Home Vendors New Files TQB Simulator Upload Files
Cisco Microsoft VMware Oracle Checkpoint IBM Exin RedHat ECCouncil PMI

Download Cisco.300-420.BrainDumps.2020-10-05.86q.tqb

Vendor: Cisco
Exam Code: 300-420
Exam Name: Designing Cisco Enterprise Networks (300-420 ENSLD)
Date: Oct 05, 2020
File Size: 4 MB
Download Exam
Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator Taurus Exam Simulator

Demo Questions

Question 1
What command would display a single line of information for each virtual gateway or virtual forwarder on a switch?
  1. switch# show glbp
  2. switch# show glbp brief
  3. switch# show standby
  4. switch# show standby brief
Correct answer: B
Explanation:
A brief single line view of virtual forwarder and virtual gateway information is provided with the command show glbp brief. Virtual forwarders and virtual gateways are terms used for GLBP groups. A brief output of GLBP information is provided with the brief key word. This output includes the interface, priority, state, and address of GLBP interfaces on the switch.The command show glbp displays detailed information about GLBP groups on the switch. This information includes the GLBP groups the switch is a member of, whether this is the active switch, the virtual IP address, and whether preemption is enabled.The command show standby brief is used to display a summary of the HSRP groups to which the switch belongs. The summary information it provides includes the group number, priority, state, active device address, standby address, and group address. This command is for HSRP only.The command show standby can be used to display detailed information about HSRP groups to which a switch belongs. This command is for HSRP only.Objective: Infrastructure Services Sub-Objective:Configure and verify first-hop redundancy protocolsReferences:Cisco > Cisco IOS IP Application Services Configuration Guide, Release 12.4 > Part 1: First Hop Redundancy Protocols > Configuring GLBP Cisco > Cisco IOS IP Application Services Command Reference > show glbp
A brief single line view of virtual forwarder and virtual gateway information is provided with the command show glbp brief. Virtual forwarders and virtual gateways are terms used for GLBP groups. A brief output of GLBP information is provided with the brief key word. This output includes the interface, priority, state, and address of GLBP interfaces on the switch.
The command show glbp displays detailed information about GLBP groups on the switch. This information includes the GLBP groups the switch is a member of, whether this is the active switch, the virtual IP address, and whether preemption is enabled.
The command show standby brief is used to display a summary of the HSRP groups to which the switch belongs. The summary information it provides includes the group number, priority, state, active device address, standby address, and group address. This command is for HSRP only.
The command show standby can be used to display detailed information about HSRP groups to which a switch belongs. This command is for HSRP only.
Objective: 
Infrastructure Services Sub-Objective:
Configure and verify first-hop redundancy protocols
References:
Cisco > Cisco IOS IP Application Services Configuration Guide, Release 12.4 > Part 1: First Hop Redundancy Protocols > Configuring GLBP Cisco > Cisco IOS IP Application Services Command Reference > show glbp
Question 2
Which command enables GLBP on an interface?
  1. glbp
  2. glbp 10 ip 192.168.1.1
  3. standby mode glbp
  4. switchport mode glbp
Correct answer: B
Explanation:
The glbp ip interface configuration command enables Group Load Balancing Protocol (GLBP). The syntax for this command is as follows:switch(config-if)# glbp group-number ip ip-addressThe following example activates GLBP for group 5 on Fast Ethernet interface 1/0. The virtual IP address to be used by the GLBP group is set to 10.5.5.5. The default gateway of each host should be set to the virtual IP address.switch(config)# interface FastEthernet 1/0 switch(config-if)# ip address 10.5.5.1 255.255.255.0 switch(config-if)# glbp 5 ip 10.5.5.5GLBP is a Cisco-designed protocol that provides for the dynamic use of redundant routers in a broadcast network. It differs from HSRP and VRRP in that it is not necessary to configure multiple groups to fully use redundant paths or routers. GLBP has a configurable load-balancing mechanism that will distribute the use of redundant gateways servicing a broadcast network such as an Ethernet LAN. When a host issues an ARP to resolve its gateway's MAC address, the active virtual gateway (AVG) will respond with the virtual MAC address of a selected active virtual forwarder (AVF). The AVG will perform load balancing by varying which virtual MAC it selects to use in the response. The AVF will own that assigned virtual MAC as long as the gateway is active. If an AVF becomes unable to provide service as gateway, then another AVF can assume ownership of the virtual MAC. Objective:Infrastructure Services Sub-Objective:Configure and verify first-hop redundancy protocolsReferences:Cisco > Cisco IOS IP Application Services Configuration Guide, Release 12.4 > Part 1: First Hop Redundancy Protocols > Configuring GLBP
The glbp ip interface configuration command enables Group Load Balancing Protocol (GLBP). The syntax for this command is as follows:
switch(config-if)# glbp group-number ip ip-address
The following example activates GLBP for group 5 on Fast Ethernet interface 1/0. The virtual IP address to be used by the GLBP group is set to 10.5.5.5. The default gateway of each host should be set to the virtual IP address.
switch(config)# interface FastEthernet 1/0 switch(config-if)# ip address 10.5.5.1 255.255.255.0 switch(config-if)# glbp 5 ip 10.5.5.5
GLBP is a Cisco-designed protocol that provides for the dynamic use of redundant routers in a broadcast network. It differs from HSRP and VRRP in that it is not necessary to configure multiple groups to fully use redundant paths or routers. GLBP has a configurable load-balancing mechanism that will distribute the use of redundant gateways servicing a broadcast network such as an Ethernet LAN. When a host issues an ARP to resolve its gateway's MAC address, the active virtual gateway (AVG) will respond with the virtual MAC address of a selected active virtual forwarder (AVF). The AVG will perform load balancing by varying which virtual MAC it selects to use in the response. The AVF will own that assigned virtual MAC as long as the gateway is active. If an AVF becomes unable to provide service as gateway, then another AVF can assume ownership of the virtual MAC. 
Objective:
Infrastructure Services Sub-Objective:
Configure and verify first-hop redundancy protocols
References:
Cisco > Cisco IOS IP Application Services Configuration Guide, Release 12.4 > Part 1: First Hop Redundancy Protocols > Configuring GLBP
Question 3
What command disables 802.1x authentication on a port and permits traffic without authentication?
  1. dot1x port-control disable
  2. dot1x port-control force-unauthorized
  3. dot1x port-control auto
  4. dot1x port-control force-authorized
Correct answer: D
Explanation:
The command dot1x port-control force-authorized is used to disable 802.1x on a port and permit traffic without authentication. Dot1x ports are in one of two states, authorized or unauthorized. Authorized ports permit user traffic to flow through the port. This state usually follows successful authentication. Unauthorized ports only permit authorization traffic to flow through the port. Usually a port begins in the unauthorized state. A user is then allowed to exchange AAA authentication traffic with the port. Once the user has been authenticated successfully, the port is changed to the authorized state and the user is permitted to use the port normally.Normal use of 802.1x has the port configured with the dot1x port-control auto statement. This places the port in the unauthorized state until successful authentication. After successful authentication, the port is changed to the authorized state.When 802.1x is initially configured, the default port control of the ports is force-authorized. This forces the port to be in the authorized state without successful authentication. This setting disables the need for authentication and permits all traffic.The force-unauthorized keyword configures the port as an unauthorized port regardless of authentication traffic. A port configured with this key word would not permit user traffic, not even authentication traffic.The command dot1x port-control disable is not a valid command due to incorrect syntax. Objective:Infrastructure Security Sub-Objective:Describe device security using Cisco IOS AAA with TACACS+ and RADIUSReferences:Cisco > Catalyst 6500 Series Release 15.0SY Software Configuration Guide > Security > IEEE 802.1X Port-Based AuthenticationCisco > Catalyst 4500 Series Switch Cisco IOS Command Reference, 12.2(52)SG > aaa accounting dot1x default start-stop group radius through instance > dot1x port-controlCisco > Catalyst 4500 Series Switch Cisco IOS Command Reference, 12.2(52)SG > aaa accounting dot1x default start-stop group radius through instance > dot1x port-control
The command dot1x port-control force-authorized is used to disable 802.1x on a port and permit traffic without authentication. Dot1x ports are in one of two states, authorized or unauthorized. Authorized ports permit user traffic to flow through the port. This state usually follows successful authentication. Unauthorized ports only permit authorization traffic to flow through the port. Usually a port begins in the unauthorized state. A user is then allowed to exchange AAA authentication traffic with the port. Once the user has been authenticated successfully, the port is changed to the authorized state and the user is permitted to use the port normally.
Normal use of 802.1x has the port configured with the dot1x port-control auto statement. This places the port in the unauthorized state until successful authentication. After successful authentication, the port is changed to the authorized state.
When 802.1x is initially configured, the default port control of the ports is force-authorized. This forces the port to be in the authorized state without successful authentication. This setting disables the need for authentication and permits all traffic.
The force-unauthorized keyword configures the port as an unauthorized port regardless of authentication traffic. A port configured with this key word would not permit user traffic, not even authentication traffic.
The command dot1x port-control disable is not a valid command due to incorrect syntax. 
Objective:
Infrastructure Security Sub-Objective:
Describe device security using Cisco IOS AAA with TACACS+ and RADIUS
References:
Cisco > Catalyst 6500 Series Release 15.0SY Software Configuration Guide > Security > IEEE 802.1X Port-Based Authentication
Cisco > Catalyst 4500 Series Switch Cisco IOS Command Reference, 12.2(52)SG > aaa accounting dot1x default start-stop group radius through instance > dot1x port-control
Cisco > Catalyst 4500 Series Switch Cisco IOS Command Reference, 12.2(52)SG > aaa accounting dot1x default start-stop group radius through instance > dot1x port-control
CONNECT US
EXAM SIMULATOR

How to Open TQB Files?

Use Taurus Exam Simulator to open TQB files

Taurus Exam Simulator


Taurus Exam Simulator for Windows/macOS/Linus

Download

We does not sell or support this software
Taurus Exam Studio
Enjoy a 20% discount on Taurus Exam Studio!

You now have the chance to acquire Exam Studio at a discounted rate of 20%.

Get Now!
-->