Cisco 642-813 Study Guide Book, New Release Cisco 642-813 Exam Guide Are The Best Materials

Important Info — Cisco 642-813 new study guide are designed to help you pass the exam in a short time.Everything you need can be found in the new version Cisco 642-813 exam dumps.Visit Flydumps.com to get more valid information.

QUESTION 96
Refer to the exhibit. What happens when the switch SW2 is connected to the rest of the network in the VTP domain Lab_Network?

A. The recently introduced switch SW2 adds one more VLAN to the VLAN database in the VTP domain.
B. The recently introduced switch SW2 creates a STP loop in the VTP domain.
C. The recently introduced switch SW2 removes all configured VLANs throughout the VTP domain.
D. The recently introduced switch SW2 switches over to VTP transparent mode in order to be included into the VTP domain.
E. A trunk should be configured between the two switches in order to integrate SW2 into the VTP domain.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 97
A campus infrastructure supports wireless clients via Cisco Aironet AG Series 1230, 1240, and 1250 access points. With DNS and DHCP configured, the 1230 and 1240 access points appear to boot and operate normally; however, the 1250 access points do not seem to operate correctly. What is the most likely issue causing this problem?
A. DHCP with option 150
B. DHCP with option 43
C. PoE
D. DNS
E. switch port does not support gigabit speeds

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 98
A standalone wireless AP solution is being installed into the campus infrastructure. The access points appear to boot correctly, however, wireless clients are not obtaining correct access. You verify that the local switch configuration connected to the access point appears as the following:
interface ethernet 0/1 switchport access vlan 10 switchport mode access spanning-tree portfast mls qos trust dscp
What is the most likely issue causing the problem?
A. QoS trust should not be configured on a port attached to a standalone AP.
B. QoS trust for switchport mode access should be defined as “cos”.
C. switchport mode should be defined as “trunk” with respective QoS.
D. switchport access vlan should be defined as “1”.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 99
Wireless has been operating correctly in the campus infrastructure. After the wireless controllers are upgraded from LWAPP to CAPWAP, access points no longer boot and operate normally. What is the most likely issue causing this problem?
A. VLAN assignments
B. DHCP option 43
C. PoE
D. ACL
E. QoS

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 100
A network is deployed using best practices of the enterprise campus network model, including users with desktop computers connected via IP phones. Given that all components are QoS-capable, where are the two optimal locations for trust boundaries to be configured by the network administrator? (Choose two.)
A. host
B. IP phone
C. access layer switch
D. distribution layer switch
E. core layer switch

Correct Answer: BC Section: (none) Explanation
Explanation/Reference: QUESTION 101
During voice implementation, which two required items are configured at an access layer switch connected to an IP phone to provide VoIP communication? (Choose two.)
A. allowed codecs
B. native VLAN
C. auxiliary VLAN
D. Cisco Unified Communications Manager IP address
E. RSTP

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 102
Which two networking infrastructure characteristics are most likely to distinguish video requirements (such as Cisco TelePresence) from voice requirements? (Choose two.)
A. jitter
B. delay
C. PoE
D. bandwidth
E. packet loss

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 103
Which two items are most important for managing the long-term success of high availability? (Choose two.)
A. completing aggressive implementation schedule
B. Stateful Switchover
C. company and user expectations
D. Nonstop Forwarding
E. change control processes
F. dual devices and dual links

Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 104
When planning high availability, which two components are important to minimize the effect of outages? (Choose two.)
A. work staff attributes, such as skills and communication
B. redundancy, to prevent single points of failure
C. processes, such as documentation, change control, and labs
D. appropriate technology, such as hardware and software
E. tools, such as those for monitoring and reporting

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 105
Which item is the most important factor during deployment of high-availability features?
A. Test major changes before deployment and defer minor changes until during deployment.
B. Document and verify rollback procedures.
C. Ensure consistency of code versions across the network.
D. Progressively modify procedures and documentation during implementation.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 106
Which two statements best describe Cisco IOS IP SLA? (Choose two.)
A. only implemented between Cisco source and destination-capable devices
B. statistics provided by syslog, CLI, and SNMP
C. measures delay, jitter, packet loss, and voice quality
D. only monitors VoIP traffic flows
E. provides active monitoring
F. provides passive monitoring

Correct Answer: CE Section: (none) Explanation
Explanation/Reference:
QUESTION 107
Which two items best describe a Cisco IOS IP SLA responder? (Choose two.)
A. required at the destination to implement Cisco IOS IP SLA services
B. improves measurement accuracy
C. required for VoIP jitter measurements
D. provides security on Cisco IOS IP SLA messages via LEAP or EAP-FAST authentication
E. responds to one Cisco IOS IP SLA operation per port
F. stores the resulting test statistics

Correct Answer: BC Section: (none) Explanation
Explanation/Reference: QUESTION 108
To initiate testing, which port does a Cisco IOS IP SLA source use to send a control message to an IP SLA responder?
A. UDP port 2020
B. UDP port 1967
C. TCP port 2020
D. ICMP port 1967

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 109
Which statement best describes Cisco supervisor engine redundancy using Stateful Switchover?
A. Redundancy provides fast supervisor switchover for all Cisco Catalyst 6500 series switches.
B. Switchover ensures that Layer 2 through Layer 4 traffic is not interrupted.
C. Switchover can be caused by clock synchronization failure between supervisors.
D. Redundancy requires BGP, OSPF, EIGRP, or IS-IS.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 110
Which two characteristics apply to Cisco Catalyst 6500 Series Switch supervisor redundancy using NSF? (Choose two.)
A. supported by RIPv2, OSPF, IS-IS, and EIGRP
B. dependent on FIB tables
C. supports IPv4 and IPv6 multicast
D. prevents route flapping
E. independent of SSO
F. NSF combined with SSO enables supervisor engine load balancing

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:

Our Cisco 642-813 with Explanations presents to you the most tried and tested methods of preparation for the actual exam. The Q and A provides a very detailed preparation for your exam preparation, giving you answers to the entire exam question with the added explanation of which answer is right and why. These answers are prepared by professionals who have had years of experience and are fully competent to give you the best and the most excellent way to prepare for your actual exam.

Cisco 642-813 Study Material, New Updated Cisco 642-813 Dumps PDF Latest Version PDF&VCE

Free Sharing –How to pass the Cisco 642-813 exam quickly? How to prepare for the changed exam? Free download Cisco 642-813   Exam practice test with all new exam questions.You can also get more new version on Flydumps.com

QUESTION 66
PassGuide is implementing 802.1X in order to increase network security. In the use of 802.1X access control, which three protocols are allowed through the switch port before authentication takes place? (Select three)
A. EAP-over-LAN
B. EAP MD5
C. STP
D. protocols not filtered by an ACL
E. CDP
F. TACACS+

Correct Answer: ACE Section: (none) Explanation
Explanation/Reference:
QUESTION 67
VLAN maps have been configured on switch PG1. Which of the following actions are taken in a VLAN map that does not contain a match clause?
A. Implicit deny feature at end of list.
B. Implicit deny feature at start of list.
C. Implicit forward feature at end of list
D. Implicit forward feature at start of list.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 68
A PassGuide switch was configured as shown below:
switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security mac-address 0002.0002.0002 switchport port-security violation shutdown
Given the configuration output shown above, what happens when a host with the MAC address of 0003.0003.0003 is directly connected to the switch port?
A. The host will be allowed to connect.
B. The port will shut down.
C. The host can only connect through a hub/switch where 0002.0002.0002 is already connected.
D. The host will be refused access.
E. None of the other alternatives apply
Correct Answer: A Section: (none) Explanation

Explanation/Reference:
QUESTION 69
You need to configure port security on switch PG1. Which two statements are true about this technology? (Select two)
A. Port security can be configured for ports supporting VoIP.
B. With port security configured, four MAC addresses are allowed by default. C. The network administrator must manually enter the MAC address for each device in order for the switch to allow connectivity.
C. With port security configured, only one MAC addresses is allowed by default.
D. Port security cannot be configured for ports supporting VoIP.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 70
The PassGuide is concerned about Layer 2 security threats. Which statement is true about these threats?
A. MAC spoofing attacks allow an attacking device to receive frames intended for a different network host.
B. Port scanners are the most effective defense against dynamic ARP inspection. C. MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable attack points.
C. Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP snooping attacks.
D. DHCP snooping sends unauthorized replies to DHCP queries.
E. ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection.
F. None of the other alternatives apply.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 71
An attacker is launching a DoS attack on the PassGuide network using a hacking tool designed to exhaust the IP address space available from the DHCP servers for a period of time. Which procedure would best defend against this type of attack?
A. Configure only trusted interfaces with root guard.
B. Implement private VLANs (PVLANs) to carry only user traffic.
C. Implement private VLANs (PVLANs) to carry only DHCP traffic.
D. Configure only untrusted interfaces with root guard.
E. Configure DHCP spoofing on all ports that connect untrusted clients. F. Configure DHCP snooping only on ports that connect trusted DHCP servers.
F. None of the other alternatives apply
Correct Answer: F Section: (none) Explanation

Explanation/Reference:
QUESTION 72
In order to enhance security on the PassGuide network, users must be authenticated using 802.1X. When authentication is required, where must 802.1X be configured in order to connect a PC to a switch?
A. Switch port and local router port
B. Switch port, client PC, and authentication server
C. Client PC only
D. Switch port only
E. None of the other alternatives apply

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 73
PassGuide has implemented 802.1X authentication as a security enhancement. Which statement is true about 802.1x port-based authentication?
A. TACACS+ is the only supported authentication server type.
B. If a host initiates the authentication process and does not receive a response, it assumes it is not authorized.
C. RADIUS is the only supported authentication server type.
D. Before transmitting data, an 802.1x host must determine the authorization state of the switch.
E. Hosts are required to have a 802.1x authentication client or utilize PPPoE.
F. None of the other alternatives apply.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 74
The DAI feature has been implemented in the PassGuide switched LAN. Which three statements are true about the dynamic ARP inspection (DAI) feature? (Select three)
A. DAI can be performed on ingress ports only.
B. DAI can be performed on both ingress and egress ports.
C. DAI is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports. D. DAI should be enabled on the root switch for particular VLANs only in order to secure the ARP caches of hosts in the domain.
D. DAI should be configured on all access switch ports as untrusted and on all switch ports connected to other switches as trusted.
E. DAI is supported on access and trunk ports only.

Correct Answer: ACE Section: (none) Explanation
Explanation/Reference: QUESTION 75
In the use of 802.1X access control, which three protocols are allowed through the switch port before authentication takes place? Select three.
A. STP
B. CDP
C. EAP MD5
D. TACACS+
E. EAP-over-LAN
F. protocols not filtered by an ACL

Correct Answer: ABE Section: (none) Explanation
Explanation/Reference:
QUESTION 76
As the network technician at PassGuide, you need to configure DHCP snooping on a new switch. Which three steps are required? (Select 3)
A. Configure the switch to insert and remove DHCP relay information (option-82 field) in forwarded DHCP request messages.
B. Configure DHCP snooping globally.
C. Configure the switch as a DHCP server.
D. Configure DHCP snooping on an interface.
E. Configure all interfaces as DHCP snooping trusted interfaces.
F. Configure DHCP snooping on a VLAN or range of VLANs.

Correct Answer: BDF Section: (none) Explanation
Explanation/Reference:
QUESTION 77
On a PassGuide switch named PG1 you configure the following:
ip arp inspection vlan 10-12, 15
What is the purpose of this global configuration command made on PG1?
A. Discards ARP packets with invalid IP-to-MAC address bindings on trusted ports B. Validates outgoing ARP requests for interfaces configured on VLAN 10, 11, 12, or 15 C. Intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings D. Intercepts all ARP requests and responses on trusted ports
B. None of the other alternatives apply

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 78
What is true about access control on bridged and routed VLAN traffic? (Select three)
A. Router ACLs can be applied to the input and output directions of a VLAN interface. B. Bridged ACLs can be applied to the input and output directions of a VLAN interface.
B. Only router ACLs can be applied to a VLAN interface.
C. VLAN maps and router ACLs can be used in combination.
D. VLAN maps can be applied to a VLAN interface

Correct Answer: ABD Section: (none) Explanation
Explanation/Reference:
QUESTION 79
Switch PG1 has been configured with Private VLANs. With that type of PVLAN port should the default gateway be configured?
A. Trunk
B. Isolated
C. Primary
D. Community
E. Promiscuous
F. None of the other alternatives apply

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 80
PassGuide has implemented numerous multilayer switches that utilize FIB tables. Which statement is true about the Forward Information Base (FIB) table?
A. The FIB is derived from the IP routing table and is optimized for maximum lookup throughput.
B. The FIB table is derived from the Address Resolution Protocol table, and it contains Layer 2 rewrite (MAC) information for the next hop.
C. When the FIB table is full, a wildcard entry redirects traffic to the Layer 3 engine.
D. The FIB lookup is based on the Layer 2 destination MAC address.
E. None of the other alternatives apply

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 81
The PassGuide network needs to pass traffic between VLANs. Which device should be used to accomplish this?
A. Hub
B. Switch
C. Router
D. Bridge
E. None of the other alternatives apply

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 82
Inter-VLAN routing has been implemented in the PassGuide network. In VLAN routing, what are some of the disadvantages of designing a router-on-stick configuration? (Select three)
A. InterVLAN routing cannot be filtered by the router.
B. The router becomes a single point of failure for the network.
C. Routers will not route STP BPDUs.
D. There is a possibility of inadequate bandwidth for each VLAN.
E. Additional overhead on the router can occur.
F. NetFlow Switching is required for InterVLAN accounting.

Correct Answer: BDE Section: (none) Explanation
Explanation/Reference:
QUESTION 83
Which of the following could be used to provide a Layer 3 data path between separate VLANs? (Choose two.)
A. VLAN trunking
B. An external router
C. An internal route processor
D. VLAN capable bridge
E. EtherChannel

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 84
You are configuring a Cisco multilayer switch for the PassGuide network. Which command would you use to configure a port to act as a routed interface?
A. ip routing
B. switchport mode trunk
C. no switchport
D. switchport trunk native vlan 1
E. None of the other alternatives apply

Correct Answer: C Section: (none) Explanation Explanation/Reference:
QUESTION 85
The PassGuide security administrator is concerned with VLAN hopping based attacks. Which two statements about these attacks are true? (Select two)
A. Attacks are prevented by utilizing the port-security feature.
B. An end station attempts to gain access to all VLANs by transmitting Ethernet frames in the 802.1q encapsulation.
C. Configuring an interface with the switchport mode dynamic command will prevent VLAN hopping.
D. An end station attempts to redirect VLAN traffic by transmitting Ethernet frames in the 802.1q encapsulation.
E. Configuring an interface with the “switchport mode access” command will prevent VLAN hopping.

Correct Answer: BE Section: (none) Explanation
Explanation/Reference:

Flydumps.com will provide you with the most updates material to prepare for the tests all the Cisco 642-813 torrent are available at the site. Studying with dumps makes it much easier to pass the certification. Number of networking downloads including the Cisco 642-813 download are available on the website. Various websites offering such information have information in various formats you can easily download the format that is suitable for you it can be in Cisco 642-813  Testing Engine or in html.

Cisco 642-813 Exam Dumps, Welcome To Buy Cisco 642-813 Questions And Answers Online Store

ATTENTION: Get your Cisco 642-813 certification easily with,Flydumps latest Cisco 642-813 exam dumps. All the up-to-date questions and answers were added to the new version.Go to the site Flydumps.com to get more Cisco 642-813 exam
information.

QUESTION 50
Which set of statements describes the correct order and process of a wireless client associating with a
wireless access point?
A. 1. Client sends probe request.
2.
Access point sends probe response.

3.
Client initiates association.

4.
Access point accepts association.

5.
Access point adds client MAC address to association table.
B. 1. Client sends probe request.
2.
Access point sends probe response.

3.
Client initiates association.

4.
Access point accepts association.

5.
Client adds access point MAC address to association table.
C. 1. Client sends probe request.
2.
Access point sends probe response.

3.
Access point initiates association.

4.
Client accepts association.

5.
Access point adds client MAC address to association table.
D. 1. Access point sends probe request.
2.
Client sends probe response.

3.
Client initiates association.

4.
Access point accepts association.

5.
Access point adds client MAC address to association table.
E. 1. Access point sends probe request .
2.
Client sends probe response.

3.
Client initiates association.

4.
Access point accepts association.

5.
Client adds access point MAC address to association table.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 51
Refer to the exhibit. Which protocol establishes an optimal path to the root in a wireless mesh network?

A. WLAN Quality of Service (WQoS)
B. 802.1Q WLAN trunking protocol
C. Lightweight Access Point Protocol (LWAPP)
D. Layer 2 Roaming (IAPP)
E. Adaptive Wireless Path (AWP)

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 52
What is the objective of the Cisco Compatible Extensions program?
A. to provide access to proprietary Cisco IOS software code in order to expand the number of vendors writing wireless code
B. to provide Cisco engineers with the opportunity to certify that any wireless devices that are made by third parties are compatible with Cisco wireless products
C. to provide customers with a broad range of WLAN client devices that have been tested for interoperability with Cisco Aironet innovations
D. to provide third parties with Cisco hardware in order to encourage the development of radical innovation in the area of wireless

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 53
Which three statements are true about implementing Cisco wireless LANs? (Choose three.)
A. LWAPP allows encrypted communication between lightweight access points and WLAN controllers.
B. The WLAN Solution Engine (WLSE) is used to control lightweight access points.
C. Power over Ethernet (PoE) is only available when a WLAN controller is integrated into the network.
D. One of the advantages of the lightweight WLAN solution is that the devices act independently.
E. Antenna power is a relative value reference to dBi.
F. Characteristics of antennas are directionality, gain, and polarization.

Correct Answer: AEF Section: (none) Explanation
Explanation/Reference:
QUESTION 54
Which two statements correctly describe features of Lightweight Access Point Protocol (LWAPP)? (Choose two.)
A. Data traffic between an access point and a controller is encrypted within LWAPP.
B. Control traffic between an access point and a controller is encrypted within LWAPP.
C. Data traffic between an access point and a controller is encapsulated within LWAPP.
D. Layer 3 mode packets are transmitted in TCP frames.
E. VLAN tagging and QoS markings are applied at the access point.

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 55
Refer to the exhibit. What should be taken into consideration when using the Cisco Aironet Desktop
Utility (ADU) to configure the static WEP keys on the wireless client adapter?

A. The client adapter WEP key should be generated by the AP and forwarded to the client adapter before the client adapter can establish communication with the wireless network.
B. The client adapter WEP key should be generated by the authentication server and forwarded to the client adapter before the client adapter can establish communication with the wireless network.
C. In infrastructure mode the client adapter WEP key must match the WEP key used by the access point. In ad hoc mode all client WEP keys within the wireless network must match each other.
D. Before the client adapter WEP key is generated, all wireless infrastructure devices (such as access points, servers, etc.) must be properly configured for LEAP authentication.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 56
Refer to the exhibit. Static WEP keys have been configured on all devices in the wireless LAN. What will happen if the access point receives packets sent by the wireless client adapter that are not encrypted with the appropriate key?

A. The wireless client adapter will be authenticated by the authentication server and the access point will deliver the packets to the intended receiver.
B. The wireless client adapter will not be authenticated by the authentication server, but the access point will deliver the packets to the intended receiver.
C. The access point will discard the packets and never deliver them to the intended receiver.
D. The wireless client adapter will not be able to send any packets to the access point.

Correct Answer: C Section: (none) Explanation
Explanation/Reference: QUESTION 57
What three statements are true for networks that are enabled for voice as well as data traffic? (Choose three.)
A. An uptime of 99.999 percent is achieved using a 4-hour service response contract for system problems.
B. Auxiliary VLANs provide the ability to apply QoS to voice traffic without affecting the flow of data from the client PC.
C. Redundant hardware, redundant links, UPS, and proactive network management are data network standards that do not apply to voice networks.
D. The increased costs of voice enabled networks are offset by increased worker productivity.
E. For ease of implementation, most VoIP phones use in-line power to get power through the same cable on which data is sent.
F. High availability networks must be created to avoid network congestion and overcome a lack of redundancy and poor engineering.

Correct Answer: BEF Section: (none) Explanation
Explanation/Reference:
QUESTION 58
Refer to the exhibit. What is the sequence of events when a VoIP call is placed from IP phone P1 to IP phone P2?

A. RTP traffic is exchanged between IP phone P1 and IP phone P2. IP phone P1 alerts the CCM of off-hook state. CCM instructs IP phone P1 to provide dialtone. IP phone P1 passes digits to CCM. CCM routes call to PSTN or IP phone P2.
B. CCM instructs IP phone P1 to provide dialtone. IP phone P1 alerts the CCM of off-hook state. IP phone P1 passes digits to CCM. CCM routes call to PSTN or IP phone P2. RTP traffic is exchanged between IP phone P1 and IP phone P2.
C. CCM instructs IP phone P1 to provide dialtone.
IP phone P1 alerts the CCM of off-hook state.
IP phone P1 passes digits to CCM.
RTP traffic is exchanged between IP phone P1 and IP phone P2.
CCM routes call to PSTN or IP phone P2.
D. IP phone P1 alerts the CCM of off-hook state. CCM instructs IP phone P1 to provide dialtone. IP phone P1 passes digits to CCM. CCM routes call to PSTN or IP phone P2. RTP traffic is exchanged between IP phone P1 and IP phone P2.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 59
What are three examples of call control signaling? (Choose three.)
A. MGCP
B. RTP
C. G.711
D. G.729
E. H.323
F. SIP

Correct Answer: AEF Section: (none) Explanation
Explanation/Reference:
QUESTION 60
Refer to the exhibit. Which statement is true about the configuration that is shown?

A. Untagged ingress traffic will be dropped.
B. Untagged ingress traffic will be marked with the default CoS value of the port.
C. Tagged and untagged ingress traffic will be carried on VLAN 1.
D. Ingress traffic from the host will be tagged with the CoS value of 5.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 61
Why is BPDU guard an effective way to prevent an unauthorized rogue switch from altering the spanning-tree topology of a network?
A. BPDU guard can guarantee proper selection of the root bridge.
B. BPDU guard can be utilized along with PortFast to shut down ports when a switch is connected to the port.
C. BPDU guard can be utilized to prevent the switch from transmitting BPDUs and incorrectly altering the root bridge election.
D. BPDU guard can be used to prevent invalid BPDUs from propagating throughout the network.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 62
What two steps can be taken to help prevent VLAN hopping? (Choose two.)
A. Place unused ports in a common unrouted VLAN.
B. Enable BPD guard.
C. Implement port security.
D. Prevent automatic trunk configurations.
E. Disable CDP on ports where it is not necessary.

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 63
Refer to the exhibit. Both routers are configured for the Gateway Load Balancing Protocol (GLBP).
Which statement is true?

A. The default gateway addresses of both hosts should be set to the IP addresses of both routers.
B. The default gateway address of each host should be set to the virtual IP address.
C. The hosts will learn the proper default gateway IP address from Router A.
D. The hosts will have different default gateway IP addresses and different MAC addresses for each router.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 64
Refer to the exhibit. What type of attack would be mitigated by this configuration?

A. ARP spoofing
B. MAC spoofing
C. VLAN hopping
D. CDP manipulation
E. MAC flood attack
F. spanning tree compromises

Correct Answer: E Section: (none) Explanation
Explanation/Reference:
QUESTION 65
Refer to the exhibit. What is the problem with this configuration?

A. Spanning tree PortFast cannot be configured on a port when a sticky secure MAC address is used.
B. Spanning tree PortFast cannot be configured on a port where a voice VLAN is configured.
C. Sticky secure MAC addresses cannot be used on a port when a voice VLAN is configured.
D. The switch port must be configured as a trunk.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 66
Which statement is true about voice VLANs?
A. The voice VLAN feature is enabled by default.
B. When the voice VLAN feature is enabled, all untagged voice and data traffic is sent through the voice VLAN.
C. The default CoS value is 1 for incoming voice and data traffic.
D. The IP phone overrides the priority of all incoming data traffic (tagged and untagged) and sets the CoS value to 0.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 67
For what purpose is the command config network webmode enable used?
A. to allow HTTPS access to the WLAN controller
B. to allow HTTP access to the WLAN controller
C. to allow SSH access to the CLI of the WLAN controller
D. to allow SSL access to the CLI of the WLAN controller

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 68
Refer to the exhibit. Which configuration on the HSRP neighboring device ensures that it becomes the active HSRP device in the event that port fa1/1 on Switch_A goes down?

A. Switch_B(config-if)# ip address 10.10.10.2 255.255.255.0 Switch_B(config-if)# standby 1 priority 200 Switch_B(config-if)# standby 1 preempt Switch_B(config-if)# standby 1 ip 10.10.10.10 Switch_B(config-if)# standby 1 track interface fa 1/1
B. Switch_B(config-if)# ip address 10.10.10.2 255.255.255.0 Switch_B(config-if)# standby 1 priority 200 Switch_B(config-if)# standby 1 ip 10.10.10.10
C. Switch_B(config-if)# ip address 10.10.10.2 255.255.255.0 Switch_B(config-if)# standby 1 priority 195 Switch_B(config-if)# standby 1 preempt Switch_B(config-if)# standby 1 ip 10.10.10.10
D. Switch_B(config-if)# ip address 10.10.10.2 255.255.255.0 Switch_B(config-if)# standby 1 priority 190 Switch_B(config-if)# standby 1 ip 10.10.10.10 Switch_B(config-if)# standby 1 track interface fa 1/1

Correct Answer: C Section: (none) Explanation Explanation/Reference:
QUESTION 69
When an attacker is using switch spoofing to perform VLAN hopping, how is the attacker able to gather information?
A. The attacking station uses DTP to negotiate trunking with a switch port and captures all traffic that is allowed on the trunk
B. The attacking station tags itself with all usable VLANs to capture data that is passed through the switch, regardless of the VLAN to which the data belongs.
C. The attacking station will generate frames with two 802.1Q headers to cause the switch to forward the frames to a VLAN that would be inaccessible to the attacker through legitimate means.
D. The attacking station uses VTP to collect VLAN information that is sent out and then tags itself with the domain information in order to capture the data.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 70
Which statement is true about the Lightweight Access Point Protocol (LWAPP)?
A. The control traffic between the client and the access point is encapsulated with the LWAPP.
B. Data traffic between the client and the access point is encapsulated with LWAPP.
C. Authentication, security, and mobility are handled by the access point.
D. Real-time frame exchange is accomplished within the access point.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 71
Refer to the exhibit. On basis of the configuration that is provided, where will the trust boundary be established in this network?

A. at the PC
B. at the IP phone
C. at the access switch
D. at the distribution switch

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 72
Refer to the exhibit. Based upon the information that is given, how will voice traffic from the phone and data traffic from the PC be handled by SW_1?

A. The switch port will trust the CoS value of the ingress voice and data traffic that comes into the switch port.
B. The switch port will perform marking for the ingress voice and data traffic by using the default CoS value at the switch port.
C. The switch port will trust the CoS value of the ingress voice traffic. Data traffic will be marked at the switch port with the default CoS value.
D. The switch port will trust the CoS value of the ingress data traffic. Voice traffic will be marked at the switch port with the default CoS value.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 73
Refer to the exhibit. GLBP has been configured on the network. When the interface serial0/0/1 on router R1 goes down, how is the traffic coming from Host1 handled?

A. The traffic coming from Host1 and Host2 is forwarded through router R2 with no disruption.
B. The traffic coming from Host2 is forwarded through router R2 with no disruption. Host1 sends an ARP request to resolve the MAC address for the new virtual gateway.
C. The traffic coming from both hosts is temporarily interrupted while the switchover to make R2 active occurs.
D. The traffic coming from Host2 is forwarded through router R2 with no disruption. The traffic from Host1 is dropped due to the disruption of the load balancing feature configured for the glbp group.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 74
Refer to the exhibit. DHCP snooping is enabled for selected VLANs to provide security on the network. How do the switch ports handle the DHCP messages?

A. Ports Fa2/1 and Fa2/2 source DHCP requests only. Port Fa3/1 is eligible to source all DHCP messages and respond to DHCP requests.
B. Ports Fa2/1 and Fa2/2 respond to DHCP requests only. Port Fa3/1 is eligible to source all DHCP messages.
C. Ports Fa2/1 and Fa2/2 are eligible to source all DHCP messages and respond to DHCP requests. Port Fa3/1 can source DHCP request only.
D. All three ports, Fa2/1, Fa2/2, and Fa3/1, are eligible to source all DHCP messages and respond to DHCP requests.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 75
Refer to the exhibit and the partial configuration on routers R1 and R2. Hot Standby Routing Protocol (HSRP) is configured on the network to provide network redundancy for the IP traffic. The network administrator noticed that R2 does not become active when the R1 serial0 interface goes down. What CareerCert.blogspot.com should be changed in the configuration to fix the problem?

A. R2 should be configured with a HSRP virtual address.
B. R2 should be configured with a standby priority of 100.
C. The Serial0 interface on router R2 should be configured with a decrement value of 20.
D. The Serial0 interface on router R1 should be configured with a decrement value of 20.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
Cisco 642-813 only advanced and equipped with much more features,it is also not internet dependent,once installed.It enables you to see Interconnecting Cisco Networking Devices in a simulated Cisco 642-813 exam environment.Working with Cisco 642-813 Interactive Testing Engine is like passing an actual Cisco 642-813 exam.

Cisco 642-813 Study Guide Book, 100% Success Rate Cisco 642-813 Dump With 100% Pass Rate

Do not you know how to choose the Cisco 642-813 exam dumps? Being worried about your Cisco 642-813 exam? Just try Flydumps new version Cisco 642-813 exam dumps.High pass rate and money back guarantee!

QUESTION 21
VTP is configured on switch PG1. Which of the following features were added in VTP version 2 that were not previously supported in VTP version 1? (Select two)
A. Supports Token Ring VLANs.
B. Allows VLAN consistency checks.
C. Saves VLAN configuration memory.
D. Reduces the amount of configuration necessary.
E. Allows active redundant links when used with spanning tree.
Correct Answer: AB Section: (none) Explanation
Explanation/Reference: QUESTION 22
The PassGuide switches are configured to use VTP. What’s true about the VLAN trunking protocol (VTP)? (Select two)
A. VTP messages will not be forwarded over nontrunk links.
B. VTP domain names need to be identical. However, case doesn’t matter. C. A VTP enabled device which receives multiple advertisements will ignore advertisements with higher configuration revision numbers.
C. A device in “transparent” VTP v.1 mode will not forward VTP messages. E. VTP pruning allows switches to prune VLANs that do not have any active ports associated with them.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 23
Switch PG1 and PG2 both belong to the PassGuide VTP domain. What’s true about the switch operation in VTP domains? (Select all that apply)
A. A switch can only reside in one management domain
B. A switch is listening to VTP advertisements from their own domain only C. A switch is listening to VTP advertisements from multi domains
C. A switch can reside in one or more domains
D. VTP is no longer supported on Catalyst switches
Correct Answer: AB Section: (none) Explanation
Explanation/Reference:
QUESTION 24
VTP devices in a network track the VTP revision number. What is a VTP configuration revision number?
A. A number for identifying changes to the network switch.
B. A number for identifying changes to the network router.
C. A number for identifying changes to the network topology.
D. None of the other alternatives apply.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 25
Switch PG1 is configured to use the VLAN Trunking Protocol (VTP). What does PG1 advertise in its VTP domain?
A. The VLAN ID of all known VLANs, the management domain name, and the total number of trunk links on the switch.
B. The VLAN ID of all known VLANs, a 1-bit canonical format (CF1 Indicator), and the switch configuration revision number.
C. The management domain name, the switch configuration revision number, the known VLANs, and their specific parameters.
D. A 2-byte TPID with a fixed value of 0x8100 for the management domain number, the switch configuration revision number, the known VLANs, and their specific parameters.
E. None of the other alternatives apply.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 26
VTP switches use advertisements to exchange information with each other. Which of the following advertisement types are associated with VTP? (Select all that apply)
A. Domain advertisements
B. Advertisement requests from clients
C. Subset advertisements
D. Summary advertisements
Correct Answer: BCD Section: (none) Explanation
Explanation/Reference:
QUESTION 27
Switch PG1 is part of the PassGuide VTP domain. What’s true of VTP Pruning within this domain? (Select all that apply)
A. It does not prune traffic from VLANs that are pruning-ineligible
B. VLAN 1 is always pruning-eligible
C. it will prune traffic from VLANs that are pruning-ineligible
D. VLAN 2 is always pruning-ineligible
E. None of the other alternatives apply.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 28
What action should you execute if you wanted to enable VTP pruning on your entire management domain?
A. Enable VTP pruning on any client switch in the management domain.
B. Enable VTP pruning on any switch in the management domain.
C. Enable VTP pruning on every switch in the management domain.
D. Enable VTP pruning on a VTP server in the management domain.
E. Disable VTP pruning on a VTP server in the management domain.
Correct Answer: D Section: (none) Explanation Explanation/Reference:
QUESTION 29
Switch PG1 is configured with VTP. Which two VTP modes will make PG1 capable of creating and deleting VLANs on itself? (Select two)
A. Client
B. Server
C. Transparent
D. Pass-through
E. No-negotiate

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 30
When the Catalyst switch PG1 is enabled to use VTP, which information does it advertise on its trunk ports? (Select two)
A. VTP mode
B. STP root status
C. Negotiation status
D. Management domain
E. Configuration revision number

Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
QUESTION 31
Two PassGuide switches are connected via a trunk link. In this network, the original frame is encapsulated
and an additional header is added before the frame is carried over a trunk link. At the receiving end, the
header is removed and the frame is forwarded to the assigned VLAN.
This describes which technology?

A. DISL
B. ISL
C. DTP
D. IEEE 802.1Q
E. MPLS
F. None of the other alternatives apply

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 32
The PassGuide core switches use 802.1Q trunks to connect to each other. How does 802.1Q trunking keep track of multiple VLANs?
A. It tags the data frame with VLAN information and recalculates the CRC value B. It encapsulates the data frame with a new header and frame check sequence C. It modifies the port index of a data frame to indicate the VLAN
B. It adds a new header containing the VLAN ID to the data frame
C. None of the other alternatives apply

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 33
The core PassGuide switches are configured to use 802.1Q trunks. Which three statements are correct with regard to the IEEE 802.1Q standard? (Select three)
A. The IEEE 802.1Q frame format adds a 4 byte field to a Ethernet frame
B. The packet is encapsulated with a 26 byte header and a 4 byte FCS C. The protocol uses point-to-multipoint connectivity
C. The protocol uses point-to-point connectivity
D. The IEEE 802.1Q frame uses multicast destination of 0x01-00-0c-00-00 F. The IEEE 802.1Q frame retains the original MAC destination address

Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 34
Switch PG1 has been configured with DTP using the desirable option. Which statement describes Dynamic Trunking Protocol (DTP) desirable mode?
A. The interface actively attempts to convert the link to a trunk link. B. The interface is put into permanent trunking mode but prevented from generating DTP frames.
B. The interface is put into permanent trunking mode and negotiates to convert the link into a trunk link.
C. The interface is put into a passive mode, waiting to convert the link to a trunk link.
D. None of the other alternatives apply

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 35
You need to configure a new PassGuide switch for trunking. Which switch command enables a trunking protocol that appends a four byte CRC to the packet?
A. PassGuideSwitch(config-if)#switchport trunk encapsulation dot1q
B. PassGuideSwitch(config-if)#switchport trunk encapsulation itef
C. PassGuideSwitch(config-if)#switchport trunk encapsulation fddi
D. PassGuideSwitch(config-if)#switchport trunk encapsulation isl
E. None of the other alternatives apply

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 36
While using a packet analyzer, you notice four additional bytes being added to the packets in the PassGuide network. Which protocol inserts a four byte tag into the Ethernet frame and recalculates CRC value?
A. DTP
B. VTP
C. 802.1Q
D. ISL
E. None of the other alternatives apply

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 37
You need to configure a new PassGuide switch to support DTP. Which DTP switchport mode parameter sets the switch port to actively send and respond to DTP negotiation frames?
A. Access
B. No negotiate
C. Trunk
D. Dynamic desirable
E. Dynamic auto
F. None of the other alternatives apply

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 38
A new PassGuide switch was just configured using the “switchport trunk native vlan 7” command. What does this interface command accomplish?
A. Causes the interface to apply ISL framing for traffic on VLAN 7
B. Configures the trunking interface to forward traffic from VLAN 7
C. Configures the interface to be a trunking port and causes traffic on VLAN 7 to be 802.1q tagged
D. Configures the trunking interface to send traffic from VLAN 7 untagged E. None of the other alternatives apply

Correct Answer: D Section: (none) Explanation
Explanation/Reference: QUESTION 39
You need to connect two PassGuide core switches via an ISL trunk. Which statement is true regarding the configuration of ISL trunks?
A. A Catalyst switch cannot have ISL and IEEE 802.1q trunks enabled.
B. All Catalyst switches support ISL trunking.
C. A Catalyst switch will report giants if one side is configured for ISL while the other side is not.
D. ISL trunking requires that native VLANs match.
E. None of the other alternatives apply

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 40
Which of the following technologies would an Internet Service Provider use to support
overlapping customer VLAN ID’s over transparent LAN services?
A. 802.1q tunneling
B. ATM
C. SDH
D. IP Over Optical Networking
E. ISL

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 41
If you were to configure an ISL Ethernet trunk between two Cisco switches, named PG1 and PG2, what would you have to include at the end of the link for the trunk to operate correctly? (Select two)
A. An identical VTP mode.
B. An identical speed/duplex.
C. An identical trunk negotiation parameter.
D. An identical trunk encapsulation parameter.

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 42
You are the network administrator at PassGuide and switch PG1 is configured as shown below:
Interface gigethernet 0/1 Switchport mode trunk Switchport trunk encapsulation dot1q Switchport trunk native vlan 5
If untagged frames are arriving on interface gigethernet 0/1 of PG1, which of the following statement are correct?
A. Untagged frames are automatically assumed to be in VLAN 5.
B. Untagged frames are defaulted to VLAN 1 traffic.
C. Untagged frames are dropped because all packets are tagged when dot1q trunked.
D. Untagged frames are determined on the other switch
E. Untagged frames are not supported on 802.1Q trunks.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 43
If you were to set up a VLAN trunk over a Fast Ethernet link on switch PG1, which trunk mode would you set the local port to on PG1 if you wanted it to respond to requests from its link partner (PG2) and become a trunk?
A. Auto
B. Negotiate
C. Designate
D. No negotiate

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 44
Which of the following trunking modes are unable to request their ports to convert their links into trunk links? (Select all that apply)
A. Negotiate
B. Designate
C. No negotiate
D. Auto
E. Manual
F. Off

Correct Answer: CD Section: (none) Explanation
Explanation/Reference:
QUESTION 45
ISL is being configured on a PassGuide switch. Which of the following choices are true regarding the ISL protocol? (Select two)
A. It can be used between Cisco and non-Cisco switch devices.
B. It calculates a new CRC field on top of the existing CRC field.
C. It adds 4 bytes of protocol-specific information to the original Ethernet frame. D. It adds 30 bytes of protocol-specific information to the original Ethernet frame.

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 46
You are the network administrator tasked with designing a switching solution for the PassGuide network. Which of the following statements describing trunk links are INCORRECT? (Select all that apply)
A. The trunk link belongs to a specific VLAN.
B. Multiple trunk links are used to connect multiple end user devices.
C. A trunk link only supports native VLAN.
D. Trunk links use 802.10 to identify a VLAN.
E. The native VLAN of the trunk link is the VLAN that the trunk uses for untagged packets.

Correct Answer: ABCD Section: (none) Explanation
Explanation/Reference:
QUESTION 47
Switch PG1 has been configured with the root guard feature. What statement is true if the spanning tree enhancement Root Guard is enabled?
A. If BPDUs are not received on a non-designated port, the port is moved into the STP loop- inconsistent blocked state
B. IF BPDUs are received on a PortFast enabled port, the port is disabled. C. If superior BPDUs are received on a designated port, the interface is placed into the root- inconsistent blocked state.
C. If inferior BPDUs are received on a root port, all blocked ports become alternate paths to the root bride.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 48
On switch PG1 you issue the “udld enable” global command. What does this command accomplish?
A. Enables all fiber-optic LAN ports for Unidirectional LINK Detection (UDLD) B. Enables all copper media LAN ports Unidirectional Link Detection (UDLD) C. Overrides the default UDLS setting for all ports
B. Globally enables all ports on the device for Unidirectional Link Detection (UDLS) E. None of the other alternatives apply

Correct Answer: A Section: (none) Explanation
Explanation/Reference: QUESTION 49
The PassGuide network utilizes the Multiple-instance Spanning Tree protocol in its switched LAN. Which three statements about the MST protocol (IEEE 802.1S) are true? (Select three)
A. To verify the MST configuration, the show pending command can be used in MST configuration mode.
B. When RSTP and MSTP are configured; UplinkFast and BackboneFast must also be enabled.
C. All switches in the same MST region must have the same VLAN-to-instance mapping, but different configuration revision numbers.
D. All switches in an MST region, except distribution layer switches, should have their priority lowered from the default value 32768.
E. An MST region is a group of MST switches that appear as a single virtual bridge to adjacent CST and MST regions.
F. Enabling MST with the “spanning-tree mode mst” global configuration command also enables RSTP.

Correct Answer: AEF Section: (none) Explanation
Explanation/Reference:
QUESTION 50
PassGuide uses MSTP within their switched LAN. What is the main purpose of Multiple Instance Spanning Tree Protocol (MSTP)?
A. To enhance Spanning Tree troubleshooting on multilayer switches
B. To reduce the total number of spanning tree instances necessary for a particular topology C. To provide faster convergence when topology changes occur in a switched network D. To provide protection for STP when a link is unidirectional and BPDUs are being sent but not received
C. None of the other alternatives apply

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 51
Which of the following specifications is a companion to the IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) algorithm, and warrants the use multiple spanning-trees?
A. IEEE 802.1s (MST)
B. IEEE 802.1Q (CST)
C. Cisco PVST+
D. IEEE 802.1d (STP)
E. None of the other alternatives apply

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 52
Which of the following specification will allow you to: associate VLAN groups to STP instances so you can provide multiple forwarding paths for data traffic and enable load balancing?
A. IEEE 802.1d (STP)
B. IEEE 802.1s (MST)
C. IEEE 802.1Q (CST)
D. IEEE 802.1w (RSTP)

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 53
Which three items are configured in MST configuration submode? (Select three)
A. Region name
B. Configuration revision number
C. VLAN instance map
D. IST STP BPDU hello timer
E. CST instance map
F. PVST+ instance map

Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 54
By default, all VLANs will belong to which MST instance when using Multiple STP?
A. MST00
B. MST01
C. the last MST instance configured
D. none

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 55
Which MST configuration statement is correct?
A. MST configurations can be propagated to other switches using VTP. B. After MST is configured on a Switch, PVST+ operations will also be enabled by default. C. MST configurations must be manually configured on each switch within the MST region. D. MST configurations only need to be manually configured on the Root Bridge. E. MST configurations are entered using the VLAN Database mode on Cisco Catalyst switches.

Correct Answer: Section: (none) Explanation
Explanation/Reference: QUESTION 56
While logged into a PassGuide switch you issue the following command:
PassGuideSwitch(config-mst)# instance 10 vlan 11-12
What does this command accomplish?
A. It enables a PVST+ instance of 10 for vlan 11 and vlan 12
B. It enables vlan 11 and vlan 12 to be part of the MST region 10
C. It maps vlan 11 and vlan 12 to the MST instance of 10.
D. It creates an Internal Spanning Tree (IST) instance of 10 for vlan 11 and vlan 12 E. It create a Common Spanning Tree (CST) instance of 10 for vlan 11 and vlan 12
E. It starts two instances of MST, one instance for vlan 11 and another instance for vlan 12.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 57
The network administrator maps VLAN 10 through 20 to MST instance 2. How will this information be propagated to all appropriate switches?
A. Information will be carried in the RSTP BPDUs.
B. It will be propagated in VTP updates.
C. Information stored in the Forwarding Information Base and the switch will reply on query. D. Multiple Spanning Tree must be manually configured on the appropriate switches.

Correct Answer: Section: (none) Explanation
Explanation/Reference:
QUESTION 58
You need make configuration changes to an existing layer 3 switch in the PassGuide network. On a multilayer Catalyst switch, which interface command is used to convert a Layer 3 interface to a Layer 2 interface?
A. switchport access vlan vlan-id
B. switchport
C. switchport mode access
D. no switchport
E. None of the other alternatives apply

Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 59
What command could you enter to display the trunking status of a module/port in the switch? (Type in the answer below): A. show trunk

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 60
The PassGuide administrator has issue the “show vlan id 5” command. What will this command display? (Select two)
A. Ports in VLAN 5
B. Utilization
C. VLAN information on port 0/5
D. Filters
E. MTU and type

Correct Answer: AE Section: (none) Explanation
Explanation/Reference:
QUESTION 61
You’re a network administer and you issue the command (show port 3/1) on an Ethernet port. To your surprise you notice a non-zero entry in the `Giants’ column. What could be the cause of this?
A. IEEE 802.1Q
B. IEEE 802.10
C. Misconfigured NIC
D. User configuration
E. All of the above

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 62
You are responsible for increasing the security within the PassGuide LAN. Of the following choices listed below, which is true regarding layer 2 security and mitigation techniques?
A. Enable root guard to mitigate ARP address spoofing attacks.
B. Configure DHCP spoofing to mitigate ARP address spoofing attacks.
C. Configure PVLANs to mitigate MAC address flooding attacks.
D. Enable root guard to mitigate DHCP spoofing attacks.
E. Configure dynamic APR inspection (DAI) to mitigate IP address spoofing on DHCP untrusted ports.
F. Configure port security to mitigate MAC address flooding
G. None of the other alternatives apply

Correct Answer: F Section: (none) Explanation Explanation/Reference:
QUESTION 63
You work as a network technician at PassGuide.com. Your boss is interested in switch spoofing. She asks you how an attacker would collect information with VLAN hoping through switch spoofing. You should tell her that the attacking station…
A. …uses VTP to collect VLAN information that is sent out and then tags itself with the domain information in order to capture the data.
B. …will generate frames with two 802.1Q headers to cause the switch to forward the frames to a VLAN that would be inaccessible to the attacker through legitimate means. C. …uses DTP to negotiate trunking with a switch port and captures all traffic that is allowed on the trunk.
C. …tags itself with all usable VLANs to capture data that is passed through the switch, regardless of the VLAN to which the data belongs.
D. None of the other alternatives apply

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 64
The PassGuide security administrator is concerned with layer 2 network attacks. Which two statements about these attacks are true? (Select two)
A. ARP spoofing attacks are attempts to redirect traffic to an attacking host by encapsulating a false 802.1Q header on a frame and causing traffic to be delivered to the wrong VLAN. B. ARP spoofing attacks are attempts to redirect traffic to an attacking host by sending an ARP message with a forged identity to a transmitting host.
B. MAC address flooding is an attempt to force a switch to send all information out every port by overloading the MAC address table.
C. ARP spoofing attacks are attempts to redirect traffic to an attacking host by sending an ARP packet that contains the forged address of the next hop router.
D. MAC address flooding is an attempt to redirect traffic to a single port by associating that port with all MAC addresses in the VLAN.

Correct Answer: BC Section: (none) Explanation
Explanation/Reference:
QUESTION 65
The PassGuide security administrator wants to prevent DHCP spoofing. Which statement is true about DHCP spoofing operation?
A. DHCP spoofing and SPAN cannot be used on the same port of a switch. B. To prevent a DHCP spoofing, the DHCP server must create a static ARP entry that cannot be updated by a dynamic ARP packet.
B. To prevent a DHCP spoofing, the switch must have DHCP server services disabled and a static entry pointing towards the DHCP server.
C. DHCP spoofing can be prevented by placing all unused ports in an unused VLAN.
D. None of the other alternatives apply.
Correct Answer: B Section: (none) Explanation

Explanation/Reference:

The  Certified Network Associate (CCNA) is the composite exam associated with the Cisco Certified Network Associate certification.Candidates can prepare for this exam.This exam tests a candidate’s knowledge and skills required to install, operate, and troubleshoot a small to medium size enterprise branch network.

Cisco 642-813 Exam Collection, Latest Release Cisco 642-813 Answers Latest Version Cisco 642-813 PDF&VCE

Important Info — Cisco 642-813 new study guide are designed to help you pass the exam in a short time.Everything you need can be found in the new version Cisco 642-813 exam dumps.Visit Flydumps.com to get more valid information.

Exam A
QUESTION 1
Acme is a small export company that has an existing enterprise network comprised of 5 switches;
CORE,DSW1,DSW2,ASW1 and ASW2. The topology diagram indicates their desired pre-VLAN spanning
tree mapping.
Previous configuration attempts have resulted in the following issues:


CORE should be the root bridge for VLAN 20; however, DSW1 is currently the root bridge for VLAN 20.


Traffic for VLAN 30 should be forwarding over the gig 1/0/6 trunk port between DSW1 and DSW2. However VLAN 30 is currently using gig 1/0/5.


Traffic for VLAN 40 should be forwarding over the gig 1/0/5 trunk port between DSW1 and DSW2. However VLAN 40 is currently using gig 1/0/6.
You have been tasked with isolating the cause of these issuer and implementing the appropriate solutions. You task is complicated by the fact that you only have full access to DSW1, with isolating the cause of these issues and implementing the appropriate solutions. Your task is complicated by the fact that you only have full access to DSW1, with the enable secret password cisco. Only limited show command access is provided on CORE, and DSW2 using the enable 2 level with a password of acme. No configuration

\
Correct Answer: configure terminal spanning-tree vlan 20 priority 61440 interface g1/0/6 spanning-tree vlan 30 port-priority 64 exit interface g1/0/5 spanning-tree vlan 40 cost 1 show spanning-tree copy run start
Section: (none) Explanation
Explanation/Reference:
By using the ※show spanning-tree§ command as shown above, we learned that DSW1 is the root bridge for VLAN 20 (notice the line ※This bridge is the root§

To determine the root bridge, switches send and compare their priorities and MAC addresses with each other. The switch with the lowest priority value will have highest priority and become the root bridge. Therefore, we can deduce that the priority of DSW1 switch is lower than the priority of the CORE switch so it becomes the root bridge. To make the CORE the root bridge we need to increase the DSW1∩s priority value, the best value should be 61440 because it is the biggest value allowed to assign and it will surely greater than of CORE switch. (You can use another value but make sure it is greater than the CORE priority value by checking if the CORE becomes the root bridge or not; and that value must be in increments of 4096).
(Notice that the terms bridge and switch are used interchangeably when discussing STP)
2) ※Traffic for VLAN 30 should be forwarding over the gig 1/0/6 trunk port between DSW1 and DSW2. However VLAN 30 is currently using gig 1/0/5∪
DSW1 is the root bridge for VLAN 30 (you can re-check with the show spanning-tree command as above), so all the ports are in forwarding state for VLAN 30. But the question said that VLAN 30 is currently using Gig1/0/5 so we can guess that port Gig1/0/6 on DSW2 is in blocking state (for VLAN 30 only), therefore all traffic for VLAN 30 will go through port Gig1/0/5.

The root bridge for VLAN 30, DSW1, originates the Bridge Protocol Data Units (BPDUs) and switch DSW2 receives these BPDUS on both Gig1/0/5 and Gig1/0/6 ports. It compares the two BPDUs received, both have the same bridge-id so it checks the port cost, which depends on the bandwidth of the link. In this case both have the same bandwidth so it continues to check the sender*s port id (includes port priority and the port number of the sending interface). The lower port-id value will be preferred so the interface which received this port-id will be the root and the other interface (higher port-id value) will be blocked.
In this case port Gig1/0/6 of DSW2 received a Priority Number of 128.6 (means that port priority is 128 and port number is 6) and it is greater than the value received on port Gig1/0/5 (with a Priority Number of 128.5) so port Gig1/0/6 will be blocked. You can check again with the ※show spanning-tree§ command. Below is the output (notice this command is issued on DSW1 每 this is the value DSW2 received and used to compare).

Therefore, all we need to do is to change the priority of port Gig1/0/6 to a lower value so the neighboring port will be in forwarding state. Notice that we only need to change this value for VLAN 30, not for all VLANs.
) ※Traffic for VLAN 40 should be forwarding over the gig 1/0/5 trunk port between DSW1 and DSW2. However VLAN 40 is currently using gig 1/0/6∪
Next we need to make sure traffic for VLAN 40 should be forwarding over Gig1/0/5 ports. It is a similar job, right? But wait, we are not allowed to make any configurations on DSW2, how can we change its port-priority for VLAN 40? There is another solution for this#
Besides port-priority parameter, there is another value we can change: the Cost value (or Root Path Cost). Although it depends on the bandwidth of the link but a network administrator can change the cost of a spanning tree, if necessary, by altering the configuration parameter in such a way as to affect the choice of the root of the spanning tree.
Notice that the Root Path Cost is the cost calculated by adding the cost in the received hello to the cost of the interface the hello BPDU was received. Therefore if you change the cost on an interface of DSW1 then only DSW1 will learn the change.
By default, the cost of a 100Mbps link is 19 but we can change this value to make sure that VLAN 40 will use interface Gig1/0/5.
You should re-check to see if everything was configured correctly:
Remember these facts about Spanning-tree:
Path Selection:
1) Prefer the neighbor advertising the lowest root ID 2) Prefer the neighbor advertising the lowest cost to root 3) Prefer the neighbor with the lowest bridge ID 4) Prefer the lowest sender port ID
QUESTION 2

A. place unused ports in a common VLAN
B. implement private VLANs
C. implement DHCP SNOOPING
D. implement port security
E. implement VLAN access maps
Correct Answer: DE Section: (none) Explanation
Explanation/Reference:
QUESTION 3

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 4 Correct Answer: C Section: (none) Explanation

Explanation/Reference:
QUESTION 5

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 6
Correct Answer: B Section: (none) Explanation
Explanation/Reference:
QUESTION 7

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 8

A. 50
B. 100
C. 150
D. 200
Correct Answer: B Section: (none) Explanation
Explanation/Reference:

QUESTION 9
Correct Answer: SW-A int range fa0/9 每 10 switchport mode access switchport access vlan 21 spanning-tree portfast no shut int range fa0/13 每 14 switchport mode access switchport access vlan 22 spanning-tree portfast no shut int range fa0/16 每 16 switchport mode access switchport access vlan 23 spanning-tree portfast no shut int range fa0/3 每 4 channel-protocol lacp channel group 1 mode passive no shut int port-channel 1 switchport mode trunk switchport trunk encapsulation dot1q spanning-tree allowed vlans 1,21-23 no shut int vlan 1 ip address 192.168.1.11 255.255.255.0 no shut Sw-B
Section: (none) Explanation
Explanation/Reference:
QUESTION 10 Section: (none) Explanation Explanation/Reference:

QUESTION 11

Correct Answer: ACD Section: (none) Explanation
Explanation/Reference:
QUESTION 12

A.
B.
C.
D.
E.

Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 13

Correct Answer: BD Section: (none) Explanation
Explanation/Reference:
QUESTION 14
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 15 Correct Answer: C Section: (none) Explanation

Explanation/Reference:
QUESTION 16 Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Drag and drop
Select and Place:

Correct Answer:

Section: (none) Explanation
Explanation/Reference: QUESTION 18

Correct Answer: C Section: (none) Explanation
Explanation/Reference:

A. isolated
B. protected
C. private
D. associatd
E. promiscuous
F. community
Correct Answer: AEF Section: (none) Explanation
Explanation/Reference:
QUESTION 20

A.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:

CCNA Exam Certification Guide is a best-of-breed Cisco 642-813 exam study guide that has been completely updated to focus specifically on the objectives.Senior instructor and best-selling author Wendell Odom shares preparation hints and Cisco 642-691 tips to help you identify areas of weakness and improve both your conceptual and hands-on knowledge.Cisco 642-813 Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

Free Sharing –pass the Cisco 642-813 exam quickly

100% Valid And Pass With latest Cisco 642-813 exam dumps, you will never fail your Cisco 642-813 exam. All the questions and answers are updated and added to the new version timely by our experts.Also now Cisco 642-813 is offering free Cisco 642-813 exam VCE player and PDF files for free on their website.

Exam A
QUESTION 1
VTP devices in a network track the VTP revision number. What is a VTP configuration revision number?
A. A number for identifyiing changes to the network switch
B. A number for identifying changes in the network router
C. A number for identifying changes to the network topology
D. none of the other alternatives apply
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
The configuration revision number is a 32 bit number that indicates the level of revision for a VTP packet.
Each VTP device tracks the VTP configurationa revision number assigned to it, and most of the VTP
packets contain the VTP configuration revision number of the sender.
This information is used to determine whether the received information is more recent that the current
revision of a switch, change the VTP domain name and then change it back to the original name.

QUESTION 2

Refer to the exhibit. VLAN 1 and VLAN 2 are configured on the trunked links between Switch A and Switch B Port Fa0/2 on Switch B is currently in a blocking state for both VLANs. What should be done to load the balance VLAN traffic between Switch A and Switch B?

Correct Answer: B Section: (none)Explanation

QUESTION 3
What must be configured on a Cisco switch in order to advertise VLAN information
A. VTP mode B. VTP password
C. VTP revision number
D. VTP pruning
E. VTP domain name
F. none of the other alternatives apply
Correct Answer: E Section: (none) Explanation

QUESTION 4
A. This interface is a member of a voice VLAN
B. This interface is configured for access mode
C. this interface is a dot1q trunk passing all configuration
D. this interface is a member of VLAN 7
E. this interface is a member of VLAN 1
Correct Answer: BD Section: (none)Explanation

QUESTION 5
Correct Answer: ABCD Section: (none) Explanation

QUESTION 6
A. STP root status
B. VTP mode
C. Negotiation status
D. Management domain
E. Configuration revision number
Correct Answer: DE Section: (none)Explanation

QUESTION 7
A. Client
B. server
C. transparent
D. pass-through
E. no-negociate
Correct Answer: BC Section: (none) Explanation

QUESTION 8
Correct Answer: B Section: (none) Explanation

QUESTION 9
A. 802.1Q tunneling
B. ATM
C. SDH
D. IP over Optical Networking
E. ISL
Correct Answer: A Section: (none)Explanation

QUESTION 10
A. VLAN 1-5 will use fa0/10 as a backup only
B. VLAN 6-10 will use fa0/10 as a backup only
C. VLAN 1-5 will be blocking if fa0/10 goes down
D. VLAN 1-10 are configured to load share between fa0/10 and fa0/12
E. VLAN 6-10 have a port priority of 128 on fa0/10
Correct Answer: BD Section: (none)Explanation

QUESTION 11
A. supports token ring VLANs
B. allows VLAN consistency checks
Correct Answer: AB Section: (none) Explanation

QUESTION 12
A. DTP packets are sent to switch b
B. the native VLAN for switch b is vlan 1
C. a trunk link will be formed
D. DTP is not running on switch a
E. only VLANs 1 – 1001 will travel across the trunk link
Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:

QUESTION 13
Correct Answer: D Section: (none) Explanation

QUESTION 14
A. VTP version 2 supports token ring VLANs
B. VTP version 2 allows VLAN consistency checks
C. VTP version 2 allows active redundant links when used with spanning tree
D. VTP version 2 reduces the amount of configuration necessary
E. VTP version 2 saves VLAN configuration memory
Correct Answer: AB Section: (none) Explanation

QUESTION 15
What does the global command udld enable accomplish?

Correct Answer: A Section: (none)Explanation

QUESTION 16
A. DISL
B. ISL
C. DTP
D. IEEE 802.1Q
E. MPLS
F. none of the other alternatives apply
Correct Answer: B Section: (none)Explanation
Explanation/Reference:

QUESTION 17

Correct Answer: D Section: (none) Explanation

QUESTION 18
A. untagged frames are automatically assumed to be in VLAN 5

Correct Answer: A Section: (none)Explanation

QUESTION 19
Correct Answer: C Section: (none)Explanation
Explanation/Reference:

QUESTION 20
Correct Answer: BD Section: (none)

We provide Cisco 642-813 help and information on a wide range of issues.Cisco 642-813 is professional and confidential and your issues will be replied within 12 hous.  Cisco 642-813 free to send us any questions and we always try our best to keeping our Customers Satisfied.

Cisco 642-813 Answers, The Most Recommended Cisco 642-813 Exam Practice PDF Online Store

New VCE and PDF – You can prepare Cisco 642-813 exam in an easy way with Cisco 642-813 questions and answers. By training our Cisco 642-813 vce dumps with all the latest questions, you can pass the exam in the first attempt.

Exam A QUESTION 1
Refer to the exhibit. What is the effect on the trust boundary of configuring the command mls qos trust cos on the switch port that is connected to the IP phone?

A. Effectively the trust boundary has been moved to the IP phone.
B. The host is now establishing the CoS value and has effectively become the trust boundary.
C. The switch is rewriting packets it receives from the IP phone and determining the CoS value.
D. The switch will no longer tag incoming voice packets and will trust the distribution layer switch to set the CoS.
E. RTP will be used to negotiate a CoS value based upon bandwidth utilization on the link.

Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 2
Refer to the exhibit. What is the effect when the switchport priority extend cos 3 command is configured
on the switch port interface connected to the IP phone?

A. Effectively, the trust boundary has been moved to the PC attached to the IP phone.
B. The computer is now establishing the CoS value and has effectively become the trust boundary.
C. The IP phone is enabled to override with a CoS value of 3 the existing CoS marking of the PC attached CareerCert.blogspot.com to the IP phone.
D. The switch will no longer tag incoming voice packets and will extend the trust boundary to the distribution layer switch.
E. RTP will be used to negotiate a CoS value based upon bandwidth utilization on the link.
Correct Answer: C Section: (none) Explanation
Explanation/Reference:
QUESTION 3
Which three WLAN statements are true? (Choose three.)
A. A lightweight AP receives control and configuration from a WLAN controller to which it is associated.
B. A WLAN client that is operating in half-duplex mode will delay all clients in that WLAN.
C. Ad hoc mode allows mobile clients to connect directly without an intermediate AP.
D. Another term for infrastructure mode is independent service set (IBSS).
E. The Aironet 1230 access point is an example of an access point that operates solely as a lightweight access point.
F. WLANs are designed to share the medium and can easily handle an increased demand of channel contention.
Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 4
Which statement is true about IP telephony calls?
A. A Voice over IP (VoIP) packet consists of the voice payload, IP header, TCP header, RTP header, and Layer 2 link header.
B. The voice carrier stream uses H.323 to set up, maintain, and tear down call endpoints.
C. Call control signaling uses Real-Time Transport Protocol (RTP) packets that contain actual voice samples.
D. The sum of bandwidth necessary for each major application, including voice, video, and data, should not exceed 75 percent of the total available bandwidth for each link.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 5
Which three statements are true about the voice VLAN feature on a Catalyst 2950 switch? (Choosethree.)
A. The CoS value is trusted for 802.1p or 802.1q tagged traffic. CareerCert.blogspot.com
B. The voice VLAN feature is disabled by default.
C. The IP phone accepts the priority of all tagged and untagged traffic and sets the CoS value to 4.
D. When the voice VLAN feature is enabled, all untagged traffic is sent according to the default CoS priority of the port.
E. PortFast is automatically disabled when a voice VLAN is configured.
F. The default CoS value for incoming traffic is set to 0.
Correct Answer: BDF Section: (none) Explanation
Explanation/Reference:
QUESTION 6
In what three ways is QoS applied in the campus network? (Choose three.)
A. No traffic marking occurs at the core layer. Layer 2/3 QoS tags are trusted from distribution layer switches and used to prioritize and queue the traffic as it traverses the core.
B. IP precedence, DSCP, QoS group, IP address, and ingress interface are Layer 2 characteristics that are set by the access layer as it passes traffic to the distribution layer. The distribution layer, once it has made a switching decision to the core layer, strips these off.
C. MAC address, Multiprotocol Label Switching (MPLS), the ATM cell loss priority (CLP) bit, the Frame Relay discard eligible (DE) bit, and ingress interface are established by the voice submodule (distribution layer) as traffic passes to the core layer.
D. The distribution layer inspects a frame to see if it has exceeded a predefined rate of traffic within a certain time frame, which is typically a fixed number internal to the switch. If a frame is determined to be in excess of the predefined rate limit, the CoS value can be marked up in a way that results in the packet being dropped.
E. The access layer is the initial point at which traffic enters the network. Traffic is marked (or remarked) at Layers 2 and 3 by the access switch as it enters the network, or is “trusted” that it is entering the network with the appropriate tag.
F. Traffic inbound from the access layer to the distribution layer can be trusted or reset depending upon the ability of the access layer switches. Priority access into the core is provided based on Layer 3 QoS tags.
Correct Answer: AEF Section: (none) Explanation
Explanation/Reference:
QUESTION 7
Which two Aironet enterprise solution statements are true? (Choose two.)
A. A Cisco Aironet AP handles the transmission of beacon frames and also handles responses to probe-CareerCert.blogspot.com request frames from clients.
B. A Cisco Aironet solution includes intelligent Cisco Aironet access points (APs) and Cisco Catalyst switches.
C. In the Cisco Aironet solution, each AP is locally configured by the use of either a web interface or the command line interface.
D. The Cisco Aironet AP handles real-time portions of the LWAPP protocol, and the WLAN controller TestInside Help You Pass Any IT Exam http://www.TestInside.com CareerCert.blogspot.com Testinside handles those items which are not time sensitive.
E. Virtual MAC architecture allows the splitting of the 802.11 protocol between the Cisco Aironet AP and a LAN switch.
Correct Answer: AD Section: (none) Explanation
Explanation/Reference:
QUESTION 8
Which statement about the Lightweight Access Point Protocol (LWAPP) is true?
A. LWAPP encrypts control traffic between the AP and the controller.
B. LWAPP encrypts user traffic with a x.509 certificate using AES-CCMP.
C. LWAPP encrypts both control traffic and user data.
D. When set to Layer 3, LWAPP uses a proprietary protocol to communicate with the Cisco Aironet APs.
Correct Answer: A Section: (none) Explanation Explanation/Reference:
QUESTION 9
Which issue or set of issues does the Lightweight Access Point Protocol (LWAPP) address?
A. reduction of processing in wireless controllers
B. distributed approach to authentication, encryption, and policy enforcement
C. provides security by blocking communication between access points and wireless clients
D. access point discovery, information exchange, and configuration
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 10
Refer to the exhibit. The command spanning-tree guard root is configured on interface Gi0/0 on both

CareerCert.blogspot.com
A. Yes. Traffic can pass either from switch S6 to S3 to S2 to S1, or, from switch S6 to S5 to S2 to S1.
B. No. Traffic will pass from switch S6 to S5 and dead-end at interface Gi 0/0.
C. No. Traffic will loop back and forth between switch S5 and S2.
D. Yes. Traffic will pass from switch S6 to S3 to S2 to S1.
E. No. Traffic will either pass from switch S6 to S5 and dead-end, or traffic will pass from switch S6 to S3 to S2 and dead-end.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 11
Refer to the exhibit. The service provider wants to ensure that switch S1 is the root switch for its own
network. On which interfaces should root guard be configured to ensure that this happens?

A. interfaces 1 and 2
B. interfaces 1, 2, 3, and 4
C. interfaces 1, 3, 5, and 6
D. interfaces 5 and 6
E. interfaces 5, 6, 7, and 8
F. interfaces 11 and 12
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 12
Which two statements about the Cisco Aironet Desktop Utility (ADU) are true? (Choose two.)
A. The Aironet Desktop Utility (ADU) can be used to establish the association between the client adapter and the access point, manage authentication to the wireless network, and enable data encryption.
B. The Aironet Desktop Utility (ADU) and the Microsoft Wireless Configuration Manager can be used at the TestInside Help You Pass Any IT Exam http://www.TestInside.com CareerCert.blogspot.com Testinside same time to configure the wireless client adapter.
C. The Aironet Desktop Utility (ADU) can support only one wireless client adapter installed and used at a time.
D. The Aironet Desktop Utility (ADU) profile manager feature can create and manage only one profile for the wireless client adapter.
E. When the user selects a different profile in the Aironet Desktop Utility (ADU), the settings for the wireless client adapter are changed only after a reboot.
Correct Answer: AC Section: (none) Explanation
Explanation/Reference: QUESTION 13
Refer to the exhibit. A Cisco Aironet Wireless LAN Client Adapter has been installed and configured through the ADU on the PC. The Aironet System Tray Utility (ASTU) has been enabled during the installation and the icon appears in the system tray area in the lower right of the desktop. What is the significance of the icon?

A. It indicates that the radio of the client adapter is disabled.
B. It indicates that the client adapter is not associated to an access point or another client.
C. It indicates that the client adapter is associated to an access point or another client, but the user is not EAP authenticated.
D. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is excellent or good.
E. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is fair.
F. It indicates that the client adapter is associated to an access point or another client, that the user is authenticated if the client adapter is configured for EAP authentication, and that the signal strength is poor.
Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 14
In each option, a Layer 2 security attack is specified. Which statement correctly matches the correct mitigation technique with the specified Layer 2 switch attack?
A. Configure DHCP spoofing to mitigate ARP address spoofing attacks.
B. Configure DHCP spoofing to mitigate DHCP spoofing attacks.
C. Configure PVLANs to mitigate MAC address flooding attacks.
D. Configure port security to mitigate MAC address flooding attacks.
E. Enable root guard to mitigate ARP address spoofing attacks.
F. Configure dynamic ARP inspection (DAI) to mitigate IP address spoofing on DHCP untrusted ports.
Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 15
Which description correctly describes a MAC address flooding attack?
A. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the destination address found in the Layer 2 frames sent by the valid network device.
B. The attacking device crafts ARP replies intended for valid hosts. The MAC address of the attacking device then becomes the source address found in the Layer 2 frames sent by the valid network device.
C. The attacking device spoofs a destination MAC address of a valid host currently in the CAM table. The switch then forwards frames destined for the valid host to the attacking device.
D. The attacking device spoofs a source MAC address of a valid host currently in the CAM table. The switch then forwards frames destined for the valid host to the attacking device.
E. Frames with unique, invalid destination MAC addresses flood the switch and exhaust CAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports.
F. Frames with unique, invalid source MAC addresses flood the switch and exhaust CAM table space. The result is that new entries cannot be inserted because of the exhausted CAM table space, and traffic is subsequently flooded out all ports.
Correct Answer: F Section: (none) Explanation
Explanation/Reference:
QUESTION 16
Refer to the exhibit. An attacker is connected to interface Fa0/11 on switch A-SW2 and attempts to
establish a DHCP server for a man-in-middle attack. Which recommendation, if followed, would mitigate
this type of attack?

A. All switch ports in the Building Access block should be configured as DHCP trusted ports.
B. All switch ports in the Building Access block should be configured as DHCP untrusted ports.
C. All switch ports connecting to hosts in the Building Access block should be configured as DHCP trusted ports.
D. All switch ports connecting to hosts in the Building Access block should be configured as DHCP untrusted ports.
E. All switch ports in the Server Farm block should be configured as DHCP untrusted ports.
F. All switch ports connecting to servers in the Server Farm block should be configured as DHCP untrusted ports.

Correct Answer: D Section: (none) Explanation
Explanation/Reference:
QUESTION 17
Refer to the exhibit.
The web servers WS_1 and WS_2 need to be accessed by external and internal users. For security reasons, the servers should not communicate with each other, although they are located on the same subnet. The servers do need, however, to communicate with a database server located in the inside network. What configuration will isolate the servers from each other?

A. The switch ports 3/1 and 3/2 will be defined as secondary VLAN isolated ports. The ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
B. The switch ports 3/1 and 3/2 will be defined as secondary VLAN community ports. The ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
C. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as primary VLAN promiscuous ports.
D. The switch ports 3/1 and 3/2 and the ports connecting to the two firewalls will be defined as primary VLAN community ports.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 18
What are three required steps to configure DHCP snooping on a switch? (Choose three.)
A. Configure DHCP snooping globally.
B. Configure DHCP snooping on an interface.
C. Configure DHCP snooping on a VLAN or range of VLANs.
D. Configure the switch as a DHCP server.
E. Configure all interfaces as DHCP snooping trusted interfaces.
F. Configure the switch to insert and remove DHCP relay information (option-82 field) in forwarded DHCP request messages.
Correct Answer: ABC Section: (none) Explanation
Explanation/Reference:
QUESTION 19
A client is searching for an access point (AP). What is the correct process order that the client and
A. probe request/response, authentication request/response, association request/response
B. association request/response, authentication request/response, probe request/response
C. probe request/response, association request/response, authentication request/response
D. association request/response, probe request/response, authentication request/response
Correct Answer: A Section: (none) Explanation
Explanation/Reference:
QUESTION 20
Which statement about the Lightweight Access Point Protocol (LWAPP) protocol is true?
A. The processing of 802.11 data and management protocols and access point capabilities is distributed between a lightweight access point and a centralized WLAN controller.
B. LWAPP aggregates radio management forward information and sends it to a wireless LAN solution engine.
C. LWAPP authenticates all access points in the subnet and establishes a secure communication channel with each of them.
D. LWAPP advertises its WDS capability and participates in electing the best WDS device for the wireless LAN.
Correct Answer: A Section: (none) Explanation
Explanation/Reference:

 

Preparing Cisco 642-813 exam is not difficult now.You can prepare from Cisco 642-813 Certification or Cisco 642-813 dumps.Here we have mentioned some sample questions.You can use our Cisco 642-813 study material notes for test preparation.Latest Cisco 642-813 study material available.