Issuu on Google+

Cisco CODE: 350-001 Exam Name: CCIE Routing and Switching Written Qualification Exam v4.0 15% Discount Coupon Code: 52192S1005

Click the link below to get full version http://www.testsexpert.com/350-001.html

Type

Microsoft

1

IBM

Demo

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Question: 1 Which statement is true about loop guard? A. Loop guard only operates on interfaces that are considered point-to-point by the spanning tree. B. Loop guard only operates on root ports. C. Loop guard only operates on designated ports. D. Loop guard only operates on edge ports.

Answer: A Explanation: Understanding How Loop Guard Works Unidirectional link failures may cause a root port or alternate port to become designated as root if BPDUs are absent. Some software failures may introduce temporary loops in the network. Loop guard checks if a root port or an alternate root port receives BPDUs. If the port is receiving BPDUs, loop guard puts the port into an inconsistent state until it starts receiving BPDUs again. Loop guard isolates the failure and lets spanning tree converge to a stable topology without the failed link or bridge. You can enable loop guard per port with the set spantree guard loop command. Note When you are in MST mode, you can set all the ports on a switch with the set spantree globaldefaults loop-guard command. When you enable loop guard, it is automatically applied to all of the active instances or VLANs to which that port belongs. When you disable loop guard, it is disabled for the specified ports. Disabling loop guard moves all loop-inconsistent ports to the listening state. If you enable loop guard on a channel and the first link becomes unidirectional, loop guard blocks the entire channel until the affected port is removed from the channel. Figure 8-6 shows loop guard in a triangle switch configuration. Figure 8-6 Triangle Switch Configuration with Loop Guard

Figure 8-6 illustrates the following configuration:

Microsoft

2

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Switches A and B are distribution switches. Switch C is an access switch. Loop guard is enabled on ports 3/1 and 3/2 on Switches A, B, and C. Use loop guard only in topologies where there are blocked ports. Topologies that have no blocked ports, which are loop free, do not need to enable this feature. Enabling loop guard on a root switch has no effect but provides protection when a root switch becomes a nonroot switch. Follow these guidelines when using loop guard: Do not enable loop guard on PortFast-enabled or dynamic VLAN ports. Do not enable PortFast on loop guard-enabled ports. Do not enable loop guard if root guard is enabled. Do not enable loop guard on ports that are connected to a shared link. Note: We recommend that you enable loop guard on root ports and alternate root ports on access switches. Loop guard interacts with other features as follows: Loop guard does not affect the functionality of UplinkFast or BackboneFast. Root guard forces a port to always be designated as the root port. Loop guard is effective only if the port is a root port or an alternate port. Do not enable loop guard and root guard on a port at the same time. PortFast transitions a port into a forwarding state immediately when a link is established. Because a PortFast-enabled port will not be a root port or alternate port, loop guard and PortFast cannot be configured on the same port. Assigning dynamic VLAN membership for the port requires that the port is PortFast enabled. Do not configure a loop guard-enabled port with dynamic VLAN membership. If your network has a type-inconsistent port or a PVID-inconsistent port, all BPDUs are dropped until the misconfiguration is corrected. The port transitions out of the inconsistent state after the message age expires. Loop guard ignores the message age expiration on type-inconsistent ports and PVIDinconsistent ports. If the port is already blocked by loop guard, misconfigured BPDUs that are received on the port make loop guard recover, but the port is moved into the type-inconsistent state or PVIDinconsistent state. In high-availability switch configurations, if a port is put into the blocked state by loop guard, it remains blocked even after a switchover to the redundant supervisor engine. The newly activated supervisor engine recovers the port only after receiving a BPDU on that port. Loop guard uses the ports known to spanning tree. Loop guard can take advantage of logical ports provided by the Port Aggregation Protocol (PAgP). However, to form a channel, all the physical ports grouped in the channel must have compatible configurations. PAgP enforces uniform configurations of root guard or loop guard on all the physical ports to form a channel. These caveats apply to loop guard: –Spanning tree always chooses the first operational port in the channel to send the BPDUs. If that link becomes unidirectional, loop guard blocks the channel, even if other links in the channel are functioning properly. –If a set of ports that are already blocked by loop guard are grouped together to form a channel, spanning tree loses all the state information for those ports and the new channel port may obtain the forwarding state with a designated role. –If a channel is blocked by loop guard and the channel breaks, spanning tree loses all the state information. The individual physical ports may obtain the forwarding state with the designated role, even if one or more of the links that formed the channel are unidirectional.

Microsoft

3

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


You can enable UniDirectional Link Detection (UDLD) to help isolate the link failure. A loop may occur until UDLD detects the failure, but loop guard will not be able to detect it. Loop guard has no effect on a disabled spanning tree instance or a VLAN. Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.2glx/configuration/guide/stp_enha. html#wp1048163

Question: 2 Which command is used to enable EtherChannel hashing for Layer 3 IP and Layer 4 port-based CEF? A. mpls ip cef B. port-channel ip cef C. mpls ip port-channel cef D. port-channel load balance E. mpls ip load-balance F. ip cef EtherChannel channel-id XOR L4 G. ip cef connection exchange

Answer: D Explanation: Port-channel load balance is normally used for enable etherchannel hashing for Layer 3 IP and Layer 4 port based CEF.

Question: 3 Which two options are contained in a VTP subset advertisement? (Choose two.) A. followers field B. MD5 digest C. VLAN information D. sequence number

Answer: C, D Explanation: Subset Advertisements When you add, delete, or change a VLAN in a Catalyst, the server Catalyst where the changes are made increments the configuration revision and issues a summary advertisement. One or several subset

Microsoft

4

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


advertisements follow the summary advertisement. A subset advertisement contains a list of VLAN information. If there are several VLANs, more than one subset advertisement can be required in order to advertise all the VLANs. Subset Advertisement Packet Format

This formatted example shows that each VLAN information field contains information for a different VLAN. It is ordered so that lowered-valued ISL VLAN IDs occur first:

Most of the fields in this packet are easy to understand. These are two clarifications: Code — The format for this is 0x02 for subset advertisement. Sequence number — This is the sequence of the packet in the stream of packets that follow a summary advertisement. The sequence starts with 1. Advertisement Requests A switch needs a VTP advertisement request in these situations: The switch has been reset. The VTP domain name has been changed. The switch has received a VTP summary advertisement with a higher configuration revision than its own.

Microsoft

5

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Upon receipt of an advertisement request, a VTP device sends a summary advertisement. One or more subset advertisements follow the summary advertisement. This is an example:

Code—The format for this is 0x03 for an advertisement request. Start-Value—This is used in cases in which there are several subset advertisements. If the first (n) subset advertisement has been received and the subsequent one (n+1) has not been received, the Catalyst only requests advertisements from the (n+1)th one. Reference http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml

Question: 4 Which two statements are true about traffic shaping? (Choose two.) A. Out-of-profile packets are queued. B. It causes TCP retransmits. C. Marking/remarking is not supported. D. It does not respond to BECN and ForeSight Messages. E. It uses a single/two-bucket mechanism for metering.

Answer: A, C Explanation: Reference: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0CCwQFjAA&url=http%3 A%2F%2Fstaffweb.itsligo.ie%2Fstaff%2Fpflynn%2FTelecoms%25203%2FSlides%2FONT%2520Mod%2520 4%2520Lesson%25207.ppt&ei=LoDIUfTTGtO3hAeQz4HQCA&usg=AFQjCNGY24UkAfy8tKIHlzEm9gfoIjv6f g&sig2=t4UIzkZ12wnO2988dEDyug&bvm=bv.48293060,d.ZG4 (slide 6)

Question: 5 Which three options are features of VTP version 3? (Choose three.)

Microsoft

6

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


A. VTPv3 supports 8K VLANs. B. VTPv3 supports private VLAN mapping. C. VTPv3 allows for domain discovery. D. VTPv3 uses a primary server concept to avoid configuration revision issues. E. VTPv3 is not compatible with VTPv1 or VTPv2. F. VTPv3 has a hidden password option.

Answer: B, D, F Explanation: Key Benefits of VTP Version 3 Much work has gone into improving the usability of VTP version 3 in three major areas: The new version of VTP offers better administrative control over which device is allowed to update other devices' view of the VLAN topology. The chance of unintended and disruptive changes is significantly reduced, and availability is increased. The reduced risk of unintended changes will ease the change process and help speed deployment. Functionality for the VLAN environment has been significantly expanded. Two enhancements are most beneficial for today's networks: – In addition to supporting the earlier ISL VLAN range from 1 to 1001, the new version supports the whole IEEE 802.1Q VLAN range up to 4095. – In addition to supporting the concept of normal VLANs, VTP version 3 can transfer information regarding Private VLAN (PVLAN) structures. The third area of major improvement is support for databases other than VLAN (for example, MST). Brief Background on VTP Version 1 and VTP Version 2 VTP version 1 was developed when only 1k VLANs where available for configuration. A tight internal coupling of the VLAN implementation, the VLAN pruning feature, and the VTP function itself offered an efficient means of implementation. It has proved in the field to reliably support Ethernet, Token Ring, and FDDI networks via VTP. The use of consistent VLAN naming was a requirement for successful use of VMPS (Vlan Membership Policy Server). VTP ensures the consistency of VLAN names across the VTP domain. Most VMPS implementations are likely to be migrated to a newer, more flexible and feature-rich method. To add support for Token Ring, VTP version 1 was enhanced and called VTP version 2. Certain other minor changes and enhancements were also added at this time. The functional base in VTP version 3 is left unchanged from VTP version 2, so backward compatibility is built in. It is possible, on a per link basis, to automatically discover and support VTP version 2 devices. VTP version 3 adds a number of enhancements to VTP version 1 and VTP version 2: Support for a structured and secure VLAN environment (Private VLAN, or PVLAN) Support for up to 4k VLANs Feature enhancement beyond support for a single database or VTP instance Protection from unintended database overrides during insertion of new switches Option of clear text or hidden password protection Configuration option on a per port base instead of only a global scheme Optimized resource handling and more efficient transfer of information

Microsoft

7

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


These new requirements made a new code foundation necessary. The design goal was to make VTP version 3 a versatile vehicle. This was not only for the task of transferring a VLAN DB but also for transferring other databases-for example, the MST database. Reference http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/solution_guide_c78_508010.htm l

Question: 6 Which three options are considered in the spanning-tree decision process? (Choose three.) A. lowest root bridge ID B. lowest path cost to root bridge C. lowest sender bridge ID D. highest port ID E. highest root bridge ID F. highest path cost to root bridge

Answer: A, B, C Explanation: Configuration bridge protocol data units (BPDUs) are sent between switches for each port. Switches use s four step process to save a copy of the best BPDU seen on every port. When a port receives a better BPDU, it stops sending them. If the BPDUs stop arriving for 20 seconds (default), it begins sending them again. Step 1 Lowest Root Bridge ID (BID) Step 2 Lowest Path Cost to Root Bridge Step 3 Lowest Sender BID Step 4 Lowest Port ID Reference Cisco General Networking Theory Quick Reference Sheets

Question: 7 In 802.1s, how is the VLAN to instance mapping represented in the BPDU? A. The VLAN to instance mapping is a normal 16-byte field in the MST BPDU. B. The VLAN to instance mapping is a normal 12-byte field in the MST BPDU. C. The VLAN to instance mapping is a 16-byte MD5 signature field in the MST BPDU. D. The VLAN to instance mapping is a 12-byte MD5 signature field in the MST BPDU.

Microsoft

8

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Answer: C Explanation: MST Configuration and MST Region Each switch running MST in the network has a single MST configuration that consists of these three attributes: 1. An alphanumeric configuration name (32 bytes) 2. A configuration revision number (two bytes) 3. A 4096-element table that associates each of the potential 4096 VLANs supported on the chassis to a given instance. In order to be part of a common MST region, a group of switches must share the same configuration attributes. It is up to the network administrator to properly propagate the configuration throughout the region. Currently, this step is only possible by the means of the command line interface (CLI) or through Simple Network Management Protocol (SNMP). Other methods can be envisioned, as the IEEE specification does not explicitly mention how to accomplish that step. Note: If for any reason two switches differ on one or more configuration attribute, the switches are part of different regions. For more information refer to the Region Boundary section of this document. Region Boundary In order to ensure consistent VLAN-to-instance mapping, it is necessary for the protocol to be able to exactly identify the boundaries of the regions. For that purpose, the characteristics of the region are included in the BPDUs. The exact VLANs-to-instance mapping is not propagated in the BPDU, because the switches only need to know whether they are in the same region as a neighbor. Therefore, only a digest of the VLANs-toinstance mapping table is sent, along with the revision number and the name. Once a switch receives a BPDU, the switch extracts the digest (a numerical value derived from the VLANto-instance mapping table through a mathematical function) and compares this digest with its own computed digest. If the digests differ, the port on which the BPDU was received is at the boundary of a region. In generic terms, a port is at the boundary of a region if the designated bridge on its segment is in a different region or if it receives legacy 802.1d BPDUs. In this diagram, the port on B1 is at the boundary of region A, whereas the ports on B2 and B3 are internal to region B:

MST Instances According to the IEEE 802.1s specification, an MST bridge must be able to handle at least these two instances: One Internal Spanning Tree (IST)

Microsoft

9

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


One or more Multiple Spanning Tree Instance(s) (MSTIs) The terminology continues to evolve, as 802.1s is actually in a pre-standard phase. It is likely these names will change in the final release of 802.1s. The Cisco implementation supports 16 instances: one IST (instance 0) and 15 MSTIs. show vtp status Cisco switches "show vtp status" Field Descriptions has a MD5 digest field that is a 16-byte checksum of the VTP configuration as shown below Router# show vtp status VTP Version: 3 (capable) Configuration Revision: 1 Maximum VLANs supported locally: 1005 Number of existing VLANs: 37 VTP Operating Mode: Server VTP Domain Name: [smartports] VTP Pruning Mode: Disabled VTP V2 Mode: Enabled VTP Traps Generation: Disabled MD5 digest : 0x26 0xEE 0x0D 0x84 0x73 0x0E 0x1B 0x69 Configuration last modified by 172.20.52.19 at 7-25-08 14:33:43 Local updater ID is 172.20.52.19 on interface Gi5/2 (first layer3 interface fou) VTP version running: 2 Reference http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfc.shtml http://www.cisco.com/en/US/docs/ios-xml/ios/lanswitch/command/lsw-cr-book.pdf

Question: 8 Refer to the exhibit.

What is true about the configuration in this exhibit? A. It is an invalid configuration because it includes both an application layer match and a Layer 3 ACL. B. It will create a class map that matches the content of ACL 101 and the HTTP protocol, and will then create an inspection policy that will drop packets at the class map.

Microsoft

10

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


C. It will create a class map that matches the content of ACL 101 and the HTTP protocol, and will then create an inspection policy that will allow packets at the class map. D. It will create a class map that matches the content of ACL 101 or the HTTP protocol (depending on the zone of the interface), and will then create an inspection policy that will drop packets at the class map. E. It will create a class map that matches the content of ACL 101 or the HTTP protocol (depending on the zone of the interface), and will then create an inspection policy that will allow packets at the class map. F. It is an invalid configuration because the class map and policy map names must match.

Answer: B Explanation: Technically the syntax is incorrect as the application that is being inspected should be listed after the keyword type. However, this is not listed as one of the options. The correct configuration should be as follows: class-map type inspect http match-all el match access-group 101 policy-map type inspect http pl class type inspect el drop When multiple match criteria exist in the traffic class, you can identify evaluation instructions using the match any or match-all keywords. If you specify match-any as the evaluation instruction, the traffic being evaluated must match one of the specified criteria, typically match commands of the same type. If you specify match-all as the evaluation instruction, the traffic being evaluated must match all the specified criteria, typically match commands of different types. Identifying Traffic in an Inspection Class Map This type of class map allows you to match criteria that is specific to an application. For example, for DNS traffic, you can match the domain name in a DNS query. Note Not all applications support inspection class maps. See the CLI help for a list of supported applications. A class map groups multiple traffic matches (in a match-all class map), or lets you match any of a list of matches (in a match-any class map). The difference between creating a class map and defining the traffic match directly in the inspection policy map is that the class map lets you group multiple match commands, and you can reuse class maps. For the traffic that you identify in this class map, you can specify actions such as dropping, resetting, and/or logging the connection in the inspection policy map. If you want to perform different actions on different types of traffic, you should identify the traffic directly in the policy map. To define an inspection class map, perform the following steps: Step 1 (Optional) If you want to match based on a regular expression, see the "Creating a Regular Expression" section and the "Creating a Regular Expression Class Map" section. Step 2 Create a class map by entering the following command: hostname(config)# class-map type inspect application [match-all | match-any] class_map_name hostname(config-cmap)# Reference http://www.cisco.com/en/US/docs/ios_xr_sw/iosxr_r3.8/vfw/command/reference/vfr38cm.html

Microsoft

11

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Question: 9 While you are troubleshooting network performance issues, you notice that a switch is periodically flooding all unicast traffic. Further investigation reveals that periodically the switch is also having spikes in CPU utilization, causing the MAC address table to be flushed and relearned. What is the most likely cause of this issue? A. a routing protocol that is flooding updates B. a flapping port that is generating BPDUs with the TCN bit set C. STP is not running on the switch D. a user that is downloading the output of the show-tech command E. a corrupted switch CAM table

Answer: B Explanation: Spanning-Tree Protocol Topology Changes Another common issue caused by flooding is Spanning-Tree Protocol (STP) Topology Change Notification (TCN). TCN is designed to correct forwarding tables after the forwarding topology has changed. This is necessary to avoid a connectivity outage, as after a topology change some destinations previously accessible via particular ports might become accessible via different ports. TCN operates by shortening the forwarding table aging time, such that if the address is not relearned, it will age out and flooding will occur. TCNs are triggered by a port that is transitioning to or from the forwarding state. After the TCN, even if the particular destination MAC address has aged out, flooding should not happen for long in most cases since the address will be relearned. The issue might arise when TCNs are occurring repeatedly with short intervals. The switches will constantly be fast-aging their forwarding tables so flooding will be nearly constant. Normally, a TCN is rare in a well-configured network. When the port on a switch goes up or down, there is eventually a TCN once the STP state of the port is changing to or from forwarding. When the port is flapping, repetitive TCNs and flooding occurs. Ports with the STP portfast feature enabled will not cause TCNs when going to or from the forwarding state. Configuration of portfast on all end-device ports (such as printers, PCs, servers, and so on) should limit TCNs to a low amount. Refer to this document for more information on TCNs: Understanding Spanning-Tree Protocol Topology Changes Note: In MSFC IOS, there is an optimization that will trigger VLAN interfaces to repopulate their ARP tables when there is a TCN in the respective VLAN. This limits flooding in case of TCNs, as there will be an ARP broadcast and the host MAC address will be relearned as the hosts reply to ARP. Reference http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00801d0808.sh tml

Question: 10 Microsoft

12

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Your network is suffering from regular outages. After troubleshooting, you learn that the transmit lead of a fiber uplink was damaged. Which two features can prevent the same issues in the future? (Choose two.) A. root guard B. loop guard C. BPDU guard D. UDLD E. BPDU skew detection

Answer: B, D STP Loop Guard The STP loop guard feature provides additional protection against Layer 2 forwarding loops (STP loops). An STP loop is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state. This usually happens because one of the ports of a physically redundant topology (not necessarily the STP blocking port) no longer receives STP BPDUs. In its operation, STP relies on continuous reception or transmission of BPDUs based on the port role. The designated port transmits BPDUs, and the non-designated port receives BPDUs. When one of the ports in a physically redundant topology no longer receives BPDUs, the STP conceives that the topology is loop free. Eventually, the blocking port from the alternate or backup port becomes designated and moves to a forwarding state. This situation creates a loop. The loop guard feature makes additional checks. If BPDUs are not received on a non-designated port, and loop guard is enabled, that port is moved into the STP loop-inconsistent blocking state, instead of the listening / learning / forwarding state. Without the loop guard feature, the port assumes the designated port role. The port moves to the STP forwarding state and creates a loop. Loop Guard versus UDLD Loop guard and Unidirectional Link Detection (UDLD) functionality overlap, partly in the sense that both protect against STP failures caused by unidirectional links. However, these two features differ in functionality and how they approach the problem. This table describes loop guard and UDLD functionality:

Microsoft

13

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Based on the various design considerations, you can choose either UDLD or the loop guard feature. In regards to STP, the most noticeable difference between the two features is the absence of protection in UDLD against STP failures caused by problems in software. As a result, the designated switch does not send BPDUs. However, this type of failure is (by an order of magnitude) more rare than failures caused by unidirectional links. In return, UDLD might be more flexible in the case of unidirectional links on EtherChannel. In this case, UDLD disables only failed links, and the channel should remain functional with the links that remain. In such a failure, the loop guard puts it into loop-inconsistent state in order to block the whole channel. Additionally, loop guard does not work on shared links or in situations where the link has been unidirectional since the link-up. In the last case, the port never receives BPDU and becomes designated. Because this behavior could be normal, this particular case is not covered by loop guard. UDLD provides protection against such a scenario. As described, the highest level of protection is provided when you enable UDLD and loop guard. Reference http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094640. shtml#loop_guard_vs_uld

Question: 11 When troubleshooting the issue, you notice the election of a new root bridge with an unknown MAC address. Knowing that all access ports have the PortFast feature enabled, what would be the easiest way to resolve the issue without losing redundant links? A. Enable bpduguard globally. B. Enable rootguard. C. Enable loopguard. D. Enable spanning tree. E. Enable UDLD.

Answer: A Explanation: Loopguard, spanning tree, and UDLD are obvious red herrings. This leaves enabling rootguard or bpduguard. One key is that enabling bpduguard only affects ports that have portfast enabled; see the following URL under "Configuration." Reference: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a008009482f.shtml

Question: 12 You are the network administrator of a small Layer 2 network with 50 users. Lately, users have been

Microsoft

14

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


complaining that the network is very slow. While troubleshooting, you notice that the CAM table of your switch is full, although it supports up to 12, 000 MAC addresses. How can you solve this issue and prevent it from happening in the future? A. Upgrade the switches B. Configure BPDU guard C. Configure VLAN access lists D. Configure port security E. Configure Dynamic ARP inspection

Answer: D Explanation: Enabling Port Security Port security is either autoconfigured or enabled manually by specifying a MAC address. If a MAC address is not specified, the source address from the incoming traffic is autoconfigured and secured, up to the maximum number of MAC addresses allowed. These autoconfigured MAC addresses remain secured for a time, depending upon the aging timer set. The autoconfigured MAC addresses are cleared from the port in case of a link-down event. When you enable port security on a port, any dynamic CAM entries that are associated with the port are cleared. If there are any currently configured static or permanent CAM entrie on that same port, you may not be able to enable the port-security on that port. If this is the case, clear the configured static and permanent earl entries on that port and then enable port-security. To enable port security, perform this task in privileged mode:

Reference http://www.cisco.com/en/US/docs/switches/lan/catalyst4000/8.2glx/configuration/guide/sec_port.htm l

Question: 13 DRAG DROP

Microsoft

15

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Answer:

Explanation: ip bandwidth-percent eigrp – changes the bandwidth EIGRP may use on an interface metric weights – neighbor – configures unicast updates variance – allows for unequal cost load sharing

Microsoft

16

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


prefix-list – offset-list – modifies the metric of specific routes auto-summary –

Question: 14 Which two statements are true about 802.1s? (Choose two.) A. 802.1s supports a reduced number of spanning-tree instances. B. 802.1s has better convergence times than 802.1w. C. 802.1s does not support load balancing over the same physical topology. D. The CPU utilization for 802.1s is lower than the CPU utilization for 802.1w.

Answer: A, D Explanation: Reference: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfc.shtml

Question: 15 Which configuration is used to enable root guard? A. interface gig3/1 spanning-tree guard root B. interface gig3/1 spanning-tree root guard C. interface gig3/1 spanning-tree root-guard D. interface gig3/1 spanning-tree root-guard default

Answer: A Explanation: Reference: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094640.shtml

Question: 16 Microsoft

17

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Which two statements describe spanning-tree BPDU processing for a blocking port? (Choose two.) A. BPDUs that enter a blocking port are discarded. B. BPDUs that enter a blocking port are processed. C. Loopguard puts an interface into a loop-inconsistent state when BPDUs stop being received on a blocking port. D. BPDUs are only processed on forwarding ports.

Answer: B, C Explanation: Reference: http://www.infraworld.eu/spanning-tree-root-guard-and-loop-guard/

Question: 17 When troubleshooting duplex mismatches, which two are errors that are typically seen on the half duplex end? (Choose two.) A. excessive collisions B. FCS errors C. runts D. late collisions

Answer: B, C Explanation: Reference: http://www.netcordia.com/resources/tech-tips/switch-port-duplex-mismatch.asp

Question: 18 You are using VTP (version 2) in your network to transport VLAN information between switches. When adding a switch to the network (that has been used in the lab previously), you notice that a lot of the existing VLANs have been deleted or replaced with other names. What can you do to prevent this from happening in the future, without losing all VTP features that you are using today? A. configure a hard-to-guess VTP domain name B. use a hard-to-guess VTP password C. use VTP transparent mode D. implement VTP version 3

Microsoft

18

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Answer: D Explanation: Reference: http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/solution_guide_c78_508010.htm l

Question: 19 Which two combinations are valid PAgP configurations that will set up a PAgP channel? (Choose two.) A. On-Passive B. On-Auto C. Passive-Active D. Desirable-Auto E. Active-Active F. Desirable-Desirable

Answer: D, F Explanation: Reference: http://www.cisco.com/en/US/products/hw/switches/ps607/products_configuration_example09186a00 80094789.shtml (see port aggregation protocol)

Question: 20 Spanning Tree Protocol IEEE 802.1 s defines the ability to deploy which of these? A. one global STP instance for all VLANs B. one STP instance for each VLAN C. one STP instance per set of VLANs D. one STP instance per set of bridges

Answer: C Explanation: The IEEE 802.1s standard is the Multiple Spanning Tree (MST). With MST, you can group VLANs and run one instance of Spanning Tree for a group of VLANs. Other STP types:

Microsoft

19

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Common Spanning Tree (CST), which is defined with IEEE 802.1Q, defines one spanning tree instance for all VLANs. Rapid Spanning Tree (RSTP), which is defined with 802.1w, is used to speed up STP convergence. Switch ports exchange an explicit handshake when they transition to forwarding.

Microsoft

20

IBM

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Symantec


Cisco CODE: 350-001 Exam Name: CCIE Routing and Switching Written Qualification Exam v4.0 15% Discount Coupon Code: 52192S1005

Click the link below to get full version http://www.testsexpert.com/350-001.html Microsoft

Cisco

MB6-871 MB6-872 MB6-884 MB6-886 MB7-702 70-410 70-413 70-417

640-692 642-584 642-742 642-993

642-427 642-637 642-983 642-999

642-980

70-461 70-463 70-465 70-481 70-483 70-485 70-497 70-685 70-687 74-322 77-881 98-361

644-066 646-206 650-153 650-196 650-297 650-474 700-101 646-048 640-722 500-005 646-365 500-005

644-068 500-005

70-462 70-464 70-466 70-482 70-484 70-486 70-498 70-686 70-688 74-324 77-885 98-365

Microsoft

21

646-580 650-179 650-292 650-473 500-254 640-803 642-998 500-254 200-101

648-266 100-101

IBM

IBM 00M-617 LOT-440 LOT-442 000-N12

000-176 000-283 000-670 000-N19

00M-513 00M-620 00M-667 LOT-929 00M-639 00M-645 000-N28 00M-512 00M-668 00M-646 00M-648 000-N23

00M-617 000-N40 00M-222 00M-245 00M-643 00M-249 000-N31 00M-513 00M-638 00M-647 00M-662 000-N25

HP HP5-Z01D HP2-N43 HP2-N28

HP5 K02D

HP5-K01D HP5-H01D HP0-D12 HP0-M57 HP0-Y43 HP2-B87 HP2-E43 HP2-E46 HP2-E50 HP2-E53 HP2-H24 HP2-K24 HP2-K31 HP2-N33

HP0-D15 HP0-S35 HP2-B82 HP2-B91 HP2-E45 HP2-E47 HP2-E51 HP2-H23 HP2-K23 HP2-K28 HP2-N31 HP2-Q06

HP Cisco Oracle Instant download after purchase

http://www.testsexpert.com/350-001.html

Others CMA CPIM E20-553 CFA-Level-III 1Z0-460 IIA-CGAP M70-301 CHFP 1Z0-466 CMQ-OE 1Z0-593 IIA-CFSA CSSGB CTAL 1Z0-465 CPFO PSP CFE CQIA RHIA 00M-617 CTFA MSC-431 CFA-Level-I CPEA AFE CRCM 1Z0-559 CTAL-TA 002ARXTROUBLESHOOT

Symantec


350 001 exam questions and answers pdf