Share your ICND2 v3.0 Experience

@iraqi & @ nike

Sorry to hear about your fails. Don’t give up. Try again soon and show Cisco your the boss!!! If you can recall any new questions, please share

Best of luck

@iraqi and Nike – Any new questions that you could remember ? It would be of great help !!!

@mc , vince – thanks for confirming appreciate it

Guys , Just to double check

Access-lists and IPV6 are not part of ICND2 right ?

@ Sam Here are the answers to questions you posted

1) Which component of the Cisco SDN solution serves as the centralized management system?
A. Cisco OpenDaylight
B. Cisco ACI—> This is Correct
C. Cisco APIC
D. Cisco IWAN

2) Which statement about DTP is true?
A. It uses the native VLAN.
B. It negotiates a trunk link after VTP has been configured.
C. It uses desirable mode by default.
D. It sends data on VLAN 1.–> Use this one as answer

3) You enter the show ipv6 route command on an OSPF device and the device displays a route. Which
conclusion can you draw about the environment?
A. OSPF is distributing IPv6 routes to BGP. (route redisbution is not part of ICND2)
B. The router is designated as an ABR. Does not make sense at all
C. The router is designated as totally stubby.
D. OSPFv3 is in use.–>This is correct

4) Which three approaches can be used while migrating from an IPv4 addressing scheme to an IPv6 scheme. (Choose three.)
A. enable dual-stack routing–>Correct
B. configure IPv6 directly
C. configure IPv4 tunnels between IPv6 islands –> Correct
D. use proxying and translation to translate IPv6 packets into IPv4 packets
E. statically map IPv4 addresses to IPv6 addresses
F. use DHCPv6 to map IPv4 addresses to IPv6 addresses

5) Which command can be used from a router to verify the Layer 3 path to a host?
A. tracert address -> Use this on a PC
B. traceroute address–> Correct answer
C. telnet address
D. ssh address

6) Which Cisco platform can verify ACLs?
A. Cisco Prime Infrastructure
B. Cisco Wireless LAN Controller (Not part of the ICND2)
C. Cisco APIC-EM–> Correct Answer
D. Cisco IOS-XE

7) What is the first step you perform to configure an SNMPv3 user?
A. Configure server traps.
B. Configure the server group.
C. Configure the server host.
D. Configure the remote engine ID.–> C is the answer

8. Which statement about DTP ie true?
A. It uses the native VLAN.
B. It negotiate a trunk link after VTP has been configured.
C. It uses desirable mode by default.
D. It sends data on VLAN 1. (D is correct)

9. Which two circumstances can cause collision domain issues on VLAN domain? (Choose two.)
a. duplex mismatches on Ethernet segments in the same VLAN
b. multiple errors on switchport interfaces 
c. congestion on the switch inband path 
d. a failing NIC in an end device 
e. an overloaded shared segment 
 (a and c are correct)

10. How can you disable DTP on a switch port?
* A. Configure the switch port as a trunk.<—- This is the correct answer
* B. Add an interface on the switch to a channel group.
* C. Change the operational mode to static access.
* D. Change the administrative mode to access.

11. Which statement about QoS default behavior is true?
a. Ports are untrusted by default. 
b. VoIP traffic is passed without being tagged. 
c. Video traffic is passed with a well-known DSCP value of 46. 
d. Packets are classified internally with an environment. 
e. Packets that arrive with a tag are untagged at the edge of an administrative domain. (a is the answer)

12. Which statement about the IP SLAs ICMP Echo operation is true?
A. It is configured in enable mode.
B. It is used to determine the one-way delay between devices. <–This is correct
C. It is used to identify the best source interface from which to send traffic to a destination.
D. The frequency of the operation is specified in milliseconds.

@ Javh
Can we take a look at this question again please.
Which VLAN bridge priority value is assigned ny the set span tree root command?
a)16384
b)32768
c)28672
d)8192

d is the correct answer

Here why:
To configure a switch to become the root bridge for the specified VLAN, use the spanning-tree vlan vlan-ID root command to modify the bridge priority from the default value (32,768) to a significantly lower value. The bridge priority for the specified VLAN is set to 8192 if this value causes the switch to become the root for the VLAN. If any bridge for the VLAN has a priority lower than 8192, the switch sets the priority to 1 less than the lowest bridge priority. Source cisco.com

@Dan242

Thank you for your reply. Im writing in 2hrs.

@ JaVH,

-Make sure you go through all the questions in DAVE Quiz before the exam. It will help you alot. Let me know if you don’t have it.

Correction on the following question:
9. Which two circumstances can cause collision domain issues on VLAN domain? (Choose two.)
a. duplex mismatches on Ethernet segments in the same VLAN
b. multiple errors on switchport interfaces 
c. congestion on the switch inband path 
d. a failing NIC in an end device 
e. an overloaded shared segment 
 (a and d are correct)

Good Luck

@JaVH GOODLUCK mate 🙂

Which interface counter can you use to diagnose a duplex mismatch problem?
A. no carrier
B. late collisions
C. giants
D. CRC errors
E. deferred
F. runts

ANSWER: ?????

I wonder how much money these scanners make to be so dedicated in bugging people like they do. We a

I have been looking over questions posted by evryone for the past couple of days, just starting to study and there are 2 questions that I am still kind of stuck on.

How can you disable DTP on a switch port?
* A. Configure the switch port as a trunk.
* B. Add an interface on the switch to a channel group.
* C. Change the operational mode to static access.
* D. Change the administrative mode to access.

If someone could please clarify I would appreciate it.
Thanks

@Juststarting

How can you disable DTP on a switch port?
* A. Configure the switch port as a trunk. ——— correct
* B. Add an interface on the switch to a channel group.
* C. Change the operational mode to static access.
* D. Change the administrative mode to access.

Which WAN techonolgy is very secure by default
1)VPN ——correct
2)IPsec
3)HDLC
4)LCP

good luck

I just found a page that helped me understand the DTP question better.

http://www.techexams.net/forums/ccnp/80018-dtp-thoughts.html

Which WAN techonolgy is very secure by default
1)VPN
2)IPsec
3)HDLC
4)LCP

Please check this link for further explanation.

http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/14106-how-vpn-works.html

Thanks guys.

@DAN OR ANYONE , Can you please help with these answers ?

Which two circumstances can cause collision domain issues on VLAN domain? (Choose two.)
a. duplex mismatches on Ethernet segments in the same VLAN
b. multiple errors on switchport interfaces 
c. congestion on the switch inband path 
d. a failing NIC in an end device 
e. an overloaded shared segment 
 (a and d are correct)

7) What is the first step you perform to configure an SNMPv3 user?
A. Configure server traps.
B. Configure the server group.
C. Configure the server host.
D. Configure the remote engine ID.–> C is the answer

Which interface counter can you use to diagnose a duplex mismatch problem?
A. no carrier
B. late collisions
C. giants
D. CRC errors
E. deferred
F. runts
ANSWER: ?????

@Dan – for 1 & 2 questions , you have different answers than usual.. can you please confirm ?

@SAM

Which two circumstances can cause collision domain issues on VLAN domain? (Choose two.)
a. duplex mismatches on Ethernet segments in the same VLAN
b. multiple errors on switchport interfaces
c. congestion on the switch inband path
d. a failing NIC in an end device
e. an overloaded shared segment

ANSWER:
A & D

SOURCE:
http://www.cisco.com/c/en/us/support/docs/lan-switching/virtual-lans-vlan-trunking-protocol-vlans-vtp/23637-slow-int-vlan-connect.html#troublesht_collision
***First sentences of Paragraph 3 & 4

What is the first step you perform to configure an SNMPv3 user?
A. Configure server traps.
B. Configure the server group.
C. Configure the server host.
D. Configure the remote engine ID.

ANSWER:
B

SOURCE:
http://docwiki.cisco.com/wiki/Snmp_v3_configurations#Configuration
***First group, then user, then server.

Which interface counter can you use to diagnose a duplex mismatch problem?
A. no carrier
B. late collisions
C. giants
D. CRC errors
E. deferred
F. runts

ANSWER:
My guess is B, but according to this source, it can be B, D, or F.

SOURCE:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/12027-53.html#shwop
***See Table 1 for Description and Common Causes of Incrementing Error Counters

@SAM
The first question answers are a and c (I think a rebuttal was posted to correct that)

Answer: AC
Explanation:
Collision Domains
A collision domain is an area of a single LAN where end stations contend for access to the network because all end stations are connected to a shared physical medium. If two connected devices transmit onto the media at the same time, a collision occurs. When a collision occurs, a JAM signal is sent on the network, indicating that a collision has occurred and that devices should ignore any fragmented data associated with the collision. Both sending devices back off sending their data for a random amount and then try again if the medium is free for transmission.
Therefore, collisions effectively delay transmission of data, lowering the effective throughput available to a device. The more devices that are attached to a collision domain, the greater the chances of collisions; this results in lower bandwidth and performance for each device attached to the collision domain. Bridges and switches terminate the physical signal path of a collision domain, allowing you to segment separate collision domains, breaking them up into multiple smaller pieces to provide more bandwidth per user within the new collision domains formed.

7) What is the first step you perform to configure an SNMPv3 user?
A. Configure server traps.
B. Configure the server group.
C. Configure the server host.
D. Configure the remote engine ID.–> C is the answer

Here is why:
Perform this task to specify an SNMP server group name and to add a new user to an SNMP group.
SUMMARY STEPS

1. enable

2. configure terminal

3. snmp-server group [group-name {v1 | v2c | v3 [auth | noauth | priv]}] [read read-view] [write write-view] [notify notify-view] [access access-list]

Which interface counter can you use to diagnose a duplex mismatch problem?
A. no carrier
B. late collisions –> This is correct
C. giants
D. CRC errors
E. deferred
F. runts

@SAM and Go F

Which two circumstances can cause collision domain issues on VLAN domain
I would say a & e: 1. the statement below 2. everything I have read states a and e in their initial breath then refers to NIC failure. My gut says NIC is too broad for a question asking about something so specific like a VLAN Domain.

Takz, DEC 7 2016, Yes also got it on my exam, and I answered wrong, Duplex mismatch and inband path, after reading here and some consulting. The answer should be, Duplex mismatch and Overloaded segment. Cisco does state in a doc that a Failing NIC might cause problems but lists it as a remote possibility.

7) What is the first step you perform to configure an SNMPv3 user?
A. Configure server traps.
B. Configure the server group.
C. Configure the server host.
D. Configure the remote engine ID.

B is the right answer from the information below. I think the last half of the paragraph hits it on the head. I haven’t taken the test to give you a 100% for this question, just hitting the books to take the test like yourself.

It also Looks like Go F’s reference states the same thing just cant tell if he forgot to replace your answer.

Cited this from Wendell Odom’s Cisco Official Cert Guide.

SNMPv3 configuration on Cisco routers and switches has some commands in common with SNMPv2c configuration, and some completely different commands. The configuration to support sending Traps and Informs, using the snmp-server host and snmp-server enable traps commands, works almost identically, with a few small differences. However, SNMPv3 replaces all references to communities, and as a result does not use the snmp-server community command at all. Instead, it uses the snmp-server group and snmp-server user commands to configure the security features available to SNMPv3.
Example
R1(config)# snmp-server group BookGroup v3 auth write v1default
R1(config)# snmp-server user Youdda BookGroup v3 auth md5 madeuppassword
R1(config)# snmp-server host 10.1.3.3 version 3 auth Youdda

Also SAM you may know this already but you can also find the answer with a different but similar explanation on 9tut under new-icnd2v3-questions

I also agree with Go F, late collisions for the last question

A late collision refers to a collision that occurs after 512 bits of the frame (the preamble) have been transmitted. Excessive cable lengths are the most common cause of late collisions. Another common cause is duplex misconfiguration. For example, you could have one end of a connection configured for full-duplex and the other for half-duplex. You would see late collisions on the interface that is configured for half-duplex. In that case, you must configure the same duplex setting on both ends. A properly designed and configured network should never have late collisions. http://www.ciscopress.com/articles/article.asp?p=2181836&seqNum=5

I agree with @BK. The answers are A and E for the question: Which two circumstances can cause collision domain issues on VLAN domain? (Choose two.)
a. duplex mismatches on Ethernet segments in the same VLAN
b. multiple errors on switchport interfaces 
c. congestion on the switch inband path 
d. a failing NIC in an end device 
e. an overloaded shared segment

Here’s the reason why: “If problems only occur on that collision domain, and the performance of other collision domains in the same VLAN is normal, then look at the port counters on the switch to determine what troubles this segment may be experiencing. Most likely, the cause is simple, such as a duplex mismatch. Another, less frequent cause is an overloaded or oversubscribed segment.”

Why c is incorrect: “Congestion on the switch inband path can result in a spanning tree loop or other types of instability on the network.” “It is difficult to cause congestion of the inband port on the switch, though maliciously formed denial of service (DoS) attacks may succeed. ”

No information found in b and d in the source link. Source: http://www.cisco.com/c/en/us/support/docs/lan-switching/virtual-lans-vlan-trunking-protocol-vlans-vtp/23637-slow-int-vlan-connect.html#congestion

HI Guys l

Need help with answers fir these questions

-1. Which of following are WAN connections(Choose two)
-HDLC
-DTE
-LCP
-DCE
and to more
-Which device classes are used over serial links
DCE
DTE
LCP
HDLC
PPP
LMI

3) Which command do you enter to enable an interface to support PPPoE on a client?
A. Dev1(config)# bba-group pppoe bba 1.
B. Dev1(config-if)# pppoe-client dial-pool-number 1.
C. Dev1(config-if)# pppoe enable group bba1.
D. Dev1(config-if)# pppoe enable.
Answer:

Where i can get valid ICND2 dump ?

Hi guys ,

Can someone help me with the above questions? Have exam tomorrow

@sam

3) Which command do you enter to enable an interface to support PPPoE on a client?
A. Dev1(config)# bba-group pppoe bba 1.
B. Dev1(config-if)# pppoe-client dial-pool-number 1. — Correct
C. Dev1(config-if)# pppoe enable group bba1.
D. Dev1(config-if)# pppoe enable.

@Sam

Which device classes are used over serial links
DCE <— This
DTE <— This
LCP
HDLC
PPP
LMI

I would choose these as my answer, Data Terminal Equipment (DTE) and Data Communications Equipment (DCE) are both required for a serial link with the DCE end supplying a clock rate for the link. HDLC and PPP are encapsulation types, LCP is part of the PPP protocol, and LMI is related to Frame Relay I think.

Which command do you enter to enable an interface to support PPPoE on a client?
A. Dev1(config)# bba-group pppoe bba 1.
B. Dev1(config-if)# pppoe-client dial-pool-number 1.
C. Dev1(config-if)# pppoe enable group bba1.
D. Dev1(config-if)# pppoe enable. < —-This

I would choose D here. This is the command that you enter to enable an interface to actually use PPoE. A and C are commands issued on the server side of setup, and B is a command to configure the pool the dialer will use.

Which command do you enter to enable an interface to support PPPoE on a client?
A. Dev1(config)# bba-group pppoe bba 1.
B. Dev1(config-if)# pppoe-client dial-pool-number 1.
C. Dev1(config-if)# pppoe enable group bba1.
D. Dev1(config-if)# pppoe enable. < —-This

because of the steps
Configuring a PPPoE Client
SUMMARY STEPS
1. enable

2. configure terminal

3. interface type number

4. no ip address

5. pppoe enable ***********

6. pppoe-client dial-pool-number number

7. exit

8. interface dialer number

9. mtu size

10. ip address negotiated

11. encapsulation type

12. dialer pool number

13. ppp pap sent-username username password password

14. end

i have the new dump, pls tell me if you got those questions in relal exam, so i can share all questions here,
which protocl authonitcate connected devices before allowing them to access the lan
a- 802.1d
b- 802.11
C- 802.1w
B- 802.1x (correct answer)

2-which type of interface can nogotiate an ip address for a pppoe client
A- ethernet
B-dialer (correct answer)
C-Serial
D-Fram Realy

3-which option is a benifit of switch statching
its provide higher port density with better resource usage ( correct answer)

what is the first step you perform to configure an SNMPV3 user?
A- configure server trap
B- configure the server group ( correc answer)
C-configure the server host
D-configure the remote engine ID

Which Cisco platform can verify ACLs?
A. Cisco Prime Infrastructure
B. Cisco Wireless LAN Controller( CORRECT ANSWER)
C. Cisco APIC-EM
D. Cisco IOS-XE

I Passed CCNA exam yesterday! The Exam was really hard. If you need any suggestion or help of any kind i’m here.

@Expert, about your answer:

Which Cisco platform can verify ACLs?
A. Cisco Prime Infrastructure
B. Cisco Wireless LAN Controller
C. Cisco APIC-EM <— Yes, 100% sure
D. Cisco IOS-XE

@Brainiac
Which Cisco platform can verify ACLs?
A. Cisco Prime Infrastructure
B. Cisco Wireless LAN Controller———This correct as far as i have read in dumps or in dave’s quiz.
C. Cisco APIC-EM
D. Cisco IOS-XE

@Brainiac
Could you please tell us what kind of lab or questions did you get? is this site & dumps still valid…cheers

@Xenit
Yeah, i read a lot of dumps… really a lot! But i’m sure of what i say. We studied Cisco Apic-Em like the official cisco’s syllabus said. Apic-em cal also verify ACLs.

@lol
I followed the passleader dumps and I can say that they are valid at 50%. If you show a few questions I can show you the correct answer approved by my CCNP instructor.

Btw There are lots of new questions that treat about BGP, HSRP, Slow inter-VLAN and MPLS.

The difficulty in this exam is not so much the complexity of the answers but the fact that Cisco, in many questions, has added different correct answers, but for which we should respond in the proper order. In fact, it is easy to talk about WIreless LAN Controller as you record in your dump, but it is just as easy to fall into error. This is because in that case APIC-Em is the right answer, ’cause it is a controller that performs the same function and cisco wants that the answer is that one. But the point is that they are both correct. The exam is difficult for this, but I’m here to help you if you have questions or problems with questions in particular.

The labs i found were three about OSPF, GRE-NAT and EIGRP. In this case the dumps are untrusted.

guys… would some share the latest valid dump to use…… thanks a lot

@Brainiac Thankyou for your feedback & GOOD LUCK in CCNP.

@All .. passed my exam today ..Read all the comments in last 10 pages & Pass leader dumps .. you should be good to pass ..

I dint get any new questions today .. so cleared with a very good score.

thanks for all your support .

@SAM congratulations, it was your first attempt??

Does anyone has the configuration for the GRE-NAT simulation?
@Sam did you study the 271 Q dump?

Thanks!!

i have more questions, but will need to verify from the guys who recently took the exam if they got the same questions or no

i think they add 50 new question to the dump, so they pick 8 to 10 new questions to each versions and so on

hello i ve got all the latest dumps

Has anyone tried “Learn Cisco” quiz? Should i spend my time on it or not, Plzz let me know if anyone else has tried it. cheers

@SAM. would you share the dump plz.
@dumps. would you share the dumps if possible.

Yo Guys I have couple of questions, can you please help me out. The Quiz says one answer & the dumps the other, don’t know which one to believe…. 🙂 THANKS

Which two circumstances can cause collision domain issues on VLAN domain? (Choose
two.)
A. duplex mismatches on Ethernet segments in the same VLAN
B. multiple errors on switchport interfaces
C. congestion on the switch inband path
D. a failing NIC in an end device
E. an overloaded shared segment

What are two enhancements that OSPFv3 supports over OSPFv2? (Choose two.)
A. It requires the use of ARP.
B. It can support multiple IPv6 subnets on a single link.
C. It supports up to 2 instances of OSPFv3 over a common link.
D. It routes over links rather than over networks.

Which option is the benefit of implementing an intelligent DNS for a cloud computing solution?
A. It reduces the need for a backup data center.
B. It can redirect user requests to locations that are using fewer network resources.
C. It enables the ISP to maintain DNS records automatically.
D. It eliminates the need for a GSS.
Which part of the PPPoE server configuration contains the information used to assign an IP address to a
PPPoE client?
A. virtual-template interface
B. DHCP
C. dialer interface
D. AAA authentication

You enter the show ipv6 route command on an OSPF device and the device displays a route. Which conclusion can you draw about the environment?
A. OSPF is distributing IPv6 routes to BGP.
B. The router is designated as an ABR.
C. The router is designated as totally stubby.
D. OSPFv3 is in use.

@Xenit

Which two circumstances can cause collision domain issues on VLAN domain? (Choose
two.)
A. duplex mismatches on Ethernet segments in the same VLAN —> This
B. multiple errors on switchport interfaces
C. congestion on the switch inband path —> This
D. a failing NIC in an end device
E. an overloaded shared segment

What are two enhancements that OSPFv3 supports over OSPFv2? (Choose two.)
A. It requires the use of ARP.
B. It can support multiple IPv6 subnets on a single link. –> This
C. It supports up to 2 instances of OSPFv3 over a common link.
D. It routes over links rather than over networks. —> this

Which option is the benefit of implementing an intelligent DNS for a cloud computing solution?
A. It reduces the need for a backup data center.
B. It can redirect user requests to locations that are using fewer network resources. —> This
C. It enables the ISP to maintain DNS records automatically.
D. It eliminates the need for a GSS.

Which part of the PPPoE server configuration contains the information used to assign an IP address to a PPPoE client?
A. virtual-template interface —> this (the dumps say ‘dialer’ i know, but isn’t right, ’cause the dialer interface is configured by pppoe client, not server.)
B. DHCP
C. dialer interface
D. AAA authentication

You enter the show ipv6 route command on an OSPF device and the device displays a route. Which conclusion can you draw about the environment?
A. OSPF is distributing IPv6 routes to BGP.
B. The router is designated as an ABR.
C. The router is designated as totally stubby.
D. OSPFv3 is in use. —> this

Guys, i followed these dumps to pass my 200-105 exam, but be carefully ’cause a lot of questions are wrong. https://drive.google.com/drive/folders/0B-ob6L_QjGLpUTVNc3otMV8xMkU

P.s OSPF lab is partially right, but those of gre and eigrp have been changed by cisco.

Guys ,

People who are still hunting for dumps , please leave your email address ..I will help you

@Brainiac Thankyou mate

@SAM please share the dumps with me.
Thanks a lot!

ciscoicnd2 at gmail.com

@SAM could you please share with me the dumps
thanks and congrats dude
phelipslb at outlook dot com

@ SAM
please share the dumps with me
Thanks
darkicemail at yahoo dot com

@SAM
Please share dumps.
Thank you

nebulus1967 at gmail dot com

Thank YOU!

ccnaicnd2 at gmail

Hi Sam could you please send me a dumps
Sia under line m 313 @ yahoo dot com
Thank you

@SAM
Thank you

theplayer at abv dot com

Guys ,

take it from this link , got too many requests .

https://www.dropbox.com/s/kyiuj27vjq2dan9/ICND_2_PACKAGE.rar?dl=0

@Sam

Please share your dumps with me.

Thanks in advance!

ciscolearned at gmail dot com

Thank you @SAM for the link.

hello guys, i have a dump for the new exam, please share your email here if you going to exam soon,

@ SAM
Thanks a lot, really very helpfull.
God bless u.

@Expert
please send me the new dump.

kahala _ sami at hotmail dot com (remove the space)

Thank you inadvanced.

reapersquad27 at gmail.com

Thanks expert have tested these dumps?

@SAM…. thanks a lot bro for sharing the dumps… god bless you.

@EXPERT…. would you share it on any cloud storage. like dropbox or google drive… like SAM did.
thanks a lot man.

Please expert

FFS enough with these false adverts 🙁

@Sam link is already unavailable. Hi guys do you still have the link or file itself that Sam shared?

Has anyone tried “Learn Cisco” quiz? Should i spend my time on it or not, Plzz let me know if anyone else has tried it. cheers

@ SAM
the link for dropbox isnt working.
Please share it one more time.
Thank you in advance

@ SAM (or anyone else who was able to pull from the link): Please repost a valid link! Thank you!

@Expert: Would you please post a cloud storage link? We shouldn’t be posting email addresses (even if they’re one-time use).

@SAM: Please repost! The link no longer works!

Guys… am uploading @SAM files… it will take around 30min.. once its done.. i will share it.

Guys… SAM files…….
https://www.dropbox.com/s/k1kez70j7swrxhq/ICND_2_PACKAGE.rar?dl=0

@ iraqi
thanks for the share

@SAM
thanks for your hard work

@HappyME, well done!

To everyone, thought I’d chime in on one of the previous questions on disabling DTP, which seems to be causing some confusion.

10. How can you disable DTP on a switch port?
* A. Configure the switch port as a trunk.<—- This is NOT the correct answer
* B. Add an interface on the switch to a channel group.
* C. Change the operational mode to static access. <—- Correct
* D. Change the administrative mode to access.

I decided to break out a simulation in GNS3 and test this using an IOU switch. If you enter interface configuration mode explicitly set the switch port mode to trunk then observe the output using the #show dtp interface , where is the interface type and number. Do the same again but set the mode to access.

TRUNK MODE
========

DTP information for Ethernet0/0:
TOS/TAS/TNS: TRUNK/ON/TRUNK
TOT/TAT/TNT: 802.1Q/802.1Q/802.1Q
Neighbor address 1: 000000000000
Neighbor address 2: 000000000000
Hello timer expiration (sec/state): 15/RUNNING
Access timer expiration (sec/state): never/STOPPED
Negotiation timer expiration (sec/state): never/STOPPED
Multidrop timer expiration (sec/state): never/STOPPED
FSM state: S6:TRUNK
# times multi & trunk 0
Enabled: yes
In STP: no

Statistics
———-
0 packets received (0 good)
0 packets dropped
0 nonegotiate, 0 bad version, 0 domain mismatches,
0 bad TLVs, 0 bad TAS, 0 bad TAT, 0 bad TOT, 0 other
7 packets output (7 good)
7 native, 0 software encap isl, 0 isl hardware native
0 output errors
0 trunk timeouts
2 link ups, last link up on Wed Jan 25 2017, 19:30:16
1 link downs, last link down on Wed Jan 25 2017, 19:25:04

ACCESS MODE
=========

DTP information for Ethernet0/0:
TOS/TAS/TNS: ACCESS/OFF/ACCESS
TOT/TAT/TNT: 802.1Q/802.1Q/802.1Q
Neighbor address 1: 000000000000
Neighbor address 2: 000000000000
Hello timer expiration (sec/state): never/STOPPED
Access timer expiration (sec/state): never/STOPPED
Negotiation timer expiration (sec/state): never/STOPPED
Multidrop timer expiration (sec/state): never/STOPPED
FSM state: S1:OFF
# times multi & trunk 0
Enabled: no
In STP: no

Statistics
———-
0 packets received (0 good)
0 packets dropped
0 nonegotiate, 0 bad version, 0 domain mismatches,
0 bad TLVs, 0 bad TAS, 0 bad TAT, 0 bad TOT, 0 other
0 packets output (0 good)
0 native, 0 software encap isl, 0 isl hardware native
0 output errors
0 trunk timeouts
2 link ups, last link up on Wed Jan 25 2017, 19:30:16
2 link downs, last link down on Wed Jan 25 2017, 19:33:33

I’ll happily eat crow if I’m wrong but this is by far the most conclusive evidence I’ve seen thus far indicating the DTP status for each mode.

@Deadlock
Very wrong answer. Here is why. check this link
https://youtu.be/LS3WwAhwL3g

I have to agree that @deadlock is right!! I’ve also run gns3 and linked up two real switches to be sure and configuring switchport for static access does indeed disable DTP, I also watch the link @NIKE posted and she entered no negotiate which is the way to disable DTP also I found this for further confirmation

https://networklessons.com/switching/cisco-dtp-dynamic-trunking-protocol-negotiation/

@Deadlock, Thank you so much for your working, i really appreciate your working and this gave me a chance to work on this exactly as you did, however in my opinion the Answer should be

D. Change the administrative mode to access.

Because when we give the command SWITCHPORT MODE ACCESS, it changes the ADMINISTRATIVE MODE to access and as a result the OPERATIONAL MODE changes to ACCESS as well.

If you give the command SWITCHPORT MODE AUTO, it will change the ADMINISTRATIVE MODE to Auto and if the other switch is configured with switchport mode access, the OPERATIONAL MODE will change to ACCESS.

The bottom line in my opinion is that you can ONLY change ADMINISTRATIVE MODE and the switch will figure out automatically the OPERATIONAL MODE. You cannot configure the OPERATIONAL MODE directly using any command.

I will appreciate your feedback on this and needless to say that DTP is disable in ACCESS MODE.

@NIKE,

Please understand the fact that you can disable DTP using SWITCHPORT MODE TRUNK command
but additionally you have to input SWITCHPORT NONEGOTIATE and the answer does not include this command.

Guys, please explain this one

If primary and secondary root switches with priority 16384 both experience catastrophic losses, which tertiary switch can take over?
A. a switch with priority 20480
B. a switch with priority 8192
C. a switch with priority 4096
D. a switch with priority 12288

In my opinion the switch with the lowest priority becomes the Root so B seems the correct answer but the consensus is on ANSWER A. Can anyone explain this please.

Dumps are still valid i would say 75% not counting labs. Labs are troubleshooting EIGRP, OSPF, GRE, they aren’t too difficult just time consuming.

@shadows. The answer is A because the other priorities are lower than root 16384. STP chooses priority first before mac address, so there can’t be any switches with lower priority than the primary or secondary root switches. Otherwise they would have been the root to begin with.

@shadows, you are correct about the admin mode access

@ExploringSpace ….. which dump ???….. can you share plz.

@Shadows, I think you’re right. To illustrate, suppose we examine a port using the show interface switchport command when it’s in DYNAMIC DESIRABLE mode. A port configured in dynamic desirable mode initiates DTP frames. Examining the output of the said command shows:

Administrative Mode: dynamic desirable
Operational Mode: static access

When the port is explicitly set to ACCESS mode, using the same command we get:

Administrative Mode: static access
Operational Mode: static access

So yes, I’d go with D _and_ I’ll be sure to eat some crow. The NONEGOTIATE command isn’t listed as an option, I agree. Since it isn’t an available answer, we’d have to set the administrative mode to static access.

@Nike
I haven’t been able to view the video (at work atm) but if the video is indicating that setting the switchport mode to TRUNK will disable DTP then I’d have to disagree. If you think about it logically, we already know TRUNKDYNAMIC AUTO link will form a trunk. When a switchport is set to dynamic auto it will _never_ initiate (send) DTP frames. The only way a port configured in dynamic auto mode will form a trunk is if it _receives_ a DTP frame. And we know this can be achieved is when the opposing port on the link is configured in either TRUNK or DYNAMIC DESIRABLE mode.

@ Deadlock

DTP is enabled on trunk port and if you change the port to ACCESS mode it will not allow the VLAN Traffic to communicate between switches. Only VLAN will be allowed to communicate which the port that connects the switches falls in wouldn’t it? I think you have to do
swtchport mode trunk
switchport negotiation

@Cirsouser
I’d agree if the nonegotiate command was instated. However, it isn’t listed in any of the answers. Therefore the only way we can prevent DTP frames from being sent would be as @shadows corrected me on before, which is to set the administrative mode of the port to static access. Setting the operational mode to static access could include dynamic desirable mode which, by default, initiates DTP frames.

The administrative modes we can assign to a switch port are:

Dynamic Desirable (initiates DTP frames by default)
Dynamic Auto (doesn’t initiate DTP frames)
Trunk (initiates DTP frames by default)
Access (doesn’t initiate DTP frames)

Remember, the administrative mode of a port is what you as an administrator have assigned to that port (the default mode on a Catalyst switch is dynamic desirable).The operational mode is the actual mode of the port – static access or dot1q (trunk).

The free dumps posted by other people, this is the pdf version: https://drive.google.com/drive/folders/0B-ob6L_QjGLpUTVNc3otMV8xMkU

This is the VCE version:

https://www.dropbox.com/s/z6uv0z4wr01rmse/ICND_2_PACKAGE.zip?dl=0

The question asks how to disable DTP on a switch port. It doesn’t specify that the port is trunking.

Gave the wrong link for the VCE questions, this is the correct one: https://www.dropbox.com/s/sah0836r1kl6j1q/OneDrive-2017-01-13.zip?dl=0

ExploringSpace: Thank you, man. You are so nice person

@ Deadlock

Valid point. Thanks

How can you disable DTP on a switch port?
* A. Configure the switch port as a trunk.
* B. Add an interface on the switch to a channel group.
* C. Change the operational mode to static access.
* D. Change the administrative mode to access.

Okay, just to clear this question up…the answer is 100% D.

Changing a port to access disables DTP. It’s that simple.

Changing a port to Trunk does NOT disable DTP until you put in ‘switchport nonegotiate’.

Hope this helps.

As for the SMNP auth/priv question:

snmp-server group 1 v3 priv

That is the minimum for encryption, noauth and auth will not set encryption.

And…

what is the first step you perform to configure an SNMPV3 user?
A- configure server trap
B- configure the server group
C-configure the server host
D-configure the remote engine ID

Answer is B. The server group must be set before users or hosts. Traps + Informs are set as part of host configuration.

Which Cisco platform can verify ACLs?
A. Cisco Prime Infrastructure
B. Cisco Wireless LAN Controller
C. Cisco APIC-EM
D. Cisco IOS-XE

This is 100% C. It just is. There is an ALC Path-trace tool.

The line below is an extract from the official Cisco exam objectives:

4.5 Verify ACLs using the APIC-EM Path Trace ACL analysis tool

Cisco WLC is covered as part of the Wireless exam and it can’t verify ACL’s, only show hit counters.

Guys, please look into this question

When troubleshooting a switch, you executed the show interface port-channel 1 etherchannel command and it returned this output. Which information is provided by the load value?
A. The percentage of use of the link
B. The preference of the link
C. The session count of the link
D. The number source destination pairs of the link

I know ANSWER is NOT A and C, It is either B or D. The dumps says D but i need to make sure.

I have gone through the document below but i couldn’t decide between B & D.

http://www.cisco.com/c/en/us/support/docs/lan-switching/etherchannel/116385-technote-etherchannel-00.html
6500-sp#test etherchannel load-balance interface port-channel

All i could understand was that the load value indicate the probability of the link being used which makes me think that B is the correct answer.

The load column on Etherchannel is a binary representation of which interface certain bits of data will go out of in correspondence with the Etherchannel hashing algorithm. That’s a CCNP level question, don’t think you’ll see that in CCNA.

The answer is C however it’s very strangely worded.

In fact, none of those answers are really correct. I don’t understand where you sourced that question from, it’s ridiculous.