Share your SWITCH v2.0 Experience

@M.Shahin

Error in download. Please share the relevant link.

@CCNP-Switch, Noted and thank you bro, please let me know once you are done with the exam.

I thing id like to add is that when the vtp sim questions came up, there was sw1 and sw2 as vtp server mode, but if you check the description (its like the last few lines under the show vtp status), you will see if says primary description: sw1 and this appears on sw1 and 2 when doing the exam. I dont know if this then identifies that the config should be just applied on sw1 or not. because under vtp mode sw 1 and 2 are showing as server. what would you guys advise?

@M.shahin please send us via mail, its not opening specific VCE. kelvincenka @ gmail dot com

==========LIST of Actual Questions that i remembered from exam==============

1)How many Active Virtual Gateways (AVG) that can be used in a group:
A.1 B.2 C.3 D.4
ANS:A

2)Which two statements about default FHRP behavior are true? (Choose two)
A. A backup GLBP active virtual gateway can become active only if the current active virtual
gateway fails
B. Preemption is enabled by default
C. Unless specifically configured, the priority of an HSRP router is 200
D. A standby HSRP router becomes active if it has a higher priority than the priority of the
current active router
E. A VRRP backup virtual router becomes the master router if its priority is higher than the
priority of the current master router
Ans:A,E

3)Which mechanism is specific for RSPAN and not for SPAN?
A. source port
B. monitor port
C. reflector port
D. redundant port
E. destination port
Answer: C

6) Refer to the exhibit. An engineer is configuring a trunking port-channel between switch 1 and switch 2 and receives an error message on switch 1. Which
option corrects this error?
A. enabling BPDU guard on interface Fa0/23 of switch 2.
B. enabling BPDU guard on interface Fa0/23 of switch 1.
C. disabling BPDU guard on interface Fa0/23 of switch 2.
D. disabling BPDU guard on interface Fa0/23 of switch 1.
Ans: D

7) Which two device types does DHCP snooping treat as untrusted in an ISP environment? (Choose two.)
A. end host devices
B. customer edge services
C. user-facing provider edge devices
D. provider edge devices
E. provider devices
Ans: A, B

8) What is the value of the TPID/tag protocol identifier in dot1q?
A. 0x8100
B. 0x8a88
C. 0x8b45
D. 0x8200
Ans:A

9) Which two TLVs are included in Cisco Discovery Protocol advertisements? (Choose two.)
A. Network Policy TLV
B. VTP Management Domain TLV
C. System Name TLV
D. Inventory Management TLV
E. Native VLAN TLV
Ans:B, E

10) Which two statements about sticky MAC address learning are true? (Choose two.)
A. A single device can learn up to three sticky MAC addresses.
B. Devices can learn sticky MAC addresses dynamically.
C. Learned addresses are saved to the startup configuration file by default.
D. Learned addresses are saved to the running configuration by default.
E. Learned addresses are automatically preserved when the device reboots.
F. It can be used only on devices that operate in a single layer.
Ans: B, D
11) After you connected a host to switch port G0/1, the port is error disabled. Which command can you enter to determine the reason?
A. show interfaces g0/1 status
B. show log
C. show run interface g0/1
D. show ip interface brief
Ans: B

12) Refer to the exhibit.
Which option is the most likely explanation of the duplicate address message logged?
A. spanning-tree loop
B. HSRP misconfiguration
C. a PC with IP of 10.10.1.1
D. a hardware problem
Ans: B
13) Which feature can prevent ARP poisoning attacks on a device?
A. Dynamic ARP Inspection
B. DHCP snooping
C. MAC snooping
D. CGMP snooping
E. Dynamic MAC Inspection
F. Static ARP Inspection
Ans: A

14) Which type of failure has occurred, if a link fails and the MEC successfully redistributes the load among the remaining operational links?
A. multiple MEC link failure
B. standby switch failure
C. active switch failure
D. single MEC link failure
ANS:D

15) Which command do you enter on a device so that users are automatically placed in enable mode after they authenticate with TACACS+?
A. aaa authorization exec default group tacacs+ if-authenticated
B. aaa authorization exec default group tacacs+ local-case
C. aaa authorization exec default group tacacs+ enable
D. aaa authentication exec default group tacacs+ if-authenticated
Ans: A

16) Which two statements about the local user database are true? (Choose two.)
A. For console connections, it can be used only as a backup authentication method.
B. It can be configured to grant a user-specific privilege level.
C. It can store passwords in clear text only.
D. For VTY connections, it can be used only as a backup authentication method.
E. It can be used as the only method of authentication or as a backup for other methods.
Ans: B, E

17) Which two configuration requirements for port security are true? (Choose two.)
A. Port must be in access mode
B. Port security must be enabled on the port level
C. Port must be in interface VLAN mode
D. Port security must be disabled on the port level
E. Port must be in encapsulation mode
Ans: A, B

18) Which command enables root guard on a Cisco switch?
A. Switch(config)#spanning-tree guard root
B. Switch(config)#spanning-tree root guard
C. Switch(config-if)#spanning-tree guard-root
D. Switch(config-if)#spanning-tree guard root
E. Switch(config-if)#spanning-tree root guard
Ans: D

19)Which two commands do you enter to add VLAN 15 on a switch VLAN configuration file? (Choose two.)
A. switchport trunk native vlan 15
B. switchport access vlan 15
C. vlan 15
D. switchport trunk allowed vlan 15
E. encapsulation dot1q 15
Ans: B, C

20)Refer to the exhibit.(R1+R2—SW===Server)
A single server in Company 123 is connected via EtherChannel to a single upstream switch. Which EtherChannel load balancing method on the switch makes optimal use of the redundant links as traffic flows from the routers to the server?
A. source MAC address
B. source IP address
C. source and destination MAC address
D. destination MAC address
Ans: B

21) A switch has been configured with the VLAN dot1q tag native command. Which statement describes what the switch does with untagged frames when it
receives on a trunked interface?
A. Untagged frames are forwarded via the default VLAN
B. It drops the untagged frames
C. The trunk ports is put in err-disable state.
D. Untagged frames are forward via the native vlan
Ans: B

22) Which two commands display the VLANs that are present in the VLAN database? (Choose two.)
A. show running-config
B. show vlan database
C. show vlan brief
D. show vlan
E. show vlan id
Ans:C, D

23) Which command do you enter to enable Dynamic ARP Inspection for VLAN 15?
A. SW1(config-vlan)# ip arp inspection vlan 15
B. SW1(config-vlan)# ip arp inspection trust
C. SW1(config-if)# ip arp-inspection trust
D. SW1(config)# ip arp inspection vlan 15
Ans: D

23) Which statement about VSPAN is true?
A. It can monitor ingress and egress traffic on the source VLAN
B. It sends all VLAN traffic to the destination port regardless of the VLAN’s status
C. It can monitor destination port traffic that belongs to a source VLAN
D. It can monitor token ring VLANs
Ans : A

24) Which two statements about source port monitoring in a SPAN are true? (Choose two.)
A. Traffic through a destination port can be copied and included in the SPAN session.
B. The entire EtherChannel must be monitored.
C. It can monitor only FastEthernet and GigabitEthernet port types.
D. It can monitor individual interfaces within a port channel.
E. It can monitor ingress and egress traffic.
Ans : D, E

25) Which two operational attributes can be checked for EtherChannel ports that are in err-disabled state? (Choose 2)
A. Port mode B. Port cost C. Duplex D. DTP E. VLAN

26) Which two configuration requirements for port security are true? (Choose two.)
A. The port must be part of a trunk.
B. Port security must be enable at the port level
C. Port security must be enabled at the global level.
D. The port must be SPAN port.
E. The port must be part of an EtherChannel bundle.
F. The port must be in access mode.
Ans: B, F

27) Which feature must be enabled to eliminate the broadcasting of all unknown traffic to switches that are not participating in the specific VLAN?
A. VTP pruning
B. port-security
C. storm control
D. bpdguard

28) In which two ways can a port respond to a port-security violation? (Choose two)
A. The port enters the err-disabled state.
B. The Security Violation counter is incremented and the port sends an SNMP trap.
C. The Security Violation counter is incremented and the port sends a critical syslog message to the console.
D. The port triggers an EEM script to notify support staff and continues to forward traffic normally.
E. The port immediately begins to drop all traffic.
F. The port enters the shutdown state.
Ans : A, B

29) Refer to the exhibit. An engineer is configuring a trunking port-channel between switch 1 and switch 2 and receives an error message on switch 1. Which
option corrects this error?
A. enabling BPDU guard on interface Fa0/23 of switch 2.
B. enabling BPDU guard on interface Fa0/23 of switch 1.
C. disabling BPDU guard on interface Fa0/23 of switch 2.
D. disabling BPDU guard on interface Fa0/23 of switch 1.
Ans: D

30) Refer to the exhibit.
Which option is the most likely explanation of the duplicate address message logged?
A. spanning-tree loop
B. HSRP misconfiguration
C. a PC with IP of 10.10.1.1
D. a hardware problem
Ans: B

I tried to send links again with editing but it is not available so please make sure to replace & with / and % with . as i tried it and it is working.

Hi all,

Premium membership ending on Feb 20 for sale.

25 days remaining – $15

darkness.evil ( a t ) mail.bg

M.Shahin thanks friend a lot. Just for interest. Where are you from?

Hello friends.

Which statement is true about dynamic access port?
A. VLAN 1 is the default VLAN.
B. None until the port VLAN is determined.
C. All VLANs are permitted in a dynamic access port link.
D. Per default the port has to participate in a VLAN election to determine which VLAN a port is assigned.

Some friends says answer is A , someone says is B. Any idea?

@gambito11
I just wanted to ask you what material you used to study. Regards

@M.Shahin Thank you very much! Do you remember what Drag & Drops did you get? Please let us know. Thank you!

@M.Shahin, your link is working.
Thanks you so much.

@M.Shahin, your link is working.
someone can share the vce program… please

thank you @M.Shahin

Thank you for sharing @M.Sahin. But how is possible to go through 900+ questions ? what about premium subscription of certprepare ?

Which statement is true about dynamic access port?
A. VLAN 1 is the default VLAN.
B. None until the port VLAN is determined.
C. All VLANs are permitted in a dynamic access port link.
D. Per default the port has to participate in a VLAN election to determine which VLAN a port is assigned.
answer B

can someone please send me the latest dump. testing this friday!
onebitpacket at gmail

Hi Guys,

I am planning on taking the exam this February and just want to make sure that the DND and LABS are correct.

Can anyone please verify if the information below are correct.

======================================
======================================

Drag and Drop

VSS and Stack

VSS:

1. Can be used even in geographically distributed equipment
2. Is supported only on line 4500 and 6500 + uses 10Gbps interfaces
Stack:
3. Can be connected in up to 9 devices + is supported only on line 3750 and (2960/3650/3850/3750+)
4. Uses proprietary cable for connection[/am4show

Stack:

1. Can be connected in up to 9 devices
2. Is supported only on line 3750 and (2960/3650/3850/3750+)
3. Uses proprietary cable for connection[/am4show]

HSRP vs VRRP

HSRP:

1. Requires a unique IP address to use as the virtual IP Address
2. Uses multicast address 244.0.0102
3. Uses a virtual MAC address that begin with 0000.0C9F.F000

VRRP:

1. Uses ip protocol 112
2. Uses Physical IP address of the interface as the virtual IP address
3. Tracks the reachability of an IP address

======================================

HSRP LAB:

1. What percentage of the outgoing traffic from the 172.16.10.0/24 subnet is being forwarded through R1?

(R1: show standby)

D. R1-100%

2. If router R1 interface Etherne0/0 goes down and recovers, which of the statement regarding HSRP priority is true?

(R1: show runnning-config)

C. The interface will have its current priority incremented by 40 for HSRP group 1

3. What issue is causing Router R1 and R2 to both be displayed as the HSRP active router for group 2?

(R1 , R2: show running-config

B. The HSRP group authentication is misconfigured

4. What is the virtual mac-address of HSRP group 1?

(R1: show standby)

B. 4000.0000.0010

======================================

VTPv3 LAB:

1. You are connecting the New_Switch to the LAN topology; the switch has been partially configured and you need to complete the rest of configuration to enable PC1 communication with PC2. Which of the configuration is correct?

(SW1: show vtp status)

Answer:

vtp domain CCNP
vtp password cisco
vtp version 3
vtp mode client
interface e0/0
switchport mode access
switchport access vlan 100

2. Refer to the configuration. For which configured VLAN are untagged frames sent over trunk between SW1 and SW2?

(SW1 , SW2: show interfaces trunk)

B. VLAN 99

3. You are adding new VLANs: VLAN500 and VLAN600 to the topology in such way that you need to configure SW1 as primary root for VLAN 500 and secondary for VLAN 600 and
SW2 as primary root for VLAN 600 and secondary for VLAN 500. Which configuration step is valid?

(SW1 , SW2: show vtp status)

Answer:

Configure VLAN 500 & VLAN 600 on both SW1 & SW2

4. You are required to configure private VLANs for a new server deployment connecting to the SW4 switch. Which of the following configuration steps will allow creating private VLANs?

Answer: Disable VTP pruning on SW4 only

======================================

LACP with STP

Switch A:

config terminal
spanning-tree vlan 11-13,21-23 root primary

vlan 21
name Marketing
exit
vlan 22
name Sales
exit
vlan 23
name Engineering
exit

interface range fa0/3 – 4
shutdown
no switchport mode access
no switchport access vlan 98
switchport mode trunk
switchport trunk allowed vlan 1,21-23
switchport trunk native vlan 99
channel-group 1 mode active
channel-protocol lacp
exit

Switch B:

config terminal
vtp mode transparent
spanning-tree mode rapid-pvst

vlan 21
name Marketing
exit
vlan 22
name Sales
exit
vlan 23
name Engineering
exit
vlan 99
name TrunkNative
exit

interface range fa0/9 – 10
switchport mode access
switchport access vlan 21
spanning-tree portfast
no shutdown
exit

interface range fa0/13 – 14
switchport mode access
switchport access vlan 22
spanning-tree portfast
no shutdown
exit

interface range fa0/15 – 16
switchport mode access
switchport access vlan 23
spanning-tree portfast
no shutdown
exit

ip default-gateway 192.168.1.1

interface vlan 1
ip address 192.168.1.11 255.255.255.0
no shutdown
exit

interface range fa0/3 – 4
shutdown
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 1,21-23
switchport trunk native vlan 99
channel-group 1 mode passive
channel-protocol lacp

Switch A , B:

interface range fa0/3 – 4
no shutdown
exit
copy running-config startup-config

@M.Shanin
Thanks for sharing. Just got Premium today. Plan to take exam before the 2/23 deadline. Hope I can be ready in time.

*************************************************************************************Please confirm if you pass the exam and if the questions you wrote @ M. Shahin come (My exam is Friday)**********************************************************************************************************************************************************************************************************************************************

PLEASE CONFIRM IF YOU PASS THE EXAM AND IF THE QUESTION YOU WROTE @ M. Shahin COME (My exam is Friday)

passed today
i use 954q, 100% valid

Hi Gelato,

Congratulations for Passing CCNP Switch.

May I ask if you can verify if the DND and Labs below are correct?

Drag and Drop

VSS and Stack

VSS:

1. Can be used even in geographically distributed equipment
2. Is supported only on line 4500 and 6500 + uses 10Gbps interfaces
Stack:
3. Can be connected in up to 9 devices + is supported only on line 3750 and (2960/3650/3850/3750+)
4. Uses proprietary cable for connection[/am4show

Stack:

1. Can be connected in up to 9 devices
2. Is supported only on line 3750 and (2960/3650/3850/3750+)
3. Uses proprietary cable for connection[/am4show]

HSRP vs VRRP

HSRP:

1. Requires a unique IP address to use as the virtual IP Address
2. Uses multicast address 244.0.0102
3. Uses a virtual MAC address that begin with 0000.0C9F.F000

VRRP:

1. Uses ip protocol 112
2. Uses Physical IP address of the interface as the virtual IP address
3. Tracks the reachability of an IP address

======================================

HSRP LAB:

1. What percentage of the outgoing traffic from the 172.16.10.0/24 subnet is being forwarded through R1?

(R1: show standby)

D. R1-100%

2. If router R1 interface Etherne0/0 goes down and recovers, which of the statement regarding HSRP priority is true?

(R1: show runnning-config)

C. The interface will have its current priority incremented by 40 for HSRP group 1

3. What issue is causing Router R1 and R2 to both be displayed as the HSRP active router for group 2?

(R1 , R2: show running-config

B. The HSRP group authentication is misconfigured

4. What is the virtual mac-address of HSRP group 1?

(R1: show standby)

B. 4000.0000.0010

======================================

VTPv3 LAB:

1. You are connecting the New_Switch to the LAN topology; the switch has been partially configured and you need to complete the rest of configuration to enable PC1 communication with PC2. Which of the configuration is correct?

(SW1: show vtp status)

Answer:

vtp domain CCNP
vtp password cisco
vtp version 3
vtp mode client
interface e0/0
switchport mode access
switchport access vlan 100

2. Refer to the configuration. For which configured VLAN are untagged frames sent over trunk between SW1 and SW2?

(SW1 , SW2: show interfaces trunk)

B. VLAN 99

3. You are adding new VLANs: VLAN500 and VLAN600 to the topology in such way that you need to configure SW1 as primary root for VLAN 500 and secondary for VLAN 600 and
SW2 as primary root for VLAN 600 and secondary for VLAN 500. Which configuration step is valid?

(SW1 , SW2: show vtp status)

Answer:

Configure VLAN 500 & VLAN 600 on both SW1 & SW2

4. You are required to configure private VLANs for a new server deployment connecting to the SW4 switch. Which of the following configuration steps will allow creating private VLANs?

Answer: Disable VTP pruning on SW4 only

======================================

LACP with STP

Switch A:

config terminal
spanning-tree vlan 11-13,21-23 root primary

vlan 21
name Marketing
exit
vlan 22
name Sales
exit
vlan 23
name Engineering
exit

interface range fa0/3 – 4
shutdown
no switchport mode access
no switchport access vlan 98
switchport mode trunk
switchport trunk allowed vlan 1,21-23
switchport trunk native vlan 99
channel-group 1 mode active
channel-protocol lacp
exit

======================================

Switch B:

config terminal
vtp mode transparent
spanning-tree mode rapid-pvst

vlan 21
name Marketing
exit
vlan 22
name Sales
exit
vlan 23
name Engineering
exit
vlan 99
name TrunkNative
exit

interface range fa0/9 – 10
switchport mode access
switchport access vlan 21
spanning-tree portfast
no shutdown
exit

interface range fa0/13 – 14
switchport mode access
switchport access vlan 22
spanning-tree portfast
no shutdown
exit

interface range fa0/15 – 16
switchport mode access
switchport access vlan 23
spanning-tree portfast
no shutdown
exit

ip default-gateway 192.168.1.1

interface vlan 1
ip address 192.168.1.11 255.255.255.0
no shutdown
exit

interface range fa0/3 – 4
shutdown
switchport trunk encapsulation dot1q
switchport mode trunk
switchport trunk allowed vlan 1,21-23
switchport trunk native vlan 99
channel-group 1 mode passive
channel-protocol lacp

======================================

Switch A , B:

interface range fa0/3 – 4
no shutdown
exit
copy running-config startup-config

Thank you in Advance.

Hi all. My exam is in 12 hours. I’ll let you know how it was and the questions I got.

Hi CCNP-Switch,

Thank you and Good Luck!

Switch B:

config terminal
vtp mode transparent
spanning-tree mode rapid-pvst

vlan 21
name Marketing
exit
vlan 22
name Sales
exit
vlan 23
namde Engineering
exit
vlan 99
name TrunkNative
exit

who knows the correct answer, those who have passed.
1. A question about HSRP identifier at data link layer?

A. MAC address
B. virtual IP address
C. standby group

Just passed and heading home, finally!!
Lab sim and dump are good
All the best guys

Hi Guer,

Congratulations on Passing CCNP Switch!

Can you confirm if the DND below is the one you had?

Drag and Drop

VSS and Stack

VSS:

1. Combines exactly two devices
2. Supported on Cisco 4500 and 6500 series
3. Supported devices that are geographically separated

Stack:

1. Supported on Cisco 3750 and 3850 devices
2. Supported up to nine devices
3. Uses proprietary cabling

HSRP vs VRRP

HSRP:

1. MAC Address used – 000.0c9f.f000 to 0000.09c.ffff
2. Multicast address 224.0.0.102
3. Uses only one virtual IP Address

VRRP:

1. IP Protocol 112
2. Track Interfaced
3. Uses Physical Interface

Hi Guys, need your help. Thanks a lot

A network engineer wants to ensure Layer 2 isolation of customer traffic using a private VLAN. Which configuration must be made before the private VLAN is configured?

A. Disable VTP and manually assign VLANs.
B. Ensure all switches are configured as VTP server mode.
C. Configure VTP Transparent Mode.
D. Enable VTP version 3.

Ans: ???