642-812 - BCMSN - Building Converged Cisco Multilayer Switched Networks
Go back to Cisco
What is needed to verify that a newly implemented security solution is performing as expected? Select the best response.
results from audit testing of the implemented solution
Which two statements are true about port security? (Choose two.) Select 2 response(s).
With port security configured, only one MAC address is allowed by default.
Port security can be configured for ports supporting VoIP.
What is a critical piece of information that you should have when creating a VLAN-based implementation plan? Select the best response.
a summary implementation plan
Many security administrators don't think of security when it comes to Layer 2 of the network infrastructure (where switches operate), and it's one of the most overlooked aspects of network security and reliability. Which statement is true about Layer 2 security threats?
MAC spoofing attacks allow an attacking device to receive frames intended for a different network host.
A switch has been configured with PVLANs. With what type of PVLAN port should the default gateway be configured? Select the best response.
Port security is being used to control access to a switch port. Which command will place the port into the errdisable state if an unauthorized station connects?
switchport port-security violation shutdown
A workstation has a Link-local IPv6 address FE80::A1:56C2:1102 and is setting a global unicast IPv6 address via stateless auto-configuration. The router connected to the LAN has a global IPv6 address of 2001:AAAA:BBBB:CCCC:DDDD::1/64. What will your workstation set its IPv6 address to once it detects the router advertisements?
The Cisco Aironet cards only work in peer to peer mode. On an Aironet card, LED 0 and LED 1 are blinking alternately. What does this mean?
The Aironet card is looking for a network association.
Which statement is true about IP telephony calls? Select the best response.
The sum of bandwidth necessary for each major application, including voice, video, and data, should not exceed 75 percent of the total available bandwidth for each link.
What is one method that can be used to prevent VLAN hopping? Select the best response.
Explicitly turn off Dynamic Trunking Protocol (DTP) on all unused ports.
When planning high availability, which two components are important to minimize the effect of outages? (Choose two.) Select 2 response(s).
redundancy, to prevent single points of failure
appropriate technology, such as hardware and software
The users in a department are using various host platforms, some old and some new. All of them have been approved with a user ID in a RADIUS server database. Which feature could be used to restrict access to the switch ports in the building?
A change of the spanning tree network is being propagated to all STP devices. How are STP timers and state transitions affected when a topology change occurs in an STP environment?
The default aging time for MAC address entries will be reduced for a period of the max age timer plus the forward delay interval.
As a network technician ,you should know the VLAN hopping, can you tell me which two statements about VLAN hopping are true? (Choose two.)
Configuring an interface with the switchport mode access command will prevent VLAN hopping.
An end station attempts to gain access to all VLANs by transmitting Ethernet frames in the 802.1q encapsulation.
Which statement is true regarding the configuration of ISL trunks? Select the best response.
A Catalyst switch will report giants if one side is configured for ISL while the other side is not.
Which two codecs are supported by Cisco VoIP equipment? Select the best response.
G.711 and G.729
Which command most likely makes a switch become the Root Bridge for VLAN 5, assuming that all switches have the default STP parameters?
spanning-tree vlan 5 priority 100
Which two table types are CEF components?(Choose two.) Select 2 response(s).
forwarding information base
When a switch receives a UDLD message on a link, what must it do?
Echo the message back across the link
Which two statements are true about trust boundaries? (Choose two.) Select 2 response(s).
Classifying and marking traffic should be done as close to the traffic source as possible.
If untrusted traffic enters a switch, it can be marked with a new QoS value appropriate for the policy in place.
When configuring port security on a Cisco Catalyst switch port, what is the default action taken by the switch if a violation occurs? Select the best response.
shut down (access or trunk port)
Which three statements are correct about the Link Aggregation Control Protocol (LACP)? (Choose three.)
LACP packets are sent with the command channel-group 1 mode active.
Standby interfaces should be configured with a higher priority.
LACP is used to connect to non-Cisco devices.
A standalone wireless AP solution is being installed into the campus infrastructure. The access points appear to boot correctly, however, wireless clients are not obtaining correct access. You verify that the local switch configuration connected to the access point appears as the following: interface ethernet 0/1 switchport access vlan 10 switchport mode access spanning-tree portfast mls qos trust dscp What is the most likely issue causing the problem? Select the best response.
switchport mode should be defined as "trunk" with respective QoS.
To initiate testing, which port does a Cisco IOS IP SLA source use to send a control message to an IP SLA responder? Select the best response.
UDP port 1967
What is the effect of configuring the following command on a switch? Switch(config) # spanning-tree portfast bpdufilter default Select the best response.
If BPDUs are received by a port configured for PortFast, then PortFast is disabled and the BPDUs are processed normally.
You are planning a new VLAN-based network solution. What is one item you should consider when creating your implementation plan as it concerns VLANs? Select the best response.
Which statement is correct about 802.1Q trunking? Select the best response.
In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN.
What are two differences between the Autonomous WLAN solution and the Lightweight WLAN solution? (Choose two.) Select 2 response(s).
CiscoWorks Wireless LAN Solution Engine can be used for management with the Autonomous WLAN Solution.
Cisco Wireless LAN Controller is used to configure the access points in the Lightweight WLAN solution.
What is the objective of the Cisco Compatible Extensions program? Select the best response.
to provide customers with a broad range of WLAN client devices that have been tested for interoperability with Cisco Aironet innovations
Which two statements correctly describe UDLD? (Choose two.) Select 2 response(s).
It is recommended that it be enabled globally rather than on an individual port.
It is recommended that it be used with the loop guard feature.
You are requested to configure a new switch for trunking. Which switch command enables a trunking protocol that appends a four byte CRC to the packet?
Switch(config-if)#switchport trunk encapsulation isl
Which statement is true about the Lightweight Access Point Protocol (LWAPP)? Select the best response.
Real-time frame exchange is accomplished within the access point.
Why is BPDU guard an effective way to prevent an unauthorized rogue switch from altering the spanning-tree topology of a network? Select the best response.
BPDU guard can be utilized along with PortFast to shut down ports when a switch is connected to the port.
For the following items, which EtherChannel mode does not send or receive any negotiation frames?
channel-group 1 mode on
You are tasked with designing a security solution for your network. What information should be gathered prior to designing the solution? Select the best response.
results from a network audit
Which two statements about the Cisco Aironet Desktop Utility (ADU) are true? (Choose two.) Select 2 response(s).
The Aironet Desktop Utility (ADU) can be used to establish the association between the client adapter and the access point, manage authentication to the wireless network, and enable data encryption.
The Aironet Desktop Utility (ADU) can support only one wireless client adapter installed and used at a time.
Which statement is true about 802.1x port-based authentication? Select the best response.
RADIUS is the only supported authentication server type.
You need to verify the operation of the BPDU enhancements that were added to the switches. Which two statements are true about BPDU port-guard and BPDU filtering? (Choose two.)
When a BPDU is received on a BPDU port-guard enabled port, the interface goes into the err-disabled state.
When globally enabled, BPDU port-guard and BPDU filtering apply only to PortFast enabled ports.
Which set of statements about Spanning Tree Protocol default timers is true? Select the best response.
The hello time is 2 seconds. The forward delay is 15 seconds. The max_age timer is 20 seconds.
What are two methods of mitigating MAC address flooding attacks? (Choose two.) Select 2 response(s).
Implement port security.
Implement VLAN access maps.
What action should you be prepared to take when verifying a security solution? Select the best response.
having a rollback plan in case of unwanted or unexpected results
What is the effect of applying the switchport trunk encapsulation dot1q command to a port on a Cisco Catalyst switch? Select the best response.
The interface will support the reception of tagged and untagged traffic.
Which two descriptions about voice packets in a LAN are correct? (Choose two.)
Voice carrier stream utilizes Real-Time Transport Protocol (RTP) to carry the audio/media portion of VoIP communication.
Voice packets are very sensitive to delay and jitter.
MAC addresses can be put into the CAM table, but no data can be sent or received if a switch port is in which of the following STP states?
Which statement is true about voice VLANs? Select the best response.
The IP phone overrides the priority of all incoming data traffic (tagged and untagged) and sets the CoS value to 0.
Which set of statements describes the correct order and process of a wireless client associating with a wireless access point? Select the best response.
1. Client sends probe request. 2. Access point sends probe response. 3. Client initiates association. 4. Access point accepts association. 5. Access point adds client MAC address to association table.
Which statement is true about the data traffic between the access point and controller? Select the best response.
The data traffic is encapsulated with LWAPP.
On a multilayer Catalyst switch, which interface command is used to convert a Layer 3 interface to a Layer 2 interface? Select the best response.
A campus infrastructure supports wireless clients via Cisco Aironet AG Series 1230, 1240, and 1250 access points. With DNS and DHCP configured, the 1230 and 1240 access points appear to boot and operate normally; however, the 1250 access points do not seem to operate correctly. What is the most likely issue causing this problem? Select the best response.
Which statement describes the function of a trust boundary? Select the best response.
Trust boundaries are a point in the network where decisions about CoS markings on incoming packets are made.