Section 7 – New Questions (March, 2012)
QUESTION 11
Which two statements are true about best practices in VLAN design? (Choose two.)
A. Routing should occur at the access layer if voice VLANs are utilized. Otherwise, routing should
occur at the distribution layer.
B. Routing may be performed at all layers but is most commonly done at the core and distribution layers.
C. Routing should not be performed between VLANs located on separate switches.
D. VLANs should be local to a switch.
E. VLANs should be localized to a single switch unless voice VLANs are being utilized.
Answer: BD
QUESTION 12
The following command was issued on a router that is being configured as the active HSRP router.
standby ip 10.2.1.1
Which statement is true about this command?
A. This command will not work because the HSRP group information is missing
B. The HSRP MAC address will be 0000 0c07 ac00
C. The HSRP MAC address will be 0000 0c07 ac01.
D. The HSRP MAC address will be 0000.070c ad01.
E. This command will not work because the active parameter is missing
Answer: B
QUESTION 13
Which spanning-tree command would essentially disable spanning tree on an interface and make that interface susceptible to spanning-tree loops?
A. spanning-tree portfast bpdufilter default
B. spanning-tree bpdufilter enable
C. spanning-tree portfast bpduguard default
D. spanning-tree bpduguard enable
E. spanning-tree guard root
Answer: B
QUESTION 14
Which statement correctly describes the results of the Ethernet switch global configuration command spanning-tree loopguard default?
A. When any port receives a BPDU, it is put it in the error-disabled state.
B. An interface is moved directly to the spanning-tree forwarding state without waiting for the standard
forward-time delay.
C. Prevents interfaces that are in a PortFast-operational state from sending or receiving BPDUs.
D. Detects indirect link failures and starts the spanning-tree reconfiguration sooner.
E. Prevents alternate or root ports from becoming designated ports because of a failure that leads to
aunidirectional link.
F. Provides fast convergence after a direct link failure where a root port transitions to the forwarding
state immediately without going through the listening and learning states.
Answer: E
QUESTION 15
An attacking device has gained unauthorized access to data on a different VLAN through the use of double tagging. What is the name of this network attack?
A. switch spoofing
B. IP spoofing
C. VLAN hopping
D. VLAN jumping
E. DHCP spoofing
F. MAC flooding
Answer: C