New 300-115 exam questions from PassLeader 300-115 dumps! Welcome to download the newest PassLeader 300-115 VCE and PDF dumps: https://www.passleader.com/300-115.html (1132 Q&As)
P.S. Free 300-115 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpV1dGa2Q3czNVNG8
NEW QUESTION 1110
In which HSRP state is the router a candidate to become the next active router for the group?
A. Learn
B. Backup
C. Listen
D. Initial
E. Standby
Answer: E
NEW QUESTION 1111
How is load balancing achieved when implementing HSRP?
A. By configuring multiple gateways on the routers.
B. By using multiple HSRP groups.
C. By configuring the same priority on all HSRP group members.
D. By configuring multiple virtual router addresses.
Answer: B
NEW QUESTION 1112
Which routers comprise a VRRP group?
A. Host and client
B. Master and backup
C. Active and standby
D. Primary and secondary
Answer: B
NEW QUESTION 1113
Which virtual router states are defined in the GLBP protocol? (Choose two.)
A. Backup gateway
B. Primary gateway
C. Active virtual gateway
D. Active secondary gateway
E. Active virtual forwarder
Answer: CE
NEW QUESTION 1114
You are troubleshooting a problem with two routers configured in a HSRP group. You intended to configure the routers so that Router A and Router B would each track their respective Fa0/1 interfaces and decrement their priorities for several VLAN groups if the tracked interface went down. However, you find that Router A is not taking over as the active device for the HSRP group on VLAN 101 when the Fa0/1 interface on Router B fails. Which command would NOT be useful for discovering the problem?
A. show running-configuration
B. show vlans
C. show standby brief
D. show standby
Answer: B
NEW QUESTION 1115
Which PVLAN port type can only send frames to promiscuous ports?
A. private
B. promiscuous
C. isolated
D. community
E. public
Answer: C
NEW QUESTION 1116
Which type of network attack takes advantage of the Dynamic Trunking Protocol (DTP)?
A. VLAN hopping
B. MAC flooding
C. DHCP spoofing
D. Rogue access points
Answer: A
NEW QUESTION 1117
What command should be used to view the private VLANs configured on ports and the private VLAN mappings?
A. show vlan brief
B. show pvlan
C. show interfaces switchport
D. show mac-address-table
Answer: C
NEW QUESTION 1118
What is accomplished by the command switchport port-security violation protect?
A. The switch will generate a log message but will not block any packets.
B. The switch will drop packets that are in violation and generate a log message.
C. The switch will drop packets that are in violation, but not generate a log message.
D. The switch will shut down the interface when packets in violation are detected.
Answer: C
NEW QUESTION 1119
What Cisco Catalyst switch feature can be used to define ports as trusted for DHCP server connections?
A. DHCP snooping
B. port security
C. 802.1x
D. private VLANs
Answer: A
NEW QUESTION 1120
Which PVLAN port types can send frames through a switch to community and promiscuous ports? (Choose two.)
A. public
B. private
C. isolated
D. community
E. promiscuous
Answer: DE
NEW QUESTION 1121
What attack technique uses double VLAN tagging to access network devices that might not otherwise be accessible?
A. VLAN hopping
B. DHCP spoofing
C. Rogue devices
D. MAC flooding
Answer: A
NEW QUESTION 1122
What Cisco switch features are designed to work together to mitigate ARP spoofing attacks? (Choose two.)
A. DHCP snooping
B. port security
C. 802.1x
D. DAI
Answer: AD
NEW QUESTION 1123
What command would be used to verify trusted DHCP ports?
A. show mls qos
B. show ip dhcp snooping
C. show ip trust
D. show ip arp trust
Answer: B
NEW QUESTION 1124
What switch security configuration requires AAA to be configured on the switch?
A. VACL
B. 802.1x
C. Private VLAN
D. Port Security
Answer: B
NEW QUESTION 1125
Which protocol provides port-based access control and authentication?
A. 802.1X
B. 802.1W
C. 802.1P
D. 802.1Q
Answer: A
NEW QUESTION 1126
What Cisco Catalyst switch feature is designed to inspect ARP packets and mitigate ARP spoofing attacks?
A. DHCP snooping
B. port security
C. 802.1x
D. DAI
Answer: D
NEW QUESTION 1127
What is accomplished by the command switchport port-security violation restrict?
A. The switch will generate a log message but will not block any packets.
B. The switch will drop packets that are in violation and generate a log message.
C. The switch will drop packets that are in violation, but not generate a log message.
D. The switch will shut down the interface when packets in violation are detected.
Answer: B
NEW QUESTION 1128
Which of the following are true regarding TACACS+? (Choose three.)
A. Supports backwards compatible with TACACS
B. Encrypts the header
C. Encrypts the whole payload
D. Utilizes TCP port 49
E. Utilizes UDP port 49
F. Separates Authentication & Authorization
Answer: CDF
NEW QUESTION 1129
Which two features can you configure on an access port? (Choose two.)
A. QinQ
B. portfast
C. voice VLAN
D. STP mode
E. 802.1q
Answer: BC
NEW QUESTION 1130
Which feature can prevent ARP poisoning attacks on a device?
A. Dynamic MAC Inspection
B. CGMP Snooping
C. Dynamic ARP Inspection
D. MAC Snooping
E. DHCP Snooping
F. Static ARP Inspection
Answer: C
NEW QUESTION 1131
……
New 300-115 exam questions from PassLeader 300-115 dumps! Welcome to download the newest PassLeader 300-115 VCE and PDF dumps: https://www.passleader.com/300-115.html (1132 Q&As)
P.S. Free 300-115 dumps are available on Google Drive shared by PassLeader: https://drive.google.com/open?id=0B-ob6L_QjGLpV1dGa2Q3czNVNG8