Home > ICND2 – DTP Questions

ICND2 – DTP Questions

October 31st, 2017 in ICND2 200-105 Go to comments

[am4show have=’p2;’]

Premium Member: You can test your knowledge with these questions first via this link.

[/am4show]

Question 1

[am4show have=’p2;’]Which statement about DTP is true?

A. It uses the native VLAN.
B. It negotiates a trunk link after VTP has been configured.
C. It uses desirable mode by default.
D. It sends data on VLAN 1.

 

Answer: D[/am4show]

Explanation

Control traffic like CDP, DTP, PAgP, and VTP uses VLAN 1 to operate, even if you change the native VLAN.

Question 2

[am4show have=’p2;’]How can you disable DTP on a switch port?

A. Configure the switch port as a trunk.
B. Add an interface on the switch to a channel group.
C. Change the operational mode to static access.
D. Change the administrative mode to access.

 

Answer: A (no correct answer, in fact)[/am4show]

Explanation

Although some books and websites said DTP is disabled if the switch port is configured as trunk or access mode (via the command “switchport mode trunk” or “switchport mode access”) but in fact DTP is still running in these modes. Please read at http://packetlife.net/blog/2008/sep/30/disabling-dynamic-trunking-protocol-dtp/. The only way to disable DTP on a switch port is to use the “switchport nonegotiate” command. But notice this command can only be used after configuring that switch port in “trunk” or “access” mode.

Therefore this is a question with no correct answer but if we have to choose an answer, we will choose answer A. At least it is correct in theory.

Question 3

[am4show have=’p2;’]Which three statements about DTP are true? (Choose three)

A. It is enabled by default.
B. It is a universal protocol.
C. It is a proprietary protocol.
D. It is disabled by default.
E. It is a Layer 3-based protocol.
F. It is a Layer 2-based protocol.

 

Answer: A C F[/am4show]

Question 4

[am4show have=’p2;’]What is the DTP’s default mode in a switch?

A. ON
B. OFF
C. Dynamic Desirable
D. Dynamic Auto

 

Answer: D[/am4show]

Explanation

The Dynamic Trunking Protocol (DTP) is used to negotiate forming a trunk between two Cisco devices.

In fact this question is unclear as it does not ask about a specific switch model. The default DTP configuration for Cisco Catalyst 2960 and 3560 switches is dynamic auto while older 3550 switches run Dynamic Desirable as the default mode. So in this question we should follow the “newer” switches (which is “dynamic auto” mode).

New switches are only set to “dynamic auto” mode by default so they are safer as they do not try to form a trunk aggressively.

Therefore in this question “dynamic auto” is the best choice.

Reference: http://www.ciscopress.com/articles/article.asp?p=2181837&seqNum=8

Comments (38) Comments
  1. so??
    April 18th, 2017

    Is the answer to question 2
    trunk or access?
    (i am not able to see the questions currently)

  2. Anonymous
    June 7th, 2017

    in regards to Q 1, I thought CDP, DTP traveled on the native VLAN.
    Because if ‘Control traffic like CDP, DTP, PAgP, and VTP uses VLAN 1 to operate, even if you change the native VLAN.’ is true. When you shut VLAN 1 would you no longer see CDP neigh??

  3. Anonymous
    June 14th, 2017

    So Maria,

    Were the 9tut dumps any use to you?

  4. Pete
    June 18th, 2017

    Is question 1 not Native Vlan??

  5. @Anonymous
    July 2nd, 2017

    you can’t shutdown vlan 1 or suspend

  6. Joe
    July 8th, 2017

    But you can prune vlan 1 from a trunk; in which case I’m pretty sure cdp still works. I’ll have to research.

  7. no
    July 29th, 2017

    No, only VLAN0001 for control traffic, no matter what you do, including pruning with VTP, according to this at least:

    https://supportforums.cisco.com/discussion/10790041/shutting-down-vlan1-security-switchport-trunk-native

  8. KR
    August 9th, 2017

    For question 4, option D (Dynamic Auto) is correct for Catalyst 2960 and 3560 but option C (Dynamic desirable) is correct for older Catalyst 2950 and 3550 switches as stated in the link provided under question 4 explanation. The question states “Whats DTP’s default in a switch?”. How can option D be correct when we dont know which series switch it is?

  9. Almost there :)
    August 9th, 2017

    Anyone done the exam lately?
    I have mine next friday

  10. ICND2
    August 9th, 2017

    Hi,
    for question 2 I have found this
    https://supportforums.cisco.com/discussion/12915416/change-dynamic-auto-access-mode-will-disable-dtp-effectively

    my understanding is that the correct answer is D.

    If configured as trunk you need also the command switchport nonegotiate. Any thought on this?

  11. kksmh
    August 17th, 2017

    I had question 4 modified today on icnd2 the choices were:
    What is DTP’s default in a switch?
    A. ON
    B. OFF
    C. Desirable
    D. Auto

    Is it Auto or ON?

  12. Big Gun
    August 28th, 2017

    @kksmh

    DTP default mode?

    Older devices were auto, newer devices are desirable. Cisco changed this to make it a bit more secure. I would go with desirable as the correct answer.

  13. ConfigGuru
    September 14th, 2017

    Is anyone having troubles seeing the questions

  14. DL
    October 3rd, 2017

    Question 2’s answer is D. When you configure the interface in Access mode it stops negotiating the trunk (show interface switchport), even if some DTP packets are still being sent by the interface.

  15. Anonymous
    October 19th, 2017

    se repiten las preguntas 1 con la 5.. por que?

  16. LF
    October 19th, 2017

    se repiten las preguntas 1 con la 5.. por que?

  17. FB
    November 11th, 2017

    I would definitely go for answer D on question 2 – putting the interface into switchport mode access will stop DTP

  18. EAGLE_EYE
    November 14th, 2017

    Q2. How can you disable DTP on a switch port?

    Switchport Mode Access: This puts the interface (ACCESS PORT) into a PERMANENT NON-TRUNKING mode and negotiates to convert the link into a NON-TRUNK link. The port would be a dedicated Layer 2 access port!

    Switchport Nonegotiates: Prevents the interface from generating DTP Frames. You can use this command only when the interface switchport mode is (ACCESS/TRUNK).

  19. Johnny
    November 24th, 2017
  20. RnS Newbie
    December 1st, 2017

    Q4 and Q7 (default mode for DTP) counteract each other. Please clarify, and remove the question that reflects the wrong answer.
    For what it’s worth, my research indicates the DTP default can change based on the type of switch you are using. For a Cisco IOS switch: “By default, a Cisco Ethernet port’s default DTP mode is “dynamic desirable”, which allows the port to actively attempt to convert the link into a trunk.” — probably the best answer for current testing. (Note: For a Cisco ILS switch, the default is Auto.)

    As far as disabling DTP, I found this information:
    nonegotiate = Sets Trunking on and disables DTP. These will only become Trunks with ports in on or nonegotiate mode.
    off = This option sets Trunking and DTP capabilities off. This is usually the recommended setting for any access port since it prevents any dynamic establishments of Trunk links.

    Info found here: https://www.cisco.com/c/en/us/td/docs/net_mgmt/ciscoworks_lan_management_solution/4-2/user/guide/configuration/config/configvlan.html?dtid=osscdc000283

  21. CcNa
    December 12th, 2017

    Skunks

  22. Bengt
    January 6th, 2018

    Q1.
    DTP does not use tagging, so native vlan seem to be the best answer.

  23. Anonymous
    January 19th, 2018

    @Bengt try out GNS3 academy this is the second post I have seen you wrote that is incorrect dont take this wrong I want you to pass. CDP VTP and DTP all go over vlan 1 regardless if you change the Native Vlan. GNS3 academy covers this topic very well.

  24. Anonymous
    January 19th, 2018

    Also forgot PAgP

  25. Anonymous
    January 24th, 2018

    Q 1

    On an 802.1Q trunk, DTP packets are sent on the native VLAN.
    On an ISL trunk, DTP packets are sent on VLAN1.

    Not enough info in the question to answer A or D. For 802.1Q trunk native defaults to VLAN1 but it can be changed and DTP would follow to the changed native VLAN which will no longer be VLAN1.

    https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/24330-185.html#pre6

    search for: “DTP packets”

  26. MN
    March 13th, 2018

    Question 2 after putting some time and deep digging I will say A is the answer. here is why. there is no such command to change administrative mode. status will only change when switch between access or trunk. if we go by D then C is also correct. again there is no such command to change operational mode it only change when switch between access or trunk by entering command switchport mode assess or trunk. so D and C is out B is already out too~ have fun~

    How can you disable DTP on a switch port?
    A. Configure the switch port as a trunk.
    B. Add an interface on the switch to a channel group.
    C. Change the operational mode to static access.
    D. Change the administrative mode to access.

    Answer: A

  27. youknowwho
    March 29th, 2018

    Question 2 states:
    Q: How can you disable DTP on a switch port?

    Answer per Cisco Employee: switchport nonegotiate

    https://supportforums.cisco.com/t5/lan-switching-and-routing/switchport-nonegotiate-sets-trunking-on-and-disables-dtp/td-p/1649235

  28. youknowwho
    March 29th, 2018

    9tut.net
    Mam/Sir,
    Please add this as an option above.
    Thank You.
    We appreciate you and this site for teaching foundations to build from and to practice.

  29. 9tut
    March 29th, 2018

    @youknowwho: We know this command will disable DTP but it is not an option of this question in the exam.

  30. Anonymous
    June 21st, 2018

    There are only three answers in the Quiz:

    OFF
    Dynamic desirable
    ON

    whats the correct?

  31. Keven
    September 23rd, 2018

    Confirming the 398q dumps are valid.

  32. Doc
    September 25th, 2018

    Question 2
    How can you disable DTP on a switch port?

    A. Configure the switch port as a trunk.
    B. Add an interface on the switch to a channel group.
    C. Change the operational mode to static access.
    D. Change the administrative mode to access.

    Answer: C

    My explanation:

    I’ve checked it in the Packet Tracer Simulation Mode.

    By default switches send to each other DTP packets.

    When you enter the switchport mode access command on one of the switches it start to discard the DTP packets.

    And if enter the show interfaces switchport command you will see this:

    Switchport: Enabled
    Administrative Mode: static access <—
    Operational Mode: static access <—
    Administrative Trunking Encapsulation: dot1q
    Operational Trunking Encapsulation: native
    Negotiation of Trunking: Off <—

    ——————————————-

    If you check how works the command switchport mode trunk you will ses this:
    Switch#show interfaces switchport
    Name: Fa0/1
    Switchport: Enabled
    Administrative Mode: trunk <—
    Operational Mode: trunk <—
    Administrative Trunking Encapsulation: dot1q
    Operational Trunking Encapsulation: dot1q
    Negotiation of Trunking: On <—!

    To turn negotiation off you need one more command to enter – switchport nonegotiate and ONLY after that Negotiation of Trunking will become Off and switch stop sending DTP packets.

    So when using the static access mode you will get what you need immediately.

  33. Dane L
    January 4th, 2019

    These questions aren’t bad to reference. They’ll never be exact but they are for sure…similar.

  34. barabba
    May 25th, 2019

    Question 2 answer IS D.
    As somebody said already, ‘nonegotiate’ would have been the best option to choose BUT configuring the interface in access mode will disable DTP negotiation as well, while configuring it in trunk mode will not.

    @Doc: good point but wrong answer choice. When you change the configuration you change the Administrative Mode of the interface.
    https://learningnetwork.cisco.com/thread/29256

    @MN March 13th, 2018: ” there is no such command to change administrative mode. status will only change when switch between access or trunk. if we go by D then C is also correct. ”
    Sorry but you’re wrong: changes to che configuration of the interface

  35. gits1134
    September 15th, 2019

    How can you disable DTP on a switch port?
    A. Configure the switch port as a trunk.
    B. Add an interface on the switch to a channel group.
    C. Change the operational mode to static access
    D. Change the administrative mode to access

    since ‘nonegotiate’ is not listed, here’s what I found.

    DTP negotiation runs on TRUNK for VTP so a is incorrect
    one will think the answer is C but there is no command to for that (instead)
    to Change the operational mode to static access, the ADMINISTRATIVE MODE HAS TO BE CONFIGURED AS STATIC ACCESS.
    this is done by going in to the interface and issue the [switchport mode access]

    the command [switchport mode dynamic desirable] won’t work and you’ll get
    “Command rejected: Conflict between ‘nonegotiate’ and ‘dynamic’ status.”

    so yes, my answer is D.

  36. passicnd2
    November 9th, 2019

    I passed ICND2 on November 4th with 854! There are 54 questions, 4 drag and drop 2 labs for me EIGRP and GRE, BGP, ACL, IP SLA, RSTP, HSRP, PPPOE Questions! I have all the labs, and the majority of the questions, I have two courses and a lot of labs from CISCO to be prepare write alberthdr AT hotmail point com

  37. Tenedos
    December 1st, 2019

    For question 2, How can you disable DTP on a switch port?

    From what I’ve read there are two ways to disable DTP, and from an architectural perspective, DTP should never be allowed to remain on by default.

    The first way is configuring the switchport as an access port by using the command switchport mode access. This will disable DTP and allow the switchport to operate only in the configured VLAN, if none is configured by default it will be placed into VLAN_1.

    The second way to disable DTP is by using the command switchport nonegotiate statically configured trunk interfaces. This will ensure that DTP is disabled and static trunking is configured. This is the most common way to configure trunk unlinks between switches to share layer 2 information.

    So maybe they are implying that answer A. “Configure the switch port as a trunk.” means that you have used switchport nonegotiate and thus configured static trunking on the port. Thoughts?