Home > Miscellaneous Questions

Miscellaneous Questions

August 28th, 2017 in SWITCH 300-115 Go to comments

Question 1


Nonstop Forwarding (NSF) works with Stateful switchover (SSO) to minimize the amount of time a network is unavailable to its users following a switchover. The main objective of Cisco NSF is to continue forwarding IP packets following a route processor (RP) switchover.

Usually, when a networking device restarts, all routing peers of that device detect that the device went down and then came back up. This transition results in what is called a routing flap, which could spread across multiple routing domains. Routing flaps caused by routing restarts create routing instabilities, which are detrimental to the overall network performance. Cisco NSF helps to suppress routing flaps in SSO-enabled devices, thus reducing network instability.

Cisco NSF allows for the forwarding of data packets to continue along known routes while the routing protocol information is being restored following a switchover. With Cisco NSF, peer networking devices do not experience routing flaps. Data traffic is forwarded through intelligent line cards while the standby RP assumes control from the failed active RP during a switchover. The ability of line cards to remain up through a switchover and to be kept current with the Forwarding Information Base (FIB) on the active RP is key to Cisco NSF operation.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SY/configuration/guide/sy_swcg/nonstop_forwarding.html#wp1102552

Question 2


If a BPDU is received on a port where BPDU guard is configured, that port is put into errdisable state (nearly the same as shutdown state) immediately. BPDU Guard is often configured on a PortFast-enabled port to prevent a switch from connecting to. When that switch begins to send BPDU to a BPDU guard port, it will be blocked immediately.

Question 3


IP Source Guard provides source IP address filtering on a Layer 2 port to prevent a malicious host from impersonating a legitimate host by assuming the legitimate host’s IP address. The feature uses dynamic DHCP snooping and static IP source binding to match IP addresses to hosts on untrusted Layer 2 access ports.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/ipsrcgrd.html

Question 4


Dynamic ARP inspection is a security feature that validates ARP packets in a network. It intercepts, logs, and discards ARP packets with invalid IP-to-MAC address bindings. This capability protects the network from certain man-in-the-middle attacks.

Dynamic ARP inspection ensures that only valid ARP requests and responses are relayed. The switch performs these activities:
+ Intercepts all ARP requests and responses on untrusted ports
+ Verifies that each of these intercepted packets has a valid IP-to-MAC address binding before it updates the local ARP cache or before it forwards the packet to the appropriate destination
+ Drops invalid ARP packets

Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-3750-series-switches/72846-layer2-secftrs-catl3fixed.html

Question 5


This example shows how to enable DAI on VLANs 10 through 12:

Router# configure terminal
Router(config)# ip arp inspection vlan 10-12

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/dynarp.html

Question 6

Question 7

Question 8

Comment pages
1 2 753
  1. 123
    April 11th, 2017

    ccnp-switch300-115.blogsp % ot.co % m

  2. 123
    April 11th, 2017

    Hi Guys,
    Would someone help with the latest dumps, I have my exam scheduled April 17th.
    my e-mail: ds5y2kk @naver .com.

  3. elyte23@gmail.com
    May 8th, 2017

    cursostop2020. could you please share my email address is {email not allowed}.

    my exam is in 3 days.

    thanks in advance

  4. Anonymous
    May 22nd, 2017

    @cursostop2020 could you please provide me latest dumps
    my mail id phaniraj0808 @ gmail.com

  5. Lucas
    July 6th, 2017

    Thanks for your practice test study guidance, I passed my exam on the first attempt. Along with this exam guide https://www.test4practice.com/300-115-practice-test.html really helped a lot. But I suggest you should not rely just on these practice tests because it defeats the whole purpose of testing. Good luck!

  6. Hamber
    August 7th, 2017

    Dear, who passed the exam.
    Please send the latest dump for me.
    iamhamber @ gmail.com
    Thank you very much.

  7. wellwisher
    November 25th, 2017

    any one who pass exam please send me latest dumps at wellwisher.0683 at gmail dot com

  8. rushminute
    November 28th, 2017

    so, question 5 is “a” NOT “b”!
    correct answer should be “A. (config)# ip arp inspection vlan” right?

  9. Anonymous
    December 3rd, 2017

    @ rushminute
    Yes. There is no “ip arp inspection vlan” under interface configuration mode.

  10. CantProperlyVet
    December 26th, 2017

    @ mick ….the real joke is on you for wasting your time and not properly vetting “271” incapable candidates. If you’ve gone through that many candidates, you yourself should not be in a position to make those decisions and be fired as a manager, supervisor, or lead. Clearly, you don’t know how to determine a capable engineer that knows what he’s actually talking about versus a paper cert engineer. Either you yourself don’t know the material or 271 candidates somehow fooled you. So what does that say about yourself? lol

  11. cisc0@gmail.com
    December 28th, 2017

    Can a cisco exam score be challenged? And if so, how?

Comment pages
1 2 753
  1. No trackbacks yet.