Switch Final Exam - CCNP Switch (Version 6.0)

The command standby preempt should only be applied on the active router

The subnet mask is missing from the standby ip 10.1.1.1 command

The group number 50 is missing in the Router RTB configuration commands.

The priority number 150 is missing in the Router RTB configuration commands.

The virtual IP address should be the same as the active router

The ports on the switch must be configured with the spanning-tree PortFast feature.

All intercepted packets that come from untrusted ports are dropped.

All intercepted packets that come from trusted ports are sent to untrusted ports only

The intercepted packets are verified against the DHCP snooping binding table for valid IP-to-MAC bindings.

For all intercepted packets, an ARP request is sent to the DHCP server for IP-to-MAC address resolution

A manager who is using an SNMP string of K44p0ut

A manager who is using an Inform Request MIB

a manager who is using host 192.168.0.5

A manager who is using authPriv

Remote users are granted access to the network through the core.

Routing should be configured without traffic filtering, address translation, or other packet manipulation at the core

The core, which acts as the front door to a network, is designed to prevent unauthorized users from gaining entry.

The core provides an optimized and reliable transport structure by using a combination of route summaries, distribution lists, and route maps

Sticky

Shutdown

Restrict

Protect

Enable IP routing globally

Assign IP addresses to routed ports.

Configure SVI for each VLAN in the network.

Configure 802.1 Q encapsulation on routed ports.

Disable Power over Ethernet (PoE) on the physical Layer 3 interfaces.

Disable Layer 2 functionality on interfaces that will be configured as routed ports

Disable ports that should be in the blocking state.

Disable ports that should be in the forwarding state.

Disable and re-enable all ports on the distribution switches.

Disable all ports on the distribution switches and replace with new switches

Using a non-trunk link to connect switches

Using non-Cisco switches

Configuring all switches to be in VTP server mode

Not using any VTP passwords on any switches

Using lowercase on one switch and uppercase on another switch for domain names

having a VTP transparent switch in between a VTP server switch and a VTP client switch (all switches in the same VTP domain)

Interfaces Fa0/1 through Fa0/6 are trunk ports.

Switch DLS1 is not the root bridge for VLAN 1.

The Cost column in the lower part of the exhibit is not the cumulative root path cost.

The default spanning-tree timers have been adjusted.

That Fa0/12 is displaying the alternate port role indicates that PVRST+ is enabled.

The QoS requirements should accommodate the best effort delivery for voice traffic

The QoS requirements should accommodate the bursty nature of voice traffic.

The QoS requirements should accommodate the intensive demand on bandwidth for voice traffic

The QoS requirements should accommodate the smooth demand on bandwidth, low latency, and delay for voice traffic.

Use HSRP instead of GLBP

Adjust the GLBP timers.

Configure spanning tree so that the spanning-tree topology adjusts with the GLBP active virtual forwarder (AVF).

Disable GLBP preemption on all route processors.

UDLD stops trying to establish a connection with the neighbor.

UDLD changes the port state to err-disable.

UDLD changes the port to loop-inconsistent blocking state.

UDLD sends hello messages to its neighbor at a rate of one per second to attempt to recover the connection.

As a trunk port

As a routed port

As an access port

As a switched virtual interface

Keep voice and data traffic in the same VLAN and mark the traffic for high priority treatment.

Create voice VLANs to keep voice traffic separate from other data to ensure special handling of the traffic.

Configure traffic shaping QoS policy to guarantee minimum delay for the voice traffic.

Configure QoS policy to classify the voice traffic in the priority queue to guarantee reserved bandwidth allocation for the traffic.

Configure the Weighted Random Early Detection (WRED) congestion avoidance mechanism to guarantee that the voice traffic will be placed in the priority queue.

Wrong IP address or subnet mask

Ports in the wrong VLAN

Mismatch between SVI and VLAN numbering

Disabled VTP pruning

Downed SVI

ACL on wrong interface

Custom queuing

FIFO queuing

Priority queuing

Weighted round robin (WRR) queuing

Native VLAN mismatch

Encapsulation mismatch

Switchport mode mismatch

VTP mismatch

DTP mismatch

Hardware failure

Local username and password

TACACS+ server

RADIUS server and, if that fails, local username and password

TACACS+ server

TACACS+ server and, if that fails, local username and password

RADIUS server and, if that fails, TACACS+ server

Root guard should be implemented on the Layer 2 ports between the distribution switches.

PortFast should be implemented on the uplink ports from the access switches to the distribution switches.

Loop guard should be implemented on the Layer 2 ports between DSW1 and DSW2 and on the uplink ports from the access switches to the distribution switches.

BPDU guard should be implemented on the Layer 2 ports between DSW1 and DSW2 and on the uplink ports from the access switches to the distribution switches.

Replying to ARP requests that are intended for other recipients

Sending malicious dynamic trunking protocol (DTP) frames

Replying to DHCP requests that are intended for a DHCP server

Sending a unicast flood of Ethernet frames with distinct source MAC addresses

Sending frames with two 802.1Q headers

All interfaces on links 5 and 6

All interfaces on links 1, 2, 3, and 4

All interfaces on links 1, 2, 3, 4, 5, and 6

All interfaces between the distribution and the access switches

BPDU guard is enabled

Cisco Discovery Protocol (CDP) is disabled.

VLAN trunking protocol (VTP) is disabled.

PortFast is enabled.

Trunking is disabled.

Channel group is disabled.

A routed port behaves like a regular router interface and supports VLAN subinterfaces.

A routed port is a physical switch port with Layer 2 capability.

A routed port is not associated with a particular VLAN.

To create a routed port requires removal of Layer 2 port functionality with the no switchport interface configuration command.

The interface vlan global configuration command is used to create a routed port.

Spanning-tree load balancing is in effect.

All VLANs are mapped to MST instance 2.

PVRST+ is still operating on switch DLS1.

PVST+ is still operating on switch DLS1.

MST will require fewer resources than PVST+ or PVRST+.

Applying the standby 32 timers 10 30 command on the Gi0/2 interfaces of each switch would decrease the failover time

If the DSw1 and DSw2 switches have been configured to preempt, then DSw2 will be the active router.

If the DSw1 switch is configured with the standby preempt command and DSw2 is not, then DSw1 will be the active router.

The HSRP group number in this HSRP configuration is HSRP group number 50.

The standby track command is useful for tracking interfaces that are not configured for HSRP.

When host A sends an ARP request for 10.10.10.1, Virtual Router replies with the MAC address of the active router.

1 ms

2 ms

5 ms

10 ms

Only port Fa0/24 can send and receive all DHCP messages

Ports Fa0/1, Fa0/2, and Fa0/24 can send and receive all DHCP messages.

Only ports Fa0/1 and Fa0/2 can send and receive all DHCP messages.

Ports Fa0/1, Fa0/2, and Fa0/24 can send and receive only DHCP requests.

VLAN ID

ACL information

Destination MAC address

QoS information

Source MAC address

Hash key

Route Processor Redundancy+ (RPR+)

Distributed CEF (dCEF)

Stateful Switchover (SSO)

Resilient Packet Ring (RPR)

Nonstop Forwarding (NSF)

Per Line Card Traffic Policing

The root switch is the switch with the highest speed ports.

Decisions on which port to block when two ports have equal cost depend on the port priority and index.

All trunking ports are designated and not blocked.

Root switches have all ports set as root ports.

Nonroot switches each have only one root port.

It keeps client-to-server traffic local to a single subnet.

Servers that are located in a data center require less bandwidth.

It is easier to filter and prioritize traffic to and from the data center.

Server farms are not subject to denial of service attacks.

The implementation of link aggregation will be limited.

The implementation of IGP routing protocols will be limited.

The implementation of EtherChannels on redundant links will exceed the bandwidth.

The implementation of scalability that is required during future growth will be limited.

Native VLAN mismatch

Unassigned management VLAN

Layer 2 interface mode incompatibilities

Missing default VLAN

Mismatched trunk encapsulations

PAgP not enabled

Configure interface Fa0/1 on SW1 as a trunk

Remove the subinterfaces on R1 and configure interface Fa0/0 as a trunk.

Configure interfaces Fa0/2 and Fa0/3 on SW1 as trunk links.

Configure VLAN 100 as a data VLAN and VLAN 1 as the native VLAN.

Root guard is not enabled on interface Fa3/42.

Interface Fa3/42 will not pass data traffic if it detects that it is part of a spanning-tree loop caused by unidirectional link failure.

UDLD cannot be configured on interface Fa3/42.

If a spanning-tree loop is detected on VLAN 1, data traffic will be blocked for all VLANs on interface Fa3/42.

The difference in BPDUs sent and received indicates a loop caused by unidirectional link failure has been detected.

Cisco Enterprise Campus Architecture

Cisco Enterprise Data Center Architecture

Cisco Enterprise Branch Architecture

Cisco Enterprise Teleworker Architecture

Retries

Hostname

Timeouts

Domain name

Keys

Routing protocol

Bifurcated match

Longest match

Second match

Exact match

First match

Third match

Dictionary

Denial of service (DoS)

Replay

MAC-address flooding

Password

Has no centralized monitoring

Has no centralized management

Has no centralized operational control

Has no centralized access authentication

Configure the routing protocol.

Configure SVI for each VLAN in the network.

Configure the links between DSW and the access switches as access links.

Configure as routed ports the DSW interfaces that face the access switches.

If an active STP port is blocked, the active FlexLink port will take over.

Both the active STP port and active FlexLink port can forward traffic simultaneously.

Both the active STP port and active FlexLink port can forward traffic simultaneously but only for different VLANs.

STP can be active in the distribution layer, but is unaware of any FlexLink updates in the access layer.

The inclusion of the fourth module will increase the routing complexity.

It will limit the traffic flow in the network.

It will provide scalability for future growth.

It will impact the security of the traffic between the distribution switches.

It will increase the number of additional links that are required to provide redundant connectivity.

Switch DLS1 is the standby router for VLANs 1,10, and 20.

Switch DLS2 is the standby router for VLANs 30 and 40.

Issuing the show standby command on switch DSL1 will reveal that the HSRP state for VLAN 10 is standby.

Issuing the show standby command on switch DSL2 will reveal that the HSRP state for VLAN 30 is standby.

By setting different priorities on different VLANs, a type of load balancing is occurring.

If the Ethernet cables between switch DLS2 and switch ALS1 were severed, Payroll Host would not be able to reach SQL Server.

Prepare phase

Plan phase

Design phase

Implement phase

Operate phase

Optimize phase

BPDU guard puts an interface that is configured for STP PortFast in the err-disable state upon receipt of a BPDU.

BPDU guard overrides the PortFast configuration and reverts to the default spanning tree configuration on the access ports.

BPDU guard forces the uplink ports on ASW1 and ASW2 to become designated ports to prevent DSW2 from becoming a root switch.

BPDU guard places the uplink ports on a ASW1 and ASW2 into the STP loop-inconsistent blocking state when the ports stop receiving BPDUs.

Route caching

Process switching

Silicon switching

Topology-based switching

The router with an IP address of 10.1.1.1

The router with an IP address of 10.1.1.2

The router with the virtual IP address of 10.1.1.254

The router with the IP address 10.1.1.1 and the router with the IP address 10.1.1.2

Two IP SLA responders

A Round Trip Timer value

Network Time Protocol (NTP)

IP SLA source using TCP port 2020

Configure the switch physical interface so that the router will have an interface in each VLAN.

For each VLAN, configure trunking between the router and the switch.

Configure a routing protocol on the Layer 3 switch to include each interface.

Configure switch virtual interfaces. The result is that the router will have a virtual interface in each VLAN.

Redirect the debug standby output for the referenced HSRP group to a syslog server on the specified VLAN

Block the debug standby output for the referenced VLAN and HSRP group

Display debug standby output only for HSRP traffic that is received by HSRP peers in the specified VLAN and group

Display debug standby output only for HSRP traffic that is sent to HSRP peers in the specified VLAN and group

Limit the output of the debug standby command to the specific VLAN interface and HSRP group

A host computer

An IP phone

An Ethernet switch

A lightweight access point

Edge ports function similarly to UplinkFast ports.

Edge ports should never connect to another switch.

If an edge port receives a BPDU, it becomes a normal spanning-tree port.

Edge ports immediately transition to learning mode and then forwarding mode when enabled.

Edge ports never generate topology change notifications (TCNs) when the port transitions to a disabled or enabled status.

Edge ports can have another switch connected to them as long as the link is operating in full duplex.

Wide coverage because of the fact that a VLAN can be geographically dispersed throughout the network

Ease of management because local VLANs are typically confined to the building access submodule

High availability because redundant paths exist at all infrastructure levels

Broad expansion domain because the number of devices on each VLAN can easily be added to

IP address conservation because address blocks can be allocated to VLANs

Prepare phase

Plan phase

Design phase

Implement phase

Operate phase

Optimize phase

Switch SW2 can move port Fa0/3 into a forwarding state, thereby creating a Layer 2 loop.

Switch SW1 shuts down the Fa0/1 port and thus reinforces a new spanning-tree calculation.

Switch SW2 negotiates the Fa0/1 port on SW1 to be in full-duplex mode which keeps SW1 as the root bridge for the spanning tree.

Switch SW1 negotiates the Fa0/2 port on SW2 to be in half-duplex mode and thus forces SW2 to become the root bridge for the spanning tree.

Security

Resilience

QoS support

Multivendor support

Relatively small frame overhead

Multicast support

2

5

8

10

12

13

16

Spanning Tree Protocol

Routing protocol

First Hop Redundancy Protocol (FHRP)

Supervisor Engine redundancy

Redundant switching modules

Latency is not a factor for a smooth video over IP implementation.

Latency should be defined for voice traffic only (not for video).

The recommended maximum one-way latency should not be more than 150 ms.

When mixed video and voice packets are included in the video stream, the latency should be 300 ms.