Sie sind auf Seite 1von 11

Exam Questions

Which of the following is a Layer 2 protocol used to maintain a loop-free network?

A. VTP
B. STP
C. RIP
D. CDP

Answer B

Question
Spanning-Tree was originally developed by DEC. What is the reason Spanning-Tree is used in a
switched LAN?

A. To provide a mechanism for network monitoring in switched environments.

B. To prevent routing loops in networks with redundant paths.

C. To prevent routing switching loops in networks with redundant switched paths.

D. To manage, the addition, deletion, and naming of VLANs across multiple switches.

E. To segment a network into multiple collision domains.

Answer B

Explanation
The purpose of the Spanning Tree Protocol (STP) is to provide for redundant paths within a
switched environment while ensuring that there is a loop free network. This is done as the
redundant ports are blocked.

Incorrect Answers

A. STP does not provide mechanism to monitor a switched network.


C. Loops are not referred to as &routing switching loops.
D. STP is not used for VLAN management.
E. Switches create multiple collisions domains and not STP.

Question
Switches have three primary modes to handle frame switching. Which two statements about the
store and forward switching method are true? (Choose two)

A. Latency remains constant regardless of frame size.

B. Latency through the switch varies with frame length.

C. The switch receives the complete frame before beginning to forward it.

D. The switch checks the destination address as soon as it receives the header and begins
forwarding the frame immediately.
Answer B, C

Explanation
In store and forward mode, the switch must receive the complete frame before forwarding takes
place. The destination and source addresses are read, the cyclic redundancy check (CRC) is
performed, relevant filters are applied, and the frame is forwarded. If the CRC is bad, the frame
is discarded. The latency (or delay) through the switch varies with frame length.

Incorrect Answers

A. Is wrong because the latency changes with the frame size.


D. Is wrong because it waits for the complete name and not merely the destination address.

Question
Which of the following devices support Full Duplex Ethernet ? (Choose two.)

A. Switch to host.
B. Switch to switch.
C. Hub to hub.
D. Switch to hub.
E. Hub to host.

Answer A, B

Explanation
Devices that are connected to switches can communicate in full duplex mode. This includes
switches that are connected to other switches.

Incorrect Answers
C, D, and E. Hubs can only communicate in half duplex mode (CSMA/CD). Therefore none of
these options are correct.

Question Which two statements are valid? (Choose two.)

A. Full-duplex Ethernet consists of a shared broadcast domain, while half-duplex Ethernet


consists of a private broadcast domain.
B. Full-duplex Ethernet is collision free, while half-duplex Ethernet is subject to collisions.
C. Full-duplex Ethernet provides higher throughput than half-duplex Ethernet of the same
bandwidth.
D. Full-duplex Ethernet provides lower throughput than half-duplex Ethernet of the same
bandwidth.

E. Full-duplex Ethernet consists of a shared cable segment while half-duplex Ethernet provides a
point-to-point link.

Answer B, C

Explanation
Full-duplex involves only two participants. Both can transmit simultaneously. Half-duplex, on the
other hand, can have many participants on the same network segment. Only one be transmitting
at a time.

B. Using Full-Duplex only two participants ensures that there can be no collisions. Half-duplex
must use CSMA/CD to handle the collisions.
C. Full-duplex mode is faster than half-duplex.
Incorrect Answers

A. All nodes on a half-duplex Ethernet segment share the same broadcast domain.
D. The opposite is true.
E. The opposite is true.

Question

Catalyst Switches have three primary operating modes that are used to handle frame switching
Cut-through, Store-and-forward and Fragment-free looking a the frame shown in the diagram
which point is the store-and-forward switching decision made?

A. 1
B. 2
C. 3
D. 4

Answer D

Explanation
When store-and-forward is employed the complete frame must be first received.
Incorrect Answers.
A. In a switched environment the frame will not be immediately sent.
B. This is the point at which the cut-through mode will start sending a frame.
C. This is the point at which the fragment-free mode will start sending a frame.

Question
Which one of the following characteristics about Ethernet Switches is true?

A. Symmetric switching allows connection between ports of unlike bandwidth and does not
require memory buffering.
B. Memory buffering is used to prevent a bottleneck when ports of different bandwidth are
connected on a symmetric switch.
C. The latency can be reduced if the switch utilizes the store and forward method of switching.
Store and forward is better for error detection.
D. The cut-trough method of switching is faster because the switch forwards the packet to the
destination as soon as it reads the destination address.

Answer D

Explanation
In cut-through mode, the switch checks the destination address (DA) as soon as the header is
received and immediately begins forwarding the frame. Depending on the network transport
protocol being used (connection or connectionless orientate), there is a significant decrease in
latency from input port to output port. The delay in cut-through switching remains constant
regardless of the size of the frame , because this switching mode starts to forward the frame as
soon as the switch reads the DA.

Incorrect Answers
A. Symmetric switching provides evenly distributed bandwidth to each port, while asymmetric
switching provides unlike, or unequal, bandwidth between some ports.
B. This is not a true statement.
C. Store-and-forward switching increases latency.
Question
Which of the following are modes used for frame switching on Cisco switches? (Choose two)

A. Full duplex
B. Half duplex
C. CSMA/CD
D. Cut through
E. Fragmentation
F. Store and forward

Answer D, F

Explanation
There are 3 primary operating modes that are used for frame switching. These modes are sore-
and-forward, cut-through and fragment free. When store-and-forward is used the switch must
receive the whole frame before it can be forwarded. During a cut-through operation, the switch
forwards the frame once it receives the Destination Address. Finally, the fragment-free mode
reads the first 64 bytes before forwarding the frame.

Incorrect Answers
A and B. These are transmission modes of whether the transmission is done one way at a time
(half Duplex) or simultaneous two-way (Full Duplex).
C. This is a physical transmission medium, typically used in Ethernet LANs.
E. There is a fragment-free mode not a fragment mode.

Question
Cisco's switching modes include cut-through, store and forwarded and a modified version of the
first two methods. Which statement about switching methods is true?

A. The stored and forward method has low latency.


B. The cut through method and switching has high latency.
C. The modified version holds the packet in memory until 50% of the packet reaches the switch.
D. The modified version holds the packet in memory until the data portion of the packet reaches
the switch.

Answer D

Explanation
The modified cut-through (also known as fragment-free) the switch reads into the first 64 bytes
before forwarding the frame.

Incorrect Answers
A. Store and Forward has HIGH latency.
B. Cut-Through has LOW latency.
C. It is not 50%. In the modified version, the frame transmission does not start until the first 64
bytes are read.

Question
New switches have been purchased for a network upgrade. The objective for the network design
emphasises efficient, error-free transport instead of fast transport.
Which switching mode should be configured on the new switches to provide error-free transport
to the network?

A. cut-through
B. fragment-free
C. frame-filtering
D. store-and-forward
E. 802.1q forwarding
F. VTP transparent mode

Answer D

Explanation
The Switch receives and stores all bits in the frame before forwarding the frame. This allows
switch to check the FCS before forwarding the frame. FCS is Ethernet Trailer.

Incorrect answers
A The Switch performs the address table lookup as soon as the destination address field in the
header is received. The first bits in the frame can be sent out to out port before the final bits in the
incoming frame are received. This does not allow the switch to discard frames that fail the FCS
check.
B This is also same as A. But Switch waits 64 bytes to be received before forwarding the first
bytes of the outgoing frame. Collisions may occur during first 64 bytes of the frame. Frames in
error due to collision will not be forwarded. The FCS still cannot be checked.
C, E, F They are not related to Switch mode transport.

Question
Your boss wants to know why the Spanning-Tree algorithm is used in a switched LAN?

A. To provide a mechanism for network monitoring in switched environments.


B. To prevent routing loops in networks with redundant paths.
C. To prevent switching loops in networks with redundant switched paths.
D. To manage, the addition, deletion, and naming of VLANs across multiple switches.
E. To segment a network into multiple collision domains.

Answer C

Question

Refer to the exhibit above. Based on the information given, which switch will be elected root
bridge and why?

A. Switch A, because it has the lowest MAC address


B. Switch A, because it is the most centrally located switch
C. Switch B, because it has the highest MAC address
D. Switch C, because it is the most centrally located switch
E. Switch C, because it has the lowest priority
F. Switch D, because it has the highest priority

Answer E

Explanation
To elect the root bridge in the LAN, first check the priority value. The switch having the lowest
priority will win the election process. If Priority Value is the same then it checks the MAC Address;
the switch having the lowest MAC Address will become the root bridge. In this case, switch C has
the lowest MAC Address so it becomes the root bridge.
Question

Based on the diagram above, which destination addresses will Host A


use to send data to Host B? (Choose two.)

A. The IP address of S1
B. The IP address of RA Fa0/0
C. The IP address of Host B
D. The MAC address of S1
E. The MAC address of RA Fa0/0
F. The MAC address of Host B

Answer C, E

Explanation
When sending data from one host to another, destination information will be added to every
packet's header. The destination information will be the IP and MAC Address of destination host.
If the destination is found outside the subnet the MAC address of the router is used. Note: The
destination IP address will never change, unless NAT is involved.

Question
Which switching mode provides the highest level of integrity and error-free transport, rather then
maximizing speed?

A. 802.1q forwarding
B. VTP transparent mode
C. Cut-through
D. Store-and-forward
E. Fragment-free
F. Frame-filtering

Answer D

Explanation
The Switch receives and stores all bits in the frame before forwarding the frame. This allows
switch to check the FCS before forwarding the frame. The FCS is the frame check sequence, and
the information contained in it is used by the switch to prevent frames with errors from being
forwarded through the network.

Incorrect Answers

E. The Switch performs the address table lookup as soon as the destination address field in the
header is received. The first bits in the frame can be sent out to out port before the final bits in the
incoming frame are received. This does not allow the switch to discard frames that fail the FCS
check.
C. Cut through will not perform any error checking. This would be the best choice for ports where
speed was most important.

Question
Why would a network administrator configure port security on a switch?

A. To prevent unauthorized Telnet access to a switch port.


B. To limit the number of Layer 2 broadcasts on a particular switch port.
C. To prevent unauthorized hosts from accessing the LAN.
D. To protect the IP and MAC address of the switch and associated ports.
E. To block unauthorized access to the switch management interfaces over common TCP ports.

Answer C

Explanation
You can use the port security feature to restrict input to an interface by limiting and identifying
MAC addresses of the stations allowed to access the port. When you assign secure MAC
addresses to a secure port, the port does not forward packets with source addresses outside the
group of defined addresses. If you limit the number of secure MAC addresses to one and assign
a single secure MAC address, the workstation attached to that port is assured the full bandwidth
of the port. If a port is configured as a secure port and the maximum number of secure MAC
addresses is reached, when the MAC address of a station attempting to access the port is
different from any of the identified secure MAC addresses, a security violation occurs. Also, if a
station with a secure MAC address configured or learned on one secure port attempts to access
another secure port, a violation is flagged.

Question
Assuming there is only one VLAN in this network, which switch is acting as the root bridge?

A. S1
B. S2
C. S3
D. A root bridge is not required in this network.

Answer C

Explanation: A root switch has all ports in non-blocking mode. Based on the diagram above, S1
and S2 contain ports that have been blocked by the STP process, so S3 must be the root bridge.
Question
A network administrator wants to control which user hosts can access the network based on their
MAC address. What will prevent workstations with unauthorized MAC addresses from connecting
to the network through a switch?

A. BPDU
B. Port security
C. RSTP
D. STP
E. VTP
F. Blocking mode

Answer B

Explanation
Understanding How PortSecurity Works: You can use port security to block input to an Ethernet,
Fast Ethernet, or Gigabit Ethernet port when the MAC address of the station attempting to access
the port is different from any of the MAC addresses specified for that port. Alternatively, you can
use port security to filter traffic destined to or received from a specific host based on the host
MAC address. When a secure port receives a packet, the source MAC address of the packet is
compared to the list of secure source addresses that were manually configured or autoconfigured
(learned) on the port. If a MAC address of a device attached to the port differs from the list of
secure addresses, the port either shuts down permanently (default mode), shuts down for the
time you have specified, or drops incoming packets from the insecure host. The port's behavior
depends on how you configure it to respond to a security violation. If a security violation occurs,
the Link LED for that port turns orange, and a link-down trap is sent to the Simple Network
Management Protocol (SNMP) manager. An SNMP trap is not sent if you configure the port for
restrictive violation mode. A trap is sent only if you configure the port to shut down during a
security violation.

Question
You have a server that's directly connected to a Cisco switch by way of its Fa0/1 port, and you
don't want any other MAC addresses from any other servers to access this port. How would you
accomplish this? (Select two answer choices)

A. Configure port Fa0/1 to accept connections only from the static IP address of the server.
B. Employ a proprietary connector type on Fa0/1 that is incompatible with other host connectors.
C. Configure the MAC address of the server as a static entry associated with port Fa0/1.
D. Bind the IP address of the server to its MAC address on the switch to prevent other hosts from
spoofing the server IP address.
E. Configure port security on Fa0/1 to reject traffic with a source MAC address other than that of
the server.
F. Configure an access list on the switch to deny server traffic from entering any port other than
Fa0/1.

Answer C, E

Explanation
You can configure a MAC address to be associated only with a particular port, with the restriction
that frames destined to that MAC address have to enter through that particular port. So answer
choice C is correct. Another feature you can use is port security. It can preset a limit to the
number of sources (including limiting to one) that can forward frames into the said port switch.
When a device with a different MAC address than the one configured for port security is
connected to the switch, the port will administratively shut itself down. The port will only forward
traffic again after an administrator manually enables it.
Question
The network security policy requires that only one host be permitted to attach dynamically to each
switch interface. If that policy is violated, the interface should shut down. Which two commands
must the network administrator configure on the 2950 Catalyst switch to meet this policy?
(Choose two)

A. S1(config-if)# switchport port-security maximum 1


B. S1(config)# mac-address-table secure
C. S1(config)# access-list 10 permit ip host
D. S1(config-if)# switchport port-security violation shutdown
E. S1(config-if)# ip access-group 10

Answer A, D

Explanation
Catalyst switches offer the port security feature to control port access based on MAC addresses.
To configure port security on an access layer switch port, begin by enabling it with the following
interface configuration command:
Switch(config-if)# switchport port-security

Next, you must identify a set of allowed MAC addresses so that the port can grant them access.
You can explicitly configure addresses or they can be dynamically learned from port traffic. On
each interface that uses port security, specify the maximum number of MAC addresses that will
be allowed access using the following interface configuration command:

Switch(config-if)# switchport port-security maximum max-addr


Finally, you must define how each interface using port security should react if a MAC address is
in violation by using the following interface configuration command:
Switch(config-if)# switchport port-security violation {shutdown | restrict |
protect}

A violation occurs if more than the maximum number of MAC addresses are learned, or if an
unknown (not statically defined) MAC address attempts to transmit on the port. The switch port
takes one of the following configured actions when a violation is detected

It is immediately put into the Disable state, which effectively shuts it down. It must be re-enabled
manually or through disable recovery to be used again.
Restrict state The port is allowed to stay up, but all packets from violating MAC addresses are
dropped. The switch keeps a running count of the number of violating packets and can send an
SNMP trap and a syslog message as an alert of the violation.
Protect state The port is allowed to stay up, as in the restrict mode. Although packets from
violating addresses are dropped, no record of the violation is kept.
Shutdown state The port is shutdown.

Question
A network administrator needs to force a high-performance switch that is located in the MDF to
become the root bridge for a redundant path switched network. What can be done to ensure that
this switch assumes the role of the Root Bridge?

A. Configure the switch so that it has a lower priority than other switches in the network.
B. Assign the switch a higher MAC address than the other switches in the network have.
C. Configure the switch for full-duplex operation and configure the other switches for half-duplex
operation.
D. Connect the switch directly to the MDF router, which will force the switch to assume the role of
root bridge.
E. Establish a direct link from the switch to all other switches in the network.

Answer A

Explanation
For all switches in a network to agree on a loop-free topology, a common frame of reference must
exist. This reference point is called the Root Bridge. The Root Bridge is chosen by an election
process among all connected switches. Each switch has a unique Bridge ID (also known as the
bridge priority) that it uses to identify itself to other switches. The Bridge ID is an 8-byte value. 2
bytes of the Bridge ID is used for a Bridge Priority field, which is the priority or weight of a switch
in relation to all other switches. The other 6 bytes of the Bridge ID is used for the MAC Address
field, which can come from the Supervisor module, the backplane, or a pool of 1024 addresses
that are assigned to every Supervisor or backplane depending on the switch model. This address
is hardcoded, unique, and cannot be changed.

The election process begins with every switch sending out BPDUs with a Root Bridge ID equal to
its own Bridge ID as well as a Sender Bridge ID. The latter is used to identify the source of the
BPDU message. Received BPDU messages are analyzed for a lower Root Bridge ID value. If the
BPDU message has a Root Bridge ID (priority) of the lower value than the switch's own Root
Bridge ID, it replaces its own Root Bridge ID with the Root Bridge ID announced in the BPDU. If
two Bridge Priority values are equal, then the lower MAC address takes preference.

Question

Given a Network with a switched topology as illustrated, what will be the result if the Spanning-
Tree Protocol is disabled on all the switches? (Choose two)

A. Broadcast Storm will occur.


B. Broadcast Storm will be detected quickly.
C. At least one link will be placed in standby.
D. Loops will occur.
E. Loops will be detected quickly.

Answer A, D

Explanation
Each switch broadcasts data to other switches. It will create Broadcast storm and generate loops
within switches.

Incorrect Answers
B. Broadcast storm will be detected after all switches sending broadcast information
C. There is no Standby mode in Spanning Tree protocol. (Blocking, Listening, Learning and
Forwarding are the modes)

Question

The network has converged and Switch_6 has been elected root bridge of the STP tree.
However, network traffic analysis indicates that Switch_1 would be a better root bridge.
How can the network administrator make this change, assuming that the spanning-tree priorities
are at the default settings?

A. Set the bridge priority of Switch_1 to 32,768.


B. Set the bridge priority of Switch_6 to 65,565.
C. Set the bridge priority of Switch_1 to 1.
D. Set the bridge priority of Switch_6 to 255.

Answer C

Set the bridge priority of Switch_1 to 1

The lowest priority will become a root bridge automatically

Question

Refer to the graphic. If the switches are new and have been cabled as shown, which switch will
become the root bridge?

A. SC
B. CE
C. JB
D. JP
E. JN
F. cannot be determined from the information given

Answer A

Explanation
Root bridge This is the bridge with the lowest bridge ID.