CCNA – VLAN Questions
Here you will find answers to VLAN Questions
If you are not sure about VLAN, please read my VLAN tutorial.
Question 1
Refer to the exhibit. A network associate needs to configure the switches and router in the graphic so that the hosts in VLAN3 and VLAN4 can communicate with the enterprise server in VLAN2. Which two Ethernet segments would need to be configured as trunk links? (Choose two)
A. A
B. B
C. C
D. D
E. E
F. F
Answer: C F
Explanation
The link between the switches and the link between switch & router should be configured as trunks. Other links (connected to hosts) should be configured as access links.
Question 2
Which three statements are typical characteristics of VLAN arrangements? (Choose three)
A. A new switch has no VLANs configured.
B. Connectivity between VLANs requires a Layer 3 device.
C. VLANs typically decrease the number of collision domains.
D. Each VLAN uses a separate address space.
E. A switch maintains a separate bridging table for each VLAN.
F. VLANs cannot span multiple switches.
Answer: B D E
Explanation
By default, all ports on a new switch belong to VLAN 1 (default & native VLAN). There are also some well-known VLANs (for example: VLAN 1002 for fddi-default; VLAN 1003 for token-ring…) configured by default -> A is not correct.
To communicate between two different VLANs we need to use a Layer 3 device like router or Layer 3 switch -> B is correct.
VLANs don’t affect the number of collision domains, they are the same -> C is not correct. Typically, VLANs increase the number of broadcast domains.
We must use a different network (or sub-network) for each VLAN. For example we can use 192.168.1.0/24 for VLAN 1, 192.168.2.0/24 for VLAN 2 -> D is correct.
A switch maintains a separate bridging table for each VLAN so that it can send frame to ports on the same VLAN only. For example, if a PC in VLAN 2 sends a frame then the switch look-ups its bridging table and only sends frame out of its ports which belong to VLAN 2 (it also sends this frame on trunk ports) -> E is correct.
We can use multiple switches to expand VLAN -> F is not correct.
Question 3
By default, each port in a Cisco Catalyst switch is assigned to VLAN1. Which two recommendations are key to avoid unauthorized management access? (Choose two)
A. Create an additional ACL to block the access to VLAN 1.
B. Move the management VLAN to something other than default.
C. Move all ports to another VLAN and deactivate the default VLAN.
D. Limit the access in the switch using port security configuration.
E. Use static VLAN in trunks and access ports to restrict connections.
F. Shutdown all unused ports in the Catalyst switch.
Answer: B F
Question 4
Which two benefits are provided by creating VLANs? (Choose two)
A. added security
B. dedicated bandwidth
C. provides segmentation
D. allows switches to route traffic between subinterfaces
E. contains collisions
Answer: A C
Question 5
Which two link protocols are used to carry multiple VLANs over a single link? (Choose two)
A. VTP
B. 802.1q
C. IGP
D. ISL
E. 802.3u
Answer: B D
Explanation
Cisco switches support two trunking protocols 802.1q & ISL. 802.1q is an open standard and is thus compatible between most vendors’ equipment while Inter-Switch Link (ISL) is Cisco proprietary.
Question 6
A switch is configured with all ports assigned to vlan 2 with full duplex FastEthernet to segment existing departmental traffic. What is the effect of adding switch ports to a new VLAN on the switch?
A. More collision domains will be created.
B. IP address utilization will be more efficient.
C. More bandwidth will be required than was needed previously.
D. An additional broadcast domain will be created.
Answer: D
Question 7
Which two statements about the use of VLANs to segment a network are true? (Choose two)
A. VLANs increase the size of collision domains.
B. VLANs allow logical grouping of users by function.
C. VLANs simplify switch administration.
D. VLANs enhance network security.
Answer: B D
Question 8
Cisco Catalyst switches CAT1 and CAT2 have a connection between them using ports Fa0/13. An 802.1Q trunk is configured between the two switches. On CAT1, VLAN 10 is chosen as native, but on CAT2 the native VLAN is not specified. What will happen in this scenario?
A. 802.1Q giants frames could saturate the link.
B. VLAN 10 on CAT1 and VLAN 1 on CAT2 will send untagged frames.
C. A native VLAN mismatch error message will appear.
D. VLAN 10 on CAT1 and VLAN 1 on CAT2 will send tagged frames.
Answer: C
Explanation
A “native VLAN mismatch” error will appear by CDP if there is a native VLAN mismatch on an 802.1Q link. “VLAN mismatch” can cause traffic from one vlan to leak into another vlan.
Question 9
Which two statements describe the Cisco implementation of VLANs? (Choose two)
A. VLAN 1 is the default Ethernet VLAN.
B. CDP advertisements are only sent on VLAN 1002.
C. By default, the management VLAN is VLAN 1005.
D. By default, the switch IP address is in VLAN 1005.
E. VLANs 1002 through 1005 are automatically created and cannot be deleted.
Answer: A E
Question 10
What are three advantages of VLANs? (Choose three)
A. VLANs establish broadcast domains in switched networks.
B. VLANs utilize packet filtering to enhance network security.
C. VLANs provide a method of conserving IP addresses in large networks.
D. VLANs provide a low-latency internetworking alternative to routed networks.
E. VLANs allow access to network services based on department, not physical location.
F. VLANs can greatly simplify adding, moving, or changing hosts on the network.
Answer: A E F
@MANILA: Vlans and routers span about broadcast domains and switch with default vlan spans collision domains
VLAN have nothing to do with collision domain but broadcast domain, it increase the number of broadcast domains
Q 10) What are three advantages of VLANs? (Choose three)
option B) can also correct , VLANs enhance network security .
option A) should be incorrect ?
@sajid
VLANS do enhance security but option B mentions packet filtering and this is not something VLANS do. VLANs enhance security based on VLAN info in the Frame.
Packet filtering is a layer 3 function so either a router or Multilayer switch.
Cab someone explain to me why the answer is not B.
I think both B and C are possible answers but the question specifically mention 802.1q …they could have just said it was a trunk port…so this makes me think they are looking for a more specific answer.
VLAN mismatch is correct whether the trunks are configured with ISL or 802.1q but B is only correct if they are using dot1q encapsulation which they do state in the question.
Please 9tut explain why C is the better answer.
Thanks
ps got to say this is a great way to learn
Seems a lot of peeps are confused about question 2 answer D. So am I but I will try to give it an explanation.
When I first went through the question I did choose D but the points raised had caused me to doubt the answer.
For one you can do sh mac-address-table vlan # to show bridging table specifically for a vlan.
However you could argue that there is only one CAM table and the above command is only filtering the one table for that specific vlan. Before VLANs the CAM table only had fields like mac address and interface recieved. When VLANs came along another field was added to specify that VLAN to a particular port/mac.
Or maybe when we do a show mac-address-table the switch combines all its different tables and shows us one for simplicity? maybe we should see this a virtual bridging table?
A definition of a bridging table
“…connects network segments and floods frames on all ports except the one it is recieved on for broadcast and unknown unicast frames”
If a switch with multiple vlans had only one bridging table then by its very definition it would not work.
So how am I sure that this is a correct answer…
Simply be taking out all the options that i know for sure are not correct. This method of answering cisco questions is recommended and has worked for me in the past. If cisco want three answers you better give them 3 :-) even though one of the answers may be suspect.
A. A new switch has no VLANs configured X
B. Connectivity between VLANs requires a Layer 3 device.
C. VLANs typically decrease the number of collision domains X
D. Each VLAN uses a separate address space.
E. A switch maintains a separate bridging table for each VLAN.
F. VLANs cannot span multiple switches X
Hope this helps
@zuhud
the native VLAN is used for untagged frames.
what happens when an untagged frame leaves CAT1? it goes out on VLAN10.
what happens when that untagged frame gets to CAT2? it goes to VLAN10.
VLAN10 was not designated on CAT2 for untagged frames and you will get an error.
any one with latest dumps. please forward them to samund49@yahoo.com.
i will appreciate
can u send latest dump also i can’t understand ospf routing part pls send me link that can understand
Thanks surenespan@gmail.com
any chance when I take the exam next week that the sims here, will be on the exam?
in q10 why not select answer no B plz reply me
hi friends im preparing ccna exam.. kindly send me the latest dumps..to anandwin2701@gmail.com
Can you please send me CCNA ICND2 dump at rizeed@gmail.com. PLEASE urgently..
@Anonymous,
Reg, Q10: VLANs will not do L3 packet filtering, thats why “B” is wrong.
hi i am planing to take ccna exam
would any one send to me last version of ccna exam in simulation mode
my yahoo id ahmad_ebeid79@yahoo.cvom
I’m still confused by Q.10
I agree that A and E are correct but F. VLANs can greatly simplify adding, moving, or changing hosts on the network. Answer F is more administrative overhead to move hosts to new or existing vlans. wouldn’t B. VLANs utilize packet filtering to enhance network security be a better answer. Don’t vlans filter traffic based on tagged and untagged frames? Thanks, Also on CCNA – VLAN Questions 2 link the same question is asked but worded differently
Which of the following are benefits of VLANs? (Choose three)
A. They increase the size of collision domains.
B. They allow logical grouping of users by function.
C. They can enhance network security.
D. They increase the size of broadcast domains while decreasing the number of collision domains.
E. They increase the number of broadcast domains while decreasing the size of the broadcast domains.
F. They simplify switch administration.
Answer: B C E
Going by that same idea F would be a valid answer right?
Vlan 20 can’t talk to vlan 30 unless the packet is filtered through a router.
..@9tut…if vlan 3 is not configured and giving command switch port access vlan3 interface
a.it will reject this command
B.it will accept then add vlan 3 newly
whats the answer pls rply..
@ranjita
it will create the new vlan, it will enable the newly created vlan, it will assign the respective interface to that vlan.
3 in 1
@xallax thank u so much
pls every 1 pray 4 me uts my 3rd attempt if i will not pass this time i will die….
Q4
Which two benefits are provided by creating VLANs? (Choose two)
A. added security
B. dedicated bandwidth
C. provides segmentation
D. allows switches to route traffic between subinterfaces
E. contains collisions
can any one tell me what do u mean by providing segmentation and what is advantage of providing segmentation.
@uday
segmentation…
you have this big network, 10.10.10.0/24 on which everyone is connected. if someone were to use a packet sniffer then that person could see all the broadcast traffic, maybe some of the non-broadcast traffic too.
also, everybody can “talk” to everybody. say you have an accounting server that shouldn’t be accessed by anyone. there’s a problem.
if you split that network into several subnets (segment the network) then you add some security as not all the devices will see each other.
also, you can group devices by functions. you can have one subnet for accounting, one for sales, one for front desks and so on.
that’s what segmentation is about: grouping devices by their function.
Hi 9tut… Hi Guys! Can you please help me… I will take exam this Feb. Please send me latest dump so that I will have an idea for the exam.. rico.blake@ymail.com
Thanks Guys!
hie guys got an exam on the 7th of Feb and really need latest dump can u please help me my mail add is nyashacris@gmail.com
Thanx
@ 9tut
I have a topology based on two switches switch A and switch B and a router connected to switch B to facilitate inter-vlan routing
SWITCH A have three hosts connected and so as switch B .All three hosts on switch A and B are vlan 10 ,vlan 20 and vlan 30 respectively .
SWITCH A
IP ADDRESSES 172.20.10.1 vlan 10 DG 172.20.10.4
172.20.20.1 vlan 20 DG 172.20.20.4
172.20.30.1 vlan 30 DG 172.20.30.4
SWITCH B
IP ADDRESSES 172.20.10.2 vlan 10 DG 172.20.10.4
172.20.20.2 Vlan 20 DG 172.20.20.4
172.20.30.2 Vlan 30 DG 172.20.30.4
sub-interfaces 0/0.10 172.20.10.4
0/0.20 172.20.20.4
0/0.30 172.20.30.4
From switch A when i ping any hosts on a different vlan in the same switch A it gets successful .When i ping any other hosts on switch B it does not respond .only hosts in switch A responds to ping among each other even they are on different vlans where as on the switch 2 hosts are only able to ping themselves and not even default gateway.
I have attempted all the steps required to have inter-vlan communication and have made correct links as access or trunks but still no joy .could you please have a look and see if ip addresses scheme is making any difference.
@h: Please upload the file to http://www.certprepare.com/forum I will check the configuration.
Guys, before you do reading @ 9tut, i think its best for you to read CCNA certification guides or any foundational reading for you to understand the concept and the basics.
@ntwrkguy: It is to difficult. The most of people are lazy. )))
@h: Did you assign IP addresses to hosts with help of DHCP? Packet Tracer has a bug. I had this problem too. The best use GNS3 for hands-on labs.
@dims i did not assign it through dhcp .they were statically assigned .I will try GNS3
@9TUT…I have uploaded the file on certprepare as advised please have a look .The tag is “inter-vlan configuration errors” .
Can somebody please email me the latest version of packet tracer as soon you can .you help will be greatly appreciated .
mkdegreat@yahoo.co.uk
@Ranjitha and All
Be very careful when you enter an ACL statement. it doesnot allow you to go back and correct it using the no form if you made a mistake as soon as you hit at the end of the statement
Q7 shouldn’t the answers be BCD?
Which two statements about the use of VLANs to segment a network are true? (Choose two)
A. VLANs increase the size of collision domains.
B. VLANs allow logical grouping of users by function.
C. VLANs simplify switch administration.
D. VLANs enhance network security.
Answer: B D
You are confusing VLAN with VTP…VTP is used to simplify switch administration
Hi 9tut/Friends,
Can you please help me… I will take exam this mid of March. Please send me latest dump so that I will be ready for exam. It’s really good forum and nice information.
Thanks
E-mail address:
mjahan008@gmail.com
can we create diff vlans in a same network address space?
@anonymous
if you subnet that address space, yes. otherwise what’s the point in creating VLANs that represent overlapping subnets?
plus, the router wouldn’t accept the addressing scheme if they were overlapping
Hi, if ne1 could tell me bout the total no of questions n
the time limit of ccna examination, i d b very thankful…..
Plz
@progressive scan
read here: http://www.9tut.com/ccna-faqs-a-tips
Thankz bro \m/
What happens to the member ports of a VLAN when the VLAN is deleted
.
What happens to the member ports of a VLAN when the VLAN is deleted?
.
What happens to the member ports of a VLAN when the VLAN is deleted?
I am not sure , perhapes return to default vlan.
Q.10
Can you explain, where is different Q.10 with http://www.9tut.com/ccna-vlan-questions-2 Q1?
Thnx
@nazty
the question asked is about the same but the given answer option differ. it has to do with words :)
@xallax
But why the given answer option is differ?
@nazty
why do you care about the options? you should care about what they mean.
DO NOT MEMORIZE THE QUESTIONS
DO NOT MEMORIZE THE OPTIONS
master the concepts.