The command standby preempt should only be applied on the active router
The subnet mask is missing from the standby ip 10.1.1.1 command
The group number 50 is missing in the Router RTB configuration commands.
The priority number 150 is missing in the Router RTB configuration commands.
The virtual IP address should be the same as the active router
The ports on the switch must be configured with the spanning-tree PortFast feature.
All intercepted packets that come from untrusted ports are dropped.
All intercepted packets that come from trusted ports are sent to untrusted ports only
The intercepted packets are verified against the DHCP snooping binding table for valid IP-to-MAC bindings.
For all intercepted packets, an ARP request is sent to the DHCP server for IP-to-MAC address resolution
A manager who is using an SNMP string of K44p0ut
A manager who is using an Inform Request MIB
a manager who is using host 192.168.0.5
A manager who is using authPriv
Remote users are granted access to the network through the core.
Routing should be configured without traffic filtering, address translation, or other packet manipulation at the core
The core, which acts as the front door to a network, is designed to prevent unauthorized users from gaining entry.
The core provides an optimized and reliable transport structure by using a combination of route summaries, distribution lists, and route maps
Enable IP routing globally
Assign IP addresses to routed ports.
Configure SVI for each VLAN in the network.
Configure 802.1 Q encapsulation on routed ports.
Disable Power over Ethernet (PoE) on the physical Layer 3 interfaces.
Disable Layer 2 functionality on interfaces that will be configured as routed ports
Disable ports that should be in the blocking state.
Disable ports that should be in the forwarding state.
Disable and re-enable all ports on the distribution switches.
Disable all ports on the distribution switches and replace with new switches
Using a non-trunk link to connect switches
Using non-Cisco switches
Configuring all switches to be in VTP server mode
Not using any VTP passwords on any switches
Using lowercase on one switch and uppercase on another switch for domain names
having a VTP transparent switch in between a VTP server switch and a VTP client switch (all switches in the same VTP domain)
Interfaces Fa0/1 through Fa0/6 are trunk ports.
Switch DLS1 is not the root bridge for VLAN 1.
The Cost column in the lower part of the exhibit is not the cumulative root path cost.
The default spanning-tree timers have been adjusted.
That Fa0/12 is displaying the alternate port role indicates that PVRST+ is enabled.
The QoS requirements should accommodate the best effort delivery for voice traffic
The QoS requirements should accommodate the bursty nature of voice traffic.
The QoS requirements should accommodate the intensive demand on bandwidth for voice traffic
The QoS requirements should accommodate the smooth demand on bandwidth, low latency, and delay for voice traffic.
Use HSRP instead of GLBP
Adjust the GLBP timers.
Configure spanning tree so that the spanning-tree topology adjusts with the GLBP active virtual forwarder (AVF).
Disable GLBP preemption on all route processors.
UDLD stops trying to establish a connection with the neighbor.
UDLD changes the port state to err-disable.
UDLD changes the port to loop-inconsistent blocking state.
UDLD sends hello messages to its neighbor at a rate of one per second to attempt to recover the connection.
As a trunk port
As a routed port
As an access port
As a switched virtual interface
Keep voice and data traffic in the same VLAN and mark the traffic for high priority treatment.
Create voice VLANs to keep voice traffic separate from other data to ensure special handling of the traffic.
Configure traffic shaping QoS policy to guarantee minimum delay for the voice traffic.
Configure QoS policy to classify the voice traffic in the priority queue to guarantee reserved bandwidth allocation for the traffic.
Configure the Weighted Random Early Detection (WRED) congestion avoidance mechanism to guarantee that the voice traffic will be placed in the priority queue.
Wrong IP address or subnet mask
Ports in the wrong VLAN
Mismatch between SVI and VLAN numbering
Disabled VTP pruning
ACL on wrong interface
Weighted round robin (WRR) queuing
Native VLAN mismatch
Switchport mode mismatch
Local username and password
RADIUS server and, if that fails, local username and password
TACACS+ server and, if that fails, local username and password
RADIUS server and, if that fails, TACACS+ server
Root guard should be implemented on the Layer 2 ports between the distribution switches.
PortFast should be implemented on the uplink ports from the access switches to the distribution switches.
Loop guard should be implemented on the Layer 2 ports between DSW1 and DSW2 and on the uplink ports from the access switches to the distribution switches.
BPDU guard should be implemented on the Layer 2 ports between DSW1 and DSW2 and on the uplink ports from the access switches to the distribution switches.
Replying to ARP requests that are intended for other recipients
Sending malicious dynamic trunking protocol (DTP) frames
Replying to DHCP requests that are intended for a DHCP server
Sending a unicast flood of Ethernet frames with distinct source MAC addresses
Sending frames with two 802.1Q headers
All interfaces on links 5 and 6
All interfaces on links 1, 2, 3, and 4
All interfaces on links 1, 2, 3, 4, 5, and 6
All interfaces between the distribution and the access switches
BPDU guard is enabled
Cisco Discovery Protocol (CDP) is disabled.
VLAN trunking protocol (VTP) is disabled.
PortFast is enabled.
Trunking is disabled.
Channel group is disabled.
A routed port behaves like a regular router interface and supports VLAN subinterfaces.
A routed port is a physical switch port with Layer 2 capability.
A routed port is not associated with a particular VLAN.
To create a routed port requires removal of Layer 2 port functionality with the no switchport interface configuration command.
The interface vlan global configuration command is used to create a routed port.
Spanning-tree load balancing is in effect.
All VLANs are mapped to MST instance 2.
PVRST+ is still operating on switch DLS1.
PVST+ is still operating on switch DLS1.
MST will require fewer resources than PVST+ or PVRST+.
Applying the standby 32 timers 10 30 command on the Gi0/2 interfaces of each switch would decrease the failover time
If the DSw1 and DSw2 switches have been configured to preempt, then DSw2 will be the active router.
If the DSw1 switch is configured with the standby preempt command and DSw2 is not, then DSw1 will be the active router.
The HSRP group number in this HSRP configuration is HSRP group number 50.
The standby track command is useful for tracking interfaces that are not configured for HSRP.
When host A sends an ARP request for 10.10.10.1, Virtual Router replies with the MAC address of the active router.
Only port Fa0/24 can send and receive all DHCP messages
Ports Fa0/1, Fa0/2, and Fa0/24 can send and receive all DHCP messages.
Only ports Fa0/1 and Fa0/2 can send and receive all DHCP messages.
Ports Fa0/1, Fa0/2, and Fa0/24 can send and receive only DHCP requests.
Destination MAC address
Source MAC address
Route Processor Redundancy+ (RPR+)
Distributed CEF (dCEF)
Stateful Switchover (SSO)
Resilient Packet Ring (RPR)
Nonstop Forwarding (NSF)
Per Line Card Traffic Policing
The root switch is the switch with the highest speed ports.
Decisions on which port to block when two ports have equal cost depend on the port priority and index.
All trunking ports are designated and not blocked.
Root switches have all ports set as root ports.
Nonroot switches each have only one root port.
It keeps client-to-server traffic local to a single subnet.
Servers that are located in a data center require less bandwidth.
It is easier to filter and prioritize traffic to and from the data center.
Server farms are not subject to denial of service attacks.
The implementation of link aggregation will be limited.
The implementation of IGP routing protocols will be limited.
The implementation of EtherChannels on redundant links will exceed the bandwidth.
The implementation of scalability that is required during future growth will be limited.
Native VLAN mismatch
Unassigned management VLAN
Layer 2 interface mode incompatibilities
Missing default VLAN
Mismatched trunk encapsulations
PAgP not enabled
Configure interface Fa0/1 on SW1 as a trunk
Remove the subinterfaces on R1 and configure interface Fa0/0 as a trunk.
Configure interfaces Fa0/2 and Fa0/3 on SW1 as trunk links.
Configure VLAN 100 as a data VLAN and VLAN 1 as the native VLAN.
Root guard is not enabled on interface Fa3/42.
Interface Fa3/42 will not pass data traffic if it detects that it is part of a spanning-tree loop caused by unidirectional link failure.
UDLD cannot be configured on interface Fa3/42.
If a spanning-tree loop is detected on VLAN 1, data traffic will be blocked for all VLANs on interface Fa3/42.
The difference in BPDUs sent and received indicates a loop caused by unidirectional link failure has been detected.
Cisco Enterprise Campus Architecture
Cisco Enterprise Data Center Architecture
Cisco Enterprise Branch Architecture
Cisco Enterprise Teleworker Architecture
Denial of service (DoS)
Has no centralized monitoring
Has no centralized management
Has no centralized operational control
Has no centralized access authentication
Configure the routing protocol.
Configure SVI for each VLAN in the network.
Configure the links between DSW and the access switches as access links.
Configure as routed ports the DSW interfaces that face the access switches.
If an active STP port is blocked, the active FlexLink port will take over.
Both the active STP port and active FlexLink port can forward traffic simultaneously.
Both the active STP port and active FlexLink port can forward traffic simultaneously but only for different VLANs.
STP can be active in the distribution layer, but is unaware of any FlexLink updates in the access layer.
The inclusion of the fourth module will increase the routing complexity.
It will limit the traffic flow in the network.
It will provide scalability for future growth.
It will impact the security of the traffic between the distribution switches.
It will increase the number of additional links that are required to provide redundant connectivity.
Switch DLS1 is the standby router for VLANs 1,10, and 20.
Switch DLS2 is the standby router for VLANs 30 and 40.
Issuing the show standby command on switch DSL1 will reveal that the HSRP state for VLAN 10 is standby.
Issuing the show standby command on switch DSL2 will reveal that the HSRP state for VLAN 30 is standby.
By setting different priorities on different VLANs, a type of load balancing is occurring.
If the Ethernet cables between switch DLS2 and switch ALS1 were severed, Payroll Host would not be able to reach SQL Server.
BPDU guard puts an interface that is configured for STP PortFast in the err-disable state upon receipt of a BPDU.
BPDU guard overrides the PortFast configuration and reverts to the default spanning tree configuration on the access ports.
BPDU guard forces the uplink ports on ASW1 and ASW2 to become designated ports to prevent DSW2 from becoming a root switch.
BPDU guard places the uplink ports on a ASW1 and ASW2 into the STP loop-inconsistent blocking state when the ports stop receiving BPDUs.
The router with an IP address of 10.1.1.1
The router with an IP address of 10.1.1.2
The router with the virtual IP address of 10.1.1.254
The router with the IP address 10.1.1.1 and the router with the IP address 10.1.1.2
Two IP SLA responders
A Round Trip Timer value
Network Time Protocol (NTP)
IP SLA source using TCP port 2020
Configure the switch physical interface so that the router will have an interface in each VLAN.
For each VLAN, configure trunking between the router and the switch.
Configure a routing protocol on the Layer 3 switch to include each interface.
Configure switch virtual interfaces. The result is that the router will have a virtual interface in each VLAN.
Redirect the debug standby output for the referenced HSRP group to a syslog server on the specified VLAN
Block the debug standby output for the referenced VLAN and HSRP group
Display debug standby output only for HSRP traffic that is received by HSRP peers in the specified VLAN and group
Display debug standby output only for HSRP traffic that is sent to HSRP peers in the specified VLAN and group
Limit the output of the debug standby command to the specific VLAN interface and HSRP group
A host computer
An IP phone
An Ethernet switch
A lightweight access point
Edge ports function similarly to UplinkFast ports.
Edge ports should never connect to another switch.
If an edge port receives a BPDU, it becomes a normal spanning-tree port.
Edge ports immediately transition to learning mode and then forwarding mode when enabled.
Edge ports never generate topology change notifications (TCNs) when the port transitions to a disabled or enabled status.
Edge ports can have another switch connected to them as long as the link is operating in full duplex.
Wide coverage because of the fact that a VLAN can be geographically dispersed throughout the network
Ease of management because local VLANs are typically confined to the building access submodule
High availability because redundant paths exist at all infrastructure levels
Broad expansion domain because the number of devices on each VLAN can easily be added to
IP address conservation because address blocks can be allocated to VLANs
Switch SW2 can move port Fa0/3 into a forwarding state, thereby creating a Layer 2 loop.
Switch SW1 shuts down the Fa0/1 port and thus reinforces a new spanning-tree calculation.
Switch SW2 negotiates the Fa0/1 port on SW1 to be in full-duplex mode which keeps SW1 as the root bridge for the spanning tree.
Switch SW1 negotiates the Fa0/2 port on SW2 to be in half-duplex mode and thus forces SW2 to become the root bridge for the spanning tree.
Relatively small frame overhead
Spanning Tree Protocol
First Hop Redundancy Protocol (FHRP)
Supervisor Engine redundancy
Redundant switching modules
Latency is not a factor for a smooth video over IP implementation.
Latency should be defined for voice traffic only (not for video).
The recommended maximum one-way latency should not be more than 150 ms.
When mixed video and voice packets are included in the video stream, the latency should be 300 ms.