Question 1Which two statements are true about best practices in VLAN design? (Choose two)
A. Routing should occur at the access layer if voice VLANs are utilized. Otherwise, routing should occur at the distribution layer.
B. Routing may be performed at all layers but is most commonly done at the core and distribution layers.
C. Routing should not be performed between VLANs located on separate switches.
D. VLANs should be local to a switch.
E. VLANs should be localized to a single switch unless voice VLANs are being utilized.
Answer: B D
Explanation
First let’s review main characteristics of three layers in a campus network:
* Access layer:
+ Low cost per switch port
+ High port density
+ Scalable uplinks to higher layers
+ User access functions such as VLAN membership, traffic and protocol filtering, and quality of service (QoS)
+ Resiliency through multiple uplinks
* Distribution Layer:
+ Aggregation of multiple access-layer devices
+ High Layer 3 throughput for packet handling
+ Security and policy-based connectivity functions through access lists or packet filters
+ QoS features
+ Scalable and resilient high-speed links to the core and access layers
* Core layer:
+ Very high throughput at Layer 3
+ No costly or unnecessary packet manipulations (access lists, packet filtering)
+ Redundancy and resilience for high availability
+ Advanced QoS functions
We can see at Distribution and Core layers, Layer 3 throughput (routing) is very high -> B is correct.
Nowadays, end-to-end VLANs are not recommended in an enterprise network, unless there is a good reason. In an end-to-end VLAN, broadcast traffic is carried over from one end of the network to the other, creating the possibility for a broadcast storm or Layer 2 bridging
loop to spread across the whole extent of a VLAN. This can exhaust the bandwidth of distribution and core-layer links, as well as switch CPU resources. Now the storm or loop has disrupted users on the end-to-end VLAN, in addition to users on other VLANs that might
be crossing the core.
When such a problem occurs, troubleshooting becomes more difficult. In other words, the risks of end-to-end VLANs outweigh the convenience and benefits.
From that we can infer VLAN traffic should be local to the switch -> D is correct.
(Reference: CCNP SWITCH 642-813 Official Certification Guide)
Question 2
A dynamic access port is member of which VLAN by default?
A. VLAN 1 is the default VLAN
B. none until the port VLAN is determined
Answer: B
Explanation
Normal access port belongs to VLAN 1 by default but this question asks about dynamic-access port. This is a quote from Cisco website about dynamic-access port:
Dynamic-Access Port VLAN Membership
“A dynamic-access port can belong to only one VLAN with an ID from 1 to 4094. When the link comes up, the switch does not forward traffic to or from this port until the VMPS provides the VLAN assignment. The VMPS receives the source MAC address from the first packet of a new host connected to the dynamic-access port and attempts to match the MAC address to a VLAN in the VMPS database.
If there is a match, the VMPS sends the VLAN number for that port. If the client switch was not previously configured, it uses the domain name from the first VTP packet it receives on its trunk port from the VMPS. If the client switch was previously configured, it includes its domain name in the query packet to the VMPS to obtain its VLAN number. The VMPS verifies that the domain name in the packet matches its own domain name before accepting the request and responds to the client with the assigned VLAN number for the client. If there is no match, the VMPS either denies the request or shuts down the port (depending on the VMPS secure mode setting).”
So answer B is the best choice here.
Note: “Dynamic-Access port” is a different from the DTP “Dynamic Auto” mode. We can configure “Dynamic-Access port” with the command “switchport access vlan dynamic” (not “switchport mode dynamic auto”).
Question 3
Which VLAN IDs are in the extended range? (Choose three)
A. 1006
B. 1001
C. 999
D. 4021
E. 3003
F. 99
Answer: A D E
Question 4
Which configuration do you apply to an interface so that a host can be placed into VLAN593?
A. interface GigabitEthernet0/0.593
encapsulation dot1q 593
switchport access vlan 593
B. interface GigabitEthernet0/0
switchport trunk encapsulation dot1q
switchport trunk native vlan 593
switchport access vlan 593
C. interface GigabitEthernet0/0
switchport mode trunk
switchport trunk allowed vlan 593
D. interface GigabitEthernet0/0
switchport mode access
switchport access vlan 593
switchport host
Answer: D
Question 5
Which two statements are true in regards to normal and extended range VLANs? (Choose two)
A. Normal range VLANs from 1-1005 are stored in vlan.dat.
B. Extended range VLANs from 1006-4096 are stored in the startup configuration.
C. Normal range VLANs from 1-1005 are stored in the startup configuration.
D. Extended range VLANs from 1006-4096 are stored in vlan.dat.
E. Both normal and extended VLANs are stored in vlan.dat file.
Answer: A B
Explanation
Normal range VLANs are from 1 to 1005. Extended range VLANs are from 1006 to 4094.
In VTP version 1 and 2, extended-range VLANs are not saved in the VLAN database; they are saved in the switch running configuration file. You can save the extended-range VLAN configuration in the switch startup configuration file by using the copy running-config startup-config privileged EXEC command. VTP version 3 saves extended-range VLANs in the VLAN database.
Therefore answer B is correct, except that the extended range VLANs should be from 1006-4094 (not 4096).
Question 6
Question about the behavior of VLAN 1 BPDUs in a situation where the native VLAN configured as VLAN 99 and the native VLAN is tagged. (Choose two)
A. Normal STP VLAN 1 BPDU travel across VLAN 99 untagged
B. PVST+ VLAN 1 BPDU travel across VLAN 99 tagged
C. Normal STP VLAN 1 BPDU travel across VLAN 1 untagged
D. PVST+ VLAN 99 BPDU travel across VLAN 99 tagged
Answer: B D
Explanation
When the native VLAN is tagged, all VLANs will be tagged.
Question 7
Which two statements about VLAN database are true? (Choose two)
A. It supports VLANs 1-1001.
B. It supports extended VLAN.
C. Information about VLANs are stored in the configuration.
D. It can have different VLANs with the same VLAN ID, but must have the same name.
E. It can be configured in VTP transparent, but must be in the VLAN database mode.
Answer: A E
Explanation
When the switch is in VTP server or transparent mode, you can configure VLANs in the VLAN database mode. When you configure VLANs in VLAN database mode, the VLAN configuration is saved in the vlan.dat file, not the running-config or startup-config files. To display the VLAN configuration, enter the show running-config vlan command.
User-configurable VLANs have unique IDs from 1 to 4094. Database mode supports configuration of IDs from 1 to 1001, but not the extended addresses from 1006 to 4094.
Question 8
Which two VLAN ranges can you add, modify or delete on a switch? (Choose two)
A. VLANs 1-1001
B. VLANs 1005-4094
C. VLANs 1006-4094
D. VLANs 2-1001
E. VLANs 2-4094
Answer: C D
Explanation
Normal range VLANs are from 1 to 1005 (in which VLANs 1002 to 1005 are Cisco defaults for FDDI and Token Ring. You cannot delete these VLANs). Extended range VLANs are from 1006 to 4094.
Question 9
Where does the VLAN information get saved to?
A. The information is saved to the vlan.dat file.
B. The information is saved to the running configuration file.
C. The information is saved to the vlan.txt file.
D. The information is saved to the vlan.conf file.
Answer: A
Question 10
Which normal VLAN range are valid and is stored in the vlan.dat configuration file?
A. VLANs 1-1005
B. VLANs 1005-2030
C. VLANs 2094-4094
D. VLANs 4094-8030
Answer: A