CCNP Switch Deck

Instructions:

• Answer 50 questions in 15 minutes.
• If you are not ready to take this test, you can study here.
• Match each statement with the correct term.
• Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. When DHCP snooping is turned on - by default - it considers all ports ______
Enables portfast - sets the port to access and disables PAgP
Yes
Untrusted
1-ID link path costs - 2-ID roodt bridge - 3-select root port (1/switch) - 4-select designated port (1/segment) - 5-ID blocking port


2. What are the gotchas for uplinkfast?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


3. What is Per VLAN STP (PVST)?
Interim solution - uses same hardware as WEP - but uses TKIP encryption
On by default
Cisco proprietary. 1 instance of STP/VLAN. Requires ISL instead of dot1q
After forwarding delay - port can learn new MAC addresses


4. How many users should be within a switch block?
Value - mask - and result (VMR) combinations
Roughly 2000
All ports where root isn't expected
Switch(config-if)# standby xx where x= group number


5. What is an untrusted port under dhcp snooping?
Via an 802.1Q trunk or a single VLAN access port
MAC addresses are learned from the source MAC of incoming frames. If the destination address is unknown - the frame is flooded out all except the receiving port.
Any dhcp reply coming from an untrusted port is discarded and the offending port is put in errdisable
Yes to both


6. What does the standby HSRP router do?
That they aren't using the same frequencies.
FE and GE
1-ID link path costs - 2-ID roodt bridge - 3-select root port (1/switch) - 4-select designated port (1/segment) - 5-ID blocking port
Only the standby monitors the hello messages from the active router


7. What is DSCP codepoint AF21(18)?
Used to switch packets that can't be forwarded normallly due to an encapsulation failure - unresolved address - unsupported protocol - etc.
Immediate (class 2)
CEF is distributed across multiple L3 forwarding engines - typically on Catalyst 6500 line cards each having only a subset
By using a hash of a key string


8. What is an isolated secondary VLAN?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


9. How does HSRP port tracking work?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


10. What is an indirect topology change?
The link status stays up - but something between them has failed or is filtering traffic
0-65535 (def 32768) lower=better
Trunk - dynamic auto - dynamic desireable (default)
Between interfaces that are assigned to L2 VLANs or L2 trunks


11. What are the RSTP port states?
Set the native VLAN of a trunk to a bogus or unused VLAN ID then prune the native VLAN off both ends of the trunk
Port with best root path cost
Discarding - learning - forwarding
One that can be detected on a switch interface (ie. Up/down)


12. can root guard and udld be used together?
Group (0-1023) priority (1-255 higher better def 100)
Yes
The station can transmit immediately and wait for an ack
Source IP - dest IP - combination of source and dest IP - source and dest MAC - or TCP/UDP port numbers


13. What is errdisable pagp-flap?
Etherchannel ports have inconsistent config
134 bits - consisting of source and destination addresses and protocol information from the packet or frame
Bridge priority and MAC
Isolated and community


14. What is the port number range?
0-255
The DCF interframe space- the random backoff time before a wireless set can transmit
Almost eliminates listening and learning states for single hosts on an access link
Access


15. What does the version number indicate when looking at CEF entries?
The number of times the entry has been updated since the table was generated
1- root bridge is elected - 2-the state of eery switch port in the STP domain must be brought from blocking state to the appropriate state
First configure a L3 interface in same VLAN as clients - then use the ip helper-address command to ID the DHCP server
Incoming frames dropped - but MACs learned


16. What is the DIFS?
L2
The DCF interframe space- the random backoff time before a wireless set can transmit
The time that a port spends in both listening and learning states . Default 15 seconds
1-ID link path costs - 2-ID roodt bridge - 3-select root port (1/switch) - 4-select designated port (1/segment) - 5-ID blocking port


17. How does NSF work?
Incoming frames are dropped (combination of disabled - blocking - and listening)
With portfast
Gets assistance from other NSF-aware neighbors. NSF features need to be built into the routing protocols on router needing and providing assistance
10-15%


18. How is an RSTP edge port configured
Data goes over native vlan - voice goes over VLAN0 - voice QOS is 802.1p
A VLAN that spans the entire fabric
The campus network's backbone
With portfast


19. What is a CEF punt?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


20. What is a LACP priority?
5 (0-4 with 4 being the highest)
The priority is a 2 byte value followed by the MAC that decides which ports are actively participating in Etherchannel (lower=higher priority)
Used to switch packets destined for the null interface
All ARP packets that arrive on untrusted ports are inspected.


21. What is the LACP priority range?
1-65535 (def 32768) lower priority - higher probability
1-lowest root bridge ID - 2-lowest root path cost - 3-lowest bridgeID - 4-lowest port ID
The same as a standby group in HSRP
Trunk


22. Can two switches in the auto(PAgP) or passive (LACP) mode create a channel? Why?
Trunk - dynamic auto - dynamic desireable (default)
Use sh interface on the interface and look for error counts > 10
No because they only participate if asked
The number of times the entry has been updated since the table was generated


23. What are dynamic VLANs based on?
Src-ip - dst-ip - src-dst-ip - src-mac - dst-mac - src-dst-mac - src-port - dst-port - src-dst-port
2 seconds
MAC of the end device
Both ends should be on because on modes doesn't send PAgP or LACP packets


24. What is the size of ISL encapsulation?
Value - mask - and result (VMR) combinations
26-byte header - 4-byte trailer with CRC
Needs hardware upgrade over WEP - uses AES encryption
That they aren't using the same frequencies.


25. unknown unicast flooding
MAC addresses are learned from the source MAC of incoming frames. If the destination address is unknown - the frame is flooded out all except the receiving port.
Yes to both
1-ID link path costs - 2-ID roodt bridge - 3-select root port (1/switch) - 4-select designated port (1/segment) - 5-ID blocking port
802.1w


26. How does RSTP identify a topology change?
Sets the switchport mode to access - enables portfast - and turns off channel grouping for the port
A private VLAN can be logically associated with a special secondary vlan
Up to 54Mbps - not cross-compatible - 12 to 23 clean channels - 5.8 Ghz
Only when a nonedge port transitions to forwarding


27. the static port to vlan membership is handled in _____
The ASIC
Admin down
Real-time functions such as beacons and probes - encryption and interactions with the client at L2
Port with best root path cost on segment


28. What is the cost of a 1Gbps link?
4
Silent
1- enable MST - 2-enter MST config mode - 3-assign region name and region configuration rev - 4-map vlans to an MSTI - 5-show pending changes - 6- commit by exiting
If three are missed in a row - the neighbor is considered down and the data for that neighbor is aged


29. What address does HSRP send hello packets to?
Used when ACLs specify port ranges...used by TCAM
224.0.0.2 (all routers)
Receives the first packet of a traffic flow and routes it
A packet can't be switched in hardware with the FIB and must go to the L3 engine


30. What is an insignificant topology change?
Configure non-silent submode
Port is forced to never authorize any connected client
No because they only participate if asked
A host port goes up or down


31. What are the 3 unlicensed frequencies?
900 MHz - 2.4Ghz - and 5-6GHz
Root - designated - blocking - alternate - forwarding (host)
224.0.0.2 (all routers)
LWAPP (Cisco proprietary) and CAP-WAP (standards based)


32. How does dot1q do trunking?
Only for the offending VLAN on the port
Embeds the tag within the frame
Source IP - dest IP - combination of source and dest IP - source and dest MAC - or TCP/UDP port numbers
Distribution layer


33. What is a vlan?
The point at which a switch decides to trust incoming Qos. Usually at boundary with ISP
A single broadcast domain
From the DHCP snooping database or from static entries
They disguise the origin of an attack


34. What is the STP learning state?
Every switch and router in a network must be configured with appropriate QoS features and policies
Port with best root path cost
After forwarding delay - port can learn new MAC addresses
Only a single host connects . If one BDPU is received - it is no longer an edge port


35. How often are VRRP advertisements sent?
1 second. Backup routers can learn the interval from the master
Value - mask - and result (VMR) combinations
Every hello interval regardless of whether BDPUs are received from root - allowing any switch to take an active role maintaining the topology
Trunk - dynamic auto - dynamic desireable (default)


36. What is the 80/20 rule?
Port with best root path cost
A point to point port type
80% of the user traffic should stay in the VLAN
A point to point port type but the neighboring device runs traditional 802.1D STP


37. What must you be sure of if AP cells overlap?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


38. What is the VRRP skew time?
Multicast to 01-80-c2-00-00-00
Yes to both
Hold time is 3xhello. A skew time of 256ms-routerpriority)/256ms is added
When a client roams between Aps in different subnets


39. What does MSTP do?
Used when there are 1 or more VLANs mapped to a single STP instance
A point to point port type but the neighboring device runs traditional 802.1D STP
FIB
Either desirable or auto mode


40. RSTP BPDU structure
Using a single WAP to centralize access and control over a group of wireless devices.
Low cost - high density ports - multiple scalable uplinks - vlans - traffic and protocol filtering and QoS
1- enable qos - 2-define qos parameters to be trusted - 3-make trust conditional - 4-instruct IP phone how to extnd boundary
Some unused bits are used to allow a port to identify its role and state. Also the BDPUs state that they are V2 BDPUs


41. can root guard and bdpu guard be used together?
No
Notifies upstream neighbors by sending multicasts on behalf of hosts at the interval of the max update rate parameter.
Real-time functions such as beacons and probes - encryption and interactions with the client at L2
Arp for local subnet - if on different subnet - will arp for dgw


42. If you want IP source guard to detect spoofed MAC addresses - what must you do?
Switch(config-if)# standby xx where x= group number
A VLAN that spans the entire fabric
16 - IST gets MSTI 0 - 1-15 are available for use. MSTIs are locally significant to the MST region
Turn on port security


43. What is an IST instance?
A router keeps a routing table and an ARP table. The FIB combines them for every next-hop entry
FE - GE - and aggregated FE/GE Etherchannels
Within a single MST region - an IST instances runs to work out a loop free topology between links where CST meets the region boundary and all switches in the region. It runs at the boundary.
Receives the first packet of a traffic flow and routes it


44. What is an MST instance?
Another router must have a higher HSRP priority and have preemt set up
802.11
Bridge priority and MAC
The MST instance (MSTI) runs alongside the IST and represents an STP instance


45. What's the easiest way to configure GLBP timers?
Globally
They must be carried over a voice VLAN (VVID) or over a regular data VLAN (ie. The native VLAN or the PVID)
FE - GE - and aggregated FE/GE Etherchannels
Configure the timer on the AVG and let it propagate


46. What is UDLD aggressive mode?

Warning: Invalid argument supplied for foreach() in /var/www/html/basicversity.com/show_quiz.php on line 183


47. What are the caveats for HSRP port tracking?
Another router must have a higher HSRP priority and have preemt set up
When a port moves into forwarding or from fowarding or learning to blocking.
Forces the router to wait for a period of time after the switch is reloaded before attempting to overthrow
The station must wait until the frame in progress has completed - then wait a random amount of time before transmitting


48. How can BDPU Guard be configured?
Globally or per-port
5 (0-4 with 4 being the highest)
Distribution layer
Configure the timer on the AVG and let it propagate


49. How is a WLC handoff handled when the WLCs are in different subnets?
1-ID link path costs - 2-ID roodt bridge - 3-select root port (1/switch) - 4-select designated port (1/segment) - 5-ID blocking port
By using an Ether-IP tunnel
Either desirable or auto mode
2 seconds


50. What is differentiated services model QOS?
Gets assistance from other NSF-aware neighbors. NSF features need to be built into the routing protocols on router needing and providing assistance
It is enabled by default on all CEF capable switches
On by default
Each network device handles packets individually with no advance reservations