CCNA – VLAN Questions
Here you will find answers to VLAN Questions
If you are not sure about VLAN, please read my VLAN tutorial.
Question 1
Refer to the exhibit. A network associate needs to configure the switches and router in the graphic so that the hosts in VLAN3 and VLAN4 can communicate with the enterprise server in VLAN2. Which two Ethernet segments would need to be configured as trunk links? (Choose two)
A. A
B. B
C. C
D. D
E. E
F. F
Answer: C F
Explanation
The link between the switches and the link between switch & router should be configured as trunks. Other links (connected to hosts) should be configured as access links.
Question 2
Which three statements are typical characteristics of VLAN arrangements? (Choose three)
A. A new switch has no VLANs configured.
B. Connectivity between VLANs requires a Layer 3 device.
C. VLANs typically decrease the number of collision domains.
D. Each VLAN uses a separate address space.
E. A switch maintains a separate bridging table for each VLAN.
F. VLANs cannot span multiple switches.
Answer: B D E
Explanation
By default, all ports on a new switch belong to VLAN 1 (default & native VLAN). There are also some well-known VLANs (for example: VLAN 1002 for fddi-default; VLAN 1003 for token-ring…) configured by default -> A is not correct.
To communicate between two different VLANs we need to use a Layer 3 device like router or Layer 3 switch -> B is correct.
VLANs don’t affect the number of collision domains, they are the same -> C is not correct. Typically, VLANs increase the number of broadcast domains.
We must use a different network (or sub-network) for each VLAN. For example we can use 192.168.1.0/24 for VLAN 1, 192.168.2.0/24 for VLAN 2 -> D is correct.
A switch maintains a separate bridging table for each VLAN so that it can send frame to ports on the same VLAN only. For example, if a PC in VLAN 2 sends a frame then the switch look-ups its bridging table and only sends frame out of its ports which belong to VLAN 2 (it also sends this frame on trunk ports) -> E is correct.
We can use multiple switches to expand VLAN -> F is not correct.
Question 3
By default, each port in a Cisco Catalyst switch is assigned to VLAN1. Which two recommendations are key to avoid unauthorized management access? (Choose two)
A. Create an additional ACL to block the access to VLAN 1.
B. Move the management VLAN to something other than default.
C. Move all ports to another VLAN and deactivate the default VLAN.
D. Limit the access in the switch using port security configuration.
E. Use static VLAN in trunks and access ports to restrict connections.
F. Shutdown all unused ports in the Catalyst switch.
Answer: B F
Question 4
Which two benefits are provided by creating VLANs? (Choose two)
A. added security
B. dedicated bandwidth
C. provides segmentation
D. allows switches to route traffic between subinterfaces
E. contains collisions
Answer: A C
Question 5
Which two link protocols are used to carry multiple VLANs over a single link? (Choose two)
A. VTP
B. 802.1q
C. IGP
D. ISL
E. 802.3u
Answer: B D
Explanation
Cisco switches support two trunking protocols 802.1q & ISL. 802.1q is an open standard and is thus compatible between most vendors’ equipment while Inter-Switch Link (ISL) is Cisco proprietary.
Question 6
A switch is configured with all ports assigned to vlan 2 with full duplex FastEthernet to segment existing departmental traffic. What is the effect of adding switch ports to a new VLAN on the switch?
A. More collision domains will be created.
B. IP address utilization will be more efficient.
C. More bandwidth will be required than was needed previously.
D. An additional broadcast domain will be created.
Answer: D
Question 7
Which two statements about the use of VLANs to segment a network are true? (Choose two)
A. VLANs increase the size of collision domains.
B. VLANs allow logical grouping of users by function.
C. VLANs simplify switch administration.
D. VLANs enhance network security.
Answer: B D
Question 8
Cisco Catalyst switches CAT1 and CAT2 have a connection between them using ports Fa0/13. An 802.1Q trunk is configured between the two switches. On CAT1, VLAN 10 is chosen as native, but on CAT2 the native VLAN is not specified. What will happen in this scenario?
A. 802.1Q giants frames could saturate the link.
B. VLAN 10 on CAT1 and VLAN 1 on CAT2 will send untagged frames.
C. A native VLAN mismatch error message will appear.
D. VLAN 10 on CAT1 and VLAN 1 on CAT2 will send tagged frames.
Answer: C
Explanation
A “native VLAN mismatch” error will appear by CDP if there is a native VLAN mismatch on an 802.1Q link. “VLAN mismatch” can cause traffic from one vlan to leak into another vlan.
Question 9
Which two statements describe the Cisco implementation of VLANs? (Choose two)
A. VLAN 1 is the default Ethernet VLAN.
B. CDP advertisements are only sent on VLAN 1002.
C. By default, the management VLAN is VLAN 1005.
D. By default, the switch IP address is in VLAN 1005.
E. VLANs 1002 through 1005 are automatically created and cannot be deleted.
Answer: A E
Question 10
What are three advantages of VLANs? (Choose three)
A. VLANs establish broadcast domains in switched networks.
B. VLANs utilize packet filtering to enhance network security.
C. VLANs provide a method of conserving IP addresses in large networks.
D. VLANs provide a low-latency internetworking alternative to routed networks.
E. VLANs allow access to network services based on department, not physical location.
F. VLANs can greatly simplify adding, moving, or changing hosts on the network.
Answer: A E F
do vlans break up collision domains as well as broadcast domains? If not, why not?
@shannon: Each port on a switch is a collision domains. Each collision domain only has 1 host inside and it is the minimum number. VLANs can’t break up collision domains anymore.
9tut – “Each collision domain only has 1 host inside” is not totally accurate, especially in the real world. If another hub/switch is connected than all hosts on that port are in the same collision domain.
@JerseyMike: Of course a hub can create a larger collision domain. In this question I just want to mention that VLAN doesn’t break up collision domains.
Cool, Thanks 9tut for all you do on this board. A wealth of information!
Could someone give me a explenation on question 6? Didnt understand that one, rest of it was okey.
Which two benefits are provided by creating VLANs? (Choose two)
A. added security
B. dedicated bandwidth
C. provides segmentation
D. allows switches to route traffic between subinterfaces
E. contains collisions
Why answer C? I don’t understand ,Plz help me
because using VLANS, you can segment multiple ports in one and they behave like one separate
broadcast domain…
question 8 – i think that the answer is B. the traffic will leak into vlan1 and vlan 10 respectively.
I was a little confused by some wording in Q2 “E. A switch maintains a separate bridging table for each VLAN.” I guess this is a way of say Per VLAN Spanning. Tree
Q2.. i believe when the question refers to seperate bridiging table it refers to mac-address table? then when u type in show mac-address-table command then it will show u all vlans.. so E would be wrong.. becaulse all vlans use the same bridging table.. now vlans typically decreases collision domains.. the term is called Microsegmentation.. my best answer for Q2 is BCD..
Q6.
Add ports to VLAN increases collision domains and not increases broadcast domains. Can you explain me?
Hi Cladio,
adding VLAN will increase Broadcast domain, coz that’s the reason why we add VLAN is to provide segmentation, add security and increase the broadcast domain.
To Claudio from Chile: Adding VLAN – will decrease _a size_ of the broadcast domain but increase _an amount_ broadcast domains.
All port on the switch – already is a separate collision domains. So right answer will be “D”.
Hi, Appreciate if someone could send me the latest dumps at treepanel.ken@hotmail.com , i plan to take the exams at the end of sep.
Thanks.
claudio
for example:
You have a switch with 24 ports. by default they all belong to VLAN1 which is 1 broadcast domain.
So Vlan1 has 24 host therefore: has a large “size” of broadcast domain.
If we add vlan2 and enroll 12 ports to vlan2. we increased the number of broadcast domain to 2. and decreased the size of each broadcast domain to 12.
as you add a vlan and enroll a port to it, the more broadcast domain you create hence decrease the size or weight of the broadcast domain.
ask away please.. (“,)
@ anyone can u send me the latest CCNA actual exam?
please send it to sab3001@hotmail.com
Appreciate anyone who will share it. Thanks!
What are three advantages of VLANs? (Choose three)
Isnt this an answer ->
C. VLANs provide a method of conserving IP addresses in large networks.
VLANs need subnetting – every vlan needs to be created on a separate subnet – so should that not help in conserving ip addresses ?
@Q.10: VLANs are not used to converse IP address. In fact, we can use private IP to communicate among hosts in a big company (for example we can use private network 10.0.0.0/8 which can give tons of subnets) so it is not a trouble.
Hi,question no 3 .we can use A,D options for better,it is not can you any one explain me,why not?
Hai all,In Qustion no 10.In B ,they haven packet thats why he is not taking the advantage acc.instead that vlans provide security also.
if Broad cast domain increses is it really advantage in network.
can one explain me.
Q2. Option E. A switch mentains a seperate bridging table for each VLAN.
And the explanation reads: A switch mentains a seperate bridging table for each vlan so that it can send frame to ports on the same VLAN only. For example, if a PC in VLAN 2 sends a frame, the switch looks-up its bridging table and sends frame out of its ports which belong to VLAN 2.(It also send this frame on trunk ports)
So for instance, to prove this theory in exam: A “show mac address-table” A “show vlan” and A “show interface trunk” would suffice it.
Anyone care to comment on it. Hope am on the right track. Thanks.
can anyone please clarify question no. 4…Although the answers to it are A and C, Doesn’t E also qualify because if collisions will occur in a particular VLAN, it will not propagate to the entire internetwork but will be contained in the vlan from which it originated from…
which of these statements regarding 802.1q are correct?(choose three)
A 802.1q native vlan frames are untagged by default
B 802.1q trunking ports can also be secure ports
C 802.1q trunks can use 10 Mb/s ethernet interfaces
D 802.1q trunks require full duplex, point-to-pint connectivity
E 802.1q trunks should have native vlans that are the same on both ends
The dumps says A,C and E are the answers….but from my own understanding trunk ports should be at least 100mbps and full duplex…so i think A,D and E are correct. any help please!…..@xallax,9tut or anyone
@ayaj
A 802.1q native vlan frames are untagged by default
true.
“Frames belonging to the native VLAN do NOT carry VLAN tags when sent over the trunk. Conversely, if an untagged frame is received on a trunk port, the frame is associated with the Native VLAN for this port.”
http://en.wikipedia.org/wiki/IEEE_802.1Q
B 802.1q trunking ports can also be secure ports
nope, that only applies to ports in access mode
C 802.1q trunks can use 10 Mb/s ethernet interfaces
sure. they can use ethernet, fastethernet, gigabit, 10 gigabit, a billion gigabit interfaces
D 802.1q trunks require full duplex, point-to-pint connectivity
not necessarily, think of the case when you switch connects to a hub to which N other switches connects.
E 802.1q trunks should have native vlans that are the same on both ends
this one is true, otherwise you get a native vlan mismatch error.
if i recall right, this was also said on one of the cbtnuggets videos…
hope this answers your question :)
@xallax …..yes.thanks
Question 2
Which three statements are typical characteristics of VLAN arrangements? (Choose three)
A. A new switch has no VLANs configured.
B. Connectivity between VLANs requires a Layer 3 device.
C. VLANs typically decrease the number of collision domains.
D. Each VLAN uses a separate address space.
E. A switch maintains a separate bridging table for each VLAN.
F. VLANs cannot span multiple switches.
answer “D” is doubtful if you associates the “bridging table” as the mac-address table..
we all know that ” separate vlans creates their own separate ” address learning, filtering and broadcast but maintaining separate bridging table ( or so mac-address-table) for each vlan not quite sure….
infact i haven’s seen any command to show ” mac-address-table per vlan “vlan-id”” ..
9tut pls verify to the followers.. Thanks..
sorry it’s the letter “E” i’m referring… not “D”
please can any one answer this question
What is a vaild reason for a switch to deny port access to new devices when port security is enabled?
A. The denied MAC addresses have already been learned or configured on another secure interface in the same
VLAN.
B. The denied MAC addresses are statically configured on the port.
C. The minimum MAC threshold has been reached.
D. The absolute aging times for the denied MAC addresses have expired.
@jessy
question has been asked here before, answer is A
@xallax
thanks
Hi..,
What will happen if two servers have the same revision number but different vlan configuration? Which configuration will the switch follow?
thanks 9tut. i have a question, regarding questions with multiple answers. what if a question requires you to choose three, and you were only able to get 2 of 3 correct answers. will there still be a point on the correct answers? also how many questions does the exam consist, and also the point system? appreciate the help here
Even I am confused about Q2 like how switch manages different bridging tables for separate vlans. Please help!!
Thanks!!
i failed the exam second time today. i got an 815. i had the same sims as the first time but a lot more ipv6 questions no on here. does anyone know if i will have the same sims the third time i go?
@daniel, which sims did u have this time round?
@9tut
@all
I have a question.
Can I have differents interface vlan on a layer 2 switch?
I think that this just work with switchs layers 3 for inter-vlan routing, but packet tracer allow you to create more vlans than just vlan 1 and assing an ip address, and turn it on …
I’m a little confuse…
i want understand this terms ( collision domain – broadcast domain – segmentation )
@Liss: For layer 2 switch you can only create 1 logical interface vlan for management purpose. If you create another interface vlan, the previous interface vlan will be turned off.
@anonymous
collision domain:
all the network devices that share the same medium to transmit and receive data.
example:
1 pc – 1 switch port
3 pc – 1 hub
2 pc and 1 printer – 1 hub
broadcast domain:
all the network devices that will receive broadcasts in a particular network. in other words “everyone that is part of this network or subnetwork”.
example:
3 pc – 1 hub – 1 router
2 pc and 1 printer – 1 switch
2 pc – 1 switch
1 pc – 1 router
segmentation:
this is done by using switches to create more collision domains (by assigning the switch ports to more devices) or by creating VLANs (more broadcast domains)
I have a question that a host connected to a switch has a MAC address and the switch port to which its connected also has the MAC address???so what Mac address is used to forward the traffic??
@cisco craze
i’ve tested this in packet tracer with “show arp” on router and “arp -a” on hosts…
the MAC address of host is used. is this right?
i am planning to give CCNA in NOV. please any one has latest dumps than please send me.
help me for exam nikunj_ec09@yahoo.com nec.nikunj@gmail.com
How manu cuestion are in CCNA EXAM for VLAN ??
for example 1, or 2 or 3 ??
Q6
A switch is configured with all ports assigned to vlan 2 with full duplex FastEthernet to segment existing departmental traffic. What is the effect of adding switch ports to a new VLAN on the switch?
A. More collision domains will be created.
B. IP address utilization will be more efficient.
C. More bandwidth will be required than was needed previously.
D. An additional broadcast domain will be created.
why not A????
@manila
ports 1, 2, 3, 4, 5 are all the ports
ports 1-5 are in VLAN 2
how many collision domains? 5
add port 1 and 3 to VLAN 7
how many collision domains? still 5 :)
can anyone tell me if you re-take the exam after 8 days as specified.how will exam look like?
Please please can someone send me the latest dumps, am taking the exam at the end of next week (12th Nov) Very Grateful- Rob
can you explain native Vlan
@shew
morning
read here please:
http://en.wikipedia.org/wiki/IEEE_802.1Q#Trunk_ports_and_the_native_VLAN
thank you