CCNA 2 (v5.0.3 + v6.0) Chapter 5 Exam Answers for Switch Configuration
Read Chapter wise CCNA 2 Exam Answers (v5.1 + v6.0)
1. Which statement describes the port speed LED on the Cisco Catalyst 2960 switch?
- If the LED is green, the port is operating at 100 Mb/s.*
- If the LED is off, the port is not operating.
- If the LED is blinking green, the port is operating at 10 Mb/s.
- If the LED is amber, the port is operating at 1000 Mb/s.
2. Which command is used to set the BOOT environment variable that defines where to find the IOS image file on a switch?
- config-register
- boot system*
- boot loader
- confreg
3. What is a function of the switch boot loader?
- to speed up the boot process
- to provide security for the vulnerable state when the switch is booting
- to control how much RAM is available to the switch during the boot process
- to provide an environment to operate in when the switch operating system cannot be found*
4. Which interface is the default location that would contain the IP address used to manage a 24-port Ethernet switch?
- VLAN 1*
- Fa0/0
- Fa0/1
- interface connected to the default gateway
- VLAN 99
5. A production switch is reloaded and finishes with a Switch> prompt. What two facts can be determined? (Choose two.)
- POST occurred normally.*
- The boot process was interrupted.
- There is not enough RAM or flash on this router.
- A full version of the Cisco IOS was located and loaded.*
- The switch did not locate the Cisco IOS in flash, so it defaulted to ROM.
6. Which two statements are true about using full-duplex Fast Ethernet? (Choose two.)
Performance is improved with bidirectional data flow.*
- Latency is reduced because the NIC processes frames faster.
- Nodes operate in full-duplex with unidirectional data flow.
- Performance is improved because the NIC is able to detect collisions.
- Full-duplex Fast Ethernet offers 100 percent efficiency in both directions.*
7. In which situation would a technician use the show interfaces switch command?
- to determine if remote access is enabled
- when packets are being dropped from a particular directly attached host*
- when an end device can reach local devices, but not remote devices
to determine the MAC address of a directly attached network device on a particular interface
8. Refer to the exhibit. A network technician is troubleshooting connectivity issues in an Ethernet network with the command show interfaces fastEthernet 0/0. What conclusion can be drawn based on the partial output in the exhibit?
- All hosts on this network communicate in full-duplex mode.
- Some workstations might use an incorrect cabling type to connect to the network.
- There are collisions in the network that cause frames to occur that are less than 64 bytes in length.
- A malfunctioning NIC can cause frames to be transmitted that are longer than the allowed maximum length.*
9. Refer to the exhibit. What media issue might exist on the link connected to Fa0/1 based on the show interface command?
- The bandwidth parameter on the interface might be too high.
- There could be an issue with a faulty NIC.
- There could be too much electrical interference and noise on the link.*
- The cable attaching the host to port Fa0/1 might be too long.
- The interface might be configured as half-duplex.
10. If one end of an Ethernet connection is configured for full duplex and the other end of the connection is configured for half duplex, where would late collisions be observed?
- on both ends of the connection
- on the full-duplex end of the connection
- only on serial interfaces
- on the half-duplex end of the connection*
11. What is one difference between using Telnet or SSH to connect to a network device for management purposes?
- Telnet uses UDP as the transport protocol whereas SSH uses TCP.
- Telnet does not provide authentication whereas SSH provides authentication.
- Telnet supports a host GUI whereas SSH only supports a host CLI.
- Telnet sends a username and password in plain text, whereas SSH encrypts the username and password.*
12. Refer to the exhibit. The network administrator wants to configure Switch1 to allow SSH connections and prohibit Telnet connections. How should the network administrator change the displayed configuration to satisfy the requirement?
- Use SSH version 1.
- Reconfigure the RSA key.
- Configure SSH on a different line.
- Modify the transport input command.*
13. What is the effect of using the switchport port-security command?
- enables port security on an interface*
- enables port security globally on the switch
- automatically shuts an interface down if applied to a trunk port
- detects the first MAC address in a frame that comes into a port and places that MAC address in the MAC address table
14. Where are dynamically learned MAC addresses stored when sticky learning is enabled with the switchport port-security mac-address sticky command?
- ROM
- RAM*
- NVRAM
- flash
15. A network administrator configures the port security feature on a switch. The security policy specifies that each access port should allow up to two MAC addresses. When the maximum number of MAC addresses is reached, a frame with the unknown source MAC address is dropped and a notification is sent to the syslog server. Which security violation mode should be configured for each access port?
- restrict*
- protect
- warning
- shutdown
16. Which two statements are true regarding switch port security? (Choose two.)
- The three configurable violation modes all log violations via SNMP.
- Dynamically learned secure MAC addresses are lost when the switch reboots.*
- The three configurable violation modes all require user intervention to re-enable ports.
- After entering the sticky parameter, only MAC addresses subsequently learned are converted to secure MAC addresses.
- If fewer than the maximum number of MAC addresses for a port are configured statically, dynamically learned addresses are added to CAM until the maximum number is reached.*
17. Which action will bring an error-disabled switch port back to an operational state?
- Remove and reconfigure port security on the interface.
- Issue the switchport mode access command on the interface.
- Clear the MAC address table on the switch.
- Issue the shutdown and then no shutdown interface commands.*
18. Refer to the exhibit. Port Fa0/2 has already been configured appropriately. The IP phone and PC work properly. Which switch configuration would be most appropriate for port Fa0/2 if the network administrator has the following goals?
No one is allowed to disconnect the IP phone or the PC and connect some other wired device.
If a different device is connected, port Fa0/2 is shut down.
The switch should automatically detect the MAC address of the IP phone and the PC and add those addresses to the running configuration.
SWA(config-if)# switchport port-security
SWA(config-if)# switchport port-security mac-address sticky
SWA(config-if)# switchport port-security mac-address sticky
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address sticky*
SWA(config-if)# switchport port-security
SWA(config-if)# switchport port-security maximum 2
SWA(config-if)# switchport port-security mac-address sticky
SWA(config-if)# switchport port-security violation restrict
19. The following words are displayed:
ATC_S2# show port-security interface fastethernet 0/3
Port Security : Enabled
Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 0 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 2
Total MAC Addresses : 1
Configured MAC Addresses : 0
Sticky MAC Addresses : 1
Last Source Address:Vlan : 00D0.D3B6.C26B:10
Security Violation Count : 0
Refer to the exhibit. What can be determined about port security from the information that is shown?
- The port has been shut down.
- The port has two attached devices.
- The port violation mode is the default for any port that has port security enabled.*
- The port has the maximum number of MAC addresses that is supported by a Layer 2 switch port which is configured for port security.
20. Refer to the exhibit. Which event will take place if there is a port security violation on switch S1 interface Fa0/1?
- A notification is sent.
- A syslog message is logged.
- Packets with unknown source addresses will be dropped.*
- The interface will go into error-disabled state.
21. Open the PT Activity. Perform the tasks in the activity instructions and then answer the question.
Which event will take place if there is a port security violation on switch S1 interface Fa0/1?
- Packets with unknown source addresses will be dropped.
- A syslog message is logged.
- The interface will go into error-disabled state.
- A notification is sent.
22. Fill in the blank.
Do not use abbreviations.What is the missing command on S1? “ ip address 192.168.99.2 255.255.255.0 ”
23. Match the step to each switch boot sequence description. (Not all options are used.)
Place the options in the following order:
step 3
– not scored –
step 1
step 4
step 2
step 5
step 6
The steps are:
1. execute POST
2. load the boot loader from ROM
3. CPU register initializations
4. flash file system initialization
5. load the IOS
6. transfer switch control to the IOS
24. Identify the steps needed to configure a switch for SSH. The answer order does not matter. (Not all options are used.)
Place the options in the following order:
[+] Create a local user.
[+] Generate RSA keys.
[+] Configure a domain name.
[+] Use the login local command.
[+] Use the transport input ssh command.
[+] Order does not matter within this group.
The login and password cisco commands are used with Telnet switch configuration, not SSH configuration.
Old Version: CCNA 2 Chapter 5 Exam Answers v6.0
1. What is a disadvantage of using router-on-a-stick inter-VLAN routing?
- does not support VLAN-tagged packets
- requires the use of more physical interfaces than legacy inter-VLAN routing
- does not scale well beyond 50 VLANs*
- requires the use of multiple router interfaces configured to operate as access links
2. How is traffic routed between multiple VLANs on a multilayer switch?
- Traffic is routed via physical interfaces.
- Traffic is routed via internal VLAN interfaces. *
- Traffic is broadcast out all physical interfaces.
- Traffic is routed via subinterfaces.
3. Refer to the exhibit. In this network design, which connection or connections if any, add the VLAN ID number if host H1 sends information to host H2?
- no link*
- from H1 to the switch
- from the switch to G0/0 on the router
- from G0/1 on the router to G1/2 on the switch
- from the switch to H2
4. What is a characteristic of legacy inter-VLAN routing?
- Only one VLAN can be used in the topology.
- The router requires one Ethernet link for each VLAN.*
- The user VLAN must be the same ID number as the management VLAN.
- Inter-VLAN routing must be performed on a switch instead of a router.
5. Refer to the exhibit. A network administrator needs to configure router-on-a-stick for the networks that are shown. How many subinterfaces will have to be created on the router if each VLAN that is shown is to be routed and each VLAN has its own subinterface?
- 1
- 2
- 3
- 4*
- 5
6. Refer to the exhibit. In what switch mode should port G0/1 be assigned if Cisco best practices are being used?
- access
- trunk*
- native
- auto
7. Refer to the exhibit. What is the problem with this configuration, based on the output of the router?
- The subnet mask is wrong.
- There is no subinterface for the administrative VLAN.
- The subinterface number does not match the third octet in the IPv4 address.
- The encapsulation has not been configured on the subinterface.*
8. Refer to the exhibit. Communication between the VLANs is not occurring. What could be the issue?
- The wrong port on the router has been used.
- The Gi1/1 switch port is not in trunking mode.*
- A duplex issue exists between the switch and the router.
- Default gateways have not been configured for each VLAN.
9. Refer to the exhibit. A network administrator is verifying the configuration of inter-VLAN routing. Users complain that PCs on different VLANs cannot communicate. Based on the output, what are two configuration errors on switch interface Gi1/1? (Choose two.)
- Gi1/1 is in the default VLAN.*
- Voice VLAN is not assigned to Gi1/1.
- Gi1/1 is configured as trunk mode.*
- Negotiation of trunking is turned on on Gi1/1.
- The trunking encapsulation protocol is configured wrong.
10. Refer to the exhibit. A network administrator is verifying the configuration of inter-VLAN routing. Users complain that PC2 cannot communicate with PC1. Based on the output, what is the possible cause of the problem?
- Gi0/0 is not configured as a trunk port.
- The command interface GigabitEthernet0/0.5 was entered incorrectly.
- There is no IP address configured on the interface Gi0/0.
- The no shutdown command is not entered on subinterfaces.
- The encapsulation dot1Q 5 command contains the wrong VLAN. *
11. Refer to the exhibit. A network administrator is verifying the configuration of inter-VLAN routing. Based on the partial output that is displayed by the use of the show vlan command, which conclusion can be drawn for the Gi1/1 interface?
- It is shut down.
- It belongs to the default VLAN.
- It is configured as trunk mode.*
- It is not connected to any device.
12. Inter-VLAN communication is not occurring in a particular building of a school. Which two commands could the network administrator use to verify that inter-VLAN communication was working properly between a router and a Layer 2 switch when the router-on-a-stick design method is implemented? (Choose two.)
- From the router, issue the show ip route command.*
- From the router, issue the show interfaces trunk command.
- From the router, issue the show interfaces interface command.
- From the switch, issue the show interfaces trunk command.*
- From the switch, issue the show interfaces interface command.
13. How are IP addressing designs affected by VLAN implementations?
- VLANs do not support VLSM.
- VLANs do not use a broadcast address.
- Each VLAN must have a different network number.*
- Each VLAN must have a different subnet mask.
14. While configuring inter-VLAN routing on a multilayer switch, a network administrator issues the no switchport command on an interface that is connected to another switch. What is the purpose of this command?
- to create a routed port for a single network*
- to provide a static trunk link
- to create a switched virtual interface
- to provide an access link that tags VLAN traffic
15. What is a disadvantage of using multilayer switches for inter-VLAN routing?
- Multilayer switches have higher latency for Layer 3 routing.
- Multilayer switches are more expensive than router-on-a-stick implementations.*
- Spanning tree must be disabled in order to implement routing on a multilayer switch.
- Multilayer switches are limited to using trunk links for Layer 3 routing.
16. What is a characteristic of a routed port on a Layer 3 switch?
- It supports trunking.
- It is not assigned to a VLAN.*
- It is commonly used as a WAN link.
- It cannot have an IP address assigned to it.
17. An administrator is attempting to configure a static route on a Cisco 2960 series switch. After the administrator types the command ip route 0.0.0.0 0.0.0.0 10.1.1.1, an error message appears stating that the command is not recognized. What must the administrator do so that this command is accepted?
- Enter the command no switchport.
- Enter the command ipv6 unicast-routing.
- Enter the command ip route 0.0.0.0 0.0.0.0. vlan 10.
- Enter the command sdm prefer lanbase-routing and reload.*
18. Which statement describes a disadvantage of using router subinterfaces for inter-VLAN routing?
- It is more expensive than using individual router interfaces.
- Routed traffic must contend for bandwidth on a single router interface.*
- Trunking cannot be used to connect the router to the switch.
- All untagged traffic is dropped.
19. Refer to the exhibit. Router RA receives a packet with a source address of 192.168.1.35 and a destination address of 192.168.1.85. What will the router do with this packet?
- The router will drop the packet.
- The router will forward the packet out interface FastEthernet 0/1.1.
- The router will forward the packet out interface FastEthernet 0/1.2.*
- The router will forward the packet out interface FastEthernet 0/1.3.
- The router will forward the packet out interface FastEthernet 0/1.2 and interface FastEthernet 0/1.3.
20. Refer to the exhibit. After attempting to enter the configuration that is shown in router RTA, an administrator receives an error and users on VLAN 20 report that they are unable to reach users on VLAN 30. What is causing the problem?
- Dot1q does not support subinterfaces.
- There is no address on Fa0/0 to use as a default gateway.
- RTA is using the same subnet for VLAN 20 and VLAN 30.*
- The no shutdown command should have been issued on Fa0/0.20 and Fa0/0.30.
21. Refer to the exhibit. A network administrator is configuring RT1 for inter-VLAN routing. The switch is configured correctly and is functional. Host1, Host2, and Host3 cannot communicate with each other. Based on the router configuration, what is causing the problem?
- Interface Fa0/0 is missing IP address configuration information.
- IP addresses on the subinterfaces are incorrectly matched to the VLANs.*
- Each subinterface of Fa0/0 needs separate no shutdown commands.
- Routers do not support 802.1Q encapsulation on subinterfaces.
22. What condition is required to enable Layer 3 switching?
- The Layer 3 switch must have IP routing enabled.*
- All participating switches must have unique VLAN numbers.
- All routed subnets must be on the same VLAN.
- Inter-VLAN portions of Layer 3 switching must use router-on-a-stick.
23. Refer to the exhibit. Which command can the administrator issue to change the VLAN10 status to up?
- Switch1(config)# interface vlan 10
Switch1(config-if)# no shutdown - Switch1(config)# interface vlan 10
Switch1(config-if)# ip address 192.168.10.1 255.255.255.0 - Switch1(config)# interface vlan 10
Switch1(config-if)# ip address 192.168.10.1 255.255.255.0
Switch1(config-if)# no shutdown - Switch1(config)# vlan 10
Switch1(config-vlan)# exit*
24. Fill in the blank. Do not use abbreviations.
A network engineer is troubleshooting the configuration of new VLANs on a network. Which command is used to display the list of VLANs that exists on the switch? show vlan
25. Refer to the exhibit. The switch does the routing for the hosts that connect to VLAN 5. If the PC accesses a web server from the Internet, at what point will a VLAN number be added to the frame?
- point A
- point B
- point C
- point D
- point E
- No VLAN number is added to the frame in this design.*
26. Which type of inter-VLAN communication design requires the configuration of multiple subinterfaces?
- router on a stick*
- routing via a multilayer switch
- routing for the management VLAN
- legacy inter-VLAN routing
27. A small college uses VLAN 10 for the classroom network and VLAN 20 for the office network. What is needed to enable communication between these two VLANs while using legacy inter-VLAN routing?
- A router with at least two LAN interfaces should be used.*
- Two groups of switches are needed, each with ports that are configured for one VLAN.
- A router with one VLAN interface is needed to connect to the SVI on a switch.
- A switch with a port that is configured as trunk is needed to connect to a router.
28. Refer to the exhibit. A network administrator has configured router CiscoVille with the above commands to provide inter-VLAN routing. What command will be required on a switch that is connected to the Gi0/0 interface on router CiscoVille to allow inter-VLAN routing??
- switchport mode access
- no switchport
- switchport mode trunk*
- switchport mode dynamic desirable
29. Refer to the exhibit. A router-on-a-stick configuration was implemented for VLANs 15, 30, and 45, according to the show running-config command output. PCs on VLAN 45 that are using the 172.16.45.0 /24 network are having trouble connecting to PCs on VLAN 30 in the 172.16.30.0 /24 network. Which error is most likely causing this problem??
- The wrong VLAN has been configured on GigabitEthernet 0/0.45.
- The command no shutdown is missing on GigabitEthernet 0/0.30.
- The GigabitEthernet 0/0 interface is missing an IP address.
- There is an incorrect IP address configured on GigabitEthernet 0/0.30.*
30. Match the link state to the interface and protocol status. (Not all options are used.)
Place the options in the following order:
disable -> administratively down
Layer 1 problem -> down/down
– not scored –
Layer 2 problem -> up/down
operational -> up/up
31. Match the inter-VLAN routing method to the corresponding characteristic (not all options are used).
Place the options in the following order:
router-on-a-stick -> creation of subinterfaces
Layer 3 with SVIs -> routing at wire speeds
– not scored –
Layer 3 with routed ports -> need to issue the no switchport command
More Resources