Cisco 642-813 Certification Exam, Help To Pass Cisco 642-813 Test Engine 100% Pass With A High ScoreCisco 642-813 Certification Exam, Help To Pass Cisco 642-813 Test Engine 100% Pass With A High Score
100% valid Cisco 642-813 brain dumps with more new added questions. By training the Cisco 642-813 questions, you will save a lot time in preparing the exam. Visit www.Flydumps.com to get the 100% pass ensure!
Exam A
QUESTION 1
hostname Switch1 interface Vlan10 ip address 172.16.10.32 255.255.255.0 no ip redirects standby 1 ip 172.16.10.110 standby 1 timers msec 200 msec 700 standby 1 preempt
hostname Switch2 interface Vlan10 ip address 172.16.10.33 255.255.255.0 no ip redirects standby 1 ip 172.16.10.110 standby 1 timers msec 200 msec 750 standby 1 priority 110 standby 1 preempt
hostname Switch3 interface Vlan10 ip address 172.16.10.34 255.255.255.0 no ip redirects standby 1 ip 172.16.10.110 standby 1 timers msec 200 msec 750 standby 1 priority 150 standby 1 preempt
Refer to the above. Three switches are configured for HSRP.
Switch1 remains in the HSRP listen state. What is the most likely cause of this status?
A. This is normal operation.
B. The standby group number does not match the VLAN number.
C. IP addressing is incorrect.
D. Priority commands are incorrect.
E. Standby timers are incorrect.
Correct Answer: A Section: HSRP Explanation
Explanation/Reference:
Explanation:
QUESTION 2
Three Cisco Catalyst switches have been configured with a first-hop redundancy protocol. While reviewing some show commands, debug output, and the syslog, you discover the following information:
Jan 9 08:00:42.623: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Standby -> Active Jan 9 08:00:56.011: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Active -> Speak Jan 9 08:01:03.011: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Speak -> Standby Jan 9 08:01:29.427: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Standby -> Active Jan 9 08:01:36.808: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Active -> Speak Jan 9 08:01:43.808: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Speak -> Standby
What conclusion can you infer from this information?
A. VRRP is initializing and operating correctly.
B. HSRP is initializing and operating correctly.
C. GLBP is initializing and operating correctly.
D. VRRP is not exchanging three hello messages properly.
E. HSRP is not exchanging three hello messages properly.
F. GLBP is not exchanging three hello messages properly.
Correct Answer: E Section: HSRP Explanation
Explanation/Reference:
Explanation:
QUESTION 3
By itself, what does the command “aaa new-model” enable?
A. It globally enables AAA on the switch, with default lists applied to the VTYs.
B. Nothing; you must also specify which protocol (RADIUS or TACACS) will be used for AAA.
C. It enables AAA on all dot1x ports.
D. Nothing; you must also specify where (console, TTY, VTY, dot1x) AAA is being applied.
Correct Answer: A Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 4
What are three results of issuing the “switchport host” command? (Choose three.)
A. disables EtherChannel
B. enables port security
C. disables Cisco Discovery Protocol
D. enables PortFast
E. disables trunking
F. enables loopguard
Correct Answer: ADE Section: VLANs Security Explanation
Explanation/Reference:
Explanation:
QUESTION 5
When configuring private VLANs, which configuration task must you do first?
A. Configure the private VLAN port parameters.
B. Configure and map the secondary VLAN to the primary VLAN.
C. Disable IGMP snooping.
D. Set the VTP mode to transparent.
Correct Answer: D Section: VLANs Security Explanation
Explanation/Reference:
Explanation:
QUESTION 6
Which statement about the configuration and application of port access control lists is true?
A. PACLs can be applied in the inbound or outbound direction of a Layer 2 physical interface.
B. At Layer 2, a MAC address PACL takes precedence over any existing Layer 3 PACL.
C. When you apply a port ACL to a trunk port, the ACL filters traffic on all VLANs present on the trunk port.
D. PACLs are not supported on EtherChannel interfaces.
Correct Answer: C Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 7
Refer to the exhibit.
Which statement about the command output is true?
A. If the number of devices attempting to access the port exceeds 11, the port shuts down for 20 minutes, as configured.
B. The port has security enabled and has shut down due to a security violation.
C. The port is operational and has reached its configured maximum allowed number of MAC addresses.
D. The port allows access for 11 MAC addresses in addition to the three configured MAC addresses.
Correct Answer: C Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 8
Refer to the exhibit.
Which statement best describes first-hop redundancy protocol status?
A. The first-hop redundancy protocol is not configured for this interface.
B. HSRP is configured for group 10.
C. HSRP is configured for group 11.
D. VRRP is configured for group 10.
E. VRRP is configured for group 11.
F. GLBP is configured with a single AVF.
Correct Answer: C Section: HSRP Explanation
Explanation/Reference:
Explanation:
QUESTION 9
Which statement best describes implementing a Layer 3 EtherChannel?
A. EtherChannel is a Layer 2 feature and not a Layer 3 feature.
B. Implementation requires switchport mode trunk and matching parameters between switches.
C. Implementation requires disabling switchport mode.
D. A Layer 3 address is assigned to the physical interface.
Correct Answer: C Section: EtherChannels Explanation
Explanation/Reference:
Explanation:
QUESTION 10
Which statement about when standard access control lists are applied to an interface to control inbound or outbound traffic is true?
A. The best match of the ACL entries is used for granularity of control.
B. They use source IP information for matching operations.
C. They use source and destination IP information for matching operations.
D. They use source IP information along with protocol-type information for finer granularity of control.
Correct Answer: B Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 11
Refer to the exhibit.
You have configured an interface to be an SVI for Layer 3 routing capabilities. Assuming that all VLANs have been correctly configured, what can be determined?
A. Interface gigabitethernet0/2 will be excluded from Layer 2 switching and enabled for Layer 3 routing.
B. The command switchport autostate exclude should be entered in global configuration mode, not subinterface mode, to enable a Layer 2 port to be configured for Layer 3 routing.
C. The configured port is excluded in the calculation of the status of the SVI.
D. The interface is missing IP configuration parameters; therefore, it will only function at Layer 2.
Correct Answer: C Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation:
QUESTION 12
Refer to the exhibit.
Which two statements about this Layer 3 security configuration example are true? (Choose two.)
A. Static IP source binding can be configured only on a routed port.
B. Source IP and MAC filtering on VLANs 10 and 11 will occur.
C. DHCP snooping will be enabled automatically on the access VLANs.
D. IP Source Guard is enabled.
E. The switch will drop the configured MAC and IP address source bindings and forward all other traffic.
Correct Answer: BD Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 13
Refer to the exhibit.
Which statement is true?
A. Cisco Express Forwarding load balancing has been disabled.
B. SVI VLAN 30 connects directly to the 10.1.30.0/24 network due to a valid glean adjacency.
C. VLAN 30 is not operational because no packet or byte counts are indicated.
D. The IP Cisco Express Forwarding configuration is capable of supporting IPv6.
Correct Answer: B Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation:
QUESTION 14
Which statement about the EIGRP routing being performed by the switch is true?
A. The EIGRP neighbor table contains 20 neighbors.
B. EIGRP is running normally and receiving IPv4 routing updates.
C. EIGRP status cannot be determined. The command show ip eigrp topology would determine the routing protocol status.
D. The switch has not established any neighbor relationships. Further network testing and troubleshooting must be performed to determine the cause of the problem.
Correct Answer: D Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation:
QUESTION 15
What is the result of entering the command “spanning-tree loopguard default” ?
A. The command enables loop guard and root guard.
B. The command changes the status of loop guard from the default of disabled to enabled.
C. The command activates loop guard on point-to-multipoint links in the switched network.
D. The command disables EtherChannel guard.
Correct Answer: B Section: STP Protection Explanation
Explanation/Reference:
Explanation:
QUESTION 16
What does the interface subcommand “switchport voice vlan 222” indicate?
A. The port is configured for data and voice traffic.
B. The port is fully dedicated to forwarding voice traffic.
C. The port operates as an FXS telephony port.
D. Voice traffic is directed to VLAN 222.
Correct Answer: A Section: IP Telephony Explanation
Explanation/Reference:
Explanation:
QUESTION 17
Which statement is a characteristic of multi-VLAN access ports?
A. The port has to support STP PortFast.
B. The auxiliary VLAN is for data service and is identified by the PVID.
C. The port hardware is set as an 802.1Q trunk.
D. The voice service and data service use the same trust boundary.
Correct Answer: C Section: IP Telephony Explanation
Explanation/Reference:
Explanation:
QUESTION 18
Which two statements are true about recommended practices that are to be used in a local VLAN solution design where layer 2 traffic is to be kept to a minimum? (Choose two.)
A. Routing should occur at the access layer if voice VLANs are utilized. Otherwise, routing should occur at the distribution layer.
B. Routing may be performed at all layers but is most commonly done at the core and distribution layers.
C. Routing should not be performed between VLANs located on separate switches.
D. VLANs should be local to a switch.
E. VLANs should be localized to a single switch unless voice VLANs are being utilized.
Correct Answer: BD Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 19
Which statement about the Port Aggregation Protocol is true?
A. Configuration changes made on the port-channel interface apply to all physical ports assigned to the port-channel interface.
B. Configuration changes made on a physical port that is a member of a port-channel interface apply to the port-channel interface.
C. Configuration changes are not permitted with Port Aggregation Protocol. Instead, the standardized Link Aggregation Control Protocol should be used if configuration changes are required.
D. The physical port must first be disassociated from the port-channel interface before any configuration changes can be made.
Correct Answer: A Section: EtherChannels Explanation
Explanation/Reference:
Explanation:
QUESTION 20
In which three HSRP states do routers send hello messages? (Choose three.)
A. standby
B. learn
C. listen
D. speak
E. active
Correct Answer: ADE Section: HSRP Explanation
Explanation/Reference:
Explanation:
Exam B QUESTION 1
Which statement about 802.1Q trunking is true?
A. Both switches must be in the same VTP domain.
B. The encapsulation type on both ends of the trunk does not have to match.
C. The native VLAN on both ends of the trunk must be VLAN 1.
D. In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN.
Correct Answer: D Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 2
Refer to the exhibit.
Which three statements are true? (Choose three.)
A. A trunk link will be formed.
B. Only VLANs 1-1001 will travel across the trunk link.
C. The native VLAN for switch B is VLAN 1.
D. DTP is not running on switch A.
E. DTP packets are sent from switch B.
Correct Answer: ACE Section: VLANs, Trunks Explanation Explanation/Reference:
Explanation:
You can manually configure trunk links on Catalyst switches for either ISL or 802.1Q mode. In addition,
Cisco has implemented a proprietary, point-to-point protocol called Dynamic Trunking Protocol (DTP) that
negotiates a common trunking mode between two switches. The negotiation covers the encapsulation (ISL
or 802.1Q) as well as whether the link becomes a trunk at all. You can configure the trunk encapsulation
with the switchport trunk encapsulation command, as one of the following:
· isl–VLANs are tagged by encapsulating each frame using the Cisco ISL protocol. · dot1q–VLANs are
tagged in each frame using the IEEE 802.1Q standard protocol. The only exception is the native VLAN,
which is sent normally and not tagged at all. · negotiate (the default)–The encapsulation is negotiated to
select either ISL or IEEE 802.1Q, whichever is supported by both ends of the trunk. If both ends support
both types, ISL is favored. (The Catalyst 2950 switch does not support ISL encapsulation.) In the
switchport mode command, you can set the trunking mode to any of the following:
· trunk–This setting places the port in permanent trunking mode. The corresponding switch port at the
other end of the trunk should be similarly configured because negotiation is not allowed. You should also
manually configure the encapsulation mode. · dynamic desirable (the default)–The port actively attempts to
convert the link into trunking mode. If the far-end switch port is configured to trunk, dynamic desirable, or
dynamic auto mode, trunking is successfully negotiated.
· dynamic auto–The port converts the link into trunking mode. If the far-end switch port is configured to
trunk or dynamic desirable, trunking is negotiated. Because of the passive negotiation behavior, the link
never becomes a trunk if both ends of the link are left to the dynamic auto default.
QUESTION 3
Refer to the exhibit.
Host A and Host B are connected to the Cisco Catalyst 3550 switch and have been assigned to their respective VLANs. The rest of the 3550 configuration is the default configuration. Host A is able to ping its default gateway, 10.10.10.1, but is unable to ping Host B. Given the output in the exhibit, which statement is true?
A. HSRP must be configured on SW1.
B. A separate router is needed to support inter-VLAN routing.
C. Interface VLAN 10 must be configured on the SW1 switch.
D. The global configuration command ip routing must be configured on the SW1 switch.
E. VLANs 10 and 15 must be created in the VLAN database mode.
F. VTP must be configured to support inter-VLAN routing.
Correct Answer: D Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation: To transport packets between VLANs, you must use a Layer 3 device. Traditionally, this has been a router’s function. The router must have a physical or logical connection to each VLAN so that it can forward packets between them. This is known as interVLAN routing. Multilayer switches can perform both Layer 2 switching and interVLAN routing, as appropriate. Layer 2 switching occurs between interfaces that are assigned to Layer 2 VLANs or Layer 2 trunks. Layer 3 switching can occur between any type of interface, as long as the interface can have a Layer 3 address assigned to it. Switch(config)#ip routing command enables the routing on Layer 3 Swtich
QUESTION 4
Refer to the exhibit.
What happens when one more user is connected to interface FastEthernet 5/1?
A. All secure addresses age out and are removed from the secure address list. The security violation counter increments.
B. The first address learned on the port is removed from the secure address list and is replaced with the new address.
C. The interface is placed into the error-disabled state immediately, and an SNMP trap notification is sent.
D. The packets with the new source addresses are dropped until a sufficient number of secure MAC addresses are removed from the secure address list.
Correct Answer: C Section: Access Security Explanation
Explanation/Reference:
Explanation: Port security is a feature supported on Cisco Catalyst switches that restricts a switch port to a specific set or number of MAC addresses. Those addresses can be learned dynamically or configured statically. The port will then provide access to frames from only those addresses. If, however, the number of addresses is limited to four but no specific MAC addresses are configured, the port will allow any four MAC addresses to be learned dynamically, and port access will be limited to those four dynamically learned addresses. Port Security Implementation: When Switch port security rules violate different action can be applied:
1.
Protect: Frames from the nonallowed address are dropped, but there is no log of the violation.
2.
Restrict: Frames from the nonallowed address are dropped, a log message is created, and a Simple Network Management Protocol (SNMP) trap is sent.
3.
Shutdown: If any frames are seen from a nonallowed address, the interface is errdisabled, a log entry is made, an SNMP trap is sent, and manual intervention or errdisable recovery must be used to make the interface usable.
QUESTION 5
Refer to the exhibit.
What happens to traffic within VLAN 14 with a source address of 172.16.10.5?
A. The traffic is forwarded to the TCAM for further processing.
B. The traffic is forwarded to the router processor for further processing.
C. The traffic is dropped.
D. The traffic is forwarded without further processing.
Correct Answer: C Section: VLANs Security Explanation
Explanation/Reference:
Explanation: VLAN maps, also known as VLAN ACLs or VACLs, can filter all traffic traversing a switch. VLAN maps can be configured on the switch to filter all packets that are routed into or out of a VLAN, or are bridged within a VLAN. VLAN maps are used strictly for security packet filtering. Unlike router ACLs, VLAN maps are not defined by direction (input or output).
To create a VLAN map and apply it to one or more VLANs, perform these steps: · Create the standard or extended IP ACLs or named MAC extended ACLs to be applied to the VLAN. This access-list will select the traffic that will be either forwarded or dropped by the access- map. Only traffic matching the `permit’ condition in an access-list will be passed to the access-map for further processing. · Enter the vlan access-map access-map-name [sequence] global configuration command to create a VLAN ACL map entry. Each access-map can have multiple entries. The order of these entries is determined by the sequence. If no sequence number is entered, access-map entries are added with sequence numbers in increments of 10. · In access map configuration mode, optionally enter an action forward or action drop. The default is to forward traffic. Also enter the match command to specify an IP packet or a non-IP packet (with only a known MAC address), and to match the packet against one or more ACLs (standard or extended). · Use the vlan filter access-map-name vlan-list vlan-list global configuration command to apply a VLAN map to one or more VLANs. A single access-map can be used on multiple VLANs.
QUESTION 6
Which protocol allows for the automatic selection and simultaneous use of multiple available gateways as well as automatic failover between those gateways?
A. IRDP
B. HSRP
C. GLBP D. VRRP
Correct Answer: C Section: GLBP Explanation
Explanation/Reference:
Explanation: To provide a virtual router, multiple switches (routers) are assigned to a common GLBP group. Rather than having just one active router performing forwarding for the virtual router address, all routers in the group can participate and offer load balancing by forwarding a portion of the overall traffic. The advantage is that none of the clients have to be pointed toward a specific gateway address–they can all have the same default gateway set to the virtual router IP address. The load balancing is provided completely through the use of virtual router MAC addresses in ARP replies returned to the clients. As a client sends an ARP request looking for the virtual router address, GLBP sends back an ARP reply with the virtual MAC address of a selected router in the group. The result is that all clients use the same gateway address but have differing MAC addresses for it.
QUESTION 7
When you create a network implementation for a VLAN solution, what is one procedure that you should include in your plan?
A. Perform an incremental implementation of components.
B. Implement the entire solution and then test end-to-end to make sure that it is performing as designed.
C. Implement trunking of all VLANs to ensure that traffic is crossing the network as needed before performing any pruning of VLANs.
D. Test the solution on the production network in off hours.
Correct Answer: A Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 8
You have just created a new VLAN on your network. What is one step that you should include in your VLAN-based implementation and verification plan?
A. Verify that different native VLANs exist between two switches for security purposes.
B. Verify that the VLAN was added on all switches with the use of the show vlan command.
C. Verify that the switch is configured to allow for trunking on the switch ports.
D. Verify that each switch port has the correct IP address space assigned to it for the new VLAN.
Correct Answer: B Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 9
Which two statements describe a routed switch port on a multilayer switch? (Choose two.)
A. Layer 2 switching and Layer 3 routing are mutually supported.
B. The port is not associated with any VLAN.
C. The routed switch port supports VLAN subinterfaces.
D. The routed switch port is used when a switch has only one port per VLAN or subnet.
E. The routed switch port ensures that STP remains in the forwarding state.
Correct Answer: BD Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation:
QUESTION 10
Which two statements correctly describe VTP? (Choose two.)
A. Transparent mode always has a configuration revision number of 0.
B. Transparent mode cannot modify a VLAN database.
C. Client mode cannot forward received VTP advertisements.
D. Client mode synchronizes its VLAN database from VTP advertisements.
E. Server mode can synchronize across VTP domains.
Correct Answer: AD Section: VTP Explanation
Explanation/Reference:
Explanation:
QUESTION 11
Which two DTP modes permit trunking between directly connected switches? (Choose two.)
A. dynamic desirable (VTP domain A) to dynamic desirable (VTP domain A)
B. dynamic desirable (VTP domain A) to dynamic desirable (VTP domain B)
C. dynamic auto (VTP domain A) to dynamic auto (VTP domain A)
D. dynamic auto (VTP domain A) to dynamic auto (VTP domain B)
E. dynamic auto (VTP domain A) to nonegotiate (VTP domain A)
F. nonegotiate (VTP domain A) to nonegotiate (VTP domain B)
Correct Answer: AF Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 12
Which two RSTP port roles include the port as part of the active topology? (Choose two.)
A. root
B. designated
C. alternate
D. backup
E. forwarding
F. learning
Correct Answer: AB Section: RSTP, MST Explanation
Explanation/Reference:
Explanation:
QUESTION 13
Which two statements correctly describe characteristics of the PortFast feature? (Choose two.)
A. STP is disabled on the port.
B. PortFast can also be configured on trunk ports.
C. PortFast is needed to enable port-based BPDU guard.
D. PortFast is used for STP and RSTP host ports.
E. PortFast is used for STP-only host ports.
Correct Answer: BD Section: STP Explanation
Explanation/Reference:
Explanation:
QUESTION 14
Which statement correctly describes the Cisco implementation of RSTP?
A. PortFast, UplinkFast, and BackboneFast specific configurations are ignored in Rapid PVST mode.
B. RSTP is enabled globally and uses existing STP configuration.
C. Root and alternative ports transition immediately to the forwarding state.
D. Convergence is improved by using subsecond timers for the blocking, listening, learning, and forwarding port states.
Correct Answer: B Section: RSTP, MST Explanation
Explanation/Reference:
Explanation:
QUESTION 15
What is the effect of applying the “switchport trunk encapsulation dot1q” command to a port on a Cisco Catalyst switch?
A. By default, native VLAN packets going out this port are tagged.
B. Without an encapsulation command, 802.1Q is the default encapsulation if DTP fails to negotiate a trunking protocol.
C. The interface supports the reception of tagged and untagged traffic.
D. If the device connected to this port is not 802.1Q-enabled, it is unable to handle 802.1Q packets.
Correct Answer: C Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 16
You are the administrator of a switch and currently all host-connected ports are configured with the portfast command. You have received a new directive from your manager that states that, in the future, any host-connected port that receives a BPDU should automatically disable PortFast and begin transmitting BPDUs. Which command will support this new requirement?
A. Switch(config)#spanning-tree portfast bpduguard default
B. Switch(config-if)#spanning-tree bpduguard enable
C. Switch(config-if)#spanning-tree bpdufilter enable
D. Switch(config)#spanning-tree portfast bpdufilter default
Correct Answer: D Section: STP Protection Explanation
Explanation/Reference:
Explanation:
QUESTION 17
A port in a redundant topology is currently in the blocking state and is not receiving BPDUs. To ensure that this port does not erroneously transition to the forwarding state, which command should be configured?
A. Switch(config)#spanning-tree loopguard default
B. Switch(config-if)#spanning-tree bdpufilter
C. Switch(config)#udld aggressive
D. Switch(config-if)#spanning-tree bpduguard
Correct Answer: A Section: STP Protection Explanation
Explanation/Reference:
Explanation:
QUESTION 18
Which command can be issued without interfering with the operation of loop guard?
A. Switch(config-if)#spanning-tree guard root
B. Switch(config-if)#spanning-tree portfast
C. Switch(config-if)#switchport mode trunk
D. Switch(config-if)#switchport mode access
Correct Answer: C Section: STP Protection Explanation
Explanation/Reference:
Explanation:
QUESTION 19
Refer to the exhibit. On the basis of the information provided in the exhibit, which two sets of procedures are best practices for Layer 2 and 3 failover alignment? (Choose two.)
A. Configure the D-SW1 switch as the active HSRP router and the STP root for all VLANs. Configure the D-SW2 switch as the standby HSRP router and backup STP root for all VLANs.
B. Configure the D-SW1 switch as the standby HSRP router and the STP root for VLANs 11 and 110. Configure the D-SW2 switch as the standby HSRP router and the STP root for VLANs 12 and 120.
C. Configure the D-SW1 switch as the active HSRP router and the STP root for VLANs 11 and 110. Configure the D-SW2 switch as the active HSRP router and the STP root for VLANs 12 and 120.
D. Configure the D-SW2 switch as the active HSRP router and the STP root for all VLANs. Configure the D-SW1 switch as the standby HSRP router and backup STP root for all VLANs.
E. Configure the D-SW1 switch as the active HSRP router and the backup STP root for VLANs 11 and
110. Configure the D-SW2 switch as the active HSRP router and the backup STP root for VLANs 12 and 120.
F. Configure the D-SW1 switch as the standby HSRP router and the backup STP root for VLANs 12 and
120. Configure the D-SW2 switch as the standby HSRP router and the backup STP root for VLANs 11 and 110.
Correct Answer: CF Section: HSRP Explanation
Explanation/Reference:
Explanation: Basically, each of the routers that provides redundancy for a given gateway address is assigned to a common HSRP group. One router is elected as the primary, or active, HSRP router, another is elected as the standby HSRP router, and all the others remain in the listen HSRP state. The routers exchange HSRP hello messages at regular intervals, so they can remain aware of each other’s existence, as well as that of the active router.
HSRP election is based on a priority value (0 to 255) that is configured on each router in the group. By default, the priority is 100. The router with the highest priority value (255 is highest) becomes the active router for the group. If all router priorities are equal or set to the default value, the router with the highest IP address on the HSRP interface becomes the active router. To set the priority, use the following interface configuration command: Switch(config-if)# standby group priority priority
When HSRP is configured on an interface, the router progresses through a series of states before becoming active. This forces a router to listen for others in a group and see where it fits into the pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally, Active.
You can configure a router to preempt or immediately take over the active role if its priority is the highest at
any time. Use the following interface configuration command to allow preemption:
Switch(config-if)# standby group preempt [delay seconds]
QUESTION 20
Which statement correctly describes enabling BPDU guard on an access port that is also enabled for PortFast?
A. Upon startup, the port transmits 10 BPDUs. If the port receives a BPDU, PortFast and BPDU guard are disabled on that port and it assumes normal STP operation.
B. The access port ignores any received BPDU.
C. If the port receives a BPDU, it is placed into the error-disable state.
D. BPDU guard is configured only globally and the BPDU filter is required for port-level configuration.
Correct Answer: C Section: STP Protection Explanation
Explanation/Reference:
Explanation:
Exam C QUESTION 1
Match the Attributes on the left with the types of VLAN designs on right.
Select and Place:
Correct Answer: Section: VLANs, Trunks Explanation
Explanation/Reference:
QUESTION 2
DRAG DROP
Place the local and distributed VLAN functions on the left into the associated boxes on the right.
Select and Place:
Correct Answer:
Section: VLANs, Trunks Explanation
Explanation/Reference:
QUESTION 3
You have been tasked with planning a VLAN solution that will connect a server in one buliding to several hosts in another building. The solution should be built using the local vlan model and layer 3 switching at the distribution layer. Identify the questions related to this vlan solution that would ask the network administrator before you start the planning by dragging them into the target zone one the right. Not all questions will be used.
Select and Place: Correct Answer:
Section: VLANs, Trunks Explanation
Explanation/Reference:
In local vlan solition common VTP mode is transparent
CREATE A VLAN BASED IMPLEMENTATION PLAN Foundation Learning Guide Chapter 2 pg. 58-59 Subnets and associated VLANs VLAN Number VLAN Name VLAN Purpose VLAN to IP Address Scheme Physical location of VLANs (determine which switch has which VLANs) Assignment method (dot1x etc.) Placement of trunks, native VLAN for trunks, and allowed VLANs on trunks VTP configuration Quick Reference Guide Chapter 2 pg. 14 VLAN numbering, naming, and IP addressing scheme VLAN placement (local or multiple switches) Trunk requirements VTP parameters Test and verification plan From Foundation Learning Guide The following steps outline the considerations you need to make with regards to using an SVI: 1) On your L3 switch identify the VLANs that require a default gateway. 2) For any SVI’s not already present on your L3 switch you will need to create then. As such you will need to decide on suitable numbering for the SVI (should be the VLAN ID number) plus an IP address to associate with it. Don’t forget to No Shutdown the interface. 3) To perform L3 routing functions you need to set the L3 switch to be able to perform the routing. To achieve this use the global command – #ip routing – this will enable to switch to route between your VLANs 4) Define any appropriate dynamic routing protocols. Typically required if you are configuring a larger enterprise network that may be subject to change. You can deploy RIP, EIGRP, OSPF which ever you feel is appropriate. 5) Finally with the information above gathered consider if you require any given SVI to be excluded from contributing to the SVI state Up-Down calculation. Do this using the ‘Autostate’ feature
QUESTION 4
You have a VLAN implementation that requires inter-vlan routing using layer 3 switches. Drag the steps on
Select and Place:
Correct Answer:
Section: VLANs, Trunks
Explanation Explanation/Reference:
QUESTION 5
Categorize the high availability network resource or feature with the management level, network level, or
Select and Place:
Correct Answer:
Section: Supervisor and Route Processor Redundancy Explanation
Explanation/Reference:
QUESTION 6
Place the DTP mode with its correct description.
Select and Place:
Correct Answer:
Section: VLANs, Trunks Explanation
Explanation/Reference:
1.
trunk: This setting places the port in permanent trunking mode. The corresponding switch port at the other end of the trunk should be similarly configured because negotiation is not allowed. You should also manually configure the encapsulation mode.
2.
dynamic desirable: The port actively attempts to convert the link into trunking mode. If the far-end switch port is configured to trunk, dynamic desirable, or dynamic auto mode, trunking is successfully negotiated.
3.
dynamic auto: The port converts the link into trunking mode. If the far-end switch port is configured to trunk or dynamic desirable, trunking is negotiated. Because of the passive negotiation behavior, the link never becomes a trunk if both ends of the link are left to the dynamic auto default.
4.
Negotiate: The encapsulation is negotiated to select either ISL or IEEE 802.1Q, whichever is supported by both ends of the trunk. If both ends support both types, ISL is favored.
5.
Access: Puts the interface into access mode that mean interface is in non-trunking mode.
6.
Nonegotiate: Forces the port to permanently trunk but not send DTP frames. For use when the DTP frames confuse the neighboring (non-Cisco) 802.1q switch. You must manually set the neighboring switch to trunking.
QUESTION 7
Drag the port states on the left, to their correct description on the right.
Select and Place:
Correct Answer:
Section: STP Explanation
Explanation/Reference:
After the bridges have determined which ports are Root Ports, Designated Ports, and non-Designated Ports, STP is ready to create a loop-free topology. To do this, STP configures Root Ports and Designated Ports to forward traffic. STP sets non-Designated Ports to block traffic. Although Forwarding and Blocking are the only two states commonly seen in a stable network, there are actually five STP states. This list can be viewed hierarchically in that bridge ports start at the Blocking state and work their way up to the Forwarding state. The Disabled state is the administratively shutdown STP state. It is not part of the normal STP port processing. After the switch is initialized, ports start in the Blocking state. The Blocking state is the STP state in which a bridge listens for BPDUs.
A port in the Blocking state does the following:
1.
Discards frames received from the attached segment or internally forwarded through switching
2.
Receives BPDUs and directs them to the system module
3.
Has no address database
4.
Does not transmit BPDUs received from the system module
5.
Receives and responds to network management messages but does not transmit them If a bridge thinks it is the Root Bridge immediately after booting or in the absence of BPDUs for a certain period of time, the port transitions into the Listening state. The Listening state is the STP state in which no user data is being passed, but the port is sending and receiving BPDUs in an effort to determine the active topology.
A port in the Listening state does the following:
1.
Discards frames received from the attached segment or frames switched from another port
2.
Has no address database
3.
Receives BPDUs and directs them to the system module
4.
Processes BPDUs received from the system module (Processing BPDUs is a separate action from receiving or transmitting BPDUs)
5.
Receives and responds to network management messages
It is during the Listening state that the three initial convergence steps take place – elect a Root Bridge, elect Root Ports, and elect Designated Ports. Ports that lose the Designated Port election become non-Designated Ports and drop back to the Blocking state. Ports that remain Designated Ports or Root Ports after 15 seconds – the default Forward Delay STP timer value – progress into the Learning state. The lifetime of the Learning state is also governed by the Forward Delay timer of 15 seconds, the default setting. The Learning state is the STP state in which the bridge is not passing user data frames but is building the bridging table and gathering information, such as the source VLANs of data frames. As the bridge receives a frame, it places the source MAC address and port into the bridging table. The Learning state reduces the amount of flooding required when data forwarding begins.
A port in the Learning state does the following:
1.
Discards frames received from the attached segment
2.
Discards frames switched from another port for forwarding
3.
Incorporates station location into its address database
4.
Receives BPDUs and directs them to the system module
5.
Receives, processes, and transmits BPDUs received from the system module
6.
Receives and responds to network management messages
If a port is still a Designated Port or Root Port after the Forward Delay timer expires for the Learning state, the port transitions into the Forwarding state. The Forwarding state is the STP state in which data traffic is both sent and received on a port. It is the “last” STP state. At this stage, it finally starts forwarding user data frames.
A port in the Forwarding state does the following:
1.
Forwards frames received from the attached segment
2.
Forwards frames switched from another port for forwarding
3.
Incorporates station location information into its address database
4.
Receives BPDUs and directs them to the system module
5.
Processes BPDUs received from the system module
6.
Receives and responds to network management messages
QUESTION 8
Specifies the kind of messages, by severity level, to be sent to the syslog server.
Select and Place:
Correct Answer:
Section: Network Monitoring Explanation
Explanation/Reference:
http://www.ciscopress.com/articles/article.asp?p=426638&seqNum=3
QUESTION 9
Drag the choices on the left to the boxes on the right that should be included when creating a VLAN-based
implementation plan.
Not all choices will be used.
Select and Place:
Correct Answer:
Section: VLANs, Trunks Explanation
Explanation/Reference:
QUESTION 10
Drag snmp versions and associated features
Select and Place:
Correct Answer:
Section: Network Monitoring Explanation
Explanation/Reference:
QUESTION 11
Drag HSRP states
Select and Place:
Correct Answer:
Section: HSRP
Explanation
Explanation/Reference:
HSRP defines six states in which an HSRP-enabled router can exist:
1.
Initial – This is the state from which the routers begin the HSRP process. This state indicates that HSRP is not running. It is entered via a configuration change or when an interface first comes up.
2.
Learn – The router has not determined the virtual IP address, and has not yet seen an authenticated hello message from the active router. In this state the router is still waiting to hear from the active router.
3.
Listen – The router knows the virtual IP address, but is neither the active router nor the standby router. It listens for hello messages from those routers. Routers other than the active and standby router remain in the listen state.
4.
Speak – The router sends periodic hello messages and is actively participating in the election of the active or standby router. A router cannot enter Speak state unless it has the virtual IP address.
5.
Standby – The router is a candidate to become the next active router and sends periodic hello messages. Excluding transient conditions, there must be at most one router in the group in Standby state.
6.
Active – The router is currently forwarding packets that are sent to the group virtual MAC address. The router sends periodic hello messages. Excluding transient conditions, there must be at most one router in Active state in the HSRP group.
QUESTION 12
Drag and Drop Local VLAN’s vs End-To-END VLANS
Select and Place:
Correct Answer:
Section: VLANs, Trunks Explanation
Explanation/Reference:
QUESTION 13
Drag & Drop
Select and Place: Correct Answer:
Section: IP Telephony Explanation Explanation/Reference:
QUESTION 14
Select and Place: Correct Answer:
Section: VTP Explanation Explanation/Reference:
QUESTION 15
Select and Place: Correct Answer:
Section: VLANs, Trunks Explanation Explanation/Reference:
QUESTION 16
Select and Place:
Correct Answer:
Section: WLANs Explanation
Explanation/Reference:
QUESTION 17
Wireless LWAPP Association and Discovery Process Drag & Drop
Note not all options are used
Select and Place: Correct Answer:
Section: WLANs Explanation
Explanation/Reference:
This is the correct answer: (1. The IP address is statically configured on the lightweigh AP.)
2.
The lightweight AP requests an IP address via DHCP
3.
The lightweight AP searches for a wireless LAN controller using LWAPP in Layer 2 mode.
4.
The lightweight AP sends a LWAPP Discovery Request to the management IP address of the wireless LAN controller via broadcast
5.
The wireless LAN controller responds with a Discovery Response from the Manager IP address.
6.
The lightweight AP chooses the AP Manager with the least number of associated access points and sends the join request.
==========================================================================
From Cisco:
Register the LAP with the WLC:
This sequence of events must occur in order for an LAP to register to a WLC:
1.The LAPs issue a DHCP discovery request to get an IP address, unless it has previously had a static IP address configured.
2.The LAP sends LWAPP discovery request messages to the WLCs.
3.Any WLC that receives the LWAPP discovery request responds with an LWAPP discovery response message.
4.From the LWAPP discovery responses that the LAP receives, the LAP selects a WLC to join.
5.The LAP then sends an LWAPP join request to the WLC and expects an LWAPP join response.
6.The WLC validates the LAP and then sends an LWAPP join response to the LAP.
7.The LAP validates the WLC, which completes the discovery and join process. The LWAPP join process includes mutual authentication and encryption key derivation, which is used to secure the join process and future LWAPP control messages.
8.The LAP registers with the controller.
The first problem that the LAP faces is how to determine where to send the LWAPP discovery requests (step 2). The LAP uses a hunting procedure and a discovery algorithm in order to determine the list of WLCs to which the LAP can send the discovery request messages.
This procedure describes the hunting process:
1.The LAP issues a DHCP request to a DHCP server in order to get an IP address, unless an assignment was made previously with a static IP address.
2.If Layer 2 LWAPP mode is supported on the LAP, the LAP broadcasts an LWAPP discovery message in a Layer 2 LWAPP frame. Any WLC that is connected to the network and that is configured for Layer 2 LWAPP mode responds with a Layer 2 discovery response. If the LAP does not support Layer 2 mode, or if the WLC or the LAP fails to receive an LWAPP discovery response to the Layer 2 LWAPP discovery message broadcast, the LAP proceeds to step 3.
3.If step 1 fails, or if the LAP or the WLC does not support Layer 2 LWAPP mode, the LAP attempts a Layer 3 LWAPP WLC discovery.
See the Layer 3 LWAPP WLC Discovery Algorithm section of this document.
4.If step 3 fails, the LAP resets and returns to step 1.
Note: If you want to specify an IP address for an access point instead of having one assigned automatically by a DHCP server, you can use the controller GUI or CLI to configure a static IP address for the access point. Refer to the Configuring a Static IP Address on a Lightweight Access Point section of the WLC Configuration guide for more information. If the LAP is assigned a static IP address and can not reach the WLC, it falls back to DHCP.
Source: http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml
QUESTION 18
What is the result of entering the command “port-channel load-balance src-dst-ip” on an EtherChannel link?
A. Packets are distributed across the ports in the channel based on the source and destination MAC addresses.
B. Packets are distributed across the ports in the channel based on the source and destination IP addresses.
C. Packets are balanced across the ports in the channel based first on the source MAC address, then on the destination MAC address, then on the IP address.
D. Packets are distributed across the access ports in the channel based first on the source IP address and then on the destination IP addresses.
Correct Answer: B Section: EtherChannels Explanation
Explanation/Reference:
Explanation:
QUESTION 19
Which Cisco IOS command globally enables port-based authentication on a switch?
A. aaa port-auth enable
B. radius port-control enable
C. dot1x system-auth-control
D. switchport aaa-control enable
Correct Answer: C Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 20
Which two steps are necessary to configure inter-VLAN routing between multilayer switches? (Choose two.)
A. Configure a dynamic routing protocol.
B. Configure SVI interfaces with IP addresses and subnet masks.
C. Configure access ports with network addresses.
D. Configure switch ports with the autostate exclude command.
E. Document the MAC addresses of the switch ports.
Correct Answer: AB Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation:
Exam D
This volume is part of the Exam Certification Guide Series from Cisco 642-813.Cisco 642-813 in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco 642-813 Certification candidates identify weaknesses,concentrate their study efforts,and enhance their confidence as Cisco 642-813 exam day nears.