Instructions:

• Answer 50 questions in 15 minutes.
• If you are not ready to take this test, you can study here.
• Match each statement with the correct term.
• Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. What is the PVLAN host mode?
The ASIC
Aggregation - high L3 throughput - security and policy based connectivity functions through access lists and packet filters - QoS - scalable high-speed links
Real-time functions such as beacons and probes - encryption and interactions with the client at L2
Connects to a host on an isolated or community vlan. Communicates only with promiscuous port or ports on same community vlan


2. EAP encryption
Dynamic WEP keys that change periodically
Switched Virtual Interface - an L3 address can be assigned to a logical interface that represents an entire VLAN - which becomes the DGW for that VLAN
Automatically using DTP and CDP
Configure the timer on the AVG and let it propagate


3. RSTP designated port
Port with best root path cost on segment
Compatible with 802.11b - up to 54Mbps in 12 data rates - 3 channels - 2.4Ghz
Protects STP when a physical malfunction only allows traffic in 1 direction - even though the link shows as up (cisco proprietary)
Data goes over native vlan - voice goes over VLAN0 - voice QOS is 802.1p


4. How often are VRRP advertisements sent?
Multicast to 01-80-c2-00-00-00
1-name the chain - 2-establish a key number - 3-create the key string - 4-apply the chain to the string
Controls where candidate root bridges can be connected and found on a network
1 second. Backup routers can learn the interval from the master


5. RSTP learning state
Distribution layer
1 IP subnet
Incoming frames dropped - but MACs learned
TCAM


6. What pins does FE use?
VTP server for domain null with no password or secure mode
If a unidirectional link is detected - the switch doesn't try to reestablish the link. ULD msgs are sent once/sec for 8 seconds - then the port is err-disabled
1/2 and 3/6
Single instance of STP for all VLANs. BDPUs are sent over trunks using the native VLAN with untagged frames. Dot1q based


7. What is the adjacency table?
A router keeps a routing table and an ARP table. The FIB combines them for every next-hop entry
It is enabled by default on all CEF capable switches
Connects with SONET or SDH
Source IP and MAC must match those addresses learned by DHCP snooping or a static entry


8. What does port-security restrict do?
Determines when the AVG will stop using the old VMAC in ARP replies
Change in trunk encap
Port stays up - but packets from violating MACs are dropped. Switch logs violating packets
By name - config revision - and instance to vlan mapping table


9. How does IPT behave when the voice VLAN is in untagged mode?
0-255 (lower is better)
Those that connect to other switches
Almost eliminates listening and learning states for single hosts on an access link
Data and voice over native vlan - no QOS but still uses 802.1p trunk


10. What is an end to end vlan?
Limits the number if dhcp requests on a port
Only a single host connects . If one BDPU is received - it is no longer an edge port
A VLAN that spans the entire fabric
Globally or per-port


11. Where are security and QoS ACLs stored?
Distribution
TCAM
The time that a port spends in both listening and learning states . Default 15 seconds
Silent


12. What are the 6 HSRP states?
During the time that the FIB entry is in CEF glean waiting for ARP entries - subsequent packet to that host are dropped to keep input queues from filling
RADIUS
If the client maintains the same IP address as it roams between Aps. All must have same VLAN - SSID - and subnet
Disabled - init - listen - speak - standby - active


13. What does the src-mac option do when checking ARP replies
Checks the source MAC in the header against the sender MAC in the ARP reply
Can send and receive BDPUs
If three are missed in a row - the neighbor is considered down and the data for that neighbor is aged
Packets are discarded due to an ACL or policy action


14. What is an indirect topology change?
1 to 64
When a port moves into forwarding or from fowarding or learning to blocking.
The link status stays up - but something between them has failed or is filtering traffic
134 bits - consisting of source and destination addresses and protocol information from the packet or frame


15. How are errdisable triggers tuned?
Feature Manager - after the ACL is created - the FM compiles the ACEs into the table
The time interval that a switch stores a DBPU before discarding it. Default 20 seconds
Globally
Yes


16. When looking at the sh spanning tree output - What does P2P denote?
A point to point port type
Weak key rotation
That they aren't using the same frequencies.
Access or trunk


17. What are the two private vlan association modes?
Differentiated services
Src-ip - dst-ip - src-dst-ip - src-mac - dst-mac - src-dst-mac - src-port - dst-port - src-dst-port
Frames are forwarded
Promiscuous and host


18. What is the STP disabled state?
Port that connects to another switch and becomes a designated port
Using digital certificates
Admin down
134 bits - consisting of source and destination addresses and protocol information from the packet or frame


19. How should backbonefast be configured?
By sending a gratuitous ARP
On all switches in network to enable RLQ request and reply
10-15%
Yes


20. How does HSRP gateway addressing work
Each physical interface has a different IP address. All physical interfaces point to a virtual interface called the standby address or VIP
Tracks of BDPUs on nondesignated ports. When those BDPUs stop coming - the port is put into loop-inconsistent state and blocks
0000.0c07.acxx where xx is the group number as a 2-digit hex value
The ASIC


21. What does the ip option do when checking ARP replies

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


22. For QoS - switch uplinks should always be considered as ____ _____?
Trusted ports
Limits the number if dhcp requests on a port
The station must wait until the frame in progress has completed - then wait a random amount of time before transmitting
1- inferior BDPU on blocked-considered alternative - 2-inferior on root-all blocked ports considered alternate - 3-if inferior arrives on root and no blocked ports - assumes loss of connectivity to root


23. How can BDPU Guard be configured?
When a wireless station transmits a frame - the receiving one must send an ack
MAC addresses are learned from the source MAC of incoming frames. If the destination address is unknown - the frame is flooded out all except the receiving port.
Globally or per-port
1-lowest root bridge ID - 2-lowest root path cost - 3-lowest bridgeID - 4-lowest port ID


24. What are the 5 steps a LAP uses to establish communication with a WLC?
1-LAP gets a DHCP address - 2-LAP learns IP of available WLC - 3-LAP sends a join request to WLC and receives join reply - 4-WLC sends code image - if necessary - 5-Tunnels are created
134 bits
300 sec by default
A TCN BDPU is sent out of the switch's root port. The switch will continue sending TCN's every hello interval until ack'd by upstream neighbor. The root bridge will send a Config BDPU to all switches


25. What happens during HSRP failover?
The redundant SUP is booted and sup and route engine is init'd. No L2 or L3 functions are started. Allows switchports to retain state
0000.0c07.acxx where xx is the group number as a 2-digit hex value
A private VLAN can be logically associated with a special secondary vlan
The standby becomes active and stays active by default. Preemption can be configured


26. What is an insignificant topology change?
Missed beacons - dropped packets (max retry) - weak signal (data rate switches down) - an AP periodicallytries to find a stronger signal
Data goes over native vlan - voice goes over VLAN0 - voice QOS is 802.1p
CEF is distributed across multiple L3 forwarding engines - typically on Catalyst 6500 line cards each having only a subset
A host port goes up or down


27. What are the gotchas for uplinkfast?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


28. Automatically configure STP timers
The number of STP instances needed ot support the desired topologies and whether to map a set of VLANs to each instance
Switching Database Manager - configures and prunes TCAM partitions
Group (0-1023) priority (1-255 higher better def 100)
Use the spanning-tree root macro


29. By default - what submode does PAgP operate in with the desirable and auto modes?
Silent
By sending a gratuitous ARP
1-enable AAA on switch - 2-define RADIUS servers - 3-define authentication method - 4-enable 802.1x on switch - 5-conf. 802.1x ports - 6-allow hosts
Route processor redundancy - redundant sup is partially booted and initialized and must reload module in the switch and init all sup functions


30. If one end of an Etherchannel (either type) is set to on and the channel doesn't form - what should you check?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


31. What does IP source guard do?
They should be an unconditional Etherchannel because the WLC can't negotiate a channel.
Makes use of the DHCP snooping database and static ip source binding entries. If enabled - switch will test addresses
Determines when the AVG will stop using the old VMAC in ARP replies
The port is forced to always authorize any connected client with no authentication necessary (default)


32. What is DSCP codepoint AF21(18)?
Will trunk if asked
Immediate (class 2)
Port stays up - packets from violating MACs dropped - no logging
Needs hardware upgrade over WEP - uses AES encryption


33. What contains the next-hop entries?
FIB
The number of times the CEF table has bee flushed and regenerated as a whole
No
Each physical interface has a different IP address. All physical interfaces point to a virtual interface called the standby address or VIP


34. 802.11a
Disabled - blocking - listening - learning - forwarding
Up to 54Mbps - not cross-compatible - 12 to 23 clean channels - 5.8 Ghz
After another forwarding delay - the port can send and receive data frames - collect MAC addresses - and send and receove BDPUs
Aggregation - high L3 throughput - security and policy based connectivity functions through access lists and packet filters - QoS - scalable high-speed links


35. What is PVST plus (PVST+)?
1/2 and 3/6
The port is forced to always authorize any connected client with no authentication necessary (default)
They disguise the origin of an attack
Allows devices to interoperate with PVST and CST. Can use both dot1q and ISL


36. How does the CEF L3 engine operate?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


37. What is the IEEE standard for STP?
802.1D
To a VLAN and not to a VLAN interface (SVI)
By creating a static IP binding
No


38. What does VTP do?
LACP port priority
Manages addition - deletion and renaming VLANs across the network
1-1005 (1 and 1002-1005 are reserved)
Change in trunk encap


39. At what layer should the WLC be connected?
Another router must have a higher HSRP priority and have preemt set up
The frame tag contains a 3 but portion tagged from 0 (low) to 7 (high)
Distribution
Receives the first packet of a traffic flow and routes it


40. What are the 4 steps in DHCP negotiation?
No because they only participate if asked
Arp for local subnet - if on different subnet - will arp for dgw
When the size of a cell is intentionally reduced
1-client sends DHCP discover as broadcast - 2-DHCP server sends DHCP offer - client sends DHCP Request - DHCP server sends DHCP ack


41. What are the 3 RSTP port types?
The TOS field in the header is used. 2 methods 3 bits or 6 bits
VTP server for domain null with no password or secure mode
Edge - root - and point to point
The total delay from start to finish


42. What is an isolated secondary VLAN?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


43. What is the default MTU?
Reboots and searches for a new WLC
1500B
Half because transmitting and receiving stations use the same frequency
Trusted or untrusted


44. What is unique about HSRP group numbers?
They are locally significant on an interface. HSRP1 on one VLAN is different from HSRP1 on another
Immediate (class 2)
Src-dst-ip
Port stays up - packets from violating MACs dropped - no logging


45. What must you be sure of if AP cells overlap?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


46. What does the standby HSRP router do?
Feature Manager - after the ACL is created - the FM compiles the ACEs into the table
The master router can share the VIP
The port uses 802.1x exchange to move from unauthorized to authorized. Requires app on client
Only the standby monitors the hello messages from the active router


47. What is an autonomous mode AP?
When each AP stands alone within the larger network.
Connects to a host on an isolated or community vlan. Communicates only with promiscuous port or ports on same community vlan
0-255
16 bits (8b port priority - 8b port number)


48. What is RPR?
16 - of which up to 8 are active. The others are in standby
Route processor redundancy - redundant sup is partially booted and initialized and must reload module in the switch and init all sup functions
Half because transmitting and receiving stations use the same frequency
Usually QoS from VOIP but not PC dataa


49. What is the STP Max Age timer?
Roughly 50%
The time interval that a switch stores a DBPU before discarding it. Default 20 seconds
Distribution
Can send and receive BDPUs


50. the static port to vlan membership is handled in _____
An AP's coverage area
The ASIC
300 sec by default
Prevents the dhcp binding DB from being checked.