CCNA2 Chapter 3 Exam Answer 2016 v5.03
Which three statements accurately describe VLAN types? (Choose three).
- A management VLAN is any VLAN that is configured to access management features of the switch.
- A data VLAN is used to carry VLAN management data and user-generated traffic.
- After the initial boot of an unconfigured switch, all ports are members of the default VLAN.
- An 802.1Q trunk port, with a native VLAN assigned, supports both tagged and untagged traffic.
- Voice VLANs are used to support user phone and e-mail traffic on a network.
- VLAN 1 is always used as the management VLAN.
Which type of VLAN is used to designate which traffic is untagged when crossing a trunk port?
What are three primary benefits of using VLANs? (Choose three.)
- a reduction in the number of trunk links
- cost reduction
- end user satisfaction
- improved IT staff efficiency
- no required configuration
Refer to the exhibit. A frame is traveling between PC-A and PC-B through the switch. Which statement is true concerning VLAN tagging of the frame?
- A VLAN tag is added when the frame leaves PC-A.
- A VLAN tag is added when the frame is accepted by the switch.
- A VLAN tag is added when the frame is forwarded out the port to PC-B.
- No VLAN tag is added to the frame.
Which command displays the encapsulation type, the voice VLAN ID, and the access mode VLAN for the Fa0/1 interface?
- show vlan brief
- show interfaces Fa0/1 switchport
- show mac address-table interface Fa0/1
- show interfaces trunk
What must the network administrator do to remove Fast Ethernet port fa0/1 from VLAN 2 and assign it to VLAN 3?
- Enter the no vlan 2 and the vlan 3 commands in global configuration mode.
- Enter the switchport access vlan 3 command in interface configuration mode.
- Enter the switchport trunk native vlan 3 command in interface configuration mode.
- Enter the no shutdown in interface configuration mode to return it to the default configuration and then configure the port for VLAN 3.
A Cisco Catalyst switch has been added to support the use of multiple VLANs as part of an enterprise network. The network technician finds it necessary to clear all VLAN information from the switch in order to incorporate a new network design. What should the technician do to accomplish this task?
- Erase the startup configuration and reboot the switch.
- Erase the running configuration and reboot the switch.
- Delete the startup configuration and the vlan.dat file in the flash memory of the switch and reboot the switch.
- Delete the IP address that is assigned to the management VLAN and reboot the switch.
Which two characteristics match extended range VLANs? (Choose two.)
- CDP can be used to learn and store these VLANs.
- VLAN IDs exist between 1006 to 4094.
- They are saved in the running-config file by default.
- VLANs are initialized from flash memory.
- They are commonly used in small networks.
What happens to switch ports after the VLAN to which they are assigned is deleted?
- The ports are disabled.
- The ports are placed in trunk mode.
- The ports are assigned to VLAN1, the default VLAN.
- The ports stop communicating with the attached devices.
A Cisco switch currently allows traffic tagged with VLANs 10 and 20 across trunk port Fa0/5. What is the effect of issuing a switchport trunk allowed vlan 30 command on Fa0/5?
- It allows VLANs 1 to 30 on Fa0/5.
- It allows VLANs 10, 20, and 30 on Fa0/5.
- It allows only VLAN 30 on Fa0/5.
- It allows a native VLAN of 30 to be implemented on Fa0/5.
What VLANs are allowed across a trunk when the range of allowed VLANs is set to the default value?
- All VLANs will be allowed across the trunk.
- Only VLAN 1 will be allowed across the trunk.
- Only the native VLAN will be allowed across the trunk.
- The switches will negotiate via VTP which VLANs to allow across the trunk.
Which command should the network administrator implement to prevent the transfer of DTP frames between a Cisco switch and a non-Cisco switch?
- S1(config-if)# switchport mode trunk
- S1(config-if)# switchport nonegotiate
- S1(config-if)# switchport mode dynamic desirable
- S1(config-if)# switchport mode access
- S1(config-if)# switchport trunk allowed vlan none
Under which two occasions should an administrator disable DTP while managing a local area network? (Choose two.)
- when connecting a Cisco switch to a non-Cisco switch
- when a neighbor switch uses a DTP mode of dynamic auto
- when a neighbor switch uses a DTP mode of dynamic desirable
- on links that should not be trunking
- on links that should dynamically attempt trunking
What is the default DTP mode on Cisco 2960 and 3560 switches?
- dynamic desirable
- dynamic auto
Refer to the exhibit. DLS1 is connected to another switch, DLS2, via a trunk link. A host that is connected to DLS1 is not able to communicate to a host that is connected to DLS2, even though they are both in VLAN 99. Which command should be added to Fa0/1 on DLS1 to correct the problem?
- switchport nonegotiate
- switchport mode dynamic auto
- switchport trunk native vlan 66
- switchport trunk allowed vlan add 99
An administrator has determined that the traffic from a switch that corresponds to a VLAN is not being received on another switch over a trunk link. What could be the problem?
- trunk mode mismatch
- native VLAN mismatch
- allowed VLANs on trunks
- dynamic desirable mode on one of the trunk links
In a basic VLAN hopping attack, which switch feature do attackers take advantage of?
- an open Telnet connection
- automatic encapsulation negotiation
- forwarding of broadcasts
- the default automatic trunking configuration
Which two Layer 2 security best practices would help prevent VLAN hopping attacks? (Choose two.)
- Change the native VLAN number to one that is distinct from all user VLANs and is not VLAN 1.
- Change the management VLAN to a distinct VLAN that is not accessible by regular users.
- Statically configure all ports that connect to end-user host devices to be in trunk mode.
- Disable DTP autonegotiation on end-user ports.
- Use SSH for all remote management access.
Refer to the exhibit. What can be determined from the output that is shown?
- Interface FastEthernet 0/1 is configured as dynamic auto by the administrator.
- Interface FastEthernet 0/1 is configured with the nonegotiate keyword.
- Interface FastEthernet 0/1 is configured with the switchport protected command.
- Interface FastEthernet 0/1 is trunking and using Native VLAN 1.
Refer to the exhibit. Interface Fa0/1 is connected to a PC. Fa0/2 is a trunk link to another switch. All other ports are unused. Which security best practice did the administrator forget to configure?
- Disable autonegotiation and set ports to either static access or static trunk.
- Change the native VLAN to a fixed VLAN that is distinct from all user VLANs and to a VLAN number that is not VLAN 1.
- Configure all unused ports to a ‘black-hole’ VLAN that is not used for anything on the network.
- All user ports are associated with VLANs distinct from VLAN 1 and distinct from the ‘black-hole’ VLAN.
Which two modes does Cisco recommend when configuring a particular switch port? (Choose two.)
- Gigabit Ethernet
- IEEE 802.1Q
Match the IEEE 802.1Q standard VLAN tag field with the description. (Not all options are used.)
Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
Which PCs will receive the broadcast sent by PC-C?
- PC-A, PC-B
- PC-D, PC-E
- PC-A, PC-B, PC-E
- PC-A, PC-B, PC-D, PC-E
- PC-A, PC-B, PC-D, PC-E, PC-F