When a VLAN port configured as a trunk receives an untagged frame, what will happen?
A. The frame will be dropped.
B. The frame will cause an error message to be sent.
C. The frame will be processed as a native VLAN frame
D. The frame will first be tagged, then processed as a native VLAN frame.
By default, which statement is correct when an IEEE 802.1Q trunk port receives an untagged frame?
A. The frame is considered in the native VLAN and forwarded to the ports associated with that VLAN.
B. The frame is encapsulated and tagged as in the native VLAN.
C. The frame is broadcast on all ports regardless of VLAN association.
D. The frame is dropped.
What is the method used to filter traffic being bridged within a VLAN?
A. Ethernet maps
B. router ACLs
C. VLAN maps
D. IP ACLs
Refer to the exhibit. Both host stations are part of the same subnet but are in different VLANs. On the basis of the information presented in the exhibit, which statement is true about an attempt to ping from host to host?
A. A trunk port will need to be configured on the link between Sw_A and Sw_B for the ping command to be successful.
B. The two different hosts will need to be in the same VLAN in order for the ping command to be successful.
C. A Layer 3 device is needed for the ping command to be successful.
D. The ping command will be successful without any further configuration changes.
Refer to the exhibit. VLAN 1 and VLAN 2 are configured on the trunked links between Switch A and Switch B. Port Fa 0/2 on Switch B is currently in a blocking state for both VLANs. What should be done to load balance VLAN traffic between Switch A and Switch B?
A. Lower the port priority for VLAN 1 on port 0/1 for Switch A.
B. Lower the port priority for VLAN 1 on port 0/2 for Switch A.
C. Make the bridge ID of Switch B lower than the ID of Switch A.
D. Enable HSRP on the access ports.
The DAI feature has been implemented in the ACME switched LAN. Which three statements are true about the dynamic ARP inspection (DAI) feature? (Select three)
A. DAI can be performed on ingress ports only.
B. DAI can be performed on both ingress and egress ports.
C. DAI is supported on access ports, trunk ports, EtherChannel ports, and private VLAN ports.
D. DAI should be enabled on the root switch for particular VLANs only in order to secure the ARP caches of hosts in the domain.
E. DAI should be configured on all access switch ports as untrusted and on all switch ports connected to other switches as trusted.
F. DAI is supported on access and trunk ports only.
You are implementing basic switch security best practices. Which of these is a tactic that you can use to mitigate compromises from being launched through the switch?
A. Make all ports private VLAN ports.
B. Place all unused ports in native VLAN 1 until needed.
C. Proactively configure unused switch ports as access ports.
D. Disable Cisco Discovery Protocol globally.
A. Sw2 is configured for switch-based authentication using RADIUS.
B. Interface FastEthernet0/6 is configured with a SmartPort macro using RADIUS.
C. Interface FastEthernet0/6 is configured for 802.1X Authenticated Trunking Protocol (ATP).
D. Interface FastEthernet0/6 is configured for port-based traffic control.
E. Interface FastEthernet0/6 is configured for port-based authentication.
Which three statements apply to access control of both bridged and routed traffic for VLANs? (Choose three.)
A. Router ACLs can be applied to the input and output directions of a VLAN interface.
B. Bridged ACLs can be applied to the input and output directions of a VLAN interface.
C. Only router ACLs can be applied to a VLAN interface.
D. VLAN maps can be applied to a VLAN interface.
E. VLAN maps and router ACLs can be used in combination.
Refer to the exhibit. The show port-security interface fa0/1 command was issued on switch SW1. Given the output that was generated, which two security statement are true? (Choose two.)
A. Interface FastEthernet 0/1 was configured with the switchport port-security aging command.
B. Interface FastEthernet 0/1 was configured with the switchport port-security protect command.
C. Interface FastEthernet 0/1 was configured with the switchport port-security violation restrict command.
D. When the number of secure IP addresses reaches 10, the interface will immediately shut down.
E. When the number of secure MAC addresses reaches 10, packets from unknown MAC addresses will be dropped.
Passleader Actual Cisco 642-813 PDF & VCE Exam Dumps