ICND1 – VLAN Questions

June 23rd, 2017

Question 1


With the configuration above, when we type “do show vlan” we would not see VLAN 10 in the VLAN database because it has not been created yet. VLAN 10 is only created when we exits VLAN configuration mode (with “exit” command).

Question 2


Traffic on the native VLAN is untagged -> Answer B is not correct.

Control plane traffic (like CDP, VTP, STP…) runs on VLAN 1 by default. They are not blocked on the native VLAN -> Answer C is not correct.

If the answer says “the native VLAN should be set so that no real traffic running on it for security reasons” then it is correct but the native VLAN is not typically disabled -> Answer D is not correct.

CDP runs on VLAN 1 by default and the native VLAN is also VLAN 1 by default so answer A is the best choice here.

Question 3


IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network. When a frame enters the VLAN-aware portion of the network (a trunk link, for example), a VLAN ID tag is added to represent the VLAN membership of that frame. The picture below shows how VLAN tag is added and removed while going through the network.


Question 4

Question 5


The VLANs 0 and 4095 are reserved by the IEEE 802.1Q standard and you cannot create, delete, or modify them so they are the correct answers.

+ VLAN 0 and 4095 are reserved for system use only. You cannot see or use these VLANs.
+ VLAN 1 and VLANs 1002-1005 are default VLANs. Default VLANs are created automatically and cannot be configured or deleted by users.
+ VLAN 2 to 1001 are normal VLANs. You can create, use and delete them.
+ VLAN 1002 to 1005 are normal VLANs too but Cisco reserved for FDDI an Token Ring. You cannot delete these VLANs.
+ VLAN 1006 to 4094 are extended VLANs (for Ethernet VLANs only)

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t15/ht_xvlan.html and http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vlans.html

Question 6

  1. KL
    August 23rd, 2017

    for security reason, the native Vlan ID should be changed to other number rather than leave it as default 1.

  2. SI
    September 24th, 2017

    The answer to 1st qt is not correct.I tested this in CLI and vlan is displayed once you enter do show vlan command.Hence D is correct.

    Can anyone else confirm this too.

  3. Vugo
    October 9th, 2017

    Can anyone else confirm this too ?

  4. Anonymous
    October 10th, 2017

    Me too

  5. Anonymous
    October 29th, 2017

    I agree with you and in addition vlans are not configured on routers. subinterfaces are use on the router side of a trunk. Perhaps they are speaking of a layer 3 switch being used to do routing.

  6. desconocido
    November 4th, 2017

    in the question 1 , the answerd is D

  7. Vicky
    November 7th, 2017

    How to see the questions ?

  8. sharkguy
    November 25th, 2017

    @9tut can you confirm question 1? I think the question is worded wrong since you can not create a vlan on a router this way. Although I do recall a question like this on my exam. This could reference and older IOS though