The questions and scenarios in this book are more difficult than what you should experience on the actual exam. The questions do not attempt to cover more breadth or depth than the exam; however, they are designed to make sure that you know the answers. Rather than allowing you to derive the answers from clues hidden inside the questions themselves, the questions challenge your understanding and recall of the subject. Hopefully, these questions will help limit the number of exam questions on which you narrow your choices to two options and then guess.
You can find the answers to these questions in Appendix A.
| 1. | When a VACL is implemented on a switch, how is the switching speed affected? |
| 2. | What actions can be taken on packets matching a VACL? |
| 3. | After a VACL is applied using the vlan filter command, how is the traffic direction (inbound or outbound) specified? |
| 4. | A secondary community VLAN is associated with a primary VLAN on a switch. Can hosts assigned to the community VLAN communicate with each other? |
| 5. | A secondary isolated VLAN is associated with a primary VLAN on a switch. Can hosts assigned to the isolated VLAN communicate with each other? |
| 6. | What command is needed to configure a promiscuous VLAN? |
| 7. | A router is identified as the central gateway for a private VLAN. What command is needed to configure the switch port where a router is connected? |
| 8. | How many actual VLANs must be configured to implement a common router with two community VLANs? |
| 9. | In a switch spoofing attack, what is the attacker's goal? |
| 10. | What should be configured to prevent a switch spoofing attack? |
| 11. | Describe some methods that can be used to prevent a VLAN hopping attack. |
| 12. | How is switching performance affected when several SPAN sessions are enabled? |
| 13. | What command can specify the source of a SPAN session as VLAN 100? |
| 14. | When a SPAN session is enabled, what direction of traffic flow (relative to the source port) is mirrored for analysis? |
| 15. | What two things can identify more granular traffic to be mirrored to a SPAN destination? |
| 16. | Three switches are connected in series with trunk links. The RSPAN source is on the first switch and the destination is on the third. How does the intermediate (second) switch learn about the RSPAN's source and destination locations? |
| 17. | What must be configured on all switches connecting an RSPAN source and destination? What commands can be used? |
| 18. | One of the advantages of RSPAN is that mirrored traffic can be isolated in the RSPAN VLAN on a trunk. If a GigabitEthernet port is to be monitored on one switch, which is better to use as a transport for the RSPAN VLAN: a GigabitEthernet trunk already carrying user traffic in other VLANs, or an isolated GigabitEthernet trunk link set aside for RSPAN? |
