CCNA – Switch Questions 3

Here you will find answers to Switch Questions – Part 3

Question 1

Which of the following are true regarding bridges and switches? (Choose two)

A. Bridges are faster than switches because they have fewer ports.
B. A switch is a multiport bridge.
C. Bridges and switches learn MAC addresses by examining the source MAC address of each frame received.
D. A bridge will forward a broadcast but a switch will not.
E. Bridges and switches increase the size of a collision domain.

 

Answer: B C

Question 2

Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two)

A. SW1# show switchport port-security interface FastEthernet 0/12
B. SW1# show switchport port-secure interface FastEthernet 0/12
C. SW1# show port-security interface FastEthernet 0/12
D. SW1# show running-config

 

Answer: C D

Explanation

We can verify whether port security has been configured by using the “show running-config” or “show port-security interface ” for more detail. An example of the output of “show port-security interface ” command is shown below:

Question 3

Assuming the default switch configuration which vlan range can be added modified and removed on a Cisco switch?

A. 2 through 1001
B. 1 through 1001
C. 1 through 1002
D. 2 through 1005

 

Answer: A

Explanation

VLAN 1 is the default VLAN on Cisco switch. It always exists and can not be added, modified or removed.

VLANs 1002-1005 are default VLANs for FDDI & Token Ring and they can’t be deleted or used for Ethernet.

Question 4

Refer to the exhibit. This command is executed on 2960Switch:

2960Switch(config)# mac-address-table static 0000.00aa.aaaa vlan 10 interface fa0/1

Which two of these statements correctly identify results of executing the command? (Choose two)

A. Port security is implemented on the fa0/1 interface.
B. MAC address 0000.00aa.aaaa does not need to be learned by this switch.
C. Only MAC address0000.00aa.aaaa can source frames on the fa0/1 segment.
D. Frames with a Layer 2 source address of 0000.00aa.aaaa will be forwarded out fa0/1.
E. MAC address 0000.00aa.aaaa will be listed in the MAC address table for interface fa0/1 only.

 

Answer: B E

Explanation

The above command adds the MAC address 0000.00aa.aaaa to the MAC address table of the switch. This is called static MAC address. Static addresses have the following characteristics:

* Static addresses will not be removed from the address table when a given interface link is down.
* Static addresses are bound to the assigned interface and will not be moved. When a static address is seen on another interface, the address will be ignored and will not be written to the address table.
* A static address cannot be learned on another port until the address is removed with the no form of this command.

Static MAC address is not a Port Security feature -> A is not correct.

If the MAC address 0000.00aa.aaaa is seen again (on fa0/1 or other ports), it does not need to be learned because it already exists in the MAC address table of the switch -> B is correct.

Although configured with a static MAC address, switch can still learn other MAC addresses dynamically -> C is not correct.

Frames with a Layer 2 destination address (not source address) of 0000.00aa.aaaa will be forwarded out fa0/1 -> D is not correct.

Question 5

Which set of commands is recommended to prevent the use of a hub in the access layer?

A.
switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security maximum 1

B.
switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security mac-address 1

C.
switch(config-if)#switchport mode access
switch(config-if)#switchport port-security maximum 1

D.
switch(config-if)#switchport mode access
switch(config-if)#switchport port-security mac-address 1

 

Answer: C

Explanation

Port security is only used on access port (which connects to hosts) so we need to set that port to “access” mode, then we need to specify the maximum number of hosts which are allowed to connect to this port -> C is correct.

Note: If we want to allow a fixed MAC address to connect, use the “switchport port-security mac-address ” command.

Question 6

A Catalyst 2950 needs to be reconfigured. What steps will ensure that the old configuration is erased? (Choose three)

A. Erase flash.
B. Restart the switch.
C. Delete the VLAN database.
D. Erase the running configuration.
E. Erase the startup configuration.
F. Modify the configuration register.

 

Answer: B C E

Question 7

The network administrator has discovered that the power supply has failed on a switch in the company LAN and that the switch has stopped functioning. It has been replaced with a Cisco Catalyst 2950 series switch. What must be done to ensure that this new switch becomes the root bridge on the network?

A. Lower the bridge priority number.
B. Change the MAC address of the switch.
C. Increase the VTP revision number for the domain.
D. Lower the root path cost on the switch ports.
E. Assign the switch an IP address with the lowest value.

 

Answer: A

Question 8

Which two of these are characteristics of the 802.1Q protocol? (Choose two)

A. It is a layer 2 messaging protocol which maintains vlan configurations across network.
B. It includes an 8-bit field which specifies the priority of a frame.
C. It is used exclusively for tagging vlan frames and dose not address network reconvergence following switched network topology changes.
D. It modifies the 802.3 frame header and thus requires that the FCS be recomputed.
E. It is a trunking protocol capable of earring untagged frames.

 

Answer: D E

Explanation

IEEE 802.1Q is the networking standard that supports Virtual LANs (VLANs) on an Ethernet network. It is a protocol that allows VLANs to communicate with one another using a router. 802.1Q trunks support tagged and untagged frames.

If a switch receives untagged frames on a trunk port, it believes that frame is a part of the native VLAN. Also, frames from a native VLAN are not tagged when exiting the switch via a trunk port.

The 802.1q frame format is same as 802.3. The only change is the addition of 4 bytes fields. That additional header includes a field with which to identify the VLAN number. Because inserting this header changes the frame, 802.1Q encapsulation forces a recalculation of the original FCS field in the Ethernet trailer.

Note: Frame Check Sequence (FCS) is a four-octet field used to verify that the frame was received without loss or error. FCS is based on the contents of the entire frame.

Question 9

What are two advantages of Layer 2 Ethernet switches over hubs? (Choose two)

A. decreasing the number of collision domains
B. filtering frames based on MAC addresses
C. allowing simultaneous frame transmissions
D. increasing the size of broadcast domains
E. increasing the maximum length of UTP cabling between devices

 

Answer: B C

Explanation

Hub is considered a layer 1 device. When a packet arrives at one port, it is copied to the other ports without checking the content of that packet.

Switch operates at layer 2. When a packet arrives at one port, it checks in its database (based on MAC address) to see which port it should forward that packet out -> B is correct.

Remember that hubs can only communicate in half duplex mode, which means that a computer can only send data when it is not receiving. Switches can run in full duplex mode, which allows data to be sent and received at the same time. Switches effectively double the speed of the network when compared to hubs -> C is correct.

Switch increases the number of collision domains (which is better) -> A is not correct.

Switch does not have any effect on the size of broadcast domains. When using switch, the size of broadcast domains remain the same -> D is not correct.

Both hub and switch increase the maximum length of UTP cabling between devices so it is not an advantage of switch over hub -> E is not correct.

Question 10

Which command will show the MAC addresses of stations connected to switch ports?

A. show mac-address
B. show arp
C. show table
D. show switchport

 

Answer: B

Explanation

There is no “show mac-address” command. But notice the “show mac-address-table” and “show mac address-table” do exist.

If option A is “show mac-address-table” then both A & B are correct!