA(config-if)# switchport port-security
SWA(config-if)# switchport port-security mac-address sticky

SWA(config-if)# switchport port-security mac-address sticky
SWA(config-if)# switchport port-security maximum 2

SWA(config-if)# switchport port-security 
SWA(config-if)# switchport port-security maximum 2 
SWA(config-if)# switchport port-security mac-address sticky*

SWA(config-if)# switchport port-security
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address sticky
SWA(config-if)# switchport port-security violation restrict

17. Refer to the exhibit. What can be determined about port security from the information that is shown?

The port has been shut down.

The port has two attached devices.

The port violation mode is the default for any port that has port security enabled.*

The port has the maximum number of MAC addresses that is supported by a Layer 2 switch port which is configured for port security.

18. Refer to the exhibit. Which event will take place if there is a port security violation on switch S1 interface Fa0/1?

A notification is sent.

A syslog message is logged.

Packets with unknown source addresses will be dropped.*

The interface will go into error-disabled state.

19. The network administrator enters the following commands on a Cisco switch:

Switch(config)# interface vlan1

Switch(config-if)# ip address 192.168.1.2 255.255.255.0

Switch(config-if)# no shutdown

What is the effect of entering these commands?

All devices attached to this switch must be in the 192.168.1.0/24 subnet to communicate.

The switch is able to forward frames to remote networks.

The address of the default gateway for this LAN is 192.168.1.2/24.

Users on the 192.168.1.0/24 subnet are able to ping the switch at IP address 192.168.1.2.*

20. Which two statements are true regarding switch port security? (Choose two.)

The three configurable violation modes all log violations via SNMP.

Dynamically learned secure MAC addresses are lost when the switch reboots.*

The three configurable violation modes all require user intervention to re-enable ports.

After entering the sticky parameter, only MAC addresses subsequently learned are converted to secure MAC addresses.

If fewer than the maximum number of MAC addresses for a port are configured statically, dynamically learned addresses are added to CAM until the maximum number is reached.*

21. Fill in the blank.

full-duplex communication allows both ends of a connection to transmit and receive data simultaneously.

22. Fill in the blank.

When port security is enabled, a switch port uses the default violation mode of shutdown until specifically configured to use a different violation mode.

23. Match the step to each switch boot sequence description. (not all options are used.)

Place the options in the following order:
step 3
– not scored –
step 1
step 4
step 2
step 5
step 6

24. Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.

Fill in the blank.

Do not use abbreviations.What is the missing command on S1?

ip address 192.168.99.2 255.255.255.0

CCNA 2 v5.02 RSE Chapter 1 Exam Answers

1. What is a basic function of the Cisco Borderless Architecture access layer?

aggregates Layer 2 broadcast domains

aggregates Layer 3 routing boundaries

provides access to the user*

provides high availability

2.What is a basic function of the Cisco Borderless Architecture distribution layer?

acting as a backbone

aggregating all the campus blocks

aggregating Layer 3 routing boundaries*

providing access to the user

3. A network designer must provide a rationale to a customer for a design which will move an enterprise from a flat network topology to a hierarchical network topology. Which two features of the hierarchical design make it the better choice? (Choose two.)

lower bandwidth requirements

reduced cost for equipment and user training

easier to provide redundant links to ensure higher availability*

less required equipment to provide the same performance levels

simpler deployment for additional switch equipment*

4. What is a collapsed core in a network design?

a combination of the functionality of the access and distribution layers

a combination of the functionality of the distribution and core layers*

a combination of the functionality of the access and core layers

a combination of the functionality of the access, distribution, and core layers

5. What are two advantages of modular switches over fixed-configuration switches? (Choose two.)

lower cost per switch

increased scalability*

lower forwarding rates

need for fewer power outlets*

availability of multiple ports for bandwidth aggregation

6. Which switch form factor should be used when large port density, fault tolerance, and low price are important factors?

fixed-configuration switch

modular switch

rackable 1U switch

stackable switch*

7. An administrator purchases new Cisco switches that have a feature called StackPower. What is the purpose of this feature?

It enables many switches to be physically stacked in an equipment rack.

It enables many switches to be connected with a special fiber-optic power cable to provide higher bandwidth.

It enables many switches to be connected to increase port density.

It enables the sharing of power among multiple stackable switches.*

It enables AC power for a switch to be provided from a powered patch panel.

8. What is one advantage of using the cut-through switching method instead of the store-and-forward switching method?

has a positive impact on bandwidth by dropping most of the invalid frames

makes a fast forwarding decision based on the source MAC address of the frame

has a lower latency appropriate for high-performance computing applications*

provides the flexibility to support any mix of Ethernet speeds

9. Which type of transmission does a switch use when the destination MAC address is not contained in the MAC address table?

anycast

broadcast*

multicast

unicast

10. Refer to the exhibit. Consider that the main power has just been restored. PC1 asks the DHCP server for IPv4 addressing. The DHCP server sends it an IPv4 address. While PC2 is still booting up, PC3 issues a broadcast IPv4 DHCP request. To which port will SW1 forward this request?

to Fa0/1 only

to Fa0/1 and Fa0/2 only

to Fa0/1, Fa0/2, and Fa0/3 only*

to Fa0/1, Fa0/2, Fa0/3, and Fa0/4

to Fa0/1, Fa0/2, and Fa0/4 only

11. What information is added to the switch table from incoming frames?

source MAC address and incoming port number*

destination MAC address and incoming port number

source IP address and incoming port number

destination IP address and incoming port number

12. What is one function of a Layer 2 switch?

forwards data based on logical addressing

duplicates the electrical signal of each frame to every port

learns the port assigned to a host by examining the destination MAC address

determines which interface is used to forward a frame based on the destination MAC address*

13. Refer to the exhibit. How is a frame sent from PCA forwarded to PCC if the MAC address table on switch SW1 is empty?

SW1 floods the frame on all ports on the switch, excluding the interconnected port to switch SW2 and the port through which the frame entered the switch.

SW1 floods the frame on all ports on SW1, excluding the port through which the frame entered the switch.*

SW1 forwards the frame directly to SW2. SW2 floods the frame to all ports connected to SW2, excluding the port through which the frame entered the switch.

SW1 drops the frame because it does not know the destination MAC address.

14. What does the term “port density” represent for an Ethernet switch?

the memory space that is allocated to each switch port

the number of available ports*

the numbers of hosts that are connected to each switch port

the speed of each port

15. ABC, Inc. has about fifty hosts in one LAN. The administrator would like to increase the throughput of that LAN. Which device will increase the number of collision domains and thereby increase the throughput of the LAN?

host

hub

switch*

NIC

16. What are two reasons a network administrator would segment a network with a Layer 2 switch? (Choose two.)

to create fewer collision domains

to enhance user bandwidth*

to create more broadcast domains

to eliminate virtual circuits

to isolate traffic between segments*

to isolate ARP request messages from the rest of the network

17. Fill in the blank.

A   _converged_   network is one that uses the same infrastructure to carry voice, data, and video signals.

18. Refer to the exhibit. Fill in the blank.

There are __12__  collision domains in the topology.

19. Refer to the exhibit. Fill in the blank.

There are __five__ broadcast domains in the topology.

20. Match the forwarding characteristic to its type. (Not all options are used.)

Place the options in the following order:

cut-throught:
+appropriate for high perfomance computing applications
+forwarding process can be begin after receiving the destination address
+may forward invalid frames

store-and-forward:
#error checking before forwarding
#forwarding process only begins after receiving the entire frame
#only forwards valid frames