Hub for All Education Needs
Which load-balancing algorithm does GLBP use by default?Answer:Round-robin load-balancing is the default load-balancing method used by Gateway Load Balancing Protocol (GLBP).The active virtual gateway (AVG) can be configured to use one of three load-balancing algorithms when selecting which active virtual forwarder (AVF) MAC address to use in its ARP response.Round-Robin Load-Balancing: Using round-robin load-balancing, the … Read more
What Cisco Catalyst switch feature can be used to define ports as trusted for DHCP server connections?Answer:DHCP snooping is used to define ports as trusted for DHCP server connections. The purpose of DHCP snooping is to mitigate DHCP spoofing attacks. DHCP spoofing is an attack that can be used to force user traffic through an … Read more
Which statement about VLAN pruning on trunk ports is true? Question: Which statement about VLAN pruning on trunk ports is true? Options: Manually pruning extended VLANs increases switch security. Manually pruning VLANs reduces unnecessary forwarding of broadcast traffic. Broadcast traffic for a manually pruned VLAN is allowed to cross the trunk port. VLAns can be … Read more
Which routers comprise a VRRP group?Answer:Virtual Router Redundancy Protocol (VRRP) enables a group of routers to form a single virtual router, known as a VRRP group. Routers are configured in VRRP groups to provide redundancy for a virtual IP address shared among members of the VRRP group. Each group is comprised of a master router … Read more
You want to create a VTP domain named myvtpdomain and define this switch as one that can be configured with VLANs and advertises VLAN changes to other switches.What commands should you use? (Choose two.)Answer:To create a VTP domain and configure the switch so it can configure and advertise VLANs (server mode), use the global configuration … Read more
What command disables 802.1x authentication on a port and permits traffic without authentication?Answer:The command dot1x port-control force-authorized is used to disable 802.1x on a port and permit traffic without authentication. Dot1x ports are in one of two states, authorized or unauthorized. Authorized ports permit user traffic to flow through the port. This state usually follows … Read more
You are configuring dynamic ARP inspection. Which command must you configure on the device to detect unexpected IP addresses in the ARP packet?Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/16-6/configuration_guide/sec/b_166_sec_9500_cg/configuring_dynamic_arp_inspection.pdf Question: Which command must you configure on the device to detect unexpected IP addresses in the ARP packet? Options: ip verify source ip arp inspection validate ip ip arp inspection trust … Read more
Which next-hop router redundancy protocol provides backup for an assigned real IP address?Answer:Using VRRP, the shared address of the next-hop router redundancy group can be the real address of a router interface.Virtual Router Redundancy Protocol (VRRP) is defined in RFC 2338. VRRP enables a group of routers to form a single virtual router, known as … Read more
What attack technique can be used to force user traffic through an attacking device, causing a man-in-the-middle attack?Answer:DHCP spoofing is an attack that can be used to force user traffic through an attacking device. This is accomplished by an attacker responding to DHCP queries form users. Eliminating the response from the correct DHCP server would … Read more
Which command enables you to determine the spanning-tree guard features that are enabled globally? Question: Which command enables you to determine the spanning-tree guard features that are enabled globally? Options: show spanning-tree show spanning-tree summary show spanning-tree active show spanning-tree detail Correct Answer The Correct Answer for this Question is show spanning-tree detail