PrepAway Cisco CCNP Switch Certification Practice Test Questions Part 5 300-115 Exam

Limited Time Discount Offer
40% Off - Ends in 02:00:00

X
Practice Exams:

Pass Cisco CCNP 300-115 Exam in First Attempt Guaranteed!

Get 100% Real Exam Questions, Accurate & Verified Answers As Seen in the Real Exam!

30 Days Free Updates, Instant Download!

Last Week Results!

3250

Customers Passed Cisco 300-115 Exam

97.5%

Average Score In Real Exam At Testing Centre

92.5%

Questions came word for word from this dump

Download Free 300-115 Exam Questions

Cisco.selftestengine.300-115.v2019-04-18.by.yong.495q.ete Download
Size: 11.48 MB
Views: 498
Downloads: 542
Votes: 2
Cisco.ccnp.switch.v2.0.braindumps.300-115.v2019-02-10.by.bakari.482q.ete Download
Size: 11.26 MB
Views: 1605
Downloads: 1267
Votes: 5
Cisco.ccnp.switch.v2.0.selftestengine.300-115.v2019-01-09.by.laura.447q.ete Download
Size: 8.25 MB
Views: 1081
Downloads: 932
Votes: 4
Cisco.passit4sure.300-115.v2018-11-15.by.kowalski.445q.ete Download
Size: 10.35 MB
Views: 1891
Downloads: 1403
Votes: 6
Cisco.prep4sure.300-115.v2018-09-10.by.thad.351q.ete Download
Size: 4.59 MB
Views: 2177
Downloads: 883
Votes: 2
Cisco.actualtests.300-115.v2018-08-08.by.timothy.302q.ete Download
Size: 4.73 MB
Views: 2305
Downloads: 1015
Votes: 19
Cisco.pass4sure.ccnp.300-115.v2018-03-15.by.lee.250qs.ete Download
Size: 10.69 MB
Views: 8341
Downloads: 4758
Votes: 56
Cisco.Selftesttraining.300-115.v2017-12-28.by.irene.193q.ete Download
Size: 11.67 MB
Views: 1950
Downloads: 2854
Votes: 19
Cisco.Actualtests.300-115.v2017-11-21.by.vivian.162q.ete Download
Size: 4.2 MB
Views: 1351
Downloads: 4043
Votes: 20
Cisco.Real-exams.300-115.v2017-11-15.by.seb.163q.ete Download
Size: 4.18 MB
Views: 1219
Downloads: 6499
Votes: 25
Cisco.Testking.300-115.v2017-11-03.by.colton.182q.ete Download
Size: 4.05 MB
Views: 1009
Downloads: 1769
Votes: 17
Cisco.Train4sure.300-115.v2017-11-01.by.hudson.143q.ete Download
Size: 4.79 MB
Views: 902
Downloads: 1545
Votes: 8
Cisco.Passit4sure.300-115.v2017-10-09.by.weston.194q.ete Download
Size: 4.01 MB
Views: 1312
Downloads: 4800
Votes: 42
Cisco.Train4sure.300-115.v2017-10-06.by.bryce.178q.ete Download
Size: 4.92 MB
Views: 925
Downloads: 4085
Votes: 58
Cisco.Pass4sures.300-115.v2017-09-08.by.claire.164q.ete Download
Size: 3.26 MB
Views: 1380
Downloads: 16788
Votes: 408
Cisco.Passit4sure.300-115.v2017-09-02.by.london.158q.ete Download
Size: 4.51 MB
Views: 2724
Downloads: 38084
Votes: 1026
Run ETE Files with Vumingo Exam Testing Engine

PrepAway Cisco CCNP Switch Certification Practice Test Questions Part 5 300-115 Exam

Which security measures will be taken to avoid Rogue DHCP server?

  • A. DHCP Snooping
  • B. Port security
  • C. BPDU guard
  • D. Rootguard guard
  • E. Port fast
Answer:  A 

Explanation:

DHCP snooping is a feature through which we can avoid DHCP clients to get connected to rogue DHCP server that gets installed accidently into the network. For ex. Let’s say we have a DHCP client looking for a DHCP server. It sends a broadcast traffic (DHCP Discovery) in the network and if there is any DHCP server available in the network then it is going to respond to that DHCP Discovery message by sending a DHCP offer. The client then accepts that offer and sends a DHCP request and in return the DHCP server will send a DHCP acknowledgement to register the client in its database. This is what generally happens in a normal scenario.

Now let’s say that we have a DHCP server 1 in the network and accidently we install a rogue DHCP server in the network and we name it DHCP server 2. If there is a client that sends the DHCP discovery message in the network and both the DHCP server responds but the rogue DHCP server 2 responds before the authentic one then the client will register with the rogue DHCP server and will get either blackholed or disconnected from the network. This is where DHCP snooping comes into the picture. There are multiple activities that are performed by the DHCP snooping to avoid this situation.

  • 1. Every DHCP message is validated and filtered out.
  • 2. It keeps a track on the traffic coming from trusted or rogue sources
  • 3. It keeps a database of rogue or untrusted hosts in its database with the leased ip address.
  • 4. Once the database is in place, all further requests are validated using this database.

Incorrect Answer:

B. Port security is a layer two traffic control feature on Cisco Catalyst switches. This makes possible for an administrator to configure individual switch ports for the purpose to allow only a specified number of source MAC addresses that are ingressing the port. One can also configure dynamic learning of MAC addresses on the port. An action can be defined on the port using the port security. Violation happens when the maximum number of secure mac address is reached and if any unidentified MAC address is identified on the port then port security takes action and applies the configured violation mode.

C. BPDU guard is necessary to prevent loops by moving a non-trunking port into an errdisable state in case if a BPDU is received on that port. By default BPDU guards are disabled however it is recommended on all ports on which port fast feature has been enabled.

D. Rootguard: Rootguard protects the STP topology attack of replacing the original root bridge with the rogue one. The port on any interface will be disabled by BPDU fast if BPDU is received. It is enabled on the designated ports of root switch. So in case if those designated ports listen to the superior BPDU, then that port should be put in inconsistent state.

E. If PortFast is enabled on the switch, then instead of going through the listening, learning, and forwarding states -spanning tree places ports in the forwarding state should be done immediately, The portfast feature is enabled at port level and this port can be a physical one or a logical one.

Cisco CCNP Certification Exam 300-115 Practice Tests

 

About 300-115 Exam

The Cisco 300-115 exam is the second of three tests that an individual should pass in order to obtain the Cisco Certified Network Professional (CCNP) Routing and Switching and Cisco Certified Design Professional (CCDP) credentials.

The Cisco 300-115 SWITCH exam is made up of 30-40 questions. The multiple-choice questions require you to give multiple answers. There are also scenario-based questions, fill-in-the-blank, and drag and drop. The duration of the test is 120 minutes. It is available in English and Japanese. Currently, there is no passing score that has been published by Cisco. The purpose of this certification exam is to test one’s capability to plan, configure, verify, implement, and troubleshoot complicated LAN switching solutions in an enterprise setting. These solutions are for enterprises that operate with the Cisco Enterprise Campus Architecture. In addition, the test covers largely secure WLANs and VLANs integration.

Exam topics:

The topics of the 300-115 exam act as guidelines for the candidates, so that they know what to focus on in their training. Although the content of the test may change and other related topics may be added, these are the general topics you can expect to find in this exam:

  • Infrastructure Services (15%): The individuals should configure and examine such first-hop redundancy protocols as GLBP, HSRP, and VRRP.

  • Infrastructure Security (20%): The candidates have to configure and check switch security features, such as Storm control, Dynamic ARP inspection, Private VLAN, DHCP snooping, IP Source Guard, and Port security. They should also characterize device security with the help of Cisco IOS AAA with RADIUS and TACACS+.

  • Layer 2 Technologies (65%): The students should configure and examine switch administration, Layer 2 protocols (LLDP, UDLD, CDP), VLANs, trunking (dot1Q, VTP pruning, manual pruning), EtherChannels, spanning tree (MST, RPVST+, PVST+, PortFast, BPDUfilter, Rootguard and Loopguard), aggregation and virtualization technologies.

  • The study resources for the 300-115 exam should be Cisco-approved in the sense that they should be official study guides or other Cisco partner learning materials. It is a good idea to visit the Cisco Press website.