TUGAS TERSTRUKTUR

PERANCANGAN DAN MANAJEMEN JARINGAN

CISCO NETWORK ACADEMY

Nama : Muhammad Zaini

NPM : 220210079
Dosen : Sunarsan Sitohang, S.Kom., M.TI.

PROGRAM STUDI teknik informatika

FAKULTAS teknik dan komputer
UNIVERSITAS PUTERA BATAM
2025
 KATA PENGANTAR

Dalam era digital saat ini, pemahaman tentang jaringan komputer menjadi sangat
penting. Jaringan tidak hanya mendukung komunikasi dan pertukaran data, tetapi juga
menjadi tulang punggung bagi berbagai aplikasi dan layanan yang kita gunakan sehari-hari.
Cisco Networking Academy hadir untuk menjawab tantangan ini dengan menyediakan
pendidikan berkualitas tinggi di bidang jaringan komputer.

Cisco Networking Academy (CNA) merupakan program pendidikan global yang

dirancang untuk memberikan pelatihan di bidang teknologi jaringan dan komputer.
Program ini bertujuan untuk membekali peserta dengan keterampilan yang diperlukan
dalam dunia kerja, khususnya dalam bidang IT dan jaringan. Cisco Systems, sebagai
penyelenggara, telah mengembangkan kurikulum yang komprehensif dan relevan dengan
kebutuhan industri saat ini.

Batam, 12 July 2025

Ketik nama penyusun.

1.5.11 Check Your Understanding - Verify Directly Connected Networks
1. Which command will display a summary of all IPv6-enabled interfaces on a router that
includes the IPv6 address and operational status?
 show ip interface brief
 show ipv6 route
 show running-config interface
 show ipv6 interface brief
2. When verifying routes, what code is used to identify directly connected routes in the
routing table?
C
D
L
R
3. Which command will display packet flow counts, collisions, and buffer failures on an
interface?
show interface
show ip interface
show running-config interface
4. An IPv6-enabled interface is required to have which type of address?
loopback
global unicast
link-local
static
5. What character is used to enable the filtering of commands?
pipe |
comma ,
colon :
semi colon ;
6. Which filtering expression will show all output lines starting from the line matching the
filtering expression?
section
begin
include
1.6.4 Module Quiz - Basic Device Configuration
1. Which tasks can be accomplished by using the command history feature? (Choose two.)
Set the command history buffer size.
Recall previously entered commands.
View a list of commands entered in a previous session.
Recall up to 15 command lines by default.
Save command lines in a log file for future reference.
2. Which statement describes the system LED operation on Cisco Catalyst switches?
If the LED is amber, the system is not powered on.
If the LED is blinking amber, the switch is performing POST.
If the LED is blinking green, the system is operating normally.
If the LED is amber, the system is receiving power but it is not functioning properly.
3. What type of Ethernet cable would be used to connect one switch to another switch when
neither switch supports the auto-MDIX feature?
rollover
crossover
straight-through
coaxial
4. What advantage does SSH offer over Telnet?
connection-oriented services
more connection lines
username and password authentication
encryption
5. A network administrator has configured VLAN 99 as the management VLAN and has
configured it with an IP address and subnet mask. The administrator issues the show
interface vlan 99 command and notices that the line protocol is down. Which action can
change the state of the line protocol to up?
Configure a transport input method on the vty lines.
Connect a host to an interface associated with VLAN 99.
Remove all access ports from VLAN 99.
Configure a default gateway.
6. Which statement describes SVIs?
An SVI can only be created for the management VLAN.
A default SVI is created for VLAN 1 for switch administration.
Creating an SVI automatically creates an associated VLAN.
An SVI is created automatically for each VLAN on a multilayer switch.
7. Which prompt is displayed when a network administrator successfully accesses the boot
loader on a switch to recover from a system crash?
switch#
system#
system:
switch:
8. Which router bootup sequence is correct?
1 – perform the POST and load the bootstrap program
2 – locate and load the Cisco IOS software
3 – locate and load the startup configuration file or enter setup mode
1 – perform the POST and load the startup configuration file
2 – locate and load the bootstrap program
3 – locate and load the Cisco IOS software
1 – perform the POST and load the bootstrap program
2 – locate and load the startup configuration file or enter setup mode
3 – locate and load the Cisco IOS software
1 – perform the POST and load the Cisco IOS software
2 – locate and load the startup configuration file or enter setup mode
3 – locate and load the bootstrap program

9. What is the first action in the boot sequence when a switch is powered on?
low-level CPU initialization
load boot loader software
load the default Cisco IOS software
load a power-on self-test program
10. What must an administrator have in order to reset a lost password on a router?
access to another router
physical access to the router
a TFTP server
a crossover cable
11. When configuring a switch for SSH access, what other command that is associated with
the login local command is required to be entered on the switch?
login block-for seconds attempts number within seconds
enable secret password
username username secret secret
password password
12. Which command will provide information about the status of all interfaces including
the number of giants, runts, and collisions on the interface?
show interfaces
show ip interface brief
show history
show running-config
13. Which interface is used by default to manage a Cisco Catalyst 2960 switch?
The FastEthernet 0/1 interface
The GigabitEthernet 0/1 interface
The VLAN 1 interface
The VLAN 99 interface
14. A production switch is reloaded and finishes with a Switch> prompt. What two facts
can be determined? (Choose two.)
A full version of the Cisco IOS was located and loaded.
POST occurred normally.
The boot process was interrupted.
There is not enough RAM or flash on this router.
The switch did not locate the Cisco IOS in flash, so it defaulted to ROM.
15. Which two statements are true about using full-duplex Fast Ethernet? (Choose two.)
Full-duplex Fast Ethernet offers 100 percent efficiency in both directions.
Latency is reduced because the NIC processes frames faster.
Nodes operate in full-duplex with unidirectional data flow.
Performance is improved because the NIC is able to detect collisions.
Performance is improved with bidirectional data flow.
16. Which statement describes the port speed LED on the Cisco Catalyst 2960 switch?
If the LED is amber, the port is operating at 1000 Mbps.
If the LED is blinking green, the port is operating at 10 Mbps.
If the LED is green, the port is operating at 100 Mbps.
If the LED is off, the port is not operating.
17. What is a function of the switch boot loader?
To control how much RAM is available to the switch during the boot process
To provide an environment to operate in when the switch operating system cannot be found
To provide security for the vulnerable state when the switch is booting
To speed up the boot process
18. In which situation would a technician use the show interfaces command?
To determine whether remote access is enabled
To determine the MAC address of a directly attached network device on a particular
interface
When packets are being dropped from a particular directly attached host
When an end device can reach local devices, but not remote devices
19. What is one difference between using Telnet or SSH to connect to a network device for
management purposes?
Telnet does not provide authentication, whereas SSH provides authentication.
Telnet sends a username and password in plain text, whereas SSH encrypts the username
and password.
Telnet supports a host GUI, whereas SSH supports only a host CLI.
Telnet uses UDP as the transport protocol, whereas SSH uses TCP.
20. What is a characteristic of an IPv4 loopback interface on a Cisco IOS router?
It is a logical interface internal to the router.
It is assigned to a physical port and can be connected to other devices.
Only one loopback interface can be enabled on a router.
The no shutdown command is required to place this interface in an up state.
21. What two pieces of information are displayed in the output of the show ip interface
brief command? (Choose two.)
Interface descriptions
IPv4 addresses
Layer 1 statuses
MAC addresses
Next-hop addresses
Speed and duplex settings
22. What type of cable would be used to connect a router to a switch when neither supports
the auto-MDIX feature?
Coaxial
Crossover
Rollover
Straight-through
23. Which statement regarding a loopback interface is true?
It is an internal virtual interface used for testing purposes.
It is used to loop back traffic to an interface.
It must be enabled using the no shutdown command.
Only one loopback interface can be created on a device.
24. You are implementing remote access to the VTY lines of a switch using SSH and the
login local line vty command. Which other command must be entered to avoid being
locked out of the switch?
enable secret password
password password
service-password encryption
username username secret password
2.2.4 Check Your Understanding - Switching Domains
1. Which port speed will be autonegotiated between a host with a 1 Gbps NIC connecting
to a Cisco Catalyst 2960 switch with a 100 Mbps port?
10 Mbps
100 Mbps
1 Gbps
10 Gbps
2. Which device separates broadcast domains?
access point
hub
router
switch
3. Which two special characteristics do LAN switches use to alleviate network congestion?
(Choose two.)
fast port speeds
fast internal switching
low port densities
small frame buffers
2.3.2 Module Quiz - Switching Concepts
1. Which statement is true about broadcast and collision domains?
The size of the collision domain can be reduced by adding hubs to a network.
Adding a switch to a network will increase the size of the broadcast domain.
Adding a router to a network will increase the size of the collision domain.
The more interfaces a router has the larger the resulting broadcast domain.
2. What is one function of a Layer 2 switch?
forwards data based on logical addressing
determines which interface is used to forward a frame based on the destination MAC
address
duplicates the electrical signal of each frame to every port
learns the port assigned to a host by examining the destination MAC address
3. What is the significant difference between a hub and a Layer 2 LAN switch?
A hub divides collision domains, and a switch divides broadcast domains.
Each port of a hub is a collision domain, and each port of a switch is a broadcast domain.
A switch creates many smaller collision domains, and a hub increases the size of a single
collision domain.
A hub forwards frames, and a switch forwards only packets.
4. What will a Cisco LAN switch do if it receives an incoming frame and the destination
MAC address is not listed in the MAC address table?
Send the frame to the default gateway address.
Use ARP to resolve the port that is related to the frame.
Drop the frame.
Forward the frame out all ports except the port where the frame is received.
5. Which switch characteristic helps alleviate network congestion when a 10 Gbps port is
forwarding data to a 1 Gbps port?
high port density
fast port speed
fast internal switching
frame buffering
6. Which switching method makes use of the FCS value?
broadcast
large frame buffer
store-and-forward
cut-through
7. What does the term “port density” represent for an Ethernet switch?
the memory space that is allocated to each switch port
the number of available ports
the speed of each port
the numbers of hosts that are connected to each switch port
8. Which information does a switch use to keep the MAC address table information
current?
the source MAC address and the incoming port
the source and destination MAC addresses and the incoming port
the source and destination MAC addresses and the outgoing port
the destination MAC address and the incoming port
the source MAC address and the outgoing port
the destination MAC address and the outgoing port
9. Which two statements are true about half-duplex and full-duplex communications?
(Choose two.)
Half duplex has only one channel.
Full duplex increases the effective bandwidth.
Full duplex allows both ends to transmit and receive simultaneously.
Full duplex offers 100 percent potential use of the bandwidth.
All modern NICS support both half-duplex and full-duplex communication.
10. Which type of address does a switch use to build the MAC address table?
source IP address
source MAC address
destination MAC address
destination IP address
11. Which option correctly describes a switching method?
cut-through: makes a forwarding decision after receiving the entire frame
cut-through: provides the flexibility to support any mix of Ethernet speeds
store-and-forward: forwards the frame immediately after examining its destination MAC
address
store-and-forward: ensures that the frame is free of physical and data-link errors
12. Which network device can serve as a boundary to divide a Layer 2 broadcast domain?
router
Ethernet hub
access point
Ethernet bridge
13. What is the purpose of frame buffers on a switch?
They execute checksum values before transmission.
They provide temporary storage of the frame checksum.
They hold traffic, thus alleviating network congestion.
They provide a basic security scan on received frames.
14. Which network device can be used to eliminate collisions on an Ethernet network?
hub
firewall
switch
router
15. What criteria is used by a Cisco LAN switch to decide how to forward Ethernet frames?
Destination IP address
Destination MAC address
Egress port
Path cost
16. What are two reasons a network administrator would segment a network with a Layer 2
switch? (Choose two.)
To create fewer collision domains
To create more broadcast domains
To eliminate virtual circuits
To enhance user bandwidth
To isolate ARP request messages from the rest of the network
To isolate traffic between segments
17. A switch has received a frame on an ingress port. What will the switch do if the unicast
destination MAC address is in the MAC address table?
It will drop the frame.
It will forward the frame out all ports.
It will forward the frame out all ports except the incoming port.
It will forward the frame out of the specified port in the MAC address table.
18. A switch has received a frame on an ingress port. What will the switch do if the unicast
destination MAC address is not in the MAC address table?
It will drop the frame.
It will forward the frame out all ports.
It will forward the frame out all ports except the incoming port.
It will forward the frame out of the specified port in the MAC address table.
19. A switch has received a frame on an ingress port. What will the switch do if the
destination MAC address is a broadcast address?
It will drop the frame.
It will forward the frame out all ports.
It will forward the frame out all ports except the incoming port.
It will forward the frame out of the specified port in the MAC address table.
20. Which switching method forwards the frame immediately after examining the
destination MAC address?
Broadcast
Cut-though
Large frame buffer
Store-and-forward
21. Which statement about half-duplex and full-duplex communication is true?
Gigabit Ethernet and 10 Gb/s NICs can operate in full-duplex or half-duplex.
Full-duplex communication is bidirectional.
Half-duplex communication allows both ends to transmit and receive simultaneously.
Half-duplex communication is unidirectional, or one direction at a time.
3.1.5 Check Your Understanding - Overview of VLANs
1. True or False? VLANs improve network performance by segmenting broadcast domains.
True
False
2. True or False? VLANs can improve security by isolating sensitive data from the rest of
the network.
True
False
3. Which type of VLAN is assigned to 802.1Q trunk ports to carry untagged traffic?
default
native
data
management
4. True or False? It is a best practice to configure the native VLAN as VLAN 1.
True
False
5. Which is true of VLAN 1? (Choose all that apply.)
All switch ports are assigned to VLAN 1 by default.
The native VLAN is VLAN 1 by default.
The management VLAN is VLAN 1 by default.
VLAN 1 cannot be renamed or deleted.
3.2.9 Check Your Understanding - VLANs in a Multi-Switch Environment
1. Refer to the exhibit Question 1 Topology. PC1 sends an ARP broadcast frame. Which
PC will receive the ARP broadcast frame?

 PC2
 PC3
 PC4
 PC5
 PC6
2. Refer to the exhibit Question 2 Topology. PC2 sends an ARP broadcast frame. Which
PCs will receive the ARP broadcast frame? (Choose all that apply.)
  PC1
 PC3
 PC4
 PC5
 PC6
3. Refer to the exhibit Question 3 Topology. PC3 sends an ARP broadcast frame. Which
PC will receive the ARP broadcast frame?

 PC1
 PC2
 PC4
 PC5
 PC6
 3.5.6 Check Your Understanding - Dynamic Trunking Protocol
1. True or false? DTP is an open standard IEEE protocol that specifies auto negotiation
of switch trunk links.
 true
 false
2. What is the default switchport mode for Cisco Catalyst switches?
 access
 trunk
 dynamic auto
 dynamic desirable
3. True or false? Two switchports on a link both configured as dynamic auto will
successfully negotiate a trunk.
 true
 false
4. Which two DTP modes will form a trunk with an interface that is configured as
dynamic auto? (Choose two.)
 access
 trunk
 dynamic auto
 dynamic desirable
3.6.4 Module Quiz – VLANs
1. What happens to a port that is associated with VLAN 10 when the administrator deletes
VLAN 10 from the switch?
 The port creates the VLAN again.
 The port goes back to the default VLAN.
 The port automatically associates itself with the native VLAN.
 The port becomes inactive.
2. In which memory location are the VLAN configurations of normal range VLANs stored
on a Catalyst switch?
 flash
 ROM
  RAM
 NVRAM
3. An administrator is investigating a failure on a trunk link between a Cisco switch and a
switch from another vendor. After a few show commands, the administrator notices that the
switches are not negotiating a trunk. What is a probable cause for this issue?
 Both switches are in nonegotiate mode.
 Switches from other vendors do not support DTP.
 Both switches are in trunk mode.
 DTP frames are flooding the entire network.
4. What is the purpose of the vlan.dat file on a switch?
 It holds the VLAN database.
 It holds the running configuration.
 It holds the operating system.
 It holds the saved configuration.
5. What is the purpose of setting the native VLAN separate from data VLANs?
 A separate VLAN should be used to carry uncommon untagged frames to
avoid bandwidth contention on data VLANS.
 The security of management frames that are carried in the native VLAN can be
enhanced.
 The native VLAN is for carrying VLAN mnanagement traffic only.
 The native VLAN is for routers and switches to exchange their management
information, so it should be different from data VLANS.
6. When a Cisco switch receives untagged frames on a 802.1Q trunk port, which VLAN ID
is the traffic switched to by default?
 management VLAN ID
 data VLAN ID
 native VLAN ID
 unused VLAN ID
7. A network administrator is determining the best placement of VLAN trunk links. Which
two types of point-to-point connections utilize VLAN trunking? (Choose two.)
 between two switches that utilize multiple VLANs
 between a switch and a server that has an 802.1Q NIC
  between a switch and a network printer
 between two switches that share a common VLAN
 between a switch and a client PC
8. What are three primary benefits of using VLANs? (Choose three.)
 security
 a reduction in the number of trunk links
 cost reduction
 end user satisfaction
 improved IT staff efficiency
 no required configuration
9. On a Cisco switch, where is extended range VLAN information stored?
 running configuration file
 NVRAM
 flash
 startup configuration file
10. In which location are the normal range VLANs stored on a Cisco switch by default?
 RAM
 flash memory
 startup-config
 running-config
11. Which distinct type of VLAN is used by an administrator to access and configure a
switch?
 data VLAN
 default VLAN
 native VLAN
 management VLAN
12. For what reason would a network administrator use the show interfaces trunk command
on a switch?
 to view the native VLAN
 to examine DTP negotiation as it occurs
  to display an IP address for any existing VLAN
 to verify port association with a particular VLAN
13. Where is the vlan.dat file stored on a switch?
 in NVRAM
 in flash memory
 in RAM
 on the externally attached storage media or internal hard drive
14. If an organization is changing to include Cisco IP phones in its network, what design
feature must be considered to ensure voice quality?
 Voice traffic needs to be tagged with the native VLAN.
 A separate VLAN is needed for voice traffic.
 Voice traffic and data traffic require separate trunk links between switches.
 Additional switch ports that are dedicated to Cisco IP phones are required.
15. A Cisco switch currently allows traffic tagged with VLANs 10 and 20 across trunk port
Fa0/5. What is the effect of issuing a switchport trunk allowed vlan 30 command on Fa0/5?
 It allows a native VLAN of 30 to be implemented on Fa0/5.
 It allows VLANs 10, 20, and 30 on Fa0/5.
 It allows only VLAN 30 on Fa0/5.
 It allows VLANs 1 to 30 on Fa0/5.
16. Which three statements accurately describe VLAN types? (Choose three).
 A data VLAN is used to carry VLAN management data and user-generated traffic.
 A management VLAN is any VLAN that is configured to access management
features of the switch.
 After the initial boot of an unconfigured switch, all ports are members of the
default VLAN.
 An 802.1Q trunk port, with a native VLAN assigned, supports both tagged and
untagged traffic.
 Voice VLANs are used to support user phone and email traffic on a network.
 VLAN 1 is always used as the management VLAN.
17. Which type of VLAN is used to designate which traffic is untagged when crossing a
trunk port?
 Data
  Default
 Native
 Management
 VLAN 1
18. What are two primary benefits of using VLANs? (Choose two.)
 A reduction in the number of trunk links
 Cost reduction
 Improved IT staff efficiency
 No required configuration
 Reduced security
19. Which command displays the encapsulation type, the voice VLAN ID, and the access
mode VLAN for the Fa0/1 interface?
 show interfaces Fa0/1 switchport
 show interfaces trunk
 show mac address-table interface Fa0/1
 show vlan brief
20. What must the network administrator do to remove FastEthernet 0/1 from VLAN 2 and
assign it to VLAN 3?
 Enter the no shutdown interface config command on Fa0/1.
 Enter the no vlan 2 and the vlan 3 global config commands.
 Enter the switchport access vlan 3 interface config command on Fa0/1.
 Enter the switchport trunk native vlan 3 interface config command on Fa0/1.
21. A Cisco Catalyst switch has been added to support the use of multiple VLANs as part
of an enterprise network. The network technician finds it necessary to clear all VLAN
information from the switch in order to incorporate a new network design. What should the
technician do to accomplish this task?
 Delete the IP address that is assigned to the management VLAN and reboot the
switch.
 Delete the startup configuration and the vlan.dat file in the flash memory of
the switch and reboot the switch.
 Erase the running configuration and reboot the switch.
 Erase the startup configuration and reboot the switch.
22. Which two characteristics match extended range VLANs? (Choose two.)
 CDP can be used to learn and store these VLANs.
 They are commonly used in small networks.
 They are saved in the running-config file by default.
 VLAN IDs exist between 1006 to 4094.
 VLANs are initialized from flash memory.
23. What happens to switch ports after the VLAN to which they are assigned is deleted?
 The ports are assigned to VLAN 1, the default VLAN.
 The ports are disabled and must be re-enabled using the no shutdown command.
 The ports are placed in trunk mode.
 The ports stop communicating with the attached devices.
24. You must configure a trunk link between a Cisco Catalyst 2960 switch to another
vendor Layer 2 switch. Which two commands should be configured to enable the trunk
link? (Choose two.)
 switchport mode access
 switchport mode dynamic auto
 switchport mode dynamic desirable
 switchport mode trunk
 switchport nonegotiate
4.4.7 Check Your Understanding - Troubleshoot Inter-VLAN Routing
1. You are troubleshooting an inter-VLAN issue on a switch and need to verify that the
subinterfaces are in the routing table. Which inter-VLAN routing troubleshooting command
would you use to do this?
 show interfaces
 show interfaces interface-id switchport
 show ip interface brief
 show ip route
 show vlan
2. You are troubleshooting an inter-VLAN issue on a switch and need to check the list of
VLANs and their assigned ports. Which inter-VLAN routing troubleshooting command
would you use to do this?
 show interfaces
  show interfaces interface-id switchport
 show ip interface brief
 show ip route
 show vlan
3. You are troubleshooting an inter-VLAN issue on a switch and need to verify the status of
an access port and its access mode VLAN. Which troubleshooting command would you use
to do this?
 show interfaces
 show interfaces interface-id switchport
 show ip interface brief
 show ip route
 show vlan
4. You are troubleshooting an inter-VLAN issue on a router and need to verify the status
and IP address of all interfaces in a condensed format. Which inter-VLAN routing
troubleshooting command would you use to do this?
 show interfaces
 show interfaces interface-id switchport
 show ip interface brief
 show ip route
 show vlan
4.5.4 Module Quiz - Inter-VLAN Routing
1. A PC is to access a web server on another network. Which inter-VLAN method will
provide the highest bandwidth at Layer 3 and also provide a default gateway for the PC?
 multilayer switch with routing enabled
 router on a stick
 trunked interface between the router and the switch
 multiple physical interfaces on the router, all connected to a Layer 2 switch
2. Which scalable method must be implemented in order to provide inter-VLAN routing on
a switched network with more than 1000 VLANs?
 routing traffic internally to a Layer 3 switch device
 configuring static routes on a Layer 2 switch device
  connecting a router interface to a switch port that is configured in trunk mode to
route packets between VLANs, with each VLAN assigned to a router subinterface
 connecting each physical router interface to a different physical switch port, with
each switch port assigned to a different VLAN
3. When configuring a router as part of a router-on-a-stick inter-VLAN routing topology,
where should the IP address be assigned?
 to the subinterface
 to the interface
 to the SVI
 to the VLAN
4. A small college uses VLAN 10 for the classroom network and VLAN 20 for the office
network. What is needed to enable communication between these two VLANs while using
legacy inter-VLAN routing?
 Two groups of switches are needed, each with ports that are configured for one
VLAN.
 A router with at least two LAN interfaces should be used.
 A router with one VLAN interface is needed to connect to the SVI on a switch.
 A switch with a port that is configured as trunk is needed to connect to a router.
5. What is a disadvantage of using multilayer switches for inter-VLAN routing?
 Multilayer switches are more expensive than router-on-a-stick
implementations.
 Multilayer switches have higher latency for Layer 3 routing.
 Spanning tree must be disabled in order to implement routing on a multilayer
switch.
 Multilayer switches are limited to using trunk links for Layer 3 routing.
6. Which type of inter-VLAN communication design requires the configuration of multiple
subinterfaces?
 router on a stick
 routing for the management VLAN
 routing via a multilayer switch
 legacy inter-VLAN routing
7. What is a disadvantage of using router-on-a-stick inter-VLAN routing?
 does not scale well beyond 50 VLANs
  requires the use of more physical interfaces than legacy inter-VLAN routing
 requires the use of multiple router interfaces configured to operate as access links
 does not support VLAN-tagged packets
8. What is the meaning of the number 10 in the encapsulation dot1Q 10 native router
subinterface command?
 the subinterface number
 the interface number
 the VLAN ID
 the subnet number
9. While configuring inter-VLAN routing on a multilayer switch, a network administrator
issues the no switchport command on an interface that is connected to another switch. What
is the purpose of this command?
 to create a switched virtual interface
 to create a routed port for a single network
 to provide a static trunk link
 to provide an access link that tags VLAN traffic
10. A network administrator enters the following command sequence on a Cisco 3560
switch. What is the purpose of these commands?
Switch(config)# interface gigabitethernet 0/1
Switch(config-if)# no switchport
 to enable the Gi0/1 port as a switch virtual interface
 to enable the Gi0/1 port as a bridge virtual interface
 to make the Gi0/1 port a routed port
 to shut down the Gi0/1 port
11. What operational mode should be used on a switch port to connect it to a router for
router-on-a-stick inter-VLAN routing?
 dynamic auto
 trunk
 access
 dynamic desirable
12. Which sentence correctly describes the SVI inter-VLAN routing method?
  Subinterfaces have to be created.
 A physical interface is needed for every VLAN that is created.
 An SVI is needed for each VLAN.
 The encapsulation type must be configured on the SVI.
13. How is traffic routed between multiple VLANs on a multilayer switch?
 Traffic is routed via internal VLAN interfaces.
 Traffic is routed via subinterfaces.
 Traffic is routed via physical interfaces.
 Traffic is broadcast out all physical interfaces.
14. What is required to perform router-on-a-stick inter-VLAN routing?
 a multilayer switch
 a router that is configured with multiple subinterfaces
 a router with multiple physical interfaces
 a Layer 2 switch that is configured with multiple trunk ports
15. An administrator was troubleshooting a router-on-a-stick topology and concluded that
the problem was related to the configuration of VLANs on the router subinterfaces. Which
two commands can the administrator use in the router to identify the problem? (Choose
two.)
 show ip interface
 show ip protocols
 show controllers
 show running-config
 show vlan
16. A router has two FastEthernet interfaces and needs to connect to four VLANs in the
local network. How can this be accomplished using the fewest number of physical
interfaces without unnecessarily decreasing network performance?
 Add a second router to handle the inter-VLAN traffic.
 Implement a router-on-a-stick configuration.
 Interconnect the VLANs via the two additional FastEthernet interfaces.
 Use a hub to connect the four VLANS with a FastEthernet interface on the router.
17. What distinguishes traditional legacy inter-VLAN routing from router-on-a-stick?
  Traditional routing is able to use only a single switch interface, whereas a router-on-
a-stick can use multiple switch interfaces.
 Traditional routing requires a routing protocol, whereas a router-on-a-stick only
needs to route directly connected networks.
 Traditional routing uses one port per logical network, whereas a router-on-a-
stick uses subinterfaces to connect multiple logical networks to a single router
port.
 Traditional routing uses multiple paths to the router and therefore requires STP,
whereas router-on-a-stick does not provide multiple connections and therefore
eliminates the need for STP.
18. Subinterface G0/1.10 on R1 must be configured as the default gateway for the VLAN
10 192.168.10.0/24 network. Which command should be configured on the subinterface to
enable inter-VLAN routing for VLAN 10?
 encapsulation dot1q 10
 encapsulation vlan 10
 switchport mode access
 switchport mode trunk
19. What is important to consider while configuring the subinterfaces of a router when
implementing inter-VLAN routing?
 The IP address of each subinterface must be the default gateway address for
each VLAN subnet.
 The no shutdown command must be given on each subinterface.
 The physical interface must have an IP address configured.
 The subinterface numbers must match the VLAN ID number.
20. What are the steps that must be completed in order to enable inter-VLAN routing using
router-on-a-stick?
 Configure the physical interfaces on the router and enable a routing protocol.
 Create the VLANs on the router and define the port membership assignments on the
switch.
 Create the VLANs on the switch to include port membership assignment and enable
a routing protocol on the router.
 Create the VLANs on the switch to include port membership assignment and
configure subinterfaces on the router matching the VLANs.
21. What two statements are true regarding the use of subinterfaces for inter-VLAN
routing? (Choose two.)
  Fewer router Ethernet ports required than in traditional inter-VLAN routing
 Less complex physical connection than in traditional inter-VLAN routing
 More switch ports required than in traditional inter-VLAN routing
 Simpler Layer 3 troubleshooting than with traditional inter-VLAN routing
 Subinterfaces have no contention for bandwidth
22. Which router-on-a-stick command and prompt on R1 correctly encapsulates 802.1Q
traffic for VLAN 20?
 R1(config-if)# encapsulation 802.1q 20
 R1(config-if)# encapsulation dot1q 20
 R1(config-subif)# encapsulation 802.1q 20
 R1(config-subif)# encapsulation dot1q 20
23. What are two disadvantages of using the router-on-a-stick inter-VLAN routing method
in a large network? (Choose two.)
 A dedicated router is required.
 It does not scale well.
 It requires multiple physical interfaces on a router.
 It requires subinterfaces to be configured on the same subnets.
 Multiple SVIs are needed.
24. What is a characteristic of a routed port on a Layer 3 switch? (Choose two.)
 It requires the switchport mode access interface config command.
 It requires the no switchport interface config command.
 It requires the switchport access vlan vlan-id interface config command.
 It supports trunking.
25. What are two advantages of using a Layer 3 switch with SVIs for inter-VLAN routing?
(Choose two.)
 A router is not required.
 It switches packets faster than using the router-on-a-stick method.
 SVIs can be bundled into EtherChannels.
 SVIs can be divided using subinterfaces.
 SVIs eliminate the need for a default gateway in the hosts.
5.2.12 Check Your Understanding - STP Operations
1. By default (without any configuration on a switch), what will determine which switch is
the root bridge?
 The bridge priority
 The extended system ID
 The MAC address of the switch
 The bridge ID
2. The root bridge will be the switch with the:
 Lowest bridge ID
 Highest bridge ID
 Lowest port priority
 Highest port priority
3. The port closest to the root bridge in terms of least overall cost (best path) to the root
bridge is the:
 Designated port
 Blocked port or non-designated port
 Root port
 Routed Port
4. The port on the segment (with two switches) that has the lowest path cost to the root
bridge is the:
 Designated port
 Blocked port or non-designated port
 Root port
 Routed Port
5. Which of the following ports will forward Ethernet frames? (Choose two.)
 Designated port
 Blocked port or non-dedicated port
 Root port
6. The sum of individual port costs along the path from the switch to the root bridge is
known as the:
 Least cost path
  Shortest path cost
 Best path cost
 Root path cost
7. How often does a switch send a BPDU?
 Every 2 seconds
 Every 15 seconds
 Every 20 seconds
 Only when there is a change in the topology
5.3.6 Check Your Understanding - Evolution of STP
1. Which three STP port states are merged into the RSTP discarding port state? (Choose
three.)
 disabled
 blocking
 listening
 learning
 forwarding
2. Which protocol was designed to bring faster convergence to STP?
 PortFast
 RSTP
 PVST
 MSTP
3. Which technology solves the problem of a device being unable to get an IPv4 address
from a DHCP server due to STP forwarding delay timers?
 PortFast
 BPUD guard
 PVST
 MSTP
5.4.2 Module Quiz – STP
1. Which port state will switch ports immediately transition to when configured for
PortFast?
 forwarding
  blocking
 listening
 learning
2. After the election of the root bridge has been completed, how will switches find the best
paths to the root bridge?
 Each switch will analyze the port states of all neighbors and use the designated ports
to forward traffic to the root.
 Each switch will analyze the sum of all port costs to reach the root and use the
path with the lowest cost.
 Each switch will analyze the sum of the hops to reach the root and use the path with
the fewest hops.
 Each switch will analyze the BID of all neighbors to reach the root and use the path
through the lowest BID neighbors.
3. Which is the default STP operation mode on Cisco Catalyst switches?
 MST
 PVST+
 Rapid PVST+
 MSTP
 RSTP
4. What value determines the root bridge when all switches connected by trunk links have
default STP configurations?
 VLAN ID
 MAC address
 extended system ID
 bridge priority
5. During the implementation of Spanning Tree Protocol, all switches are rebooted by the
network administrator. What is the first step of the spanning-tree election process?
 All the switches send out BPDUs advertising themselves as the root bridge.
 Each switch determines the best path to forward traffic.
 Each switch determines what port to block to prevent a loop from occurring.
 Each switch with a lower root ID than its neighbor will not send BPDUs.
6. Which two concepts relate to a switch port that is intended to have only end devices
attached and intended never to be used to connect to another switch? (Choose two.)
 bridge ID
 PortFast
 edge port
 extended system ID
 PVST+
7. Which three port states are used by Rapid PVST+? (Choose three.)
 listening
 blocking
 trunking
 learning
 forwarding
 discarding
8. When PVST is running over a switched network, which port state can participate in
BPDU frame forwarding based on BPDUs received, but does not forward data frames?
 disabled
 forwarding
 listening
 blocking
9. Which STP port role is adopted by a switch port if there is no other port with a lower
cost to the root bridge?
 designated port
 alternate
 disabled port
 root port
10. Which two statements describe a switch port that is configured with PortFast? (Choose
two.)
 The switch port immediately transitions from the listening to the forwarding state.
 The switch port immediately transitions from blocking to the forwarding state.
 The switch port sends DHCP requests before transitioning to the forwarding state.
  The switch port immediately processes any BPDUs before transitioning to the
forwarding state.
 The switch port should never receive BPDUs.
11. What is one way to correct a spanning tree failure?
 Replace the cables on failed STP links.
 Manually remove redundant links in the switched network.
 Insert redundant links to replace the failed STP links.
 Replace all instances of STP with RSTP.
12. What additional information is contained in the 12-bit extended system ID of a BPDU?
 port ID
 MAC address
 IP address
 VLAN ID
13. An administrator is troubleshooting a switch and wants to verify if it is a root bridge.
What command can be used to do this?
 show spanning-tree
 show running-config
 show vlan
 show startup-config
14. What is an accurate description of redundancy?
 designing a network to use multiple virtual devices to ensure that all traffic uses the
best path through the internetwork
 configuring a router with a complete MAC address database to ensure that all
frames can be forwarded to the correct destination
 designing a network to use multiple paths between switches to ensure there is
no single point of failure
 configuring a switch with proper security to ensure that all traffic forwarded through
an interface is filtered
15. Which three components are combined to form a bridge ID? (Choose three.)
 Bridge priority
 Cost
 Extended system ID
  IP address
 MAC address
 Port ID
16. What is an advantage of PVST+?
 PVST+ optimizes performance on the network through automatic selection of the
root bridge.
 PVST+ optimizes performance on the network through load sharing using
multiple root bridges.
 PVST+ reduces bandwidth consumption compared to traditional implementations of
STP that use CST.
 PVST+ requires fewer CPU cycles for all the switches in the network.
17. In which two port states does a switch learn MAC addresses and process BPDUs in a
PVST network? (Choose two.)
 Blocking
 Disabled
 Forwarding
 Learning
 Listening
18. What two features does Spanning Tree Protocol (STP) provide to ensure proper
network operations? (Choose two.)
 Implementing VLANs to contain broadcasts
 Link-state dynamic routing that provides redundant routes
 Redundant links between Layer 2 switches
 Removing single points of failure with multiple Layer 2 switches
 Static default routes
19. Which PVST+ feature ensures that configured switch edge ports do not cause Layer 2
loops if a port is mistakenly connected to another switch?
 BPDU guard
 Extended system ID
 PortFast
 PVST+
20. What is an advantage of using STP in a LAN?
  It combines multiple switch trunk links into a logical port channel link to increase
bandwidth.
 It decreases the size of the failure domain.
 It provides firewall services to protect the LAN.
 It temporarily disables redundant paths to stop Layer 2 loops.
21. Which two statements regarding a PortFast enabled switch port are true? (Choose two.)
 The port immediately transitions from blocking to forwarding state.
 The port immediately transitions from listening to forwarding state.
 The port immediately processes any BPDUs before transitioning to the forwarding
state.
 The port sends DHCP requests before transitioning to the forwarding state.
 The port should never receive BPDUs.
6.4.4 Module Quiz – Etherchannel
1. An EtherChannel link using LACP was formed between two switches, S1 and S2. While
verifying the configuration, which mode combination could be utilized on both switches?
 S1-passive and S2-passive
 S1-on and S2-active
 S1-on and S2-passive
 S1-passive and S2-active
2. When a range of ports is being configured for EtherChannel, which mode will configure
PAgP so that it initiates the EtherChannel negotiation?
 active
 desirable
 passive
 auto
Explanation: The command channel-group mode active enables LACP unconditionally,
and the command channel-group mode passive enables LACP only if the port receives an
LACP packet from another device. The command channel-group mode desirable enables
PAgP unconditionally, and the command channel-group mode auto enables PAgP only if
the port receives a PAgP packet from another device.
3. Which three interface parameters must match for an EtherChannel to form? (Choose
three.)
 PortFast mode
  spanning-tree state
 allowed VLANs
 native VLAN
 EtherChannel mode
 trunking mode
Explanation: There are some EtherChannel modes that can be different and an
EtherChannel will form, such as auto/desirable and active/passive. A port that is currently
in the spanning tree blocking mode or has been configured for PortFast can still be used to
form an EtherChannel.
4. What are three advantages of using EtherChannel technology? (Choose three.)
 Configuration tasks can be done on the EtherChannel interface.
 A spanning tree recalculation is not required when a single link within the
channel goes down.
 The Spanning Tree Protocol shuts down the unused interfaces in the bundle to avoid
loops.
 There is no need to upgrade links to faster connections to increase bandwidth.
 EtherChannel uses multiple logical links to provide redundancy.
 Load balancing is not needed with EtherChannel.
Explanation: Most configuration tasks can be done on the EtherChannel interface, rather
than on individual ports. Existing ports can be used, eliminating the need to upgrade ports
to faster speeds. Spanning Tree Protocol runs on EtherChannel links in the same manner as
it does on regular links, but it does not recalculate when an individual link within the
channel goes down. EtherChannel also supports load balancing.
5. A network administrator is configuring an EtherChannel link between two physical ports
on a switch. Which statement describes the result when one of the physical ports fails?
 An STP recalculation is needed.
 The EtherChannel link fails.
 The EtherChannel stops transmitting data until it is restarted.
 The EtherChannel continues transmitting data with reduced bandwidth.
Explanation: An EtherChannel is seen as one logical connection. The loss of one physical
link within the channel does not create a change in the topology and therefore a spanning
tree recalculation is not required. When one of the member ports in the EtherChannel fails,
the EtherChannel link remains functional, although its overall throughput decreases
because of a lost link within the EtherChannel.
6. When EtherChannel is implemented, multiple physical interfaces are bundled into which
type of logical connection?
 port channel
 loopback
 VLAN interface
 interface range
Explanation: When EtherChannel is being configured, the first step is to specify what
physical ports will be used in an EtherChannel group. The second step is to create the
logical EtherChannel port channel interface which contains the group of physical interfaces.
7. When a range of ports is being configured for EtherChannel by the use of PAgP, which
mode will form the bundled channel only if the port receives PAgP packets from another
device?
 desirable
 active
 auto
 passive
Explanation: The command channel-group mode active enables LACP unconditionally,
and the command channel-group mode passive enables LACP only if the port receives an
LACP packet from another device. The command channel-group mode desirable enables
PAgP unconditionally, and the command channel-group mode auto enables PAgP only if
the port receives a PAgP packet from another device.
8. Which two load balancing methods can be implemented with EtherChannel technology?
(Choose two.)
 source IP to destination IP
 source MAC to destination MAC
 destination IP to destination MAC
 destination MAC to source MAC
 destination IP to source IP
 destination MAC to destination IP
Explanation: Source MAC to destination MAC load balancing and source IP to destination
IP load balancing are two implementation methods used in EtherChannel technology.
9. Which function is provided by EtherChannel?
 enabling traffic from multiple VLANs to travel over a single Layer 2 link
  spreading traffic across multiple physical WAN links
 dividing the bandwidth of a single link into separate time slots
 creating one logical link by using multiple physical links between two LAN
switches
Explanation: EtherChannel technology allows the grouping, or aggregating, of several
Fast Ethernet or Gigabit switch ports into one logical channel.
10. Which statement is true about EtherChannel technology?
 All configuration tasks must be done on the individual ports in the EtherChannel
link.
 STP does not run on redundant EtherChannel links.
 EtherChannel uses existing switch ports.
 Links must be upgraded to support EtherChannel.
Explanation: EtherChannel relies on existing switch ports, so there is no need to upgrade
the links. Some configuration tasks are done on individual ports and some configuration
tasks are done on the EtherChannel group. STP operates on EtherChannel in the same
manner as it does on other redundant links.
11. Which two mode combinations would result in the successful negotiation of an
EtherChannel? (Choose two.)
 active; on
 passive; auto
 desirable; desirable
 desirable; active
 active; passive
 auto; auto
Explanation: The combinations of modes that will form an EtherChannel are as follows:
on/on, active/passive, active/active, desirable/auto, and desirable/desirable.
12. Which two protocols are link aggregation protocols? (Choose two.)
 EtherChannel
 STP
 PAgP
 802.3ad
 RSTP
Explanation: The two protocols that can be used to form an EtherChannel are PAgP
(Cisco proprietary) and LACP, also know as IEEE 802.3ad. STP (Spanning Tree Protocol)
or RSTP (Rapid Spanning Tree Protocol) is used to avoid loops in a Layer 2 network.
EtherChannel is the term that describes the bundling of two or more links that are treated as
a single link for spanning tree and configuration.
13. When a range of ports is being configured for EtherChannel, which mode will configure
LACP so that it initiates the EtherChannel negotiation?
 active
 auto
 desirable
 passive
Explanation: The command channel-group mode active enables LACP unconditionally,
and the command channel-group mode passive enables LACP only if the port receives an
LACP packet from another device. The command channel-group mode desirable enables
PAgP unconditionally, and the command channel-group mode auto enables PAgP only if
the port receives a PAgP packet from another device.
14. What will happen if a network administrator puts a port that is part of an EtherChannel
bundle into a different VLAN than the other ports in that bundle?
 The EtherChannel will fail.
 The EtherChannel bundle will stay up if the ports were configured with no
negotiation between the switches to form the EtherChannel.
 The EtherChannel bundle will stay up if either PAgP or LACP is used.
 The EtherChannel bundle will stay up only if LACP is used.
 The EtherChannel bundle will stay up only if PAgP is used.
Explanation: All ports in an EtherChannel bundle must either be trunk ports or be access
ports in the same VLAN. If VLAN pruning is enabled on the trunk, the allowed VLANs
must be the same on both sides of the EtherChannel.
15. When a range of ports is being configured for EtherChannel, which mode will configure
LACP on a port only if the port receives LACP packets from another device?
 auto
 passive
 desirable
 active
Explanation: The command channel-group mode active enables LACP unconditionally,
and the command channel-group mode passive enables LACP only if the port receives an
LACP packet from another device. The command channel-group mode desirable enables
PAgP unconditionally, and the command channel-group mode auto enables PAgP only if
the port receives a PAgP packet from another device.
16. There has been an increase in network traffic between two Catalyst 2960 switches, and
their FastEthernet trunk link has reached its capacity. How can traffic flow be improved?
 Add routers between the switches to create additional broadcast domains.
 Bundle physical ports using EtherChannel.
 Configure smaller VLANs to decrease the size of the collision domain.
 Increase the speed of the ports using the bandwidth command.
Explanation: Increasing the link speed does not scale very well. Adding more VLANs will
not reduce the amount of traffic that is flowing across the link. Inserting a router between
the switches will not improve congestion.
17. Which statement is true regarding the use of PAgP to create EtherChannels?
 It increases the number of ports that are participating in spanning tree.
 It is Cisco proprietary.
 It mandates that an even number of ports (2, 4, 6, etc.) be used for aggregation.
 It requires full duplex.
 It requires more physical links than LACP does
Explanation: PAgP is used to automatically aggregate multiple ports into an EtherChannel
bundle, but it works only between Cisco devices. LACP can be used for the same purpose
between Cisco and non-Cisco devices. PAgP must have the same duplex mode at both ends
and can use two ports or more. The number of ports depends on the switch platform or
module. An EtherChannel aggregated link is seen as one port by the spanning tree
algorithm.
18. Which combination of channel-group modes will establish an EtherChannel?
 Switch 1 set to auto; switch 2 set to auto.
 Switch 1 set to auto; switch 2 set to on.
 Switch 1 set to desirable; switch 2 set to desirable.
 Switch 1 set to on; switch 2 set to desirable.
Explanation: Switch 1 and switch 2 will establish an EtherChannel if both sides are set to
desirable, because both sides will negotiate the link. A channel can also be established if
both sides are set to on, or if one side is set to auto and the other to desirable. Setting one
switch to on will prevent that switch from negotiating the formation of an EtherChannel
bundle.
19. Which interface configuration command will enable the port to initiate an LACP
EtherChannel?
 channel-group mode active
 channel-group mode auto
 channel-group mode desirable
 channel-group mode on
 channel-group mode passive
20. Which interface configuration command will enable the port to establish an
EtherChannel only if it receives PAgP packets from the other switch?
 channel-group mode active
 channel-group mode auto
 channel-group mode desirable
 channel-group mode on
 channel-group mode passive
21. Which statement describes a characteristic of EtherChannel?
 It can combine up to a maximum of 4 physical links.
 It can bundle mixed types of 100 Mbps and 1 Gbps Ethernet links.
 It consists of multiple parallel links between a switch and a router.
 It is made by combining multiple physical links that are seen as one link
between two switches.
22. What are two advantages of using LACP? (Choose two.)
 LACP allows automatic formation of EtherChannel links.
 LACP allows use of multivendor devices.
 LACP decreases the amount of configuration that is needed on a switch for
EtherChannel.
 LACP eliminates the need for the Spanning Tree Protocol.
 LACP increases redundancy to Layer 3 devices.
 LACP provides a simulated environment for testing link aggregation.
23. Which three settings must match in order for switch ports to form an EtherChannel?
(Choose three.)
 Non-trunk ports must belong to the same VLAN.
  Port security violation settings on interconnecting ports must match.
 The duplex settings on interconnecting ports must match.
 The port channel group number on interconnecting switches must match.
 The SNMP community strings must match.
 The speed settings on interconnecting ports must match.
7.4.4 Module Quiz - DHCPv4
1. A DHCP-enabled client PC has just booted. During which two steps will the client
PC use broadcast messages when communicating with a DHCP server? (Choose two.)
 DHCPNAK
 DHCPREQUEST
 DHCPOFFER
 DHCPACK
 DHCPDISCOVER
2. An administrator issues the commands:
Router(config)# interface g0/1
Router(config-if)# ip address dhcp
What is the administrator trying to achieve?
 configuring the router to act as a DHCPv4 server
 configuring the router to act as a relay agent
 configuring the router to resolve IP address conflicts
 configuring the router to obtain IP parameters from a DHCPv4 server
3. When a client is requesting an initial address lease from a DHCP server, why is the
DHCPREQUEST message sent as a broadcast?
 The client does not yet know the IP address of the DHCP server that sent the offer.
 The client may have received offers from multiple servers, and the broadcast
serves to implicitly decline those other offers.
 The client does not have a MAC address assigned yet, so it cannot send a unicast
message at Layer 2.
 The DHCP server may be on a different subnet, so the request must be sent as a
broadcast.
4. Which DHCP IPv4 message contains the following information?
Destination address: 255.255.255.255
Client IPv4 address: 0.0.0.0
Default gateway address: 0.0.0.0
Subnet mask: 0.0.0.0
 DHCPDISCOVER
 DHCPOFFER
 DHCPACK
 DHCPREQUEST
5. What kind of message is sent by a DHCPv4 client requesting an IP address?
 DHCPDISCOVER unicast message
 DHCPDISCOVER broadcast message
 DHCPOFFER unicast message
 DHCPACK unicast message
6. As a DHCPv4 client lease is about to expire, what is the message that the client
sends the DHCP server?
 DHCPDISCOVER
 DHCPREQUEST
 DHCPACK
 DHCPOFFER
7. What is the destination IP address when an IPv4 host sends a DHCPDISCOVER
message?
 192.168.1.1
 255.255.255.255
 0.0.0.0
 224.0.0.1
8. If more than one DHCP server is available on the local network, in which order will
DHCP messages be sent between a host and a DHCP server?
 acknowledgment, request, offer, discover
 request, discover, offer, acknowledgment
 discover, offer, request, acknowledgment
 request, acknowledgment, discover, offer
9. What is the most likely scenario in which the WAN interface of a router would be
configured as a DHCP client to be assigned a dynamic IP address from an ISP?
 There is a web server for public access on the LAN that is attached to the router.
 The router is configured as a DHCP server.
 The router is also the gateway for a LAN.
 It is a SOHO or home broadband router.
10. Which is a DHCPv4 address allocation method that assigns IPv4 addresses for a
limited lease period?
 manual allocation
 dynamic allocation
 pre-allocation
 automatic allocation
11. What is the reason why the DHCPREQUEST message is sent as a broadcast
during the DHCPv4 process?
 for routers to fill their routing tables with this new information
 to notify other hosts not to request the same IP address
 for hosts on other subnets to receive the information
 to notify other DHCP servers on the subnet that the IP address was leased
12. How is a DHCPDISCOVER transmitted on a network to reach a DHCP server?
 A DHCPDISCOVER message is sent with the IP address of the default gateway as
the destination address.
 A DHCPDISCOVER message is sent with a multicast IP address that all DHCP
servers listen to as the destination address.
 A DHCPDISCOVER message is sent with the broadcast IP address as the
destination address.
 A DHCPDISCOVER message is sent with the IP address of the DHCP server as the
destination address.
13. Which destination IPv4 address does a DHCPv4 client use to send the initial
DHCP Discover packet when the client is looking for a DHCP server?
 224.0.0.1
 255.255.255.255
 127.0.0.1
  the IP address of the default gateway
14. Under which two circumstances would a router usually be configured as a
DHCPv4 client? (Choose two.)
 This is an ISP requirement.
 The administrator needs the router to act as a relay agent.
 The router is meant to provide IP addresses to the hosts.
 The router is intended to be used as a SOHO gateway.
 The router has a fixed IP address.
15. Which address does a DHCPv4 server target when sending a DHCPOFFER
message to a client that makes an address request?
 broadcast MAC address
 client hardware address
 gateway IP address
 client IP address
16. Which DHCPv4 message will a client send to accept an IPv4 address that is
offered by a DHCP server?
 Broadcast DHCPACK
 Broadcast DHCPREQUEST
 Unicast DHCPACK
 Unicast DHCPREQUEST
17. What is an advantage of configuring a Cisco router as a relay agent?
 It can forward both broadcast and multicast messages on behalf of clients.
 It can provide relay services for multiple UDP services.
 It reduces the response time from a DHCP server.
 It will allow DHCPDISCOVER messages to pass without alteration
18. A host on the 10.10.100.0/24 LAN is not being assigned an IPv4 address by an
enterprise DHCP server with the address 10.10.200.10/24. What is the best way for the
network engineer to resolve this problem?
 Issue the default-router 10.10.200.10 command at the DHCP configuration prompt
on the 10.10.100.0/24 LAN gateway router.
 Issue the ip helper-address 10.10.100.0 command on the router interface that is the
10.10.200.0/24 gateway.
  Issue the ip helper-address 10.10.200.10 command on the router interface that
is the 10.10.100.0/24 gateway.
 Issue the network 10.10.200.0 255.255.255.0 command at the DHCP configuration
prompt on the 10.10.100.0/24 LAN gateway router.
19. What is accomplished by the ip dhcp excluded-address 10.10.4.1 10.10.4.5
command?
 The DHCP server will ignore all traffic from clients with IPv4 addresses 10.10.4.1
to 10.10.4.5.
 The DHCP server will not issue IPv4 addresses ranging from 10.10.4.1 to
10.10.4.5.
 Traffic destined for 10.10.4.1 to 10.10.4.5 will be denied.
 Traffic from clients with IPv4 addresses 10.10.4.1 to 10.10.4.5 will be denied
20. Which Windows command combination would enable a DHCPv4 client to
reinstate its IPv4 configuration?
 Enter ip config /release and then ip config /autonegotiate
 Enter ip config /release and then ip config /renew
 Enter ipconfig /release and then ipconfig /autonegotiate
 Enter ipconfig /release and then ipconfig /renew
21. Which command issued on R1 can be used to verify the current IPv4 address and
MAC address binding?
 R1# show ip dhcp binding
 R1# show ip dhcp pool
 R1# show ip dhcp server statistics
 R1# show running-config | section dhcp
22. Which DHCP operation statement is true?
 A DHCP client must wait for lease expiration before sending a new
DHCPREQUEST message.
 If a DHCP client receives several DHCPOFFER messages from different servers, it
sends a unicast DHCPACK message to the selected server.
 The DHCPDISCOVER message contains the IPv4 address and subnet mask to be
assigned, the IPv4 address of the DNS server, and the IPv4 address of the default
gateway.
 When a DHCP client boots, it broadcasts a DHCPDISCOVER message to
identify an available DHCP server on the network.
8.1.5 Check Your Understanding - IPv6 GUA Assignment
1. Which address type is automatically created by default on a host interface when no
RAs are received?
Read Article
 global unicast address
 link-local address
 MAC address
2. Which method best describes stateless DHCP?
 SLAAC only
 SLAAC with stateless DHCPv6 Server
 Stateful DHCPv6 Server
8.2.7 Check Your Understanding - SLAAC
1. Which two ICMPv6 messages are used in the SLAAC process? (Choose two.)
Read Article
 Neighbor Advertisements (NA)
 Neighbor Solicitation (NS)
 Router Solicitation (RS)
 Router Advertisements (RA)
2. Which command must be configured on a router to enable it to join the IPv6 all-
routers multicast address ff02::2?
 ip routing
 ipv6 unicast-routing
 ipv6 address ipv6-address/prefix-length
 ipv6 address ipv6-address link-local
3. What are the flag settings when a host should use the SLAAC only option?
 A=1, M=0, O=0
 A=1, M=1, O=0
 A=1, M=0, O=1
 A=0, M=1, O=1
4. Which ICMPv6 message is sent by a host in an attempt to locate an online
IPv6enabled router to obtain IPv6 addressing information?
  Neighbor Advertisements (NA)
 Neighbor Solicitation (NS)
 Router Solicitation (RS)
 Router Advertisements (RA)
5. What method is used by a host to verify an IPv6 address is unique on the local
network before assigning that address to an interface?
 ARP
 DAD
 PING
 SLAAC
8.3.6 Check Your Understanding - DHCPv6
1. What destination UDP port do DHCPv6 clients use to send DHCPv6 messages?
 67
 68
 547
 546
2. What DHCPv6 message does a host send to look for a DHCPv6 server?
 ADVERTISE
 SOLICIT
 INFORMATION-REQUEST
 REQUEST
3. What DHCPv6 message does a host send to the DHCPv6 server if it is using stateful
DHCPv6?
 ADVERTISE
 SOLICIT
 INFORMATION-REQUEST
 REQUEST
4. What flag settings combination is used for stateless DHCP?
 A=1, M=0, O=0
 A=0, M=1, O=0
  A=1, M=0, O=1
 A=0, M=1, O=1
5. What M flag setting indicates that stateful DHCPv6 is used?
 M=0
 M=1
1. Which three DHCPv6 roles can a router perform? (Choose all that apply.)
 DHCPv6 client
 DHCPv6 relay agent
 DHCPv6 server
2. Which command is not configured in stateless DHCPv6?
 address prefix ipv6-address/prefix
 domain-name name
 dns-server server-address
 ipv6 dhcp server pool-name
3. An IPv6-enabled router is to acquire its IPv6 GUA from another IPv6 router using
SLAAC. Which interface configuration command should be configured on the client
router?
 ipv6 address autoconfig
 ipv6 address auto config
 ipv6 address dhcp
 ipv6 address dhcpv6
4. A router is to provide DHCPv6 server services. Which command should be
configured on the client facing interface?
 ipv6 enable
 ipv6 dhcp pool POOL-NAME
 ipv6 dhcp server POOL-NAME
 ipv6 nd other-config-flag
5. An IPv6-enabled router is to acquire its IPv6 GUA from a DHCPv6 server. Which
interface configuration command should be configured on client router?
 ipv6 address autoconfig
 ipv6 address auto config
 ipv6 address dhcp
  ipv6 address dhcpv6
6. Which DHCPv6 verification command would display the link-local and GUA
assigned address for each active client?
 show ip dhcp pool
 show ipv6 dhcp binding
 show ipv6 dhcp interface
 show ipv6 dhcp pool
7. Which command is configured on the client LAN interface of the DHCPv6 relay
agent?
 ip helper-address
 ipv6 dhcp relay destination
 ipv6 enable
 ipv6 helper-address
8.5.3 Module Quiz - SLAAC and DHCPv6
1. How does an IPv6 client ensure that it has a unique address after it configures its
IPv6 address using the SLAAC allocation method?
 It contacts the DHCPv6 server via a special formed ICMPv6 message.
 It checks with the IPv6 address database that is hosted by the SLAAC server.
 It sends an ARP message with the IPv6 address as the destination IPv6 address.
 It sends an ICMPv6 Neighbor Solicitation message with the IPv6 address as
the target IPv6 address.
2. Which method would an IPv6-enabled host using SLAAC employ to learn the
address of the default gateway?
 neighbor advertisements that are eceived from link neighbors
 router advertisements that are received from the link router
 reply messages that are received from the DHCPv6 server
 advertise messages that are received from the DHCPv6 server
3. What two methods can be used to generate an interface ID by an IPv6 host that is
using SLAAC? (Choose two.)
 random generation
 DAD
 stateful DHCPv6
  EUI-64
 ARP
4. A client is using SLAAC to obtain an IPv6 address for its interface. After an
address has been generated and applied to the interface, what must the client do
before it can begin to use this IPv6 address?
 It must send a DHCPv6 INFORMATION-REQUEST message to request the
address of the DNS server.
 It must send a DHCPv6 REQUEST message to the DHCPv6 server to request
permission to use this address.
 It must send an ICMPv6 Router Solicitation message to determine what default
gateway it should use.
 It must send an ICMPv6 Neighbor Solicitation message to ensure that the
address is not already in use on the network.
5. Which command should be configured on a router interface to set the router as a
stateful DHCPv6 client?
 ipv6 enable
 ipv6 address dhcp
 ipv6 dhcp server stateful
 ipv6 address autoconfigure
6. What message informs IPv6 enabled interfaces to use stateful DHCPv6 for
obtaining an IPv6 address?
 the ICMPv6 Router Advertisement
 the DHCPv6 Reply message
 the ICMPv6 Router Solicitation
 the DHCPv6 Advertise message
7. Which destination IP address is used when an IPv6 host sends a DHCPv6 SOLICIT
message to locate a DHCPv6 server?
 FE80::1
 FF02::2
 FF02::1:2
 FF02::1
8. In which alternative to DHCPv6 does a router dynamically provide IPv6
configuration information to hosts?
  SLAAC
 EUI-64
 ICMPv6
 ARP
9. A company implements the stateless DHCPv6 method for configuring IPv6
addresses on employee workstations. After a workstation receives messages from
multiple DHCPv6 servers to indicate their availability for DHCPv6 service, which
message does it send to a server for configuration information?
 DHCPv6 REQUEST
 DHCPv6 INFORMATION-REQUEST
 DHCPv6 ADVERTISE
 DHCPv6 SOLICIT
10. What process is used in ICMPv6 for a host to verify that an IPv6 address is unique
before configuring it on an interface?
 EUI-64
 SLAAC
 ARP
 DAD
11. What are two characteristics of the SLAAC method for IPv6 address
configuration? (Choose two.)
 Router solicitation messages are sent by the router to offer IPv6 addressing to
clients.
 The default gateway of an IPv6 client on a LAN will be the link-local address of
the router interface attached to the LAN.
 This stateful method of acquiring an IPv6 address requires at least one DHCPv6
server.
 Clients send router advertisement messages to routers to request IPv6 addressing.
 IPv6 addressing is dynamically assigned to clients through the use of ICMPv6.
12. After booting, a client receives an ICMPv6 RA message with the M flag set to 0
and the O flag set to 1. What does this indicate?
 The client should request an IPv6 address directly from a DHCPv6 server.
 The client should automatically configure an IPv6 address and then contact a
DHCPv6 server for more information.
  The client should automatically configure an IPv6 address without contacting a
DHCPv6 server.
 The client should be statically configured with an IPv6 address because the local
router does not support autoconfiguration
13. A network administrator is entering the command ipv6 unicast-routing to start
configuring DHCPv6 operation on a router. Which statement describes the function
of this command?
 It is required for enabling DNS service in DHCPv6 configurations.
 It is required for sending ICMPv6 RA messages.
 It is required to configure stateless DHCPv6 server on the router.
 It is required to configure stateful DHCPv6 server on the router.
14. A company uses the SLAAC method to configure IPv6 addresses for the employee
workstations. Which address will a client use as its default gateway?
 The all-routers multicast address
 The global unicast address of the router interface that is attached to the network
 The link-local address of the router interface that is attached to the network
 The unique local address of the router interface that is attached to the network
15. A network administrator configures a router to send RA messages with the A flag
and O flag set to 1. The M flag is set to 0. Which statement describes the effect of this
configuration when a PC tries to configure its IPv6 address?
 It should contact a DHCPv6 server for all the information that it needs.
 It should contact a DHCPv6 server for the prefix, the prefix-length information, and
an interface ID that is both random and unique.
 It should use the information that is contained in the RA message and contact a
DHCPv6 server for additional information.
 It should use the information that is contained in the RA message exclusively.
16. An administrator wants to configure hosts to automatically assign IPv6 addresses
to themselves by the use of Router Advertisement messages, but also to obtain the
DNS server address from a DHCPv6 server. Which address assignment method
should be configured?
 RA and EUI-64
 SLAAC
 Stateful DHCPv6
 SLAAC and stateless DHCPv6
17. What is used in the EUI-64 process to create an IPv6 interface ID on an IPv6
enabled interface?
 A randomly generated 64-bit hexadecimal address
 An IPv4 address that is configured on the interface
 An IPv6 address that is provided by a DHCPv6 server
 The MAC address of an Ethernet interface
18. A network administrator is implementing DHCPv6 for the company. The
administrator configures a router to send RA messages with M flag as 1 by using the
ipv6 nd managed-config-flag interface command, and the A flag is set to 0 using the
ipv6 nd prefix default no-autoconfig command. What effect will this configuration
have on the operation of the clients?
 Clients must use all configuration information that is provided by a DHCPv6
server.
 Clients must use the information that is contained in RA messages.
 Clients must use the prefix and prefix length that are provided by a DHCPv6 server
and generate a random interface ID.
 Clients must use the prefix and prefix length that are provided by RA messages and
obtain additional information from a DHCPv6 server.
19. An organization requires that LAN clients generate their IPv6 configuration using
SLAAC. You have configured the IPv6 GUA on the router LAN interface and verified
that the interface is UP. However, hosts are not generating an IPv6 GUA. Which other
command should be configured to enable SLAAC?
 R1(config)# ipv6 dhcp pool pool-name
 R1(config)# ipv6 unicast-routing
 R1(config-if)# ipv6 enable
 R1(config-if)# ipv6 nd other-config-flag
20. A network administrator configures a router to send RA messages with M flag as
0 and O flag as 1. Which statement describes the effect of this configuration when a
PC tries to configure its IPv6 address?
 It should contact a DHCPv6 server for all the information that it needs.
 It should contact a DHCPv6 server for the prefix, the prefix-length information, and
an interface ID that is both random and unique.
 It should use the information that is contained in the RA message and contact a
DHCPv6 server for additional information.
 It should use the information that is contained in the RA message exclusively.
21. When SLAAC is used, which address will a client use as its default gateway?
 The connecting router interface GUA
 The connecting router link-local address
 The IPv6 all-nodes group multicast IPv6 address FF02::1
 The IPv6 all-routers group multicast IPv6 address FF02::2
9.1.5 Check Your Understanding - First Hop Redundancy Protocols
1. What type of device routes traffic destined to network segments beyond the source
network segment for which the sending node may not have explicit routing
information?
 virtual router
 standby router
 default gateway
 Layer 3 switch
2. What device presents the illusion of a single router to hosts on a LAN segment but
actually represents a set of routers working together?
 virtual router
 forwarding router
 default gateway
 Layer 3 switch
3. What device is part of a virtual router group assigned the role of alternate default
gateway?
 virtual router
 standby router
 default gateway
 Layer 3 switch
4. What device that is part of a virtual router group assigned to the role of default
gateway?
 virtual router
 forwarding router
 default gateway
 Layer 3 switch
5. Which FHRPs are Cisco-proprietary? (Choose two.)
 IRDP
 HSRP
 HSRP for IPv6
 VRRPv2
9.2.4 Check Your Understanding – HSRP
1. What is the default HSRP priority?
 50
 100
 150
 255
2. True or False? If a router with a higher HSRP priority joins the network, it will
take over the active router roll from an existing active router which has a lower
priority.
 True
 False
3. During which HSRP state does an interface begin sending periodic hello messages?
 initial
 listen
 speak
 active
4. Which is a characteristic of the HSRP learn state?
 the router has not determined the virtual IP address
 the router knows the virtual IP address
 the router sends periodic hello messages
 the router actively participates in the active/standby election process
9.3.2 Module Quiz - FHRP Concepts
1. What is the purpose of HSRP?
 It prevents a rogue switch from becoming the STP root.
 It provides a continuous network connection when a router fails.
 It enables an access port to immediately transition to the forwarding state.
  It prevents malicious hosts from connecting to trunk ports.
2. Which nonproprietary protocol provides router redundancy for a group of routers
which support IPv4 LANs?
 SLB
 HSRP
 VRRPv2
 GLBP
3. A network administrator is analyzing first-hop router redundancy protocols. What
is a characteristic of VRRPv3?
 It works together with HSRP.
 It allows load balancing between routers.
 VRRPv3 is Cisco proprietary.
 It supports IPv6 and IPv4 addressing.
4. What is a potential disadvantage when implementing HSRP as compared to GLBP?
 HSRP provides default gateway failover only when the active router fails.
 HSRP does not function in a multivendor environment.
 HSRP does not provide load balancing with multiple active routers.
 HSRP does not have the capability to support IPv6 addresses.
5. A network engineer is configuring a LAN with a redundant first hop to make better
use of the available network resources. Which protocol should the engineer
implement?
 HSRP
 GLBP
 FHRP
 VRRP
6. When first hop redundancy protocols are used, which two items will be shared by a
set of routers that are presenting the illusion of being a single router? (Choose two.)
 IP address
 BID
 hostname
 MAC address
  static route
7. In FHRP terminology, what represents a set of routers that present the illusion of a
single router to hosts?
 virtual router
 default gateway
 forwarding router
 standby router
8. A user needs to add redundancy to the routers in a company. What are the three
options the user can use? (Choose three.)
 HSRP
 VRRP
 RAID
 STP
 GLBP
 IPFIX
9. Which two protocols provide gateway redundancy at Layer 3? (Choose two.)
 HSRP
 PVST
 STP
 VRRP
 RSTP
10. A network administrator is overseeing the implementation of first hop redundancy
protocols. Which two protocols are Cisco proprietary? (Choose two.)
 IRDP
 GLBP
 VRRP
 VRRPv2
 HSRP
11. Which statement describes a characteristic of GLBP?
 It provides automatic rerouting if any router in the group fails.
 It does not provide support for IPv6.
  It provides multiple virtual IP addresses and multiple virtual MAC addresses.
 It provides load balancing for a maximum of four gateways.
12. A network administrator is analyzing the features that are supported by different
first-hop router redundancy protocols. Which statement is a feature that is associated
with GLBP?
 GLBP allows load balancing between routers.
 It is nonproprietary.
 It uses a virtual router master.
 It works together with VRRP.
13. Which statement about HSRP operation is true?
 HSRP supports only clear-text authentication.
 The active router responds to requests for the virtual MAC and virtual IP
address.
 The AVF responds to default gateway ARP requests.
 The HSRP virtual IP address must be the same as one of the router’s interface
addresses on the LAN.
14. Which HSRP preemption statement is true?
 It enables a router that boots first to become the active router.
 It is enabled by default.
 It is enabled using the standby preempt interface command.
 It is enabled using the standby priority interface command.
15. Which statement regarding VRRP is true?
 VRRP elects a master router and one or more other routers as backup routers.
 VRRP elects a master router, one backup router, and all other routers are standby
routers.
 VRRP elects an active router and a standby router, and all other routers are backup
routers.
 VRRP is a Cisco proprietary protocol.
16. A network administrator is overseeing the implementation of first hop redundancy
protocols. Which protocol is a Cisco proprietary protocol?
 HSRP
 IRDP
  Proxy ARP
 VRRP
17. Which is a characteristic of the HSRP Learn state?
 The router actively participates in the active/standby election process.
 The router has not determined the virtual IP address.
 The router knows the virtual IP address.
 The router sends periodic hello messages.
18. A network administrator is analyzing the features that are supported by different
first-hop router redundancy protocols. Which statement describes a feature that is
associated with VRRP?
 VRRP assigns active and standby routers.
 VRRP assigns an IP address and default gateway to hosts.
 VRRP enables load balancing between a group of redundant routers.
 VRRP is a non-proprietary protocol.
19. When HSRP is used in a network, what destination MAC address is used in
frames that are sent from the workstation to the default gateway?
 MAC address of the forwarding router
 MAC addresses of both the forwarding and standby routers
 MAC address of the standby router
 MAC address of the virtual router
20. What happens to a host in an HSRP network when the active router fails?
 The host initiates a new ARP request.
 The host stops seeing hello messages from the active router.
 The host uses the standby router IP and MAC addresses.
 The host will notice little or no disruption of service.
21. Which of the following correctly describes GLBP?
 It is a Cisco proprietary FHRP and provides redundancy and load sharing.
 It is an open standard FHRP.
 It uses virtual master routers and one or more backup routers.
 It is a legacy open standard FHRP that allows IPv4 hosts to discover gateway
routers.
 1. Which AAA component is responsible for collecting and reporting
usage data for auditing and billing purposes?
 Authentication
 Authorization
 Accounting
2. Which AAA component is responsible for controlling who is permitted to access the
network?
 Authentication
 Authorization
 Accounting
3. Which AAA component is responsible for determining what the user can access?
 Authentication
 Authorization
 Accounting
4. In an 802.1X implementation, which device is responsible for relaying responses?
 Supplicant
 Authenticator
 Router
 Authentication server
 Client
10.3.4 Check Your Understanding - Layer 2 Security Threats
1. Which of the following mitigation techniques are used to protect Layer 3 through
Layer 7 of the OSI Model? (Choose three.)
 DHCP snooping
 VPN
 Firewalls
 IPSG
 IPS devices
2. Which of the following mitigation techniques prevents many types of attacks
including MAC address table overflow and DHCP starvation attacks?
 IPSG
 DHCP snooping
  DAI
 Port security
3. Which of the following mitigation techniques prevents MAC and IP address
spoofing?
 IPSG
 DHCP snooping
 DAI
 Port security
4. Which of the following mitigation techniques prevents ARP spoofing and ARP
poisoning attacks?
 IPSG
 DHCP snooping
 DAI
 Port security
5. Which of the following mitigation techniques prevents DHCP starvation and DHCP
spoofing attacks?
 IPSG
 DHCP snooping
 DAI
 Port security
10.5.11 Check Your Understanding - LAN Attacks
1. A threat actor changes the MAC address of the threat actor’s device to the MAC
address of the default gateway. What type of attack is this?
 Address spoofing
 ARP spoofing
 CDP reconnaissance
 DHCP starvation
 STP attack
 VLAN hopping
2. A threat actor sends a BPDU message with priority 0. What type of attack is this?
 Address spoofing
  ARP spoofing
 CDP reconnaissance
 DHCP starvation
 STP attack
 VLAN hopping
3. A threat actor leases all the available IP addresses on a subnet. What type of attack
is this?
 Address spoofing
 ARP spoofing
 CDP reconnaissance
 DHCP starvation
 STP attack
 VLAN hopping
4. A threat actor sends a message that causes all other devices to believe the MAC
address of the threat actor’s device is the default gateway. What type of attack is this?
 Address spoofing
 ARP spoofing
 CDP reconnaissance
 DHCP starvation
 STP attack
 VLAN hopping
5. A threat actor configures a host with the 802.1Q protocol and forms a trunk with
the connected switch. What type of attack is this?
 Address spoofing
 ARP spoofing
 CDP reconnaissance
 DHCP starvation
 STP attack
 VLAN hopping
6. A threat actor discovers the IOS version and IP addresses of the local switch. What
type of attack is this?
  Address spoofing
 ARP spoofing
 CDP reconnaissance
 DHCP starvation
 STP attack
 VLAN hopping
10.6.2 Module Quiz - LAN Security Concepts
1. What two protocols are supported on Cisco devices for AAA communications?
(Choose two.)
 RADIUS
 LLDP
 HSRP
 VTP
 TACACS+
2. Which service is enabled on a Cisco router by default that can reveal significant
information about the router and potentially make it more vulnerable to attack?
 HTTP
 LLDP
 CDP
 FTP
3. When security is a concern, which OSI Layer is considered to be the weakest link in
a network system?
 Layer 4
 Layer 7
 Layer 2
 Layer 3