Which of the following commands sets a trunk port on a 2960 switch?
Options
A. trunk on
B. trunk all
C. switchport trunk on
D. switchport mode trunk
Correct Answer
switchport mode trunk
Explanation
To set a switch port to trunk mode, which allows all VLAN information to pass down the link, use the
switchport mode trunk command.
More questions
1. If you wanted to deny FTP access from network 200.200.10.0 to network 200.199.11.0 but allow everything else, which of the following command strings is valid?
Options
A. access-list 110 deny 200.200.10.0 to network 200.199.11.0 eq ftp access-list 111 permit ip any 0.0.0.0 255.255.255.255
B. access-list 1 deny ftp 200.200.10.0 200.199.11.0 any any
Correct Answer: access-list 198 deny tcp 200.200.10.0 0.0.0.255 200.199.11.0 0.0.0.255 eq ftp access-list 198 permit ip any 0.0.0.0 255.255.255.255
Explanation:
Extended IP access lists use numbers 100-199 and 2000-2699 and filter based on source and destination IP address, protocol number, and port number. The last option is correct because of the second line that specifies permit ip any any. (I used 0.0.0.0 255.255.255.255, which is the same as the any option.) The third option does not have this, so it would deny access but not allow everything else.
2. If you wanted to deny all Telnet connections to only network 192.168.10.0, which command could you use?
Options
A. access-list 100 deny tcp 192.168.10.0 255.255.255.0 eq telnet
B. access-list 100 deny tcp 192.168.10.0 0.255.255.255 eq telnet
C. access-list 100 deny tcp any 192.168.10.0 0.0.0.255 eq 23
D. access-list 100 deny 192.168.10.0 0.0.0.255 any eq 23
The extended access list ranges are 100-199 and 2000-2699, so the access-list number of 100 is valid. Telnet uses TCP, so the protocol TCP is valid. Now you just need to look for the source and destination address. Only the third option has the correct sequence of parameters. Answer B may work, but the question specifically states "only" to network 192.168.10.0, and the wildcard in answer B is too broad.
3. To configure the VLAN trunking protocol to communicate VLAN information between two switches, what two requirements must be met?
Each end of the trunk link must be set to the IEEE 802.1e encapsulation.
The VTP management domain name of both switches must be set the same.
All ports on both the switches must be set as access ports.
One of the two switches must be configured as a VTP server.
A rollover cable is required to connect the two switches together.
A router must be used to forward VTP traffic between VLANs.
You must have the same VTP domain name on all switches in order to share VLAN information between the switches. At least one of the switches must be a VTP server; the other switches should be set to VTP client.
4. Which WLAN IEEE specification allows up to 54Mbps at 2.4GHz?
Correct Answer: If no commands have been typed in 1 minute and 35 seconds, the console connection will be closed.
Explanation:
The
exec-timeout command is set in minutes and seconds.
7. You need to create an access list that will prevent hosts in the network range of 192.168.160.0 to 192.168.191.0. Which of the following lists will you use?
Options
A. access-list 10 deny 192.168.160.0 255.255.224.0
The range of 192.168.160.0 to 192.168.191.0 is a block size of 32. The network address is 192.168.160.0 and the mask would be 255.255.224.0, which for an access list must be a wildcard format of 0.0.31.255. The 31 is used for a block size of 32. The wildcard is always one less than the block size.
8. Which of the following is an example of a standard IP access list?
Standard IP access lists use the numbers 1-99 and 1300-1999 and filter based on source IP address only. Option C is incorrect because the mask must be in wildcard format.
9. You are connecting your access point and it is set to root. What does Extended Service Set ID mean?
Options
A. That you have more than one access point and they are in the same SSID connected by a distribution system.
B. That you have more than one access point and they are in separate SSIDs connected by a distribution system.
C. That you have multiple access points, but they are placed physically in different buildings.
D. That you have multiple access points, but one is a repeater access point.
Correct Answer: That you have more than one access point and they are in the same SSID connected by a distribution system.
Explanation:
Extended Service Set ID means that you have more than one access point and they all are set to the same SSID and all are connected together in the same VLAN or distribution system so users can roam.
10. Which of the following series of commands will restrict Telnet access to the router?
Options
A. Lab_A(config)#access-list 10 permit 172.16.1.1 Lab_A(config)#line con 0 Lab_A(config-line)#ip access-group 10 in
B. Lab_A(config)#access-list 10 permit 172.16.1.1 Lab_A(config)#line vty 0 4 Lab_A(config-line)#access-class 10 out
C. Lab_A(config)#access-list 10 permit 172.16.1.1 Lab_A(config)#line vty 0 4 Lab_A(config-line)#access-class 10 in
D. Lab_A(config)#access-list 10 permit 172.16.1.1 Lab_A(config)#line vty 0 4 Lab_A(config-line)#ip access-group 10 in
Telnet access to the router is restricted by using either a standard or extended IP access list inbound on the VTY lines of the router. The command
access-class is used to apply the access list to the VTY lines.