Basic Questions: Answer

Basic Questions
Question 1
Which network topology allows all traffic to flow through a central hub?
A. bus
B. star
C. mesh
D. ring
Answer: B
Explanation
Star topology is the most popular topology for the network which allows all traffic to flow through a
central device.
Question 2
What is true about Ethernet? (Choose two)

A. 802.2 Protocol
B. 802.3 Protocol
C. 10BaseT half duplex
D. CSMA/CD stops transmitting when congestion occurs
E. CSMA/CA stops transmitting when congestion occurs
Answer: B D
Explanation
Carrier sense multiple access with collision detection (CSMA/CD) is a media access control method
used most notably in early Ethernet (IEEE 802.3) technology for local area networking. When collision
detection (CD) observes a collision (excess current above what it is generating, i.e. > 24 mA for
coaxial Ethernet), it stops transmission immediately and instead transmits a 32-bit jam sequence.
Note: CSMA/CA (Carrier Sense Multiple Access/Collision Avoidance) is a protocol for carrier
transmission used in wireless networks. Unlike CSMA/CD (Carrier Sense Multiple Access/Collision
Detect) which deals with transmissions after a collision has occurred, CSMA/CA acts to prevent
collisions before they happen.
Question 3
If a router has 3 hosts connected in one port and two other hosts connected in another port, how may
broadcast domains are present on the router?
A. 5
B. 2
C. 3
D. 4
Answer: B
Explanation
Each port of a router is a broadcast domain. This router has 2 ports so it has 2 broadcast domains.
Question 4
On which type of device is every port in the same collision domain?

A. a router
B. a Layer 2 switch
C. a hub
Answer: C
Question 5
Which MTU size can cause a baby giant error?

A. 1500
B. 9216
C. 1600
D. 1518
Answer: D
Explanation
Ethernet frame size refers to the whole Ethernet frame, including the header and the trailer while MTU
size refers only to Ethernet payload. Baby giant frames refer to Ethernet frame size up to 1600 bytes,
and jumbo frame refers to Ethernet frame size up to 9216 bytes (according to this
link: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-4000-series-switches/29805-
175.html)
For example, standard Ethernet frame MTU is 1500 bytes. This does not include the Ethernet header
and Cyclic Redundancy Check (CRC) trailer, which is 18 bytes in length, to make the total Ethernet
frame size of 1518.
So according to strict definition, MTU size of 1600 cannot be classified as baby giant frames as the
whole Ethernet frames will surely larger than 1600 -> Answer C is not correct.
Answer D is a better choice as the MTU is 1518, so the whole Ethernet frame would be 1536 (1518 +
18 Ethernet header and CRC trailer). This satisfies the requirement of baby giant frames “Baby giant
frames refer to Ethernet frame size up to 1600 bytes”.
Question 6
What are three characteristics of the TCP protocol? (Choose three)

A. The connection is established before data is transmitted.
B. It uses a single SYN-ACK message to establish a connection.
C. It ensures that all data is transmitted and received by the remote device.
D. It uses separate SYN and ACK messages to establish a connection.
E. It supports significantly higher transmission speeds than UDP.
F. It requires applications to determine when data packets must be retransmitted.
Answer: A C D
Explanation
To understand more about TCP please read our TCP and UDP tutorial.
Note: Answer F is not correct because TCP does not require applications to determine the
retranmission. TCP itself will determine if the data packets should be retransmitted or not.
Question 7
Which of the following statements describe the network shown in the graphic? (Choose two)
A. There are two broadcast domains in the network.

B. There are four broadcast domains in the network.
C. There are six broadcast domains in the network.
D. There are four collision domains in the network.
E. There are five collision domains in the network.
F. There are seven collision domains in the network.
Answer: A F
Explanation
Only router can break up broadcast domains so in the exhibit there are 2 broadcast domains: from e0
interface to the left is a broadcast domain and from e1 interface to the right is another broadcast
domain -> A is correct.
Both router and switch can break up collision domains so there is only 1 collision domain on the left of
the router (because hub doesn’t break up collision domain) and there are 6 collision domains on the
right of the router (1 collision domain from e1 interface to the switch + 5 collision domains for 5 PCs
in Production) -> F is correct.
Question 8
A network interface port has collision detection and carrier sensing enabled on a shared twisted pair
network. From this statement, what is known about the network interface port?
A. This is a 10 Mb/s switch port.
B. This is a 100 Mb/s switch port.
C. This is an Ethernet port operating at half duplex.
D. This is an Ethernet port operating at full duplex.
E. This is a port on a network interface card in a PC.
Answer: C
Explanation
Modern Ethernet networks built with switches and full-duplex connections no longer utilize CSMA/CD.
CSMA/CD is only used in obsolete shared media Ethernet (which uses repeater or hub).
Question 9
If there are 3 hosts connected in one port of a switch and two other hosts connected in another port,
how many collision domains are present on the router?
A. 5
B. 2
C. 3
D. 4
Answer: B
Explanation
Each port of a switch is a separate collision domain. This switch uses two ports (for 5 hosts) so there
are two collision domains in total.
Question 10
What are contained in Layer 2 Ethernet frame? (Choose three)

A. Preamble
B. TTL
C. Type/length
D. Frame check sequence
E. version
F. others
Answer: A C D
Explanation
At the end of each frame there is a Frame Check Sequence (FCS) field. FCS can be analyzed to
determine if errors have occurred. FCS uses cyclic redundancy check (CRC) algorithm to detect errors
in the transmitted frames. Before sending data, the sending host generates a CRC based on the
header and data of that frame. When this frame arrives, the receiving host uses the same algorithm to
generate its own CRC and compare them. If they do not match then a CRC error will occur.
Preamble is used to indicate the start of the frame by arranging the first 62 bits as alternating “1/0s”
and the last two bits as “1”s. Like so, 010101010101010………………………10101011. Therefore when the
receiving end sees the “11” it knows where the actual Ethernet header starts. The alternating 1s and
0s will also allow the two endpoints to sync their internal clocks. In summary, preamble is used for
synchronization.
The “Type/Length” field is used to indicate the “Type”of the payload (Layer 3 protocol) which is
indicated as a Hexadecimal value.
Note: Ethernet II uses “Type” while the old Ethernet version use “Length”
Question 11
What interconnection cable can you use when you use a MDI connection?
A. cut-through
B. straight-through
C. crossover
D. rollover
Answer: C
Explanation
MDI stands for “Medium Dependent Interface”. MDI is a type of Ethernet port found on network
devices. When connecting two devices with MDI ports (two hosts, for example) an Ethernet crossover
cable is required. The crossover cable switches the send and receive ports on the two connectors,
allowing data to flow correctly between two MDI ports.
Question 12
For what two purposes does the Ethernet protocol use physical addresses? (Choose two)
A. to uniquely identify devices at Layer 2
B. to allow communication with devices on a different network
C. to differentiate a Layer 2 frame from a Layer 3 packet
D. to establish a priority system to determine which device gets to transmit first
E. to allow communication between different devices on the same network
F. to allow detection of a remote device when its physical address is unknown
Answer: A E
Explanation
Physical addresses or MAC addresses are used to identify devices at layer 2 -> A is correct.
MAC addresses are only used to communicate on the same network. To communicate on different
network we have to use Layer 3 addresses (IP addresses) -> B is not correct; E is correct.
Layer 2 frame and Layer 3 packet can be recognized via headers. Layer 3 packet also contains
physical address -> C is not correct.
On Ethernet, each frame has the same priority to transmit by default -> D is not correct.
All devices need a physical address to identify itself. If not, they can not communicate -> F is not
correct.
Question 13
In an Ethernet network, under what two scenarios can devices transmit? (Choose two)
A. when they receive a special token
B. when there is a carrier
C. when they detect no other devices are sending
D. when the server grants access
E. when the medium is idle
Answer: C E
Question 14
How many broadcast domains are shown in the graphic assuming only the default VLAN is configured
on the switches?
A. one
B. six
C. twelve
D. two
Answer: A
Explanation
Only router can break up broadcast domains but in this exhibit no router is used so there is only 1
broadcast domain.
For your information, there are 7 collision domains in this exhibit (6 collision domains between hubs &
switches + 1 collision between the two switches).
Question 15
Which type of cable must you use to connect two device with MDI interfaces?
A. rolled
B. crossover
C. crossed
D. straight through
Answer: B
Explanation
Use an Ethernet straight-through cable to connect an medium dependent interface (MDI) to an MDI-X
port. Use a cross-over cable to connect an MDI to an MDI port, or an MDI-X to an MDI-X port.
Reference: https://www.cisco.com/c/en/us/td/docs/security/asa/hw/maintenance/5505guide/ASA550
5HIG/pinouts.html
Note: MDI/MDIX is a type of Ethernet port connection using twisted pair cabling.
Question 16
Which statement about upgrading a Cisco IOS device with TFTP server?
A. the operation is performed in active mode
B. the operation is performed in unencrypted format
C. the operation is performed in passive mode
D. the Cisco IOS device must be on the same LAN as the TFTP server
Answer: B
Explanation
In the “Access Routers Software Upgrade Procedures”

(https://www.cisco.com/c/en/us/support/docs/routers/3800-series-integrated-services-
routers/49044-sw-upgrade-proc-ram.html) at step 5:
Step 5: Verify that the TFTP Server has IP Connectivity to the Router
The TFTP server must have a network connection to the router and must be able to ping the IP
address of the router targeted for a TFTP software upgrade. In order to achieve this connection, the
router interface and the TFTP server must have an IP address in the same range or a default
gateway configured -> The TFTP server does not need to be on the same LAN with the Cisco device.
Answer B is a reasonable choice although the word “unencrypted format” is unclear. Maybe this
answer means “the operation is performed over an unencrypted protocol”.
Question 17
Which two options are fields in an Ethernet frame? (Choose two)

A. frame check sequence
B. header
C. source IP address
D. destination IP address
E. type
Answer: A E
Explanation
At the end of each frame there is a Frame Check Sequence (FCS) field. FCS can be analyzed to
determine if errors have occurred. FCS uses cyclic redundancy check (CRC) algorithm to detect errors
in the transmitted frames. Before sending data, the sending host generates a CRC based on the
header and data of that frame. When this frame arrives, the receiving host uses the same algorithm to
generate its own CRC and compare them. If they do not match then a CRC error will occur.
The “Type/Length” field is used to indicate the “Type”of the payload (Layer 3 protocol) which is
indicated as a Hexadecimal value.
Note: Ethernet II uses “Type” while the old Ethernet version use “Length”
OSI TCP/IP Model Questions
Question 1
Which statements correctly describe steps in the OSI data encapsulation process?
A. The transport layer divides a data stream into segments and may add reliability and flow control
information.
B. The data link layer adds physical source and destination addresses and an FCS to the segment.
C. Packets are created when the network layer encapsulates a frame with source and destination host
addresses and protocol-related control information.
D. Packets are created when the network layer adds Layer 3 addresses and control information to a
segment.
E. The presentation layer translates bits into voltages for transmission across the physical link.
Answer: A D
Explanation
The transport layer segments data into smaller pieces for transport. Each segment is assigned a
sequence number, so that the receiving device can reassemble the data on arrival.
The transport layer also use flow control to maximize the transfer rate while minimizing the
requirements to retransmit. For example, in TCP, basic flow control is implemented by
acknowledgment by the receiver of the receipt of data; the sender waits for this acknowledgment
before sending the next part.
-> A is correct.
The data link layer adds physical source and destination addresses and an Frame Check Sequence
(FCS) to the packet (on Layer 3), not segment (on Layer 4) -> B is not correct.
Packets are created when network layer encapsulates a segment (not frame) with source and
destination host addresses and protocol-related control information. Notice that the network layer
encapsulates messages received from higher layers by placing them into datagrams (also called
packets) with a network layer header -> C is not correct.
The Network layer (Layer 3) has two key responsibilities. First, this layer controls the logical
addressing of devices. Second, the network layer determines the best path to a particular destination
network, and routes the data appropriately.
-> D is correct.
The Physical layer (not presentation layer) translates bits into voltages for transmission across the
physical link -> E is not correct.
Question 2
What layer of the OSI Model is included in TCP/IP Model’s INTERNET layer?
A. Application
B. Session
C. Data Link
D. Presentation
E. Network
Answer: E
Explanation
The Internet Layer in TCP/IP Model is equivalent to the Network Layer of the OSI Model.
Question 3
Where does routing occur within the DoD TCP/IP reference model?
A. application
B. internet
C. network
D. transport
Answer: B
Explanation
The picture below shows the comparison between TCP/IP model & OSI model. Notice that the Internet
Layer of TCP/IP is equivalent to the Network Layer which is responsible for routing decision.
Question 4
Which of the following correctly describe steps in the OSI data encapsulation process? (Choose two)
A. The transport layer divides a data stream into segments and may add reliability and flow control
information.
B. The data link layer adds physical source and destination addresses and an FCS to the segment.
C. Packets are created when the network layer encapsulates a frame with source and destination host
addresses and protocol-related control information.
D. Packets are created when the network layer adds Layer 3 addresses and control information to a
segment.
E. The presentation layer translates bits into voltages for transmission across the physical link.
Answer: A D
Explanation
The Transport Layer segments data into smaller pieces for transport. Each segment is assigned a
sequence number, so that the receiving device can reassemble the data on arrival.
The Transport Layer also uses flow control to maximize the transfer rate while minimizing the
requirements to retransmit. For example, in TCP, basic flow control is implemented by
acknowledgment by the receiver of the receipt of data; the sender waits for this acknowledgment
before sending the next part.
-> A is correct.
The Data Link Layer adds physical source and destination addresses and an Frame Check Sequence
(FCS) to the packet (on Layer 3), not segment (on Layer 4) -> B is not correct.
Packets are created when network layer encapsulates a segment (not frame) with source and
destination host addresses and protocol-related control information. Notice that the network layer
encapsulates messages received from higher layers by placing them into datagrams (also called
packets) with a network layer header -> C is not correct.
The Network Layer (Layer 3) has two key responsibilities. First, this layer controls the logical
addressing of devices. Second, the network layer determines the best path to a particular destination
network, and routes the data appropriately.
-> D is correct.
The Physical Layer (not Presentation Layer) translates bits into voltages for transmission across the
physical link -> E is not correct.
Question 5
Which layer in the OSI reference model is responsible for determining the availability of the receiving
program and checking to see if enough resources exist for that communication?
A. transport
B. network
C. presentation
D. session
E. application
Answer: E
Question 6
Which networking technology is currently recognized as the standard for computer networking?
A. System network architecture
B. Transmission control protocol/Internet protocol
C. Open system Interconnect
D. Open network architecture
Answer: B
Question 7
Which three encapsulation layers in the OSI model are combined into the TCP/IP application layer?
(Choose three)
A. Session
B. Transport
C. Presentation
D. Application
E. Data-link
F. Network
Answer: A C D
Explanation
The Internet Layer in TCP/IP Model is equivalent to the Network Layer of the OSI Model.
The first three layers of the OSI Model (Application, presentation and Session Layers) are merged into
the Application Layer in the TCP/IP Model.
Cloud & Virtual Services
Question 1
Which option is the benefit of implementing an intelligent DNS for a cloud computing solution?
A. It reduces the need for a backup data center.
B. It can redirect user requests to locations that are using fewer network resources.
C. It enables the ISP to maintain DNS records automatically.
D. It eliminates the need for a GSS.
Answer: B
Question 2
What are the three major components of Cisco network virtualization? (Choose three)
A. network access control
B. path isolation
C. virtual network services
D. policy enforcement
Answer: A B C
Explanation
Network virtualization architecture has three main components:

+ Network access control and segmentation of classes of users: Users are authenticated and either
allowed or denied into a logical partition. Users a
re segmented into employees, contractors and consultants, and guests, with respective access to IT
assets. This component identifies users who are authorized to access the network and then places
them into the appropriate logical partition.
+ Path isolation: Network isolation is preserved across the entire enterprise: from the edge to the
campus to the WAN and back again. This component maintains traffic partitioned over a routed
infrastructure and transports traffic over and between isolated partitions. The function of mapping
isolated paths to VLANs and to virtual services is also performed in component.
+ Network Services virtualization: This component provides access to shared or dedicated network
services such as security, quality of service (QoS), and address management (Dynamic Host
Configuration Protocol [DHCP] and Domain Name System [DNS]). It also applies policy per partition
and isolates application environments, if required.
Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-
switches/white_paper_c11-531522.pdf
Question 3
Which three technical services support cloud computing?

A. network-monitored power sources
B. layer 3 network routing
C. ip localization
D. redundant connections
E. VPN connectivity
F. extended SAN services
Answer: D E F
Question 4
Which major component of the network virtualization architecture isolate users according to policy?
A. policy enforcement
B. network access control
C. network services virtualization
D. other
Answer: B
Explanation
Network virtualization architecture has three main components:

+ Network access control and segmentation of classes of users: Users are authenticated and
either allowed or denied into a logical partition. Users are segmented into employees,
contractors and consultants, and guests, with respective access to IT assets. This component identifies
users who are authorized to access the network and then places them into the appropriate logical
partition.
+ Path isolation: Network isolation is preserved across the entire enterprise: from the edge to the
campus to the WAN and back again. This component maintains traffic partitioned over a routed
infrastructure and transports traffic over and between isolated partitions. The function of mapping
isolated paths to VLANs and to virtual services is also performed in component.
+ Network Services virtualization: This component provides access to shared or dedicated network
services such as security, quality of service (QoS), and address management (Dynamic Host
Configuration Protocol [DHCP] and Domain Name System [DNS]). It also applies policy per partition
and isolates application environments, if required.
switches/white_paper_c11-531522.pdf
WAN Questions
Question 1
Which command can you enter to determine whether serial interface 0/2/0 has been configured using
HDLC encapsulation?
A. router#show platform
B. router#show ip interface s0/2/0
C. router#show interfaces Serial 0/2/0
D. router#show ip interface brief
Answer: C
Explanation
An example of the output of the “show interface serial …” command is shown below. We can see the
line “Encapsulation HDLC”.
Question 2
Which Layer 2 protocol encapsulation type supports synchronous and asynchronous circuits and has
built-in security mechanisms?
A. X.25
B. HDLC
C. PPP
D. Frame Relay
Answer: C
Explanation
PPP supports both synchronous (like analog phone lines) and asynchronous circuits (such as ISDN or
digital links). With synchronous circuits we need to use clock rate.
Note: Serial links can be synchronous or asynchronous. Asynchronous connections used to be only
available on low-speed (<2MB) serial interfaces, but now, there are the new HWICs (High-Speed WAN
Interface Cards) which also support asynchronous mode. To learn more about them please
visit http://www.cisco.com/en/US/prod/collateral/modules/ps5949/ps6182/prod_qas0900aecd802744
24.html.
Question 3
Which statements about using leased lines for your WAN infrastructure are true?
A. Leased lines provide inexpensive WAN access.
B. Leased lines with sufficient bandwidth can avoid latency between endpoints.
C. Leased lines require little installation and maintenance expertise.
D. Leased lines provide highly flexible bandwidth scaling.
E. Multiple leased lines can share a router interface.
F. Leased lines support up to T1 link speeds.
Answer: B C
Explanation
The advantages of leased lines include:

+ Simplicity: Point-to-point communication links require minimal expertise to install and
maintain.
+ Quality: Point-to-point communication links usually offer high service quality, if they have adequate
bandwidth. The dedicated capacity removes latency or jitter between the endpoints.
+ Availability: Constant availability is essential for some applications, such as e-commerce. Point-to-
point communication links provide permanent, dedicated capacity, which is required for VoIP or Video
over IP.
The disadvantages of leased lines include:

+ Cost: Point-to-point links are generally the most expensive type of WAN access. The cost of leased
line solutions can become significant when they are used to connect many sites over increasing
distances. In addition, each endpoint requires an interface on the router, which increases equipment
costs.
+ Limited flexibility: WAN traffic is often variable, and leased lines have a fixed capacity, so
that the bandwidth of the line seldom matches the need exactly (therefore answer D is not
correct). Any change to the leased line generally requires a site visit by ISP personnel to adjust
capacity.
(Reference: Connecting Networks Companion Guide Book published by Cisco Networking Academy –
Page 54)
Question 4
Two routers named Atlanta and Brevard are connected by their serial interfaces as illustrated, but
there is no connectivity between them. The Atlanta router is known to have a correct configuration.
Given the partial configurations, identify the problem on the Brevard router that is causing the lack of
connectivity.
A. transmission unit size too large

B. no loopback set
C. an incorrect subnet mask
D. incompatible encapsulation at each end
E. an incorrect IP address
F. incompatible bandwidth between routers
Answer: E
Question 5
Which of the following describes the roles of devices in a WAN? (Choose three)
A. A CSU/DSU terminates a digital local loop
B. A modem terminates a digital local loop
C. A CSU/DSU terminates an analog local loop
D. A modem terminates an analog local loop
E. A router is commonly considered a DTE device
F. A router is commonly considered a DCE device
Answers: A D E
Explanation
The idea behind a WAN is to be able to connect two DTE networks together through a DCE network.
The network’s DCE device (includes CSU/DSU) provides clocking to the DTE-connected interface (the
router’s serial interface).
A modem modulates outgoing digital signals from a computer or other digital device to analog signals
for a conventional copper twisted pair telephone line and demodulates the incoming analog signal and
converts it to a digital signal for the digital device. A CSU/DSU is used between two digital lines -> A &
D are correct but B & C are not correct.
For more explanation of answer D, in telephony the local loop (also referred to as a subscriber line) is
the physical link or circuit that connects from the demarcation point of the customer premises to the
edge of the carrier or telecommunications service provider’s network. Therefore a modem terminates
an analog local loop is correct.
Question 6
Which two pieces of information are provided by the “show controllers serial 0” command? (Choose
two)
A. the type of cable that is connected to the interface.
B. The uptime of the interface
C. the status of the physical layer of the interface
D. the full configuration of the interface
E. the interface’s duplex settings
Answer: A C
Explanation
Below is an example of the output of this command:
The “show controllers serial …” command tells us about the type of the cable (in the case V.35 DTE
cable) and the status of the physical layer of the interface. In above output we learn that there is an
cable attached on S0/0 interface. If no cable is found we will see the line “No DTE cable” instead.
Question 7
Which command is used to know the duplex speed of serial link?

A. show line
B. show interface
C. show protocol
D. show run
Answer: B
Explanation
Nowadays all serial links are full-duplex (as serial interfaces have separate Rx & Tx pins) so maybe
this question wants to ask about how to check the speed of the serial link. The “show interface”
command gives us information about this. An example of this command is shown below:
In this output the speed of S0/0 interface is 1544 Kbits.
Question 8
Which WAN topology provides a direct connection from each site to all other sites on the network?
A. single-homed
B. full mesh
C. point-to-point
D. hub-and-spoke
Answer: B
Explanation
Full-mesh is a network topology in which there is a direct link between all pairs of nodes. Below is an
example of full-mesh topology.
Question 9
What are three reasons that an organization with multiple branch offices and roaming users might
implement a Cisco VPN solution instead of point-to-point WAN links? (Choose three)
A. reduced cost
B. better throughput
C. broadband incompatibility
D. increased security
E. scalability
F. reduced latency
Answer: A D E
Question 10
Which three statements about DWDM are true? (Choose three)

A. It allows a single strand of fiber to support bidirectional communications
B. It is used for long-distance and submarine cable systems
C. It can multiplex up to 256 channels on a single fiber
D. It supports both the SDH and SONET standards
E. Each channel can carry up to a 1-Gbps signal
F. It supports simplex communications over multiple strands of fiber
Answer: C D E
Question 11
Which PPP subprotocol negotiates authentication options?

A. NCP
B. ISDN
C. SUP
D. LCP
E. DLCI
Answer: D
PPP Questions
Question 1
Which two statements about using the CHAP authentication mechanism in a PPP link are true? (Choose
two)
A. CHAP uses a two-way handshake.
B. CHAP uses a three-way handshake.
C. CHAP authentication periodically occurs after link establishment.
D. CHAP authentication passwords are sent in plaintext.
E. CHAP authentication is performed only upon link establishment.
F. CHAP has no protection from playback attacks.
Answer: B C
Question 2
A network administrator needs to configure a serial link between the main office and a remote
location. The router at the remote office is a non-Cisco router. How should the network administrator
configure the serial interface of the main office router to make the connection?
A. Main(config)# interface serial 0/0
Main(config-if)# ip address 172.16.1.1 255.255.255.252
Main(config-if)# no shut
B. Main(config)# interface serial 0/0

Main(config-if)# encapsulation ppp
C. Main(config)# interface serial 0/0

Main(config-if)# encapsulation frame-relay
Main(config-if)# authentication chap
D. Main(config)# interface serial 0/0

Main(config-if)#ip address 172.16.1.1 255.255.255.252
Main(config-if)#encapsulation ietf
Answer: B
Question 3
Refer to the exhibit:
The Bigtime router is unable to authenticate to the Littletime router. What is the cause of the
problem?
A. The usernames are incorrectly configured on the two routers.

B. The passwords do not match on the two routers.
C. CHAP authentication cannot be used on a serial interface.
D. The routers cannot be connected from interface S0/0 to interface S0/0.
E. With CHAP authentication, one router must authenticate to another router. The routers cannot be
configured to authenticate to each other.
Answer: B
Explanation
Both routers must use the same password for CHAP to authentication.
Question 4
What is the benefit of point-to-point leased line?

A. Low cost
B. Full-mesh capability
C. Flexibility of design
D. Simply configuration
Answer: D
Explanation
Point-to-point leased line is the most expensive interconnection between two ends as the line is
dedicated to a single user, the user should still pay for all available bandwidth, including those unused.
-> A is not correct.
With the cost of point-to-point leased line, the full-mesh capability is only achieved when your
company has very very strong budget to pay all the bills. To create a full-mesh topology for n sites,
we need n*(n-1)/2 leased line connections. For example if we have 6 sites then we need 6*5/2 = 15
leased line connections -> It is nearly impossible for a normal company to achieve full-mesh topology
-> B is not correct.
Flexibility is not an advantage of leased line connection -> C is not correct.

Point-to-point leased line simplifies the configuration as the circuit is available on a permanent basis
and does not require a connection to be set up before traffic is passed. It does not require to define a
permanent virtual circuit (PVC) in the configuration either -> D is correct.
Question 5
When you deploy multilink PPP on your network, where must you configure the group IP Address on
each device?
A. In the global config
B. Under serial interface
C. Under the routing protocol
D. Under the multilink interface
Answer: D
Explanation
Suppose R1 has two Serial interfaces which are directly connected to R2. This is how to configure
multilink on R1:
R1(config-if)# interface Serial 0/0

R1(config-if)# encapsulation ppp
R1(config-if)# ppp multilink
R1(config-if)# ppp multilink group 1
R1(config-if)# no shutdown
R1(config-if)# interface Serial 0/1

R1(config-if)# encapsulation ppp
R1(config-if)# no shutdown
R1(config)# interface multilink 1

R1(config-if)# ip address 192.168.42.1 255.255.255.252
Therefore we must configure IP address under multilink interface, not physical member interfaces.
Question 6
What are two authentication types of MLPPP?

A. PEAP
B. LEAP
C. PAP
D. CHAP
E. TACACS+
Answer: C D
Explanation
The Multilink PPP feature provides load balancing functionality over multiple WAN links while providing
multivendor interoperability and support for packet fragmentation, proper sequencing, and load
calculation on both inbound and outbound traffic.
Multilink PPP combines multiple physical links into a logical bundle called a Multilink PPP bundle. A
Multilink PPP bundle is a single, virtual interface that connects to the peer system. Having a single
interface (Multilink PPP bundle interface) provides a single point to apply hierarchical queueing,
shaping, and policing to traffic flows. Individual links in a bundle do not perform any hierarchical
queueing. None of the links have any knowledge about the traffic on parallel links.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/wan_mlp/configuration/xe-3s/wan-mlp-
xe-3s-book/wan_cfg_mlppp_conn_xe.html
MLPPP supports two authentication protocols: Password Authentication protocol (PAP) and Challenge-
Handshake Authentication Protocol (CHAP)
Question 7
At which layer of the OSI model does PPP perform?

A. Layer 2
B. Layer 3
C. Layer 4
D. Layer 5
E. Layer 1
Answer: A
Question 8
Which command is used to enable CHAP authentication with PAP as the fallback method on a serial
interface?
A. (config-if)# authentication ppp chap fallback ppp
B. (config-if)# authentication ppp chap pap
C. (config-if)# ppp authentication chap pap
D. (config-if)# ppp authentication chap fallback ppp
Answer: C
Explanation
The command “ppp authentication chap pap” command indicates the CHAP authentication is used first.
If it fails or is rejected by other side then uses PAP instead. If you want to use PAP first (then CHAP)
you can use the “ppp authentication pap chap” command.
QoS Questions
Question 1
Which option describes the purpose of traffic policing?

A. It prioritizes routing protocol traffic.
B. It remarks traffic that is below the CIR
C. It drops traffic that exceeds the CIR.
D. It queues and then transmits traffic that exceeds the CIR.
Answer: C
Explanation
The following diagram illustrates the key difference between traffic policing and traffic shaping. Traffic
policing propagates bursts. When the traffic rate reaches the configured maximum rate (or
committed information rate), excess traffic is dropped (or remarked). The result is an output
rate that appears as a saw-tooth with crests and troughs. In contrast to policing, traffic shaping
retains excess packets in a queue and then schedules the excess for later transmission over
increments of time. The result of traffic shaping is a smoothed packet output rate.
Note: Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by
the routing device.
Question 2
Which statement about QoS default behavior is true?

A. Ports are untrusted by default.
B. VoIP traffic is passed without being tagged.
C. Video traffic is passed with a well-known DSCP value of 46.
D. Packets are classified internally with an environment.
E. Packets that arrive with a tag are untagged at the edge of an administrative domain.
Answer: E
Question 3
What 8-bit field exists in IP packet for QoS?

A. Tos Field
B. DSCP
C. IP Precedence
D. Cos
E. ?
Answer: A
Explanation
The IP datagram header contains an 8-bit field called ToS (Type of Service). The field has been part of
the IP header since the beginning, but it was rarely used until the recent introduction of Differentiated
Services (Diff-Serv).
Note:
+ CoS does not exists in an IP header. It appears in the header of a 802.1Q frame only. CoS is used
for QoS on a trunk link.
+ DSCP uses the first 6 bits of the TOS field.
Question 4
Which feature can you implement to reserve bandwidth for VoIP calls across the call path?
A. round robin
B. CBWFQ
C. PQ
D. RSVP
Answer: D
Explanation
The Resource Reservation Protocol (RSVP) protocol allows applications to reserve bandwidth for their
data flows. It is used by a host, on the behalf of an application data flow, to request a specific amount
of bandwidth from the network. RSVP is also used by the routers to forward bandwidth reservation
requests.
Question 5
What does traffic shaping do to reduce congestion in a network?

A. buffers and queues packets
B. buffers without queuing packets
C. queues without buffering packets
D. drops packets
Answer: A
Explanation
policing propagates bursts. When the traffic rate reaches the configured maximum rate (or committed
information rate), excess traffic is dropped (or remarked). The result is an output rate that appears as
a saw-tooth with crests and troughs. In contrast to policing, traffic shaping retains excess packets
in a queue and then schedules the excess for later transmission over increments of time. The
result of traffic shaping is a smoothed packet output rate.
Note: Committed information rate (CIR): The minimum guaranteed data transfer rate agreed to by
the routing device.
Question 6
In which byte of an IP packet can traffic be marked?

A. The CoS byte
B. The ToS byte
C. The DSCP byte
D. The QoS byte
Answer: B
Explanation
Layer-3 marking is accomplished using the 8-bit Type of Service (ToS) field, part of the IP
header. A mark in this field will remain unchanged as it travels from hop-to-hop, unless a Layer-3
device is explicitly configured to overwrite this field. There are two marking methods that use the ToS
field:
+ IP Precedence: uses the first three bits of the ToS field.
+ Differentiated Service Code Point (DSCP): uses the first six bits of the ToS field. When using DSCP,
the ToS field is often referred to as the Differentiated Services (DS) field.
Reference: http://www.routeralley.com/guides/qos_classification.pdf
Question 7
Which function does traffic shaping perform?

A. It buffers and queues excess packets
B. It buffers traffic without queuing it
C. It queues traffic without buffering it
D. It drops packets to control the output rate
Answer: A
Explanation
policing propagates bursts. When the traffic rate reaches the configured maximum rate (or committed
information rate), excess traffic is dropped (or remarked). The result is an output rate that appears as
a saw-tooth with crests and troughs. In contrast to policing, traffic shaping retains excess packets
in a queue and then schedules the excess for later transmission over increments of time. The
result of traffic shaping is a smoothed packet output rate.
Question 8
Which option is the main function of congestion management?

A. discarding excess traffic
B. queuing traffic based on priority
C. classifying traffic
D. providing long-term storage of buffered data
PPPoE Questions
Question 1
Which part of the PPPoE server configuration contains the information used to assign an IP address to
a PPPoE client?
A. virtual-template interface
B. DHCP
C. dialer interface
D. AAA authentication
Answer: A
Explanation
The picture below shows all configuration needed for PPPoE:
There is no Dialer interface on the PPPoE Server so answer “Dialer interface” is not correct. The most
suitable answer is “Virtual Template” interface as it contains the pool which is used to assign IP
address to the PPPoE Client. But this question is weird because according to the CCNAv3 syllabus,
candidates only need to grasp the PPPoE on client-side, not sure why this question asked about PPPoE
on Server side. For more information about PPPoE, please read our PPPoE tutorial.
Question 2
During which phase of PPPoE is PPP authentication performed?

A. the PPP Session phase
B. Phase 2
C. the Active Discovery phase
D. the Authentication phase
E. Phase 1
Answer: A
Explanation
PPPoE provides a standard method of employing the authentication methods of the Point-to-Point
Protocol (PPP) over an Ethernet network. When used by ISPs, PPPoE allows authenticated assignment
of IP addresses. In this type of implementation, the PPPoE client and server are interconnected by
Layer 2 bridging protocols running over a DSL or other broadband connection.
PPPoE is composed of two main phases:

+ Active Discovery Phase: In this phase, the PPPoE client locates a PPPoE server, called an access
concentrator. During this phase, a Session ID is assigned and the PPPoE layer is established.
+ PPP Session Phase: In this phase, PPP options are negotiated and authentication is performed.
Once the link setup is completed, PPPoE functions as a Layer 2 encapsulation method, allowing data to
be transferred over the PPP link within PPPoE headers.
Reference: http://www.cisco.com/c/en/us/td/docs/security/asa/asa92/configuration/vpn/asa-vpn-
cli/vpn-pppoe.html
Question 3
Which type of interface can negotiate an IP address for a PPPoE client?

A. Ethernet
B. dialer
C. serial
D. Frame Relay
Answer: B
Explanation
In the Dialer interface, we can use the “ip address negotiated” command to ask for an IP address from
the PPPoE Server.
MPLS Questions
Question 1
Which statement about MPLS is true?

A. It operates in Layer 1.
B. It operates between Layer 2 and Layer 3.
C. It operates in Layer 3.
D. It operates in Layer 2.
Answer: B
Explanation
MPLS operates at a layer that lies between traditional definitions of Layer 2 (data link layer) and Layer
3 (network layer), and thus is often referred to as a “layer 2.5” protocol.
Question 2
Which two statements about MPLS are true? (Choose two)

A. It provides automatic authentication
B. It can carry multiple protocols, including IPv4 and IPv6
C. It encapsulates all traffic in an IPv4 header
D. It uses labels to separate and forward customer traffic
E. It tags customer traffic using 802.1q
Answer: B D
Explanation
MPLS supports IPv4, IPv6, IPX, AppleTalk at the network layer. MPLS supports Ethernet, Token Ring,
FDDI, ATM, FR, PPP at the link layer.
MPLS uses label switching to forward packets over Ethernet. Labels are assigned to packets based on
groupings or forwarding equivalence classes (FECs). The label is added between the Layer 2 and the
Layer 3 header.
DMVPN Questions
Question 1
Which type of topology is required by DMVPN?

A. ring
B. full mesh
C. hub-and-spoke
D. partial mesh
Answer: C
Explanation
The topology of DMVPN is always hub-and-spoke as all Spokes are required to connect to the Hub
router directly.
Question 2
Which circumstances can cause a GRE tunnel to be in an up/down state? (Choose three)
A. The tunnel interface IP address is misconfigured.
B. The tunnel interface is down.
C. A valid route to the destination address is missing from the routing table.
D. The tunnel address is routed through the tunnel itself.
E. The ISP is blocking the traffic.
F. An ACL is blocking the outbound traffic.
Answer: B C D
Question 3
Which technology supports multiple dynamic secure connections on an unsecured transport network?
A. DMVPN
B. VPN
C. Site-to-site VPN
D. client VPN
Answer: A
CDP & LLDP Questions
Question 1
Which command would you configure globally on a Cisco router that would allow you to view directly
connected Cisco devices?
A. cdp run
B. enable cdp
C. cdp enable
D. run cdp
Answer: A
Explanation
CDP is enabled by default on all Cisco routers. If it is turned off by any reason, we can turn it on again
with the following command on global configuration mode:
Router(config)#cdp run
Note: CDP can be turned on or turned off on each interface. For example to turn off CDP on an
interface we use this command:
Router(config-if)#no cdp enable
Question 2
Which statement about LLDP is true?

A. It is a Cisco proprietary protocol.
B. It is configured in global configuration mode.
C. The LLDP update frequency is a fixed value.
D. It runs over the transport layer.
Answer: B
Explanation
Link Layer Discovery Protocol (LLDP) is a industry standard protocol that allows devices to advertise,
and discover connected devices, and there capabilities (same as CDP of Cisco). To enable it on Cisco
devices, we have to use this command under global configuration mode:
Sw(config)# lldp run
Question 3
What is true about Cisco Discovery Protocol?

A. it discovers the routers, switches and gateways.
B. it is network layer protocol
C. it is physical and data link layer protocol
D. it is proprietary protocol
Answer: D
Explanation
The Cisco Discovery Protocol (CDP) is a proprietary Data Link Layer protocol (Layer 2 protocol)
developed by Cisco. It is used to share information about other directly connected Cisco equipment,
such as the operating system version and IP address. The most popular command with CDP is “show
cdp neighbors” to discover who is the neighbors.
There are 3 columns we should pay more attention to:
+ Local Interface (Local Intrfce): the interfaces on the device you are using “show cdp neighbors”
command. In this case it is the interface of HOME router
+ Platform: the platform of neighbor device
+ Port ID: the neighbor device’s port or interface on which the CDP packets are multicast
Question 4
Which command you enter on a switch to display the ip address associated with connected devices?
A. show cdp neighbors detail
B. show cdp neighbor
C. show cdp interface
D. show cdp traffic
Answer: A
Explanation
Only the “show cdp neighbor detail” gives us information about the IP address of the connected
device. Below is an example of this command.
Question 5
Which command would you configure globally on a Cisco router that to re-enable CDP if it was
disabled by the administrator?
A. enable cdp
B. cdp enable
C. cdp run
D. run cdp
Answer: C
Question 6
Which statement about Cisco Discovery Protocol is true?

A. It is Cisco-proprietary Protocol
B. It can discover information from routers, firewalls and switches
C. It runs on the network layer
D. It runs on the physical layer and the data link layer.
Answer: A
IP Address Questions
Question 1
Which two statements about IPv4 multicast traffic are true? (Choose two)
A. It burdens the source host without affecting remote hosts.
B. It uses a minimum amount of network bandwidth.
C. It is bandwidth-intensive.
D. It simultaneously delivers multiple streams of data.
E. It is the most efficient way to deliver data to multiple receivers.
Answer: B E
Explanation
IP multicast is a bandwidth-conserving technology that reduces traffic by simultaneously delivering a

single stream of information to potentially thousands of corporate recipients and homes.
IP multicast delivers application source traffic to multiple receivers without burdening the source or
the receivers while using a minimum of network bandwidth.
Reference: http://www.cisco.com/c/en/us/td/docs/ios/solutions_docs/ip_multicast/White_papers/mcst
_ovr.html
Question 2
What are benefits of private IPv4 IP addresses?

A. They are routed the same as public IP addresses.
B. They are less costly than public IP addresses.
C. They can be assigned to devices without Internet connections.
D. They eliminate the necessity for NAT policies.
E. They eliminate duplicate IP conflicts.
Answer: B C
Question 3
What will happen if a private IP address is assigned to a public interface connected to an ISP?
A. A conflict of IP addresses happens, because other public routers can use the same range.
B. Addresses in a private range will not be routed on the Internet backbone.
C. Only the ISP router will have the capability to access the public network.
D. The NAT process will be used to translate this address to a valid IP address.
Answer: B
Question 4
Which destination IP address can a host use to send one message to multiple devices across different
subnets?
A. 172.20.1.0
B. 127.0.0.1
C. 192.168.0.119
D. 239.255.0.1
Answer: D
Explanation
In order to send traffic to multiple devices (not all) across different subnets we need to use multicast
addresses, which are in the range 224.0.0.0 through 239.255.255.255 -> D is correct.
Question 5
Which RFC was created to alleviate the depletion of IPv4 public addresses?
A. RFC 4193
B. RFC 1519
C. RFC 1518
D. RFC 1918
Answer: C
Explanation
The RFC 1518 is Classless Interdomain Routing (CIDR). CIDR is a mechanism developed to help
alleviate the problem of exhaustion of IP addresses and growth of routing tables.
The problems were:
+ With the classful routing system, individual networks were either limited to 254 hosts (/24) or
65,534 hosts (/16). For many network enterprises, 254 hosts were not enough and 65,534 were too
large to be used efficiently.
+ Routing information overload. The size and rate of growth of the routing tables in Internet routers is
beyond the ability of current software (and people) to effectively manage.
+ Eventual exhaustion of IP network numbers.
To solve these problem, CIDR was selected as the solution in 1992.
In contrast to classful routing, which categorizes addresses into one of three blocks, CIDR allows for
blocks of IP addresses to be allocated to Internet service providers. The blocks are then split up and
assigned to the provider’s customers.
According to the CIDR standard, the first part of an IP address is a prefix, which identifies the
network. The prefix is followed by the host identifier so that information packets can be sent to
particular computers within the network. A CIDR address includes the standard 32-bit IP address and
also the network prefix. For example, a CIDR address of 200.1.45.2/26, the “/26” indicates the first
26 bits are used to identify the unique network, leaving the remaining bits to identify the specific
hosts.
Therefore, instead of assigning the whole block of a class B or C address, now smaller blocks of a class
can be assigned. For example, instead of assigning a whole block of 200.1.45.0/24, a smaller block,
like 200.1.45.0/27 or 200.1.45.32/27, can be assigned.
In fact, CIDR is specified in RFCs 1518,1519 and 1520 so answer “RFC 1519” is also acceptable.
Question 6
Which IPv6 feature is supported in IPv4 but is not commonly used?

A. unicast
B. multicast
C. anycast
D. broadcast
Answer: C
Explanation
Only three connection types are commonly known and used in Internet Protocol version four (IPv4)
networks: unicast, multicast and broadcast. A fourth connection type, Anycast, was unknown until
IPv6 made it a standard connection type. Anycast is not standardized in IPv4 but can be emulated.
IPv4 Anycast addressing is a good solution to provide localization for services and servers in order to
obtain robustness, redundancy and resiliency.
The basic idea of Anycast is very simple: multiple servers, which share the same IP address, host the
same service. The routing infrastructure sends IP packets to the nearest server (according to the
metric of the routing protocol used). The major benefits of employing Anycast in IPv4 are improved
latency times, server load balancing, and improved security.
Reference: http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.116.6367&rep=rep1&type=pdf
Question 7
What are two benefits of private IPv4 IP addresses? (Choose two)

A. They are routed the same as public IP addresses.
B. They are less costly than public IP addresses.
C. They can be assigned to devices without Internet connections.
D. They eliminate the necessity for NAT policies.
E. They eliminate duplicate IP conflicts.
Answer: B C
Explanation
Usually using private IPv4 addresses in a organization is free so surely they are less costly than public
IP addresses which you have to buy -> B is correct.
Also we can use private IPv4 addresses to devices that do not need to connect to the Internet because
Internet requires public IPv4 addresses -> C is correct.
Answer D is not correct as we still need to use NAT policies to limit which private IPv4 addresses in
our company can access our resources.
Question 8
What are two benefits of private IPv4 addresses? (Choose two)

A. they can be implemented without requiring admin to coordinate with IANA
B. they are managed by IANA
C. increase the flexibility of network design
D. provide network isolation from the internet
E. they are routable over internet
Answer: A D
Question 9
Which address class includes network 191.168.0.1/27?

A. Class C
B. Class B
C. Class D
D. Class A
Answer: B
Explanation
This is a tricky question if you don’t have a close look on the network. The first octet is 191, not 192
so it belongs to class B, not class C.
Question 10
Which two options are the best reasons to use an IPV4 private IP space? (Choose two)
A. to enable intra-enterprise communication
B. to conserve global address space
C. to manage routing overhead
D. to connect applications
E. to implement NAT
Answer: A B
Switch Questions
Question 1
Which switching method duplicates the first six bytes of a frame before making a switching decision?
A. fragment-free switching
B. cut-through switching
C. store-and-forward switching
D. ASIC switching
Answer: B
Explanation
In cut-through switching, the switch copies into its memory only the destination MAC address (first six
bytes of the frame) of the frame. After processing these first six bytes, the switch had enough
information to make a forwarding decision and move the frame to the appropriate switchport. This
switching method is faster than store-and-forward switching method.
In store-and-forward switching, the switch copies each complete Ethernet frame into the switch
memory and computes a Cyclic Redundancy Check (CRC) for errors. If a CRC error is found, the
Ethernet frame is dropped. If no CRC error is found then that frame is forwarded.
Question 2
Refer to the exhibit. Which of these statements correctly describes the state of the switch once the
boot process has been completed?
A. As FastEthernet0/12 will be the last to come up, it will not be blocked by STP.
B. Remote access management of this switch will not be possible without configuration change.
C. More VLANs will need to be created for this switch.
D. The switch will need a different IOS code in order to support VLANs and STP.
Answer: B
Explanation
From the output we notice that the administrator has just shut down Interface Vlan1, which is the
default VLAN so no one can access it remotely (like telnet) -> B is correct.
Answer A is not correct as STP calculation does not depend on which port comes up first or last. STP
recalculates when there is a change in the network.
A normal switch can operate without VLAN -> C is not correct.
This IOS does support VLAN because it has VLAN 1 on it -> D is not correct.
Question 3
The network administrator normally establishes a Telnet session with the switch from host A. The
administrator’s attempt to establish a connect via Telnet to the switch from host B fails, but pings
from host B to other two hosts are successful. What is the issue for this problem?
A. Host B and the switch need to be in the same subnet.
B. The switch needs an appropriate default gateway assigned.
C. The switch interface connected to the router is down.
D. Host B need to be assigned an IP address in vlan 1.
Answer: B
Explanation
Host A (172.19.1.1) and the management IP address of the Switch (172.19.1.250) are in the same
subnet so telnet from host A to the switch can be successful even if a default gateway is not set on
host A.
But host B (172.19.32.2) and the management IP address of the Switch (172.19.1.250) are not in the
same subnet so host B needs a default gateway to telnet to the switch. The default gateway on host B
should be 172.19.32.254.
Question 4
The network administrator cannot connect to Switch1 over a Telnet session, although the hosts
attached to Switch1 can ping the interface Fa0/0 of the router. Given the information in the graphic
and assuming that the router and Switch2 are configured properly, which of the following commands
should be issued on Switch1 to correct this problem?
A. Switch1 (config)# line con0
Switch1 (config-line)# password cisco
Switch1 (config-line)#login
B. Switch1 (config)# interface fa0/1

Switch 1(config-if)# ip address 192.168.24.3 255.255.255.0
C. Switch1 (config)# ip default-gateway 192.168.24.1
D. Switch1 (config)# interface fa0/1

Switch 1(config-if)# duplex full
Switch 1(config-if)# speed 100
E. Switch1 (config)# interface fa0/1

Switch 1(config-if)# switchport mode trunk
Answer: C
Question 5
Which command can you use to set the hostname on a switch?

A. switch-mdf-c1(config)#hostname switch-mdf1
B. switch-mdf-c1>hostname switch-mdf1
C. switch-mdf-c1#hostname switch-mdf1
D. switch-mdf-c1(config-if)#hostname switch-mdf1
Answer: A
Question 6
Refer to the exhibit. What is the effect of the given configuration?

Switch#configuration terminal
Switch#interface VLAN 1
Switch(config-if)#ip address 192.168.2.2 255.255.255.0
Switch(config-if)#end
A. It configures an inactive switch virtual interface.

B. It configures an active management interface.
C. It configures the native VLAN.
D. It configures the default VLAN.
Answer: A
Explanation
In the configuration above, the “no shutdown” command was missing so interface Vlan 1 is still
inactive. Notice that only the loopback command does not need the “no shutdown” command to work.
Question 7
Which statement about switch access ports is true?

A. They drop packets with 802.1Q tags.
B. A VLAN must be assigned to an access port before it is created.
C. They can receive traffic from more than one VLAN with no voice support
D. By default, they carry traffic for VLAN 10.
Answer: A
Explanation
A VLAN does not need to be assigned to any port -> B is not correct.
An access port can only receive traffic from one VLAN -> C is not correct.
If not assigned to a specific VLAN, an access port carries traffic for VLAN 1 by default -> D is not
correct.
An access port will drop packets with 802.1Q tags -> A is correct. Notice that 802.1Q tags are used to
packets moving on trunk links.
Question 8
Which feature allows a device to use a switch port that is configured for half-duplex to access the
network?
A. CSMA/CD
B. IGMP
C. port security
D. split horizon
Answer: A
Explanation
Carrier Sense Multiple Access with Collision Detection (CSMA/CD) is the LAN access method used in
Ethernet. When a device wants to gain access to the network, it checks to see if the network is free. If
the network is not free, the device waits a random amount of time before retrying. If the network is
free and two devices access the line at exactly the same time, their signals collide. When the collision
is detected, they both back off and wait a random amount of time before retrying.
CSMA/CD is used with devices operating in half-duplex mode only. CSMA/CD helps devices connecting
to half-duplex switch ports operate correctly.
Question 9
Which option is a invalid hostname for a switch?

A. 5witch-Cisco
B. Switch-Cisco!
C. 5witchCisc0
D. SwitchCisc0
Answer: B
Explanation
The “!” is a special character which is not allowed in the hostname of Cisco device.
Question 10
Which statement about unicast frame forwarding on a switch is true?

A. The TCAM table stores destination MAC addresses
B. If the destination MAC address is unknown, the frame is flooded to every port that is configured in
the same VLAN except on the port that it was received on.
C. The CAM table is used to determine whether traffic is permitted or denied on a switch
D. The source address is used to determine the switch port to which a frame is forwarded
Answer: B
Question 11
Two hosts are attached to a switch with the default configuration. Which statement about the
configuration is true?
A. IP routing must be enabled to allow the two hosts to communicate.
B. The two hosts are in the same broadcast domain.
C. The switch must be configured with a VLAN to allow the two hosts to communicate.
D. Port security prevents the hosts from connecting to the switch.
Answer: B
Explanation
All ports on a Layer 2 switch are in the same broadcast domain. Only router ports separate broadcast
domains.
Switch Questions 2
Question 1
Configuration of which option is required on a Cisco switch for the Cisco IP phone to work?
A. PortFast on the interface
B. the interface as an access port to allow the voice VLAN ID
C. a voice VLAN ID in interface and global configuration mode
D. Cisco Discovery Protocol in global configuration mode
Answer: B
Explanation
When you connect an IP phone to a switch using a trunk link, it can cause high CPU utilization in the
switches. As all the VLANs for a particular interface are trunked to the phone, it increases the number
of STP instances the switch has to manage. This increases the CPU utilization. Trunking also causes
unnecessary broadcast / multicast / unknown unicast traffic to hit the phone link.
In order to avoid this, remove the trunk configuration and keep the voice and access VLAN configured
along with Quality of Service (QoS). Technically, it is still a trunk, but it is called a Multi-VLAN
Access Port (MVAP). Because voice and data traffic can travel through the same port, you should
specify a different VLAN for each type of traffic. You can configure a switch port to forward voice and
data traffic on different VLANs. Configure IP phone ports with a voice VLAN configuration. This
configuration creates a pseudo trunk, but does not require you to manually prune the unnecessary
VLANs.
The voice VLAN feature enables access ports to carry IP voice traffic from an IP phone. You can
configure a voice VLAN with the “switchport voice vlan …” command under interface mode. The full
configuration is shown below:
Switch(config)#interface fastethernet0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 10
Switch(config-if)#switchport voice vlan 20
Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-4500-series-
switches/69632-configuring-cat-ip-phone.html
Question 2
A technician has installed SwitchB and needs to configure it for remote access from the management
workstation connected SwitchA. Which set of commands is required to accomplish this task?
A.
SwitchB(config)#interface FastEthernet 0/1
SwitchB(config-if)#ip address 192.168.8.252 255.255.255.0
SwitchB(config-if)#no shutdown
B.
SwitchB(config)#ip default-gateway 192.168.8.254
SwitchB(config)#interface vlan 1
C.
SwitchB(config-if)#ip default-gateway 192.168.8.254 255.255.255.0
D.
SwitchB(config)#ip default-network 192.168.8.254
Answer: B
Explanation
To remote access to SwitchB, it must have a management IP address on a VLAN on that switch.
Traditionally, we often use VLAN 1 as the management VLAN (but in fact it is not secure).
In the exhibit, we can recognize that the Management Workstation is in a different subnet from the
SwitchB. For intersubnetwork communication to occur, you must configure at least one default
gateway. This default gateway is used to forward traffic originating from the switch only, not to
forward traffic sent by devices connected to the switch.
Question 3
Which three statements accurately describe layer 2 Ethernet switches? (choose three)
A. Microsegmentation decreases the number of collisions on the network.
B. If a switch receives a frame for an unknown destination, it uses ARP to resolve the address.
C. Spanning Tree Protocol allows switches to automatically share vlan information.
D. In a property functioning network with redundant switched paths, each switched segment will
contain one root bridge with all its ports in the forwarding state. All other switches in that broadcast
domain will have only one root port.
E. Establishing vlans increases the number of broadcast domains.
F. Switches that are configured with vlans make forwarding decisions based on both layer 2 and layer
3 address information.
Answer: A D E
Explanation
Microsegmentation is a network design (functionality) where each workstation or device on a network

gets its own dedicated segment (collision domain) to the switch. Each network device gets the full
bandwidth of the segment and does not have to share the segment with other devices.
Microsegmentation reduces and can even eliminate collisions because each segment is its own collision
domain -> A is correct.
Note: Microsegmentation decreases the number of collisions but it increases the number of collision
domains.
D and E are correct based on the theory of STP and VLAN.
Question 4
Refer to the exhibit. Give this output for SwitchC, what should the network administrator’s next action
be?
A. Check the trunk encapsulation mode for SwitchC’s fa0/1 port.

B. Check the duplex mode for SwitchC’s fa0/1 port.
C. Check the duplex mode for SwitchA’s fa0/2 port.
D. Check the trunk encapsulation mode for SwitchA’s fa0/2 port.
Answer: C
Question 5
Refer to the exhibit.

Switch-1 needs to send data to a host with a MAC address of 00b0.d056.efa4. What will Switch-1 do
with this data?
A. Switch-1 will drop the data because it does not have an entry for that MAC address.
B. Switch-1 will forward the data to its default gateway.
C. Switch-1 will flood the data out all of its ports except the port from which the data originated.
D. Switch-1 will send an ARP request out all its ports except the port from which the data originated.
Answer: C
Explanation
The MAC address of 00b0.d056.efa4 has not been learned in its MAC address table so Switch-1 will
broadcast the frame out all of its ports except the port from which the data originated.
Question 6
Which utility can you use to determine whether a switch can send echo requests and replies?
A. ping
B. traceroute
C. ssh
D. telnet
Answer: A
Explanation
“ping” command is used to send echo requests and receive echo replies.
Question 7
On which type of port can switches interconnect for multi-VLAN communication?

A. interface port
B. access port
C. switch port
D. trunk port
Answer: D
Question 8
Which two types of information are held in the MAC address table? (Choose two)
A. MAC address
B. source IP address
C. destination IP address
D. Protocols
E. Port numbers
Answer: A E
Explanation
We can check the MAC address table with the command “show mac address-table”:
As we can see here, the “MAC address” field is the source MAC address and the “Ports” field are the
ports of the switch from which the frames (with corresponding source MAC address) were received.
Question 9
What type of MAC address is aged automatically by the switch?

A. Dynamic
B. Static
C. Auto
Answer: A
Explanation
To switch frames between LAN ports efficiently, the switch maintains an address table. When the
switch receives a frame, it associates the media access control (MAC) address of the sending network
device with the LAN port on which it was received.
The switch dynamically builds the address table by using the MAC source address of the frames
received. When the switch receives a frame for a MAC destination address not listed in its address
table, it floods the frame to all LAN ports of the same VLAN except the port that received the frame.
When the destination station replies, the switch adds its relevant MAC source address and port ID to
the address table. The switch then forwards subsequent frames to a single LAN port without flooding
all LAN ports.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/configuration/g
uide/cli/CLIConfigurationGuide/MACAddress.html
When the switch dynamically builds the MAC address table, it also specifies the time before an entry
ages out and is discarded from the MAC address table. The default is 300 seconds.
Question 10
Which of the three options are switchbox configurations that can always avoid duplex mismatch errors
between two switches? (Choose three)
A. Set one side of the connection to the full duplex and the other side to half duplex
B. Set both sides of the connection to full duplex
C. Set one side of the connection to auto-negotiate and the other side to half duplex
D. Set one side of the connection to auto-negotiate and the other side to full duplex
E. Set both sides of the connection to auto-negotiate
F. Set both sides of the connection to half duplex
Answer: B E F
Question 11
Refer to the exhibit.
What two results would occur if the hub were to be replaced with a switch that is configured with one
Ethernet VLAN? (Choose two)
Note: This question may or may not have the exhibit.
A. The number of collision domains would remain the same.

B. The number of collision domains would decrease.
C. The number of collision domains would increase.
D. The number of broadcast domains would remain the same.
E. The number of broadcast domains would decrease.
F. The number of broadcast domains would increase.
Answer: C D
VLAN Questions
Question 1
What are three benefits of implementing VLANs? (Choose three)

A. A more efficient use of bandwidth can be achieved allowing many physical groups to use the same
network infrastructure.
B. A higher level of network security can be reached by separating sensitive data traffic from other
network traffic.
C. Broadcast storms can be mitigated by increasing the number of broadcast domains, thus reducing
their size.
D. A more efficient use of bandwidth can be achieved allowing many logical networks to use the same
network infrastructure.
E. Port-based VLANs increase switch-port use efficiency, thanks to 802.1 Q trunks.
F. VLANs make it easier for IT staff to configure new logical groups, because the VLANs all belong to
the same broadcast domain. Broadcast storms can be mitigated by decreasing the number of
broadcast domains, thus increasing their size.
Answer: B C D
Question 2
Which command can you enter to view the ports that are assigned to VLAN 20?
A. Switch#show ip interface brief
B. Switch#show interface vlan 20
C. Switch#show ip interface vlan 20
D. Switch#show vlan id 20
Answer: D
Question 3
What are three advantages of VLANs? (Choose three)

A. They allow access to network services based on department, not physical location.
B. They provide a method of conserving IP addresses in large networks.
C. They utilize packet filtering to enhance network security.
D. They can simplify adding, moving, or changing hosts on the network.
E. They provide a low-latency internetworking alternative to routed networks.
F. They establish broadcast domains in switched networks.
Answer: A D F
Question 4
Which command sequence can you enter to create VLAN 20 and assign it to an interface on a switch?
A. Switch(config)#vlan 20
Switch(config)#interface gig x/y
B. Switch(config)#interface gig x/y

Switch(config-if)#vlan 20
Switch(config-vlan)#switchport access vlan 20
C. Switch(config)#vlan 20
Switch(config)#interface vlan 20
Switch(config-if)#switchport trunk native vlan 20
D. Switch(config)#vlan 20
E. Switch(config)#vlan 20
Switch(config-if)#switchport trunk allowed vlan 20
Answer: A
Question 5
Which two circumstances can cause collision domain issues on VLAN domain? (Choose two)
A. duplex mismatches on Ethernet segments in the same VLAN
B. multiple errors on switchport interfaces
C. congestion on the switch inband path
D. a failing NIC in an end device
E. an overloaded shared segment
Answer: A C
Explanation
On an Ethernet connection, a duplex mismatch is a condition where two connected devices operate in
different duplex modes, that is, one operates in half duplex while the other one operates in full duplex.
Duplex mismatch can easily cause collision domain issue as the device that operates in full duplex
mode turns off CSMA/CD. So it is eager to send data immediately without checking if the link is free to
use -> A is correct.
An “inband path” is the path which provides path for management traffic (like CDP, VTP, PAgP…) but
we are not sure why congestion on the switch inband path can cause collision domain issues. Maybe
congestion on inband path prevents the JAM signal (sent when a collision occurs on the link) to be
sent correctly on the link.
Question 6
What is the default VLAN on an access port?

A. 0
B. 1
C. 10
D. 1024
Answer: B
Explanation
If we configure an access port as follows:
Switch(config)#interface fa0/1
Switch(config-if)#switchport mode access
Then this interface, by default, will belong to VLAN 1. Of course we can assign another VLAN to this
port via the “switchport access vlan {vlan-number}” command.
Question 7
Which statement about native VLAN traffic is true?

A. Cisco Discovery Protocol traffic travels on the native VLAN by default
B. Traffic on the native VLAN is tagged with 1 by default
C. Control plane traffic is blocked on the native VLAN.
D. The native VLAN is typically disabled for security reasons
Answer: A
Explanation
Traffic on the native VLAN is untagged -> Answer B is not correct.
Control plane traffic (like CDP, VTP, STP…) runs on VLAN 1 by default. They are not blocked on the
native VLAN -> Answer C is not correct.
If the answer says “the native VLAN should be set so that no real traffic running on it for security
reasons” then it is correct but the native VLAN is not typically disabled -> Answer D is not correct.
CDP runs on VLAN 1 by default and the native VLAN is also VLAN 1 by default so answer A is the best
choice here.
Question 8
Refer to the exhibit. Which statement describes the effect of this configuration?
Router#configure terminal
Router(config)#vlan 10
Router(config-vlan)#do show vlan
A. The VLAN 10 VTP configuration is displayed.

B. VLAN 10 spanning-tree output is displayed.
C. The VLAN 10 configuration is saved when the router exits VLAN configuration mode.
D. VLAN 10 is added to the VLAN database.
Answer: C
Explanation
With the configuration above, when we type “do show vlan” we would not see VLAN 10 in the VLAN
database because it has not been created yet. VLAN 10 is only created when we exits VLAN
configuration mode (with “exit” command).
Question 9
Which method does a connected trunk port use to tag VLAN traffic?
A. IEEE 802.1w
B. IEEE 802.1D
C. IEEE 802.1Q
D. IEEE 802.1p
Answer: C
Explanation
IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network.
When a frame enters the VLAN-aware portion of the network (a trunk link, for example), a VLAN ID
tag is added to represent the VLAN membership of that frame. The picture below shows how VLAN tag
is added and removed while going through the network.
Question 10
Which of the following are benefits of VLANs? (Choose three)

A. They increase the size of collision domains.
B. They allow logical grouping of users by function.
C. They can enhance network security.
D. They increase the size of broadcast domains while decreasing the number of collision domains.
E. They increase the number of broadcast domains while decreasing the size of the broadcast
domains.
F. They simplify switch administration.
Answer: B C E
Explanation
When using VLAN the number and size of collision domains remain the same -> A is not correct.
VLANs allow to group users by function, not by location or geography -> B is correct.
VLANs help minimize the incorrect configuration of VLANs so it enhances the security of the network
-> C is correct.
VLAN increases the size of broadcast domains but does not decrease the number of collision domains
-> D is not correct.
VLANs increase the number of broadcast domains while decreasing the size of the broadcast domains
which increase the utilization of the links. It is also a big advantage of VLAN -> E is correct.
VLANs are useful but they are more complex and need more administration -> F is not correct.
VLAN Questions 2
Question 1
Which feature facilitate the tagging of a specific VLAN?

A. Routing
B. Hairpinning
C. Encapsulation
D. Switching
Answer: C
Question 2
What are three advantages of VLANs? (Choose three)
A. VLANs establish broadcast domains in switched networks.
B. VLANs utilize packet filtering to enhance network security.
C. VLANs provide a method of conserving IP addresses in large networks.
D. VLANs provide a low-latency internetworking alternative to routed networks.
E. VLANs allow access to network services based on department, not physical location.
F. VLANs can greatly simplify adding, moving, or changing hosts on the network.
Answer: A E F
Question 3
Under normal operations, Cisco recommends that you configure switch ports on which VLAN?
A. on the default vlan
B. on the management vlan
C. on the native vlan
D. on any vlan except the default vlan
Answer: D
Explanation
The default Ethernet VLAN is VLAN 1. It is a security best practice to configure all the ports on all
switches to be associated with VLANs other than VLAN 1. All used ports are associated with VLANs
distinct from VLAN 1.
Reference: http://www.ciscopress.com/articles/article.asp?p=2181837&seqNum=11
All control/management traffic (like CDP, VTP, DTP…) is sent on VLAN 1 and we should separate
management and user data traffic. Another reason is by default, the native VLAN is also VLAN 1 which
is untagged on trunk links so it may cause a security hole.
Question 4
Which two protocol can detect native vlan mismatch errors? (Choose two)
A. CDP
B. VTP
C. DTP
D. STP
E. PAGP
Answer: A D
Explanation
The native VLAN must match on both sides of the trunk link for 802.1Q; otherwise the link will not
work. If there is a native VLAN mismatch, Spanning Tree Protocol (STP) places the port in a port VLAN
ID (PVID) inconsistent state and will not forward on the link -> STP can detect native VLAN mismatch.
Note: Cisco Discovery Protocol (CDP) version 2 passes native VLAN information between Cisco
switches. If you have a native VLAN mismatch, you will see CDP error messages on the console output
-> CDP can detect native VLAN mismatch.
Question 5
Which statement about VLAN configuration is true?

A. The switch must be in VTP server or transparent mode before you can configure a VLAN
B. The switch must be in config-vlan mode before you configure an extended VLAN
C. Dynamic inter-VLAN routing is supported on VLAN2 through VLAN 4064
D. A switch in VTP transparent mode save the VLAN databases to the running configuration only
Answer: A
Question 6
Which statement about vlan operation on Cisco Catalyst switches is true?

A. when a packet is received from an 802.1Q trunk, the vlan id can be determined from the source
MAC address table.
B. unknown unicast frames are retransmitted only to the ports that belong to the same vlan.
C. ports between switches should be configured in access mode so that vlans can span across the
ports.
D. broadcast and multicast frames are retransmitted to ports that are configured on different vlan.
Answer: B
Explanation
Answer A is not correct because when a packet is received from an 802.1Q trunk, it always carries
VLAN ID information in the VLAN tag portion so the switch does not need to look up its source MAC
address table to determine the VLAN ID of that packet.
Question 7
Which two statements about data VLANs on access ports are true ? (Choose two)
A. They can be configured as trunk ports
B. Two or more VLANs can be configured on the interface
C. 802.1Q encapsulation must be configured on the interface
D. Exactly one VLAN can be configured on the interface.
E. They can be configured as host ports.
Answer: D E
Question 8
Which feature facilitates the tagging of frames on a specific VLAN?

A. Routing
B. Hairpinning
C. Switching
D. Encapsulation
Answer: D
Question 9
Assuming the default switch configuration which vlan range can be added modified and removed on a
Cisco switch?
A. 2 through 1001
B. 1 through 1001
C. 1 through 1002
D. 2 through 1005
Answer: A
Trunking Questions
Question 1
Which command can you enter to determine whether a switch is operating in trunking mode?
A. show vlan
B. show ip interface brief
C. show interfaces
D. show interface switchport
Answer: D
Explanation
Below is an example of the output of this command. Interface Ethernet1/0 is operating in trunking
mode.
Question 2
Which two commands can be used to verify a trunk link configuration status on a Cisco switch?
(choose two)
A. show interfaces trunk
B. show interfaces switchport
C. show ip interface brief
D. show interfaces vlan
Answer: A B
Explanation
The “show interfaces trunk” command and “show interfaces switchport” command can be used to
verify the status of an interface (trunking or not). The outputs of these commands are shown below
(port Ethernet 1/0 has been configured as trunk):
The “show ip interface brief” command only gives us information about the IP address, the status
(up/down) of an interface:
The “show interfaces vlan” command only gives us information about that VLAN, not about which
ports are the trunk links:
Question 3
Switch port FastEthernet 0/24 on AlSwitch1 will be used to create an IEEE 802.1Q-complaint trunk to
another switch. Based on the output shown, What is the reason the trunk does not form, even thought
the proper cabling has been attached?
A. VLANs have not been created yet.

B. An IP address must be configured for the port.
C. The port is currently configured for access mode.
D. The correct encapsulation type has not been configured.
E. The no shutdown command has not been entered for the port.
Answer: C
Explanation
The “Operational Mode” is “static access” so this port is currently in access mode.
Question 4
Which two of these are characteristics of the 802.1Q protocol? (Choose two)
A. It is a layer 2 messaging protocol which maintains vlan configurations across network.
B. It includes an 8-bit field which specifies the priority of a frame.
C. It is used exclusively for tagging vlan frames and does not address network reconvergence
following switched network topology changes.
D. It modifies the 802.3 frame header and thus requires that the FCS be recomputed.
E. It is a trunking protocol capable of earring untagged frames.
Answer: D E
Explanation
IEEE 802.1Q is the networking standard that supports Virtual LANs (VLANs) on an Ethernet network.
It is a protocol that allows VLANs to communicate with one another using a router. 802.1Q trunks
support tagged and untagged frames.
If a switch receives untagged frames on a trunk port, it believes that frame is a part of the native
VLAN. Also, frames from a native VLAN are not tagged when exiting the switch via a trunk port.
The 802.1q frame format is same as 802.3. The only change is the addition of 4 bytes fields. That
additional header includes a field with which to identify the VLAN number. Because inserting this
header changes the frame, 802.1Q encapsulation forces a recalculation of the original FCS field in the
Ethernet trailer.
Note: Frame Check Sequence (FCS) is a four-octet field used to verify that the frame was received
without loss or error. FCS is based on the contents of the entire frame.
Question 5
How to create a trunk port and allow VLAN 20? (Choose three)
A. switchport trunk encapsulation dot1q
B. switchport mode trunk
C. switchport trunk allowed vlan 20
D. switchport trunk native vlan 20
E. ?
Answer: A B C
Explanation
In switches that support both InterSwitch Link (ISL) and 802.1Q trunking encapsulations, we need to
specify an trunking protocol so we must use the command “switchport trunk encapsulation dot1q”
command first to set the trunk mode to 802.1Q. Then we configure trunking interface with the
“switchport mode trunk” command. Then we explicitly allow vlan 20 with the command “switchport
trunk allowed vlan 20” command. By default all VLANs are allowed to pass but after entering this
command, only VLAN 20 is allowed.
Question 6
Which mode is compatible with Trunk, Access, and desirable ports?

A. Trunk Ports
B. Access Ports
C. Dynamic Auto
D. Dynamic Desirable
Answer: C (?)
Explanation
Maybe this question wanted to ask “if the other end is configured with trunk/access/desirable mode”
then which mode is compatible so that the link can work. In that case both “dynamic auto” and
“dynamic desirable” mode are correct. The difference between these two modes is “dynamic auto” is
passively waiting for the other end to request to form a trunk while “dynamic desirable” will actively
attempt to negotiate to convert the link into a trunk.
Question 7
What field is consist of 6 bytes in the field identification frame in IEEE 802.1Q?
A. SA
B. DA
C. FCS
D. other
Answer: A
Explanation
The picture below shows the fields in IEEE 802.1Q frame.
The SA field is the source address field. The field should be set to the MAC address of the switch port
that transmits the frame. It is a 48-bit value (6 bytes). The receiving device may ignore the SA field of
the frame.
Question 8
Which statement about DTP is true?

A. It uses the native VLAN.
B. It negotiates a trunk link after VTP has been configured.
C. It uses desirable mode by default.
D. It sends data on VLAN 1.
Answer: D
Explanation
Control traffic like CDP, DTP, PAgP, and VTP uses VLAN 1 to operate, even if you change the native
VLAN.
Question 9
How can you disable DTP on a switch port?

A. Configure the switch port as a trunk.
B. Add an interface on the switch to a channel group.
C. Change the operational mode to static access.
D. Change the administrative mode to access.
Answer: A (no correct answer, in fact)
Explanation
Although some books and websites said DTP is disabled if the switch port is configured as trunk or
access mode (via the command “switchport mode trunk” or “switchport mode access”) but in fact DTP
is still running in these modes. Please read at http://packetlife.net/blog/2008/sep/30/disabling-
dynamic-trunking-protocol-dtp/. The only way to disable DTP on a switch port is to use the “switchport
nonegotiate” command. But notice this command can only be used after configuring that switch port
in “trunk” or “access” mode.
Therefore this is a question with no correct answer but if we have to choose an answer, we will choose
answer A. At least it is correct in theory.
Question 10
What is true about DTP? (Choose three)

A. Layer 2 protocol
B. Layer 3 protocol
C. Proprietary protocol
D. enabled by default
E. disabled by default
Answer: A C D
Explanation
The Dynamic Trunking Protocol (DTP) is a proprietary networking protocol developed by Cisco
Systems for the purpose of negotiating trunking on a link between two VLAN-aware switches, and for
negotiating the type of trunking encapsulation to be used. It is a Layer 2 protocol and it is enabled by
default on Cisco switches (so the interfaces of your switches will be in “dynamic auto” or “dynamic
desirable” mode). If you want to turn it off, use the “switchport nonegotiate” under interface mode.
Question 11
Which DTP switchport mode allow the port to create a trunk port if the the port is in trunk, dynamic
auto and dynamic desirable mode?
A. Dynamic Auto
B. Dynamic Desirable
C. Access
D. Trunk
Answer: B
Question 12
What is the function of the command switchport trunk native vlan 999 on a trunk port?
A. It designates VLAN 999 for untagged traffic.
B. It blocks VLAN 999 traffic from passing on the trunk.
C. It creates a VLAN 999 interface.
D. It designates VLAN 999 as the default for all unknown tagged traffic.
Answer: A
STP Questions
Question 1
Refer to the topology shown in the exhibit. Which ports will be STP designated ports if all the links are
operating at the same bandwidth? (Choose three)
A. Switch A – Fa0/0
B. Switch A – Fa0/1
C. Switch B – Fa0/0
D. Switch B – Fa0/1
E. Switch C – Fa0/0
F. Switch C – Fa0/1
Answer: B C D
Explanation
First by comparing their MAC addresses we learn that switch B will be root bridge as it has lowest
MAC. Therefore all of its ports are designated ports -> C & D are correct.
On the link between switch A & switch C there must have one designated port and one non-designated
(blocked) port. We can figure out which port is designated port by comparing their MAC address again.
A has lower MAC so Fa0/1 of switch A will be designated port while Fa0/1 of switch C will be blocked
-> B is correct.
Question 2
If the primary root bridge experiences a power loss, which switch takes over?
A. switch 0040.0ВС0.90C5
B. switch 00E0.F90B.6BE3
C. switch 0004.9A1A.C182
D. switch 00E0.F726.3DC6
Answer: C
Explanation
The switches compare their Bridge ID with each other to find out who will be the root bridge. The root
bridge is the bridge with the lowest bridge ID.
Bridge ID = Bridge Priority + MAC Address
In this question the bridge priority was not mentioned so we suppose they are the same. Therefore
the switch with lowest MAC address will become the new root bridge.
Question 3
Answer: B C D
Explanation
-> B is correct.
Question 4
If primary and secondary root switches with priority 16384 both experience catastrophic losses, which
tertiary switch can take over?
A. a switch with priority 20480
B. a switch with priority 8192
C. a switch with priority 4096
D. a switch with priority 12288
Answer: A
Explanation
This is a tricky question. We know the switch with lowest value of priority is elected the root switch.
Therefore in this question the switches with priority of 4096, 8192, 12288 (which are lower than the
current value of the root bridge 16384) are not joining the root bridge election by somehow. The only
suitable answer is the switch with priority 20480 will become the root bridge.
Question 5
Which spanning-tree protocol rides on top of another spanning-tree protocol?

A. MSTP
B. RSTP
C. PVST+
D. Mono Spanning Tree
Answer: A
Explanation
Multiple Spanning Tree (MST) rides on top of RSTP so it converges very fast. The idea behind MST is
that some VLANs can be mapped to a single spanning tree instance because most networks do not
need more than a few logical topologies.
Question 6
Which IEEE standard does PVST+ use to tunnel information?

A. 802.1x
B. 802.1q
C. 802.1w
D. 802.1s
Answer: B
Explanation
Cisco developed PVST+ to allow strolling numerous STP instances, even over an 802.1Q network via
the use of a tunneling mechanism. PVST+ utilizes Cisco gadgets to hook up with a Mono Spanning
Tree area to a PVST+ region. No particular configuration is needed to attain this. PVST+ affords assist
for 802.1Q trunks and the mapping of a couple of spanning trees to the single spanning tree of
popular 802.1Q switches strolling Mono Spanning Tree.
Question 7
Which process is associated with spanning-tree convergence?

A. determining the path cost
B. electing designated ports
C. learning the sender bridge ID
D. assigning the port ID
Answer: B
Explanation
SPT must performs three steps to provide a loop-free network topology:
1. Elects one root bridge

2. Select one root port per nonroot bridge
3. Select one designated port on each network segment -> Answer B is correct.
Question 8
Refer to the exhibit. The output that is shown is generated at a switch. Which three of these
statements are true? (Choose three)
A. All ports will be in a state of discarding, learning or forwarding.

B. Thirty VLANs have been configured on this switch.
C. The bridge priority is lower than the default value for spanning tree.
D. All interfaces that are shown are on shared media.
E. All designated ports are in a forwarding state.
F. The switch must be the root bridge for all VLANs on this switch.
Answer: A C E
Explanation
From the output, we see that all ports are in Designated role (forwarding state) -> A and E are
correct.
The command “show spanning-tree vlan 30″ only shows us information about VLAN 30. We don’t
know how many VLAN exists in this switch -> B is not correct.
The bridge priority of this switch is 24606 which is lower than the default value bridge priority 32768
-> C is correct.
All three interfaces on this switch have the connection type “p2p”, which means Point-to-point
environment – not a shared media -> D is not correct.
The only thing we can specify is this switch is the root bridge for VLAN 30 but we can not guarantee it
is also the root bridge for other VLANs -> F is not correct.
Question 9
Answer: B C D
Explanation
-> B is correct.
Question 10
When an interface is configured with PortFast BPDU guard, how does the interface respond when it
receives a BPDU?
A. It continues operating normally.
B. It goes into an errdisable state.
C. It goes into a down/down state.
D. It becomes the root bridge for the configured VLAN.
Answer: B
Explanation
PortFast BPDU guard prevents loops by moving a nontrunking port into an errdisable state when a
BPDU is received on that port. When you enable BPDU guard on the switch, spanning tree shuts down
PortFast-configured interfaces that receive BPDUs instead of putting them into the spanning tree
blocking state.
In a valid configuration, PortFast-configured interfaces do not receive BPDUs (because PortFast should
only be configured on interfaces which are connected to hosts). If a PortFast-configured interface
receives a BPDU, an invalid configuration exists. BPDU guard provides a secure response to invalid
configurations because the administrator must manually put the interface back in service.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4000/8-
2glx/configuration/guide/stp_enha.html
STP Questions 2
Question 1
Which spanning-tree feature places a port immediately into a forwarding stated?
A. BPDU guard
B. PortFast
C. loop guard
D. UDLD
E. Uplink Fast
Answer: B
Explanation
When you enable PortFast on the switch, spanning tree places ports in the forwarding state
immediately, instead of going through the listening, learning, and forwarding states.
Question 2
Which switch would STP choose to become the root bridge in the selection process?
A. 32768: 11-22-33-44-55-66
B. 32768: 22-33-44-55-66-77
C. 32769: 11-22-33-44-55-65
D. 32769: 22-33-44-55-66-78
Answer: A
Question 3
Which type does a port become when it receives the best BPDU on a bridge?
A. The designated port

B. The backup port
C. The alternate port
D. The root port
Answer: D
Explanation
Root port is the port on non-root bridge which is closest to the root bridge (in term of cost). Therefore
when a port receives the best BPDU on a non-root bridge it will become the root port.
Question 4
Which value can you modify to configure a specific interface as the preferred forwarding interface?
A. The interface number

B. The port priority
C. The VLAN priority
D. The hello time
Answer: B
Explanation
We can configure the port priority to change the preferred forwarding interface as we wish. For
example we can change the port priority of an interface for VLAN 20 to 64 as follows:
Switch(config-if)#spanning-tree vlan 20 port-priority 64
Question 5
What is one benefit of PVST+?

A. PVST+ reduces the CPU cycles for all the switches in the network.
B. PVST+ automatically selects the root bridge location, to provide optimization.
C. PVST+ allows the root switch location to be optimized per vlan.
D. PVST+ supports Layer 3 load balancing without loops.
Answer: C
Explanation
Per VLAN Spanning Tree (PVST) maintains a spanning tree instance for each VLAN configured in the
network. It means a switch can be the root bridge of a VLAN while another switch can be the root
bridge of other VLANs in a common topology. For example, Switch 1 can be the root bridge for Voice
data while Switch 2 can be the root bridge for Video data. If designed correctly, it can optimize the
network traffic.
Question 6
Three switches are connected to one another via trunk ports. Assuming the default switch
configuration, which switch is elected as the root bridge for the spanning-tree instance of VLAN 1?
A. the switch with the highest MAC address

B. the switch with the lowest MAC address
C. the switch with the highest IP address
D. the switch with the lowest IP address
Answer: B
Question 7
Which protocol is a Cisco proprietary implementation of STP?
A. CST
B. RSTP
C. MSTP
D. PVST+
Answer: D
Question 8
A BPDU guard is configured on an interface that has PortFast enable. Which state does the interface
enter when it receives a BPDU?
A. Blocking
B. Shutdown
C. Listening
D. Errdisable
Answer: D
Explanation
PortFast BPDU guard prevents loops by moving a nontrunking port into an errdisable state when a
BPDU is received on that port.
In a valid configuration, PortFast-configured interfaces do not receive BPDUs (because PortFast should
only be configured on interfaces which are connected to hosts). If a PortFast-configured interface
receives a BPDU, an invalid configuration exists. BPDU guard provides a secure response to invalid
configurations because the administrator must manually put the interface back in service.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4000/8-
2glx/configuration/guide/stp_enha.html
Question 9
Which two protocols are used by bridges and/or switches to prevent loops in a layer 2 network?
(Choose two)
A. 802.1D
B. VTP
C. 802.1Q
D. SAP
E. STP
Answer: A E
Question 10
Refer to the exhibit. Which switch provides the spanning-tree designated port role for the network
segment that services the printers?
A. Switch1
B. Switch2
C. Switch3
D. Switch4
Answer: C
Explanation
First, the question asks what switch services the printers, so it can be Switch 3 or Switch 4 which is
connected directly to the Printers.
Next, by comparing the MAC address of Switch 3 and Switch 4 we found that the MAC of Switch 3 is
smaller. Therefore the interface connected to the Printers of Switch 3 will become designated interface
and the interface of Switch 4 will be blocked. The picture below shows the roles of all ports:
DP: Designated Port

RP: Root Port
BP: Blocked Port
(Please notice that Switch 1 will become the root bridge because of its lowest priority, not Switch 3)
Question 11
When you enable PortFast on a switch port, the port immediately transitions to which state?
A. Blocking
B. Forwarding
C. Learning
D. Listening
Answer: B
Explanation
PortFast causes a switch or trunk port to enter the spanning tree forwarding state immediately,
bypassing the listening and learning states.
Question 12
What can you change to select switch as root bridge?
A. make lower priority

B. make higher priority
C. make lower path cost
D. make higher path cost
Answer: A
Question 13
Which type of port role does not participate in STP calculation?
A. Listening
B. Learning
C. Forwarding
D. Discarding
Answer: D
Question 14
Which statement about spanning-tree root-bridge election is true?
A. It is always performed automatically

B. Each VLAN must have its own root bridge
C. Each VLAN must use the same root bridge
D. Each root bridge must reside on the same root switch
Answer: B
Explanation
Answer A is not correct as we can choose which switch to become root bridge by configuring bridge
priority. The switch with lowest bridge priority (value) would become the root bridge.
For answer B, this paragraph from Cisco confirms it is the correct answer:
“When you implement a root bridge in a switching network, you usually refer to the root bridge as the
root switch. Each VLAN must have its own root bridge because each VLAN is a separate broadcast
domain. The roots for the different VLANs can all reside in a single switch or in various switches.”
Reference: https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/5234-
5.html
The meaning of answer C is not clear but maybe it means “every VLAN must use the same root
bridge” which is not correct as Sw1 can be the root bridge for VLANs 1, 3, 5 but Sw2 can be the root
bridge for VLAN 2, 4, 6…
From the quote above we can say answer D is not correct.

RSTP Questions
Question 1
Which two spanning-tree port states does RSTP combine to allow faster convergence? (Choose two)
A. discarding
B. listening
C. blocking
D. forwarding
E. learning
Answer: B C
Explanation
There are only three port states left in RSTP that correspond to the three possible operational states.
The 802.1D blocking, and listening states are merged into the 802.1w discarding state.
* Discarding – the port does not forward frames, process received frames, or learn MAC addresses –
but it does listen for BPDUs (like the STP blocking state)
* Learning – receives and transmits BPDUs and learns MAC addresses but does not yet forward
frames (same as STP).
* Forwarding – receives and sends data, normal operation, learns MAC address, receives and
transmits BPDUs (same as STP).
STP State (802.1d) RSTP State (802.1w)
Blocking Discarding
Listening Discarding
Learning Learning
Forwarding Forwarding
Although the learning state is also used in RSTP but it only takes place for a short time as compared
to STP. RSTP converges with all ports either in forwarding state or discarding state.
Question 2
Refer to the exhibit. Each of these four switches has been configured with a hostname, as well as
being configured to run RSTP. No other configuration changes have been made. Which three of these
show the correct RSTP port roles for the indicated switches and interfaces? (Choose three)
A. SwitchA, Fa0/2, designated
B. SwitchA, Fa0/1, root
C. SwitchB, Gi0/2, root
D. SwitchB, Gi0/1, designated
E. SwitchC, Fa0/2, root
F. SwitchD, Gi0/2, root
Answer: A B F
Explanation
The question says “no other configuration changes have been made” so we can understand these
switches have the same bridge priority. Switch C has lowest MAC address so it will become root bridge
and 2 of its ports (Fa0/1 & Fa0/2) will be designated ports -> E is incorrect.
Because SwitchC is the root bridge so the 2 ports nearest SwitchC on SwitchA (Fa0/1) and SwitchD
(Gi0/2) will be root ports -> B and F are correct.
Now we come to the most difficult part of this question: SwitchB must have a root port so which port
will it choose? To answer this question we need to know about STP cost and port cost.
In general, “cost” is calculated based on bandwidth of the link. The higher the bandwidth on a
link, the lower the value of its cost. Below are the cost values you should memorize:
Link speed Cost
10Mbps 100
100Mbps 19
1 Gbps 4
SwitchB will choose the interface with lower cost to the root bridge as the root port so we must
calculate the cost on interface Gi0/1 & Gi0/2 of SwitchB to the root bridge. This can be calculated from
the “cost to the root bridge” of each switch because a switch always advertises its cost to the
root bridge in its BPDU. The receiving switch will add its local port cost value to the cost in the
BPDU.
In the exhibit you also we FastEthernet port is connecting to GigabitEthernet port. In this case
GigabitEthernet port will operate as a FastEthernet port so the link can be considered as FastEthernet
to FastEthernet connection.
One more thing to notice is that a root bridge always advertises the cost to the root bridge (itself) with
an initial value of 0.
Now let’s have a look at the topology again
SwitchC advertises its cost to the root bridge with a value of 0. Switch D adds 19 (the cost value of
100Mbps link although the port on Switch D is GigabitEthernet port) and advertises this value (19) to
SwitchB. SwitchB adds 4 (the cost value of 1Gbps link) and learns that it can reach SwitchC via Gi0/1
port with a total cost of 23. The same process happens for SwitchA and SwitchB learns that it can
reach SwitchC via Gi0/2 with a total cost of 38 -> Switch B chooses Gi0/1 as its root port -> D is not
correct.
Now our last task is to identify the port roles of the ports between SwitchA & SwitchB. It is rather easy
as the MAC address of SwitchA is lower than that of SwitchB so Fa0/2 of SwitchA will be designated
port while Gi0/2 of SwitchB will be alternative port -> A is correct but C is not correct.
Below summaries all the port roles of these switches:

+ DP: Designated Port (forwarding state)
+ RP: Root Port (forwarding state)
+ AP: Alternative Port (blocking state)
Question 3
Which two switch states are valid for 802.1w? (Choose two)
A. listening
B. backup
C. disabled
D. learning
E. discarding
Answer: D E
Explanation
IEEE 802.1w is Rapid Spanning Tree Protocol (RSTP). There are only three port states left in RSTP that
correspond to the three possible operational states. The 802.1D disabled, blocking, and listening
states are merged into the 802.1w discarding state.
* Discarding – the port does not forward frames, process received frames, or learn MAC addresses –
but it does listen for BPDUs (like the STP blocking state)
* Learning – receives and transmits BPDUs and learns MAC addresses but does not yet forward
frames (same as STP).
* Forwarding – receives and sends data, normal operation, learns MAC address, receives and
transmits BPDUs (same as STP).
Question 4
Which two states are the port states when RSTP has converged? (choose two)
A. discarding
B. learning
C. disabled
D. forwarding
E. listening
Answer: A D
Explanation
RSTP only has 3 port states that are discarding, learning and forwarding. When RSTP has converged
there are only 2 port states left: discarding and forwarding.
Question 5
Which three statements about RSTP are true? (choose three)
A. RSTP significantly reduces topology reconverging time after a link failure.

B. RSTP expends the STP port roles by adding the alternate and backup roles.
C. RSTP port states are blocking, discarding, learning, or forwarding.
D. RSTP also uses the STP proposal-agreement sequence.
E. RSTP use the same timer-based process as STP on point-to-point links.
F. RSTP provides a faster transition to the forwarding state on point-to-point links than STP does.
Answer: A B F
Question 6
Which command enables RSTP on a switch?
A. spanning-tree mode rapid-pvst

B. spanning-tree uplinkfast
C. spanning-tree backbonefast
D. spanning-tree mode mst
Answer: A
Question 7
Which two of these statements regarding RSTP are correct? (Choose two)
A. RSTP cannot operate with PVST+.

B. RSTP defines new port roles.
C. RSTP defines no new port states.
D. RSTP is a proprietary implementation of IEEE 802.1D STP.
E. RSTP is compatible with the original IEEE 802.1D STP.
Answer: B E
Question 8
Refer to the exhibit. At the end of an RSTP election process, which access layer switch port will
assume the discarding role?
A. Switch3, port fa0/1
B. Switch3, port fa0/12
C. Switch4, port fa0/11
D. Switch4, port fa0/2
E. Switch3, port Gi0/1
Answer: C
Explanation
In this question, we only care about the Access Layer switches (Switch3 & 4). Switch 3 has a lower
bridge ID than Switch 4 (because the MAC of Switch3 is smaller than that of Switch4) so both ports of
Switch3 will be in forwarding state. The alternative port will surely belong to Switch4.
Switch4 will need to block one of its ports to avoid a bridging loop between the two switches. But how
does Switch4 select its blocked port? Well, the answer is based on the BPDUs it receives from Switch3.
A BPDU is superior than another if it has:
1. A lower Root Bridge ID

2. A lower path cost to the Root
3. A lower Sending Bridge ID
4. A lower Sending Port ID
These four parameters are examined in order. In this specific case, all the BPDUs sent by Switch3
have the same Root Bridge ID, the same path cost to the Root and the same Sending Bridge ID. The
only parameter left to select the best one is the Sending Port ID (Port ID = port priority + port index).
In this case the port priorities are equal because they use the default value, so Switch4 will compare
port index values, which are unique to each port on the switch, and because Fa0/12 is inferior to
Fa0/1, Switch4 will select the port connected with Fa0/1 (of Switch3) as its root port and block the
other port -> Port fa0/11 of Switch4 will be blocked (discarding role).
If you are still not sure about this question, please read my RSTP tutorial.
Question 9
Which option describes how a switch in rapid PVST+ mode responds to a topology change?
A. It immediately deletes dynamic MAC addresses that were learned by all ports on the switch.
B. It sets a timer to delete all MAC addresses that were learned dynamically by ports in the same STP
instance.
C. It sets a timer to delete dynamic MAC addresses that were learned by all ports on the switch.
D. It immediately deletes all MAC addresses that were learned dynamically by ports in the same STP
instance.
Answer: B
Explanation
For PVST and PVST+, any change in the STP topology will result in a Topology Change Notification
(TCN) BPDU. The TCN tells the switches that a change in the topology table has occurred, and they
must therefore flush their Content-Addressable Memory (CAM) tables. Switches will set their CAM
tables to age out after ForwardDelay seconds, which is 15 seconds by default. In other words, if a host
doesn’t send traffic within 15 seconds to update the CAM table, the switch will have to begin flooding
traffic to that host. This can lead to excessive amounts of flooded traffic.
For more information please read: http://www.cisco.com/c/en/us/support/docs/lan-

switching/spanning-tree-protocol/12013-17.html
VTP Questions
Question 1
Which protocol supports sharing the VLAN configuration between two or more switches?
A. multicast
B. STP
C. VTP
D. split-horizon
Answer: C
Explanation
With VTP, switches can learn VLAN configuration of other switches dynamically.
Question 2
How to enable VLANs automatically across multiple switches?
A. Configure VLAN
B. Confiture NTP
C. Configure each VLAN
D. Configure VTP
Answer: D
Explanation
VLAN Trunking Protocol (VTP) allows a network manager to configure a switch so that it will propagate
VLAN configurations to other switches in the network automatically.
Question 3
Which VTP mode can not make a change to vlan?
A. Server
B. Client
C. Transparent
D. Off
Answer: B
Explanation
Only VTP Client cannot make a change to VLAN.
Question 4
Which DTP switch port mode allows the port to create a trunk link if the neighboring port is in trunk
mode, or desirable auto mode?
A. Dynamic auto
B. Trunk
C. Dynamic desirable
D. Access
Answer: A
Explanation
The Dynamic Trunking Protocol (DTP) is a proprietary networking protocol developed by Cisco for the
purpose of negotiating trunking on a link between two switches, and for negotiating the type of
trunking encapsulation to be used.
In dynamic auto mode, the interface is able to convert the link to a trunk link. The interface
becomes a trunk interface if the neighboring interface is set to trunk or desirable mode. The
default switchport mode for newer Cisco switch Ethernet interfaces is dynamic auto. Note that if two
Cisco switches are left to the common default setting of auto, a trunk will never form.
In fact two other answers (“trunk” and “dynamic desirable”) are also correct but “dynamic auto” is the
best choice that fits the requirements, no more no less. For “dynamic desirable” mode, the interface
becomes a trunk interface if the neighboring interface is set to trunk, desirable, or auto mode.
Question 5
To configure the VLAN trunking protocol to communicate VLAN information between two switches,
what two requirements must be met? (Choose two)
A. Each end of the trunk line must be set to IEEE 802.1E encapsulation.
B. The VTP management domain name of both switches must be set the same.
C. All ports on both the switches must be set as access ports.
D. One of the two switches must be configured as a VTP server.
E. A rollover cable is required to connect the two switches together.
F. A router must be used to forward VTP traffic between VLANs.
Answer: B D
Explanation
In Cisco switches there are two encapsulations: 802.1q and ISL so we can set two ends to ISL instead
-> A is not correct.
The ports between two switches must be set to trunk ports so that they can exchange VLAN
information through VTP -> C is not correct.
To connect two switches we can use cross-over cable or straight-through cable (because modern Cisco
switches can “auto-sense”) but not rollover cable -> E is not correct.
To forward traffic in the same VLAN (between two or more switches) we can use switches only. If we
want to forward VTP traffic between different VLANs we can use either a router or a Layer 3 switch ->
F is not correct.
Two switches can only communicate when they are set to the same VTP domain name (and the same
VTP password) -> B is correct.
One of the two switches must be set to VTP Server so that it can create VTP updates and advertise its
VLAN information.
Question 6
What are the requirements for running VTP? (Choose two)
A. VTP domain names must be different

B. VTP domain names must be the same
C. VTP server must have the highest revision numbers
D. All devices need to have the same VTP version
Answer: B D
Port Security Questions

A network administrator needs to configure port security on a switch. Which two statements are true?
(Choose two)
A. The network administrator can apply port security to dynamic access ports
B. The network administrator can configure static secure or sticky secure mac addresses in the voice
vlan.
C. The sticky learning feature allows the addition of dynamically learned addresses to the running
configuration.
D. The network administrator can apply port security to EtherChannels.
E. When dynamic mac address learning is enabled on an interface, the switch can learn new addresses
up to the maximum defined.
Answer: C E
Explanation
Follow these guidelines when configuring port security:

+ Port security can only be configured on static access ports, trunk ports, or 802.1Q tunnel
ports. -> A is not correct.
+ A secure port cannot be a dynamic access port.
+ A secure port cannot be a destination port for Switched Port Analyzer (SPAN).
+ A secure port cannot belong to a Fast EtherChannel or Gigabit EtherChannel port group. -> D is not
correct
+ You cannot configure static secure or sticky secure MAC addresses on a voice VLAN. -> B
is not correct.
+ When you enable port security on an interface that is also configured with a voice VLAN, you must
set the maximum allowed secure addresses on the port to at least two.
+ If any type of port security is enabled on the access VLAN, dynamic port security is automatically
enabled on the voice VLAN.
+ When a voice VLAN is configured on a secure port that is also configured as a sticky secure port, all
addresses seen on the voice VLAN are learned as dynamic secure addresses, and all addresses seen
on the access VLAN (to which the port belongs) are learned as sticky secure addresses.
+ The switch does not support port security aging of sticky secure MAC addresses.
+ The protect and restrict options cannot be simultaneously enabled on an interface.
(Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-
1_19_ea1/configuration/guide/3550scg/swtrafc.html#wp1038546)
Note: Dynamic access port or Dynamic port VLAN membership must be connected to an end station.
This type of port can be configured with the “switchport access vlan dynamic” command in the
interface configuration mode. Please read more about Dynamic access port
here: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-
1_19_ea1/configuration/guide/3550scg/swvlan.html#wp1103064
Question 2
The network administrator normally establishes a Telnet session with the switch from host A. The
administrator’s attempt to establish a connect via Telnet to the switch from host B fails, but pings
from host B to other two hosts are successful. What is the issue for this problem?
A. Host B and the switch need to be in the same subnet.

B. The switch needs an appropriate default gateway assigned.
C. The switch interface connected to the router is down.
D. Host B need to be assigned an IP address in vlan 1.
Answer: B
Explanation
Host A (172.19.1.1) and the management IP address of the Switch (172.19.1.250) are in the same
subnet so telnet from host A to the switch can be successful even if a default gateway is not set on
host A.
But host B (172.19.32.2) and the management IP address of the Switch (172.19.1.250) are not in the
same subnet so host B needs a default gateway to telnet to the switch. The default gateway on host B
should be 172.19.32.254.
Question 3
Which option is the default switch port port-security violation mode?
A. shutdown
B. protect
C. shutdown vlan
D. restrict
Answer: A
Explanation
Shutdown is the default switch port port-security violation mode. When in this mode, the switch will
automatically force the switchport into an error disabled (err-disable) state when a violation occurs.
While in this state, the switchport forwards no traffic. The switchport can be brought out of this error
disabled state by issuing the errdisable recovery cause CLI command or by disabling and re-enabling
the switchport.
Question 4
By default, how many MAC addresses are permitted to be learned on a switch port with port security
enabled?
A. 8
B. 2
C. 1
D. 0
Answer: C
Explanation
By default, port security limits the MAC address that can connect to a switch port to one. If the
maximum number of MAC addresses is reached, when another MAC address attempting to access the
port a security violation occurs.
Question 5
Which set of commands is recommended to prevent the use of a hub in the access layer?
A.
switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security maximum 1
B.
switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security mac-address 1
C.
switch(config-if)#switchport mode access
switch(config-if)#switchport port-security maximum 1
D.
switch(config-if)#switchport mode access
switch(config-if)#switchport port-security mac-address 1
Answer: C
Explanation
Port security is only used on access port (which connects to hosts) so we need to set that port to
“access” mode, then we need to specify the maximum number of hosts which are allowed to connect
to this port -> C is correct.
Note: If we want to allow a fixed MAC address to connect, use the “switchport port-security mac-
address ” command.
Question 6
Select the action that results from executing these commands:
Switch(config-if)# switchport port-security

Switch(config-if)# switchport port-security mac-address sticky
A. A dynamically learned MAC address is saved in the startup-configuration file.

B. A dynamically learned MAC address is saved in the running-configuration file.
C. A dynamically learned MAC address is saved in the VLAN database.
D. Statically configured MAC addresses are saved in the startup-configuration file if frames from that
address are received.
E. Statically configured MAC addresses are saved in the running-configuration file if frames from that
address are received.
Answer: B
Explanation
The full syntax of the second command is:
switchport port-security mac-address sticky [MAC]
If we don’t specify the MAC address (like in this question) then the switch will dynamically learn the
attached MAC Address and place it into your running-configuration -> B is correct.
Question 7
Refer to the exhibit. The following commands are executed on interface fa0/1 of 2950Switch.
2950Switch(config-if)#switchport port-security
2950Switch(config-if)#switchport port-security mac-address sticky
2950Switch(config-if)#switchport port-security maximum 1
The Ethernet frame that is shown arrives on interface fa0/1. What two functions will occur when this
frame is received by 2950Switch? (Choose two)
A. The MAC address table will now have an additional entry of fa0/1 FFFF.FFFF.FFFF.
B. Only host A will be allowed to transmit frames on fa0/1.
C. This frame will be discarded when it is received by 2950Switch.
D. All frames arriving on 2950Switch with a destination of 0000.00aa.aaaa will be forwarded out
fa0/1.
E. Hosts B and C may forward frames out fa0/1 but frames arriving from other switches will not be
forwarded out fa0/1.
F. Only frames from source 0000.00bb.bbbb, the first learned MAC address of 2950Switch, will be
forwarded out fa0/1.
Answer: B D
Explanation
The first command 2950Switch(config-if)#switchport port-security is to enable the port-security

in a switch port.
In the second command 2950Switch(config-if)#switchport port-security mac-address sticky,

we need to know the full syntax of this command is switchport port-security mac-address sticky
[MAC]. The STICKY keyword is used to make the MAC address appear in the running configuration
and you can save it for later use. If you do not specify any MAC addresses after the STICKY keyword,
the switch will dynamically learn the attached MAC Address and place it into your running-
configuration. In this case, the switch will dynamically learn the MAC address 0000.00aa.aaaa of host
A and add this MAC address to the running configuration.
In the last command 2950Switch(config-if)#switchport port-security maximum 1 you limited

the number of secure MAC addresses to one and dynamically assigned it (because no MAC address is
mentioned, the switch will get the MAC address of the attached MAC address to interface fa0/1), the
workstation attached to that port is assured the full bandwidth of the port.Therefore only host A will
be allowed to transmit frames on fa0/1 -> B is correct.
After you have set the maximum number of secure MAC addresses for interface fa0/1, the secure
addresses are included in the “Secure MAC Address” table (this table is similar to the Mac Address
Table but you can only view it with the show port-security address command). So in this question,
although you don’t see the MAC address of host A listed in the MAC Address Table but frames with a
destination of 0000.00aa.aaaa will be forwarded out of fa0/1 interface -> D is correct.
Question 8
Which two commands correctly verify whether port security has been configured on port FastEthernet
0/12 on a switch? (Choose two)
A. SW1# show switchport port-security interface FastEthernet 0/12

B. SW1# show switchport port-secure interface FastEthernet 0/12
C. SW1# show port-security interface FastEthernet 0/12
D. SW1# show running-config
Answer: C D
Explanation
We can verify whether port security has been configured by using the “show running-config” or “show
port-security interface ” for more detail. An example of the output of “show port-security interface ”
command is shown below:
Question 9
Refer to the exhibit. A junior network administrator was given the task of configuring port security on
SwitchA to allow only PC_A to access the switched network through port fa0/1. If any other device is
detected, the port is to drop frames from this device. The administrator configured the interface and
tested it with successful pings from PC_A to RouterA, and then observes the output from these two
show commands.
Which two of these changes are necessary for SwitchA to meet the requirements? (Choose two)
A. Port security needs to be globally enabled.

B. Port security needs to be enabled on the interface.
C. Port security needs to be configured to shut down the interface in the event of a violation.
D. Port security needs to be configured to allow only one learned MAC address.
E. Port security interface counters need to be cleared before using the show command.
F. The port security configuration needs to be saved to NVRAM before it can become active.
Answer: B D
Explanation
As we see in the output, the “Port Security” is in “Disabled” state (line 2 in the output). To enable Port
security feature, we must enable it on that interface first with the command:
SwitchA(config-if)#switchport port-security
-> B is correct.
Also from the output, we learn that the switch is allowing 2 devices to connect to it (switchport port-
security maximum 2) but the question requires allowing only PC_A to access the network so we need
to reduce the maximum number to 1 -> D is correct.
Question 10
Which condition does the err-disabled status indicate on an Ethernet interface?

A. There is a duplex mismatch.
B. The device at the other end of the connection is powered off.
C. The serial interface is disabled.
D. The interface is configured with the shutdown command.
E. Port security has disabled the interface.
F. The interface is fully functioning.
Answer: E
Explanation
There are various reasons for the interface to go into errdisable. The reason can be:
+ Duplex mismatch
+ Port channel misconfiguration
+ BPDU guard violation
+ UniDirectional Link Detection (UDLD) condition
+ Late-collision detection
+ Link-flap detection
+ Security violation
+ Port Aggregation Protocol (PAgP) flap
+ Layer 2 Tunneling Protocol (L2TP) guard
+ DHCP snooping rate-limit
+ Incorrect GBIC / Small Form-Factor Pluggable (SFP) module or cable
+ Address Resolution Protocol (ARP) inspection
+ Inline power
Reference: http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/69980-
errdisable-recovery.html
Therefore in fact there are two correct answers in this question, which are “There is a duplex
mismatch” and “Port security has disabled the interface” but maybe you should choose the port
security answer as it is the most popular reason.
Question 11
Which port security mode can assist with troubleshooting by keeping count of violations?
A. access
B. protect
C. restrict
D. shutdown
Answer: C
Question 12
Which port security violation mode allows traffic from valid mac address to pass but block traffic from
invalid MAC address?
A. protect
B. shutdown
C. shutdown vlan
D. restrict
Answer: A
Explanation
In fact both “protect” and “restrict” mode allows traffic from passing with a valid MAC address so this
question is not good. This is a quote from Cisco for these two modes:
protect: drops packets with unknown source addresses until you remove a sufficient number of
secure MAC addresses to drop below the maximum value.
restrict: drops packets with unknown source addresses until you remove a sufficient number of
secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to
increment.
Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-
2SX/configuration/guide/book/port_sec.pdf
Therefore the only difference between these two modes is “restrict” mode causes the SecurityViolation
counter to increment (only useful for statistics).
Question 13
Which type of secure MAC address must be configured manually?
A. dynamic
B. bia
C. static
D. sticky
Answer: C
SPAN Questions
Question 1
Which feature can you use to monitor traffic on a switch by replicating it to another port or ports on
the same switch?
A. copy run start
B. traceroute
C. the ICMP Echo IP SLA
D. SPAN
Answer: D
Explanation
Switched Port Analyzer (SPAN) is used to analyze network traffic passing through ports on a switch.
For example we can configure the Switch to monitor its interface Fa0/0, which connects to the Core,
by sending all traffic to/from Fa0/0 to its Fa0/1 interface. At Fa0/1 interface we connect to a computer
and use such a software like Wireshark to capture the packets.
EtherChannel Questions
Question 1
Refer to the exhibit. While troubleshooting a switch, you executed the “show interface port-channel 1
etherchannel” command and it returned this output. Which information is provided by the Load value?
A. the percentage of use of the link

B. the preference of the link
C. the session count of the link
D. the number source-destination pairs on the link
Answer: D
Explanation
The way EtherChannel load balancing works is that the switch assigns a hash result from 0-7 based on
the configured hash method ( load balancing algorithm ) for the type of traffic. This hash result is
commonly called as Result Bundle Hash (RBH).
Now we need to convert Load value from Hexadecimal to Binary numbers. Therefore:
+ Gi1/1: 36 (Hex) = 00110110 (Bin) -> Bits 3, 4, 6, 7 are chosen
+ Gi1/2: 84 (Hex) = 10000100 (Bin) -> Bits 1, 6 are chosen
+ Gi1/3: 16 (Hex) = 00010110 (Bin) -> Bits 4, 6, 7 are chosen
Therefore if the RBH is 3, it will choose Gi1/1. If RBH is 4, it will choose Gi1/1 and Gi1/3 interfaces. If
RBH is 6 it will choose all three above interfaces. And the bit sharing ratio is 3:3:2 (from “No of bits”
column) hence two links has higher probability of getting utilized as compared to the third link.
Question 2
What is the status of port-channel if LACP is misconfigured?

A. Forwarding
B. Enabled
C. Disabled
D. Errdisabled
Answer: C
Question 3
What parameter can be different on ports within an EtherChannel?

A. speed
B. DTP negotiation settings
C. trunk encapsulation
D. duplex
Answer: B
Explanation
All interfaces in an EtherChannel must be configured identically to form an EtherChannel. Specific
settings that must be identical include:
+ Speed settings
+ Duplex settings
+ STP settings
+ VLAN membership (for access ports)
+ Native VLAN (for trunk ports)
+ Allowed VLANs (for trunk ports)
+ Trunking Encapsulation (ISL or 802.1Q, for trunk ports)
Question 4
Standard industrialized protocol of Etherchannel?

A. LACP
B. PAGP
C. PRP
D. REP
Answer: A
Explanation
LACP is the IEEE Standard (IEEE 802.3ad) and is the most common dynamic Etherchannel protocol,
whereas PAgP is a Cisco proprietary protocol and works only between supported vendors and Cisco
devices.
Question 5
Which mode are in PAgP? (Choose two)

A. Auto
B. Desirable
C. Active
D. Passive
E. On
Answer: A B
Explanation
There are two PAgP modes:
Auto Responds to PAgP messages but does not aggressively negotiate a PAgP EtherChannel. A
channel is formed only if the port on the other end is set to Desirable. This is the default
mode.
Desirable Port actively negotiates channeling status with the interface on the other end of the link. A
channel is formed if the other side is Auto or Desirable.
The table below lists if an EtherChannel will be formed or not for PAgP:
PAgP Desirable Auto
Desirable Yes Yes
Auto Yes No
InterVLAN Routing
Question 1
Which type of device can be replaced by the use of subinterfaces for VLAN routing?
A. Layer 2 bridge
B. Layer 2 switch
C. Layer 3 switch
D. router
Answer: C
Question 2
Which technology can enable multiple VLANs to communicate with one another?
A. inter-VLAN routing using a Layer 3 switch

B. inter-VLAN routing using a Layer 2 switch
C. intra-VLAN routing using router on a stick
D. intra-VLAN routing using a Layer 3 switch
Answer: A
Question 3
Which configuration can you apply to enable encapsulation on a subinterface?

A. interface FastEthernet 0/0
encapsulation dot1Q 30
ip address 10.1.1.30 255.255.255.0
B. interface FastEthernet 0/0.30

ip address 10.1.1.30 255.255.255.0
C. interface FastEthernet 0/0.30

description subinterface vlan 30
D. interface FastEthernet 0/0.30

encapsulation dot1Q 30
ip address 10.1.1.30 255.255.255.0
Answer: D
Explanation
To enabe encapsulation on a subinterface we have type the “encapsulation” command under that
subinterface, not the main interface. An example of configuring encapsulation on subinterface of Fa0/1
is shown below:
Router(config)#interface f0/0
Router(config-if)#no shutdown
(Note: The main interface f0/0 doesn’t need an IP address but it must be turned on)
Router(config)#interface f0/0.0
Router(config-subif)#encapsulation dot1q 10
Router(config-subif)#ip address 192.168.1.1 255.255.255.0
Router(config-subif)#interface f0/0.1
Router(config-subif)#encapsulation dot1q 20
Router(config-subif)#ip address 192.168.2.1 255.255.255.0
Note: In the “encapsulation dot1q 10”, number 10 is the VLAN applied to that subinterface. Or you
can understand that the subinterface belongs to that VLAN.
Question 4
Which statement about slow inter VLAN forwarding is true?
A. The VLAN is experiencing slowness in the point-to-point collisionless connection.

B. The VLANs are experiencing slowness because multiple devices are connected to the same hub.
C. The local VLAN is working normally, but traffic to the alternate VLAN is forwarded slower than
expected.
D. The entire VLAN is experiencing slowness.
E. The VLANs are experiencing slowness due to a duplex mismatch.
Answer: E
Explanation
The causes of slow interVLAN are usually duplex mismatch or collision domain issues, user
misconfiguration. For more information please read: http://www.cisco.com/c/en/us/support/docs/lan-
switching/virtual-lans-vlan-trunking-protocol-vlans-vtp/23637-slow-int-vlan-
connect.html#troubleshoot_slow_interv
Question 5
Which function enables an administrator to route multiple VLANs on a router?

A. IEEE 802.1X
B. HSRP
C. port channel
D. router on a stick
Answer: D
Question 6
Which statement about a router on a stick is true?
A. Its date plane router traffic for a single VI AN over two or more switches.
B. It uses multiple subinterfaces of a single interface to encapsulate traffic for different VLANs on the
same subnet.
C. It requires the native VLAN to be disabled.
D. It uses multiple subinterfaces of a single interface to encapsulate traffic for different VLANs.
Answer: D
Question 7
Which two statements are true about interVLAN routing in the topology that is shown in the exhibit?
(Choose two)
A. Host E and host F use the same IP gateway address.

B. Routed and Switch2 should be connected via a crossover cable.
C. Router1 will not play a role in communications between host A and host D.
D. The FastEthernet 0/0 interface on Router1 must be configured with subinterfaces.
E. Router1 needs more LAN interfaces to accommodate the VLANs that are shown in the exhibit.
F. The FastEthernet 0/0 interface on Router1 and Switch2 trunk ports must be configured using the
same encapsulation type.
Answer: D F
Question 8
Which two steps must you perform to enable router-on-stick on a switch?
A. connect the router to a trunk port

B. configure the subinterface number exactly the same as the matching VLAN
C. configure full duplex
D. configure an ip route to the vlan destination network
E. assign the access port to the vlan
Answer: A E
Explanation
This question only asks about enable router-on-stick on a switch, not a router. We don’t have
subinterface on a switch so B is not a correct answer.
Question 9
The network shown in the diagram is experiencing connectivity problems. Which of the following will
correct the problems? (Choose two)
A. Configure the gateway on Host A as 10.1.1.1.

B. Configure the gateway on Host B as 10.1.2.254.
C. Configure the IP address of Host A as 10.1.2.2.
D. Configure the IP address of Host B as 10.1.2.2.
E. Configure the masks on both hosts to be 255.255.255.224.
F. Configure the masks on both hosts to be 255.255.255.240.
Answer: B D
Question 10
Which statement is true about router-on-stick?
A. When a router have multiple subnets on a single physical link

B. When a router have single subnet on multiple physical links
C. When a router have multiple interface on single physical links
D. When a router have single interface on multiple physical links
Answer: A
Question 11
Which functionality does an SVI provide?
A. OSI Layer 2 connectivity to switches

B. remote switch administration
C. traffic routing for VLANs
D. OSI Layer 3 connectivity to switches
Answer: C
Question 12
To enable router on a stick on a router subinterface, which two steps must you perform? (Choose two)
A. configure full duplex and speed

B. configure a default to route traffic between subinterfaces
C. configure the subinterface with an IP address
D. configure encapsulation dot1q
E. configure an ip route to the vlan destination network
Answer: C D
Router Questions
Question 1
Which step in the router boot process searches for an IOS image to load into the router?
A. bootstrap
B. POST
C. mini-IOS
D. ROMMON mode
Answer: A
Explanation
The following details the router boot process:

1. The router is powered on.
2. The router first runs Power-On Self Test (POST)
3. The bootstrap checks the Configuration Register value to specify where to load the IOS. By default
(the default value of Configuration Register is 2102, in hexadecimal), the router first looks for “boot
system” commands in startup-config file. If it finds these commands, it will run boot system
commands in order they appear in startup-config to locate the IOS. If not, the IOS image is loaded
from Flash . If the IOS is not found in Flash, the bootstrap can try to load the IOS from TFTP server or
from ROM (mini-IOS).
4. After the IOS is found, it is loaded into RAM.
5. The IOS attempts to load the configuration file (startup-config) from NVRAM to RAM. If the startup-
config is not found in NVRAM, the IOS attempts to load a configuration file from TFTP. If no TFTP
server responds, the router enters Setup Mode (Initial Configuration Mode).
For more information about booting process please read our Cisco Router Boot Sequence tutorial.
Question 2
If a router has four interfaces and each interface is connected to four switches, how many broadcast
domains are present on the router?
A. 1
B. 2
C. 4
D. 8
Answer: C
Explanation
Remember that only route interface can separate broadcast domain (while switch interface separate
collision domain) so the broadcast domains are equal to the number of router interfaces, which is four
in this case.
Question 3
What is the purpose of the POST operation on a router?
A. determine whether additional hardware has been added

B. locate an IOS image for booting
C. enable a TFTP server
D. set the configuration register
Answer: A
Explanation
In short, when powered on the router needs to do:
1. Run POST to check hardware

2. Search for a valid IOS (the Operating System of the router)
3. Search for a configuration file (all the configurations applied to this router)
Question 4
Which command can you execute to set the user inactivity timer to 10 seconds?
A. SW1(config-line)#exec-timeout 0 10
B. SW1(config-line)#exec-timeout 10
C. SW1(config-line)#absolute-timeout 0 10
D. SW1(config-line)#absolute-timeout 10
Answer: A
Explanation
The “exec-timeout” command is used to configure the inactive session timeout on the console port or
the virtual terminal. The syntax of this command is:
exec-timeout minutes [seconds]
Therefore we need to use the “exec-timeout 0 10” command to set the user inactivity timer to 10
seconds.
Question 5
After you configure the Loopback0 interface, which command can you enter to verify the status of the
interface and determine whether fast switching is enabled?
A. Router#show ip interface loopback 0

B. Router#show run
C. Router#show interface loopback 0
D. Router#show ip interface brief
Answer: A
Explanation
An example of the output of the “show ip interface loopback 0” is shown below.

Question 6
A Cisco router is booting and has just completed the POST process. It is now ready to find and load an
IOS image. What function does the router perform next?
A. It checks the configuration register

B. It attempts to boot from a TFTP server
C. It loads the first image file in flash memory
D. It inspects the configuration file in NVRAM for boot instructions
Answer: A
Explanation
When you turn the router on, it runs through the following boot process.
The Power-On Self Test (POST) checks the router’s hardware. When the POST completes successfully,
the System OK LED indicator comes on.
The router checks the configuration register to identify where to load the IOS image from. A setting of
0×2102 means that the router will use information in the startup-config file to locate the IOS image. If
the startup-config file is missing or does not specify a location, it will check the following locations for
the IOS image:
1. Flash (the default location)

2. TFTP server
3. ROM (used if no other source is found)
The router loads the configuration file into RAM (which configures the router). The router can load a
configuration file from:
+ NVRAM (startup-configuration file)
+ TFTP server
If a configuration file is not found, the router starts in setup mode.
Question 7
Which command is used to show the interface status of a router?
A. show interface status

B. show ip interface brief
C. show ip route
D. show interface
Answer: B
Explanation
The “show ip interface brief” command can be used to view a summary of the router interfaces. This
command displays the IP address, interface status, and additional information. An example of the
“show ip interface brief” command is shown below. We can see the interface status of E0/0 is “up/up”.
Question 8
Which of the following privilege level is the most secured?
A. Level 0
B. Level 1
C. Level 15
D. Level 16
Answer: C
Explanation
By default, the Cisco IOS CLI has two privilege levels enabled, level 1 and level 15.
+ User EXEC mode (privilege level 1): provides the lowest EXEC mode user privileges and allows only
user-level commands available at the Router> prompt.
+ Privileged EXEC mode (privilege level 15): includes all enable-level commands at
the Router# prompt. Level 15 users can execute all commands and this is the most secured and
powerful privilege level.
However, there are actually 16 privilege levels available on the CLI, from 0 to 15 and you can assign
users to any of those levels. Zero-level access allows only five commands -logout, enable, disable,
help, and exit. User level (level 1) provides very limited read-only access to the router, and privileged
level (level 15) provides complete control over the router.
Question 9
What to do when the router password was forgotten?

A. use default password cisco to reset
B. access router physically
C. use ssl/vpn
D. Type confreg 0x2142 at the rommon 1
Answer: D
Explanation
To reset the password we can type “confreg 0x2142” under rommon mode to set the configuration
register to 2142 in hexadecimal (the prefix 0x means hexadecimal (base 16)). With this setting when
that router reboots, it bypasses the startup-config.
Question 10
How do you configure a hostname?
A. Router(config)#hostname R1
B. Router#hostname R1
C. Router(config)#host name R1
D. Router>hostname R1
Answer: A
Question 11
Which two Cisco IOS commands, used in troubleshooting, can enable debug output to a remote
location? (Choose two)
A. no logging console
B. logging host ip-address
C. terminal monitor
D. show logging | redirect flashioutput.txt
E. snmp-server enable traps syslog
Answer: B C
Explanation
The “no logging console” turns off logging to the console connection (it is turned on by default) and it
is often used if the console received large amount of logging output. But this command is not
recommended in normal configuration -> A is not correct.
The command “logging host ip-address” instructs the device to send syslog messages to an external
syslog server -> B is correct.
The “show logging | redirect flashioutput.txt” command will put the text file in the router flash
memory because we did not specify a remote location (like tftp) -> D is not correct.
The command “snmp-server enable traps syslog” instructs the device to send syslog messages to your
network management server as SNMP traps instead of syslog packets. This command itself does not
enable debug output to a remote location -> E is not correct.
By default, Cisco IOS does not send log messages to a terminal session over IP, that is, telnet or SSH
connections don’t get log messages. But notice that console connections on a serial cable do have
logging enabled by default. The command “terminal monitor” helps logging messages appear on the
your terminal. First we don’t think this is a correct answer but after reading the question again, we
believe it is a suitable one as a Telnet/SSH session may be considered a “remote location” -> C is
correct.
Question 12
Which statement about recovering a password on a Cisco router is true?
A. The default reset password is cisco

B. It requires a secure SSL/VPN connection
C. A factory reset is required if you forget the password
D. It requires physical access to the router
Answer: D
Explanation
Other choices are surely incorrect so only “physical access” answer is the correct one. In order to
recover a password on a Cisco router, the first thing you have to do is either switch off or shut down
the router. For more information about this process, please
read http://www.cisco.com/c/en/us/support/docs/routers/2800-series-integrated-services-
routers/112033-c2900-password-recovery-00.html
Question 13
Refer to the exhibit. Why is flash memory erased prior to upgrading the IOS image from the
TFTP server?
Router# copy tftp flash
Address or name of remote host []? 192.168.2.167
Source filename []? c1600-k8sy-mz.123-16a.bin
Destination filename [c1600-k8sy-mz.123-16a.bin]?
Accessing tftp://192.168.2.167/ c1600-k8sy-mz.l23-16a.bin…
Erasing flash before copying? [confirm]
Erasing the flash filesystem will remove all files! continue? [confirm]
Erasing device
Eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Eeeeeeeeeeeeeeeeeeeeeeeeeeeeeee …erased
Erase of flash: complete
Loading c1600-k8sy-mz.l23-16a.bin from 192.168.2.167 (via Ethernet0):
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[OK – 6888962/13777920 bytes]
verifying checksum… OK (0x7BF3)

6888962 bytes copied in 209.920 secs (32961 bytes/sec)
Router#
A. The router cannot verify that the Cisco IOS image currently in flash is valid
B. Flash memory on Cisco routers can contain only a single IOS image.
C. Erasing current flash content is requested during the copy dialog.
D. In order for the router to use the new image as the default, it must be the only IOS image in flash.
Answer: C
Explanation
During the copy process, the router asked “Erasing flash before copying? [confirm]” and the
administrator confirmed (by pressing Enter) so the flash was deleted.
Note: In this case, the flash has enough space to copy a new IOS without deleting the current one.
The current IOS is deleted just because the administrator wants to do so. If the flash does not have
enough space you will see an error message like this:
%Error copying tftp://192.168.2.167/ c1600-k8sy-mz.l23-16a.bin (Not enough space on device)
Switch Stacking & Chassis Aggregation

Question 1
Which option is a benefit of switch stacking?
A. It provides redundancy with no impact on resource usage.

B. It simplifies adding and removing hosts.
C. It supports better performance of high-needs applications.
D. It provides higher port density with better resource usage.
Answer: D
Explanation
Switch stacking technology allows the network engineer to make that stack of physical switches act
like one switch. The stacking cables together make a ring between the switches. That is, the switches
connect in series, with the last switch connecting again to the first.
Answer B is not correct as switch stacking is about connecting switches together so that they act as
one switch, not about adding and removing hosts.
Answer C is not correct because switch stacking has nothing to do with performance of high-needs
applications.
Surely switch stacking provides redundancy as stacking creates a ring of connection with two opposite
paths. Whenever a frame is ready for transmission onto the path, a calculation is made to see which
path has the most available bandwidth. The entire frame is then copied onto this half of the path.
With switch stacking, STP, CDP and VTP would run on one switch, not multiple switches. Also there
would be one MAC address table, and it would reference all ports on all physical switches so we may
say switch stacking has better resource usage. Also if we consider all stacking switches as one logical
switch then surely the port density is increase very much. Therefore answer D is the most suitable
one.
switches/prod_white_paper09186a00801b096a.html
Question 2
Which two options describe benefits of aggregated chassis technology? (Choose two)
A. It reduces management overhead

B. Switches can be located anywhere regardless of there physical location
C. It requires only one IP address per VLAN
D. It requires only three IP addresses per VLAN
E. It supports HSRP VRRP GLBP
F. It support redundant configuration files
Answer: A C
Explanation
Chassis aggregation is a Cisco technology to make multiple switches operate as a single switch. It is
similar to stacking but meant for powerful switches (like the 6500 and 6800 series switches). Chassis
aggregation is often used in the core layer and distribution layer (while switching stacking is used for
access layer).
The books do not mention about the benefits of chassis aggregation but they are the same as switch
stacking.
+ The stack would have a single management IP address.

+ The engineer would connect with Telnet or SSH to one switch (with that one management IP
address), not multiple switches.
+ One configuration file would include all interfaces in all physical switches.
+ STP, CDP, VTP would run on one switch, not multiple switches.
+ The switch ports would appear as if all are on the same switch.
+ There would be one MAC address table, and it would reference all ports on all physical switches.
Reference: CCNA Routing and Switching ICND2 200-105 Official Cert Guide
VSS is a chassis aggregation technology but it is dedicated for Cisco Catalyst 6500 Series Switches.
VSS increases operational efficiency by simplifying the network, reducing switch management
overhead by at least 50 percent -> A is correct
Single point of management, IP address, and routing instance for the Cisco Catalyst 6500 virtual
switch
+ Single configuration file and node to manage. Removes the need to configure redundant switches
twice with identical policies.
+ Only one gateway IP address is required per VLAN, instead of the three IP addresses per
VLAN used today -> C is correct while D is not correct.
+ Removes the need for Hot Standby Router Protocol (HSRP), Virtual Router Redundancy Protocol
(VRRP), and Gateway Load Balancing Protocol (GLBP)-> so maybe E is not correct.
Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-virtual-
switching-system-1440/prod_qas0900aecd806ed74b.html
Question 3
How is master redundancy provided on a stacked switches?
A. 1:N
B. N:1
C. 1:1
D. 1+N
E. N+1
Answer: A
Explanation
1:N master redundancy: Every switch in the stack can act as the master. If the current master fails,
another master is elected from the stack.
1:N master redundancy allows each stack member to serve as a master, providing the highest
reliability for forwarding. Each switch in the stack can serve as a master, creating a 1:N availability
scheme for network control. In the unlikely event of a single unit failure, all other units continue to
forward traffic and maintain operation.
switches/prod_white_paper09186a00801b096a.html
Note:
N+1 simply means that there is a power backup in place should any single system component fail. The
‘N’ in this equation stands for the number of components necessary to run your system. The ‘+1’
means there is one independent backup should a component of that system fail. An example of “N+1”
is your family has 5 members, so you need 5 cups to drink. But you have one extra cup for
redundancy (6 cups in total) so that if any cup breaks, you still have enough cups for the family.
Access list Questions
Question 1
Which identification number is valid for an extended ACL?
A. 1
B. 64
C. 99
D. 100
E. 299
F. 1099
Answer: D
Explanation
Below is the range of standard and extended access list:
Access list type Range
Standard 1-99, 1300-1999
Extended 100-199, 2000-2699
In most cases we only need to remember 1-99 is dedicated for standard access lists while 100 to 199
is dedicated for extended access lists.
Question 2
Which statement about named ACLs is true?
A. They support standard and extended ACLs.

B. They are used to filter usernames and passwords for Telnet and SSH.
C. They are used to filter Layer 7 traffic.
D. They support standard ACLs only.
E. They are used to rate limit traffic destined to targeted networks.
Answer: A
Explanation
The syntax of a named ACL is:
ip access-list {standard | extended} {name | number}
Therefore we can configure a standard acl with keyword “standard” and configure an extended acl
with keyword “extended”. For example this is how to configure an named extended access-list:
Router(config)#ip access-list extended in_to_out permit tcp host 10.0.0.1 host 187.100.1.6 eq telnet
Question 3
Which range represents the standard access list?

A. 99
B. 150
C. 299
D. 2000
Answer: A
Explanation
Below is the range of standard and extended access list
Access list type Range
Standard 1-99, 1300-1999
Extended 100-199, 2000-2699
Question 4
A network engineer wants to allow a temporary entry for a remote user with a specific username and
password so that the user can access the entire network over the internet. Which ACL can be used?
A. reflexive
B. extended
C. standard
D. dynamic
Answer: D
Explanation
We can use a dynamic access list to authenticate a remote user with a specific username and
password. The authentication process is done by the router or a central access server such as a
TACACS+ or RADIUS server. The configuration of dynamic ACL can be read
here: http://www.cisco.com/en/US/tech/tk583/tk822/technologies_tech_note09186a0080094524.sht
ml
Question 5
Which statement about ACLs is true?
A. An ACL have must at least one permit action, else it just blocks all traffic.
B. ACLs go bottom-up through the entries looking for a match
C. An ACL has a an implicit permit at the end of ACL.
D. ACLs will check the packet against all entries looking for a match.
Answer: A
Question 6
Which action can change the order of entries in a named access-list?
A. removing an entry
B. opening the access-list in notepad
C. adding an entry
D. resequencing
Answer: D
Explanation
You can check the named access-list with the “show ip access-list” (or “show access-list”) command:
R1#show ip access-list
Standard IP access list nat_traffic
10 permit 10.1.0.0, wildcard bits 0.0.255.255
We can resequence a named access-list with the command: “ip access-list resequence access-
list-name starting-sequence-number increment “. For example:
R1(config)#ip access-list nat_traffic 100 10
Then we can check this access-list again:
R1#show ip access-list
Standard IP access list nat_traffic
We can see the starting sequence number is now 100 and the increment is 10. But notice that
resequencing an access-list cannot change the order of entries inside it but it is the best choice in this
question. Adding or removing a n entry does not change the order of entries. Maybe we should
understand this question “how to renumber the entries in a named access-list”.
Question 7
Which of the following are the valid numbers of standard ACL? (Choose two)
A. 50
B. 1550
C. 150
D. 1250
E. 2050
Answer: A B
Explanation
The range of standard ACL is 1-99, 1300-1999 so 50 and 1550 are two valid numbers.
Question 8
Host is able to ping a web server but it is not able to do HTTP request. What is the most likely cause
the problem?
A. ACL blocking port 23

B. ACL blocking all ports
C. ACL blocking port 80
D. ACL blocking port 443
E. None of the above
Answer: C
Question 9
Which item represents the standard IP ACL?
A. Access-list 110 permit any any

B. Access-list 50 deny 192.168.1.1 0.0.0.255
C. Access list 101 deny tvp any host 192.168.1.1
D. Access-list 2500 deny tcp any host 192.168.1.1 eq 22
Answer: B
Explanation
The range of standard ACL is 1-99, 1300-1999 so 50 is a valid number for standard ACL.
Question 10
While troubleshooting a connection problem on a computer, you determined that the computer can
ping a specific web server but it cannot connect to TCP port 80 on that server. Which reason for the
problem is most likely true?
A. A VLAN number is incorrect

B. An ARP table entry is missing
C. A route is missing
D. An ACL is blocking the TCP port
Answer: D
IP Routing
Question 1
A router has learned three possible routes that could be used to reach a destination network. One
route is from EIGRP and has a composite metric of 20514560. Another route is from OSPF with a
metric of 782. The last is from RIPv2 and has a metric of 4. Which route or routes will the router
install in the routing table?
A. the RIPv2 route
B. all three routes
C. the OSPF and RIPv2 routes
D. the OSPF route
E. the EIGRP route
Answer: E
Explanation
When one route is advertised by more than one routing protocol, the router will choose to use the
routing protocol which has lowest Administrative Distance. The Administrative Distances of popular
routing protocols are listed below:
Question 2
Which command can you enter to route all traffic that is destined for 192.168.0.0/20 to a specific
interface?
A. router(config)#ip route 192.168.0.0 255.255.240.0 GigabitEthernet0/1
B. router(config)#ip route 0.0.0.0 255.255.255.0 GigabitEthernet0/1
C. router(config)#ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1
D. router(config)#ip route 192.168.0.0 255.255.255.0 GigabitEthernet0/1
Answer: A
Explanation
The simple syntax of static route:
ip route destination-network-address subnet-mask {next-hop-IP-address | exit-interface}

+ destination-network-address: destination network address of the remote network
+ subnet mask: subnet mask of the destination network
+ next-hop-IP-address: the IP address of the receiving interface on the next-hop router
+ exit-interface: the local interface of this router where the packets will go out
In the statement “ip route 192.168.0.0 255.255.240.0 GigabitEthernet0/1″:
+ 192.168.0.0 255.255.240.0: the destination network

+ GigabitEthernet0/1: the exit-interface
Question 3
Which command can you enter to set the default route for all traffic to an interface?
A. router(config)#ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1
B. router(config)#ip route 0.0.0.0 255.255.255.255 GigabitEthernet0/1
C. router(config-router)#default-information originate
D. router(config-router)#default-information originate always
Answer: A
Question 4
Which three statements about static routing are true? (Choose three)
A. It uses consistent route determination.
B. It is best used for small-scale deployments.
C. Routing is disrupted when links fail.
D. It requires more resources than other routing methods.
E. It is best used for large-scale deployments.
F. Routers can use update messages to reroute when links fail.
Answer: A B C
Explanation
The static routing specifies a fixed destination so it is “consistent”. It is best used for small-scaled
places where there are a few routers only. When links fail, static route cannot automatically find an
alternative path like dynamic routing so routing is disrupted.
Question 5
If host Z needs to send data through router R1 to a storage server, which destination MAC address
does host Z use to transmit packets?
A. the host Z MAC address
B. the MAC address of the interface on R1 that connects to the storage server
C. the MAC address of the interface on R1 that connects to host Z
D. the MAC address of the storage server interface
Answer: C
Explanation
Host Z will use ARP to get the MAC address of the interface on R1 that connects to it and use this MAC
as the destination MAC address. It use the IP address of the storage server as the destination IP
address.
For example in the topology below, host A will use the MAC address of E0 interface of the router as its
destination MAC address to reach the Email Server.
Question 6
Which routing protocol has the smallest default administrative distance?

A. IBGP
B. OSPF
C. IS-IS
D. EIGRP
E. RIP
Answer: D
Explanation
The Administrative Distance (AD) of popular routing protocols is shown below. You should learn them
by heart:
Note: The AD of iBGP is 200
The smaller the AD is, the better it is. The router will choose the routing protocol with smallest AD.
In this case EIGRP with AD of 90 is the smallest one.
Question 7
Which statement about static routes is true?

A. The source interface can be configured to make routing decisions.
B. A subnet mask is entered for the next-hop address.
C. The subnet mask is 255.255 255.0 by default
D. The exit interface can be specified to indicate where the packets will be routed.
Answer: D
Question 8
Which component of a routing table entry represents the subnet mask?

A. routing protocol code
B. prefix
C. metric
D. network mask
Answer: D
Question 9
When a router makes a routing decision for a packet that is received from one network and destined
to another, which portion of the packet does if replace?
A. Layer 2 frame header and trailer
B. Layer 3 IP address
C. Layer 5 session
D. Layer 4 protocol
Answer: A
Explanation
The Layer 2 information (source and destination MAC) would be changed when passing through each
router. The Layer 3 information (source and destination IP addresses) remains unchanged.
Question 10
Which statement about routing protocols is true?

A. Link-state routing protocols choose a path by the number of hops to the destination.
B. OSPF is a link-state routing protocol.
C. Distance-vector routing protocols use the Shortest Path First algorithm.
D. IS-IS is a distance-vector routing protocol.
Answer: B
Question 11
Which dynamic routing protocol uses only the hop count to determine the best path to a destination?
A. IGRP
B. RIP
C. EIGRP
D. OSPF
Answer: B
IP Routing 2
Question 1
Which value is indicated by the next hop in a routing table?
A. preference of the route source

B. IP address of the remote router for forwarding the packets
C. how the route was learned
D. exit interface IP address for forwarding the packets
Answer: B
Question 2
Which component of the routing table ranks routing protocols according to their preferences?
A. administrative distance
B. next hop
C. metric
D. routing protocol code
Answer: A
Explanation
The administrative distance of each protocol is compared to see if that route is better or not.
Question 3
Which route source code represents the routing protocol with a default administrative distance of 90 in
the routing table?
A. S
B. E
C. D
D. R
E. O
Answer: C
Explanation
Letter “D” is used to symbolize for EIGRP (with a default AD of 90). Letter “E” is not used for EIGRP
because it has been used for Exterior Gateway Protocol (EGP). It is a obsolete routing protocol now.
Question 4
When enabled, which feature prevents routing protocols from sending hello messages on an interface?
A. virtual links
B. passive-interface
C. directed neighbors
D. OSPF areas
Answer: B
Question 5
How does a router handle an incoming packet whose destination network is missing from the routing
table?
A. It broadcast the packet to each interface on the router

B. It discards the packet
C. It broadcasts the packet to each network on the router
D. It routes the packet to the default route
Answer: B
Explanation
If there is a default route then surely the router will forward all unknown traffic to there. But if there is
no default route in the routing table then the router will discard the packet. In this question we
suppose there is no default route in the routing table. Otherwise the question should state it (this
question is unclear).
Question 6
Which path does a router choose when it receives a packet with multiple possible paths to the
destination over different routing protocols?
A. the path with both the lowest administrative distance and the highest metric
B. the path with the lowest administrative distance
C. the path with the lowest metric
D. the path with both the lowest administrative distance and lowest metric
Answer: B
Question 7
If a route is not present in the routing table for a particular destination, what would the router do?
A. Default route
B. Flood
C. Drop
Answer: A
Question 8
When a device learns multiple routes to a specific network, it installs the route with?
A. longest bit match (highest subnet mask)

B. lowest AD
C. lowest metric
D. equal load balancing
Answer: A
Explanation
Making a forwarding decision actually consists of three sets of processes: the routing protocols, the
routing table, and the actual process which makes a forwarding decision and switches packets. The
longest prefix match always wins among the routes actually installed in the routing table, while the
routing protocol with the lowest administrative distance always wins when installing routes into the
routing table.
Reference: http://www.cisco.co
m/c/en/us/support/docs/ip/enhanced-interior-gateway-routing-protocol-eigrp/8651-21.html
Therefore in this question, the process will be: longest bit match > lowest AD > lowest metric > equal
load balancing.
Question 9
When a router is unable to find a known route in the routing table, how does it handle the packet?
A. It discards the packet

B. It sends the packet over the route with the best metric
C. It sends the packet to the next hop address
D. It sends the packet to the gateway of last resort
Answer: A
Explanation
In fact this question is not clear. If we understand that “router is unable to find a known route in the
routing table” and there is no default route in the routing table then the router will surely discard the
packet -> A is correct. But we are not sure if there is a default route or not so let learn more about
gateway of last resort.
A Gateway of Last Resort is a route used by the router when no other known route exists to send the
IP packet. For CCNA level, when ip routing feature is enabled, a gateway of last resort is usually
created by:
+ The “ip default-network” command (but dynamic routing protocols have different behaviors). But in
general, the “ip default-network” cannot set the gateway of last resort without a known route in the
routing table.
+ Creating a static route to network 0.0.0.0 0.0.0.0 is another way to set the gateway of last resort
on a router. This is the reason why this question is not clear as it does not tell us if a default route
exists or not.
Maybe in this question a default route does not exist. Otherwise the author would notice and indicate
it in the question.
For more information about Gateway of Last Resort, please

read: http://www.cisco.com/c/en/us/support/docs/ip/routing-information-protocol-rip/16448-
default.html
Question 10
If router R1 knows a static route to a destination network and then learns about the same destination
network through a dynamic routing protocol, how does R1 respond?
A. It refuses to advertise the dynamic route to other neighbors

B. It sends a withdrawal signal to the neighboring router
C. It disables the routing protocol
D. It prefers the static route
Answer: D
Explanation
The default administrative distance value of static route is 1 which is always smaller than any dynamic
routing protocol so it is always preferred to dynamic routing protocols.
Question 11
Which two statements about floating static routes are true? (Choose two)
A. They are routes to the exact /32 destination address

B. They are used when a route to the destination network is missing
C. They have a higher administrative distance than the default static route administrative distance
D. They are used as back-up routes when the primary route goes down
E. They are dynamic routes that are learned from a server
Answer: C D
Explanation
Floating static routes are static routes that have an administrative distance greater than the
administrative distance (AD) of another static route or dynamic routes. By default a static route has
an AD of 1 then floating static route must have the AD greater than 1. Floating static route has a
manually configured administrative distance greater than that of the primary route and therefore
would not be in the routing table until the primary route fails.
Question 12
Which definition of a host route is true?
A. A route that is manually configured

B. A route used when a destination route is missing
C. A route to the exact /32 destination address
D. Dynamic route learned from the server
Answer: C
Explanation
A host route for IPv4 has the mask /32, and a host route for IPv6 has the mask /128. If an IPv4
address is configured with a mask of /32 on an interface of the router, which is typical for loopback
interfaces, the host route appears in the routing table only as connected (for example in the routing
table we will see this line: “C 10.10.10.1/32 is directly connected, Loopback0”.
Reference: https://www.cisco.com/c/en/us/support/docs/ip/ip-routing/116264-technote-ios-00.html
Question 13
When troubleshooting Ethernet connectivity issues, how can you verify that an IP address is known to
a router?
A. Check whether the IP address is in the routing table

B. Check whether an ACL is blocking the IP address
C. Check whether the IP address is in the CAM table
D. Check whether the IP address is in the ARP table
Answer: D
Explanation
If the IP address exists in the routing table then we can say the local router knew the way to reach
that destination. But this question wants to ask if the destination has communicated to the local router
or not (“an IP address is known to a router”). Maybe it is a tricky question.
Subnetting Questions
Question 1
Refer to the exhibit. All of the routers in the network are configured with the ip subnet-zero command.
Which network addresses should be used for Link A and Network A? (Choose two)
A. Network A – 172.16.3.48/26
B. Network A – 172.16.3.128/25
C. Network A – 172.16.3.192/26
D. Link A – 172.16.3.0/30
E. Link A – 172.16.3.40/30
F. Link A – 172.16.3.112/30
Answer: B D
Explanation
Network A needs 120 hosts < 128 = 27 -> Need a subnet mask of 7 bit 0s -> “/25″.
Because the ip subnet-zero command is used, network 172.16.3.0/30 can be used.
Answer E “Link A – 172.16.3.40/30″ is not correct because this subnet belongs to MARKETING subnet
(172.16.3.32/27).
Answer F “Link A – 172.16.3.112/30″ is not correct because this subnet belongs to ADMIN subnet
(172.16.3.96/27).
Question 2
What is the correct routing match to reach 172.16.1.5/32?

A. 172.16.1.0/26
B. 172.16.1.0/25
C. 172.16.1.0/24
D. the default route
Answer: A
Explanation
Although all above answers are correct but 172.16.1.0/26 is the best choice as it is the most specific
prefix-match one.
Question 3
You have been asked to come up with a subnet mask that will allow all three web servers to be on the
same network while providing the maximum number of subnets. Which network address and subnet
mask meet this requirement?
A. 192.168.252.0 255.255.255.252
B. 192.168.252.8 255.255.255.248
C. 192.168.252.8 255.255.255.252
D. 192.168.252.16 255.255.255.240
E. 192.168.252.16 255.255.255.252
Answer: B
Question 4
Refer to the exhibit. What is the most appropriate summarization for these routes?
A. 10.0.0.0/21
B. 10.0.0.0/22
C. 10.0.0.0/23
D. 10.0.0.0/24
Answer: B
Explanation
We need to summarize 4 subnets so we have to move left 2 bits (2 2 = 4). In this question we can
guess the initial subnet mask is /24 because 10.0.0.0, 10.0.1.0, 10.0.2.0, 10.0.3.0 belong to different
networks. So “/24″ moves left 2 bits -> /22.
Question 5
How many usable host are there per subnet if you have the address of 192.168.10.0 with a subnet
mask of 255.255.255.240?
A. 4
B. 8
C. 16
D. 14
Answer: D
Explanation
From the subnet mask of 255.255.255.240 (/28) we learn there are 2 4 – 2 = 14 hosts per subnet.
Question 6
Assuming a subnet mask of 255.255.248.0, three of the following addresses are valid host addresses.
Which are these addresses? (Choose three)
A. 172.16.9.0
B. 172.16.8.0
C. 172.16.31.0
D. 172.16.20.0
Answer: A C D
Explanation
From the subnet mask of 255.255.248.0 we learn that the increment is 8 therefore 172.16.8.0 is a
network address which cannot be assigned to a host. Other network addresses are 172.16.16.0,
172.16.24.0, 172.16.32.0… Notice that 172.16.31.0 is a valid host address (which belongs to
172.16.24.0 to 172.16.31.255 subnet).
Question 7
Which IP configuration does the CIDR notation 192.168.1.1/25 refer?

A. 192.168.1.1 255.255.255.64
B. 192.168.1.1 255.255.255.1
C. 192.168.1.1 255.255.255.32
D. 192.168.1.1 255.255.255.256
E. 192.168.1.1 255.255.255.128
Answer: E
Explanation
“/25” means 1111 1111.1111 1111.1000 0000 in binary or 255.255.255.128 in decimal.
Question 8
CIDR notation (255.255.255.252 ) in “/” notation

A. 30
B. 31
C. 32
D. 33
Answer: A
Question 9

Which three statements correctly describe Network Device A? (Choose three)
A. With a network wide mask of 255.255.255.128, each interface does not require an IP address.
B. With a network wide mask of 255.255.255.128, each interface does require an IP address on a
unique IP subnet.
C. With a network wide mask of 255.255.255.0, must be a Layer 2 device for the PCs to communicate
with each other.
D. With a network wide mask of 255.255.255.0, must be a Layer 3 device for the PCs to communicate
with each other.
E. With a network wide mask of 255.255.254.0, each interface does not require an IP address.
Answer: B D E
Explanation
The principle here is if the subnet mask makes two IP addresses 10.1.0.36 and 10.1.1.70 in the same
subnet then the Network device A does not need to have IP addresses on its interfaces (and we don’t
need a Layer 3 device here).
A quick way to find out the correct answers is notice that all 255.255.255.x subnet masks will
separate these two IP addresses into two separate subnets so we need a Layer 3 device here and each
interface must require an IP address on a unique IP subnet -> A, C are not correct while B, D are
correct.
With 255.255.254.0 subnet mask, the increment here is 2 in the third octet -> the first subnet is from
10.1.0.0 to 10.1.1.255, in which two above IP addresses belong to -> each interface of Network
device A does not require an IP address -> E is correct.
Question 10
Refer to the exhibit, you determine that Computer A cannot ping Computer B. Which reason for the
problem is most likely true?
A. The Subnet mask for Computer A is incorrect
B. The default gateway address for Computer A is incorrect
C. The subnet mask for computer B is incorrect.
D. The default gateway address for computer B is incorrect
Answer: A
RIP Questions
Question 1
How to configure RIPv2? (Choose two)

A. Enable RIP
B. Connect RIP to WAN interface
C. Enable auto-summary
D. Enable authentication
Answer: A B
Explanation
“Enable RIP” is surely correct to configure RIPv2 but “enable auto-summary” is not recommended.
Maybe there is another suitable option for this question (like “use ‘version 2’ command” or “Allowing
Unicast Updates for RIP”).
Question 2
Which two options are requirements for configuring RIPv2 for IPv4 (Choose two)?
A. enabling RIP authentication
B. connecting RIP to a WAN Interface
C. enabling auto route summarization
D. allowing unicast updates for RIP
E. enabling RIP on the router
Answer: D E
Explanation
To enable RIP surely we have to enable it first (with the “router rip” command in global configuration
mode) -> E is correct.
RIPv2 sends its updates via multicast but in Nonbroadcast Multiple Access (NBMA) environment,
multicast is not allowed so we have to use unicast to send RIPv2 updates -> D is correct.
Question 3
What does split-horizon do?

A. Prevent routing loop in distance vector protocol
B. Prevent switching loop in distance vector protocol
C. Prevent switching loop in link-state protocol
D. Prevent routing loop in link-state protocol
Answer: A
Explanation
The split-horizon rule states that “a router never sends information about a route back in same
direction which is original information came”. This rule is used in distance vector protocol (like RIP or
EIGRP) to prevent Layer 3 routing loop.
Question 4
Which effect of the passive-interface command on R1 is true?

R1
interface FastEthernet0/0
description site id:14254489
ip address 172.16.0.1 255.255.0.0
description site id:14254489
ip address 172.17.0.1 255.255.0.0
router rip
passive-interface FastEthernet0/0
network 172.16.0.0
network 172.17.0.0
version 2
A. It prevents interface Fa0/0 from sending updates.

B. Interface Fa0/0 operates in RIPv1 mode.
C. It removes the 172.16.0.0 network from all updates on all interfaces on R1.
D. It removes the 172.17.0.0 network from all updates on all interfaces on R1.
Answer: A
Explanation
A passive-interface with RIP prevents that interface from sending RIP advertisements but it is still
receiving RIP updates from other RIP neighbors. This behavior is different from EIGRP and OSPF
where the passive-interface statement stops forming neighbor adjacencies over that link.
Question 5
Which type of routing protocol operates by exchanging the entire routing information?
A. distance vector protocols
B. link state protocols
C. path vector protocols
D. exterior gateway protocols
Answer: A
Explanation
Distance vector protocols (like RIP) exchanges the entire routing information each time the routers
send the updates.
Note: EIGRP is considered an advanced distance vector protocol so it does not send the whole routing
table for each update.
Question 6
Refer to the exhibit. After you apply the given configuration to R1, you determine that it is failing to
advertise the 172.16.10.32/27 network .Which action most likely to correct the problem?
<exhibit missing>
A. Enable passive interface

B. Enable RIPv2
C. Enable manual summarization
D. Enable autosummarization
Answer: B
OSPF Questions
Question 1
Which three statements about link-state routing are true? (Choose three)
A. It uses split horizon.

B. Updates are sent to a broadcast address.
C. RIP is a link-state protocol.
D. Updates are sent to a multicast address by default.
E. Routes are updated when a change in topology occurs.
F. OSPF is a link-state protocol.
Answer: D E F
Question 2
Which three characteristics are representative of a link-state routing protocol? (Choose three)
A. provides common view of entire topology
B. exchanges routing tables with neighbors
C. calculates shortest path
D. utilizes event-triggered updates
E. utilizes frequent periodic updates
Answer: A C D
Question 3
What are two drawbacks of implementing a link-state routing protocol? (Choose two)
A. the sequencing and acknowledgment of link-state packets

B. the high volume of link-state advertisements in a converged network
C. the requirement for a hierarchical IP addressing scheme for optimal functionality
D. the high demand on router resources to run the link-state routing algorithm
E. the large size of the topology table listing all advertised routes in the converged network
Answer: C D
Question 4
Refer to the exhibit. Router edge-1 is unable to establish OSPF neighbor adjacency with router ISP-1.
Which two configuration changes can you make on edge-1 to allow the two routers to establish
adjacency? (Choose two)
A. Set the subnet mask on edge-1 to 255 255.255.252.

B. Reduce the MTU on edge-1 to 1514.
C. Set the OSPF cost on edge-1 to 1522.
D. Reduce the MTU on edge-1 to 1500.
E. Configure the ip ospf mtu-ignore command on the edge-1 Gi0/0 interface.
Answer: D E
Explanation
In order to become OSPF neighbor following values must be match on both routers:
+ Area ID
+ Authentication
+ Hello and Dead Intervals
+ Stub Flag
+ MTU Size
Therefore we need to adjust the MTU size on one of the router so that they are the same. Or we can
tell OSPF to ignore the MTU size check with the command “ip ospf mtu-ignore”.
Question 5
A network administrator is troubleshooting the OSPF configuration of routers R1 and R2. The routers
cannot establish an adjacency relationship on their common Ethernet link. The graphic shows the
output of the show ip ospf interface e0 command for routers R1 and R2. Based on the information in
the graphic, what is the cause of this problem?
A. The OSPF area is not configured properly.

B. The priority on R1 should be set higher.
C. The cost on R1 should be set higher.
D. The hello and dead timers are not configured properly.
E. A backup designated router needs to be added to the network.
F. The OSPF process ID numbers must match.
Answer: D
Explanation
D is correct because these entries must match on neighboring routers:
– Hello and dead intervals

– Area ID (Area 0 in this case)
– Authentication password
– Stub area flag
In this case Ethernet0 of R1 has Hello and Dead Intervals of 5 and 20 while R2 has Hello and Dead
Intervals of 10 and 40 -> R1 and R2 cannot form OSPF neighbor relationship.
Question 6
What routing protocol use first-hand information?
A. link-state
B. distance-vector
C. path-vector
D. other
Answer: A
Explanation
The information available to a distance vector router has been compared to the information available
from a road sign. Link state routing protocols are like a road map. A link state router cannot be fooled
as easily into making bad routing decisions, because it has a complete picture of the network. The
reason is that unlike the routing-by-rumor approach of distance vector, link state routers have
firsthand information from all their peer routers. Each router originates information about itself, its
directly connected links, and the state of those links (hence the name). This information is passed
around from router to router, each router making a copy of it, but never changing it. The ultimate
objective is that every router has identical information about the internetwork, and each router will
independently calculate its own best paths.
Question 7
Refer to the exhibit. If R1 sends traffic to 192.168.101.45 the traffic is sent through which interface?
A. FastEthernet0/1
B. FastEthernet0/0
C. FastEthernet1/0
D. FastEthernet1/1
Answer: D
Explanation
192.168.101.45 belongs to 192.168.0.0/16 network so the router will use FastEthernet1/1 as the exit
interface.
Question 8
R1 is unable to establish an OSPF neighbor relationship with R3. What are possible reasons for this
problem? (Choose two)
A. All of the routers need to be configured for backbone Area 1.
B. R1 and R2 are the DR and BDR, so OSPF will not establish neighbor adjacency with R3.
C. A static route has been configured from R1 to R3 and prevents the neighbor adjacency from being
established.
D. The hello and dead interval timers are not set to the same values on R1 and R3.
E. EIGRP is also configured on these routers with a lower administrative distance.
F. R1 and R3 are configured in different areas.
Answer: D F
Explanation
A is not correct because the backbone area of OSPF is always Area 0.

B is not correct because R1 or R3 must be the DR or BDR -> it has to establish neighbor adjacency
with the other.
C is not correct because OSPF neighbor relationship is not established based on static routing. It uses
multicast address 224.0.0.5 to establish OSPF neighbor relationship.
E is not correct because configure EIGRP on these routers (with a lower administrative distance) will
force these routers to run EIGRP, not OSPF.
D and F are correct because these entries must match on neighboring routers:
– Hello and dead intervals

– Area ID (Area 0 in this case)
– Authentication password
– Stub area flag
Question 9
Refer to the exhibit. You have discovered that computers on the 192.168.10.0/24 network can
ping their default gateway, but they cannot connect to any resources on a remote network. Which
reason for the problem is most likely true?
R1
interface Loopback0
ip address 172.16.1.1 255.255.255.255
ip address 192.168.12.1 255.255.255.0
ip address 192.168.10.1 255.255.255.0
!
router ospf 1
router-id 172.16.1.1
network 172.16.1.1 0.0.0.0 area 0
network 192.168.10.0 0.0.0.255 area 0
A. The 192.168.12.0/24 network is missing from OSPF.

B. The OSPF process ID is incorrect.
C. The OSPF area number is incorrect.
D. An ARP table entry is missing for 192.168.10.0.
E. A VLAN number is incorrect for 192.168.10.0.
Answer: A
Explanation
The most obvious thing in this configuration is R1 forgot to run OSPF on interface Fa0/0 (with the
“network 192.168.12.0 0.0.0.255 area …”) command so the computers behind 192.168.10.0/24
network does not know how to reach resources on a remote network.
Question 10
Which parameter or parameters are used to calculate OSPF cost in Cisco routers?
A. Bandwidth, Delay and MTU

B. Bandwidth
C. Bandwidth and MTU
D. Bandwidth, MTU, Reliability, Delay and Load
Answer: B
Explanation
The well-known formula to calculate OSPF cost is
Cost = 108 / Bandwidth
so B is the correct answer.

Basic Questions: Answer

Uploaded by

Copyright:

Available Formats

Basic Questions: Answer

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Basic Questions: Answer

Uploaded by

Copyright:

Available Formats

Basic Questions

What is true about Ethernet? (Choose two)

On which type of device is every port in the same collision domain?

Which MTU size can cause a baby giant error?

What are three characteristics of the TCP protocol? (Choose three)

A. There are two broadcast domains in the network.

What are contained in Layer 2 Ethernet frame? (Choose three)

In the “Access Routers Software Upgrade Procedures”

Which two options are fields in an Ethernet frame? (Choose two)

Cloud & Virtual Services

Network virtualization architecture has three main components:

Which three technical services support cloud computing?

Network virtualization architecture has three main components:

The advantages of leased lines include:

The disadvantages of leased lines include:

A. transmission unit size too large

Below is an example of the output of this command:

Which command is used to know the duplex speed of serial link?

In this output the speed of S0/0 interface is 1544 Kbits.

Which three statements about DWDM are true? (Choose three)

Which PPP subprotocol negotiates authentication options?

B. Main(config)# interface serial 0/0

C. Main(config)# interface serial 0/0

D. Main(config)# interface serial 0/0

Refer to the exhibit:

A. The usernames are incorrectly configured on the two routers.

What is the benefit of point-to-point leased line?

Flexibility is not an advantage of leased line connection -> C is not correct.

R1(config-if)# interface Serial 0/0

R1(config-if)# interface Serial 0/1

R1(config)# interface multilink 1

What are two authentication types of MLPPP?

At which layer of the OSI model does PPP perform?

Which option describes the purpose of traffic policing?

Which statement about QoS default behavior is true?

What 8-bit field exists in IP packet for QoS?

What does traffic shaping do to reduce congestion in a network?

In which byte of an IP packet can traffic be marked?

Which function does traffic shaping perform?

Which option is the main function of congestion management?

The picture below shows all configuration needed for PPPoE:

During which phase of PPPoE is PPP authentication performed?

PPPoE is composed of two main phases:

Which type of interface can negotiate an IP address for a PPPoE client?

Which statement about MPLS is true?

Which two statements about MPLS are true? (Choose two)

Which type of topology is required by DMVPN?

Router(config-if)#no cdp enable

Which statement about LLDP is true?

Sw(config)# lldp run

What is true about Cisco Discovery Protocol?

There are 3 columns we should pay more attention to:

Which statement about Cisco Discovery Protocol is true?

IP multicast is a bandwidth-conserving technology that reduces traffic by simultaneously delivering a

What are benefits of private IPv4 IP addresses?

The problems were:

To solve these problem, CIDR was selected as the solution in 1992.

Which IPv6 feature is supported in IPv4 but is not commonly used?