CCNA – VLAN Questions
Here you will find answers to VLAN Questions
If you are not sure about VLAN, please read my VLAN tutorial.
Question 1
Refer to the exhibit. A network associate needs to configure the switches and router in the graphic so that the hosts in VLAN3 and VLAN4 can communicate with the enterprise server in VLAN2. Which two Ethernet segments would need to be configured as trunk links? (Choose two)
A. A
B. B
C. C
D. D
E. E
F. F
Answer: C F
Explanation
The link between the switches and the link between switch & router should be configured as trunks. Other links (connected to hosts) should be configured as access links.
Question 2
Which three statements are typical characteristics of VLAN arrangements? (Choose three)
A. A new switch has no VLANs configured.
B. Connectivity between VLANs requires a Layer 3 device.
C. VLANs typically decrease the number of collision domains.
D. Each VLAN uses a separate address space.
E. A switch maintains a separate bridging table for each VLAN.
F. VLANs cannot span multiple switches.
Answer: B D E
Explanation
By default, all ports on a new switch belong to VLAN 1 (default & native VLAN). There are also some well-known VLANs (for example: VLAN 1002 for fddi-default; VLAN 1003 for token-ring…) configured by default -> A is not correct.
To communicate between two different VLANs we need to use a Layer 3 device like router or Layer 3 switch -> B is correct.
VLANs don’t affect the number of collision domains, they are the same -> C is not correct. Typically, VLANs increase the number of broadcast domains.
We must use a different network (or sub-network) for each VLAN. For example we can use 192.168.1.0/24 for VLAN 1, 192.168.2.0/24 for VLAN 2 -> D is correct.
A switch maintains a separate bridging table for each VLAN so that it can send frame to ports on the same VLAN only. For example, if a PC in VLAN 2 sends a frame then the switch look-ups its bridging table and only sends frame out of its ports which belong to VLAN 2 (it also sends this frame on trunk ports) -> E is correct.
We can use multiple switches to expand VLAN -> F is not correct.
Question 3
By default, each port in a Cisco Catalyst switch is assigned to VLAN1. Which two recommendations are key to avoid unauthorized management access? (Choose two)
A. Create an additional ACL to block the access to VLAN 1.
B. Move the management VLAN to something other than default.
C. Move all ports to another VLAN and deactivate the default VLAN.
D. Limit the access in the switch using port security configuration.
E. Use static VLAN in trunks and access ports to restrict connections.
F. Shutdown all unused ports in the Catalyst switch.
Answer: B F
Question 4
Which two benefits are provided by creating VLANs? (Choose two)
A. added security
B. dedicated bandwidth
C. provides segmentation
D. allows switches to route traffic between subinterfaces
E. contains collisions
Answer: A C
Question 5
Which two link protocols are used to carry multiple VLANs over a single link? (Choose two)
A. VTP
B. 802.1q
C. IGP
D. ISL
E. 802.3u
Answer: B D
Explanation
Cisco switches support two trunking protocols 802.1q & ISL. 802.1q is an open standard and is thus compatible between most vendors’ equipment while Inter-Switch Link (ISL) is Cisco proprietary.
Question 6
A switch is configured with all ports assigned to vlan 2 with full duplex FastEthernet to segment existing departmental traffic. What is the effect of adding switch ports to a new VLAN on the switch?
A. More collision domains will be created.
B. IP address utilization will be more efficient.
C. More bandwidth will be required than was needed previously.
D. An additional broadcast domain will be created.
Answer: D
Question 7
Which two statements about the use of VLANs to segment a network are true? (Choose two)
A. VLANs increase the size of collision domains.
B. VLANs allow logical grouping of users by function.
C. VLANs simplify switch administration.
D. VLANs enhance network security.
Answer: B D
Question 8
Cisco Catalyst switches CAT1 and CAT2 have a connection between them using ports Fa0/13. An 802.1Q trunk is configured between the two switches. On CAT1, VLAN 10 is chosen as native, but on CAT2 the native VLAN is not specified. What will happen in this scenario?
A. 802.1Q giants frames could saturate the link.
B. VLAN 10 on CAT1 and VLAN 1 on CAT2 will send untagged frames.
C. A native VLAN mismatch error message will appear.
D. VLAN 10 on CAT1 and VLAN 1 on CAT2 will send tagged frames.
Answer: C
Explanation
A “native VLAN mismatch” error will appear by CDP if there is a native VLAN mismatch on an 802.1Q link. “VLAN mismatch” can cause traffic from one vlan to leak into another vlan.
Question 9
Which two statements describe the Cisco implementation of VLANs? (Choose two)
A. VLAN 1 is the default Ethernet VLAN.
B. CDP advertisements are only sent on VLAN 1002.
C. By default, the management VLAN is VLAN 1005.
D. By default, the switch IP address is in VLAN 1005.
E. VLANs 1002 through 1005 are automatically created and cannot be deleted.
Answer: A E
Question 10
What are three advantages of VLANs? (Choose three)
A. VLANs establish broadcast domains in switched networks.
B. VLANs utilize packet filtering to enhance network security.
C. VLANs provide a method of conserving IP addresses in large networks.
D. VLANs provide a low-latency internetworking alternative to routed networks.
E. VLANs allow access to network services based on department, not physical location.
F. VLANs can greatly simplify adding, moving, or changing hosts on the network.
Answer: A E F
@xallax
Thank you for your advice.
Q4 and Q7 in exam today. Great job 9tut.
Having a hard time with Q3. It should be:
D. Limit the access in the switch using port security configuration.
and
F. Shutdown all unused ports in the Catalyst switch.
Why would we move the management vlan (vlan 1) to something else?
@BB-CCNA
Although port security is a great feature, (and should be used), if the question is focused on management security, then moving the management VLAN would be the better of the 2 choices, due to the question.
Everyone knows that vlan 1 is default and used by all ports. You should change that Vlan1 to other Vlan, like 99
pls. reply me back if im wrong!!!
See more details about vlan here http://n3.16mb.com/?p=58.
See more details about vlan here http://www.n3.16mb.com/?p=58.
Hi all,
I did some exercises on CiscoPacketTracer – exercise completed,my network work but … When I did create subinterfaces on router I receive message about overlap with main interface. My question is can one of the router subinterface have the same address what main interface? Per example:
Router(config)#int fa0/0
#ip address 192.168.1.1 255.255.255.0
#no shut
#exit
#int fa0/0.1
#ip address 192.168.1.1 or 192.168.2.1 (of course 255.255.255.0)
This is a step when I received message about overlaping with 192.168.1.1
Finally I use 192.168.2.1 on fa0/0.1 and 192.168.3.1 on fa0/0.2 and my vlan work.
Is anybody who can halp?
Thanks.
&layer3
We don’t use IP address on main interface when we create sub interface.
Can’t belive…. so easy but I’ve missed that bit :)
Thanks a lot!
Hi guys, I need ur help. I wanna configure this into my switch, any1 can help me do this configuration I really appreciate.
2 Vlans
Vlan 10 named Sales IP: 192.168.10.1 to 192.168.10.5
Vlan 11 named Account IP: 192.168.11.1 to 192.168.11.5
Thanks.
Hi Jamal,
to do what you are asking, please do:
——-
conf t
vlan 10
name Sales
exit
vlan 11
name Account
exit
interface vlan10
ip address
exit
inerface vlan 11
ip address
exit
——-
about IP address range restriction you can limit it on the DHCP server etc. or you are asking for something else e.g. subnet mask based on the provided range?
thank you so much for this website im learning a lot.
how does VLANs simplify adding, moving, or changing hosts on the network? i thought they make it hard!!!! can some body tell why or how? if this meant to be ‘which ports r access ports and to which vlan’ all that is long story!!!! so please explain?????? thank you.
@mj-trust
please read 9tut’s tutorial on vlans
http://www.9tut.com/virtual-local-area-network-vlan-tutorial
they simply all that because you have them grouped up. you have sales computers in one vlan, admin computers in one vlan, research computers in one vlan and so on
hi all
Im writing the CCNA exams on monday can you please email me the latest dumps
thanks
my email address is kandindo@gmail.com
Hi EVERYONE – I WOULD LOVE TO GET THE LATEST DUMP FROM ANYONE WHO CAN GIVE IT TO ME> Please!!! I am taking the exam on May 15th and really would appreciate it.
Thank you!!!!
erica3025@gmail.com
Erica
Could someone please send me the CCNA dumps I am testing soon! I would really appreciate it!
Thank you!!!
thetechlover@gmail.com
Hello Can you please let me know what is right in the following Q.
VLAN3 is not yet config on your swt. What happens if you set switchport access Vlan 3 command interface configuration mode?
a. The command is accepted and the respective VLAN is added to Vlan dat
b. The command is rejected
c. The command is accepted and you must cong manually
I said a. but the dumps said b.
Thanks
CP
hi careercert,i’m big fan of urs weibste ..u r doin gr8 job dude!!!!i request 2 please upload CCNA Exploration 4.0 Companion Guide ..reallly needed!!!!HATTS OFF 2 U MAN!!!!ThanksSARANSH(CCNP )
These dumps are VERY accurate! If you know what you’re doing with Cisco equipment, actually understand the concepts, and use these as practice questions you will pass your CCNA.
I passed my CCNA today with an 894. Good luck everyone!
Thanks 9tut!=D
Hello Please can you help
Hello Can you please let me know what is right in the following Q.
VLAN3 is not yet config on your swt. What happens if you set switchport access Vlan 3 command interface configuration mode?
a. The command is accepted and the respective VLAN is added to Vlan dat
b. The command is rejected
c. The command is accepted and you must cong manually
I said a. but the dumps said b.
Thanks
CP
Sorry guys I found the answer by Xallax
@ranjita
it will create the new vlan, it will enable the newly created vlan, it will assign the respective interface to that vlan.
3 in 1
Thank you Xallax
What is the benefit of using VLAN? (chosse three)
easy
low cost
secure
managmable
.
Hi,
If a switch have not configured Vlan1 with ipaddress and default gateway and witch is failing. And the answers are given 1. no ipaddress set 2.No default gateway set
Question is What is the answer, i think both are correct but i found answer is default gateway why?
Q5 was in my exam today
Q1 could be just 1 trunk link. Let me explain. If SW2 were a L3 switch, then it could house the SVI’s for all three VLAN’s and you would only need a trunk between the two switches to extend L2 to SW1. The router would just be used to 0.0.0.0 route anything that wasn’t on the 3 VLAN’s specified in the network. There goes Cisco not being specific enough again.
Hi all, I am taking CCNA 640-802 exam first time on 30/05/2012. Could anyone please send me latest dumps which are valid for UK? My e-mail address is puneet_gill84@yahoo.co.uk. Many thanks.
@xallax &9tut
please explain what means native vlan ? what is the concept of 802.1q?
@ganesh
“A native vlan is the untagged vlan on an 802.1q trunked switchport.
The native vlan and management vlan could be the same, but it is better security practice that they aren’t.
Basically if a switch receives untagged frames on a trunkport, they are assumed to be part of the vlan that are designated on the switchport as the native vlan.
Frames egressing a switchport on the native vlan are not tagged.
This is the definition however more recent switch software often will allow you to tag all of the frames, even those in the native vlan.
This gives some added security and allows the CoS bits to be carried between switches even on the native vlan.”
https://learningnetwork.cisco.com/thread/8721
the native vlan is the vlan on which all untagged frames are sent upon.
802.1q is the frame tagging protocol employed on modern switches (isl is defunct).
it is used to allow multiple vlans to exist across the same multi-switched network.
http://en.wikipedia.org/wiki/IEEE_802.1Q
@xallax thanks a lot…its so useful ..
q3— I feel that changing the management vlan is not really talked about in ccna training
Also — isn’t ISL not being used ? I thought that ISL was old and being phased out? Am I correct? Comments please???
ooohh— I did not read xallax’s comments —-it seems that there is a lot of old information being used or not phased out — What about CoS — is that an old idea or a new one ??
Then there is a lot of mention about QoS!
@sdishkov
@jamal
putting IP address in VLAN, i think is only for management purposes only, if you want to telnet. And putting a default gateway is only needed if it is from diff. network. Also, those range of IP addresses, I think is for the host (client) same VLAN not on the switch VLAN’s
correct me if im wrong… :-)
I PASSED CCNA EXAM TODAY THANKS TO ALL MIGHTY ALLAH
960/1000
@9tut
Q10. I thought that the option B (“VLANs utilize packet filtering to enhance network security”) should have been the correct one instead of A (“VLANs establish broadcast domains in switched networks.”). The question talks about “advantages”.
Can you please give me an explanation?
Thanks in advance :)
@ivano
switches dont care about layer3 that much (packets), routers do.
you can create new vlans using switches and that separates traffic making sure what is for one department only goes towards devices that are on that department (on the same vlan; on the same broadcast domain)
@xallax
Well thank you xallax. It’s kind of difficult to understand that “establishing broadcast domains” is a “benefit” but…. I eventually got your point.
good stuff here!
I’m new at this site and also just started reading ccna. Hoping to do exam in august. Could 1 pls help to tell me how i will pass the exam so easily? i will appreciate so much.
i mean the most tested areas!
i will take my ccna exam on june 29, please share with me the latest dumps. Thanks in advance!!
leomongec@hotmail.com
Thanx for great site, and hints!
In order to open the dumps, do we always need vce / XPS,… program? what prog. is free (and not with limited capability) to be able to see all the dump?
Thx.
I passed my ccna exam today Praise be to God! Thank you Jesus! and thanks to 9TUT for the tutorials and explanations, great site and thanks to xallax for your explanations to questions and thanks to http://www.examcollection.com for the dumps. Pls guys lets donate and help to keep this site up!
48 ques for exams including 3 simulation, I had EIGRP, Acesslist2 and VTP. Make sure the practice the simulation, use packet tracer or gns3. Best wishes to all!
Hi guy, why Q10 is F instead of D??
Q3
@9tut @all plz help me
By default, each port in a Cisco Catalyst switch is assigned to VLAN1. Which two recommendations are key to avoid unauthorized management access? (Choose two)
A. Create an additional ACL to block the access to VLAN 1.
B. Move the management VLAN to something other than default.
C. Move all ports to another VLAN and deactivate the default VLAN.
D. Limit the access in the switch using port security configuration.
E. Use static VLAN in trunks and access ports to restrict connections.
F. Shutdown all unused ports in the Catalyst switch.
ans: B,F
why f ,not D?
@seren
Port security more time consuming and complicated, so shut down ease. It’s my opinion
Cheers
@ Mike, thank you!
Hi,
I passed CCNA 640-801 in Oct 2007 which got expired in Oct 2010. I want to recertify, can somebody tell me if you know for sure that whether I can just write ICND2 or higher level exam like CCNP ROUTE 642-902 to proceed for CCNP or I have to write CCNA 640-802 (alternatively ICND1 + ICND2) in order to proceed for CCNP?
Thanks
I passed my ccna with 973/1000..
Thanks to 9TUT for the tutorials and explanations, great site and thanks to http://www.examcollection.com for the dumps. Please guys lets donate and help to keep this site up!