Tag: 642 813 simulation questions

Cisco 642-813 Certification Exam, Help To Pass Cisco 642-813 Test Engine 100% Pass With A High ScoreCisco 642-813 Certification Exam, Help To Pass Cisco 642-813 Test Engine 100% Pass With A High Score

100% valid Cisco 642-813 brain dumps with more new added questions. By training the Cisco 642-813 questions, you will save a lot time in preparing the exam. Visit www.Flydumps.com to get the 100% pass ensure!

Exam A
QUESTION 1
hostname Switch1 interface Vlan10 ip address 172.16.10.32 255.255.255.0 no ip redirects standby 1 ip 172.16.10.110 standby 1 timers msec 200 msec 700 standby 1 preempt
hostname Switch2 interface Vlan10 ip address 172.16.10.33 255.255.255.0 no ip redirects standby 1 ip 172.16.10.110 standby 1 timers msec 200 msec 750 standby 1 priority 110 standby 1 preempt
hostname Switch3 interface Vlan10 ip address 172.16.10.34 255.255.255.0 no ip redirects standby 1 ip 172.16.10.110 standby 1 timers msec 200 msec 750 standby 1 priority 150 standby 1 preempt
Refer to the above. Three switches are configured for HSRP.
Switch1 remains in the HSRP listen state. What is the most likely cause of this status?
A. This is normal operation.
B. The standby group number does not match the VLAN number.
C. IP addressing is incorrect.
D. Priority commands are incorrect.
E. Standby timers are incorrect.
Correct Answer: A Section: HSRP Explanation
Explanation/Reference:
Explanation:
QUESTION 2
Three Cisco Catalyst switches have been configured with a first-hop redundancy protocol. While reviewing some show commands, debug output, and the syslog, you discover the following information:
Jan 9 08:00:42.623: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Standby -> Active Jan 9 08:00:56.011: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Active -> Speak Jan 9 08:01:03.011: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Speak -> Standby Jan 9 08:01:29.427: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Standby -> Active Jan 9 08:01:36.808: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Active -> Speak Jan 9 08:01:43.808: %STANDBY-6-STATECHANGF. Standby: 49:Vlan149 state Speak -> Standby
What conclusion can you infer from this information?
A. VRRP is initializing and operating correctly.
B. HSRP is initializing and operating correctly.
C. GLBP is initializing and operating correctly.
D. VRRP is not exchanging three hello messages properly.
E. HSRP is not exchanging three hello messages properly.
F. GLBP is not exchanging three hello messages properly.
Correct Answer: E Section: HSRP Explanation
Explanation/Reference:
Explanation:
QUESTION 3
By itself, what does the command “aaa new-model” enable?
A. It globally enables AAA on the switch, with default lists applied to the VTYs.
B. Nothing; you must also specify which protocol (RADIUS or TACACS) will be used for AAA.
C. It enables AAA on all dot1x ports.
D. Nothing; you must also specify where (console, TTY, VTY, dot1x) AAA is being applied.
Correct Answer: A Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 4
What are three results of issuing the “switchport host” command? (Choose three.)
A. disables EtherChannel
B. enables port security
C. disables Cisco Discovery Protocol
D. enables PortFast
E. disables trunking
F. enables loopguard
Correct Answer: ADE Section: VLANs Security Explanation
Explanation/Reference:
Explanation:
QUESTION 5
When configuring private VLANs, which configuration task must you do first?
A. Configure the private VLAN port parameters.
B. Configure and map the secondary VLAN to the primary VLAN.
C. Disable IGMP snooping.
D. Set the VTP mode to transparent.
Correct Answer: D Section: VLANs Security Explanation
Explanation/Reference:
Explanation:
QUESTION 6
Which statement about the configuration and application of port access control lists is true?
A. PACLs can be applied in the inbound or outbound direction of a Layer 2 physical interface.
B. At Layer 2, a MAC address PACL takes precedence over any existing Layer 3 PACL.
C. When you apply a port ACL to a trunk port, the ACL filters traffic on all VLANs present on the trunk port.
D. PACLs are not supported on EtherChannel interfaces.
Correct Answer: C Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 7
Refer to the exhibit.

Which statement about the command output is true?
A. If the number of devices attempting to access the port exceeds 11, the port shuts down for 20 minutes, as configured.
B. The port has security enabled and has shut down due to a security violation.
C. The port is operational and has reached its configured maximum allowed number of MAC addresses.
D. The port allows access for 11 MAC addresses in addition to the three configured MAC addresses.
Correct Answer: C Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 8
Refer to the exhibit.

Which statement best describes first-hop redundancy protocol status?
A. The first-hop redundancy protocol is not configured for this interface.
B. HSRP is configured for group 10.
C. HSRP is configured for group 11.
D. VRRP is configured for group 10.
E. VRRP is configured for group 11.
F. GLBP is configured with a single AVF.
Correct Answer: C Section: HSRP Explanation
Explanation/Reference:
Explanation:
QUESTION 9
Which statement best describes implementing a Layer 3 EtherChannel?
A. EtherChannel is a Layer 2 feature and not a Layer 3 feature.
B. Implementation requires switchport mode trunk and matching parameters between switches.
C. Implementation requires disabling switchport mode.
D. A Layer 3 address is assigned to the physical interface.
Correct Answer: C Section: EtherChannels Explanation
Explanation/Reference:
Explanation:
QUESTION 10
Which statement about when standard access control lists are applied to an interface to control inbound or outbound traffic is true?
A. The best match of the ACL entries is used for granularity of control.
B. They use source IP information for matching operations.
C. They use source and destination IP information for matching operations.
D. They use source IP information along with protocol-type information for finer granularity of control.
Correct Answer: B Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 11
Refer to the exhibit.

You have configured an interface to be an SVI for Layer 3 routing capabilities. Assuming that all VLANs have been correctly configured, what can be determined?
A. Interface gigabitethernet0/2 will be excluded from Layer 2 switching and enabled for Layer 3 routing.
B. The command switchport autostate exclude should be entered in global configuration mode, not subinterface mode, to enable a Layer 2 port to be configured for Layer 3 routing.
C. The configured port is excluded in the calculation of the status of the SVI.
D. The interface is missing IP configuration parameters; therefore, it will only function at Layer 2.
Correct Answer: C Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation:
QUESTION 12
Refer to the exhibit.

Which two statements about this Layer 3 security configuration example are true? (Choose two.)
A. Static IP source binding can be configured only on a routed port.
B. Source IP and MAC filtering on VLANs 10 and 11 will occur.
C. DHCP snooping will be enabled automatically on the access VLANs.
D. IP Source Guard is enabled.
E. The switch will drop the configured MAC and IP address source bindings and forward all other traffic.
Correct Answer: BD Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 13
Refer to the exhibit.

Which statement is true?
A. Cisco Express Forwarding load balancing has been disabled.
B. SVI VLAN 30 connects directly to the 10.1.30.0/24 network due to a valid glean adjacency.
C. VLAN 30 is not operational because no packet or byte counts are indicated.
D. The IP Cisco Express Forwarding configuration is capable of supporting IPv6.
Correct Answer: B Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation:
QUESTION 14
Which statement about the EIGRP routing being performed by the switch is true?

A. The EIGRP neighbor table contains 20 neighbors.
B. EIGRP is running normally and receiving IPv4 routing updates.
C. EIGRP status cannot be determined. The command show ip eigrp topology would determine the routing protocol status.
D. The switch has not established any neighbor relationships. Further network testing and troubleshooting must be performed to determine the cause of the problem.
Correct Answer: D Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation:
QUESTION 15
What is the result of entering the command “spanning-tree loopguard default” ?
A. The command enables loop guard and root guard.
B. The command changes the status of loop guard from the default of disabled to enabled.
C. The command activates loop guard on point-to-multipoint links in the switched network.
D. The command disables EtherChannel guard.
Correct Answer: B Section: STP Protection Explanation
Explanation/Reference:
Explanation:
QUESTION 16
What does the interface subcommand “switchport voice vlan 222” indicate?
A. The port is configured for data and voice traffic.
B. The port is fully dedicated to forwarding voice traffic.
C. The port operates as an FXS telephony port.
D. Voice traffic is directed to VLAN 222.
Correct Answer: A Section: IP Telephony Explanation
Explanation/Reference:
Explanation:
QUESTION 17
Which statement is a characteristic of multi-VLAN access ports?
A. The port has to support STP PortFast.
B. The auxiliary VLAN is for data service and is identified by the PVID.
C. The port hardware is set as an 802.1Q trunk.
D. The voice service and data service use the same trust boundary.
Correct Answer: C Section: IP Telephony Explanation
Explanation/Reference:
Explanation:
QUESTION 18
Which two statements are true about recommended practices that are to be used in a local VLAN solution design where layer 2 traffic is to be kept to a minimum? (Choose two.)
A. Routing should occur at the access layer if voice VLANs are utilized. Otherwise, routing should occur at the distribution layer.
B. Routing may be performed at all layers but is most commonly done at the core and distribution layers.
C. Routing should not be performed between VLANs located on separate switches.
D. VLANs should be local to a switch.
E. VLANs should be localized to a single switch unless voice VLANs are being utilized.
Correct Answer: BD Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 19
Which statement about the Port Aggregation Protocol is true?
A. Configuration changes made on the port-channel interface apply to all physical ports assigned to the port-channel interface.
B. Configuration changes made on a physical port that is a member of a port-channel interface apply to the port-channel interface.
C. Configuration changes are not permitted with Port Aggregation Protocol. Instead, the standardized Link Aggregation Control Protocol should be used if configuration changes are required.
D. The physical port must first be disassociated from the port-channel interface before any configuration changes can be made.
Correct Answer: A Section: EtherChannels Explanation
Explanation/Reference:
Explanation:
QUESTION 20
In which three HSRP states do routers send hello messages? (Choose three.)
A. standby
B. learn
C. listen
D. speak
E. active
Correct Answer: ADE Section: HSRP Explanation
Explanation/Reference:
Explanation:

Exam B QUESTION 1
Which statement about 802.1Q trunking is true?
A. Both switches must be in the same VTP domain.
B. The encapsulation type on both ends of the trunk does not have to match.
C. The native VLAN on both ends of the trunk must be VLAN 1.
D. In 802.1Q trunking, all VLAN packets are tagged on the trunk link, except the native VLAN.

Correct Answer: D Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 2
Refer to the exhibit.

Which three statements are true? (Choose three.)
A. A trunk link will be formed.
B. Only VLANs 1-1001 will travel across the trunk link.
C. The native VLAN for switch B is VLAN 1.
D. DTP is not running on switch A.
E. DTP packets are sent from switch B.
Correct Answer: ACE Section: VLANs, Trunks Explanation Explanation/Reference:
Explanation:
You can manually configure trunk links on Catalyst switches for either ISL or 802.1Q mode. In addition,
Cisco has implemented a proprietary, point-to-point protocol called Dynamic Trunking Protocol (DTP) that
negotiates a common trunking mode between two switches. The negotiation covers the encapsulation (ISL
or 802.1Q) as well as whether the link becomes a trunk at all. You can configure the trunk encapsulation
with the switchport trunk encapsulation command, as one of the following:

· isl–VLANs are tagged by encapsulating each frame using the Cisco ISL protocol. · dot1q–VLANs are
tagged in each frame using the IEEE 802.1Q standard protocol. The only exception is the native VLAN,
which is sent normally and not tagged at all. · negotiate (the default)–The encapsulation is negotiated to
select either ISL or IEEE 802.1Q, whichever is supported by both ends of the trunk. If both ends support
both types, ISL is favored. (The Catalyst 2950 switch does not support ISL encapsulation.) In the
switchport mode command, you can set the trunking mode to any of the following:
· trunk–This setting places the port in permanent trunking mode. The corresponding switch port at the
other end of the trunk should be similarly configured because negotiation is not allowed. You should also
manually configure the encapsulation mode. · dynamic desirable (the default)–The port actively attempts to
convert the link into trunking mode. If the far-end switch port is configured to trunk, dynamic desirable, or
dynamic auto mode, trunking is successfully negotiated.
· dynamic auto–The port converts the link into trunking mode. If the far-end switch port is configured to
trunk or dynamic desirable, trunking is negotiated. Because of the passive negotiation behavior, the link
never becomes a trunk if both ends of the link are left to the dynamic auto default.

QUESTION 3
Refer to the exhibit.

Host A and Host B are connected to the Cisco Catalyst 3550 switch and have been assigned to their respective VLANs. The rest of the 3550 configuration is the default configuration. Host A is able to ping its default gateway, 10.10.10.1, but is unable to ping Host B. Given the output in the exhibit, which statement is true?
A. HSRP must be configured on SW1.
B. A separate router is needed to support inter-VLAN routing.
C. Interface VLAN 10 must be configured on the SW1 switch.
D. The global configuration command ip routing must be configured on the SW1 switch.
E. VLANs 10 and 15 must be created in the VLAN database mode.
F. VTP must be configured to support inter-VLAN routing.

Correct Answer: D Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation: To transport packets between VLANs, you must use a Layer 3 device. Traditionally, this has been a router’s function. The router must have a physical or logical connection to each VLAN so that it can forward packets between them. This is known as interVLAN routing. Multilayer switches can perform both Layer 2 switching and interVLAN routing, as appropriate. Layer 2 switching occurs between interfaces that are assigned to Layer 2 VLANs or Layer 2 trunks. Layer 3 switching can occur between any type of interface, as long as the interface can have a Layer 3 address assigned to it. Switch(config)#ip routing command enables the routing on Layer 3 Swtich
QUESTION 4
Refer to the exhibit.

What happens when one more user is connected to interface FastEthernet 5/1?
A. All secure addresses age out and are removed from the secure address list. The security violation counter increments.
B. The first address learned on the port is removed from the secure address list and is replaced with the new address.
C. The interface is placed into the error-disabled state immediately, and an SNMP trap notification is sent.
D. The packets with the new source addresses are dropped until a sufficient number of secure MAC addresses are removed from the secure address list.
Correct Answer: C Section: Access Security Explanation
Explanation/Reference:
Explanation: Port security is a feature supported on Cisco Catalyst switches that restricts a switch port to a specific set or number of MAC addresses. Those addresses can be learned dynamically or configured statically. The port will then provide access to frames from only those addresses. If, however, the number of addresses is limited to four but no specific MAC addresses are configured, the port will allow any four MAC addresses to be learned dynamically, and port access will be limited to those four dynamically learned addresses. Port Security Implementation: When Switch port security rules violate different action can be applied:

1.
Protect: Frames from the nonallowed address are dropped, but there is no log of the violation.

2.
Restrict: Frames from the nonallowed address are dropped, a log message is created, and a Simple Network Management Protocol (SNMP) trap is sent.

3.
Shutdown: If any frames are seen from a nonallowed address, the interface is errdisabled, a log entry is made, an SNMP trap is sent, and manual intervention or errdisable recovery must be used to make the interface usable.
QUESTION 5
Refer to the exhibit.

What happens to traffic within VLAN 14 with a source address of 172.16.10.5?
A. The traffic is forwarded to the TCAM for further processing.
B. The traffic is forwarded to the router processor for further processing.
C. The traffic is dropped.
D. The traffic is forwarded without further processing.

Correct Answer: C Section: VLANs Security Explanation
Explanation/Reference:
Explanation: VLAN maps, also known as VLAN ACLs or VACLs, can filter all traffic traversing a switch. VLAN maps can be configured on the switch to filter all packets that are routed into or out of a VLAN, or are bridged within a VLAN. VLAN maps are used strictly for security packet filtering. Unlike router ACLs, VLAN maps are not defined by direction (input or output).
To create a VLAN map and apply it to one or more VLANs, perform these steps: · Create the standard or extended IP ACLs or named MAC extended ACLs to be applied to the VLAN. This access-list will select the traffic that will be either forwarded or dropped by the access- map. Only traffic matching the `permit’ condition in an access-list will be passed to the access-map for further processing. · Enter the vlan access-map access-map-name [sequence] global configuration command to create a VLAN ACL map entry. Each access-map can have multiple entries. The order of these entries is determined by the sequence. If no sequence number is entered, access-map entries are added with sequence numbers in increments of 10. · In access map configuration mode, optionally enter an action forward or action drop. The default is to forward traffic. Also enter the match command to specify an IP packet or a non-IP packet (with only a known MAC address), and to match the packet against one or more ACLs (standard or extended). · Use the vlan filter access-map-name vlan-list vlan-list global configuration command to apply a VLAN map to one or more VLANs. A single access-map can be used on multiple VLANs.
QUESTION 6
Which protocol allows for the automatic selection and simultaneous use of multiple available gateways as well as automatic failover between those gateways?
A. IRDP
B. HSRP
C. GLBP D. VRRP
Correct Answer: C Section: GLBP Explanation
Explanation/Reference:
Explanation: To provide a virtual router, multiple switches (routers) are assigned to a common GLBP group. Rather than having just one active router performing forwarding for the virtual router address, all routers in the group can participate and offer load balancing by forwarding a portion of the overall traffic. The advantage is that none of the clients have to be pointed toward a specific gateway address–they can all have the same default gateway set to the virtual router IP address. The load balancing is provided completely through the use of virtual router MAC addresses in ARP replies returned to the clients. As a client sends an ARP request looking for the virtual router address, GLBP sends back an ARP reply with the virtual MAC address of a selected router in the group. The result is that all clients use the same gateway address but have differing MAC addresses for it.
QUESTION 7
When you create a network implementation for a VLAN solution, what is one procedure that you should include in your plan?
A. Perform an incremental implementation of components.
B. Implement the entire solution and then test end-to-end to make sure that it is performing as designed.
C. Implement trunking of all VLANs to ensure that traffic is crossing the network as needed before performing any pruning of VLANs.
D. Test the solution on the production network in off hours.
Correct Answer: A Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 8
You have just created a new VLAN on your network. What is one step that you should include in your VLAN-based implementation and verification plan?
A. Verify that different native VLANs exist between two switches for security purposes.
B. Verify that the VLAN was added on all switches with the use of the show vlan command.
C. Verify that the switch is configured to allow for trunking on the switch ports.
D. Verify that each switch port has the correct IP address space assigned to it for the new VLAN.
Correct Answer: B Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 9
Which two statements describe a routed switch port on a multilayer switch? (Choose two.)
A. Layer 2 switching and Layer 3 routing are mutually supported.
B. The port is not associated with any VLAN.
C. The routed switch port supports VLAN subinterfaces.
D. The routed switch port is used when a switch has only one port per VLAN or subnet.
E. The routed switch port ensures that STP remains in the forwarding state.
Correct Answer: BD Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation:
QUESTION 10
Which two statements correctly describe VTP? (Choose two.)
A. Transparent mode always has a configuration revision number of 0.
B. Transparent mode cannot modify a VLAN database.
C. Client mode cannot forward received VTP advertisements.
D. Client mode synchronizes its VLAN database from VTP advertisements.
E. Server mode can synchronize across VTP domains.
Correct Answer: AD Section: VTP Explanation
Explanation/Reference:
Explanation:
QUESTION 11
Which two DTP modes permit trunking between directly connected switches? (Choose two.)
A. dynamic desirable (VTP domain A) to dynamic desirable (VTP domain A)
B. dynamic desirable (VTP domain A) to dynamic desirable (VTP domain B)
C. dynamic auto (VTP domain A) to dynamic auto (VTP domain A)
D. dynamic auto (VTP domain A) to dynamic auto (VTP domain B)
E. dynamic auto (VTP domain A) to nonegotiate (VTP domain A)
F. nonegotiate (VTP domain A) to nonegotiate (VTP domain B)
Correct Answer: AF Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 12
Which two RSTP port roles include the port as part of the active topology? (Choose two.)
A. root
B. designated
C. alternate
D. backup
E. forwarding
F. learning
Correct Answer: AB Section: RSTP, MST Explanation
Explanation/Reference:
Explanation:
QUESTION 13
Which two statements correctly describe characteristics of the PortFast feature? (Choose two.)
A. STP is disabled on the port.
B. PortFast can also be configured on trunk ports.
C. PortFast is needed to enable port-based BPDU guard.
D. PortFast is used for STP and RSTP host ports.
E. PortFast is used for STP-only host ports.

Correct Answer: BD Section: STP Explanation
Explanation/Reference:
Explanation:
QUESTION 14
Which statement correctly describes the Cisco implementation of RSTP?
A. PortFast, UplinkFast, and BackboneFast specific configurations are ignored in Rapid PVST mode.
B. RSTP is enabled globally and uses existing STP configuration.
C. Root and alternative ports transition immediately to the forwarding state.
D. Convergence is improved by using subsecond timers for the blocking, listening, learning, and forwarding port states.
Correct Answer: B Section: RSTP, MST Explanation
Explanation/Reference:
Explanation:
QUESTION 15
What is the effect of applying the “switchport trunk encapsulation dot1q” command to a port on a Cisco Catalyst switch?
A. By default, native VLAN packets going out this port are tagged.
B. Without an encapsulation command, 802.1Q is the default encapsulation if DTP fails to negotiate a trunking protocol.
C. The interface supports the reception of tagged and untagged traffic.
D. If the device connected to this port is not 802.1Q-enabled, it is unable to handle 802.1Q packets.
Correct Answer: C Section: VLANs, Trunks Explanation
Explanation/Reference:
Explanation:
QUESTION 16
You are the administrator of a switch and currently all host-connected ports are configured with the portfast command. You have received a new directive from your manager that states that, in the future, any host-connected port that receives a BPDU should automatically disable PortFast and begin transmitting BPDUs. Which command will support this new requirement?
A. Switch(config)#spanning-tree portfast bpduguard default
B. Switch(config-if)#spanning-tree bpduguard enable
C. Switch(config-if)#spanning-tree bpdufilter enable
D. Switch(config)#spanning-tree portfast bpdufilter default
Correct Answer: D Section: STP Protection Explanation
Explanation/Reference:
Explanation:
QUESTION 17
A port in a redundant topology is currently in the blocking state and is not receiving BPDUs. To ensure that this port does not erroneously transition to the forwarding state, which command should be configured?
A. Switch(config)#spanning-tree loopguard default
B. Switch(config-if)#spanning-tree bdpufilter
C. Switch(config)#udld aggressive
D. Switch(config-if)#spanning-tree bpduguard
Correct Answer: A Section: STP Protection Explanation
Explanation/Reference:
Explanation:
QUESTION 18
Which command can be issued without interfering with the operation of loop guard?
A. Switch(config-if)#spanning-tree guard root
B. Switch(config-if)#spanning-tree portfast
C. Switch(config-if)#switchport mode trunk
D. Switch(config-if)#switchport mode access
Correct Answer: C Section: STP Protection Explanation
Explanation/Reference:
Explanation:
QUESTION 19
Refer to the exhibit. On the basis of the information provided in the exhibit, which two sets of procedures are best practices for Layer 2 and 3 failover alignment? (Choose two.)

A. Configure the D-SW1 switch as the active HSRP router and the STP root for all VLANs. Configure the D-SW2 switch as the standby HSRP router and backup STP root for all VLANs.
B. Configure the D-SW1 switch as the standby HSRP router and the STP root for VLANs 11 and 110. Configure the D-SW2 switch as the standby HSRP router and the STP root for VLANs 12 and 120.
C. Configure the D-SW1 switch as the active HSRP router and the STP root for VLANs 11 and 110. Configure the D-SW2 switch as the active HSRP router and the STP root for VLANs 12 and 120.
D. Configure the D-SW2 switch as the active HSRP router and the STP root for all VLANs. Configure the D-SW1 switch as the standby HSRP router and backup STP root for all VLANs.
E. Configure the D-SW1 switch as the active HSRP router and the backup STP root for VLANs 11 and
110. Configure the D-SW2 switch as the active HSRP router and the backup STP root for VLANs 12 and 120.
F. Configure the D-SW1 switch as the standby HSRP router and the backup STP root for VLANs 12 and
120. Configure the D-SW2 switch as the standby HSRP router and the backup STP root for VLANs 11 and 110.
Correct Answer: CF Section: HSRP Explanation
Explanation/Reference:
Explanation: Basically, each of the routers that provides redundancy for a given gateway address is assigned to a common HSRP group. One router is elected as the primary, or active, HSRP router, another is elected as the standby HSRP router, and all the others remain in the listen HSRP state. The routers exchange HSRP hello messages at regular intervals, so they can remain aware of each other’s existence, as well as that of the active router.
HSRP election is based on a priority value (0 to 255) that is configured on each router in the group. By default, the priority is 100. The router with the highest priority value (255 is highest) becomes the active router for the group. If all router priorities are equal or set to the default value, the router with the highest IP address on the HSRP interface becomes the active router. To set the priority, use the following interface configuration command: Switch(config-if)# standby group priority priority
When HSRP is configured on an interface, the router progresses through a series of states before becoming active. This forces a router to listen for others in a group and see where it fits into the pecking order. The HSRP state sequence is Disabled, Init, Listen, Speak, Standby, and, finally, Active.
You can configure a router to preempt or immediately take over the active role if its priority is the highest at
any time. Use the following interface configuration command to allow preemption:
Switch(config-if)# standby group preempt [delay seconds]

QUESTION 20
Which statement correctly describes enabling BPDU guard on an access port that is also enabled for PortFast?
A. Upon startup, the port transmits 10 BPDUs. If the port receives a BPDU, PortFast and BPDU guard are disabled on that port and it assumes normal STP operation.
B. The access port ignores any received BPDU.
C. If the port receives a BPDU, it is placed into the error-disable state.
D. BPDU guard is configured only globally and the BPDU filter is required for port-level configuration.
Correct Answer: C Section: STP Protection Explanation
Explanation/Reference:
Explanation:

Exam C QUESTION 1
Match the Attributes on the left with the types of VLAN designs on right.

Select and Place:

Correct Answer: Section: VLANs, Trunks Explanation
Explanation/Reference:
QUESTION 2
DRAG DROP
Place the local and distributed VLAN functions on the left into the associated boxes on the right.

Select and Place:

Correct Answer:

Section: VLANs, Trunks Explanation
Explanation/Reference:
QUESTION 3
You have been tasked with planning a VLAN solution that will connect a server in one buliding to several hosts in another building. The solution should be built using the local vlan model and layer 3 switching at the distribution layer. Identify the questions related to this vlan solution that would ask the network administrator before you start the planning by dragging them into the target zone one the right. Not all questions will be used.

Select and Place: Correct Answer:
Section: VLANs, Trunks Explanation
Explanation/Reference:
In local vlan solition common VTP mode is transparent
CREATE A VLAN BASED IMPLEMENTATION PLAN Foundation Learning Guide Chapter 2 pg. 58-59 Subnets and associated VLANs VLAN Number VLAN Name VLAN Purpose VLAN to IP Address Scheme Physical location of VLANs (determine which switch has which VLANs) Assignment method (dot1x etc.) Placement of trunks, native VLAN for trunks, and allowed VLANs on trunks VTP configuration Quick Reference Guide Chapter 2 pg. 14 VLAN numbering, naming, and IP addressing scheme VLAN placement (local or multiple switches) Trunk requirements VTP parameters Test and verification plan From Foundation Learning Guide The following steps outline the considerations you need to make with regards to using an SVI: 1) On your L3 switch identify the VLANs that require a default gateway. 2) For any SVI’s not already present on your L3 switch you will need to create then. As such you will need to decide on suitable numbering for the SVI (should be the VLAN ID number) plus an IP address to associate with it. Don’t forget to No Shutdown the interface. 3) To perform L3 routing functions you need to set the L3 switch to be able to perform the routing. To achieve this use the global command – #ip routing – this will enable to switch to route between your VLANs 4) Define any appropriate dynamic routing protocols. Typically required if you are configuring a larger enterprise network that may be subject to change. You can deploy RIP, EIGRP, OSPF which ever you feel is appropriate. 5) Finally with the information above gathered consider if you require any given SVI to be excluded from contributing to the SVI state Up-Down calculation. Do this using the ‘Autostate’ feature
QUESTION 4
You have a VLAN implementation that requires inter-vlan routing using layer 3 switches. Drag the steps on

Select and Place:

Correct Answer:

Section: VLANs, Trunks

Explanation Explanation/Reference:
QUESTION 5
Categorize the high availability network resource or feature with the management level, network level, or

Select and Place:

Correct Answer:

Section: Supervisor and Route Processor Redundancy Explanation
Explanation/Reference:
QUESTION 6
Place the DTP mode with its correct description.

Select and Place:

Correct Answer:
Section: VLANs, Trunks Explanation
Explanation/Reference:
1.
trunk: This setting places the port in permanent trunking mode. The corresponding switch port at the other end of the trunk should be similarly configured because negotiation is not allowed. You should also manually configure the encapsulation mode.

2.
dynamic desirable: The port actively attempts to convert the link into trunking mode. If the far-end switch port is configured to trunk, dynamic desirable, or dynamic auto mode, trunking is successfully negotiated.

3.
dynamic auto: The port converts the link into trunking mode. If the far-end switch port is configured to trunk or dynamic desirable, trunking is negotiated. Because of the passive negotiation behavior, the link never becomes a trunk if both ends of the link are left to the dynamic auto default.

4.
Negotiate: The encapsulation is negotiated to select either ISL or IEEE 802.1Q, whichever is supported by both ends of the trunk. If both ends support both types, ISL is favored.

5.
Access: Puts the interface into access mode that mean interface is in non-trunking mode.

6.
Nonegotiate: Forces the port to permanently trunk but not send DTP frames. For use when the DTP frames confuse the neighboring (non-Cisco) 802.1q switch. You must manually set the neighboring switch to trunking.
QUESTION 7
Drag the port states on the left, to their correct description on the right.

Select and Place:

Correct Answer:
Section: STP Explanation
Explanation/Reference:
After the bridges have determined which ports are Root Ports, Designated Ports, and non-Designated Ports, STP is ready to create a loop-free topology. To do this, STP configures Root Ports and Designated Ports to forward traffic. STP sets non-Designated Ports to block traffic. Although Forwarding and Blocking are the only two states commonly seen in a stable network, there are actually five STP states. This list can be viewed hierarchically in that bridge ports start at the Blocking state and work their way up to the Forwarding state. The Disabled state is the administratively shutdown STP state. It is not part of the normal STP port processing. After the switch is initialized, ports start in the Blocking state. The Blocking state is the STP state in which a bridge listens for BPDUs.
A port in the Blocking state does the following:
1.
Discards frames received from the attached segment or internally forwarded through switching

2.
Receives BPDUs and directs them to the system module

3.
Has no address database

4.
Does not transmit BPDUs received from the system module

5.
Receives and responds to network management messages but does not transmit them If a bridge thinks it is the Root Bridge immediately after booting or in the absence of BPDUs for a certain period of time, the port transitions into the Listening state. The Listening state is the STP state in which no user data is being passed, but the port is sending and receiving BPDUs in an effort to determine the active topology.
A port in the Listening state does the following:
1.
Discards frames received from the attached segment or frames switched from another port

2.
Has no address database

3.
Receives BPDUs and directs them to the system module

4.
Processes BPDUs received from the system module (Processing BPDUs is a separate action from receiving or transmitting BPDUs)

5.
Receives and responds to network management messages
It is during the Listening state that the three initial convergence steps take place – elect a Root Bridge, elect Root Ports, and elect Designated Ports. Ports that lose the Designated Port election become non-Designated Ports and drop back to the Blocking state. Ports that remain Designated Ports or Root Ports after 15 seconds – the default Forward Delay STP timer value – progress into the Learning state. The lifetime of the Learning state is also governed by the Forward Delay timer of 15 seconds, the default setting. The Learning state is the STP state in which the bridge is not passing user data frames but is building the bridging table and gathering information, such as the source VLANs of data frames. As the bridge receives a frame, it places the source MAC address and port into the bridging table. The Learning state reduces the amount of flooding required when data forwarding begins.
A port in the Learning state does the following:
1.
Discards frames received from the attached segment

2.
Discards frames switched from another port for forwarding

3.
Incorporates station location into its address database

4.
Receives BPDUs and directs them to the system module

5.
Receives, processes, and transmits BPDUs received from the system module

6.
Receives and responds to network management messages
If a port is still a Designated Port or Root Port after the Forward Delay timer expires for the Learning state, the port transitions into the Forwarding state. The Forwarding state is the STP state in which data traffic is both sent and received on a port. It is the “last” STP state. At this stage, it finally starts forwarding user data frames.
A port in the Forwarding state does the following:
1.
Forwards frames received from the attached segment

2.
Forwards frames switched from another port for forwarding

3.
Incorporates station location information into its address database

4.
Receives BPDUs and directs them to the system module

5.
Processes BPDUs received from the system module

6.
Receives and responds to network management messages
QUESTION 8
Specifies the kind of messages, by severity level, to be sent to the syslog server.
Select and Place:

Correct Answer:
Section: Network Monitoring Explanation
Explanation/Reference:
http://www.ciscopress.com/articles/article.asp?p=426638&seqNum=3
QUESTION 9
Drag the choices on the left to the boxes on the right that should be included when creating a VLAN-based
implementation plan.
Not all choices will be used.
Select and Place:

Correct Answer:

Section: VLANs, Trunks Explanation
Explanation/Reference:
QUESTION 10
Drag snmp versions and associated features
Select and Place:

Correct Answer:

Section: Network Monitoring Explanation
Explanation/Reference:
QUESTION 11
Drag HSRP states
Select and Place:

Correct Answer:

Section: HSRP
Explanation
Explanation/Reference:
HSRP defines six states in which an HSRP-enabled router can exist:
1.
Initial – This is the state from which the routers begin the HSRP process. This state indicates that HSRP is not running. It is entered via a configuration change or when an interface first comes up.

2.
Learn – The router has not determined the virtual IP address, and has not yet seen an authenticated hello message from the active router. In this state the router is still waiting to hear from the active router.

3.
Listen – The router knows the virtual IP address, but is neither the active router nor the standby router. It listens for hello messages from those routers. Routers other than the active and standby router remain in the listen state.

4.
Speak – The router sends periodic hello messages and is actively participating in the election of the active or standby router. A router cannot enter Speak state unless it has the virtual IP address.

5.
Standby – The router is a candidate to become the next active router and sends periodic hello messages. Excluding transient conditions, there must be at most one router in the group in Standby state.

6.
Active – The router is currently forwarding packets that are sent to the group virtual MAC address. The router sends periodic hello messages. Excluding transient conditions, there must be at most one router in Active state in the HSRP group.
QUESTION 12
Drag and Drop Local VLAN’s vs End-To-END VLANS
Select and Place:

Correct Answer:

Section: VLANs, Trunks Explanation
Explanation/Reference:
QUESTION 13
Drag & Drop

Select and Place: Correct Answer:

Section: IP Telephony Explanation Explanation/Reference:
QUESTION 14

Select and Place: Correct Answer:
Section: VTP Explanation Explanation/Reference:
QUESTION 15

Select and Place: Correct Answer:
Section: VLANs, Trunks Explanation Explanation/Reference:
QUESTION 16

Select and Place:

Correct Answer:

Section: WLANs Explanation
Explanation/Reference:
QUESTION 17
Wireless LWAPP Association and Discovery Process Drag & Drop
Note not all options are used

Select and Place: Correct Answer:
Section: WLANs Explanation
Explanation/Reference:
This is the correct answer: (1. The IP address is statically configured on the lightweigh AP.)
2.
The lightweight AP requests an IP address via DHCP

3.
The lightweight AP searches for a wireless LAN controller using LWAPP in Layer 2 mode.

4.
The lightweight AP sends a LWAPP Discovery Request to the management IP address of the wireless LAN controller via broadcast

5.
The wireless LAN controller responds with a Discovery Response from the Manager IP address.

6.
The lightweight AP chooses the AP Manager with the least number of associated access points and sends the join request.
==========================================================================
From Cisco:
Register the LAP with the WLC:
This sequence of events must occur in order for an LAP to register to a WLC:
1.The LAPs issue a DHCP discovery request to get an IP address, unless it has previously had a static IP address configured.
2.The LAP sends LWAPP discovery request messages to the WLCs.
3.Any WLC that receives the LWAPP discovery request responds with an LWAPP discovery response message.
4.From the LWAPP discovery responses that the LAP receives, the LAP selects a WLC to join.
5.The LAP then sends an LWAPP join request to the WLC and expects an LWAPP join response.
6.The WLC validates the LAP and then sends an LWAPP join response to the LAP.
7.The LAP validates the WLC, which completes the discovery and join process. The LWAPP join process includes mutual authentication and encryption key derivation, which is used to secure the join process and future LWAPP control messages.
8.The LAP registers with the controller.
The first problem that the LAP faces is how to determine where to send the LWAPP discovery requests (step 2). The LAP uses a hunting procedure and a discovery algorithm in order to determine the list of WLCs to which the LAP can send the discovery request messages.
This procedure describes the hunting process:
1.The LAP issues a DHCP request to a DHCP server in order to get an IP address, unless an assignment was made previously with a static IP address.
2.If Layer 2 LWAPP mode is supported on the LAP, the LAP broadcasts an LWAPP discovery message in a Layer 2 LWAPP frame. Any WLC that is connected to the network and that is configured for Layer 2 LWAPP mode responds with a Layer 2 discovery response. If the LAP does not support Layer 2 mode, or if the WLC or the LAP fails to receive an LWAPP discovery response to the Layer 2 LWAPP discovery message broadcast, the LAP proceeds to step 3.
3.If step 1 fails, or if the LAP or the WLC does not support Layer 2 LWAPP mode, the LAP attempts a Layer 3 LWAPP WLC discovery.
See the Layer 3 LWAPP WLC Discovery Algorithm section of this document.
4.If step 3 fails, the LAP resets and returns to step 1.
Note: If you want to specify an IP address for an access point instead of having one assigned automatically by a DHCP server, you can use the controller GUI or CLI to configure a static IP address for the access point. Refer to the Configuring a Static IP Address on a Lightweight Access Point section of the WLC Configuration guide for more information. If the LAP is assigned a static IP address and can not reach the WLC, it falls back to DHCP.
Source: http://www.cisco.com/en/US/tech/tk722/tk809/technologies_tech_note09186a00806c9e51.shtml
QUESTION 18
What is the result of entering the command “port-channel load-balance src-dst-ip” on an EtherChannel link?
A. Packets are distributed across the ports in the channel based on the source and destination MAC addresses.
B. Packets are distributed across the ports in the channel based on the source and destination IP addresses.
C. Packets are balanced across the ports in the channel based first on the source MAC address, then on the destination MAC address, then on the IP address.
D. Packets are distributed across the access ports in the channel based first on the source IP address and then on the destination IP addresses.
Correct Answer: B Section: EtherChannels Explanation
Explanation/Reference:
Explanation:
QUESTION 19
Which Cisco IOS command globally enables port-based authentication on a switch?
A. aaa port-auth enable
B. radius port-control enable
C. dot1x system-auth-control
D. switchport aaa-control enable
Correct Answer: C Section: Access Security Explanation
Explanation/Reference:
Explanation:
QUESTION 20
Which two steps are necessary to configure inter-VLAN routing between multilayer switches? (Choose two.)
A. Configure a dynamic routing protocol.
B. Configure SVI interfaces with IP addresses and subnet masks.
C. Configure access ports with network addresses.
D. Configure switch ports with the autostate exclude command.
E. Document the MAC addresses of the switch ports.
Correct Answer: AB Section: MultiLayer Switching Explanation
Explanation/Reference:
Explanation:

Exam D

This volume is part of the Exam Certification Guide Series from Cisco 642-813.Cisco 642-813 in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco 642-813 Certification candidates identify weaknesses,concentrate their study efforts,and enhance their confidence as Cisco 642-813 exam day nears.

Cisco 642-813 Questions, Help To Pass Cisco 642-813 New Questions Are The Best MaterialsCisco 642-813 Questions, Help To Pass Cisco 642-813 New Questions Are The Best Materials

Good News!who Want to get Cisco 642-813 Certified? We know that the Cisco 642-813 certification exam is challenging, but with the new version Cisco 642-813 exam dumps, you will pass the exam easily and quickly. Free download the VCE and PDF files on Flydumps.com

Exam A
QUESTION 1
The network operations center has received a call stating that Users in VLAN 107 are unable to access resources through R1. From the information contained in the graphic, what is the cause of this problem?

A. spanning tree is not enabled on VLAN 107
B. VTP is pruning VLAN 107
C. VLAN 107 does not exist on switch SA
D. VLAN 107 is not configured on the trunk
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation:
“VLAN allowed on trunk” Each trunk allows all VLANs by default. However, administrator can remove or add to the list by using the “switchport trunk allowed” command.
“VLANs allowed and active in management” To be active, a VLAN must be in this list.
“VLANs in spanning tree forwarding state and not pruned” This list is a subset of the “allowed and active” list but with any VTP-pruned VLANs removed.
All VLANs were configured except VLAN 101 so D is not correct. VLAN 107 exists in the “allowed and active” section so A and C are not correct, too. In the “forwarding state and not pruned” we dont see VLAN 107 so the administrator had wrongly configured this VLAN as pruned.
QUESTION 2
Study the diagram below carefully, which three statements are true? (Choose three)

A. DTP packets are sent from Switch SB.
B. DTP is not running on Switch SA.
C. A trunk link will be formed.
D. The native VLAN for Switch SB is VLAN 1.

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
Explanation:
Dynamic Trunking Protocol (DTP) is the Cisco-proprietary that actively attempts to negotiate a trunk link between two switches. If an interface is set to switchport mode dynamic desirable, it will actively attempt to convert the link into trunking mode. If the peer port is configured as switchport mode trunk, dynamic desirable, or dynamic auto mode, trunking is negotiated successfully -> C is correct.
SB is in “dynamic desirable” mode so it will send DTP packets to SA to negotiate a trunk link -> A is correct.
On an 802.1Q trunk, DTP packets are sent on the native VLAN. By default, it is VLAN 1 (notice that SAs native VLAN is 5) -> D is correct.
(Note: an 802.1Q trunks native VLAN is the only VLAN that has untagged frames)
Below is the switchport modes for easy reference:
Mode Function
Dynamic Auto Creates the trunk based on the DTP request from the neighboring switch.
Communicates to the neighboring switch via DTP that the interface would Dynamic like Desirable to become a trunk if the neighboring switch interface is able to become a trunk.
Automatically enables trunking regardless of the state of the neighboring Trunk switch and regardless of any DTP requests sent from the neighboring switch.
Trunking is not allowed on this port regardless of the state of the neighboring switch interface and regardless of any DTP requests sent from the Access neighboring switch.
Prevents the interface from generating DTP frames. This command can be used only when the interface switchport mode is access or trunk. You must Nonegotiate manually configure the neighboring interface as a trunk interface to establish a trunk link.
QUESTION 3
Regarding the exhibit and the partial configuration of switch SA and SB. STP is configured on all switches in the network. SB receives this error message on the console port:
00:06:34:
%CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/5 (not half duplex), with SA FastEthernet0/4 (half duplex), with TBA05071417(Cat6K-B) 0/4 (half duplex).

A.
The root port on switch P4S-SB will fall back to full-duplex mode.

B.
The interfaces between switches P4S-SA and P4S-SB will transition to a blocking state

C.
The root port on switch P4S-SA will automatically transition to full-duplex mode.

D.
Interface Fa0/6 on switch SB will transit to a forwarding state and create a bridging loop.
What would be the possible outcome of the problem?

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Explanation:
From the output, we learned that the interfaces on two switches are operating in different duplex modes: Fa0/4 of SA in half-duplex mode & Fa0/5 of SB in full-duplex mode. In this case, because SB is operating in full duplex mode, it does not check the carrier sense before sending frames (CSMA/CD is not used in full-duplex mode). Therefore, SB can start to send frames even if SA is using the link and a collision will occur. The result of this is SA will wait a random time before attempting to transmit another frame. If B sends enough frames to A to make every frame sent from A (which includes the BPDUs) get dropped then SB can think it has lost root bridge (B does not receive BPDUs from A anymore). Therefore SB will unblock its Fa0/6 interface for transmitting and cause a bridging loop.
QUESTION 4
What is a characteristic of multi-VLAN access ports?
A. The port has to support STP PortFast.
B. The auxiliary VLAN is for data service and is identified by the PVID.
C. The port hardware is set as an 802.1Q trunk.
D. Both the voice service and data service use the same trust boundary.
Correct Answer: C Section: (none) Explanation Explanation/Reference:
Explanation
The multi-VLAN port feature on the Catalyst 2900 XL/3500 XL switches allows for configuring a single port
in two or more VLANs. This feature allows users from different VLANs to access a server or router without
implementing InterVLAN routing capability. A multi-VLAN port performs normal switching functions in all its
assigned VLANs. VLAN traffic on the multi- VLAN port is not encapsulated as it is in trunking -> The port is
set as an 802.1Q trunk -> C is correct.

Note: The limitations of implementing multi-VLAN port features are listed below.

1) You cannot configure a multi-VLAN port when a trunk is configured on the switch. You must connect the
multi-VLAN port only to a router or server. The switch automatically transitions to VTP transparent mode
when the multi-VLAN port feature is enabled, making the VTP disabled.

2) The multi-VLAN port feature is supported only on the Catalyst 2900 XL/3500 XL series switches. This
feature is not supported on the Catalyst 4000/5000/6000 series or any other Cisco Catalyst switches.

The following example shows how to configure a port for multi-VLAN mode:
Switch(config-if)# switchport mode multi
The following example shows how to assign a multi-VLAN port already in multi mode to a range of VLANs:
Switch(config-if)# switchport multi vlan 5-10

QUESTION 5
The Company LAN switches are being configured to support the use of Dynamic VLANs. Which of the following are true of dynamic VLAN membership? (Choose two)
A. VLAN membership of a user always remains the same even when he/she is moved to another location.
B. VLAN membership of a user always changes when he/she is moved to another location.
C. Membership can be static or dynamic.
D. Membership can be static only.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference:
Explanation
Please read the explanation of
QUESTION 6
Static VLANs are being used on the Company network. What is true about static VLANs?
A. Devices use DHCP to request their VLAN.
B. Attached devices are unaware of any VLANs.
C. Devices are assigned to VLANs based on their MAC addresses,
D. Devices are in the same VLAN regardless of which port they attach to.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation
The VLAN tags are only added/removed at the switches. Attached devices are unaware of the existence of VLAN in the network.
QUESTION 7
The Company LAN is becoming saturated with broadcasts and multicast traffic. What could you do to help a network with many multicasts and broadcasts?
A. Creating smaller broadcast domains by implementing VLANs.
B. Separate nodes into different hubs.
C. Creating larger broadcast domains by implementing VLANs.
D. Separate nodes into different switches.
E. All of the above.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation
By default, switches flood multicasts out all ports (same as broadcasts). However, many switches and routers can be configured to support multicast traffic, and that support is based on the network addresses uses by multicasts. By implementing VLANs, broadcasts and multicast traffic are only sent to ports in the same VLAN of the sending device.
QUESTION 8
You have configured a Cisco Catalyst switch to perform Layer 3 routing via an SVI and have assigned that interface to VLAN 20. To check the status of the SVI, you issue the show interfaces vlan 20 command at the CLI prompt. You see from the output display that the interface is in an “up/up” state. What must be true in an SVI configuration to bring the VLAN and line protocol up?
A. The port must be physically connected to another Layer 3 device.
B. At least one port in VLAN 20 must be active.
C. The Layer 3 routing protocol must be operational and receiving routing updates from neighboring peer devices.
D. Because this is a virtual interface, the operational status will always be in an “up/up” state.
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation
To be “up/up,” a router VLAN interface must fulfill the following general conditions:
*
The VLAN exists and is “active” on the VLAN database of the switch.

*
The VLAN interface exists on the router and is not administratively down.

*
At least one Layer 2 (access port or trunk) port exists, has a link “up” on this VLAN and is in spanning-tree forwarding state on the VLAN.
(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/37sg/configuration/guides/l3_i nt.html)
Lets see an example of configuring Switch Virtual Interface (SVI) to perform interVLAN routing between PC0 & PC1:

Configuration //Create two VLANs L3Switch(config)#vlan 10
L3Switch(config-vlan)#vlan 20
L3Switch(config-vlan)#exit L3Switch(config)#interface fa0/1 L3Switch(config-if)#switchport mode access L3Switch(config-if)#switchport access vlan 10
L3Switch(config)#interface fa0/2 L3Switch(config-if)#switchport mode access L3Switch(config-if)#switchport access vlan 20 L3Switch(config-if)#exit
//Enable IP routing on this Layer 3 Switch L3Switch(config)#ip routing //Create two SVIs for interVLAN routing: L3Switch(config)#interface vlan 10
L3Switch(config-if)#ip address 10.0.0.1 255.255.255.0
L3Switch(config)#interface vlan 20 L3Switch(config-if)#ip address 20.0.0.1 255.255.255.0 On PC0, assign the IP address 10.0.0.2 255.255.255.0 and the default gateway: 10.0.0.1 On PC1, assign
the IP address 20.0.0.2 255.255.255.0 and the default gateway: 20.0.0.1 Now we can ping from PC0 to PC1: PC0>ping 20.0.0.2 Pinging 20.0.0.2 with 32 bytes of data: Reply from 20.0.0.2: bytes=32 time=40ms TTL=127
Reply from 20.0.0.2: bytes=32 time=40ms TTL=127 Reply from 20.0.0.2: bytes=32 time=40ms TTL=127 Reply from 20.0.0.2: bytes=32 time=40ms TTL=127
QUESTION 9
What two pieces of information will the show vlan id 5 command display? (Choose two)
A. Ports in VLAN 5
B. Utilization
C. VLAN information on port 0/5
D. Filters
E. MTU and type
Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
Explanation
The show vlan id vlan-id command display information about a particular VLAN. But notice that this command will also list trunk ports that allow this VLAN to run on. An example of the “show vlan id” command is shown below:

QUESTION 10
What are some virtues of implementing end-to-end VLANs? (Choose two)
A. End-to-end VLANs are easy to manage.
B. Users are grouped into VLANs independent of a physical location.
C. Each VLAN has a common set of security and resource requirements for all members.
D. Resources are restricted to a single location.
Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
Explanation
There are two kinds of VLANs:

*
End-to-end VLANs: also called campuswide VLANs, span the entire switch fabric of a network. They are positioned to support maximum flexibility and mobility of end devices. Users can be assigned to VLANs regardless of their physical location. As a user moves around the campus, that users VLAN membership stays the same. End-to-end VLANs should group users according to common requirements. All users in a VLAN should have roughly the same traffic flow patterns

*
Local VLANs: based on geographic locations by demarcation at a hierarchical boundary (core, distribution, access)
(Reference: CCNP SWITCH 642-813 Official Certification Guide)
QUESTION 11
Which two statements are true about a switched virtual interface (SVI)? (Choose two)
A. An SVI is created by entering the no switchport command in interface configuration mode.
B. An SVI is normally created for the default VLAN (VLAN1) to permit remote switch administration.
C. An SVI provides a default gateway for a VLAN.
D. Multiple SVIs can be associated with a VLAN.
E. SVI is another name for a routed port.
Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
Explanation
Catalyst L2 fixed configuration switches that run Cisco IOS Software have only one configurable IP management interface, which by default is interface VLAN 1. Pure layer 2 switches can have only one interface VLAN up at the time. This is called the management VLAN (in IOS) or the sc0 interface (in CatOS). The main purpose of this interface is management (telnet, SNMP, etc). If the switch is a Layer 3 switch, you can configure multiple VLANs and route between them. An L3 switch can handle multiple IPs, so there is no specific management VLAN on the switch.
(Reference: http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a008010e9c a.shtml)
QUESTION 12
Two switches SA and SB are connected as shown below. Given the below partial configuration, which two statements are true about VLAN traffic? (Choose two)

A. VLANs 1-5 will be blocked if fa0/10 goes down.
B. VLANs 6-10 have a port priority of 128 on fa0/10.
C. VLANs 6-10 will use fa0/10 as a backup only.
D. VLANs 1-10 are configured to load share between fa0/10 and fa0/12.
Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
Explanation: Lets assume that SA is the root bridge for all VLANs, it will make the explanation a bit clearer…
First we should understand what will happen if nothing is configured (use default values). Because we assumed that SA is the root bridge so all of its ports will forward. SB will need to block one of its ports to avoid a bridging loop between the two switches. But how does SB select its blocked port? Well, the answer is based on the BPDUs it receives from SA. A BPDU is superior than another if it has:
1.
A lower Root Bridge ID

2.
A lower path cost to the Root

3.
A lower Sending Bridge ID

4.
A lower Sending Port ID
These four parameters are examined in order. In this specific case, all the BPDUs sent by SA have the same Root Bridge ID, the same path cost to the Root and the same Sending Bridge ID. The only parameter left to select the best one is the Sending Port ID (Port ID = port priority + port index). If using default values, the default port prioritys value is 32 or 128 (128 is much more popular today but 32 is also a default port prioritys value), so SB will compare port index values, which are unique to each port on the switch, and because Fa0/12 is inferior to Fa0/10, SB will select the port connected with Fa0/10 (of SA) as its root port and block the other port.

To change the default decision of selecting root port, we can change the port priority of each interface. The above picture is true for VLAN 1-5 because port Fa0/10 has a lower port-priority so the peer port will be chosen as the root port. For VLAN 6-10, port Fa0/12 has higher priority ID (lower port priority value) so SB will block its upper port.
For answer A “VLANs 1-5 will be blocked if fa0/10 goes down” is not correct because if Fa0/10 goes down, SB will unblock its lower port therefore VLANs 1-5 will still operate.
For answer B “VLANs 6-10 have a port priority of 128 on fa0/10 is not always correct because VLAN 6-10 can have a different port priority (of 32) according to the Ciscos link below.
Answer C is correct because VLAN 6-10 uses Fa0/12 link as it main path. Fa0/10 is the backup path and is only opened when port Fa0/12 fails.
Answer D is correct because this configuration provide load-balance traffic based on VLAN basis. VLANs 1-5 use Fa0/10 and VLANs 6-10 use Fa0/12 as their main paths.
Note: We can not assure the answer B is always correct so we should choose C and D if the question asks us to give only 2 choices).
Reference (and good resource, too):
http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a00800ae96a.shtml
QUESTION 13
You have just created a new VLAN on your network. What is one step that you should include in your VLAN based implementation and verification plan?
A. Verify that trunked links are configured to allow the VLAN traffic.
B. Verify that the switch is configured to allow for trunking on the switch ports.
C. Verify that each switch port has the correct IP address space assigned to it for the new VLAN.
D. Verify that different native VLANs exist between two switches for security purposes.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation
A VLAN-based implementation and verification plan should include:
*
Verification that trunked links are configured to allow the newly created VLANs.

*
Verification that the SVI has already been created and that it shows up on all required switches using the show vlan command.
QUESTION 14
The network administrator needs to enable VTP pruning within the network. What action should a network administrator take to enable VTP pruning on an entire management domain?
A. enable VTP pruning on every switch in the domain
B. enable VTP pruning on any client switch in the domain
C. Enable VTP pruning on any switch in the management domain
D. enable VTP pruning on a VTP server in the management domain
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 15
You have just created a new VLAN on your network for inter-VLAN routing. What is one step that you should include in your VLAN-based implementation and verification plan?
A. Verify that different native VLANs exist between two switches for security purposes.
B. Verify that the switch is configured to allow for trunking on the switch ports.
C. Verify that each switch port has the proper IP address space assigned to it for the new VLAN.
D. Verify that the VLAN virtual interface has been correctly created and enabled.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 16
Under what circumstances should an administrator prefer local VLANs over end-to-end VLANs?
A. Eighty percent of traffic on the network is destined for Internet sites.
B. There are common sets of traffic filtering requirements for workgroups located in multiple buildings.
C. Eighty percent of a workgroups traffic is to the workgroups own local server.
D. Users are grouped into VLANs independent of physical location.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
Explanation End-to-end VLAN follows the 80/20 rule in which 80 percent of user traffic stays within the local workgroup, whereas 20 percent is destined for a remote resource in the campus network (like Internet…).
In contrast to end-to-end-VLAN, local VLAN follows the 20/80 rule: only 20 percent of traffic is local, whereas 80 percent is destined to a remote re-source across the core layer -> A is correct.
(Reference: CCNP SWITCH 642-813 Official Certification Guide)
QUESTION 17
You are assigning VLANs to the ports of switch R1. What VLAN number value is an assigned to the default VLAN?
A VLAN 1003
A. VLAN 1
B. VLAN ON
C. VLAN A
D. VLAN 0
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 18
What is a characteristic of a static VLAN membership assignment?
A. VMPS server lookup is required
B. Easy to configure
C. Ease of adds, moves, and changes
D. Based on MAC address of the connected device
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
Explanation
There are two types of VLAN membership assignment:
*
Static VLAN: switch ports are assigned to specific VLANs manually

*
Dynamic VLAN: switch automatically assigns the port to a VLAN using information from the user device like MAC address, IP address etc. When a device is connected to a switch port, the switch must, in effect, query a database to establish VLAN membership.
Static VLAN assignment provides a simple way to assign VLAN to a port while Dynamic VLANs allow a great deal of flexibility and mobility for end users but require more administrative overhead.
QUESTION 19
Which two statements are true about best practices in VLAN design? (Choose two.)
A. Routing should occur at the access layer if voice VLANs are utilized. Otherwise, routing should occur at the distribution layer.
B. Routing may be performed at all layers but is most commonly done at the core and distribution layers.
C. Routing should not be performed between VLANs located on separate switches.
D. VLANs should be local to a switch.
E. VLANs should be localized to a single switch unless voice VLANs are being utilized.
Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
Explanation
First lets review main characteristics of three layers in a campus network:
* Access layer:

+
Low cost per switch port
+
High port density
+
Scalable uplinks to higher layers
+
User access functions such as VLAN membership, traffic and protocol filtering, and quality of service
(QoS)
+
Resiliency through multiple uplinks

* Distribution Layer:

+
Aggregation of multiple access-layer devices
+
High Layer 3 throughput for packet handling
+
Security and policy-based connectivity functions through access lists or packet filters + QoS features
+
Scalable and resilient high-speed links to the core and access layers

* Core layer:

+
Very high throughput at Layer 3
+
No costly or unnecessary packet manipulations (access lists, packet filtering) + Redundancy and
resilience for high availability
+
Advanced QoS functions
We can see at Distribution and Core layers, Layer 3 throughput (routing) is very high -> B is correct.

Nowadays, end-to-end VLANs are not recommended in an enterprise network, unless there is a good reason. In an end-to-end VLAN, broadcast traffic is carried over from one end of the network to the other, creating the possibility for a broadcast storm or Layer 2 bridging loop to spread across the whole extent of a VLAN. This can exhaust the bandwidth of distribution and core-layer links, as well as switch CPU resources. Now the storm or loop has disrupted users on the end-to-end VLAN, in addition to users on other VLANs that might be crossing the core.
When such a problem occurs, troubleshooting becomes more difficult. In other words, the risks of end-to-end VLANs outweigh the convenience and benefits.
From that we can infer VLAN traffic should be local to the switch -> D is correct.
(Reference: CCNP SWITCH 642-813 Official Certification Guide)
QUESTION 20

Refer to the exhibit. The user who is connected to interface FastEthernet 0/1 is on VLAN 10 and cannot access network resources. On the basis of the information in the exhibit, which command sequence would correct the problem?
A. SW1(config)# vlan 10 SW1(config-vlan)# no shut
B. SW1(config)# interface fastethernet 0/1 SW1(config-if)# switchport mode access SW1(config-if)# switchport access vlan 10
C. SW1(config)# interface fastethernet 0/1 SW1(config-if)# switchport mode access
D. SW1(config)# vlan 10 SW1(config-vlan)# state active
E. SW1(config)# interface fastethernet 0/1 SW1(config-if)# no shut

Correct Answer: E Section: (none) Explanation
Explanation/Reference:

Cisco 642-813 Exam Certification Guide presents you with an organized test preparation routine through the use of proven series elements and techniques.“Do I Know This Already?”quizzes open each chapter and allow you to decide how much time you need to spend on each section.Cisco 642-813 lists and Foundation Summary tables make referencing easy and give you a quick refresher whenever you need it.Challenging Cisco 642-813 review questions help you assess your knowledge and reinforce key concepts.Cisco 642-813 exercises help you think about exam objectives in real-world situations, thus increasing recall during exam time.