CCNA – Switch Questions 3
Here you will find answers to Switch Questions – Part 3
Question 1
Which of the following are true regarding bridges and switches? (Choose two)
A. Bridges are faster than switches because they have fewer ports.
B. A switch is a multiport bridge.
C. Bridges and switches learn MAC addresses by examining the source MAC address of each frame received.
D. A bridge will forward a broadcast but a switch will not.
E. Bridges and switches increase the size of a collision domain.
Answer: B C
Question 2
Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two)
A. SW1# show switchport port-security interface FastEthernet 0/12
B. SW1# show switchport port-secure interface FastEthernet 0/12
C. SW1# show port-security interface FastEthernet 0/12
D. SW1# show running-config
Answer: C D
Explanation
We can verify whether port security has been configured by using the “show running-config” or “show port-security interface ” for more detail. An example of the output of “show port-security interface ” command is shown below:
Question 3
Assuming the default switch configuration which vlan range can be added modified and removed on a Cisco switch?
A. 2 through 1001
B. 1 through 1001
C. 1 through 1002
D. 2 through 1005
Answer: A
Explanation
VLAN 1 is the default VLAN on Cisco switch. It always exists and can not be added, modified or removed.
VLANs 1002-1005 are default VLANs for FDDI & Token Ring and they can’t be deleted or used for Ethernet.
Question 4
Refer to the exhibit. This command is executed on 2960Switch:
2960Switch(config)# mac-address-table static 0000.00aa.aaaa vlan 10 interface fa0/1
Which two of these statements correctly identify results of executing the command? (Choose two)
A. Port security is implemented on the fa0/1 interface.
B. MAC address 0000.00aa.aaaa does not need to be learned by this switch.
C. Only MAC address0000.00aa.aaaa can source frames on the fa0/1 segment.
D. Frames with a Layer 2 source address of 0000.00aa.aaaa will be forwarded out fa0/1.
E. MAC address 0000.00aa.aaaa will be listed in the MAC address table for interface fa0/1 only.
Answer: B E
Explanation
The above command adds the MAC address 0000.00aa.aaaa to the MAC address table of the switch. This is called static MAC address. Static addresses have the following characteristics:
* Static addresses will not be removed from the address table when a given interface link is down.
* Static addresses are bound to the assigned interface and will not be moved. When a static address is seen on another interface, the address will be ignored and will not be written to the address table.
* A static address cannot be learned on another port until the address is removed with the no form of this command.
Static MAC address is not a Port Security feature -> A is not correct.
If the MAC address 0000.00aa.aaaa is seen again (on fa0/1 or other ports), it does not need to be learned because it already exists in the MAC address table of the switch -> B is correct.
Although configured with a static MAC address, switch can still learn other MAC addresses dynamically -> C is not correct.
Frames with a Layer 2 destination address (not source address) of 0000.00aa.aaaa will be forwarded out fa0/1 -> D is not correct.
Question 5
Which set of commands is recommended to prevent the use of a hub in the access layer?
A.
switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security maximum 1
B.
switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security mac-address 1
C.
switch(config-if)#switchport mode access
switch(config-if)#switchport port-security maximum 1
D.
switch(config-if)#switchport mode access
switch(config-if)#switchport port-security mac-address 1
Answer: C
Explanation
Port security is only used on access port (which connects to hosts) so we need to set that port to “access” mode, then we need to specify the maximum number of hosts which are allowed to connect to this port -> C is correct.
Note: If we want to allow a fixed MAC address to connect, use the “switchport port-security mac-address ” command.
Question 6
A Catalyst 2950 needs to be reconfigured. What steps will ensure that the old configuration is erased? (Choose three)
A. Erase flash.
B. Restart the switch.
C. Delete the VLAN database.
D. Erase the running configuration.
E. Erase the startup configuration.
F. Modify the configuration register.
Answer: B C E
Question 7
The network administrator has discovered that the power supply has failed on a switch in the company LAN and that the switch has stopped functioning. It has been replaced with a Cisco Catalyst 2950 series switch. What must be done to ensure that this new switch becomes the root bridge on the network?
A. Lower the bridge priority number.
B. Change the MAC address of the switch.
C. Increase the VTP revision number for the domain.
D. Lower the root path cost on the switch ports.
E. Assign the switch an IP address with the lowest value.
Answer: A
Question 8
Which two of these are characteristics of the 802.1Q protocol? (Choose two)
A. It is a layer 2 messaging protocol which maintains vlan configurations across network.
B. It includes an 8-bit field which specifies the priority of a frame.
C. It is used exclusively for tagging vlan frames and dose not address network reconvergence following switched network topology changes.
D. It modifies the 802.3 frame header and thus requires that the FCS be recomputed.
E. It is a trunking protocol capable of earring untagged frames.
Answer: D E
Explanation
IEEE 802.1Q is the networking standard that supports Virtual LANs (VLANs) on an Ethernet network. It is a protocol that allows VLANs to communicate with one another using a router. 802.1Q trunks support tagged and untagged frames.
If a switch receives untagged frames on a trunk port, it believes that frame is a part of the native VLAN. Also, frames from a native VLAN are not tagged when exiting the switch via a trunk port.
The 802.1q frame format is same as 802.3. The only change is the addition of 4 bytes fields. That additional header includes a field with which to identify the VLAN number. Because inserting this header changes the frame, 802.1Q encapsulation forces a recalculation of the original FCS field in the Ethernet trailer.
Note: Frame Check Sequence (FCS) is a four-octet field used to verify that the frame was received without loss or error. FCS is based on the contents of the entire frame.
Question 9
What are two advantages of Layer 2 Ethernet switches over hubs? (Choose two)
A. decreasing the number of collision domains
B. filtering frames based on MAC addresses
C. allowing simultaneous frame transmissions
D. increasing the size of broadcast domains
E. increasing the maximum length of UTP cabling between devices
Answer: B C
Explanation
Hub is considered a layer 1 device. When a packet arrives at one port, it is copied to the other ports without checking the content of that packet.
Switch operates at layer 2. When a packet arrives at one port, it checks in its database (based on MAC address) to see which port it should forward that packet out -> B is correct.
Remember that hubs can only communicate in half duplex mode, which means that a computer can only send data when it is not receiving. Switches can run in full duplex mode, which allows data to be sent and received at the same time. Switches effectively double the speed of the network when compared to hubs -> C is correct.
Switch increases the number of collision domains (which is better) -> A is not correct.
Switch does not have any effect on the size of broadcast domains. When using switch, the size of broadcast domains remain the same -> D is not correct.
Both hub and switch increase the maximum length of UTP cabling between devices so it is not an advantage of switch over hub -> E is not correct.
Question 10
Which command will show the MAC addresses of stations connected to switch ports?
A. show mac-address
B. show arp
C. show table
D. show switchport
Answer: B
Explanation
There is no “show mac-address” command. But notice the “show mac-address-table” and “show mac address-table” do exist.
If option A is “show mac-address-table” then both A & B are correct!
At Q8 I D, E are the most “clear” choices.
But at first glance answer C seems equally valid, since indeed 802.1Q deals with tagging VLAN frames mostly.
Except that the 2003 revision of this standard includes MSTP (Multiple Spanning Tree Protocol) which was previously defined in the 802.1s standard.
As we all know all flavors of STP deal with “network reconvergence following switched network topology changes”, thus the second part of the C answer invalidates it as a correct answer.
This is just in case you were wondering (just as I was) why answer C isn’t a valid answer.
What is Q3 all about ,,, plz explain briefly ?
the meaning of the Q isn’t clear to me :(
thnx in advance
Assuming the default switch configuration which vlan range can be added modified and removed on a Cisco switch?
A. 2 through 1001
B. 1 through 1001
C. 1 through 1002
D. 2 through 1005
Check your vlans info…. show vlans
Ans: A is right coz default vlan1 cant be deleted. vlan 2 to onward up until 1001 can be altered or deleted.
B is not correct as it includes the vlan1 which is not removable.
C is not right either as it also includes vlan 1 as well as vlan 1002 which is also a default vlan, 1002 to 1005 are builtin vlans which are not modifiable or erasable
D is not correct also. Though 2 can be modified and deleted but “through 1005″ also includes 1002,1003,1004 and 1005 which are not removable or modifiable.
referring to Q6..
why not erase the flash?
@joy: The flash contains the IOS. If we erase it then the router can not boot normally.
hub = 1 colission domain sw = many collission domain
10- Which command will show the MAC addresses of stations connected to switch ports?
also we can chose show mac-address why not if we apply only the same command it will success and give the correct result
Switch#show mac-address
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
1 0001.649d.2a59 DYNAMIC Fa0/20
1 00d0.ff0b.1801 DYNAMIC Fa0/1
1 00e0.b03b.a1c6 DYNAMIC Fa0/1
“referring to Q6..
why not erase the flash?”
Vlan are stored in vlan.dat file and configurations are stored in NVRAM.
The IOS is stored on the FLASH, delete it bring down your switch.
PS :Am a CCNA Student, excuse me if i made a mistake..
For Q10, in fact show ARP will not show any mac addresses if the PC/host/router connected to that port does not have an IP address. Show arp will only work if the MAC address is linked to an IP address.
I just like to rephrase the explanation for Q9 in justifying that option D is not correct:
“Switch does not have any effect on the size of broadcast domains. When using switch, the size of broadcast domains remain the same.”
Switch does have effect on the size of a broadcast domain. But instead of increasing it, it decreases the size while increasing the number of broadcast domains through the use of VLANs. There is no VLANs in hubs so it is an advantage of switch over hub.
I can’t see how show arp shows the port and mac address association here:
Switch#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 192.168.1.3 0 000A.F371.52B3 ARPA Vlan1
Internet 192.168.1.200 – 0009.7C7C.90E8 ARPA Vlan1
“show mac-address” works because it is a shortcut for “show mac-address-table” but on simulation exam, I think it won’t work because the complete command is “show mac address-table”
@Vanessa: Hint: On sim exam and “show mac?” are working.
Q9:
the whole point of a switch over a hub is to reduce the number of collision domains, so answer
“decreasing the number of collision domains” is a far better one than the very amibiguous answer
“To allow simultaneous frame transmissions”.
answer should be “A”
@shikran Switch do not decrease the number of collision domains but increase them because a port on a switch is a separate collision domain while a hub is a single collision domain.
“To allow simultaneous frame transmissions” is correct because switch works on full duplex unlike hubs which works only in half duplex.
for Q10…answer should be A…not B……isnt it? only A is correct….
REGARDING Q10:
___________
Which command will show the MAC addresses of stations connected to switch ports?
A. show mac-address
B. show arp
C. show table
D. show switchport
—-I tried it on packet tracer the sh mac-addr woorked and sh arp didn’t show any thing it all which is logical as the switch could complete show mac-address command and for the show arp it will only show the mac and ip binding table for what the switch asked about…but the swith will never “arp” about what it is attached to!!
@amira
show arp is the correct command
is the dumb 648 still valid ?????
AMIRA and XALLAX
SH Mac-address and Sh Arp both work and both show MAC addresses of stations connected to switch ports… the question is faulty because of how it is written. but i agree with XALLAX because in theory…. the sh mac-address command is incomplete and does not exist even though the switch recongnises it while the sh arp is a complete command
@ AMIRA
I M AGREE WITH U … SAME THING HAPPENED TO ME …WHEN I TYPE SH ARP ..IT DOESNT SHOW ANYTHNG..BUT SHOW MAC-ADDRESS DOES..SO I THINK ..OPTION A SHOULD BE THE RIGHT ANSWER..
TELL ME IF I WRONG
Show arp worked on Router console:
Router#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 172.22.242.30 – 0002.172B.B702 ARPA FastEthernet0/1
Internet 192.168.33.1 8 0060.2F1A.0AD9 ARPA FastEthernet0/0
Internet 192.168.33.254 – 0002.172B.B701 ARPA FastEthernet0/0
@Dharamjeet Brar
The question is not related to a router, but to a switch. “Show arp” should be wrong. I agree that the command “show mac-address” is incomplete, but the switch does accept it and shows exactly what was asked. If we talk about a layer 3 switch which is configured for routing the story differs a bit regarding the “show arp” command.
Anyway, what does Cisco want as answer? :-)
@9tut @xallax
Q3)Assuming the default switch configuration which vlan range can be added modified and removed on a Cisco switch?
A. 2 through 1001
B. 1 through 1001
C. 1 through 1002
D. 2 through 1005
ans A:
by default vlan 1 is the native vlan. but the native vlan can also be changed to another vlan number using the configuration shown.
int fa0/11
switchport mode trunk
switchport trunk native vlan 99. Here native vlan is changed to 99 from 1.
so the vlan range that can be changed, modified or deleted, so the range has to be from 1-1001 right…
@uday
Switch(config)#no vlan 1
Default VLAN 1 may not be deleted.
you can’t remove that vlan. that’s the reason why A is correct
Hi 9tut… Hi Guys! Can you please help me… I will take exam this Feb. Please send me latest dump so that I will have an idea for the exam.. rico.blake@ymail.com
Thanks Guys!
@xallax
thanks for ur response dud………………
same question as Black Phantome. re: question 6. in addition you wouldnt have to re-start the switch, just reload it………or are we wrong?
@9tut:
Concern regarding Q.10. show arp command is not showing anything. while if we type the same command like A it is consider as full and showing the result.
kindly help me..to take the answer A as it has been shot command for the switch or Answer B.
@Arpti: I suppose answer should be “A. show mac-address”
Switch will recognize this command as a shorten version “show mac-address-table”.
Switches are L2 devices (mostly).
“show arp” never will show MAC addresses of hosts connected to switchports. (if it is a pure L2 switch).
Of course, if we assign IP address to the switch VLAN1 and bring VLAN1 up – “show arp” command will show mapping of L3 address to L2 address for VLAN1.
Regarding Q 10, I will go for “show mac-address” because in real world it will give some response, moreover I have seen someone telling above that short commands do not work in exam Sims, here we are not concerned about exam Sims but we need to give some logical answer.
“show arp” is not correct because we do not know if the switch is connected to any router or there is any IP address assigned to switch.
9tut and Xallax tell me if iam wrong?
@Majid: In my exam shot commands worked very well. “help” and “Tab” worked too.
Q10
I would also go for “show mac-address”!
Thanks to AdyM. It was bugging me why C was not a correct answer. Bit of a trick question that one.
Q8 was there in today’s exam.
plz help me
q10
what best answer A or B :(
@s4cnc
as explained by 9tut, only option B is correct
whats the difference between option A and option B in question # 3?
@achu: VLANs 1 through 1001: means VLANs 1, 2, 3, 4, …, 1000, 1001
VLANs 2 through 1001: means VLANs 2, 3,4,5,…, 1000, 1001
In my opinion this question checks the more an English than knowledge of networking
@achu @dims
also, 9tut explains it clearly: you can’t alter VLAN1 and that’s why the answer is 2~1001
@9TUT
Given that host A and host B are in different networks. When host A is trying to communicate with host B, which step will host A take first?
C. Create and ARP request to get a MAC address for host B.
D. Send the data frames to the default gateway.
Which one is the best answer? Pls. explain me.
Thanks.
@anonymous
answer is D because the hosts are on different networks and there’s no need to know the destination MAC (no need for ARP request)
@xallax
thank you!!
@DimS
you are right!
@qn 10. Im not comfortable with show arp,
but how will i pass if i’ll not write answer B?? let it be B but logically wrong!!
@qns 10. show arp is the right answer.
As here we are discussing about switch, try this command on actual switch not in simulator.
there is no any command like Show mac-address, (it works for some people because router takes short form of command like conf t for – configure terminal).But short form could not work on cisco exam.
Q1.
the answer E should be correct.
by placing bridges, we can divide collision domains….
VLANs 1002-1005 are default VLANs for FDDI & Token Ring and they can’t be deleted or used for Ethernet.
When are VLANs 1002-1005 used to implementation?
Thnx
Why the question 6 answer is B,C,E?
@nazty
they aren’t used, but they are there for legacy purposes.
regarding your second question:
A. Erase flash.
this will clear the IOS, you don’t really want that unless you’re upgrading
B. Restart the switch.
you have to do that to make sure your changes have been saved (clearing the startup-config is a change too)
C. Delete the VLAN database.
“delete vlan.dat” under the privileged mode will do that. this clears the VLANs, vtp mode (sets to server), domain (sets to NULL), password (NULL)
D. Erase the running configuration.
it doesnt matter if you erase the running-config or not because it is stored in RAM and will get erased on reboot anyway
E. Erase the startup configuration.
this one is stored in NVRAM and does not get deleted on reboot. you have to delete it. upon reboot you will be told that there is no startup-config and asked if you like to enter setup mode.
F. Modify the configuration register.
this is done mostly to reset the device password. no need to do this as you are deleting the startup-config (it stores most passwords)
@Xallax
Thank you..
RE: show port-security — in packet tracer — it shows the active access ports — is this true for actual switches? I know that packet tracer can be different. In packet tracer you can show port-security interface fa0/22 — it will show that interface — whether it is an access port or trunk port or shut down — therefore it looks like the better command is show port-security because we may overlook the fact that the interface is trunking or shut down–