New Updated Cisco CCNP 642-813 Real Exam Download 131-140

Ensurepass

QUESTION 131

clip_image002

 

Correct Answer:

clip_image004

 

QUESTION 132

clip_image006

 

Correct Answer:

clip_image008

 

 

QUESTION 133

clip_image010

 

Correct Answer:

clip_image012

 

 

QUESTION 134

clip_image014

 

Correct Answer:

clip_image016

 

 

QUESTION 135

clip_image018

 

Correct Answer:

clip_image020

 

 

QUESTION 136

Refer to the Exhibit.

clip_image022

The information of the question

You will configure FastEthernet ports 0/12 through 0/24 for users who belong to VLAN 20. Also, all VLAN and VTP configurations are to be completed in global configuration mode as VLAN database mode is being deprecated by Cisco. You are required to accomplish the following tasks:

 

1.         Ensure the switch does not participate in VTP but forwards VTP advertisements received on

trunk ports.

2.         Ensure all non-trunking interfaces (Fa0/1 to Fa0/24) transition immediately to the

forwarding state of Spanning-Tree.

3.         Ensure all FastEthernet interfaces are in a permanent non-trunking mode.

4.         Place FastEthernet interfaces 0/12 through 0/24 in VLAN 20

 

Correct Answer:

switch# conf t

switch(config)# vtp mode transparent

switch(config)# interface range fa0/1 – 24

switch(config-if-range)# switchport mode access

switch(config-if-range)# spanning-tree portfast

switch(config)# interface range fa0/12 – 24

switch(config-if-range)# switchport access vlan 20

switch(config-if-range)# end

switch# copy running-config startup-config

QUESTION 137

The headquarter offices for a book retailer are enhancing their wiring closets with Layer3 switches. The new distribution-layer switch has been installed and a new access-layer switch cabled to it. Your task is to configure VTP to share VLAN information from the distribution-layer switch to the access-layer devices. Then, it is necessary to configure interVLAN routing on the distribution layer switch to route traffic between the different VLANs that are configured on the access-layer switches; however, it is not necessary for you to make the specific VLAN port assignments on the access-layer switches. Also, because VLAN database mode is being deprecated by Cisco, all VLAN and VTP configurations are to be completed in the global configuration mode. Please reference the following table for the VTP and VLAN information to be configured:

 

clip_image024

 

Requirements:

clip_image025

 

These are your specific tasks:

 

1.       Configure the VTP information with the distribution layer switch as the VTP server

2.       Configure the VTP information with the access layer switch as a VTP client

3.       Configure VLANs on the distribution layer switch

4.       Configure inter-VLAN routing on the distribution layer switch

5.       Specific VLAN port assignments will be made as users are added to the access layer switches in the future.

6.       All VLANs and VTP configurations are to completed in the global configuration. To configure the switch click on the host icon that is connected to the switch be way of a serial console cable.

 

Correct Answer:

DLSwitch# conf t

DLSwitch(config)# vtp mode server

DLSwitch(config)# vtp domain cisco

DLSwitch(config)# vlan 20

DLSwitch(config)# vlan 21

DLSwitch(config)# int vlan 20

DLSwitch(config-if)# ip address 172.16.236.1 255.255.255.0

DLSwitch(config-if)# no shutdown

DLSwitch(config-if)# exit

DLSwitch(config)# int vlan 21

DLSwitch(config-if)# ip address 172.16.170.1 255.255.255.0

DLSwitch(config-if)# no shutdown

DLSwitch(config-if)# exit

DLSwitch(config)# ip routing

DLSwitch(config)# end

DLSwitch# copy running-config startup-config

 

 

QUESTION 138

Refer to the Exhibit.

 

clip_image027

 

Online Incorporated is an internet game provide. The game service network had recently added an additional switch block with multiple VLANs configured. Unfortunately, system administrators neglected to document the spanning-tree topology during configuration. For baseline purpose, you will be required to identify the spanning-tree topology for the switch block. Using the output of “show spanning-tree” command on switch SW-C and the provided physical topology, answer the following questions:

Beware: VLAN number can change.

 

clip_image028

 

Question 1

Which spanning Tree Protocol has been implemented on SW-B?

 

A.        STP/IEEE 802.1D

B.        MSTP/IEEE 802.1s

C.        PVST+

D.        PVRST

E.         None of the above

 

Correct Answer: C

 

 

Question 2

Which bridge ID belongs to SW-B?

 

A.      24623.000f.34f5.0138

B.      32768.000d.bd03.0380

C.      32768.000d.65db.0102

D.      32769.000d.65db.0102

E.       32874.000d.db03.0380

F.       32815.000d.db03.0380

 

Correct Answer: A

 

 

Question 3

Which port role has interface Fa0/2 of SW-A adopted for VLAN 47?

 

A.      Root port

B.      Nondesigned port

C.      Designated port

D.      Backup port

E.       Alternate port

 

Correct Answer: C

 

 

Question 4

Which port state is interface Fa0/2 of SW-B in for VLANs 1 and 106?

 

A.      Listening

B.      Learning

C.      Disabled

D.      Blocking

E.       Forwarding

F.       Discarding

 

Correct Answer: D

 

 

Question 5

Which bridge ID belongs to SW-A?

 

A.      24623.000f.34f5.0138

B.      32768.000d.bd03.0380

C.      32768.000d.65db.0102

D.      32769.000d.65db.0102

E.       32874.000d.db03.0380

F.       32815.000d.db03.0380

 

Correct Answer: D

 

 

QUESTION 139

Refer to the Exhibit.

 

clip_image030

 

Acme is a small shipping company that has an existing enterprise network comprised of 2 switches DSW1 and ASW2. The topology diagram indicates their layer 2 mapping. VLAN 40 is a new VLAN that will be used to provide the shipping personnel access to the server. For security reasons, it is necessary to restrict access to VLAN 20 in the following manner:

 

Ÿ   Users connecting to ASW1’s port must be authenticate before they are given access to the network.

Ÿ   Authentication is to be done via a Radius server:

Ÿ   Radius server host: 172.120.39.46

Ÿ   Radius key: rad123

Ÿ   Authentication should be implemented as close to the host device possible.

Ÿ   Devices on VLAN 20 are restricted to in the address range of 172.120.40.0/24.

Ÿ   Packets from devices in the address range of 172.120.40.0/24 should be passed on VLAN 20.

Ÿ   Packets from devices in any other address range should be dropped on VLAN 20.

Ÿ   Filtering should be implemented as close to the server farm as possible.

 

The Radius server and application servers will be installed at a future date. You have been tasked with implementing the above access control as a pre-condition to installing the servers.

You must use the available IOS switch features.

 

Correct Answer:

Step1: Console to ASW1 from PC console 1

ASW1(config)# aaa new-model

ASW1(config)# radius-server host 172.120.39.46 key rad123

ASW1(config)# aaa authentication dot1x default group radius

ASW1(config)# dot1x system-auth-control

ASW1(config)# int fastEthernet 0/1

ASW1(config-if)# switchport mode access

ASW1(config-if)# dot1x port-control auto

ASW1(config-if)# end

 

ASW1# copy running-config startup-config

 

Step2: Console to DSW1 from PC console 2

DSW1(config)# ip access-list standard 10

DSW1(config-ext-nacl)# permit 172.120.40.0 0.0.0.255

DSW1(config-ext-nacl)# exit

DSW1(config)# vlan access-map PASS 10

DSW1(config-access-map)# match ip address 10

DSW1(config-access-map)# action forward

DSW1(config-access-map)# exit

DSW1(config)# vlan access-map PASS 20

DSW1(config-access-map)# action drop

DSW1(config-access-map)# exit

DSW1(config)# vlan filter PASS vlan-list 20

DSW1(config)# exit

 

DSW1# copy running-config startup-config

 

 

QUESTION 140

Acme is small export company that has an existing enterprise network comprised of 5 switches; CORE, DSW1, DSW2, ASW1 and ASW2. The topology diagram indicates their desired pre-VLAN spanning tree mapping. Previous configuration attempts have resulted in the following issues:

 

Ÿ   CORE should be the root bridge for VLAN 20; however, DSW1 is currently the root bridge for VLAN 20.

Ÿ   Traffic for VLAN 30 should be forwarding over the gig 1/0/6 trunk port between DSW1 and DSW2. However VLAN 30 is currently using gig 1/0/5.

Ÿ   Traffic for VLAN 40 should be forwarding over the gig 1/0/5 trunk port between DSW1 and DSW2. However VLAN 40 is currently using gig 1/0/6.

 

You have been tasked with isolating the cause the these issuer and implementing the appropriate solutions. You task is complicated by the fact that you only have full access to DSW1, with isolating the cause of these issues and implementing the appropriate solutions, Your task is complicated by the fact that you only have full access to DSW1, with the enable secret password cisco. Only limited show command access is provided on CORE, and DSW2 using the enable 2 level with a password of acme. No configuration changes will be possible on these routers. No access is provided to ASW1 or ASW2.

 

clip_image032

clip_image034

clip_image036

clip_image038

clip_image040

clip_image042

 

Correct answer:

DSW1# conf t

DSW1(config)# spanning-tree vlan 20 priority 61440

 

DSW1(config)# int g1/0/5

DSW1(config-if)# spanning-tree vlan 40 cost 1

DSW1(config-if)# no shut

DSW1(config-if)# exit

 

DSW1(config)# int g1/0/6

DSW1(config-if)# spanning-tree vlan 30 port-priority 64

DSW1(config-if)# no shut

DSW1(config-if)# end

 

DSW1# copy running-config startup-config

 

Verification:

DSW1# show spanning-tree vlan 20

DSW1# show spanning-tree vlan 40

DSW2# show spanning-tree vlan 30

 

Download Latest Complete Collection of CCNP 642-813 Real Exam ,help you to pass exam 100%.

Ensurepass Cisco Certifications Exam Questions and Answers
Ensurepass CCNP Exams Questions and Answers

 

Leave a Reply