CCNA Training CCNA Switch Questions. Here you will find answers about Switch Questions Part 1. Question 1. Which two commands can be used to verify a trunk link configuration status on a Cisco switch A. B. show interfaces switchport. C. show ip interface brief. D. show interfaces vlan. How to upgrade the software on a Cisco 3850 switch this short post lists the steps to perform a Cisco 3850 IOS upgrade on a stack. Here you will find answers to Switch Questions Part 3. Question 1. Which of the following are true regarding bridges and switches Choose two. Here you will find answers about Switch Questions Part 1. Question 1. Which two commands can be used to verify a trunk link configuration status on a Cisco switchAnswer A BExplanation. The show interfaces trunk command and show interfaces switchport command can be used to verify the status of an interface trunking or not. The outputs of these commands are shown below port Ethernet 10 has been configured as trunk The show ip interface brief command only gives us information about the IP address, the status updown of an interface The show interfaces vlan command only gives us information about that VLAN, not about which ports are the trunk links Question 2. I use these new IOS images with GNS3. Its always better to use 12. IOS as they provide full command support. If you cant buy original routers and switches, GNS3. Vlan is kill me I have a pfsense with one two nic tow ports intel the lan port connected to a Cisco 3750G switch. I have watched videos, read docs and google. How to run GWBasic in Windows 8 GWBASIC is a dialect of the programming language BASIC developed by Microsoft from BASICA, originally for Compaq. Blog dedicado con el mundo de cisco certificaciones, curriculums, tests, practicas, software, manuales, ayuda, etc. Refer to the exhibit. The following commands are executed on interface fa. Switch. 2. 95. 0Switchconfig ifswitchport port security. Switchconfig ifswitchport port security mac address sticky. Switchconfig ifswitchport port security maximum 1. The Ethernet frame that is shown arrives on interface fa. What two functions will occur when this frame is received by 2. Switch Choose twoA. The MAC address table will now have an additional entry of fa. Cisco 3750 Switch Ios For Gns3' title='Cisco 3750 Switch Ios For Gns3' />FFFF. FFFF. FFFF. B. Only host A will be allowed to transmit frames on fa. C. This frame will be discarded when it is received by 2. Switch. D. All frames arriving on 2. Switch with a destination of 0. E. Hosts B and C may forward frames out fa. F. Only frames from source 0. MAC address of 2. Switch, will be forwarded out fa. Answer B DExplanation. Please read the explanation at http www. Question 3. Which Cisco Catalyst feature automatically disables the port in an operational Port. Fast upon receipt of a BPDU A. Backbone. Fast. B. Uplink. Fast. C. Root Guard. D. BPDU Guard. E. BPDU Filter. Answer DExplanation. We only enable Port. Fast feature on access ports ports connected to end stations. But if someone does not know he can accidentally plug that port to another switch and a loop may occur when BPDUs are being transmitted and received on these ports. With BPDU Guard, when a Port. Fast receives a BPDU, it will be shut down to prevent a loop D is correct. Question 4. Why will a switch never learn a broadcast address A. Broadcast frames are never sent to switches. B. Broadcast addresses use an incorrect format for the switching table. C. A broadcast address will never be the source address of a frame. D. Broadcasts only use network layer addressing. E. A broadcast frame is never forwarded by a switch. Answer CQuestion 5. Which three statements accurately describe layer 2 Ethernet switches A. Microsegmentation decreases the number of collisions on the network. B. If a switch receives a frame for an unknown destination, it uses ARP to resolve the address. C. Spanning Tree Protocol allows switches to automatically share vlan information. D. In a property functioning network with redundant switched paths, each switched segment will contain one root bridge with all its ports in the forwarding state. All other switches in that broadcast domain will have only one root port. E. Establishing vlans increases the number of broadcast domains. F. Switches that are configured with vlans make forwarding decisions based on both layer 2 and layer 3 address information. Answer A D EExplanation. Microsegmentation is a network design functionality where each workstation or device on a network gets its own dedicated segment collision domain to the switch. Each network device gets the full bandwidth of the segment and does not have to share the segment with other devices. Microsegmentation reduces and can even eliminate collisions because each segment is its own collision domain A is correct. Note Microsegmentation decreases the number of collisions but it increases the number of collision domains. D and E are correct based on the theory of STP and VLAN. Question 6. Switch ports operating in which two roles will forward traffic according to the IEEE 8. Choose twoA. alternate B. C. designated. D. E. root. Answer C EExplanation. IEEE 8. 02. 1w is the standard of Rapid Spanning Tree Protocol RSTP. There are 5 port roles in this standard Root port, Designated port, Alternative port, Backup port and Disabled port. In these 5 port roles, only Root port and Designated port can forward traffic. Question 7. Select the action that results from executing these commands Switchconfig if switchport port security Switchconfig if switchport port security mac address sticky. A. A dynamically learned MAC address is saved in the startup configuration file. B. A dynamically learned MAC address is saved in the running configuration file. C. A dynamically learned MAC address is saved in the VLAN database. D. Statically configured MAC addresses are saved in the startup configuration file if frames from that address are received. E. Statically configured MAC addresses are saved in the running configuration file if frames from that address are received. Answer BExplanation. The full syntax of the second command is switchport port security mac address sticky MACIf we dont specify the MAC address like in this question then the switch will dynamically learn the attached MAC Address and place it into your running configuration B is correct. Question 8. What is valid reason for a switch to deny port access to new devices when port security is enabledA. The denied MAC addresses have already been learned or configured on another secure interface in the same VLAN. Quickbooks Accounting Software Full Version. B. The denied MAC address are statically configured on the port. C. The minimum MAC threshold has been reached. D. The absolute aging times for the denied MAC addresses have expired. Answer AExplanation. A security violation occurs in either of these situations When the maximum number of secure MAC addresses is reached on a secure port and the source MAC address of the ingress traffic is different from any of the identified secure MAC addresses, port security applies the configured violation mode. If traffic with a secure MAC address that is configured or learned on one secure port attempts to access another secure port in the same VLAN, applies the configured violation mode. From the second statement we can figure out A is the correct answer. But for your information we will discuss other answers as well. Answer B is not correct because we cant configured which MAC address will be denied. We can only configure which MAC is allowed. We can only configure the maximum MAC threshold, not the minimum threshold C is not correct. The aging times are only configured for allowed MAC addresses, not for denied MAC D is correct. For your information about aging time When the aging type is configured with the absolute keyword, all the dynamically learned secure addresses age out when the aging time expires. This is how to configure the secure MAC address aging type on the port Routerconfig if switchport port security aging type absoluteand configure the aging time aging time 1. Routerconfig if switchport port security aging time 1. When this command is used, all the dynamically learned secure addresses age out when the aging time expiresReference http www. USdocsswitcheslancatalyst. SXconfigurationguideportsec. Question 9. A network administrator needs to configure port security on a switch. Which two statements are true Choose twoA. The network administrator can apply port security to dynamic access ports. B. The network administrator can configure static secure or sticky secure mac addresses in the voice vlan. C. The sticky learning feature allows the addition of dynamically learned addresses to the running configuration. D. The network administrator can apply port security to Ether. Channels. E. When dynamic mac address learning is enabled on an interface, the switch can learn new addresses up to the maximum defined. Answer C EExplanation. Show free not used for a while ports on Cisco switch with one command. Reasonably common task I come accross is to find free ports on switches ports that havent been used for sometime. Sometimes its very easy where you can use an NMS or similar to give you a pretty output to show ports and their last inputoutput. However in my experience this is the exception rather than the rule. Heres a couple of examples using the pipe to parse the output down a bit to only show us interfaces we want. All example shown have been tested on 2. IOS 1. 2. 2 you should always check the switches uptime before taking these outputs to mean anything. Thanks to Steve B for suggesting i proto rather than i Gigabit. E to catch all flavours of interface. This example shows all interfaces followed by the last inputoutput no matter if they are used or not. Command show int i protoLast in. Example of outputm. Last in. Gigabit. Ethernet. 11 is down, line protocol is down notconnect. Last input 6w. 6d, output 6w. Kindred Hospital Handbook. Gigabit. Ethernet. Last input 2. 1w. Gigabit. Ethernet. Last input 0. 0 0. Gigabit. Ethernet. Last input 0. 0 0. Gigabit. Ethernet. Last input never, output never, output hang never. This example is my favourite. Shows only admin down or unconnected ports that have no inputinput for 6 weeks. Command show int i proto. Last in. 6 9wLast in. Last input never, output never, output hang never. Example of outputm. Last in. 0 90 9w0 9yLast input never, output never, output hang never. Last input never, output never, output hang never. Gigabit. Ethernet. Last input 6w. 6d, output 6w. Gigabit. Ethernet. Last input 2. 1w. Gigabit. Ethernet. Last input never, output never, output hang never. There are some exceptions here where a port that is unconnected but used more recently than 6 weeks. These ports will show as below. They wont have any inputoutput info directly below them. I find for a very quick simple way to see free ports this works pretty well without having to mess about with other scripts. It might also show other port types SVI, portchannel etc that are down or have no inputoutput but this is quite rare in my experience. Small caveat output. Gigabit. Ethernet. Last input never, output never, output hang never. Gigabit. Ethernet. Gigabit. Ethernet. Gigabit. Ethernet. The 2nd command above isnt exactly easy to typeremember but used with an alias its pretty good Enter configuration commands, one per line. End with CNTLZ. m. Last in. 6 9wLast in. Last input never, output never, output hang never. Z. m. 00niecatfree. Gigabit. Ethernet. Last input 6w. 6d, output 6w. Gigabit. Ethernet. Last input 2. 1w. Gigabit. Ethernet. Last input never, output never, output hang never. Thesis For Wordpress. Some more info about the pipe command and regex can be found in this post.