Topic 2: IMPLEMENTATION & OPERATION (201 questions) -Section 5
Friday, August 4, 2006 6:52:36 AM
QUESTION NO: 1
The TestKing network Topology is displayed in the exhibit below:
A switch has been configured for three different VLANs: VLAN 2, VLAN 3, and VLAN 4. For the purposes of communication between VLANs a router is to be added. Host from one VLAN should be able to reach the hosts in the other VLANs. Based on this requirement, what type of connection is acceptable between the router and switch?
A. 10 Mbps Ethernet
B. 56 kbps serial
C. 100 Mbps Ethernet
D. 1,544 Mbps serial
E. 1000 Mbps Ethernet
Answer: C, E
For all hosts to be able to reach each other, inter-VLAN routing will need to be configured. In order to provide Inter-VLAN routing between the router and the switch, a trunk will need to be set up. This trunk can be either ISL or 802.1Q. On a router, the interface that is to be used as the trunk can be 100 Mbps Ethernet, Gigabit Ethernet, or 10 Gigabit Ethernet. Therefore, only choices C or E are correct.
QUESTION NO: 2
A router has been configured to provide the nine users on the branch office LAN with Internet access, as shown in the diagram below: It is found that some of the users on the LAN cannot reach the Internet. Other users are not having any problems. Based on the topology and router output shown, which of the following commands should be issued on the router to correct the problem? (Select one).
A. Branch(config-if)# no shutdown
B. Branch(config-if)# duplex full
C. Branch(config-if)# no keepalive
D. Branch(config-if)# ip address 192.168.10.30 255.255.255.240
E. Branch(config-if)# bandwidth 100
F. Branch(config-if)# encapsulation 802.3
Based on the output shown above, a /30 network mask has been applied to the Fast Ethernet interface. This will allow for only two hosts to reside on the network. Using the /28 mask as shown in choice D will allow for up to 14 hosts to reside on the LAN, which will be enough to accommodate for the 9 PC's used on thie LAN.
QUESTION NO: 3
A router is configured as shown in the graphic. The switch is connected to the router over a VLAN trunk. The switch has been configured with three VLANs: VLAN1, VLAN2, and VLAN3. In addition, the IP address of the switch is
192.168.1.2. A host is being added to the switch on VLAN 2. What is the correct default gateway for this computer?
The default gateway for this host should be the IP address of the local router on that VLAN. Based on the router configuration, this IP address is 192.168.2.1. In the router configuration, the number that follows the "encapsulation dot1q" command is the VLAN that is assigned to it. In this case, the PC host belongs to VLAN 2, so the subinterface fast Ethernet 0/0.2 is the one that should be chosen.
A. This is the IP address that hosts in VLAN 1 should use as their default gateway.
B. Even though this is the IP address of the switch itself as stated in the question, itshould not be chosen as the default gateway for any of the hosts in any of the VLANs.This IP address would be used only to administer and make changes to the switch.D, F. These are incorrect choices.
E. This is the IP address that hosts in VLAN 3 should use as their default gateway.
QUESTION NO: 4
The LAN needs are expanding at the Testking corporate office, which is quickly growing. You are instructed to enlarge the area covered by a single LAN segment on the TestKing network. Which of the following are layer 1 devices that you can use? (Choose all that apply.)
A. A switch.
B. A router.
C. A network adapter card.
D. A hub.
E. A repeater.
Answer: D E
A hub simply repeats the electrical signal and makes no attempt to interpret the electrical signal (layer 1) as a LAN frame (Layer 2). So, a hub actually performs OSI layer 1 functions, repeating an electrical signal, whereas a switch performs OSI layer 2 functions, actually interpreting Ethernet header information, particularly addresses, to make forwarding decisions. Hubs can be used to increase the number of stations that can be supported on a LAN. Because the repeater does not interpret what the bits mean, but does examine and generate electrical signals, a repeater is considered to operate at Layer 1. Repeaters can be used to physically extend the LAN to greater distances.
QUESTION NO: 5
You are experiencing intermittent issues relating to congestion with your network.What are the possible causes of congestion on a LAN? (Choose all that apply.)
A. A broadcast domain with too many hosts.
B. Full duplex operation.
C. Broadcast storms.
E. Network Segmentation.
F. Low bandwidth.
Answer: A, C, F
A LAN segment with too many hosts can mean that there are a large number of stations contending for bandwidth. It can also mean an increase in the number of collisions on the segment, which can cause further congestion issues. Broadcast storms are the result of a large number of broadcasts sent over the LAN. Because each station listens to these broadcast messages, congestion can occur quickly. Finally, low bandwidth can simply mean that the LAN can not process all of the LAN traffic that is being sent. This can mean that TCP sessions are retransmitted, which can lead to additional congestion.
B. This can alleviate congestion, as data can be sent and received at the same time. In addition, collisions are not possible in a full duplex LAN.
D. Multicasting can actually alleviate congestion issues, as single streams of information can reach multiple hosts at the same time, instead of using a series of point to point connections.
E. Segmentation breaks up a large LAN into multiple, smaller LANS. This will mean fewer hosts per broadcast domain.
QUESTION NO: 6
Which type of cable should be used to make a connection between the Fa0/0 port on a router and the Fa0/0 port switch?
A. Rollover cable
B. Console cab le
C. Crossover cable
D. Straight-through cable
E. Serial cable
The Fast Ethernet ports on a switch and router are both RJ-45 ports. It means we have same devices at both ends. To connect similar devices we use a crossover cable.
QUESTION NO: 7
What components are required to directly connect two PCs so they are able to participate in a simple peer-to-per network? Choose three
A. Straight-through cable
B. Compatible network interfaces
C. Networking protocol
E. Crossover cable
Answer: B, C, E
This cable can be used to directly connect two computers to each other without the use ofa hub or switch.Crossover cables are terminated with CAT 5 RJ-45 (RJ stands for "Registered Jack")modular plugs. RJ-45 plugs are similar to those you'll see on the end of your telephonecable except they have eight versus four contacts on the end of the plug. Also, make surethe ends you select are rated for CAT 5 wiring.
QUESTION NO: 8
What kind of cable should be used to establish a trunked line between two Catalyst 2950 switches?
A. a straight-through cable
B. an EIA/TIA-232 serial cable
C. an auxiliary cable
D. a modem cable
E. a cross-over cable
A crossover cable is used to connect two of the same device types, or devices from the same OSI layer.
QUESTION NO: 9
When a new trunk link is configured on an IOS based switch, which VLANs are allowed over the link?
A. All defined VLANs are allowed on the trunk by default.
B. Each VLAN, or VLAN range, that is specified with the switchport mode command.
C. Each VLAN, or VLAN range, that is specified with the vtp domain command.
D. Each VLAN, or VLAN range, that is specified with the vlan database command.
By default a trunk link carries all the VLANs that exist on the switch. This is because all
database, traffic for that VLAN is carried across the trunks. You can elect to selectively remove and add VLANs from a trunk link.
QUESTION NO: 10
Why would a network administrator configure port security on a switch?
A. To prevent unauthorized Telnet access to a switch port.
B. To limit the number of Layer 2 broadcasts on a particular switch port.
C. To prevent unauthorized hosts from accessing the LAN.
D. To protect the IP and MAC address of the switch and associated ports.
E. To block unauthorized access to the switch management interfaces over common TCP ports.
You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the stations allowed to access the port. When you assign secure MAC addresses to a secure port, the port does not forward packets with source addresses outside the group of defined addresses. If you limit the number of secure MAC addresses to one and assign a single secure MAC address, the workstation attached to that port is assured the full bandwidth of the port. If a port is configured as a secure port and the maximum number of secure MAC addresses is reached, when the MAC address of a station attempting to access the port is different from any of the identified secure MAC addresses, a security violation occurs. Also, if a station with a secure MAC address configured or learned on one secure port attempts to access another secure port, a violation is flagged.
QUESTION NO: 11
The TestKing LAN network for one of the offices is displayed below:
Assuming there is only one VLAN in this network, which switch is acting as the root bridge?
D. A root bridge is not required in this network.
A root switch has all ports in non-blocking mode. Based on the diagram above, Testking1 and Testking2 contain ports that have been blocked by the STP process, so Testking3 must be the root bridge.
QUESTION NO: 12
A workgroup switch is configured with all ports assigned to VLAN 2. In addition,all ports are configured as full-duplex FastEthernet. What is the effect of addingswitch ports to a new VLAN on this switch?
A. The additions will create more collision domains.
B. IP address utilization will be more efficient.
C. More bandwidth will be required than was needed previously.
D. An additional broadcast domain will be created.
E. The possibility that switching loops will occur will increase dramatically.
Additional VLANs means additional broadcast domains. VLANs define broadcast domains in a Layer 2 network. A broadcast domain is the set of all devices that will receive broadcast frames originating from any device within the set. Broadcast domains are typically bounded by routers because routers do not forward broadcast frames. Layer 2 switches create broadcast domains based on the configuration of the switch. Switches are multiport bridges that allow you to create multiple broadcast domains. Each broadcast domain is like a distinct virtual bridge within a switch.
A. Creating new VLANs means that additional broadcast domains will be created, but not necessarily new collision domains. Besides, in a full duplex environment such as the one described here collisions are not possible.
B. Additional IP addresses will be needed in this network, as each VLAN will require a separate VLAN or a different default IP gateway to be configured.
C. This is not true, as the creation of new VLANs in no way will effect the amount of bandwidth that is required.
E. Since a separate Spanning Tree Process is used for each VLAN, this is not true.
QUESTION NO: 13
A network administrator wants to control which user hosts can access the network based on their MAC address. What will prevent workstations with unauthorized MAC addresses from connecting to the network through a switch?
B. Port security
F. Blocking mode
Explanation:UnderstandingHow PortSecurity Works:
You can use port security to block input to an Ethernet, Fast Ethernet, or Gigabit Ethernet port when the MAC address of the station attempting to access the port is different from any of the MAC addresses specified for that port. Alternatively, you can use port security to filter traffic destined to or received from a specific host based on the host MAC address. When a secure port receives a packet, the source MAC address of the packet is compared to the list of secure source addresses that were manually configured or autoconfigured (learned) on the port. If a MAC address of a device attached to the port differs from the list of secure addresses, the port either shuts down permanently (default mode), shuts down for the time you have specified, or drops incoming packets from the insecure host. The port's behavior depends on how you configure it to respond to a security violation. If a security violation occurs, the Link LED for that port turns orange, and a link-down trap is sent to the Simple Network Management Protocol (SNMP) manager. An SNMP trap is not sent if you configure the port for restrictive violation mode. A trap is sent only if you configure the port to shut down during a security violation.