[Free] 2017(Apr) Ensurepass Testking Cisco 300-115 Latest Dumps 101-110

Ensurepass
2017 April Cisco Official New Released 300-115 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-115.html

Implementing Cisco IP Switched Networks (SWITCH v2.0)

QUESTION 101

An administrator recently configured all ports for rapid transition using PortFast.After testing, it has been determined that several ports are not transitioning as they should. What is the reason for this?

 

A.

RSTP has been enabled per interface and not globally.

B.

The STP root bridge selection is forcing key ports to remain in non-rapid transitioning mode.

C.

STP is unable to achieve rapid transition for trunk links.

D.

The switch does not have the processing power to ensure rapid transition for all ports.

 

Correct Answer: C

Explanation:

RSTP can only achieve rapid transition to the forwarding state on edge ports and on point-to-point links, not on trunk links. The link type is automatically derived from the duplex mode of a port. A port that operates in full-duplex is assumed to be poin
t-to-point, while a half-duplex port is considered as a shared port by default. This automatic link type setting can be overridden by explicit configuration. In switched networks today, most links operate in full-duplex mode and are treated as point-to-point links by RSTP. This makes them candidates for rapid transition to the forwarding state.

Reference: http://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/24062-146.html

 

 

QUESTION 102

A network engineer must set the load balance method on an existing port channel. Which action must be done to apply a new load balancing method?

 

A.

Configure the new load balancing method using port-channel load-balance.

B.

Adjust the switch SDM back to “default”.

C.

Ensure that IP CEF is enabled globally to support all load balancing methods.

D.

Upgrade the PFC to support the latest load balancing methods.

 

Correct Answer: A

Explanation:

Example:

EtherChannel balances the traffic load across the links in a channel through the reduction of part of the binary pattern that the addresses in the frame form to a numerical value that selects one of the links in the channel. EtherChannel load balancing can use MAC addresses or IP addresses, source or destination addresses, or both source and destination addresses. The mode applies to all EtherChannels that are configured on the switch. You configure the load balancing and forwarding method with use of theport- channel load-balance {dst-ip | dst-mac | src-dst-ip | src-dst-mac | src-ip | src-mac} global configuration command.

Reference: http://www.cisco.com/c/en/us/support/docs/lan-switching/etherchannel/12023-4.html

 

 

 

 

 

 

QUESTION 103

An EtherChannel bundle has been established between a Cisco switch and a corporate web server. The network administrator noticed that only one of the EtherChannel links is being utilized to reach the web server. What should be done on the Cisco switch to allow for better EtherChannel utilization to the corporate web server?

 

A.

Enable Cisco Express Forwarding to allow for more effective traffic sharing over the EtherChannel bundle.

B.

Adjust the EtherChannel load-balancing method based on destination IP addresses.

< p class="MsoNormal" style="margin: 0cm 0cm 0pt; line-height: normal; text-autospace: ; mso-pagination: none; mso-layout-grid-align: none">C.

Disable spanning tree on all interfaces that are participating in the EtherChannel bundle.

D.

Use link-state tracking to allow for improved load balancing of traffic upon link failure to the server.

E.

Adjust the EtherChannel load-balancing method based on source IP addresses.

 

Correct Answer: E

Explanation:

EtherChannel load balancing can use MAC addresses, IP addresses, or Layer 4 port numbers, and either source mode, destination mode, or both. The mode you select applies to all EtherChannels that you configure on the switch. Use the option that provides the greatest variety in your configuration. For example, if the traffic on a channel only goes to a single MAC address (which is the case in this example, since all traffic is going to the same web server), use of the destination MAC address results in the choice of the same link in the channel each time. Use of source addresses or IP addresses can result in a better load balance.

Reference:http://www.cisco.com/c/en/us/support/docs/lan-switching/etherchannel/12023-4.html

 

 

QUESTION 104

Refer to the exhibit. Switch A, B, and C are trunked together and have been properly configured for VTP. Switch B has all VLANs, but Switch C is not receiving traffic from certain VLANs. What would cause this issue?

 

clip_image001

 

A.

A VTP authentication mismatch occurred between Switch A and Switch B.

B.

The VTP revision number of Switch B is higher than that of Switch A.

C.

VTP pruning is configured globally on all switches and it removed VLANs from the trunk interface that is connected to Switch C.

D.

The trunk between Switch A and Switch B is misconfigured.

 

Correct Answer: C

Explanation:

VTP pruning increases network available bandwidth by restricting flooded traffic to those trunk links that the traffic must use to reach the destination devices. Without VTP pruning, a switch floods broadcast, multicast, and unknown unicast traffic across all trunk links within a VTP domain even though receiving switches might discard them. VTP pruning is disabled by default.

VTP pruning blocks unneeded flooded traffic to VLANs on trunk ports that are included in the pruning-eligible list. The best explanation for why switch C is not seeing traffic from only some of the VLANs, is that VTP pruning has been configured.

 

 

QUESTION 105

Which portion of AAA looks at what a user has access to?

 

A.

authorization

B.

authentication

C.

accounting

D.

auditing

 

Correct Answer: A

Explanation:

AAA consists of the following three elements:

Authentication: Identifies users by login and password using challenge and response methodology before the user even gains access to the network. Depending on your security options, it can also support encryption.

Au
thorization: After initial authentication, authorization looks at what that authenticated user has access to do. RADIUS or TACACS+ security servers perform authorization for specific privileges by defining attribute-value (AV) pairs, which would be specific to the individual user rights. In the Cisco IOS, you can define AAA authorization with a named list or authorization method. Accounting: The last “A” is for accounting. It provides a way of collecting security information that you can use for billing, auditing, and reporting. You can use accounting to see what users do once they are authenticated and authorized. For example, with accounting, you could get a log of when users logged in and when they logged out.

Reference: http://www.techrepublic.com/blog/data-center/what-is-aaa-and-how-do-you-configure-it-in-the-cisco-ios/

 

 

QUESTION 106

While troubleshooting a network outage, a network engineer discovered an unusually high level of broadcast traffic coming from one of the switch interfaces. Which option decreases consumption of bandwidth used by broadcast traffic?

 

A.

storm control

B.

SDM routing

C.

Cisco IOS parser

D.

integrated routing and bridging

E.

Dynamic ARP Inspection

 

Correct Answer: A

Explanation:

Storm control prevents traffic on a LAN from being disrupted by a broadcast, multicast, or unicast storm on a port. A LAN storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. Errors in the protocol-stack implementation, mistakes in network configuration, or users issuing a denial-of-service attack can cause a storm.

Storm control is configured for the switch as a whole but operates on a per-port basis. By default, storm control is disabled.

Storm control uses rising and falling thresholds to block and then restore the forwarding of broadcast, unicast, or multicast packets. You can also set the switch to shut down the port when the rising threshold is reached.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2950/software/releas e/12-1_22ea/SCG/scg/swtrafc.html

QUESTION 107

A network engineer configures port security and 802.1x on the same interface. Which option describes what this configuration allows?

 

A.

It allows port security to secure the MAC address that 802.1x authenticates.

B.

It allows port security tosecure the IP address that 802.1x authenticates.

C.

It allows 802.1x to secure the MAC address that port security authenticates.

D.

It allows 802.1x to secure the IP address that port security authenticates.

 

Correct Answer: A

Explanation:

802.1X and Port Security

You can configure port security and 802.1X on the same interfaces. Port security secures the MAC addresses that 802.1X authenticates. 802.1X processes packets before port securityprocesses them, so when you enable both on an interface, 802.1X is already preventing inbound traffic on the interface from unknown MAC addresses.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx-os/security/configuration/guide/sec_nx-os-cfg/sec_portsec.html

 

 

QUESTION 108

When you configure a private VLAN, which type of port must you configure the gateway router port as?

 

A.

promiscuous port

B.

isolated port

C.

community port

D.

access port

 

Correct Answer: A

Explanation:

There are mainly two types of ports in a Private VLAN: Promiscuous port (P-Port) and Host port.

Host port further divides in two types – Isolated port (I-Port) and Community port (C-port).

Reference: http://en.wikipedia.org/wiki/Private_VLAN

 

 

QUESTION 109

A Cisco Catalyst switch that is prone to reboots continues to rebuild the DHCP snooping database. What is the solution to avoid the snooping database from being rebuilt after every device reboot?

 

A.

A DHCP snooping database agent should be configured.

B.

Enable DHCP snooping for all VLANs that are associated with the switch.

C.

Disable Option 82 for DHCP data insertion.

D.

Use IP Source Guard to protect the DHCP binding table entries from being lost upon rebooting.

E.

Apply ip dhcp snooping trust on all interfaces with dynamic addresses.

 

Correct Answer: A

Explanation:

Minimum DHCP Snooping Configuration

The minimum configuration steps for the DHCP snooping feature are as follows:

1. Define and configure the DHCP server.

2. Enable DHCP snooping on at least one VLAN.

By default, DHCP snooping is inactive on all VLANs.

3. Ensure that DHCP server is connected through a trusted interface.

By default, the trust stat
e of all interfaces is untrusted.

4. Configure the DHCP snooping database agent.

This step ensures that database entries are restored after a restart or switchover.

5. Enable DHCP snooping globally.

The feature is not active until you complete this step.

Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/snoodhcp.html#wp1090479

 

 

QUESTION 110

On which interface can port security be configured?

 

A.

static trunk ports

B.

destination port for SPAN

C.

EtherChannel port group

D.

< span lang="EN-US" style="font-family: ; mso-no-proof: yes">dynamic access point

 

Correct Answer: A

Explanation:

Port Security and Port Types

You can configure port security only on Layer 2 interfaces. Details about port security and different types of interfaces or ports are as follows:

Access ports–You can configure port security on interfaces that you have configured as Layer 2 access ports. On an access port, port security applies only to the access VLAN.

Trunk ports–You can configure port security on interfaces that you have configured as Layer 2 trunk ports. VLAN maximums are not useful for access ports. The device allows VLAN maximums only for VLANs associated with the trunk port.

SPAN ports–You can configure port security on SPAN source ports but not on SPAN destination ports.

Ethernet Port Channels–Port security is not supported on Ethernet port channels.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/4_1/nx- os/security/configuration/guide/sec_nx-os-cfg/sec_portsec.html

100% Free Download!
—Download Free Demo:300-115 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-115 Full Exam PDF and VCE Q&As:215
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com