Reference: Building Cisco Multilayer Switched Networks Ciscopress page 412 Q3.. Reference: Building Cisco Multilayer Switched Networks Ciscopress page 234-235 Q7.. Use the following info
Trang 1
Fravo.com
Certification Made Easy
MCSE, CCNA, CCNP, OCP, CIW, JAVA, Sun Solaris, Checkpoint
World No1 Cert Guides
Trang 2Congratulations!!
You have purchased a Fravo Technologies Study Guide
This study guide is a complete collection of questions and answers that have been developed
by our professional & certified team You must study the contents of this guide properly in order to prepare for the actual certification test The average time that we would suggest you for studying this study guide is approximately 15 to 20 hours and you will surely pass your exam We guarantee it!
GOOD LUCK!
DISCLAIMER
This study guide and/or material is not sponsored by, endorsed by or affiliated
with Microsoft, Cisco, Oracle, Citrix, CIW, CheckPoint, Novell, Sun/Solaris,
CWNA, LPI, ISC, etc All trademarks are properties of their respective owners
Guarantee
If you use this study guide correctly and still fail the exam, send a scanned copy
of your official score notice at: info@fravo.com
We will gladly refund the cost of this study guide or give you an exchange of
study guide of your choice of the same or lesser value
This material is protected by copyright law and international treaties Unauthorized reproduction or distribution of this material, or any portion thereof, may result in severe civil and criminal penalties, and will be prosecuted to the maximum extent possible under law
© Copyrights 1998-2005 Fravo Technologies All Rights Reserved.
http://www.fravo.com
Trang 3Q1 Which feature will put a switch port into the error-disabled state upon receipt of Spanning Tree data messages, requiring a network administrator to manually put the port back in service?
Understanding BPDU Guard
The BPDU guard feature can be globally enabled on the switch or can be enabled per interface, but the feature operates with some differences
At the global level, you can enable BPDU guard on Port Fast-enabled ports by using the
spanning-tree portfast bpduguard default global configuration command Spanning spanning-tree shuts down ports
that are in a Port Fast-operational state In a valid configuration, Port Fast-enabled ports do not receive BPDUs Receiving a BPDU on a Port Fast -enabled port signals an invalid configuration, such
as the connection of an unauthorized device, and the BPDU guard feature puts the port in the error-disabled state
Reference:
http://www.cisco.com/en/US/products/hw/switches/ps5206/products_configuration_guide_chapter09186a008017ff97.html
Q2 Which method of Layer 3 switching uses a forwarding information base (FIB)?
Explanation: Cisco Express Forwarding reindexes the routing table into a new table called a
Forward Information Base (FIB) The FIN is an entry-for-entry match of the routing table that has been reindexed via a binary search algorithm called a Patricia Tree
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 412
Q3 Which are two closely related standards specifically designed for data transmission over fiber optic networks? (Choose two.)
Trang 4Q4 Access Control List (ACL) processing in some Cisco switches is done in hardware What two actions will take place when the hardware reaches capacity to store ACLs? (Choose two.)
A Performance is increased
B Performance is decreased
C Packets are dropped
D Packet filtering will be accomplished
Answer: B, D
Explanation:
Determining if the ACL Configuration Fits in Hardware:
As previously stated, ACL processing in the Catalyst 3550 switch is mostly accomplished in
hardware However, if the hardware reaches its capacity to store ACL configurations, the switch software attempts to fit a simpler configuration into the hardware This simpler configuration does not do all the filtering that has been configured, but instead sends some or all packets to the CPU
to be filtered by software In this way, all configured filtering will be accomplished, but
performance is greatly decreased when the filtering is done in software
Reference:
http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a008007e701.html
Q5 Which well-defined routing protocol would a network administrator configure on multicast routes when member routes are widely dispersed?
A Distance Vector Multicast Routing Protocol (DVMRP)
B Protocol Independent Multicast Dense Mode (PIM-DM)
C Multicast Open Shortest Path First (MOSPF)
D Protocol Independent Multicast Sparse Mode (PIM-SM)
E Core-Based Trees (CBT)
Answer: D
Explanation: Multicast routing protocols fall into two categories: Dense-mode (DM) and mode (SM) DM protocols assume that almost all routers in the network will need to distribute multicast traffic for each multicast group (for example, almost all hosts on the network belong to each multicast group) Accordingly, DM protocols build distribution trees by initially flooding the
Trang 5Sparse-entire network and then pruning back the small number of paths without receivers SM protocols assume that relatively few routers in the network will be involved in each multicast The hosts belonging to the group are widely dispersed, as might be the case for most multicasts in the Internet Therefore, SM protocols begin with an empty distribution tree and add branches only as the result of explicit requests to join the distribution
Reference:
http://www.cisco.com/en/US/tech/tk828/tk363/technologies_white_paper09186a0080092942.shtml
Q6 Drag and drop the type of flow mask used with Multiplayer Switching (MLS) in the options column to the statement that defines its character in the target column
Answer:
Destination- IP - Used when no access list are configured
Source-Destination–IP - Used when standard access list is configured
IP-Flow - Used when extended access list is configured
• IP-Flow: This mode is used if there is an extended access list on any MLS interfaces
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 234-235
Q7 Which QoS technique avoids the problems that occur when tail drops is used as the congestion avoidance mechanism on the router?
Trang 6Reference:
http://www.cisco.com/en/US/products/sw/cscowork/ps2064/products_user_guide_chapter09186a00800e0a04.html
Q8 Which technology manages multicast traffic at Layer 2 by configuring Layer 2 LAN interfaces dynamically to forward multicast only to those interfaces that want to receive it?
Understanding IGMP Snooping
In subnets where you have configured either IGMP (see "Configuring IP Multicast Layer 3
Switching") or the IGMP querier (see the "Enabling the IGMP Querier" section), IGMP snooping manages multicast traffic at Layer 2 by configuring Layer 2 LAN interfaces dynamically to forward multicast traffic only to those interfaces that want to receive it
Reference:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a00800f4ff2.html
Q9 Exhibit:
Trang 7Use the following information from switch SwitchA:
Port Mode Encapsulation Status Native VLAN
fa0/1 desirable n-802.1q trunking 5
Port VLANs is allowed on trunk
From this information contained in the graphic, what is the cause of this problem?
A VLAN 107 does not exist on switch SwitchA
B VTP is pruning VLAN 107
Trang 8C VLAN 107 is not configured on the trunk
D Spanning tree is not enabled on VLAN 107
Answer: D
Q10 Which two table types are CEF components? (Choose two.)
A Forwarding information base
Explanation: There are two Cisco Express Forwarding components:
• Forwarding Information Base
• Adjacency table
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 412
Q11 What is a characteristic of a VLAN map that does not contain a match clause?
A Implicit deny feature at end of list
B Implicit forward feature at end of list
C Can only be implemented by the input direction within the VLAN
D Can only be implemented by the output direction within the VLAN
Answer: A
Explanation: Each VLAN access map can consist of one or more map sequences, each sequence with a match clause and an action clause The match clause specifies IP, IPX, or MAC ACLs for traffic filtering and the action clause specifies the action to be taken when a match occurs When a flow matches a permit ACL entry the associated action is taken and the flow is not checked against the remaining sequences When a flow matches a deny ACL entry, it will be checked against the next ACL in the same sequence or the next sequence If a flow does not match any ACL entry and
at least one ACL is configured for that packet type, the packet is denied
Reference:
http://www.cisco.com/en/US/products/hw/switches/ps700/products_configuration_guide_chapter09186a008007f4d4.html
Q12 As a design rule, what is the maximum time that should be allowed for a voice packet to cross a network?
A 60 milliseconds
B 120 milliseconds
C 150 milliseconds
Trang 9D 210 milliseconds
Answer: C
Explanation: Delay is the time it takes for VoIP packets to travel between two endpoints and you should design networks to minimize this delay However, because of the speed of network links and the processing power of intermediate devices, some delay is expected The human ear normally accepts up to about 150 milliseconds (ms) of delay without noticing problems (the ITU's G.114 standard recommends no more than 150 ms of one-way delay)
Reference:
http://www.cisco.com/en/US/products/sw/iosswrel/ps5014/products_feature_guide09186a00800880e7.html
Q13 What information do CGMP-enabled switches and routers exchange using the CGMP protocol?
A CAM table changes
B Summarized IGMP information
C Multicast join and leave events
D Multicast group to port assignments
Answer: C
Explanation: CGMP is based on a client/server model The router is considered a CGMP server, with the switch taking on the client role The basis of CGMP is that the IP multicast router sees all ICMP packets and therefore can inform the switch when specific hosts join or leave multicast groups The switch then uses this information to construct a forwarding table
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 306
Q14 TACACS+ uses which of the following protocols to communicate?
Reference:
http://www.cisco.com/en/US/tech/tk583/tk547/technologies_tech_note09186a0080094e99.shtml
Trang 10Q15 What are three possible router states of HSRP routers on an LAN? (Choose three.)
of the Active router Although an arbitrary number of routers may run HSRP, only the Active router forwards the packets sent to the virtual router
Reference:
http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a0080094a91.shtml
Q16 A customer’s requirement states that they only need to carry VLANs 1,2,10,20 on a trunk VLANs 1,2,3,4,10,20,50 are currently active in the network Which two of the following commands can be used to accomplish this requirement? (Choose two.)
A switchport trunk allowed vlan add 1,2,10,20
B switchport trunk disallowed vlan add 3,4,50
C switchport trunk disallowed vlan remove 3,4,50
D switchport trunk allowed vlan remove 3,4,50
E switchport trunk allowed vlan except 1,2,10,20
F switchport trunk allowed vlan except 3,4,50
Answer: A, D
Explanation:
switchport trunk allowed vlan vlan_list
The vlan_list format is all | none | [add | remove | except] vlan_atom[,vlan_atom ], where:
• all specifies all VLANs from 1 to 4094 This keyword is not supported on commands that do
not permit all VLANs in the list to be set at the same time
• none indicates an empty list This keyword is not supported on commands that require
certain VLANs to be set or at least one VLAN to be set
• add adds the defined list of VLANs to those currently set, instead of replacing the list
• remove removes the defined list of VLANs from those currently set, instead of replacing the
list
• except lists the VLANs that should be calculated by inverting the defined list of VLANs
described by two VLAN numbers, the lesser one first, separated by a hyphen
Trang 11Reference:
http://www.cisco.com/en/US/products/hw/switches/ps663/products_command_reference_chapter09186a0080144e79.html#1022676
Q17 In a Cisco switch with redundant power supplies of the same wattage, how is the total power available to the switch provided when both supplies are operating normally? (Choose two.)
A Total combined power of both supplies
B Total power of one supply
C Total power required is shared nearly equally by both supplies
D Total power is the sum of one-half of total power of both supplies
Answer: C, D
Explanation: Specifying the redundant keyword enables redundancy In a redundant configuration, the total power drawn from both supplies is at no time greater than the capability of one supply If one supply malfunctions, the other supply can take over the entire system load When you install and turn on two power supplies, each
concurrently provides approximately half of the required power to the system Load sharing and redundancy are enabled automatically; no software configuration is required
Reference:
http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008007e6f6.html
Q18 In the 20/80 model, only 20 percent of traffic remains local to the workgroup LAN, and 80 percent of the traffic leaves the local network Which two factors have contributed to this traffic pattern? (Choose two.)
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 93
Q19 What are four basic security measures that should be implemented on every device at every layer of the hierarchical model? (Choose four.)
Trang 12A Managed remote access
Explanation: The policy to control access to network devices should be one of the first components
of the access policy All devices at every layer of the campus network should have a plan to provide for the following:
• Physical security
• Passwords
• Privilege levels to allow limited access to a network device
• Limiting virtual terminal or telnet access
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 368
Q20 How does a non- Root switch choose its Root Port?
A It chooses the port with the lowest cumulative Root Path Cost to the Root Bridge
B It chooses the port with the highest cumulative Root Path Cost to the Root Bridge
C The port receives an inferior BPDU from a neighboring switch on a shard LAN segment
D The port receives a BPDU announcing a higher Root Path Cost from a neighboring switch on a shared LAN segment
Answer: A
Explanation: The spanning tree Protocol uses the information found in the BPDUs to determine which ports should be forwarding and which should be blocking If costs are equal, the STP reads through BPDU until it finds a parameter that is not equal The lower port ID becomes the
forwarding port, and the higher port ID is placed in a blocked state As the BPDU prepares to leave
a port, it applies a port cost The sum of all the port costs is the path cost Spanning Tree looks first at the path cost to decide which ports should forward and which should block The port that reports the lowest path cost is chosen to forward
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 155
Q21 Which process plays a major role in the creation of the CEF adjacency table?
A Address Resolution Protocol (ARP)
B PDU header rewrite
C NetFlow switching
D Hello packet exchange
Answer: A
Trang 13Explanation: The next step in processing a packet in a Layer 3 device is to determine the Payer 2 information needed to switch the packet to the next hop This Layer 2 information is generally contained in the ARP cache table Cisco Express Forwarding creates a adjacency table to prepend the layer 2 information
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 412
Q22 In the hardware address 0000.0c07.ac0a what does 07.ac represent?
A Vendor code
B HSRP group number
C HSRP router number
D HSRP well-known physical MAC address
E HSRP well-known virtual MAC address
Answer: E
Explanation: HSRP code (HSRP well-known virtual MAC address) – The fact that the MAC address is for an HSRP virtual router is indicated in the next two bytes of the address The HSRP code is always 07.ac
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 268
Q23 IEEE 802.1w RSTP defines which port states?
A Listening, Learning, Forwarding, Blocking, Disabled
B Learning, Forwarding, Discarding
C Learning, Active, Block
D Listening, Forwarding, Active, Blocking
Answer: B
Explanation: There are only three port states left in RSTP, corresponding to the three possible operational states The 802.1d states disabled, blocking, and listening have been merged into a unique 802.1w discarding state
Reference:
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml#subtopic1a
Q24 When a VLAN port configured as a trunk receives an untagged frame, what will happen?
A The frame will be dropped
B The frame will cause an error message to be sent
C The frame will be processed as a native VLAN frame
D The frame will be tagged, then processed as a native VLAN frame
Trang 14Answer: C
Explanation: On an IEEE 802.1Q trunk port, all transmitted and received frames are tagged except for those on the VLAN configured as the native VLAN for the port Frames on the native VLAN are always transmitted untagged and are normally received untagged
Reference:
http://www.cisco.com/en/US/products/hw/optical/ps2006/products_module_configuration_guide_chapter09186a0080154a4a.html
Q25 Which switch command enables a trunking protocol that appends a four byte CRC to the packet?
A Switch(config-if)#switchport trunk encapsulation dot1q
B Switch(config-if)#switchport trunk encapsulation itef
C Switch(config-if)#switchport trunk encapsulation fddi
D Switch(config-if)#switchport trunk encapsulation isl
Answer: D
Explanation: ISL is made up of three major components:a header, the original Ethernet frame, and
a frame check sequence (FCS) at the end With ISL, an Ethernet frame is encapsulated with a header that transports VLAN IDs between switches and routers The 26-byte header containing a 10-bit VLAN ID is added to each frame In addition, a 4-byte tail is added to the frame to perform a cyclic redundancy check (CRC) This CRC is in addition to any frame checking that the Ethernet frame performs
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 99
Q26 What are three dense- mode multicast routing protocols? (Choose three.)
Explanation: Dense mode routing protocols include the following:
• Distance Vector Multicast Routing Protocol (DVMRP)
• Multicast Open Shortest Path First (MOSPF)
• Protocol-Independent Multicast Dense Mode (PIM DM)
Reference: Building Cisco Multilayer Switched Networks (Ciscopress) page 313
Trang 15Q27 Which three of the following passwords require encryption with the service
password-encryption command to avoid transmission in clear text? (Choose three)
• To set a local password to control access to various privilege levels, use the enable
password command in global configuration mode Use the no form of this command to
remove the password requirement
• To set the privilege level for a command, use the privilege level (global) command in configuration mode Use the no form of this command to revert to default privileges for a
Q28 Which technology model allows a customer’s LAN traffic to be carried on a single VLAN across multiple service provider networks?
manageability requirements of private networks Tunneling is a feature designed for service
providers who carry traffic of multiple customers across their networks and are required to
maintain the VLAN and Layer 2 protocol configurations of each customer without impacting the traffic of other customers The ML-Series cards support IEEE 802.1Q tunneling and Layer 2 protocol tunneling
Reference:
http://www.cisco.com/en/US/products/hw/optical/ps2006/products_module_configuration_guide_chapter09186a008014f544.html#19505
Trang 16Q29 What command will specify IEEE 802.1Q as the encapsulation method for a trunked port on a Cisco IOS switch?
A Switch(config-if)#switchport trunk encapsulation dot1q
B Switch(config-if)#switchport trunk encapsulation isl
C Switch(config-if)#switchport encapsulation dot1q
D Switch(config)#switchport 0/1 trunk encapsulation isl
Answer: A
Explanation:
Ethernet Trunk Encapsulation Types:
• switchport trunk encapsulation isl - Specifies ISL encapsulation on the trunk link
• switchport trunk encapsulation dot1q - Specifies 802.1Q encapsulation on the trunk
link
• switchport trunk encapsulation negotiate - Specifies that the interface negotiate with
the neighboring interface to become an ISL (preferred) or 802.1Q trunk, depending on the configuration and capabilities of the neighboring interface
The trunking mode, the trunk encapsulation type, and the hardware capabilities of the two
connected interfaces determine whether a link becomes an ISL or 802.1Q trunk
Reference:
http://www.cisco.com/en/US/products/hw/switches/ps700/products_configuration_guide_chapter09186a008007f659.html
Q30 In a customer’s network, VLAN Trunking Protocol (VTP) is running with a domain named main1 VLANs 1,2,3,4,5,10,20 are active on the network Suddenly the whole network goes down
No traffic is being passed on VLANs 2,3,4,5,10,10, however traffic passes on VLAN 1 and indicates all switches are operational Right before the network problem occurred, a switch named SWITCH1 was added to the network
What three configuration issues on SWITCH1 could be causing the network outage? (Choose
three.)
A SWITCH1 is configured as a VTP server with a different domain name
B SWITCH1 is not configured to participate in VTP
C SWITCH1 is configured as a VTP server with the domain name main1
D SWITCH1 has a lower VTP configuration revision than the current VTP revision
E SWITCH1 has a higher VTP configuration revision than the current VTP revision
F SWITCH1 is configured with only VLAN1
Answer: A, B, F
Q31 A company has just purchased a new Catalyst 2950 layer switch for their parts department The switch needs to have the passwords to secure access to the device's privileged EXEC mode, the five VTY sessions and to the console All passwords will need to be encrypted so that they are unable to be read when viewing the configuration The switch also requires that only the
Trang 17management VLAN (VLAN1) have access to the switch via Telnet The management VLAN1 has already been configured
Management VLAN IP address: 192.168.54.12/24
The passwords to be set are listed below
Console: cisco
Privilege EXEC: cisco33
VTY sessions: cisco66
To configure the switch click on the host icon that is connected to a switch by a serial console cable
Answer: Unavailable