[Free] 2017(Apr) Ensurepass Testking Cisco 300-115 Latest Dumps 131-140

Ensurepass
2017 April Cisco Official New Released 300-115 Q&As
100% Free Download! 100% Pass Guaranteed!
http://www.ensurepass.com/300-115.html

Implementing Cisco IP Switched Networks (SWITCH v2.0)

QUESTION 131

A network engineer wants to ensure Layer 2 isolation of customer traffic using a private VLAN. Which configuration must be made before the private VLAN is configured?

 

A.

Disable VTP and manually assign VLANs.

B.

Ensure all switches are configured as VTP server mode.

C.

Configure VTP Transparent Mode.

D.

Enable VTP version 3.

 

Correct Answer: C

Explanation:

You must configure VTP to transparent mode before you can create a private VLAN. Private VLANs are configured in the context of a single switch and cannot have members on other switches. Private VLANs also carry TLVs that are not known to all types of Cisco switches.

Reference: http://www.ciscopress.com/articles/article.asp?p=29803&seqNum=6

 

 

QUESTION 132

Which database is used to determine the validity of an ARP packet based on a valid IP-to- MAC address binding?

 

A.

DHCP snooping database

B.

dynamic ARP database

C.

dynamic routing database

D.

static ARP database

 

Correct Answer: A

Explanation:

Information About Dynamic ARP Inspection

DAI is used to validate ARP requests and responses as follows:

Intercepts all ARP requests and responses on untrusted ports.

Verifies that a packet has a valid IP-to-MAC address binding before updating the ARP cache or forwarding the packet.

Drops invalid ARP packets.

DAI can determine the validity of an ARP packet based on valid IP-to-MAC address bindings stored in a DHCP snooping binding database.This database is built by DHCP snooping when it is enabled on the VLANs and on the device. It may also contain static entries that you have created.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus1000/hyperv/sw/5_2_1_s_m_1_5_2/troubleshooting/configuration/guide/n1000v_troubleshooting/n1000v_tr ouble_19dhcp.html

 

 

QUESTION 133

After port security is deployed throughout an enterprise campus, the network team has been overwhelmed with port reset requests. They decide to configure the network to automate the process of re-enabling user ports. Which command accomplishes this task?

 

A.

switch(config)# errdisable recovery interval 180

B.

switch(config)# errdisable recovery cause psecure-violation

C.

switch(config)# switchport port-security protect

D.

switch(config)# switchport port-security aging type inactivity

E.

switch(config)# errdisable recovery cause security-violation

 

Correct Answer: B

Explanation:

When a secure port is in the error-disabled state, you can bring it out of this state automatically by configuring the errdisable recovery cause psecure-violation global configuration command or you can manually reenable it by entering the shutdown and no shut down interface configuration commands. This is the default mode. If a port is in per-VLAN errdisable mode, you can also use clear errdisable interface name vlan range command to re-enable the VLAN on the port.

You can also customize the time to recover from the specified error disable cause (default is 300 seconds) by entering the errdisable recovery interval interval command.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/53SG/configuration/config/port_sec.pdf

 

 

QUESTION 134

Refer to the exhibit. Which login credentials are required when connecting to the console port in this output?

 

clip_image001

 

A.

none required

B.

username cisco with password cisco

C.

no username with password linepass

D.

login authentication default

 

Correct Answer: A

Explanation:

Here the console has been configured with the NO_AUTH name, which lists none as the authentication method. None means no authentication, meaning that credentials are not required and all sessions are allowed access immediately.

 

 

QUESTION 135

A switch is added into the production network to increase port capacity. A network engineer is configuring the switch for DHCP snooping and IP Source Guard, but is unable to configure ip verify source under several of the interfaces. Which option is the cause of the problem?

 

< tr style="mso-yfti-irow: 0; mso-yfti-firstrow: yes">

A.

The local DHCP server is disabled prior to enabling IP Source Guard.

B.

The interfaces are configured as Layer 3 using the no switchport command.

C.

No VLANs exist on the switch and/or the switch is configured in VTP transparent mode.

D.

The switch is configured for sdm prefer routing as the switched database management

 

 

template.

E.

The configured SVIs on the switch have been removed for the associated interfaces.

 

Correct Answer: B

Explanation:

IP source guard is a security feature that restricts IP traffic on nonrouted, Layer 2 interfacesby filtering traffic based on the DHCP snooping binding database and on manually configured IP source bindings. You can use IP source guard to prevent traffic attacks caused when a host tries to use the IP address of its neighbor. You can enable IP source guard when DHCP snooping is enabled on an untrusted interface. After IP source guard is enabled on an interface, the switch blocks all IP traffic received on the interface, except for DHCP packets allowed by DHCP snooping. A port access control list (ACL) is applied to the interface. The port ACL allows only IP traffic with a source IP address in the IP source binding table and denies all other traffic. The IP source binding table has bindings that are learned by DHCP snooping or are manually configured (static IP source bindings). An entry in this table has an IP address, its associated MAC address, and its associated VLAN number. The switch uses the IP source binding table only when IP source guard is enabled.

IP source guard is supported only on Layer 2 ports, including access and trunk ports.You can configure IP source guard with source IP address filtering or with source IP and MAC address filtering.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-2_25_see/configuration/guide/3550SCG/swdhcp82.html#wp1069615

 

 

QUESTION 136

Which gateway role is responsible for answering ARP requests for the virtual IP address in GLBP?

 

A.

active virtual forwarder

B.

active virtual router

C.

active virtual gateway

D.

designated router

 

Correct Answer: C

Explanation:

GLBP Active Virtual Gateway

Members of a GLBP group elect one gateway to be the active virtual gateway (AVG) for that group. Other group members provide backup for the AVG in the event that the AVG becomes unavailable. The AVG assigns a virtual MAC address to each member of the GLBP group. Each gateway assumes responsibility for forwarding packets sent to the virtual MAC address assigned to it by the AVG. These gateways are known as active virtual forwarders (AVFs) for their virtual MAC address.

The AVG is responsible for answering Address Resolution Protocol (ARP) requests for the virtual IP address. Load sharing is achieved by the AVG replying to the ARP requests with different virtual MAC addresses.

Reference: http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ft_glbp.html

 

 

 

 

 

 

 

 

QUESTION 137

Which configuration command ties the router hot standby priority to the availability of its interfaces?

 

A.

standby group

B.

standby priority

C.

backup interface

D.

standby track

 

Correct Answer: D

Explanation:

The standby track interface configuration command ties the router hot standby priority to the availability of its interfaces and is useful for tracking interfaces that are not configured for HSRP. When a tracked interface fails, the hot standby priority on the device on which tracking has been configured decreases by 10. If an interface is not tracked, its state changes do not affect the hot standby priority of the configured device. For each interface configured for hot standby, you can configure a separate list of interfaces to be tracked.

Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3550/software/release/12.1_19_ea1/configuration/guide/swhsrp.html

 

 

QUESTION 138

Ferris Plastics, Inc. is a medium sized company, with an enterprise network (access, distribution and core switches) that provides LAN connectivity from user PCs to corporate servers. The distribution switches are configured to use HSRP to provide a high availability solution.

 


DSW1 -primary device for VLAN 101 VLAN 102 and VLAN 105

DSW2 – primary device for VLAN 103 and VLAN 104

 

A failure of GigabitEthemet1/0/1 on primary device should cause the primary device to release its status as the primary device, unless GigabitEthernet1/0/1 on backup device has also failed.

 

Troubleshooting has identified several issues. Currently all interfaces are up. Using the running configurations and show commands, you have been asked to investigate and respond to the following question.

 

clip_image003

clip_image004

 

clip_image005

 

If GigabitEthemet1/0/1 on DSW2 is shutdown, what will be the resulting priority value of the VLAN 105 HSRP group on router DSW2?

 

A.

90

B.

100

C.

150

D.

200

 

Correct Answer: A

Explanation:

As seen below, the current priority for VLAN 105 is 100, and the tracking feature for Gig 1/0/0 is enabled which will decrement the priority by 10 if this interface goes down for a priority value of 90.

 

clip_image007

QUESTION 139

Ferris Plastics, Inc. is a medium sized company, with an enterprise network (access, distribution and core switches) that provides LAN connectivity from user PCs to corporate servers. The distribution switches are configured to use HSRP to provide a high availability solution.

 

DSW1 -primary device for VLAN 101 VLAN 102 and VLAN 105

DSW2 – primary device for VLAN 103 and VLAN 104

 

A failure of GigabitEthemet1/0/1 on primary device should cause the primary device to release its status as the primary device, unless GigabitEthernet1/0/1 on backup device has also failed.

 

Troubleshooting has identified several issues. Currently all interfaces are up. Using the running configurations and show commands, you have been asked to investigate and respond to the following question.

 

clip_image008

 

clip_image004[1]

clip_image005[1]

 

During routine maintenance, it became necessary to shut down the GigabitEthernet1/0/1 interface on DSW1. All other interfaces were up. During this time, DSW1 remained the active device for the VLAN 102 HSRP group. You have determined that there is an issue with the decrement value in the track command for the VLAN 102 HSRP group. What needs to be done to make the group function properly?

 

A.

The decrement value on DSW1 should be greaterthan 5 and less than 15.

B.

The decrement value on DSW1 should be greaterthan 9 and less than 15.

C.

The decrement value on DSW1 should be greaterthan 11 and less than 19.

D.

The decrement value on DSWTs should be greaterthan 190 and less than 200.

E.

The decrement value on DSWTs should be greaterthan 195 and less than 205.

 

Correct Answer: C

Explanation:

clip_image009

 

Use “show run” command to show. The left Vlan102 is console1 of DS1. Priority value is 200, we should decrement value in the track command from 11 to 18. Because 200 – 11 = 189 < 190 (priority of Vlan102 on DS2).

 

 

QUESTION 140

Which VRRP router is responsible for forwarding packets that are sent to the IP addresses of the virtual router?

 

A.

virtual router master

B.

virtual router backup

C.

virtual router active

D.

virtual router standby

 

Correct Answer: A

Explanation:

VRRPDefinitions

VRRP Router A router running the Virtual Router Redundancy Protocol. It may participate in one or more virtual routers.

Virtual Router An abstract object managed by VRRP that acts as a default router for hosts on a shared LAN.

It consists of a Virtual Router Identifier and a set of associated IP address(es) across a common LAN. A VRRP Router may backup one or more virtual routers.

IP Address Owner The VRRP router that has the virtual router’s IP address(es) as real interface address(es).

This is the router that, when up, will respond to packets addressed to one of these IP addresses for ICMP pings, TCP connections, etc.

Primary IP Address An IP address selected from the set of real interface addresses. One possible selection algorithm is to always select the first address. VRRP advertisements are always sent using the primary IP address as the source of the IP packet.

Virtual Router Master The VRRP router that is assuming the responsibility of forwarding packets sent to the IP address(es) associated with the virtual router, and answering ARP requests for these IP addresses.Note that if the IP address owner is available, then it will always become the Master.

Reference: http://www.ietf.org/rfc/rfc3768.txt

100% Free Download!
—Download Free Demo:300-115 Demo PDF
100% Pass Guaranteed!
Download 2017 Ensurepass 300-115 Full Exam PDF and VCE Q&As:215
—Get 10% off your purchase! Copy it:8GTC-8UIE-M1SC [2017.04.01-2017.04.30]

Ensurepass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF + VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No

2017 Ensurepass IT Certification PDF and VCE

HOT EXAM!
Proudly powered by WordPress   Premium Style Theme by www.gopiplus.com