VLANs and Inter-VLAN Routing
Examen 6
1. Refer to the exhibit. Which three statements describe the
network design shown in the exhibit? (Choose three.)
This +design will not scale easily.
The router merges the VLANs into a single broadcast domain.
+This design uses more switch and router ports than are necessary.
This design exceeds the maximum number of VLANs that can be attached to a switch.
This design requires the use of the ISL or 802.1q protocol on the links between the switch and the router.
+If the physical interfaces between the switch and router are operational, the
devices on the different VLANs can communicate through the router.
2. A router has two FastEthernet interfaces and needs to connect to
four VLANs in the local network. How can this be accomplished
using the fewest number of physical interfaces without
unnecessarily decreasing network performance? –+Implement a router-on-a-stick configuration.
Add a second router to handle the inter-VLAN traffic.
Use a hub to connect the four VLANS with a FastEthernet interface on the router.
Interconnect the VLANs via the two additional FastEthernet interfaces.
3. Refer to the exhibit. All devices are configured as shown in the
exhibit. PC2 can successfully ping the F0/0 interface on R1. PC2
cannot ping PC1. What might be the reason for this failure?
R1 interface F0/1 has not been configured for subinterface operation.
S1 interface F0/6 needs to be configured for operation in VLAN10.
+S1 interface F0/8 is in the wrong VLAN.
S1 port F0/6 is not in VLAN10.
4. Refer to the exhibit. The commands for a router to connect to a trunked uplink are shown in the exhibit. A packet is received from
IP address 192.168.1.54. The packet destination address is
192.168.1.120. What will the router do with this packet?
The router will forward the packet out interface FastEthernet 0/1.1 tagged for VLAN 10.
-The router will forward the packet out interface FastEthernet 0/1.2 tagged for VLAN 60.
The router will forward the packet out interface FastEthernet 0/1.3 tagged for VLAN 120.
The router will not process the packet since the source and destination are
on the same subnet.
The router will drop the packet since no network that includes the source address is attached to the router.
5. What distinguishes traditional routing from router-on-a-stick?
Traditional routing is only able to use a single switch interface. Router-on-a- stick can use multiple switch interfaces.
Traditional routing requires a routing protocol. Router-on-a-stick only needs
to route directly connected networks.
-Traditional routing uses one port per logical network. Router-on-a-stick uses subinterfaces to connect multiple logical networks to a single router port.
Traditional routing uses multiple paths to the router and therefore requires STP. Router-on-a-stick does not provide multiple connections and therefore eliminates the need for STP.
6. Which statement is true about ARP when inter-VLAN routing is
being used on the network?
When router-on-a-stick inter-VLAN routing is in use, each subinterface has a
separate MAC address to send in response to ARP requests.
When VLANs are in use, the switch responds to ARP requests with the MAC address of the port to which the PC is connected.
-When router-on-a-stick inter-VLAN routing is in use, the router returns the MAC address of the physical interface in response to ARP requests.
When traditional inter-VLAN routing is in use, devices on all VLANs use the
same physical router interface as their source of proxy ARP responses.
7. What two statements are true regarding the use of subinterfaces
for inter-VLAN routing? (Choose two.)
subinterfaces have no contention for bandwidth
more switch ports required than in traditional inter-VLAN routing — —fewer router ports required than in traditional inter-VLAN routing 
simpler Layer 3 troubleshooting than with traditional inter-VLAN routing
-less complex physical connection than in traditional inter-VLAN routing
8. Which three elements must be used when configuring a router
interface for VLAN trunking? (Choose three.)
-one subinterface per VLAN
one physical interface for each subinterface
-one IP network or subnetwork for each subinterface
one trunked link per VLAN
a management domain for each subinterface
-a compatible trunking protocol encapsulation for each subinterface
9. Refer to the exhibit. Which two statements are true about the
operation of the subinterfaces? (Choose two.)
-Incoming traffic that has a VLAN ID of 2 is processed by subinterface
fa0/0.2.
Incoming traffic with VLAN ID 0 is processed by interface fa0/0.
Subinterfaces use unique MAC addresses by adding the 802.1Q VLAN ID to the hardware address.
-Traffic inbound on this router is processed by different subinterfaces,
depending on the VLAN from which the traffic originated.
Reliability of both subinterfaces is poor because ARP is timing out.
Both subinterfaces remain up with line protocol up, even if fa0/0 line
protocol is down.
10. Refer to the exhibit. Port Fa0/0 on router R1 is connected to
port Fa0/1 on switch S1. After the commands shown are entered on both devices, the network administrator determines that the devices
on VLAN 2 are unable to ping the devices on VLAN 1. What is the
likely problem?
-R1 is configured for router-on-a-stick, but S1 is not configured for trunking. R1 does not have the VLANs entered in the VLAN database.
Spanning Tree Protocol is blocking port Fa0/0 on R1.
The subinterfaces on R1 have not been brought up with the no shutdown command yet.
11. Refer to the exhibit. PC1 has attempted to ping PC2 but has
been unsuccessful. What could account for this failure? PC1 and R1 interface F0/0.1 are on different subnets.
The encapsulation is missing on the R1 interface F0/0.
An IP address has not been assigned to the R1 physical interface.
-The encapsulation command on the R1 F0/0.3 interface is incorrect.
12. Refer to the exhibit. R1 is routing between networks
192.168.10.0/28 and 192.168.30.0/28. PC1 can ping R1 interface
F0/1, but cannot ping PC3. What is causing this failure?
PC1 and PC3 are not in the same VLAN.
-The PC3 network address configuration is incorrect.
The S1 interface F0/11 should be assigned to VLAN30.
The F0/0 and F0/1 interfaces on R1 must be configured as trunks.
13. Devices on the network are connected to a 24-port Layer 2
switch that is configured with VLANs. Switch ports 0/2 to 0/4 are
assigned to VLAN 10. Ports 0/5 to 0/8 are assigned to VLAN 20, and
ports 0/9 to 0/12 are assigned to VLAN 30. All other ports are
assigned to the default VLAN. Which solution allows all VLANs to
communicate between each other while minimizing the number of
ports necessary to connect the VLANs?
Configure ports 0/13 to 0/16 with the appropriate IP addresses to perform routing between VLANs.
-Add a router to the topology and configure one FastEthernet interface on
the router with multiple subinterfaces for VLANs 1, 10, 20, and 30.
Obtain a router with multiple LAN interfaces and configure each interface for a separate subnet, thereby allowing communication between VLANs.
Obtain a Layer 3 switch and configure a trunk link between the switch and
router, and configure the router physical interface with an IP address on the
native VLAN.
14. Which two statements are true about the interface fa0/0.10
command? (Choose two.)
The command applies VLAN 10 to router interface fa0/0.
The command is used in the configuration of router-on-a-stick inter-VLAN routing.
-The command configures a subinterface.
The command configures interface fa0/0 as a trunk link.
Because the IP address is applied to the physical interface, the command does not include an IP address.
15. Refer to the exhibit. What two conclusions can be drawn from
the output that is shown? (Choose two.)
The no shutdown command has not been issued on the FastEthernet 0/0 interface.
Both of the directly connected routes that are shown will share the same physical interface of the router.
A routing protocol must be configured on the network in order for the inter-
VLAN routing to be successful.
-Inter-VLAN routing between hosts on the 172.17.10.0/24 and 172.17.30.0/24 networks is successful on this network.
Hosts in this network must be configured with the IP address that is
assigned to the router physical interface as their default gateway.
16. What are the steps which must be completed in order to enable
inter-VLAN routing using router-on-a-stick?
Configure the physical interfaces on the router and enable a routing
p r o to c o l .
Create the VLANs on the router and define the port membership assignments on the switch.
Create the VLANs on the switch to include port membership assignment and enable a routing protocol on the router.
-Create the VLANs on the switch to include port membership assignment and configure subinterfaces on the router matching the VLANs.
17. Refer to the exhibit. The network administrator correctly
configures RTA to perform inter-VLAN routing. The administrator
connects RTA to port 0/4 on SW2, but inter-VLAN routing does not
work. What could be the possible cause of the problem with the
SW2 configuration?
Port 0/4 is not active.
Port 0/4 is not a member of VLAN1.
-Port 0/4 is configured in access mode.
Port 0/4 is using the wrong trunking protocol.
18. What is important to consider while configuring the
subinterfaces of a router when implementing inter-VLAN routing?
The physical interface must have an IP address configured.
The subinterface numbers must match the VLAN ID number.
The no shutdown command must be given on each subinterface.
-The IP address of each subinterface must be the default gateway address for each VLAN subnet.
19. in which situation could individual router physical interfaces be
used for InterVLAN routing, instead of a router-on-a-stick
configuration?
a network with more than 100 subnetworks
-a network with a limited number of VLANs
a network with experienced support personnel
a network using a router with one LAN interface
20. Refer to the exhibit. Switch1 is correctly configured for the
VLANs that are displayed in the graphic. The configuration that is
shown was applied to RTA to allow for interVLAN connectivity
between hosts attached to Switch1. After testing the network, the
administrator logged the following report:
Hosts within each VLAN can communicate with each other.
Hosts in VLAN5 and VLAN33 are able to communicate with each other.
Hosts connected to Fa0/1 through Fa0/5 do not have connectivity to host in other VLANs.
Why are hosts connected to Fa0/1 through Fa0/5 unable to
communicate with hosts in different VLANs?
The router interface is shut down.
The VLAN IDs do not match the subinterface numbers.
All of the subinterface addresses on the router are in the same subnet.
-The router was not configured to forward traffic for VLAN2.
The physical interface, FastEthernet0/0, was not configured with an IP address.
Examen 7
1. Which two conditions have favored adoption of 802.11g over
802.11a? (Choose two.)
-802.11a suffers from a shorter range than 802.11g.
The 2.4 GHz frequency band is not as crowded as the 5 GHz band.
802.11a is more susceptible to RF interference from common commercial items.
802.11a uses a more expensive modulation technique than 802.11g.
-802.11g is backward compatible with 802.11b, but 802.11a is not.
2. Which two statements concerning network security are accurate?
(Choose two.)
802.11i uses 3DES for encryption.
-Open authentication uses no client or AP verification. The 802.11i protocol is functionally identical to WPA.
-802.11i incorporates a RADIUS server for enterprise authentication.
A wireless client first associates with an AP and then authenticates for network access.
3. Which installation method will allow connectivity for a new
wireless network?
set up WEP on the access point only
-set up open access on both the access point and each device connected to it
set up full encryption on the access point while leaving each device
connected to the network open
set up full encryption on each device of the WLAN while leaving the access
point settings open
4. Refer to the exhibit. When configuring the wireless access point, which setting does the network administrator use to configure the
unique identifier that client devices use to distinguish this wireless
network from others?
Network Mode
-Network Name (SSID)
Radio Band
Wide Channel
Standard Channel
5. Which two statements are true regarding wireless security?
(Choose two.)
MAC address filtering prevents the contents of wireless frames from being
viewable.
Providing a wireless client with the network key allows an available network to be visible.
Disabling an access point from broadcasting the SSID prevents the access point from being discovered.
-Default SSIDs on specific manufacturer APs are generally known and may permit hostile wireless connections.
-Manually adding a network and setting the known SSID on a wireless client makes the network visible even if the SSID is not being broadcast.
6. Wireless users on a network complain about poor performance within a small area of a room. Moving away from this area in any
direction improves performance dramatically. What is the first step
in designing a solution to this problem?
-This might be RF channel overlap, so the technician should verify the
channels in use on each wireless access point and change to non-
overlapping channels.
The RF power settings might be set too low on the wireless access points
servicing the room. Increase the RF output power on all wireless access
points.
Install a new wireless access point in this center area to provide coverage.
Verify that the wireless access points have sufficient in-line power and connectivity to the wired network.
7. Which three devices do many wireless routers incorporate?
(Choose three.)
-gateway for connecting to other network infrastructures
built-in Ethernet switch
network management station
VTP server
-wireless access point
VPN concentrator
8. Which access method does a wireless access point use to allow
for multiple user connectivity and distributed access?
CSMA/CD
token passing
-SMA/CA
polling
9. Why is security so important in wireless networks? Wireless networks are typically slower than wired networks.
Televisions and other devices can interfere with wireless signals.
-Wireless networks broadcast data over a medium that allows easy access. Environmental factors such as thunderstorms can affect wireless networks.
10. Which wireless technology standard provides the most
compatibility with older wireless standards, but has greater
performance?
802.11a 802.11b 802.11g
-802.11n
11. Which two statements characterize wireless network security?
(Choose two.)
-A rogue access point represents a security risk for the local network. Wireless networks offer the same security features as wired networks.
Using encryption prevents unauthorized clients from associating with an
access point.
An attacker needs physical access to at least one network device to launch an attack.
-With SSID broadcast disabled, an attacker must sniff the SSID before being
able to connect.
12. Which network design process identifies where to place access
points?
-site survey
risk assessment
scalability design
network protocol analysis
13. What wireless security feature allows a network administrator
to configure an access point with wireless NIC unique identifiers so
that only these NICs can connect to the wireless network?
authentication
SSID broadcasting
-MAC address filtering
EAP (Extensible Authentication Protocol)
Radius (Remote Authentication Dial-In User Service)
14. What will a wireless client transmit to discover the available
WLAN networks?
beacon
password
-probe request
association request
15. In a WLAN network, why should wireless access points be
implemented with each access point using a different channel?
to keep users segregated on separate subnets
to control the amount of bandwidth that is utilized
-to keep signals from interfering with each other
to keep traffic secure
16. What purpose does authentication serve in a WLAN?
converts clear text data before transmission
indicates which channel the data should flow on
-determines that the correct host is utilizing the network
allows the host to choose which channel to use
17. What occurs when a rogue access point is added to a WLAN?
Authorized access points can transmit excess traffic to rogue access points to help alleviate congestion.
-Unauthorized users can gain access to internal servers, thus causing a
security hole.
All traffic that uses the same channel as the rogue access point will be encrypted.
All traffic that uses the same channel as the rogue access point will be
required to authenticate.
18. What procedure can prevent man-in-the-middle attacks?
-Force all devices on a WLAN to authenticate and monitor for any unknown devices.
Enable access points to send an SSID to each device wanting to use the network.
Configure MAC filtering on all authorized access points. Disable SSID broadcasts.
19. Which function is provided by a wireless access point?
dynamically assigns an IP address to the host
provides local DHCP services
-converts data from 802.11 to 802.3 frame encapsulation
provides a gateway for connecting to other networks
20. Which major problem does CSMA/CA overcome in wireless
networks?
bandwidth saturation
privacy concerns
-media contention
device interoperability
21. What does a wireless access point use to allow WLAN clients to
learn which networks are available in a given area?
association response .
-beacon
k ey
probe request