CCNA – Switch Questions 3
Here you will find answers to Switch Questions – Part 3
Question 1
Which of the following are true regarding bridges and switches? (Choose two)
A. Bridges are faster than switches because they have fewer ports.
B. A switch is a multiport bridge.
C. Bridges and switches learn MAC addresses by examining the source MAC address of each frame received.
D. A bridge will forward a broadcast but a switch will not.
E. Bridges and switches increase the size of a collision domain.
Answer: B C
Question 2
Which two commands correctly verify whether port security has been configured on port FastEthernet 0/12 on a switch? (Choose two)
A. SW1# show switchport port-security interface FastEthernet 0/12
B. SW1# show switchport port-secure interface FastEthernet 0/12
C. SW1# show port-security interface FastEthernet 0/12
D. SW1# show running-config
Answer: C D
Explanation
We can verify whether port security has been configured by using the “show running-config” or “show port-security interface ” for more detail. An example of the output of “show port-security interface ” command is shown below:
Question 3
Assuming the default switch configuration which vlan range can be added modified and removed on a Cisco switch?
A. 2 through 1001
B. 1 through 1001
C. 1 through 1002
D. 2 through 1005
Answer: A
Explanation
VLAN 1 is the default VLAN on Cisco switch. It always exists and can not be added, modified or removed.
VLANs 1002-1005 are default VLANs for FDDI & Token Ring and they can’t be deleted or used for Ethernet.
Question 4
Refer to the exhibit. This command is executed on 2960Switch:
2960Switch(config)# mac-address-table static 0000.00aa.aaaa vlan 10 interface fa0/1
Which two of these statements correctly identify results of executing the command? (Choose two)
A. Port security is implemented on the fa0/1 interface.
B. MAC address 0000.00aa.aaaa does not need to be learned by this switch.
C. Only MAC address0000.00aa.aaaa can source frames on the fa0/1 segment.
D. Frames with a Layer 2 source address of 0000.00aa.aaaa will be forwarded out fa0/1.
E. MAC address 0000.00aa.aaaa will be listed in the MAC address table for interface fa0/1 only.
Answer: B E
Explanation
The above command adds the MAC address 0000.00aa.aaaa to the MAC address table of the switch. This is called static MAC address. Static addresses have the following characteristics:
* Static addresses will not be removed from the address table when a given interface link is down.
* Static addresses are bound to the assigned interface and will not be moved. When a static address is seen on another interface, the address will be ignored and will not be written to the address table.
* A static address cannot be learned on another port until the address is removed with the no form of this command.
Static MAC address is not a Port Security feature -> A is not correct.
If the MAC address 0000.00aa.aaaa is seen again (on fa0/1 or other ports), it does not need to be learned because it already exists in the MAC address table of the switch -> B is correct.
Although configured with a static MAC address, switch can still learn other MAC addresses dynamically -> C is not correct.
Frames with a Layer 2 destination address (not source address) of 0000.00aa.aaaa will be forwarded out fa0/1 -> D is not correct.
Question 5
Which set of commands is recommended to prevent the use of a hub in the access layer?
A.
switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security maximum 1
B.
switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security mac-address 1
C.
switch(config-if)#switchport mode access
switch(config-if)#switchport port-security maximum 1
D.
switch(config-if)#switchport mode access
switch(config-if)#switchport port-security mac-address 1
Answer: C
Explanation
Port security is only used on access port (which connects to hosts) so we need to set that port to “access” mode, then we need to specify the maximum number of hosts which are allowed to connect to this port -> C is correct.
Note: If we want to allow a fixed MAC address to connect, use the “switchport port-security mac-address ” command.
Question 6
A Catalyst 2950 needs to be reconfigured. What steps will ensure that the old configuration is erased? (Choose three)
A. Erase flash.
B. Restart the switch.
C. Delete the VLAN database.
D. Erase the running configuration.
E. Erase the startup configuration.
F. Modify the configuration register.
Answer: B C E
Question 7
The network administrator has discovered that the power supply has failed on a switch in the company LAN and that the switch has stopped functioning. It has been replaced with a Cisco Catalyst 2950 series switch. What must be done to ensure that this new switch becomes the root bridge on the network?
A. Lower the bridge priority number.
B. Change the MAC address of the switch.
C. Increase the VTP revision number for the domain.
D. Lower the root path cost on the switch ports.
E. Assign the switch an IP address with the lowest value.
Answer: A
Question 8
Which two of these are characteristics of the 802.1Q protocol? (Choose two)
A. It is a layer 2 messaging protocol which maintains vlan configurations across network.
B. It includes an 8-bit field which specifies the priority of a frame.
C. It is used exclusively for tagging vlan frames and dose not address network reconvergence following switched network topology changes.
D. It modifies the 802.3 frame header and thus requires that the FCS be recomputed.
E. It is a trunking protocol capable of earring untagged frames.
Answer: D E
Explanation
IEEE 802.1Q is the networking standard that supports Virtual LANs (VLANs) on an Ethernet network. It is a protocol that allows VLANs to communicate with one another using a router. 802.1Q trunks support tagged and untagged frames.
If a switch receives untagged frames on a trunk port, it believes that frame is a part of the native VLAN. Also, frames from a native VLAN are not tagged when exiting the switch via a trunk port.
The 802.1q frame format is same as 802.3. The only change is the addition of 4 bytes fields. That additional header includes a field with which to identify the VLAN number. Because inserting this header changes the frame, 802.1Q encapsulation forces a recalculation of the original FCS field in the Ethernet trailer.
Note: Frame Check Sequence (FCS) is a four-octet field used to verify that the frame was received without loss or error. FCS is based on the contents of the entire frame.
Question 9
What are two advantages of Layer 2 Ethernet switches over hubs? (Choose two)
A. decreasing the number of collision domains
B. filtering frames based on MAC addresses
C. allowing simultaneous frame transmissions
D. increasing the size of broadcast domains
E. increasing the maximum length of UTP cabling between devices
Answer: B C
Explanation
Hub is considered a layer 1 device. When a packet arrives at one port, it is copied to the other ports without checking the content of that packet.
Switch operates at layer 2. When a packet arrives at one port, it checks in its database (based on MAC address) to see which port it should forward that packet out -> B is correct.
Remember that hubs can only communicate in half duplex mode, which means that a computer can only send data when it is not receiving. Switches can run in full duplex mode, which allows data to be sent and received at the same time. Switches effectively double the speed of the network when compared to hubs -> C is correct.
Switch increases the number of collision domains (which is better) -> A is not correct.
Switch does not have any effect on the size of broadcast domains. When using switch, the size of broadcast domains remain the same -> D is not correct.
Both hub and switch increase the maximum length of UTP cabling between devices so it is not an advantage of switch over hub -> E is not correct.
Question 10
Which command will show the MAC addresses of stations connected to switch ports?
A. show mac-address
B. show arp
C. show table
D. show switchport
Answer: B
Explanation
There is no “show mac-address” command. But notice the “show mac-address-table” and “show mac address-table” do exist.
If option A is “show mac-address-table” then both A & B are correct!
I am looking at S3 packet tracer ch9.2.1.5. interface fa0/24 is trunking — as show interface trunk show us — then I use show port-security interface fa0/24 — port security is disabled and port status is secure-down then I look at fa0/23 and I see that: port security is enabled and port status is secure-up
show port-security is q2 — Here is another show command that I am not familiar with — I am looking at these commands — trying to learn them
Thanks GOD I passed the CCNA exam now with 920
the labs were ACL + EIGRP +5th grouped lab
the valid dumpe is actual test version 9.4
thank you 9tut
q10..i think the answer is a not sh arp..show arp doesnt show the ports where the stations are connected..besides the sh mac-add/sh mac add are accepted in pkt tracer..just dont know in real switches
q10.
using sho arp on a switch will only show you the IP Address associated to a certain MAC address..it will not show you “the MAC addresses of stations connected to switch ports”
——————————————————————
#sho arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 172.17.10.54 17 0018.fea0.e064 ARPA Vlan100
Internet 172.17.10.51 4 0800.3787.b1de ARPA Vlan100
Internet 172.17.10.50 6 0800.379e.2f8f ARPA Vlan100
Internet 172.17.10.40 2 b499.ba5c.2b04 ARPA Vlan100
Internet 172.17.10.4 5 e840.40d1.7e41 ARPA Vlan100
——————————————————————
“show mac-address” is short for “show mac-address-table”, so I think this is the correct answer.
——————————————————————
#sho mac-address-table
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
1 588d.0904.8a70 DYNAMIC Fa0/47
1 b4a4.e35b.ab1a DYNAMIC Fa0/48
100 0000.aab6.574c STATIC Fa0/20
100 0000.aac6.732b STATIC Fa0/42
100 001e.0b0f.284e DYNAMIC Fa0/48
——————————————————————
The output above are from a 3560 switch.
about Q10 :
it is obvious that Show ARP is not correct answer because this command show ” binding between IP address and MAC address ” . it does not show any thing on a layer 2 switch with default configuration because layer 2 switch can not understand IP address .
@saieed
saieed the point of the question is how you will know the mapping of mac-address and Ip address. so the correct answes is sh ip arp.
the choices in Q10 is incomplete..the command must be “sh ip arp”
Question 10
Answer is: A
Because in switch 2960 “sh mac-address” cmd accepted.
pz explain Q-5
Question 5
Which set of commands is recommended to prevent the use of a hub in the access layer?
A.
switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security maximum 1
B.
switch(config-if)#switchport mode trunk
switch(config-if)#switchport port-security mac-address 1
C.
switch(config-if)#switchport mode access
switch(config-if)#switchport port-security maximum 1
D.
switch(config-if)#switchport mode access
switch(config-if)#switchport port-security mac-address 1
you are consider for this question prevent the use of a hub
I thing this question should be used to only mac address because I assume to used on interface maximum 1 so simply access to the hub but only used to mac address is should be deny.
my reason for – example for i used to switch in a particular port is one so i connected to my hub that particular switch port. so i thing the switch is used to maximum 1 command, this switch simply access to hub but i used to mac address command should be deny
Whoever PLEASE tell me RIGHT OR WRONG
i very exception for your explanation
Thanks 9tut!=D
q10, answer is show mac-address because the switch will auto complete this command to show mac-address-table. show arp doesn’t work.
Q10 – 9tut and Xallax, please correct Q10
Answer is sh mac address or sh mac-address (depending on the switch IOS)
Sh arp is not correct
Refer posting above from Tester Aptil 7 on a 3560
Refer my testing on my own 2950-48 switch below
AUWAGSW1#sh mac ?
access-group MAC access-group
address-table MAC forwarding table
AUWAGSW1#sh mac address-table
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
All 0009.e8e9.3940 STATIC CPU
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0100.0cdd.dddd STATIC CPU
1 0009.e8ea.0981 DYNAMIC Fa0/1
1 0009.e8ea.0c83 DYNAMIC Fa0/3
1 0009.e8ea.0cb1 DYNAMIC Gi0/1
1 000c.3104.2003 DYNAMIC Fa0/6
1 0010.a47c.1b14 DYNAMIC Fa0/45
Total Mac Addresses for this criterion: 9
AUWAGSW1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.10.10.50 0 0010.a47c.1b14 ARPA Vlan1
Internet 10.10.10.240 – 0009.e8e9.3940 ARPA Vlan1
Cheers
Alan
Q2\6 was in my exam today
@AlantheAussie
Regarding the Q10 its looking for Mac address Connected hosts. The term “switch port” mean connected to this switch- not switch port names. You should ignore the “port” here. It is typical cisco style confusing straightforward thing get ready for the challenge. The author is trying to trick you bcos show mac-address-table is the correct command. how ever that answer is not a choice and the next best choice would be “show arp” command.
In Cisco IOS version higher than 12.1 the command show mac-address-table has been replace with show mac address-table.
Hi all, I am taking CCNA 640-802 exam first time on 30/05/2012. Could anyone please send me latest dumps which are valid for UK? My e-mail address is puneet_gill84@yahoo.co.uk. Many thanks.
About Q10
A. show mac-address may be correct but it is an incomplete command. Show mac-address table or show mac address-table is the complete one.
B. show arp is the best answer because it is a complete command.
Remember that CCNA recognizes the more complete commands rather the shortcuts. So, Im going with B. show arp.
I’m taking the exam this June. Hope I’ll pass it.
God bless!
q10—- tricky — yes show arp is not a command I would normally think to use — I would look at the shortcut for show mac address table and choose it because I was trying to be fast
Please go to faqs and tips and not ask for the latest dumps!!!
@NiceGuy and @ irvin704
Thanks for your reponses and I do agree if the word “ports” is removed from the question then the answer is very clear – “B”. In the REAL world sh mac-address does work as I’ve tested it on my WS-3750 but I guess in Cisco’s world they don’t like abreviations at the CCNA level.
Good luck irvin704 with your exam attempt.
Cheers.
I PASSED CCNA EXAM TODAY THANKS TO ALL MIGHTY ALLAH
960/1000
Q10 Wrong
This is output from my real router, i have it at home.
9tut right show mac-address is not full command, but Switch accepted it. And we can see to which switch port mac address belong to. But sh arp will give us only mac-address list No ports.
S1#sh arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 10.10.10.2 – 000d.2850.c900 ARPA Vlan1
S1#sh mac-address
Mac Address Table
——————————————-
Vlan Mac Address Type Ports
—- ———– ——– —–
All 000d.2850.c900 STATIC CPU
All 0100.0ccc.cccc STATIC CPU
All 0100.0ccc.cccd STATIC CPU
All 0100.0cdd.dddd STATIC CPU
1 0015.9989.5618 DYNAMIC Fa0/9
1 0025.11cb.bb58 DYNAMIC Fa0/9
1 0026.44ed.0fe6 DYNAMIC Fa0/9
1 0026.ab48.4832 DYNAMIC Fa0/9
1 0226.44ed.0fe6 DYNAMIC Fa0/9
1 148f.c611.f1af DYNAMIC Fa0/9
1 28e0.2ccf.3214 DYNAMIC Fa0/9
1 5855.caf3.bcf1 DYNAMIC Fa0/9
1 7c11.be14.c354 DYNAMIC Fa0/9
1 8ca9.8215.4e2a DYNAMIC Fa0/9
1 e02a.82ab.8078 DYNAMIC Fa0/9
1 e806.8879.20d0 DYNAMIC Fa0/9
1 f0b4.7917.9197 DYNAMIC Fa0/9
Total Mac Addresses for this criterion: 17
S1#
I passed my ccna exam today Praise be to God! Thank you Jesus! and thanks to 9TUT for the tutorials and explanations, great site and thanks to xallax for your explanations to questions and thanks to http://www.examcollection.com for the dumps. Pls guys lets donate and help to keep this site up!
48 ques for exams including 3 simulation, I had EIGRP, Acesslist2 and VTP. Make sure the practice the simulation, use packet tracer or gns3. Best wishes to all!
also think that correct answer Q10 is a.
sh arp shows nothing if switch menegment interface and host jn switch port are in different vlans and subnets.
Question 10 is in correct.. because of the following:
Show arp will show the default gateway of the switch.
A real practice of the command:
- show arp shows the DG: http://grab.by/emDq
- “show mac-address” is a command and it’s the short of “show mac-address-table”.. switches do understand this command: http://grab.by/emDw
please correct it so no one will get confused when they read the question.
sorry for the first line.. it’s “Question 10 is NOT correct.”
btw, I am not a spammer, grab.by (TinyGrab) is a free screenshots uploading service and you can have an account on it. this is not an advertisement but I just want to clear things out :)
Hi,
I passed CCNA 640-801 in Oct 2007 which got expired in Oct 2010. I want to recertify, can somebody tell me if you know for sure that whether I can just write ICND2 or higher level exam like CCNP ROUTE 642-902 to proceed for CCNP or I have to write CCNA 640-802 (alternatively ICND1 + ICND2) in order to proceed for CCNP?
Thanks
Question 8
Maybe
E. It is a trunking protocol capable of CARRYING untagged frames.
???
@9tut: Please correct me if I’m wrong here…. This is regarding question 10.
My explanation in support of answer A:
sw#show mac-address-table
sw#show mac address table
sw#show mac-address
sw#show mac address
will all result int the same output as the IOS will accept all forms of it to show the mac address table…. So I think option A is correct here…. Please let me know what you say…
@9tut: Also, in connection to my above said comment, please read this as well….
“show arp” will only show the IP (or layer 3 addresses like IPv6, Appletalk, IPX etc) to MAC address bindings, but to see the MAC address to port bindings we will have to use “show mac-address-table”, or as in this case, the “show mac-address” command.
It may be a case when the switch is contacted via the management VLAN and it does not have the required entry for this communication in it’s arp table…. So the switch will carry out an arp resolution in it’s broadcast domain (and if the communicating device resides on the same VLAN but on a different switch connected to our target switch via a trunk), the switch will get the arp reply with a layer 2 address of the originating host, but then, in this case, the originating host is not attached to our target switch.
So to know the addresses of the devices attached to our switch, we will have to issue the show mac-address-table or simply show mac-address command which will be accepted by the switch IOS.
Thanks, and plase let me know if I’m being wrong here…. Thanks once again for this wonderful site!
@Bharat: Yes, in fact answer A is not a bad choice. In the old day the command “show-mac-address-table” was popularly used and it gave us the MAC addresses of stations connected to switch ports. But today maybe Cisco wants to replace this command by the “show mac address-table”, which makes the “show mac-address” invalid.
To be honest, I am not sure about this question in the Cisco exam. But in real life, I will definitely choose A as the best answer.
Thanks 9tut…. My exam’s on 19th this month… Your website has surely helped me build my confidence and strategy…. Thanks so much once again! :)
@9tut in response to @bharat….
“To be honest, I am not sure about this question in the Cisco exam. But in real life, I will definitely choose A as the best answer.”
Thanks for the above line…logically ‘A’ is the best answer but then theoretically especialy in cisco multiple choice exam, ‘B’ is more of the book than ‘A’…so i wil go for B in the exam
Thanks 9tut
sir
i am preparing ccna exam……i have problem with switch labs bcz of simulator
packet tracer does support all labs.
plz any one send me any simulator and ccna dumps………
my email id ……….a_khan3184@yahoo.com
Given that Host A and Host B are in different networks. When Host A is trying to communicate with
Host B, which step will Host A take first?
A. Send a TCP SYN and wait for the SYN ACK with the IP address of Host B.
B. Drop the data.
C. Create an ARP request to get a MAC address for Host B.
D. Send the data frames to the default gateway.
Some dumps have this answer along with the explanation:
Answer: C
Explanation:
This question is to examine the ARP working principle.
When Host A doesn’t know the MAC address of Host B, the ARP request will be broadcast so that all hosts on the LAN can see this request.
If the IP is not local, the router will check its routing table to see whether there is a route to the destination network. If there is, the router will reply with its own MAC address.
So C is correct.
And Some dumps as Xallax say it’s the following answer with explanation (Which I agree with):
Answer is D
Because the hosts are on different networks and there’s no need to know the destination MAC (no need for ARP request), so it will send it to the default gateway. Moreover, host A & B are on DIFFERENT networks.
We use ARP to resolve MAC addresses on the SAME network LAN.
Can anyone Clarify Please. thanx
@MalikCCNA: You can read this question here (Q5): http://www.9tut.com/ccna-tcpip-model-operation
thanks 9tut.
Means my explanation is clear.:)
Is context-sensitive help allowed in Cisco simulation lab exam? Thanks
Please any one send me , the latest dumps for CCNA magednasr@mail.com
Q 3 was in my exam on aug 2012
9tut please.
I just want to clarify Q7. I think answer d is more appropriate (path cost).
Please clarify.
Thanks.
9tut please.
Q10. Would you finally take answer a or d in the exam.
Thanks.
sorry I meant answer a or b for Q10.
Thanks
@mina: You should choose “show arp” for this question.
Thanks 9Tut.
how about Q7. I think answer d is more appropriate (path cost).
Please clarify.
Thanks.
DID IT!!…907…thx 9tut!!!!..CCNA certified….tons of questions from this site…read from top to bottom every question, because you will not know what pops up…q3, and 8 on exam….good luck to all…can’t stress enough…read EVERY question on this site…
Q10 set up a switch using packet tracer or real equipments in a lab environment. test both command u will conclude upon completion of the exercise. the rite ans for Q10 is A. show mac-address ……… complete or not the switch will give u the expected result.
thank. always have have confidence whn making ur pts
Thanks a lot 9tut………
can anyone plz give me answer of this qus. with reason ??
Qus. refer to exhibit wht can b determined from output ?
router#sh ip arp
protocol address age(min) hardware add. type interface
internet 192.168.1.1 – ca00-17d0-0008 ARPA f0/0
internet 192.168.3.1 – ca00-17d0-0008 ARPA f0/0
internet 192.168.1.2 0 ca00-17d0-0008 ARPA f0/0
in pass4sure answer is “B” i dint understand this qus.
plz explain me …if anyone know the resn for it!!