Question 1
Which statement is correct about 802.1Q trunking?
A. Both switches must be in the same VTP domain.
B. The encapsulation type of both ends of the trunk does not have to match.
C. The native VLAN on both ends of the trunk must be VLAN 1.
D. 802.1Q trunking can only be configured on a Layer 2 port.
E. In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN.
Answer: E
Explanation
By default frames from the native VLAN are not tagged. To force a switch to tag the native VLAN on all its 802.1Q trunks, we can use the following command:
Question 2
Which switch command enables a trunking protocol that appends a four byte CRC to the packet?
A. CompanySwitch(config-if)#switchport trunk encapsulation dot1q
B. CompanySwitch(config-if)#switchport trunk encapsulation itef
C. CompanySwitch(config-if)#switchport trunk encapsulation fddi
D. CompanySwitch(config-if)#switchport trunk encapsulation isl
Answer: D
Explanation
The ISL frame consists of three primary fields: the encapsulation frame (original frame), which is encapsulated by the ISL header, and the FCS at the end:
In ISL, the original frame is encapsulated and an additional header is added before the frame is carried over a trunk link. Also, a FCS is generated based on some fields in the ISL Header and the Encapsulation Frame and added to the end of the frame. At the receiving end, the header and FCS are removed and the frame is forwarded to the assigned VLAN. The FCS field consists of 4 bytes and contains a 32-bit CRC value.
Note: The addition of the new FCS does not alter the original FCS that is contained within the encapsulated frame.
Question 3
While using a packet analyzer, you notice four additional bytes being added to the packets in the Company network. Which protocol inserts a four byte tag into the Ethernet frame and recalculates CRC value?
A. DTP
B. VTP
C. 802.1Q
D. ISL
Answer: C
Explanation
802.1Q is the IEEE standard for tagging frames on a trunk and supports up to 4096 VLANs. In 802.1Q, the trunking device inserts a 4-byte tag into the original frame and recomputes the frame check sequence (FCS) before the device sends the frame over the trunk link. At the receiving end, the tag is removed and the frame is forwarded to the assigned VLAN. 802.1Q does not tag frames on the native VLAN.
Note: IEEE 802.1Q uses an internal tagging mechanism which inserts a 4-byte tag field in the original Ethernet frame itself.
Note: From the Question 2 and Question 3 we can see a big difference in the way of using the FCS field in 802.1Q and ISL. 802.1Q modifies and FCS field inside the original Ethernet frame while ISL leaves the original FCS field inside the Ethernet frame unchanged, it just adds another FCS field outside the original Ethernet frame.
Therefore please pay attention to which question is asked. Question 2 asks “appends a four byte CRC to the packet” which means ISL while Question 3 says “inserts a four byte tag into the Ethernet frame” which means 802.1Q.
Question 4
Which statement is correct about 802.1Q trunking?
A. Both switches must be in the same VTP domain.
B. The encapsulation type of both ends of the trunk does not have to match.
C. The native VLAN on both ends of the trunk must be VLAN 1.
D. 802.1Q trunking can only be configured on a Layer 2 port.
E. In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN.
Answer: E
Question 5
Which command alone will disable trunking on a Layer 2 switch port?
A. no switchport trunk native vlan vlan-id
B. switchport nonegotiate
C. no switchport mode dynamic desirable
D. switchport mode access
Answer: D
Explanation
The “switchport mode access” command forces a switch port to always behave as an access port (with no capability of establishing trunks).
Note: When using the switchport nonegotiate command, Dynamic Inter-Switch Link Protocol and Dynamic Trunking Protocol (DISL/DTP)-negotiation packets are not sent on the interface. The device trunks or does not trunk according to the mode parameter given: access or trunk.
Question 6
ISL is being configured on a Company switch. Which of the following choices are true regarding the ISL protocol? (Choose two)
A. It can be used between Cisco and non-Cisco switch devices.
B. It calculates a new CRC field on top of the existing CRC field.
C. It adds 4 bytes of protocol-specific information to the original Ethernet frame.
D. It adds 30 bytes of protocol-specific information to the original Ethernet frame.
Answer: B D
Explanation
ISL encapsulates the entire Ethernet frame (Fast Ethernet or Gigabit Ethernet) with a 26-byte header and a 4-byte frame check sequence (FCS) for a total of 30 bytes of overhead.
Question 7
A new Company switch was just configured using the “switchport trunk native vlan 7″ command. What does this interface command accomplish?
A. Causes the interface to apply ISL framing for traffic on VLAN 7
B. Configures the trunking interface to forward traffic from VLAN 7
C. Configures the interface to be a trunking port and causes traffic on VLAN 7 to be 802.1q tagged
D. Configures the trunking interface to send traffic from VLAN 7 untagged
Answer: D
Explanation
The “switchport trunk native vlan 7″ sets VLAN 7 to be the native VLAN so traffic to this VLAN will be untagged. Also untagged traffic are automatically assumed to be in VLAN 7 -> D is correct.
Question 8
If you needed to transport traffic coming from multiple VLANs (connected between switches), and your CTO was insistent on using an open standard, which protocol would you use?
A. 802.11B
B. spanning-tree
C. 802.1Q
D. ISL
E. VTP
F. Q.921
Answer: C
Explanation
IEEE’s 802.1Q VLAN tagging is the industry standard to carry traffic for multiple VLANs on a single trunking interface between two Ethernet switches while Inter-Switch Link (ISL) is a Cisco proprietary VLAN tagging protocol.
Question 9
The Company core switches use 802.1Q trunks to connect to each other. How does 802.1Q trunking keep track of multiple VLANs?
A. It tags the data frame with VLAN information and recalculates the CRC value
B. It encapsulates the data frame with a new header and frame check sequence
C. It modifies the port index of a data frame to indicate the VLAN
D. It adds a new header containing the VLAN ID to the data frame
Answer: A
Explanation
IEEE 802.1Q uses an internal tagging mechanism which inserts a 4-byte tag field in the original Ethernet frame itself between the Source Address and Type/Length fields. This tag includes VLAN information (12 bits) to distinguish between VLANs on the link.
Question 10
You are the network administrator tasked with designing a switching solution for the Company network. Which of the following statements describing trunk links are INCORRECT? (Choose four)
A. The trunk link belongs to a specific VLAN.
B. Multiple trunk links are used to connect multiple end user devices.
C. A trunk link only supports native VLAN.
D. Trunk links use 802.10 to identify a VLAN.
E. The native VLAN of the trunk link is the VLAN that the trunk uses for untagged packets.
Answer: A B C D
Question 11
You are the network administrator at Company and switch R1 is configured as shown below:
interface GigabitEthernet0/1
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk native vlan 5
If untagged frames are arriving on interface GigabitEthernet0/1 of R1, which of the following statement are correct?
A. Untagged frames are automatically assumed to be in VLAN 5.
B. Untagged frames are defaulted to VLAN 1 traffic.
C. Untagged frames are dropped because all packets are tagged when dot1q trunked.
D. Untagged frames are determined on the other switch
E. Untagged frames are not supported on 802.1Q trunks.
Answer: A
Explanation
The “switchport trunk native vlan 5″ sets VLAN 5 to be the native VLAN so traffic to this VLAN will be untagged. Also untagged traffic are automatically assumed to be in VLAN 5 -> A is correct.
Note: The native VLAN must match on both sides of the trunk link for 802.1Q; otherwise the link will not work.
Question 12
What are three results of issuing the “switchport host” command? (Choose three)
A. disables EtherChannel
B. enables port security
C. disables Cisco Discovery Protocol
D. enables PortFast
E. disables trunking
F. enables loopguard
Answer: A D E
Explanation
Catalyst 6500 switches running Cisco IOS software support the macro command switchport host. The switchport host macro command was designed to facilitate the configuration of switch ports that connect to end stations. Entering this command sets the switch port mode to access, enables spanning tree PortFast, and disables channel grouping, all at the same time. The switchport host macro command can be used as an alternative to the switchport mode access command.
Question 13
If you were to configure an ISL Ethernet trunk between two Cisco switches, named R1 and R2, what would you have to include at the end of the link for the trunk to operate correctly? (Choose two)
A. An identical VTP mode.
B. An identical speed/duplex.
C. An identical trunk negotiation parameter.
D. An identical trunk encapsulation parameter.
Answer: B D
Explanation
One of the requirements for trunking to work is for speed and duplex to be the same on both sides. -> B is correct.
Maybe answer D wants to mention about encapsulation type (ISL or 802.1q) so it is an acceptable answer.
Question 14
Which three statements are correct with regard to the IEEE 802.1Q standard? (Choose three)
A. The IEEE 802.1Q frame format adds a 4 byte field to a Ethernet frame
B. The packet is encapsulated with a 26 byte header and a 4 byte FCS
C. The protocol uses point-to-multipoint connectivity
D. The protocol uses point-to-point connectivity
E. The IEEE 802.1Q frame uses multicast destination of 0×01-00-0c-00-00
F. The IEEE 802.1Q frame retains the original MAC destination address
Answer: A D F
Explanation
There are two ways to implement Ethernet trunking:
* Inter-Switch Link Protocol (ISL, a Cisco proprietary protocol)
* 802.1Q (IEEE standard)
In Cisco implementation, a trunk is a point-to-point link, although it is possible to use the 802.1Q encapsulation on an Ethernet segment shared by more than two devices. Such a configuration is seldom needed but is still possible with the disablement of DTP negotiation -> D is correct.
IEEE 802.1Q uses an internal tagging mechanism which inserts a 4-byte tag field in the original Ethernet frame itself between the Source Address and Type/Length fields -> A is correct.
The SA field is the source address field of the ISL packet. It is a 48-bit value -> F is correct.
Question 15
Refer to the exhibit. Why are users from VLAN 100 unable to ping users on VLAN 200?
A. Encapsulation on the switch is wrong.
B. Trunking needs to be enabled on Fa0/1.
C. The native VLAN is wrong.
D. VLAN 1 needs the no shutdown command.
E. IP routing needs to be enabled on the switch.
Answer: B
Explanation
In this question, maybe the exhibit forgot to describe Fa0/1 is the port on the switch which is connected to the router. To allow interVLAN routing between VLAN 100 and 200, this port must be configured as trunk port.
Question 16
What is the effect of applying the “switchport trunk encapsulation dot1q” command to a port on a Cisco Catalyst switch?
A. By default, native VLAN packets going out this port will be tagged.
B. Without an encapsulation command, 802.1Q will be the default encapsulation if DTP fails to negotiate a trunking protocol.
C. The interface will support the reception of tagged and untagged traffic.
D. If the device connected to this port is not 802.1Q-enabled, it will not be able to handle 802.1Q packets.
Answer: C
Explanation
The “switchport trunk encapsulation dot1q” command configures trunk encapsulation as 802.1q, which supports the reception of tagged and untagged traffic -> C is correct.
Note: If your switch does not accept this command, try to enter “switchport” command first to configure the interface as a Layer 2 port.
Question 17
Two Company switches are connected via a trunk link. In this network, the original frame is encapsulated and an additional header is added before the frame is carried over a trunk link. At the receiving end, the header is removed and the frame is forwarded to the assigned VLAN. This describes which technology?
A. DISL
B. ISL
C. DTP
D. IEEE 802.1Q
E. MPLS
Answer: B
Explanation
Unlike 8021.q, ISL keeps the original frame unchanged. It only adds another header to that frame before sending out over a trunk link. For more information about this difference, please read the explanations of Question 2 and Question 3 in the first VLAN Trunking Questions part.
Question 18
Which of the following trunking modes are unable to request their ports to convert their links into trunk links? (Choose two)
A. Negotiate
B. Designate
C. Nonegotiate
D. Auto
E. Manual
F. Off
Answer: C D
Explanation
The mode auto (dynamic auto) causes the device not to send DTP Request but wait for DTP Request from neighboring device.
By using and switchport mode trunk and switchport nonegotiate commands, we can enable trunking to a device that does not support DTP. But notice that the switchport nonegotiate command causes the device not to send DTP Request frames.
Therefore both “auto” and “nonegotiate” modes makes the switch not to send request (which is “unable to convert their links into trunk links”) -> C and D are correct.
Question 19
You administer the network shown above. You issue the show interfaces trunk command on SwitchA and receive the following output:
Which of the following statements is true regarding VLAN 32?
A. VLAN 32 is not allowed on the trunk port.
B. VLAN 32 is not active on the switch.
C. Traffic from VLAN 32 is not being sent over the trunk port.
D. Traffic from VLAN 32 is not restricted to only the trunk ports that require it.
Answer: C
Explanation
In the “Vlans allowed and active in management domain” VLAN 32 is not listed so we can conclude it is not active.
Question 20
Which statement is true regarding the configuration of ISL trunks?
A. A Catalyst switch cannot have ISL and IEEE 802.1q trunks enabled.
B. All Catalyst switches support ISL trunking.
C. A Catalyst switch will report giants if one side is configured for ISL while the other side is not.
D. ISL trunking requires that native VLANs match.
Answer: C
Explanation
First you should know “giant” frames are frames that exceed the maximum IEEE 802.3 frame size (usually greater then 1518 bytes). As you know, ISL does not modify the original Ethernet frame it received but it adds another outer header. In particular, it uses a 26 byte header and 4 byte FCS (30 bytes in total).
But a normal Ethernet frame itself can have a maximum size of 1518 bytes. Therefore an Ethernet frame can be up to 1518 + 30 = 1548 bytes, which creates a “giant”.
That is why both ends must be configured as ISL trunks because only ISL-aware devices are able to read it.
Question 21
Which configuration option will cause the link between two Cisco 3600 Series Multiservice Platforms to become a functional trunk?
A. switchport dynamic auto switchport dynamic auto
B. switchport access vlan 10
switchport mode dynamic desirable
C. switchport mode trunk switchport nonegotiate
D. Leave both ports with the default trunk settings.
Answer: D
Question 22
If you were to set up a VLAN trunk over a Fast Ethernet link on switch R1, which trunk mode would you set the local port to on R1 if you wanted it to respond to requests from its link partner (R2) and become a trunk?
A. Auto
B. Negotiate
C. Designate
D. Nonegotiate
Answer: A
Question 23
Which two statements are true about best practices in VLAN design? (Choose two)
A. Routing should occur at the access layer if voice VLANs are utilized. Otherwise, routing should occur at the distribution layer.
B. Routing may be performed at all layers but is most commonly done at the core and distribution layers.
C. Routing should not be performed between VLANs located on separate switches.
D. VLANs should be local to a switch.
E. VLANs should be localized to a single switch unless voice VLANs are being utilized.
Answer: B D
Question 24
You need to configure a new Company switch to support DTP. Which DTP switchport mode parameter sets the switch port to actively send and respond to DTP negotiation frames?
A. Access
B. Nonegotiate
C. Trunk
D. Dynamic desirable
E. Dynamic auto
Answer: D
Question 25
Refer to the exhibit.
The link between switch SW1 and switch SW2 is configured as a trunk, but the trunk failed to establish connectivity between the switches. Based on the configurations and the error messages received on the console of SW1, what is the cause of the problem?
A. The two ends of the trunk have different duplex settings.
B. The two ends of the trunk have different EtherChannel configurations.
C. The two ends of the trunk have different native VLAN configurations.
D. The two ends of the trunk allow different VLANs on the trunk.
Answer: C
Explanation
As you can see in the configuration of two switches, the native VLAN on SW1 is set to 1 while the native VLAN on SW2 is set to 2. This will cause a “native VLAN mismatch” error and it looks like this:
Remember the native VLAN must match on both sides of the trunk link for 802.1Q; otherwise the link will not work. Also, Spanning Tree Protocol (STP) will place the port in a port VLAN ID (PVID) inconsistent state and will not forward on the link.
Question 26
A standalone wireless AP solution is being installed into the campus infrastructure. The access points appear to boot correctly, but wireless clients are not obtaining correct access. You verify that this is the local switch configuration connected to the access point:
interface ethernet 0/1
switchport access vlan 10
switchport mode access
spanning-tree portfast
mls qos trust dscp
What is the most likely cause of the problem?
A. QoS trust should not be configured on a port attached to a standalone AP.
B. QoS trust for switchport mode access should be defined as “cos”.
C. switchport mode should be defined as “trunk” with respective QoS.
D. switchport access vlan should be defined as “1″.
Answer: C
Explanation
The link between the switch and access point should be configured as trunked link and set the encapsulation on the switch port to dot1q:
Switch(config)#interface ethernet 0/1
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk encapsulation dot1q
Question 27
Which statement about the configuration and application of port access control lists is true?
A. PACLs can be applied in the inbound or outbound direction of a Layer 2 physical interface.
B. At Layer 2, a MAC address PACL takes precedence over any existing Layer 3 PACL.
C. When you apply a port ACL to a trunk port, the ACL filters traffic on all VLANs present on the trunk port.
D. PACLs are not supported on EtherChannel interfaces.
Answer: C
Explanation
When you apply a port ACL to a trunk port, the ACL filters traffic on all VLANs present on the trunk port. When you apply a port ACL to a port with voice VLAN, the ACL filters traffic on both data and voice VLANs.
With port ACLs, you can filter IP traffic by using IP access lists and non-IP traffic by using MAC addresses. You can filter both IP and non-IP traffic on the same Layer 2 interface by applying both an IP access list and a MAC access list to the interface.
Question 28
Given the configurations on SwitchA and SwitchB, which two statements are true? (Choose two)
A. The trunk is currently using the ISL trunking protocol
B. The trunk is currently using the 802.1q trunking protocol
C. By default, the trunk can only support one VLAN, and only that single VLAN is transmitted across the trunk
D. By default all VLANs will be transmitted across this trunk
E. By default, SwitchA and SwitchB’s FastEthernet 0/1 port will not generate DTP messages
Answer: B D
Explanation
The command “switchport trunk encapsulation dot1q” sets the trunking encapsulation format to IEEE 802.1Q-> B is correct.
By default all VLANs are allowed to transmitted across the trunk -> D is correct.
Note: The “switchport mode trunk” command enables trunking on the interface.
Question 29
Given the configurations on SwitchA and SwitchB, which statement is true?
A. The link is set to auto-negotiate trunking, and it will automatically become a trunk link unless configured otherwise
B. The link is a trunking link and by default all VLANs will be transmitted across this link
C. The link is prevented from generating DTP frames, turning the Negotiation of Trunking off
D. The link is not a trunk link so both interfaces must be on the same VLAN and only that single VLAN is transmitted across the link
Answer: D
Question 30
By default, which statement is correct when an IEEE 802.1Q trunk port receives an untagged frame?
A. The frame is considered in the native VLAN and forwarded to the ports associated with that VLAN
B. The frame is encapsulated and tagged as in the native VLAN
C. The frame is broadcast on all ports regardless of VLAN association
D. The frame is dropped
Answer: A
Question 31
When a VLAN port configured as a trunk receives an untagged frame, what will happen?
A. The frame will be dropped
B. The frame will cause an error message to be sent
C. The frame will be processed as a native VLAN frame
D. The frame will first be tagged, then processed as a native VLAN frame
Answer: C
Question 32
Study the diagram below carefully, which three statements are true? (Choose three)
A – DTP packets are sent from Switch SB.
B – DTP is not running on Switch SA.
C – A trunk link will be formed.
D – The native VLAN for Switch SB is VLAN 1.
Answer: A C D
Explanation:
Dynamic Trunking Protocol (DTP) is the Cisco-proprietary that actively attempts to negotiate a trunk link between two switches. If an interface is set to switchport mode dynamic desirable, it will actively attempt to convert the link into trunking mode. If the peer port is configured as switchport mode trunk, dynamic desirable, or dynamic auto mode, trunking is negotiated successfully -> C is correct.
SB is in “dynamic desirable” mode so it will send DTP packets to SA to negotiate a trunk link -> A is correct.
On an 802.1Q trunk, DTP packets are sent on the native VLAN. By default, it is VLAN 1 (notice that SA’s native VLAN is 5) -> D is correct.
(Note: an 802.1Q trunk’s native VLAN is the only VLAN that has untagged frames)
Below is the switchport modes for easy reference:
Which statement is correct about 802.1Q trunking?
A. Both switches must be in the same VTP domain.
B. The encapsulation type of both ends of the trunk does not have to match.
C. The native VLAN on both ends of the trunk must be VLAN 1.
D. 802.1Q trunking can only be configured on a Layer 2 port.
E. In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN.
Answer: E
Explanation
By default frames from the native VLAN are not tagged. To force a switch to tag the native VLAN on all its 802.1Q trunks, we can use the following command:
Switch(config)#vlan dot1q tag native |
Question 2
Which switch command enables a trunking protocol that appends a four byte CRC to the packet?
A. CompanySwitch(config-if)#switchport trunk encapsulation dot1q
B. CompanySwitch(config-if)#switchport trunk encapsulation itef
C. CompanySwitch(config-if)#switchport trunk encapsulation fddi
D. CompanySwitch(config-if)#switchport trunk encapsulation isl
Answer: D
Explanation
The ISL frame consists of three primary fields: the encapsulation frame (original frame), which is encapsulated by the ISL header, and the FCS at the end:
ISL Header | Encapsulation Frame (Original Data) | FCS |
Note: The addition of the new FCS does not alter the original FCS that is contained within the encapsulated frame.
Question 3
While using a packet analyzer, you notice four additional bytes being added to the packets in the Company network. Which protocol inserts a four byte tag into the Ethernet frame and recalculates CRC value?
A. DTP
B. VTP
C. 802.1Q
D. ISL
Answer: C
Explanation
802.1Q is the IEEE standard for tagging frames on a trunk and supports up to 4096 VLANs. In 802.1Q, the trunking device inserts a 4-byte tag into the original frame and recomputes the frame check sequence (FCS) before the device sends the frame over the trunk link. At the receiving end, the tag is removed and the frame is forwarded to the assigned VLAN. 802.1Q does not tag frames on the native VLAN.
Note: IEEE 802.1Q uses an internal tagging mechanism which inserts a 4-byte tag field in the original Ethernet frame itself.
Note: From the Question 2 and Question 3 we can see a big difference in the way of using the FCS field in 802.1Q and ISL. 802.1Q modifies and FCS field inside the original Ethernet frame while ISL leaves the original FCS field inside the Ethernet frame unchanged, it just adds another FCS field outside the original Ethernet frame.
Therefore please pay attention to which question is asked. Question 2 asks “appends a four byte CRC to the packet” which means ISL while Question 3 says “inserts a four byte tag into the Ethernet frame” which means 802.1Q.
Question 4
Which statement is correct about 802.1Q trunking?
A. Both switches must be in the same VTP domain.
B. The encapsulation type of both ends of the trunk does not have to match.
C. The native VLAN on both ends of the trunk must be VLAN 1.
D. 802.1Q trunking can only be configured on a Layer 2 port.
E. In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN.
Answer: E
Question 5
Which command alone will disable trunking on a Layer 2 switch port?
A. no switchport trunk native vlan vlan-id
B. switchport nonegotiate
C. no switchport mode dynamic desirable
D. switchport mode access
Answer: D
Explanation
The “switchport mode access” command forces a switch port to always behave as an access port (with no capability of establishing trunks).
Note: When using the switchport nonegotiate command, Dynamic Inter-Switch Link Protocol and Dynamic Trunking Protocol (DISL/DTP)-negotiation packets are not sent on the interface. The device trunks or does not trunk according to the mode parameter given: access or trunk.
Question 6
ISL is being configured on a Company switch. Which of the following choices are true regarding the ISL protocol? (Choose two)
A. It can be used between Cisco and non-Cisco switch devices.
B. It calculates a new CRC field on top of the existing CRC field.
C. It adds 4 bytes of protocol-specific information to the original Ethernet frame.
D. It adds 30 bytes of protocol-specific information to the original Ethernet frame.
Answer: B D
Explanation
ISL encapsulates the entire Ethernet frame (Fast Ethernet or Gigabit Ethernet) with a 26-byte header and a 4-byte frame check sequence (FCS) for a total of 30 bytes of overhead.
ISL Header (26 bytes) |
Encapsulation Frame (Original Data) | FCS (4 bytes) |
A new Company switch was just configured using the “switchport trunk native vlan 7″ command. What does this interface command accomplish?
A. Causes the interface to apply ISL framing for traffic on VLAN 7
B. Configures the trunking interface to forward traffic from VLAN 7
C. Configures the interface to be a trunking port and causes traffic on VLAN 7 to be 802.1q tagged
D. Configures the trunking interface to send traffic from VLAN 7 untagged
Answer: D
Explanation
The “switchport trunk native vlan 7″ sets VLAN 7 to be the native VLAN so traffic to this VLAN will be untagged. Also untagged traffic are automatically assumed to be in VLAN 7 -> D is correct.
Question 8
If you needed to transport traffic coming from multiple VLANs (connected between switches), and your CTO was insistent on using an open standard, which protocol would you use?
A. 802.11B
B. spanning-tree
C. 802.1Q
D. ISL
E. VTP
F. Q.921
Answer: C
Explanation
IEEE’s 802.1Q VLAN tagging is the industry standard to carry traffic for multiple VLANs on a single trunking interface between two Ethernet switches while Inter-Switch Link (ISL) is a Cisco proprietary VLAN tagging protocol.
Question 9
The Company core switches use 802.1Q trunks to connect to each other. How does 802.1Q trunking keep track of multiple VLANs?
A. It tags the data frame with VLAN information and recalculates the CRC value
B. It encapsulates the data frame with a new header and frame check sequence
C. It modifies the port index of a data frame to indicate the VLAN
D. It adds a new header containing the VLAN ID to the data frame
Answer: A
Explanation
IEEE 802.1Q uses an internal tagging mechanism which inserts a 4-byte tag field in the original Ethernet frame itself between the Source Address and Type/Length fields. This tag includes VLAN information (12 bits) to distinguish between VLANs on the link.
Question 10
You are the network administrator tasked with designing a switching solution for the Company network. Which of the following statements describing trunk links are INCORRECT? (Choose four)
A. The trunk link belongs to a specific VLAN.
B. Multiple trunk links are used to connect multiple end user devices.
C. A trunk link only supports native VLAN.
D. Trunk links use 802.10 to identify a VLAN.
E. The native VLAN of the trunk link is the VLAN that the trunk uses for untagged packets.
Answer: A B C D
Question 11
You are the network administrator at Company and switch R1 is configured as shown below:
interface GigabitEthernet0/1
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk native vlan 5
If untagged frames are arriving on interface GigabitEthernet0/1 of R1, which of the following statement are correct?
A. Untagged frames are automatically assumed to be in VLAN 5.
B. Untagged frames are defaulted to VLAN 1 traffic.
C. Untagged frames are dropped because all packets are tagged when dot1q trunked.
D. Untagged frames are determined on the other switch
E. Untagged frames are not supported on 802.1Q trunks.
Answer: A
Explanation
The “switchport trunk native vlan 5″ sets VLAN 5 to be the native VLAN so traffic to this VLAN will be untagged. Also untagged traffic are automatically assumed to be in VLAN 5 -> A is correct.
Note: The native VLAN must match on both sides of the trunk link for 802.1Q; otherwise the link will not work.
Question 12
What are three results of issuing the “switchport host” command? (Choose three)
A. disables EtherChannel
B. enables port security
C. disables Cisco Discovery Protocol
D. enables PortFast
E. disables trunking
F. enables loopguard
Answer: A D E
Explanation
Catalyst 6500 switches running Cisco IOS software support the macro command switchport host. The switchport host macro command was designed to facilitate the configuration of switch ports that connect to end stations. Entering this command sets the switch port mode to access, enables spanning tree PortFast, and disables channel grouping, all at the same time. The switchport host macro command can be used as an alternative to the switchport mode access command.
Question 13
If you were to configure an ISL Ethernet trunk between two Cisco switches, named R1 and R2, what would you have to include at the end of the link for the trunk to operate correctly? (Choose two)
A. An identical VTP mode.
B. An identical speed/duplex.
C. An identical trunk negotiation parameter.
D. An identical trunk encapsulation parameter.
Answer: B D
Explanation
One of the requirements for trunking to work is for speed and duplex to be the same on both sides. -> B is correct.
Maybe answer D wants to mention about encapsulation type (ISL or 802.1q) so it is an acceptable answer.
Question 14
Which three statements are correct with regard to the IEEE 802.1Q standard? (Choose three)
A. The IEEE 802.1Q frame format adds a 4 byte field to a Ethernet frame
B. The packet is encapsulated with a 26 byte header and a 4 byte FCS
C. The protocol uses point-to-multipoint connectivity
D. The protocol uses point-to-point connectivity
E. The IEEE 802.1Q frame uses multicast destination of 0×01-00-0c-00-00
F. The IEEE 802.1Q frame retains the original MAC destination address
Answer: A D F
Explanation
There are two ways to implement Ethernet trunking:
* Inter-Switch Link Protocol (ISL, a Cisco proprietary protocol)
* 802.1Q (IEEE standard)
In Cisco implementation, a trunk is a point-to-point link, although it is possible to use the 802.1Q encapsulation on an Ethernet segment shared by more than two devices. Such a configuration is seldom needed but is still possible with the disablement of DTP negotiation -> D is correct.
IEEE 802.1Q uses an internal tagging mechanism which inserts a 4-byte tag field in the original Ethernet frame itself between the Source Address and Type/Length fields -> A is correct.
The SA field is the source address field of the ISL packet. It is a 48-bit value -> F is correct.
Question 15
Refer to the exhibit. Why are users from VLAN 100 unable to ping users on VLAN 200?
A. Encapsulation on the switch is wrong.
B. Trunking needs to be enabled on Fa0/1.
C. The native VLAN is wrong.
D. VLAN 1 needs the no shutdown command.
E. IP routing needs to be enabled on the switch.
Answer: B
Explanation
In this question, maybe the exhibit forgot to describe Fa0/1 is the port on the switch which is connected to the router. To allow interVLAN routing between VLAN 100 and 200, this port must be configured as trunk port.
Question 16
What is the effect of applying the “switchport trunk encapsulation dot1q” command to a port on a Cisco Catalyst switch?
A. By default, native VLAN packets going out this port will be tagged.
B. Without an encapsulation command, 802.1Q will be the default encapsulation if DTP fails to negotiate a trunking protocol.
C. The interface will support the reception of tagged and untagged traffic.
D. If the device connected to this port is not 802.1Q-enabled, it will not be able to handle 802.1Q packets.
Answer: C
Explanation
The “switchport trunk encapsulation dot1q” command configures trunk encapsulation as 802.1q, which supports the reception of tagged and untagged traffic -> C is correct.
Note: If your switch does not accept this command, try to enter “switchport” command first to configure the interface as a Layer 2 port.
Question 17
Two Company switches are connected via a trunk link. In this network, the original frame is encapsulated and an additional header is added before the frame is carried over a trunk link. At the receiving end, the header is removed and the frame is forwarded to the assigned VLAN. This describes which technology?
A. DISL
B. ISL
C. DTP
D. IEEE 802.1Q
E. MPLS
Answer: B
Explanation
Unlike 8021.q, ISL keeps the original frame unchanged. It only adds another header to that frame before sending out over a trunk link. For more information about this difference, please read the explanations of Question 2 and Question 3 in the first VLAN Trunking Questions part.
Question 18
Which of the following trunking modes are unable to request their ports to convert their links into trunk links? (Choose two)
A. Negotiate
B. Designate
C. Nonegotiate
D. Auto
E. Manual
F. Off
Answer: C D
Explanation
The mode auto (dynamic auto) causes the device not to send DTP Request but wait for DTP Request from neighboring device.
By using and switchport mode trunk and switchport nonegotiate commands, we can enable trunking to a device that does not support DTP. But notice that the switchport nonegotiate command causes the device not to send DTP Request frames.
Therefore both “auto” and “nonegotiate” modes makes the switch not to send request (which is “unable to convert their links into trunk links”) -> C and D are correct.
Question 19
You administer the network shown above. You issue the show interfaces trunk command on SwitchA and receive the following output:
Which of the following statements is true regarding VLAN 32?
A. VLAN 32 is not allowed on the trunk port.
B. VLAN 32 is not active on the switch.
C. Traffic from VLAN 32 is not being sent over the trunk port.
D. Traffic from VLAN 32 is not restricted to only the trunk ports that require it.
Answer: C
Explanation
In the “Vlans allowed and active in management domain” VLAN 32 is not listed so we can conclude it is not active.
Question 20
Which statement is true regarding the configuration of ISL trunks?
A. A Catalyst switch cannot have ISL and IEEE 802.1q trunks enabled.
B. All Catalyst switches support ISL trunking.
C. A Catalyst switch will report giants if one side is configured for ISL while the other side is not.
D. ISL trunking requires that native VLANs match.
Answer: C
Explanation
First you should know “giant” frames are frames that exceed the maximum IEEE 802.3 frame size (usually greater then 1518 bytes). As you know, ISL does not modify the original Ethernet frame it received but it adds another outer header. In particular, it uses a 26 byte header and 4 byte FCS (30 bytes in total).
ISL Header (26 bytes) |
Encapsulation Frame (Original Data) | FCS (4 bytes) |
That is why both ends must be configured as ISL trunks because only ISL-aware devices are able to read it.
Question 21
Which configuration option will cause the link between two Cisco 3600 Series Multiservice Platforms to become a functional trunk?
A. switchport dynamic auto switchport dynamic auto
B. switchport access vlan 10
switchport mode dynamic desirable
C. switchport mode trunk switchport nonegotiate
D. Leave both ports with the default trunk settings.
Answer: D
Question 22
If you were to set up a VLAN trunk over a Fast Ethernet link on switch R1, which trunk mode would you set the local port to on R1 if you wanted it to respond to requests from its link partner (R2) and become a trunk?
A. Auto
B. Negotiate
C. Designate
D. Nonegotiate
Answer: A
Question 23
Which two statements are true about best practices in VLAN design? (Choose two)
A. Routing should occur at the access layer if voice VLANs are utilized. Otherwise, routing should occur at the distribution layer.
B. Routing may be performed at all layers but is most commonly done at the core and distribution layers.
C. Routing should not be performed between VLANs located on separate switches.
D. VLANs should be local to a switch.
E. VLANs should be localized to a single switch unless voice VLANs are being utilized.
Answer: B D
Question 24
You need to configure a new Company switch to support DTP. Which DTP switchport mode parameter sets the switch port to actively send and respond to DTP negotiation frames?
A. Access
B. Nonegotiate
C. Trunk
D. Dynamic desirable
E. Dynamic auto
Answer: D
Question 25
Refer to the exhibit.
The link between switch SW1 and switch SW2 is configured as a trunk, but the trunk failed to establish connectivity between the switches. Based on the configurations and the error messages received on the console of SW1, what is the cause of the problem?
A. The two ends of the trunk have different duplex settings.
B. The two ends of the trunk have different EtherChannel configurations.
C. The two ends of the trunk have different native VLAN configurations.
D. The two ends of the trunk allow different VLANs on the trunk.
Answer: C
Explanation
As you can see in the configuration of two switches, the native VLAN on SW1 is set to 1 while the native VLAN on SW2 is set to 2. This will cause a “native VLAN mismatch” error and it looks like this:
#CDP-4-NATIVE VLAN_MISMATCH: Native VLAN mismatch discovered on Fa0/1 … |
Question 26
A standalone wireless AP solution is being installed into the campus infrastructure. The access points appear to boot correctly, but wireless clients are not obtaining correct access. You verify that this is the local switch configuration connected to the access point:
interface ethernet 0/1
switchport access vlan 10
switchport mode access
spanning-tree portfast
mls qos trust dscp
What is the most likely cause of the problem?
A. QoS trust should not be configured on a port attached to a standalone AP.
B. QoS trust for switchport mode access should be defined as “cos”.
C. switchport mode should be defined as “trunk” with respective QoS.
D. switchport access vlan should be defined as “1″.
Answer: C
Explanation
The link between the switch and access point should be configured as trunked link and set the encapsulation on the switch port to dot1q:
Switch(config)#interface ethernet 0/1
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk encapsulation dot1q
Question 27
Which statement about the configuration and application of port access control lists is true?
A. PACLs can be applied in the inbound or outbound direction of a Layer 2 physical interface.
B. At Layer 2, a MAC address PACL takes precedence over any existing Layer 3 PACL.
C. When you apply a port ACL to a trunk port, the ACL filters traffic on all VLANs present on the trunk port.
D. PACLs are not supported on EtherChannel interfaces.
Answer: C
Explanation
When you apply a port ACL to a trunk port, the ACL filters traffic on all VLANs present on the trunk port. When you apply a port ACL to a port with voice VLAN, the ACL filters traffic on both data and voice VLANs.
With port ACLs, you can filter IP traffic by using IP access lists and non-IP traffic by using MAC addresses. You can filter both IP and non-IP traffic on the same Layer 2 interface by applying both an IP access list and a MAC access list to the interface.
Question 28
Given the configurations on SwitchA and SwitchB, which two statements are true? (Choose two)
A. The trunk is currently using the ISL trunking protocol
B. The trunk is currently using the 802.1q trunking protocol
C. By default, the trunk can only support one VLAN, and only that single VLAN is transmitted across the trunk
D. By default all VLANs will be transmitted across this trunk
E. By default, SwitchA and SwitchB’s FastEthernet 0/1 port will not generate DTP messages
Answer: B D
Explanation
The command “switchport trunk encapsulation dot1q” sets the trunking encapsulation format to IEEE 802.1Q-> B is correct.
By default all VLANs are allowed to transmitted across the trunk -> D is correct.
Note: The “switchport mode trunk” command enables trunking on the interface.
Question 29
Given the configurations on SwitchA and SwitchB, which statement is true?
A. The link is set to auto-negotiate trunking, and it will automatically become a trunk link unless configured otherwise
B. The link is a trunking link and by default all VLANs will be transmitted across this link
C. The link is prevented from generating DTP frames, turning the Negotiation of Trunking off
D. The link is not a trunk link so both interfaces must be on the same VLAN and only that single VLAN is transmitted across the link
Answer: D
Question 30
By default, which statement is correct when an IEEE 802.1Q trunk port receives an untagged frame?
A. The frame is considered in the native VLAN and forwarded to the ports associated with that VLAN
B. The frame is encapsulated and tagged as in the native VLAN
C. The frame is broadcast on all ports regardless of VLAN association
D. The frame is dropped
Answer: A
Question 31
When a VLAN port configured as a trunk receives an untagged frame, what will happen?
A. The frame will be dropped
B. The frame will cause an error message to be sent
C. The frame will be processed as a native VLAN frame
D. The frame will first be tagged, then processed as a native VLAN frame
Answer: C
Question 32
Study the diagram below carefully, which three statements are true? (Choose three)
A – DTP packets are sent from Switch SB.
B – DTP is not running on Switch SA.
C – A trunk link will be formed.
D – The native VLAN for Switch SB is VLAN 1.
Answer: A C D
Explanation:
Dynamic Trunking Protocol (DTP) is the Cisco-proprietary that actively attempts to negotiate a trunk link between two switches. If an interface is set to switchport mode dynamic desirable, it will actively attempt to convert the link into trunking mode. If the peer port is configured as switchport mode trunk, dynamic desirable, or dynamic auto mode, trunking is negotiated successfully -> C is correct.
SB is in “dynamic desirable” mode so it will send DTP packets to SA to negotiate a trunk link -> A is correct.
On an 802.1Q trunk, DTP packets are sent on the native VLAN. By default, it is VLAN 1 (notice that SA’s native VLAN is 5) -> D is correct.
(Note: an 802.1Q trunk’s native VLAN is the only VLAN that has untagged frames)
Below is the switchport modes for easy reference:
Mode | Function |
Dynamic Auto | Creates the trunk based on the DTP request from the neighboring switch. |
Dynamic Desirable | Communicates to the neighboring switch via DTP that the interface would like to become a trunk if the neighboring switch interface is able to become a trunk. |
Trunk | Automatically enables trunking regardless of the state of the neighboring switch and regardless of any DTP requests sent from the neighboring switch. |
Access | Trunking is not allowed on this port regardless of the state of the neighboring switch interface and regardless of any DTP requests sent from the neighboring switch. |
Nonegotiate | Prevents the interface from generating DTP frames. This command can be used only when the interface switchport mode is access or trunk. You must manually configure the neighboring interface as a trunk interface to establish a trunk link. |
Comment