Test your basic knowledge |

CCNP Switch Deck

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. What happens when switches receive a configuration BDPU?
Automatically using DTP and CDP
1-(opt) set system priority - 2-select interface(s) - 3-assign the protocol - 4-set the mode - 5-(opt) set the port priority
They shorten their bridge table aging times from default (300sec) to the fowarding delay (15 sec)
By name - config revision - and instance to vlan mapping table

2. What is the range of HSRP group numbers?
2-8 FE - GE - or 10GE are bundled.
By using a hash of a key string
0-255
Can send and receive BDPUs

3. What is the default mode of load balancing?
Only the standby monitors the hello messages from the active router
Nonstop forwarding is an interactive method focusing on rebuilding the RIB after SUP switchover
Src-dst-ip
No

4. What is an ESS?
Enables switches at the end of the spanning tree branches to have a functioning root port while keeping 1 or more redundant potential ports in blocking mode. When the main fails - the other comes up.
When the AP uplinks to an Ethernet network.
Interim solution - uses same hardware as WEP - but uses TKIP encryption
16 - of which up to 8 are active. The others are in standby

5. How do you prevent switch spoofing?
By configuring every switch port to have an expected and controlled behavior
Port with best root path cost on segment
1 IP subnet
The station must wait until the frame in progress has completed - then wait a random amount of time before transmitting

6. How does L3 QOS classification happen?
The TOS field in the header is used. 2 methods 3 bits or 6 bits
Interim solution - uses same hardware as WEP - but uses TKIP encryption
By an ARP access list that defines the permitted bindings
MAC addresses are learned from the source MAC of incoming frames. If the destination address is unknown - the frame is flooded out all except the receiving port.

7. RSTP learning state
Using a single WAP to centralize access and control over a group of wireless devices.
When the size of a cell is intentionally reduced
Incoming frames dropped - but MACs learned
Dynamic arp inspection

8. How many users should be within a switch block?
Roughly 2000
With the skinny protocol
By encapsulating each frame in a header and trailer
Port is forced to never authorize any connected client

9. What are the 3 redundant supervisor modes?
Time between BDPUs sent by root bridge. Default of 2 seconds
RPR - RPR+ - and SSO
Embeds the tag within the frame
Weak key rotation

10. What is the cost of a 100Mbps link?
On (all ports channel) - auto (channels when asked) - and desirable(actively asks to form a channel)
By sending a gratuitous ARP
Transmits keystrokes from phone and commands from CCM
19

11. What pins does FE use?
Regions and instances
Sends a voltage across the receive pairs to detect a 25k ohm resistance
1/2 and 3/6
0000.5e00.01xx

12. Whan is a 10GE WAN PHY?
Connects with SONET or SDH
With portfast
No shut
Immediate (class 2)

13. How do you configure a DHCP gateway?
300 sec
First configure a L3 interface in same VLAN as clients - then use the ip helper-address command to ID the DHCP server
The station must wait until the frame in progress has completed - then wait a random amount of time before transmitting
1-ID link path costs - 2-ID roodt bridge - 3-select root port (1/switch) - 4-select designated port (1/segment) - 5-ID blocking port

14. How many designated ports are there?
300 sec
Silent
1- enable MST - 2-enter MST config mode - 3-assign region name and region configuration rev - 4-map vlans to an MSTI - 5-show pending changes - 6- commit by exiting
1 per segment

15. What is a CEF glean?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183

16. What is the STP blocking state?
The port is forced to always authorize any connected client with no authentication necessary (default)
Can hear only BDPUs
0000.5e00.01xx
Hosts within a secondary can communicate with each other and with the primary - but not with another secondary vlan

17. What are the 5 STP port roles?
Port stays up - but packets from violating MACs are dropped. Switch logs violating packets
Root - designated - blocking - alternate - forwarding (host)
300 sec by default
All fiber-optic links between switches (must be enabled on both ends)

18. What is a community secondary VLAN?
1-lowest root bridge ID - 2-lowest root path cost - 3-lowest bridgeID - 4-lowest port ID
Disabled - blocking - listening - learning - forwarding
Hosts within a secondary can communicate with each other and with the primary - but not with another secondary vlan
Admin down

19. What are the 2 types of secondary VLAN?
Time between BDPUs sent by root bridge. Default of 2 seconds
16 - of which up to 8 are active. The others are in standby
BGP - EIGRP - OSPF - and IS-IS.
Isolated and community

20. What is the FM?
Feature Manager - after the ACL is created - the FM compiles the ACEs into the table
Should be used on access switches - can't be used on root - keeps enabled switch from becoming root by raising priority of switch and all ports - making them undesirable
Distribution
Hosts within a secondary can communicate with each other and with the primary - but not with another secondary vlan

21. What is the distribution layer best practice?
The distribution layer should have only L3 links
To a VLAN and not to a VLAN interface (SVI)
On ports where you never expect to find a root bridge for a VLAN
Feature Manager - after the ACL is created - the FM compiles the ACEs into the table

22. Where is loop guard enabled?
0-255 (lower is better)
All nondesignated ports - but ok for all ports
All fiber-optic links between switches (must be enabled on both ends)
Plain text or md5

23. What are the two private vlan association modes?
The redundant SUP is booted and sup and route engine is init'd. No L2 or L3 functions are started. Allows switchports to retain state
Promiscuous and host
Port stays up - but packets from violating MACs are dropped. Switch logs violating packets
Very high L3 throughput - no access lists or port filtering - redundancy and resilience - advanced QoS

24. What does Root Guard do?
Local only
Controls where candidate root bridges can be connected and found on a network
Either desirable or auto mode
Any dhcp reply coming from an untrusted port is discarded and the offending port is put in errdisable

25. What types of link can an etherchannel be?
Access or trunk
Allows devices to interoperate with PVST and CST. Can use both dot1q and ISL
Should be used on access switches - can't be used on root - keeps enabled switch from becoming root by raising priority of switch and all ports - making them undesirable
Port with best root path cost on segment

26. What is integrated services model QOS?
26-byte header - 4-byte trailer with CRC
A path is pre-arranged for priority along the complete path from source to destination using the RSVP protocol.
Yes
By using a hash of a key string

27. How does loop guard block ports?
If three are missed in a row - the neighbor is considered down and the data for that neighbor is aged
Only for the offending VLAN on the port
By encapsulating each frame in a header and trailer
The wireless clients communicate directly with no other means of connectivity such as a WAP

28. RSTP edge port
A single broadcast domain
Only a single host connects . If one BDPU is received - it is no longer an edge port
TCAM
By short-circuiting the max age timer

29. How does dot1q do trunking?
Embeds the tag within the frame
Forces the router to wait for a period of time after the switch is reloaded before attempting to overthrow
All ARP packets that arrive on untrusted ports are inspected.
10-15%

30. Where shoul dmultilayer switches be implemented?
No
Distribution layer
Discarding - learning - forwarding
Sends a test tone on the transmit pair. If a device is detected - CDP is used to narrow down the power class.

31. What is an IBSS?
Use the spanning-tree root macro
The wireless clients communicate directly with no other means of connectivity such as a WAP
Prevents the dhcp binding DB from being checked.
2 - one for control messages and one for data

32. How does a LAP and a WLC authenticate between each other?
Using digital certificates
All ports where root isn't expected
Host Standby Router protocol. Cisco proprietary. Switch is either active - standby - or listen
Access or trunk

33. What is 802.1x auto?
Frames are forwarded
Used when there are 1 or more VLANs mapped to a single STP instance
The port uses 802.1x exchange to move from unauthorized to authorized. Requires app on client
Gets assistance from other NSF-aware neighbors. NSF features need to be built into the routing protocols on router needing and providing assistance

34. What is dynamic auto?
Will trunk if asked
The standby becomes active and stays active by default. Preemption can be configured
Usually QoS from VOIP but not PC dataa
Aggregation - high L3 throughput - security and policy based connectivity functions through access lists and packet filters - QoS - scalable high-speed links

35. What is 802.1x force-unauthorized?
Will trunk if asked
1- enable MST - 2-enter MST config mode - 3-assign region name and region configuration rev - 4-map vlans to an MSTI - 5-show pending changes - 6- commit by exiting
Virtual Router Redundancy Protocol - pretty much the same as HSRP
Port is forced to never authorize any connected client

36. How does a DAI enabled switch gather trusted ARP info?
Matching SSID - compatible data rate - authentication credentials
From the DHCP snooping database or from static entries
Using a mobility exchange message
The priority is a 2 byte value followed by the MAC that decides which ports are actively participating in Etherchannel (lower=higher priority)

37. What feedback mechanism does wireless use?
Yes
They should be an unconditional Etherchannel because the WLC can't negotiate a channel.
All ports where root isn't expected
When a wireless station transmits a frame - the receiving one must send an ack

38. Can ARP replies be checked
The switch adds its MAC to the option 82 field so that the DHCP reply echoes back the switch's own information
Used when ACLs specify port ranges...used by TCAM
Must be same type - speed - VLAN(s) - native vlan - pass the same set of vlans -duplex - and spanning tree settings
Yes

39. If you want IP source guard to detect spoofed MAC addresses - what must you do?
The campus network's backbone
Turn on port security
The same as a standby group in HSRP
All non-edge ports are discarding. After the root bridge is identified - the port with superior BDPU becomes root

40. How does ISL do trunking?
Hosts within a secondary can communicate with each other and with the primary - but not with another secondary vlan
By encapsulating each frame in a header and trailer
80% of the user traffic should stay in the VLAN
Low cost - high density ports - multiple scalable uplinks - vlans - traffic and protocol filtering and QoS

41. What is the VRRP master router?
Automatically negotiates a common trunk mode between switches
The active router. All other routers are in backup state
0000.5e00.01xx
2 - one for control messages and one for data

42. How can BDPU Guard be configured?
Up to 4 can be used in a group. Called active virtual forwarders (AVF)
Globally or per-port
Hold time is 3xhello. A skew time of 256ms-routerpriority)/256ms is added
The frame tag contains a 3 but portion tagged from 0 (low) to 7 (high)

43. What is the STP listening state?
Feature Manager - after the ACL is created - the FM compiles the ACEs into the table
Local only
Can send and receive BDPUs
Traffic types and patterns - amount of L3 switching cap. At dist. Layer - # users at access layer - geography - size of spanning tree domains

44. What happens during HSRP failover?
Forces the router to wait for a period of time after the switch is reloaded before attempting to overthrow
The standby becomes active and stays active by default. Preemption can be configured
Discarding - learning - forwarding
2 strand MMF with MT-RJ or SC connectors

45. Define GLBP
No
Almost eliminates listening and learning states for single hosts on an access link
Gateway load balancing protocol - cisco proprietary
LACP port priority

46. How much BW does a voip connection use?
It updates the L2 headers with the proper src and dst MAC - L3 TTL - L3 checksum - and L2 checksum information
12 kbps with headers and compression
No
An AP's coverage area

47. if the switchport is part of an etherchannel - Where is the network assigned
To the virtual port-channel interface
Based on priority (0-255). Default is 100. Highest IP is tie breaker
3 seconds. Holdtime =3 hellos + 1
Port that connects to another switch and becomes a designated port

48. What are the 4 steps to extend QoS trust?
Because each frame is checked
1- enable qos - 2-define qos parameters to be trusted - 3-make trust conditional - 4-instruct IP phone how to extnd boundary
Configure and enable DHCP snooping
All user ports that have portfast enabled

49. What is 802.1x force-authorized?
No
The port is forced to always authorize any connected client with no authentication necessary (default)
All ports where root isn't expected
After another forwarding delay - the port can send and receive data frames - collect MAC addresses - and send and receove BDPUs

50. What are 2 ways to configure VLAN and VTP information?
When a wireless station transmits a frame - the receiving one must send an ack
If the client maintains the same IP address as it roams between Aps. All must have same VLAN - SSID - and subnet
Global config (vlan - vtp mode - and vtp domain) and VLAN DB mode commands. Global config is preferred because VLAN DB mode commands are legacy
134 bits