Professional Documents
Culture Documents
vce
QUESTION 1
What is the primary benefit of the Virtual Local Area Network (VLAN) Trunking Protocol (VTP)?
A. broadcast control
B. frame tagging
C. inter-VLAN routing
D. consistent VLAN configuration across switches in a domain
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
VTP manages configured VLANs across a switched network and maintains consistency of VLAN
information throughout a VTP domain. When an administrator adds, deletes, or renames VLANs, VTP
propagates this information to all other switches in the VTP domain. This makes the process of VLAN
changes a plug-and-play activity. This protocol was developed by, and remains proprietary to Cisco
Systems.
Broadcast control is not the primary benefit of VTP. Broadcast control is achieved by using VLANs. VLANs
segment the network into logical broadcast domains. This helps in the reduction of unnecessary traffic over
the network and optimizes the available bandwidth use. VTP pruning helps reduce broadcast and unknown
unicast over VLAN trunk links. However, this is not the primary benefit of VTP.
Frame tagging is required for VLAN identification as frames traverse trunk links in a switch fabric. Inter-
Switch Link (ISL) and IEEE 802.1q are the two methods of frame tagging available on Cisco devices. ISL is
proprietary to Cisco, whereas IEEE 802.1q is a standard method. VTP is not a frame tagging method.
Inter-VLAN routing is achieved by an Open Systems Interconnect (OSI) Layer 3 device (Router). Inter-
VLAN routing is not a benefit of VTP.
Objective:
LAN Switching Fundamentals
Sub-Objective:
Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switches
References:
Cisco > Support > LAN Switching > Virtual LANS / VLAN Trunking Protocol (VLANS/VTP) > Configure >
Configuration Examples and Technotes > Configuring VLAN Trunk Protocol (VTP) > Document ID: 98154
Cisco > Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide, 12.2(25) > Understanding
and Configuring VLANs, VTP, and VMPS
QUESTION 2
In which of the following networks does the address 192.168.54.23/27 reside?
A. 192.168.54.0
B. 192.168.54.8
C. 192.168.54.4
D. 192.168.54.16
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
When a class C address such as 192.168.54.0 is subnetted with a /27 mask, the subnet mask in dotted
decimal format is 255.255.255.224. This means that the interval between the network IDs of the resulting
subnets is 32. The resulting network IDs are as follows:
192.168.54.0
192.168.54.32
192.168.54.64
192.168.54.92 and so on.
Therefore, the address 192.168.54.23 resides in the 192.168.54.0 subnet. The address 192.168.54.0 is
called a network ID or, alternately, a subnet address. It represents the subnet as a group and will be used
in the routing tables to represent and locate the subnet.
Neither the first address (192.168.54.0, the network ID) nor the last address (192.168.54.31, the broadcast
address) in any resulting subnet can be used. Therefore, the addresses in this range are 192.168.54.1
through 192.168.54.30, which includes the 192.168.54.23 address.
192.168.54.8 would only be a network ID if the mask were /29, which would result in an interval of 8
between network IDs. However, even if a /29 mask were used, the 192.168.54.23 address would not fall in
its range. The address range for a /29 mask would be 192.168.54.9 through 192.168.54.14.
Similarly, 192.168.54.4 would only be a network ID for a /30 mask, which would result in an interval of 4
between network IDs. But even if a /30 mask were used, the 192.168.54.23 address would not fall in its
range. The address range for a /30 mask would be 192.168.54.5 through 192.168.54.6.
192.168.54.16 could be a network ID if the mask were /28, /29 or /30, but not with a /27 mask.
Objective:
Network Fundamentals
Sub-Objective:
Apply troubleshooting methodologies to resolve problems
References:
Cisco > Support > IP Routing > Design TechNotes > Document ID: 13788 > IP Addressing and Subnetting
for New Users
QUESTION 3
Which set of Cisco Internetwork Operating System (IOS) commands is used on Cisco routers to set a
password for Telnet lines?
Correct Answer: D
Section: (none)
Explanation
Explanation/Reference:
Explanation:
The following commands are used on Cisco routers to set a password for Telnet lines:
router(config)# line vty 0 4
router(config-line)# login
router(config-line)# password password
Assigning a password to the VTY lines is required for remote connections to the device to be possible. If a
password has not been configured the following error message will be generated when the connection is
attempted:
Configuring a VTY password and requiring the password (accomplished with the login command) is good
first step in securing Telnet access to the device. Another step that can enhance the security of remote
access to the device would be to apply an access list to the VTY lines with the access-class command.
The command sequence which begins with router(config-router)# line vty 0 4 is incorrect because the line
vty 0 4 command should be executed in global configuration mode, not routing protocol configuration
mode.
The line telnet 0 4 command is incorrect because this is not a valid Cisco IOS command.
The line aux 0 command is incorrect because this allows you to configure the properties of the Auxiliary
port, as opposed to the incoming Telnet (VTY) lines.
Objective:
Infrastructure Management
Sub-Objective:
Configure and verify device management
References:
Cisco > Support > Technology Support > IP > IP Addressing Services > Design > Design TechNotes >
Cisco Guide to Harden Cisco IOS Devices > Document ID: 13608
Cisco > Support > End-of-sale and End-of-life Products > Cisco IOS Software Releases 11.0 >
Configuration Examples and TechNotes > Telnet, Console and AUX Port Passwords on Cisco Routers
Configuration Example
QUESTION 4
The output of the show ip route command is given:
Correct Answer: A
Section: (none)
Explanation
Explanation/Reference:
Explanation:
The value 110 in the output represents the administrative distance (AD) of the information source.
Administrative distance is used by Cisco routers to select the most trustworthy source of routing
information for a particular route. Every routing protocol has a default administrative distance, and if more
than one routing protocol is providing route information about a route, the protocol with the lowest AD will
be selected to populate the routing table. The following table shows the AD values for different routing
protocols:
The following is the sample output for the show ip route command:
The administrative distance for any particular protocol can be changed if you would like to use a routing
protocol that is normally not the preferred provider. For example, if you prefer that RIP routes be installed in
the routing table rather than OSPF routes, you could change the administrative distance of RIP to a lower
value than OSPF (110), as shown below.
All the other options are incorrect because they do not represent the administrative distance.
Objective:
Routing Fundamentals
Sub-Objective:
Interpret the components of routing table
References:
Cisco > Support > IP > IP Routing > Design > Design TechNotes > What Is Administrative Distance? >
Document ID: 15986
QUESTION 5
What is the purpose of frame tagging in Virtual LAN (VLAN) configurations?
A. inter-VLAN routing
B. encryption of network packets
C. frame identification over trunk links
D. frame identification over access links
Correct Answer: C
Section: (none)
Explanation
Explanation/Reference:
Explanation:
Frame tagging is used when VLAN traffic travels over a trunk link. Trunk links carry frames for multiple
VLANs. Therefore, frame tags are used for identification of frames from different VLANs. Inter Switch Link
(ISL) and Institute of Electrical and Electronics Engineers (IEEE) 802.1q are the two frame tagging
methods supported on Cisco devices.
The purpose of frame tagging is not inter-VLAN routing. A Layer 3 device, such as a router or multilayer
switch, is used for inter-VLAN routing. To configure inter-VLAN routing a logical or subinterface for each
VLAN must be created on the single physical interface used to connect to the switch. An IP address is NOT
applied to the physical interface; instead, each subinterface is configured with an IP address that will
become the default gateway of all devices residing in that VLAN. Consequently, each subinterface and its
VLAN devices must reside a different subnet as well. If a subinterface on the router is NOT configured with
an IP address that resides in the same network as the hosts that reside in the VLAN that the subinterface
serves, the hosts in that VLAN will be isolated from the other VLANs. The hosts in the VLAN served by the
subinterface should also use this address as their default gateway, or the hosts in the VLAN will likewise be
isolated form the other VLANs
To verify the IP address of the subinterface, execute the show interfaces subinterface ID command. As
shown below, the IP address will appear in line 3 of the output. Compare this IP address will the IP address
set as the default gateway of each host in the VLAN served by the subinterface. They should be the same,
and the IP address of the hosts should be in the same subnet as this address as well.
Frame tagging does not provide encryption of network packets. Packets are transmitted unencrypted
unless the network device or the application uses an additional encryption mechanism. A Virtual Private
Network (VPN) is a popular solution for providing encrypted network communication.
An access link is a connection between a switch and an end-user computer with a normal Ethernet
Network Interface Card (NIC). On these links, Ethernet frames are transmitted without frame tagging.
Objective:
LAN Switching Fundamentals
Sub-Objective:
Configure, verify, and troubleshoot VLANs (normal/extended range) spanning multiple switches
References:
Cisco > Cisco IOS LAN Switching Configuration Guide, Release 12.4 > Part 1: Virtual LANs > Routing
Between VLANs Overview
Cisco > Technology Support > LAN Switching > Virtual LANs/VLAN Trunking Protocol (VLANs/VTP) >
Design > Design Technotes > Inter-Switch Link and IEEE 802.1Q Frame Format > Document ID: 17056