Instructions:

• Answer 50 questions in 15 minutes.
• If you are not ready to take this test, you can study here.
• Match each statement with the correct term.
• Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. How do you prevent VLAN hopping?
Trunk - dynamic auto - dynamic desireable (default)
A path is pre-arranged for priority along the complete path from source to destination using the RSVP protocol.
Set the native VLAN of a trunk to a bogus or unused VLAN ID then prune the native VLAN off both ends of the trunk
Sends special layer 2 UDLD frames and expects an echo. Both ends must be configured for UDLD


2. When looking at the sh spanning tree output - What does P2P denote?
A point to point port type
To a VLAN and not to a VLAN interface (SVI)
If the switch or the powered device doesn't suport power class discovery
Discarding - learning - forwarding


3. What types of link can an etherchannel be?
Access or trunk
2 - one for control messages and one for data
Access
Control functions


4. How does every VRRP command begin?
LACP port priority
1/2 and 3/6
Switch(config-if)# vrrp xx where xx= group number
Configuration and TCN


5. What is an isolated secondary VLAN?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


6. What data does DHCP snooping track?
Globally
2 seconds
By using a hash of a key string
Completed dhcp bindings - mac addresses - IP addresses - etc.


7. What does the switchport host macro do?
Auto mode
The distribution layer should have only L3 links
Sets the switchport mode to access - enables portfast - and turns off channel grouping for the port
On root - because the root bridge propagates timers with config BDPU


8. What is SSO?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


9. EAP encryption
The frame tag contains a 3 but portion tagged from 0 (low) to 7 (high)
The port asks the other end to trunk
Dynamic WEP keys that change periodically
The wireless clients communicate directly with no other means of connectivity such as a WAP


10. Automatically configure STP timers
Port stays up - packets from violating MACs dropped - no logging
Use the spanning-tree root macro
Use sh interface on the interface and look for error counts > 10
Forces the router to wait for a period of time before attempting overthrow


11. What is the default VTP state?
Roughly 50%
The L3 forwarding engine can't forward the packet in hardware because there is no L2 next-hop address - so the packet is sent to the L3 engine to generate the ARP response
RPR - RPR+ - and SSO
VTP server for domain null with no password or secure mode


12. Where should you change the network diameter value?
By creating a static IP binding
RADIUS
Option 43
Cisco recommends only on the root bridge


13. What is the cost of a 100Mbps link?
Used to switch packets that can't be forwarded normallly due to an encapsulation failure - unresolved address - unsupported protocol - etc.
19
A MAC is seen on a different port
Sends a test tone on the transmit pair. If a device is detected - CDP is used to narrow down the power class.


14. By default - what layer do catalyst switchports operate on?
L2
Silent
1-LAP gets a DHCP address - 2-LAP learns IP of available WLC - 3-LAP sends a join request to WLC and receives join reply - 4-WLC sends code image - if necessary - 5-Tunnels are created
Stateful switchover - redundant sup is fully booted and init'd. Both start and run config are synched as is L2 information - and switchinterfaces.


15. What is a vlan?
Route once - switch many
A single broadcast domain
Each peer sends and receives hellos. Def hello is 3 sec - def hold is 10 sec
The MST instance (MSTI) runs alongside the IST and represents an STP instance


16. What are the 6 HSRP states?
Disabled - init - listen - speak - standby - active
Trusted or untrusted
Used to switch packets that can't be forwarded normallly due to an encapsulation failure - unresolved address - unsupported protocol - etc.
Roughly 2000


17. How are frames forwarded across a specific link?
Incoming frames are dropped (combination of disabled - blocking - and listening)
Missed beacons - dropped packets (max retry) - weak signal (data rate switches down) - an AP periodicallytries to find a stronger signal
Hashing algorithm
The standby becomes active and stays active by default. Preemption can be configured


18. What is the default 10mbps Enet duplex?
The number of times the entry has been updated since the table was generated
Half-duplex
MAC of the end device
Switch(config-if)# standby xx where x= group number


19. What does port-security protect do?
Port stays up - packets from violating MACs dropped - no logging
Differentiated services code point
Switched Virtual Interface - an L3 address can be assigned to a logical interface that represents an entire VLAN - which becomes the DGW for that VLAN
Up to 4 can be used in a group. Called active virtual forwarders (AVF)


20. What is the GLBP AVG?
Tracks of BDPUs on nondesignated ports. When those BDPUs stop coming - the port is put into loop-inconsistent state and blocks
0000.0c07.acxx where xx is the group number as a 2-digit hex value
One router is the active virtual gateway - has highest priority or IP in group - answers all ARP requests and gives MAC based on load balancing
Data goes over native vlan - voice goes over VLAN0 - voice QOS is 802.1p


21. What are the PAgP negotiation modes
On (all ports channel) - auto (channels when asked) - and desirable(actively asks to form a channel)
Hold time is 3xhello. A skew time of 256ms-routerpriority)/256ms is added
2-8 FE - GE - or 10GE are bundled.
L2


22. What is UDLD normal mode?
If a unidirectional link is detected - the port continues normally - but the port is marked as undetermined and a syslog is generated
Determines when the AVG will stop using the old VMAC in ARP replies
The TOS field in the header is used. 2 methods 3 bits or 6 bits
Hashing algorithm


23. What are the 2 types of BDPU?
Configuration and TCN
802.1x with EAP over LAN (EAPOL)
Those that connect to other switches
Globally


24. How does NSF work?
Only the standby monitors the hello messages from the active router
Only on ports that have same static VLANs or trunking. It also modifies parameters of the channel if one of the ports is modified
802.1x with EAP over LAN (EAPOL)
Gets assistance from other NSF-aware neighbors. NSF features need to be built into the routing protocols on router needing and providing assistance


25. What is the port priority range?
Roughly 2000
0-255 (lower is better)
Route processor redundancy - redundant sup is partially booted and initialized and must reload module in the switch and init all sup functions
26-byte header - 4-byte trailer with CRC


26. What 2 conditions does IP source guard check for?
Source IP and MAC must match those addresses learned by DHCP snooping or a static entry
An L2 switch can only forward frames best effort unless going across a trunk
The master router can share the VIP
Switches make an effort to move packets as quickly as possible


27. How doed backbonefast work?
Switchpotrt nonegotiate
1-lowest root bridge ID - 2-lowest root path cost - 3-lowest bridgeID - 4-lowest port ID
By short-circuiting the max age timer
Any dhcp reply coming from an untrusted port is discarded and the offending port is put in errdisable


28. WPA encryption
1 -2 -5.5 and 11 Mbps - Channels 1/6/11 - 2.4Ghz
To the virtual port-channel interface
The port asks the other end to trunk
Interim solution - uses same hardware as WEP - but uses TKIP encryption


29. What is the STP hello timer?
Time between BDPUs sent by root bridge. Default of 2 seconds
134 bits - consisting of source and destination addresses and protocol information from the packet or frame
10-15%
Tracks of BDPUs on nondesignated ports. When those BDPUs stop coming - the port is put into loop-inconsistent state and blocks


30. Where is bdpu guard enabled?
Globally
Hosts associated with a secondary VLAN can communicate with ports on the primary but not with another secondary VLAN
All user ports that have portfast enabled
Stateful switchover - redundant sup is fully booted and init'd. Both start and run config are synched as is L2 information - and switchinterfaces.


31. What must be supported for port-based security to occur?
802.1x with EAP over LAN (EAPOL)
1-ID link path costs - 2-ID roodt bridge - 3-select root port (1/switch) - 4-select designated port (1/segment) - 5-ID blocking port
Makes use of the DHCP snooping database and static ip source binding entries. If enabled - switch will test addresses
The port will operate under 802.1D rules. If they are received on the same port - it will run 802.1D until the migration delay expires


32. if the switchport is part of an etherchannel - Where is the network assigned
1- trunking mode - 2-trunk encapsulation - 3-native VLAN - 4-allowed VLAN
To the virtual port-channel interface
Both ends should be on because on modes doesn't send PAgP or LACP packets
1-(opt) configure load balancing - 2-select the interface(s) - 3-assign the protocol - 4-select the mode and submode


33. What is 802.1x force-authorized?
To a VLAN and not to a VLAN interface (SVI)
1-client sends DHCP discover as broadcast - 2-DHCP server sends DHCP offer - client sends DHCP Request - DHCP server sends DHCP ack
The port is forced to always authorize any connected client with no authentication necessary (default)
Forces the router to wait for a period of time before attempting overthrow


34. can root guard and udld be used together?
Yes
Hold time is 3xhello. A skew time of 256ms-routerpriority)/256ms is added
Distribution
The time that a port spends in both listening and learning states . Default 15 seconds


35. What must you be sure of if AP cells overlap?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


36. What are the characteristics of the access layer?
A VLAN that spans the entire fabric
The number of times the entry has been updated since the table was generated
VTP server for domain null with no password or secure mode
Low cost - high density ports - multiple scalable uplinks - vlans - traffic and protocol filtering and QoS


37. What is the PVLAN promiscuous mode?
Time between BDPUs sent by root bridge. Default of 2 seconds
Connects to a router - firewall - or gateway. Can communicate with anything else connected to the primary or any secondary. Ignores pvlan config
1- root bridge is elected - 2-the state of eery switch port in the STP domain must be brought from blocking state to the appropriate state
Local only


38. Can loop guard and udld be used together?
Discarding - learning - forwarding
1 second. Backup routers can learn the interval from the master
By short-circuiting the max age timer
Yes


39. When should CDP be enabled?
Only for trusted Cisco gear - especially phones
The active router. All other routers are in backup state
Root
MST attributes must be manually entereed on each switch in the region. They don' t propagate like VTP.


40. What is DCF?
16 bits (8b port priority - 8b port number)
0-255 (lower is better)
Distributed coordinion function - the use of timers to prevent wireless collisions
TCAM


41. How do VRRP routers handle preemption?
Receives the first packet of a traffic flow and routes it
On by default
A MAC is seen on a different port
To the virtual port-channel interface


42. How does Root Guard work?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


43. What are the 4 steps in DHCP negotiation?
Switched Virtual Interface - an L3 address can be assigned to a logical interface that represents an entire VLAN - which becomes the DGW for that VLAN
300 sec
Multicast to 01-80-c2-00-00-00
1-client sends DHCP discover as broadcast - 2-DHCP server sends DHCP offer - client sends DHCP Request - DHCP server sends DHCP ack


44. What is a community secondary VLAN?
Automatically negotiates a common trunk mode between switches
Arp for local subnet - if on different subnet - will arp for dgw
Hosts within a secondary can communicate with each other and with the primary - but not with another secondary vlan
TCAM


45. What contains the next-hop entries?
Per-port or globally for all fiber-optic ports. Can be enabled globally - but will only affect fiber ports
Value - mask - and result (VMR) combinations
Port
FIB


46. What functions does a WLC perform?
On the left as you face the connector
Control functions
No shut
Per VLAN


47. What is the bridge priority range?
0-65535 (def 32768) lower=better
802.1x with EAP over LAN (EAPOL)
Cisco recommends only on the root bridge
5 classes with 3 drop precedences


48. What are the gotchas for uplinkfast?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


49. What is a punt adjacency?
MAC of the end device
5 classes with 3 drop precedences
Packets must be sent to the L3 engine for further processing
Switched Virtual Interface - an L3 address can be assigned to a logical interface that represents an entire VLAN - which becomes the DGW for that VLAN


50. How do you configure DAI for statically configured IP addresses?
A key string of up to 8 characters is sent. Default is cisco.
Aggregation - high L3 throughput - security and policy based connectivity functions through access lists and packet filters - QoS - scalable high-speed links
Routers are assigned to common GLBP group. All routers can be active and can load balance
By an ARP access list that defines the permitted bindings