B, D. This question requires that you work through the reasons why a port is listed as a particular type of STP port per the Type column in the output of the show spanning-tree vlan 10 command. To begin, keep in mind that a port must have PortFast enabled to be listed as an edge port. That configuration requires either the spanning-tree portfast interface subcommand or through setting the switch to use PortFast as a default with the spanning-tree portfast default global command. Answer choice A shows a type that includes "edge" and the reason listed has nothing to do with PortFast, so that answer is incorrect.
For the other incorrect answer, C, the trunking status of a port does not impact the STP Type as listed in the output.
Answer B is correct because any port that is using half duplex, either through negotiation or by configuration, is considered to be a shared port, as noted with "Shr" in the type column. Answer D is correct because if a switch has no reason to make a port act as a shared port, or as an edge port, the switch treats it as a point-to-point port.
B, C. The VTP domain name must match on two neighboring VTP switches, or they ignore each other's messages. The domain name is case sensitive, making the answer with domain name "Fred" be correct. Additionally, switch SW1 does not have a vtp password command configured per the question stem. If SW2 were to be configured per the other correct answer, then SW1 would not have a VTP password, SW2 would, and the two switches would ignore each other's VTP messages. (If configured on one switch, both must have the same case-sensitive password configured.)
As for the incorrect answers, the VTP version does not have to match on neighboring switches for them to be able to synchronize. Additionally, two neighboring VTP client mode switches will synchronize, which is what the question asked. Neither could be used to configure new VLANs, but both would synchronize with the other.
A network engineer takes four 2960-X switches and creates a switch stack using either FlexStack or FlexStack-Plus stacking from Cisco. Now consider data plane functions, such as frame forwarding; control plane functions, such as STP and VTP; and management plane functions, such as Telnet and SSH support. Once the stack is cabled and working, which of the following is true about how the stack of four switches works?
a. The stack acts as one switch for data plane functions, and separate switches for control and management plane functions.
b. The stack acts as one switch for data plane and control plane functions, and separate switches for management plane functions.
c. The stack acts as one switch for data plane, control plane, and management plane functions.
d. The stack does not act as one switch for data, control, or management plane functions, instead providing backup uplinks if all of one switch's uplinks fail.
Routers R1, R2, and R3 are internal routers in areas 1, 2, and 3, respectively. Router R4 is an ABR connected to the backbone area (0) and to areas 1, 2, and 3. Which of the following answers describes the configuration on Router R4, which is different from the other three routers, that makes it an ABR?
a. The abr enable router subcommand.
b. The network router subcommands refer to a single nonbackbone area.
c. The network router subcommands refer to multiple areas, including the backbone.
d. The router has an interface in area 0, whereas an OSPF neighbor's interface sits in a different area.
A. GRE tunnels that use private IP addresses on the tunnel and then use the Internet between the two routers need to configure references to both the private and public IP addresses. First, each router's tunnel interface has an ip address command that refers to the local router's private IP address. Additionally, each router configures a tunnel destination and tunnel source that refer to the public IP address of the other router (tunnel destination) and the local router (tunnel source).
Two answers refer to Router A's private address. Per the first paragraph of this explanation, that address would be configured on a tunnel interface with an ip address command, on Router A, making one of those two answers correct. Private addresses would not be configured as the tunnel source or destination, making the other answer that mentions Router A's private address incorrect.
Two answers refer to Router B's public address. Per the first paragraph of this explanation, that address would only be configured as a tunnel source or tunnel destination, and not with the ip address command. That fact makes one of the answers incorrect. Next, Router B's public IP address would be listed as the tunnel source on Router B, and the tunnel destination on Router A. The final (incorrect) answer suggests that Router B's public address would be configured as the tunnel source, but on Router A, which would be an incorrect setting.
C. To justify the correct answer: R1's source address for the tunnel must be an address on R1, on an interface in an up/up state, or the tunnel will fail to an up/down state.
For the two answers that mention ping, GRE tunnels do local checks to determine the interface status, but they do not check connectivity with pings. So, a tunnel interface can reach an up/up state even though a ping to the destination of the tunnel would currently fail. (The router must have a route for forwarding packets to the destination; just no guarantee that the packet would arrive.) In this case, R1 would have a route that matches destination 188.8.131.52, R2 would have a route that matches 184.108.40.206, and the tunnel interface could be up/up even though a ping would currently fail for other reasons.
Finally, for the tunnel to work correctly, and forward traffic, R2 would need a working interface with address 220.127.116.11. However, R1's tunnel interface state is independent from whether R2's interfaces are currently up or down.
B, D. The show pppoe session command lists many key facts about a current PPPoE session. As for the correct answers, the State of UP on the far right confirms that the PPPoE session is working correctly. Also, the listing of the Di1 (Dialer1) and Vi1 (Virtual-access 1) interfaces implies that the two interfaces are bound by the PPPoE session.
As for the incorrect answers, MAC 0200.0000.3333 is in use, but by the ISP router. The heading lines list RemMAC (Remote MAC) above and LocMAC (Local MAC) below, so it is the lower of the two MAC addresses (0200.0000.3003) that is used by the local router, R1. Also, the PPPoE configuration is added to the dialer interface and the physical interface (G0/0 in this case), but the virtual-access interface is not directly configured. Instead, IOS generates its configuration from the configuration listed under the dialer interface.
C. The configuration of the Layer 3 switch's routing feature uses VLAN interfaces. The VLAN interface numbers must match the associated VLAN ID, so with VLANs 1, 2, and 3 in use, the switch will configure interface vlan 1, interface vlan 2 (which is the correct answer), and interface vlan 3. The matching connected routes, like all connected IP routes, will list the VLAN interfaces.
As for the incorrect answers, a list of connected routes will not list any next-hop IP addresses. Each route will list an outgoing interface, but the outgoing interface will not be a physical interface, but rather a VLAN interface, because the question states that the configuration uses SVIs. Finally, all the listed subnets have a /25 mask, which is 255.255.255.128, so none of the routes will list a 255.255.255.0 mask.
C, D. First, for the correct answers, a Layer 3 switch will not route packets on a VLAN interface unless it is in an up/up state. A VLAN interface will only be up/up if the matching VLAN (with the same VLAN number) exists on the switch. If VTP deletes the VLAN, then the VLAN interface moves to a down/down state, and routing in/out that interface stops. Also, disabling VLAN 2 with the shutdown command in VLAN configuration mode also causes the matching VLAN 2 interface to fail, which makes routing on interface VLAN 2 stop as well.
As for the incorrect answers, a Layer 3 switch needs only one access port or trunk port forwarding for a VLAN to enable routing for that VLAN, so nine of the ten access ports in VLAN 2 could fail, leaving one working port, and the switch would keep routing for VLAN 2.
A shutdown of VLAN 4 has no effect on routing for VLAN interfaces 2 and 3. Had that answer listed VLANs 2 or 3, it would definitely be a reason to make routing fail for that VLAN interface.
B, C. With a Layer 3 EtherChannel, two configuration settings must be the same on all the physical ports, specifically the speed and duplex as set with the speed and duplex commands. Additionally, the physical ports and port-channel port must all have the no switchport command configured to make each act as a routed port. So, having a different speed setting, or being configured with switchport rather than no switchport, would prevent IOS from adding interface G0/2 to the Layer 3 EtherChannel.
As for the wrong answers, both have to do with Layer 2 configuration settings. Once Layer 2 operations have been disabled because of the no switchport command, those settings related to Layer 2 that could cause problems on Layer 2 EtherChannels do not then cause problems for the Layer 3 EtherChannel. So, Layer 2 settings about access VLANs, trunking allowed lists, and STP settings, which must match before an interface can be added to a Layer 2 EtherChannel, do not matter for a Layer 3 EtherChannel.
A, C. Two HSRP misconfigurations cause both HSRP routers to attempt to use the same virtual IP address (VIP), at the same time, because both routers believe that they should be active. With a correct configuration other than mismatched group numbers, the two routers act independently, both using the VIP, resulting in the duplicate address message. The same kind of logic applies when the two routers have correct configuration other than a mismatched HSRP version: they do not act together, but act independently, both use the address, and then detect the duplicate use of the address.
As for the incorrect answers, an ACL that prevents a router from even receiving the HSRP messages will prevent that router from noticing the duplicate use of the VIP, so it does not list the duplicate address log message. Finally, if the configuration mistake is that the two routers configure two different VIPs, then they are using different addresses, so there is no need to issue a message about using duplicate addresses.
C. IP Service Level Agreement (IP SLA) can generate a variety of different types of probes, including some that use ICMP Echo messages, and some that mimic voice traffic. However, the question asks about "ICMP Echo-based" IP SLA, referring to the specific IP SLA probe that sends ICMP Echo Request messages.
ICMP Echo probes with IP SLA do not require a router to be configured as an IP SLA responder, although many other types of IP SLA probes do require a responder. The Echo probes send a normal ICMP Echo Request, so the probe can be sent to any IP address, relying on that host to send back a normal ICMP Echo Reply.
IP SLA on the source router will gather basic statistics. With the ICMP Echo probe, the probe does not measure jitter (ruling out another incorrect answer), but it does measure round-trip time (RTT). These statistics can be gathered into a history report, which can be useful when troubleshooting problems.
C. The requirements in the question ask that you gather all traffic sent between Host1 and Host2, to avoid gathering extra copies of the same frame. That requirement means you need to capture frames sent from Host1 to Host2, and frames sent from Host2 back to Host1. It also means that the solution should not capture the same frame multiple times. Each incorrect answer either gathers too little traffic, or gathers the required traffic but also more traffic than the correct answer would gather.
First, the answer of collecting from F0/1 for a single (transmit) direction is incorrect because it gathers too little traffic. Frames sent by Host2 to Host1 would arrive in switch port F0/2 and then be sent out port F0/1 to Host1, and would be copied by the SPAN session. However, frames sent by Host1 would be received on switch port F0/1, and would not be copied by that SPAN session.
The answer about using VLAN 5 as a source would work, but because all FastEthernet ports on the switch are in VLAN 5, this option gathers more traffic than is necessary.
The answer about using F0/2 as the source, for both directions of traffic, is correct. It will copy all frames sent by Host1 to Host2 (frames that the switch transmits out port F0/2), as well as frames sent by Host2 to Host1 (which will be frames received on switch port F0/2). This option does gather frames sent between Host2 and other hosts as well.
The final incorrect answer refers to collecting traffic from both F0/1 and F0/2, but in both directions. That option would gather all frames sent between Host1 and Host2 twice, which would work, but the question asked that you gather no more traffic than is required.