1. What is a basic function of the cisco borderless architecture distribution layer?

Aggregating layer 3 routing boundaries

2. A network designer must provide a rationale to a customer for a design which will move an
enterprise from a flat network topology to a hierarchical network topology. Which two features
of the hierarchical design make it the better choice?
Easier to provide redundant links to ensure higher availability
Simpler deployment for additional switch equipment
3. What is a collapsed core in a network design?
A combination of the functionality of the distribution and core layers
4. Which two previously independent technologies should a network administrator attempt to
combine after choosing to upgrade to a converged network infrastructure?
User data traffic
Analog and VoIP phone traffic
5. What is a definition of a two-tier LAN network design?
Distribution and core layers collapsed into one tier and the access layer on separate tier
6. A local law firm is redesigning the company network so that all 20 employees can be connected
to a LAN and to the internet. The law firm would prefer a low cost and easy solution for the
project. What type of switch should be selected?
Fixed configuration
7. What are two advantages of modular switches over fixed-configuration switches? (choose two)
Increased scalability
Need for fewer power outlets
8. Refer to the exhibit. Consider that the main power has just been restored. PC3 issues a
broadcast IPv4 DHCP request. To which port will SW1 forward this request?

To Fa0/1, Fa0/2, and Fa0/3 only

9. What is a function of a layer 2 switch?
Determines which interface is used to forward a frame based on the destination MAC address

10. Refer to the exhibit. How is a frame sent from PCA forwarded to PCC if the MAC address table
on switch SW1 is empty?

SW1 floods the frame on all ports on SW1, excluding the port through which the frame entered
the switch
11. Which two criteria are used by a Cisco LAN switch to decide how to forward Ethernet frames?
(choose two)
Ingress port
Destination MAC address
12. Which network device can be used to eliminate collisions on the Ethernet network?
Switch
13. Which type of address does a switch use to build the MAC address table?
Source MAC address
14. What are two reasons a network administrator would segment a network with a layer 2 switch?
(choose two)
To enhance user bandwidth
To isolate traffic between segments
15. Refer to the exhibit. How many broadcast domains are displayed?
8
16. Which statement describes the micro segmentation feature of a LAN switch?
Each port forms a collision domain
17. What is the destination address in the header of a broadcast frame?
FF-FF-FF-FF-FF-FF
18. Which three IOS troubleshooting commands can help to isolate problems with a static route?
(Choose three)
Ping
Show IP route
Show IP interface brief
19. What happens to a static route entry in a routing table when the outgoing interface associated
with that route goes into the down state?
The static route is removed from the routing table

20. Refer to the exhibit. Fill in the blank. How many collision domains are shown in the topology?

2
21. Fill in the blank. A CONVERGED network is one that uses the same infrastructure to carry voice,
data and video signals.
22. Match the functions to the corresponding layers. (Not all options are used)
ACCESS LAYER: represents the network edge, provides network access to the user
DISTRIBUTION LAYER: implements network access policy, establishes layer 3 routing boundaries
CORE LAYER: provides high-speed backbone connectivity, functions as an aggregator for all the
campus blocks
23. Match the borderless switched network guideline description to the principle. (not all options
are used)
FLEXIBILITY: allows intelligent traffic load sharing by using all network resources
HIERARCHICAL: facilitates understanding the role of each device at every tier, simplifies
deployment, operation, management and reduces fault domains at every tier
MODULARITY: allows seamless network expansion and integrated service enablement on an ondemand basis
RESILIENCY: satisfies user expectations for keeping the network always on
24. Match the forwarding characteristic to its type. (not all options are used)
CUT-THROUGH: appropriate for high performance computing applications, forwarding process
can begin after receiving the destination address, may forward invalid frames
STORE-AND-FORWARD: error checking before forwarding, forwarding process only begins after
receiving the entire frame, only forwards valid frames
25. Which interface is the default location that would contain the IP address used to manage a 24port Ethernet switch?
VLAN 1
26. A production switch is reloaded and finishes with a Switch> prompt. What two facts can be
determined? (choose two)
POST occurred normally
A full version of the cisco IOS was located and loaded
27. Which two statements are true about using full-duplex Fast Ethernet? (Choose two)
Performance is improved with bidirectional data flow
Full-duplex fast Ethernet offers 100 percent efficiency in both directions

28. Which statement describes the port speed LED on the cisco catalyst 2960 switch?
If the LED is green, the port is operating at 100Mb/s
29. What is a function of the switch boot loader?
To provide an environment to operate in when the switch operating system cannot be found
30. In which situation would a technician use the show interfaces switch command?
When packets are being dropped from a particular directly attached host
31. Refer to the exhibit. A network technician is troubleshooting connectivity issues in an Ethernet
network with the command show interfaces fastEthernet 0/0. What conclusion can be drawn
based on the partial output in the exhibit?

A malfunctioning NIC can cause frames to be transmitted that are longer than the allowed
maximum length
32. Refer to the exhibit. The network administrator wants to configure Switch1 to allow SSH
connections and prohibit Telnet connections. How should the network administrator change the
displayed configuration to satisfy the requirement?

Modify the transport input command

33. What is one difference between using Telnet or SSH to connect to a network device for
management purposes?
Telnet sends a username and password in plain text, whereas SSH encrypts the username and
password
34. In which type of attack does a malicious node request all available IP addresses in the address
pool of a DHCP server in order to prevent legitimate hosts from obtaining network access?
DHCP starvation

35. Which method would mitigate a MAC address flooding attack?

Configuring port security
36. Which two features on a cisco catalyst switch can be used to mitigate DHCP starvation and DHCP
spoofing attacks? (Choose two)
Port security
DHCP snooping
37. Which two basic functions are performed by network security tools? (choose two)
Revealing the type of information an attacker is able to gather from monitoring network
traffic,
Simulating attacks against the production network to determine any existing
vulnerabilities
38. An administrator wants to use a network security auditing tool on a switch to verify which ports
are not protected against a MAC flooding attack. For the audit to be successful, what important
factor must the administrator consider?
The aging-out period of the MAC address table
39. Which action will bring an error-disabled switch port back to an operational state?
Issue the shutdown and then no shutdown interface commands
40. Refer to the exhibit. Port Fa0/2 has already been configured appropriately. The IP phone and PC
work properly. Which switch configuration would be most appropriate for port Fa0/2 if the
network administrator has the following goals?

SWA(config-if)# switchport port security

SWA(config-if)# switchport port security maximum 2
SWA(config-if)# switchport port security mac-address sticky
41. Which two statements are true regarding switch port security? (Choose two)
Dynamically learned secure MAC addresses are lost when the switch reboots
If fewer than the maximum number of MAC addresses for a port are configured
statically, dynamically learned addresses are added to CAM until the maximum number
is reached
42. A network administrator configures the port security feature on a switch. The security policy
specifies that each access port should allow up to two MAC addresses. When the maximum
number of MAC addresses is reached, a frame with the unknown source MAC address is
dropped and a notification is sent to the syslog server. Which security violation mode should be
configured for each access port?
Restrict

43. Refer to the exhibit. What can be determined about port security from the information that is
shown?

The port violation mode is the default for any port that has port security enabled
44. Match the step to each switch boot sequence description.
Step 1: execute POST
Step 2: load the boot loader from ROM
Step 3: CPU register initializations
Step 4: flash file system initialization
Step 5: load the IOS
Step 6: transfer switch control to the IOS
45. Match the link state to the interface and protocol status.
Disabled: administratively down
Layer 1 problem: down/down
Layer 2 problem: up/down
Operational: up/up
46. Identify the steps needed to configure a switch for SSH. The answer order does not matter.
Required steps for SSH configuration:
Create a local user
Generate RSA keys
Configure a domain name
Use the login local command
Use the transport input SSH command
47. Which three statements accurately describe VLAN types? (Choose three)
A management VLAN is any VLAN that is configured to access management features of
the switch
After the initial boot of an unconfigured switch, all ports are members of the default
VLAN
An 802.1Q trunk port, with a native VLAN assigned, supports both tagged and untagged
traffic
48. Which type of VLAN is used to designate which traffic is untagged when crossing a trunk port?
Native

49. What are three primary benefits of using VLANs? (Choose three)
Security
Cost reduction
Improved IT staff efficiency
50. Refer to the exhibit. A frame is traveling between PC-A and PC-B through the switch. Which
statement is true concerning VLAN tagging of the frame?

51.

52.

53.

54.

55.
56.

57.

No VLAN tag is added to the frame

Which command displays the encapsulation type, the voice VLAN ID, and the access mode VLAN
for the Fa0/1 interface?
Show interfaces Fa0/1 switchport
What must the network administrator do to remove Fast Ethernet port Fa0/1 from VLAN 2 and
assign it to VLAN 3?
Enter the switchport access VLAN 3 command in interface configuration mode
A cisco catalyst switch has been added to support the use of multiple VLANs as part of an
enterprise network. The network technician finds it necessary to clear all VLAN information from
the switch in order to incorporate a new network design. What should the technician do to
accomplish this task?
Delete the startup configuration and the VLAN.dat file in the flash memory of the switch and
reboot the switch
Which two characteristics match extended range VLANs? (Choose two)
VLAN IDs exist between 1006 and 4094
They are saved in the running-config file by default
What happens to switch ports after the VLAN to which they are assigned is deleted?
The ports stop communicating with the attached devices
A cisco switch currently allows traffic tagged with VLANs 10 and 20 across trunk port Fa0/5.
What is the effect of issuing a switchport trunk allowed VLAN 30 command on Fa0/5?
It allows only VLAN 30 on Faa0/5
What VLANs are allowed across a trunk when the range of allowed VLANs is set to the default
value?
All VLANs will be allowed across the trunk

58. Which command should the network administrator implement to prevent the transfer of DTP
frames between a cisco switch and a non-cisco switch?
S1(config-if)# switchport nonegotiate
59. Under which two occasions should an administrator disable DTP while managing a local area
network? (Choose two)
When connecting a cisco switch to a non-cisco switch
On links that should not be trunking
60. What is the default DTP mode on cisco 2960 and 3560 switches?
Dynamic auto
61. Refer to the exhibit. DLS1 is connected to another switch, DLS2, via a trunk link. A host that is
connected to DLS1 is not able to communicate to a host that is connected to DLS2, even though
they are both in VLAN 99. Which command should be added to Fa0/1 on DLS1 to correct the
problem?

Switchport trunk native VLAN 66

62. An administrator has determined that the traffic from a switch that corresponds to a VLAN is not
being received on another switch over a trunk link. What could be the problem?
Allowed VLANs on trunks
63. In a basic VLAN hopping attack, which switch feature do attackers take advantage of?
The default automatic trunking configuration
64. Which two Layer 2 security best practices would help prevent VLAN hopping attacks? (Choose
two)
Change the native VLAN number to one that is distinct from all user VLANs and is not
VLAN 1
Disable DTP autonegotiation on end-user ports

65. Refer to the exhibit. What can be determined from the output that is shown?

Interface FastEthernet 0/1 is configured with the switchport protected command

66. Refer to the exhibit. Interface Fa0/1 is connected to a PC. Fa0/2 is a trunk link to another switch.
All other ports are unused. Which security best practice did the administrator forget to
configure?

All user ports are associated with VLANs distinct from VLAN 1 and distinct from the black-hole
VLAN
67. Which two modes does cisco recommend when configuring a particular switch port? (Choose
two)
Access
Trunk
68. What are two functions of a router? (Choose two)
It connects multiple IP networks
It determines the best path to send packets

69. Match the IEEE 802.1Q standard VLAN tag field with the description
User priority: a value that supports level or service implementation
Type: a value for the tag protocol ID value
Canonical format identifier: an identifier that enables token ring frames to be carried across
Ethernet links
VLAN ID: a VLAN number
70. Which two statements correctly describe the concepts of administrative distance and metric?
(Choose two)
Administrative distance refers to the trustworthiness of a particular route
Routes with the smallest metric to a destination indicate the best path
71. In order for packets to be sent to a remote destination, what three pieces of information must
be configured on a host? (Choose three)
IP address
Subnet mask
Default gateway
72. Which software is used for a network administrator to make the initial router configuration
securely?
Terminal emulation client software
73. Refer to the exhibit. PC A sends a request to Server B. What IPv4 address is used in the
destination field in the packet as the packet leaves PC A?

192.168.12.16
74. What is a characteristic of an IPv4 loopback interface on a cisco IOS router?
It is a logical interface internal to the router

75. Refer to the exhibit. A network administrator has configured R1 as shown. When the
administrator checks the status of the serial interface, the interface is shown as being
administratively down. What additional command must be entered on the serial interface of R1
to bring the interface up?

76.

77.

78.

79.

80.
81.

No shutdown
What two pieces of information are displayed in the output of the show IP interface brief
command? (Choose two)
IP addresses
Layer 1 statuses
A packet moves from a host on one network to a device on a remote network within the same
company. If NAT is not performed on the packet, which two items remain unchanged during the
transfer of the packet from source to destination? (Choose two)
Destination IP address
Source IP address
Which two items are used by a host device when performing an ANDing operation to determine
if a destination address is on the same local network? (Choose two)
Destination IP address
Subnet mask
Which two parameters are used by EIGRP as metrics to select the best path to reach a network?
(Choose two)
Bandwidth
delay
What route would have the lowest administrative distance?
A directly connected network
Consider the following routing table entry for R1: D 10.1.1.0/24 [90/2170112] via
209.165.200.226, 00:00:05, Serial0/0/0. What is the significance of the serial0/0/0?
It is the interface on R1 used to send data that is destined for 10.1.1.0/24

82. Refer to the exhibit. If PC1 is sending a packet to PC2 and routing has been configured between
the two routers, what will R1 do with the Ethernet frame header attached by PC1?

Remove the Ethernet header and configure a new Layer 2 header before sending it out S0/0/0
83. Refer to the exhibit. What does R1 use as the MAC address of the destination when constructing
the frame that will go from R1 to Server B?

If the destination MAC address that corresponds to the IPv4 address is not in the ARP cache, R1
sends an ARP request

84. Refer to the exhibit. What will the router do with a packet that has a destination IP address of
192.168.12.227?

J
Send the packet out of the Serial0/0/0 interface
85. Refer to the exhibit. A network administrator issues the show IPv6 route command on R1. What
two conclusions can be drawn from the routing table? (Choose two)

86.

87.

88.

89.

90.

R1 does not know a route to any remote networks

The interface Fa0/1 is configured with IPv6 address 2001:DB8:ACAD:A::12
A network administrator configures the interface Fa0/0 on the router R1 with the command IP
address 172.16.1.254 255.255.255.0. However, when the administrator issues the command
show IP route, the routing table does not show the directly connected network. What is the
possible cause of the problem?
The interface Fa0/0 has not been activated
A network administrator configures a router by the command IP route 0.0.0.0 0.0.0.0
209.165.200.226. What is the purpose of this command?
To provide a route to forward packets for which there is no route in the routing table
What are two common types of static routes in routing tables? (Choose two)
A default static route
A static route to a specific network
What command will enable a router to begin sending messages that allow it to configure a linklocal address without using an IPv6 DHCP server?
The IPv6 unicast-routing command
Which statement describes a route that has been learned dynamically?
It is automatically updated and maintained by routing protocols

91. Fill in the blank. When a router receives a packet, is examines the destination address of the
packet and looks in the ROUTING table to determine the best path to use to forward the packet
92. Refer to the exhibit. Match the description with the routing table entries.
Next hop: 172.16.2.2
Destination network: 10.3.0.0
Metric: 21024000
Administrative distance: 1
Route timestamp: 00:22:15
Route source protocol: D
93. What is a disadvantage of using router-on-a stick inter-VLAN routing?
Does not scale well beyond 50 VLANs
94. How is traffic routed between multiple VLANs on a multilayer switch?
Traffic is routed via internal VLAN interfaces
95. Refer to the exhibit. In this network design, which connection or connections if any, add the
VLAN ID number if host H1 sends information to host H2?

No link
96. What is a characteristic of legacy inter-VLAN routing?
The router requires one Ethernet link for each VLAN

97. Refer to the exhibit. A network administrator needs to configure router-on-a-stick for the
networks that are shown. How many subinterfaces will have to be created on the router if each
VLAN that is shown is to be routed and each VLAN has its own subinterface?

4
98. Refer to the exhibit. In which switch mode should port G0/1 be assigned if Cisco best practices
are being used?

Trunk
99. Refer to the exhibit. What is the problem with this configuration, based on the output of the
router?

The encapsulation has not been configured on the subinterface

100.
Refer to the exhibit. Communication between the VLANs is not occurring. What could be
the issue?

The Gi1/1 switch port is not in trunking mode

101.
Refer to the exhibit. A network administrator is verifying the configuration of inter-VLAN
routing. Users complain that users on different VLANs cannot communicate. Based on the
output, what are two communication errors on switch interface GIi1/1? (Choose two)

Gi1/1 is in the default VLAN

Gi1/1 is configured as trunk mode
102.
Refer to the exhibit. A network administrator is verifying the configuration of inter-VLAN
routing. Users complain that PC2 cannot communicate with PC1. Based on the output, what is
the possible cause of this problem?

The encapsulation dot1Q 5 command contains the wrong VLAN

103.
Refer to the exhibit. A network administrator is verifying the configuration of inter-VLAN
routing. Based on the partial output that is displayed by the use of the show VLAN command,
which conclusion can be drawn for the Gi1/1 interface?

It is configured as trunk mode

104. Inter-VLAN communication is not occurring in a particular building of a school. Which two
commands could the network administrator use to verify that inter-VLAN communication was
working properly between a router and a Layer 2 switch when the router-on-a-stick design
method is implemented? (Choose two)
From the router, issue the show IP route command
From the switch, issue the show interfaces trunk command
105. How are IP addressing designs affected by VLAN implementations?
Each VLAN must have a different network number
106. While configuring inter-VLAN routing on a multilayer switch, a network administrator issues
the no switchport command on an interface that is connected to another switch. What is the
purpose of this command?
To create a routed port for a single network
107. What is a disadvantage of using multilayer switches for inter-VLAN routing?
Multilayer switches are more expensive than router-on-a-stick implementations
108. What is a characteristic of a routed port on a Layer 3 switch?
It is not assigned to a VLAN
109. An administrator is attempting to configure a static route on a Cisco 2960 series switch. After
the administrator types the command IP route 0.0.0.0 0.0.0.0 10.1.1.1, an error message
appears stating that the command is not recognized. What must the administrator do so that his
command is accepted?
Enter the command sdm prefer lanbase-routing and reload
110. Which statement describes a disadvantage of using router subinterfaces for inter-VLAN
routing?
Routed traffic must contend for bandwidth on a signal router interface

111. Refer to the exhibit. Router RA receives a packet with a source address of 192.168.1.35 and a
destination address of 192.168.1.85. What will the router do with this packet?

The router will forward the packet out interface FastEthernet 0/1.2
112.
Refer to the exhibit. After attempting to enter the configuration that is shown in router
RTA, an administrator receives an error and users on VLAN 20 report that they ae unable to
reach users on VLAN 30. What is causing the problem?

RTA is using the same subnet for VLAN 20 and VLAN 30

113. Refer to the exhibit. A network administrator is configuring RT1 for inter-VLAN routing. The
switch is configured correctly and is functional. Host1, Host2 and Host3 cannot communicate
with each other. Based on the router configuration, what is causing the problem?

IP addresses on the interfaces are incorrectly matched to the VLANs

114.

What condition is required to enable Layer 3 switching?

The Layer 3 switch must have IP routing enabled
115.
Refer to the exhibit. Which command can the administrator issue to change the VLAN10
status to up?

Switch1(config)# vlan 10
Switch1(config-vlan)# exit
116.
Fill in the blank. Do not use abbreviations. A network engineer is troubleshooting the
configuration of new VLANs on a network. Which command is used to display the list of VLANs
that exist on the switch? SHOW VLAN
117.
Match the inter-VLAN routing method to the corresponding characteristic. (Not all
options are used)
Router-on-a-stick: creation of subinterfaces
Layer 3 with SVIs: routing at wire speeds
Layer 3 with routed ports: need to issue the no switchport command
118.
Refer to the exhibit. What command would be used to configure a static route on R1 so
that traffic from both LANs can reach the 2001:db8:1:4::/64 remote network?

Ipv6 route 2001:db8:1:4::/64 2001:db8:1:3::2

119. Refer to the exhibit. The network engineer for the company that is shown wants to use the
primary ISP connection for all external connectivity. The backup ISP connection is used only if
the primary ISP connection fails. Which set of commands would accomplish this goal?

IP route0.0.0.0.0.0.0.0 s0/0/0
IP route0.0.0.0.0.0.0.0 s0/1/0 10
120.
Refer to the exhibit. What routing solution will allow both PC A and PC B to access the
internet with the minimum amount of router CPU and network bandwidth utilization?

Configure a static default route from R1 to Edge, a default route from Edge to the internet,
and a static route from Edge to R1
121.

What are two advantages of static routing over dynamic routing? (Choose two)
Static routing is more secure because it does not advertise over the network
Static routing uses fewer router resources than dynamic routing
122.
What type of routing allows a router to forward packets even though its routing table
contains no specific route to the destination network?
Default route

123.
Why would a floating static route be configured with an administrative distance that is
higher than the administrative distance of a dynamic routing protocol that is running on the
same router?
To be used as a backup route
124.
What is the correct syntax of a floating static route?
IP route 209.165.200.228 255.255.255.248 10.0.0.1 120
125.
Which type of static route that is configured on a router uses only the exit interface?
Directly connected static route
126.
Refer to the graphic. Which command would be used on router A to configure a static
route to direct traffic from LAN A that is destined for LAN C?

A(config)# IP route 192.168.4.0 255.255.255.0 192.168.3.2

127.
The network administrator configures the router with the IP route 172.16.1.0
255.255.255.0 172.16.2.2 command. How will this route appear in the routing table?
S 172.16.1.0 [1/0] via 172.16.2.2
128.
Refer to the exhibit. R1 receives a packet destined for the IP address 192.168.2.10. Out
which interface will R1 forward the packet?

Serial 0/0/1

129.
Refer to the exhibit. The network administrator needs to configure a default route on the
border router. Which command would the administrator use to configure a default route that
will require the least amount of router processing when forwarding packets?

Border(config)# IP route 0.0.0.0 0.0.0.0 s0/0/1

130.
What two pieces of information are needed in a fully specified static route to eliminate
recursive lookups? (Choose two)
The interface ID exit interface
The IP address of the next-hop neighbor
131.
Refer to the exhibit. Which default static route command would allow R1 to potentially
reach all unknown networks on the internet?

R1(config)# ipv6 route ::/0 G0/1 fe80::2

132.

133.

Which two statements describe classfull IP addresses? (Choose two)

The number of bits used to identify the hosts is fixed by the class of the network
All subnets in a network are the same size
What would be the first step in calculation a summarized route for 5 networks?
Write all network numbers in binary

134.

A company has several networks with the following IP address requirements:

IP phones 50
PCs -70
IP cameras 10
Wireless access points 10
Network printers 10
Network scanners 2
Which block of addresses would be the minimum to accommodate all of these devices if
each type of device was on its own network?
172.16.0.0/24

135.

What does VLSM allow a network administrator to do?

Utilize multiple different subnet masks in the same IP address space
What would be the best summary route for the following networks?
10.50.168.0/23
10.50.170.0/23
10.50.172.0/23
10.50.174.0/24

136.

10.50.168.0/21
137.
What is a valid summary route for IPv6 networks 2001:0DB8:ACAD:4::/64,
2001:0DB8:ACAD:5::/64, 2001:0DB8:ACAD:6::/64 AND 2001:0DB8:ACAD:7::/64?
2001:0DB8:ACAD:0004::/62
138.
Consider the following command: IP route 19.168.10.0 255.255.255.0 10.10.10.2 5 How
would an administrator test this configuration?
Manually shut down the router interface used as a primary route
139.
Refer to the exhibit. The small company shown uses static routing. Users on the R2 LAN
have reported a problem with connectivity. What is the issue?

R1 needs a static route to the R2 LAN