Courseiva
CCNA Study GuideCCNA 200-301

How to Answer "Which Command Should Be Used?" Questions in CCNA

Command selection questions test whether you know what each verification and configuration command does. Here is the framework for picking the right one every time.

11 min read
11 sections
Courseiva Study Hub

Quick answer

Command selection questions test whether you know what each verification and configuration command does. Here is the framework for picking the right one every time.

In this guide

  1. 1.Framework for Verification Questions
  2. 2.The Most Tested Show Commands
  3. 3.Common Wrong-Answer Traps
  4. 4.Configuration Command Questions
  5. 5.Practice Approach
  6. 6.Simulation Question Strategy
  7. 7.The Commands You Will Actually Type in Sims
  8. 8.Debug Command Traps
  9. 9.Remembering Which show Command for Which Problem
  10. 10.The Trunk vs Access Port Config Trap — In Full Detail
  11. 11.Practice Question Sets

"Which command would you use to verify…" is one of the most common question patterns on the CCNA exam. These questions test whether you know the purpose of each command, not just whether you can configure things.

Framework for Verification Questions

When a question asks which command to use to check or verify something, ask:

  1. What layer is this? Physical (interface status), data link (MAC table, STP), network (routing table, IP), or transport (TCP sessions)?
  2. Is it about the local device or a neighbour? Local = show commands. Neighbour info = CDP/LLDP detail commands.
  3. Is it real-time or snapshot? Real-time = debug. Current state = show.

The Most Tested Show Commands

Routing

  • show ip route — Routing table, next hops, how routes were learned
  • show ip interface brief — All interfaces: IP address and up/down status
  • show interfaces — Detailed layer 1/2 stats including CRC errors and collisions

OSPF

  • show ip ospf neighbor — Neighbour states and DR/BDR roles
  • show ip ospf interface — OSPF parameters per interface: area, cost, timers, DR IP
  • show ip ospf database — The link-state database

Switching

  • show mac address-table — Which MAC address is reachable on which port
  • show vlan brief — Which VLANs exist and which ports belong to each
  • show interfaces trunk — Trunking ports, encapsulation, native VLAN, allowed VLANs
  • show spanning-tree — STP topology, root bridge, port roles and states

EtherChannel

  • show etherchannel summary — Status of all EtherChannels and member ports
  • show lacp neighbor — LACP neighbour information

CDP/LLDP

  • show cdp neighbors — Directly connected Cisco devices: device ID, platform, local/remote interface
  • show cdp neighbors detail — Adds neighbour IP addresses and IOS version

Common Wrong-Answer Traps

Trap 1: show ip interface vs show interfaces

show ip interface brief — One line per interface, IP address and up/down status only.

show ip interface — Full IP-layer detail: ACLs applied, helper addresses, OSPF parameters.

show interfaces (no "ip") — Layer 1/2 statistics: CRC errors, input/output errors, bandwidth, MTU.

The exam asks which command shows the number of CRC errors on an interface. The answer is show interfaces, not show ip interface.

Trap 2: debug vs show

Debug commands produce continuous real-time output and consume router resources. They are not used for checking current state — they are for watching events as they happen.

"A technician wants to see OSPF hello packets in real time" → debug ip ospf hello "A technician wants to verify that OSPF neighbours have formed" → show ip ospf neighbor

Always disable debug after use with undebug all or no debug all.

Trap 3: show cdp neighbors vs show cdp neighbors detail

show cdp neighbors does not include the neighbour's IP address.

show cdp neighbors detail adds IP address, IOS version, and duplex. If the question asks which command reveals the IP address of a directly connected device without logging into it, the answer is the detail version.

Configuration Command Questions

Key distinctions for config questions:

  • Static route: ip route [dest] [mask] [next-hop] in global config
  • OSPF network: network [ip] [wildcard] area [x] in router ospf mode
  • Create VLAN: vlan [id] in global config
  • Assign VLAN to port: switchport access vlan [id] in interface config
  • Enable trunk: switchport mode trunk in interface config

Exam trap on trunk modes: switchport mode trunk forces trunk mode. switchport nonegotiate stops DTP frames. To statically configure a trunk that sends no DTP frames, both commands are needed together.

Practice Approach

For each major topic you study, write down three things: the configuration command, the verification command, and what output proves it is working. This habit means you always know which command the exam is asking for.

Practice CCNA verification and troubleshooting questions to build command selection speed under exam conditions.

Simulation Question Strategy

Simulation questions (also called performance-based questions or PBQs) put you inside a Cisco IOS terminal and ask you to complete a task or diagnose a problem. They are worth more points than multiple choice and they are the questions most candidates lose time on.

The strategy that works: flag simulation questions at the start of the exam, skip them, answer all the multiple choice questions, then return. Why? Two reasons. First, some multiple choice questions give you configuration context that helps with the sim. Second, if you run over time, you want to have answered the higher-volume multiple choice questions first. A sim question might take 4–5 minutes. A multiple choice question might take 45 seconds. Do not let one sim eat the time budget for six multiple choice questions.

When you get to a simulation question:

  1. Read the task description carefully. Usually one specific thing is being asked — "verify OSPF neighbour state," "identify which VLAN is missing," "add a static route."

  2. Use Tab completion liberally. The IOS simulator in the exam supports tab completion. Type *show ip os* and press Tab — it completes to *show ip ospf*. This saves typing and avoids typo failures.

  3. Use ? for context help. After any incomplete command, type *?* to see options. *show ip ospf ?* shows you every option the command accepts. This is legitimate exam technique — the simulator is fully functional.

  4. Use *show run* to see the current configuration. If the task asks you to identify a misconfiguration, *show running-config* or *show run | section ospf* gives you the full picture.

  5. Most tasks require no more than 3–4 commands. If you are typing more than that, reconsider your approach.

The Commands You Will Actually Type in Sims

These are the ten commands that cover the majority of CCNA simulation tasks. Know them cold.

**` show ip route **` Always the first command for any routing problem. Shows the routing table, installed routes, and route sources. If a route is missing here, everything downstream of it will fail.

**` show ip interface brief **` Quick status of all interfaces. The up/up (line protocol / interface status) combination is what you want. Down/down means physical problem. Up/down means Layer 2 issue.

**` show ip ospf neighbor **` Shows OSPF neighbour state. If a neighbour is missing or stuck in a non-Full state, this tells you.

**` show interfaces GigabitEthernet0/0 **` Layer 1/2 detail for a specific interface. Look at duplex, speed, CRC error counts, and input/output error counts.

**` show vlan brief **` Which VLANs exist, and which access ports belong to each VLAN.

**` show interfaces trunk **` Which ports are trunking, native VLANs, allowed VLANs, and VLANs actually forwarding.

**` show spanning-tree vlan 1 **` Current STP topology for a VLAN: root bridge, port roles, port states.

**` show etherchannel summary **` EtherChannel status and member port flags.

**` show running-config **` Full device configuration. Pipe it: *show run | section router ospf* or *show run | section interface* for cleaner output.

**` ping 10.1.1.1 source GigabitEthernet0/0 **` Test reachability from a specific source interface. Plain *ping* uses the closest interface by default; pinging with a source allows you to test routing from a specific perspective.

Debug Command Traps

Debug commands appear in exam questions as both right answers and wrong answers. The critical distinction: debug is for watching events in real time, not for checking current state.

*debug ip ospf hello* — Shows OSPF hello packets as they are sent and received. Use this when you suspect a hello timer or interface problem and want to watch what is actually happening on the wire. This generates a lot of output on a busy network.

*debug ip ospf adj* — Shows the full OSPF adjacency formation process. Use this when a neighbour relationship is not forming and you want to see exactly where it is failing.

*debug ip rip* — Shows RIP updates being sent and received. Only relevant if you are actually running RIP (it is on the CCNA exam but rarely deployed in production).

*debug ip packet* — Very dangerous in production. Shows every IP packet the router processes. On a busy router this generates so many lines per second it effectively crashes the CLI. Never enable this on a production router without an ACL to limit what it captures.

The exam trap on debug: a question says "A technician wants to verify that OSPF hello packets are being sent from interface Gi0/0." The answer is *debug ip ospf hello*, not *show ip ospf interface*. But the follow-up question — "How should the technician stop the debug output?" — the answer is *undebug all* or *no debug all*. Always disable debug when you are done, or the router will continue generating output until you close the session or the router reloads.

Remembering Which show Command for Which Problem

The fastest way to get command selection right under exam pressure is to anchor each command to the problem it solves, not just memorise a list.

"I can't ping the other router" → *show ip route* first. Route missing? That is your problem. Route present? Then *show ip interface brief* to check interface status.

"OSPF neighbours are not forming" → *show ip ospf neighbor* first. No entry? Check *show ip ospf interface* for passive-interface. Entry stuck in EXSTART? MTU mismatch, check with *show interfaces*.

"Which switch is the root bridge?" → *show spanning-tree* on any switch. The Root ID section tells you the root bridge's MAC and bridge ID.

"Hosts in VLAN 10 can't reach hosts in VLAN 20 on the other switch" → Check the trunk: *show interfaces trunk*. Is VLAN 10 in the allowed list? Is VLAN 10 in the forwarding list (not blocked by STP)? Then check *show vlan brief* to confirm VLANs exist on both switches.

"Port went err-disabled" → *show interfaces GigabitEthernet0/2* — the status line says "err-disabled." Then *show port-security interface Gi0/2* to see what triggered it.

"Neighbour's IP address without logging in" → *show cdp neighbors detail*. The plain *show cdp neighbors* does not include IP addresses.

The Trunk vs Access Port Config Trap — In Full Detail

This trap appears in both sim questions and multiple choice because candidates memorise commands without understanding the mode transitions.

The correct way to configure a trunk port:

**` SW1(config)# interface GigabitEthernet0/1 SW1(config-if)# switchport mode trunk **`

The correct way to configure an access port for VLAN 10:

**` SW1(config)# interface GigabitEthernet0/2 SW1(config-if)# switchport mode access SW1(config-if)# switchport access vlan 10 **`

Trap 1: On some Cisco switches (particularly those with Layer 3 capability like the 3560 or 3750), you must first set the interface to switchport mode before any switchport commands work:

**` SW1(config-if)# switchport SW1(config-if)# switchport mode access SW1(config-if)# switchport access vlan 10 **`

If you skip the *switchport* command on a routed interface and go straight to *switchport mode access*, you get an error. On Layer 2 only switches this step is not needed.

Trap 2: Trying to configure *switchport access vlan 10* on a port that is in trunk mode. The command executes without error, but it has no effect — trunk ports carry multiple VLANs and the access VLAN configuration is ignored. The exam sometimes shows a configuration where someone assigned an access VLAN to a trunk port and asks why traffic is not being isolated. The answer: the port is in trunk mode; the access VLAN assignment is meaningless.

Trap 3: The *switchport nonegotiate* command. If you want to configure a trunk that does not send DTP frames (which is best practice for security — you do not want random devices negotiating trunks), you need both commands:

**` SW1(config-if)# switchport mode trunk SW1(config-if)# switchport nonegotiate **`

Just using *switchport mode trunk* still sends DTP frames. Just using *switchport nonegotiate* without explicitly setting trunk mode causes ambiguity. Use both together.

Practice Question Sets

The best way to lock in command selection is working through real exam questions with immediate feedback. Pick a session size that fits your schedule:

Session Questions Estimated time Link
Quick check 10 10–12 min Start →
Standard session 20 20–25 min Start →
Focused drill 30 30–40 min Start →
Deep study block 50 50–65 min Start →
Full mock exam 120 2–2.5 hours Start →

Practise CCNA questions

Original exam-style practice questions with detailed, explained answers. Track your weak topics and review missed questions before exam day.

CCNA practice testAll CCNA questionsCCNA exam questions

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.