200-301 · topic practice

Spanning Tree practice questions

Practise 200-301 STP questions covering root bridge election, bridge IDs, port roles (root, designated, blocking), path cost, PortFast, BPDU Guard, and how spanning tree prevents Layer 2 loops.

Courseiva uses original exam-style practice questions designed for learning and revision. The goal is to understand the concepts, recognise exam patterns, and improve through explanations — not memorise copied exam dumps.

Reviewed byJohnson Ajibi· MSc IT Security
20 questionsDomain: Spanning Tree

What the exam tests

What to know about Spanning Tree

STP questions usually test root bridge election, port roles, path cost and how spanning tree prevents Layer 2 loops.

Root bridge election and bridge ID comparison.

Root ports, designated ports and blocked/alternate ports.

Path cost and how switches choose the best path to the root bridge.

PortFast, BPDU Guard and common Layer 2 loop-prevention behaviour.

Why learners struggle

Why Spanning Tree questions are commonly missed

STP questions are missed when learners confuse bridge ID comparison direction, forget how ties are broken, or misidentify which port role a given switch port takes. The lowest bridge ID wins, but cost, port ID, and tiebreakers all play a role.

  • ·Lowest bridge ID wins root election — lower priority wins, then lower MAC breaks ties
  • ·Root port vs designated port — each non-root switch has exactly one root port
  • ·Blocking ports are on non-designated segments — they receive BPDUs but do not forward
  • ·PortFast bypasses STP states — only safe on access ports connected to end devices
  • ·BPDU Guard shuts down PortFast ports that receive BPDUs — protecting against loops
  • ·STP path cost uses link bandwidth — faster links have lower cost and are preferred

Watch out for

Common Spanning Tree exam traps

  • The lowest bridge ID wins root bridge election.
  • A non-root switch has one root port: its best path toward the root bridge.
  • PortFast should be used carefully on access ports, not normal switch-to-switch links.
  • Lower STP cost is preferred, but bridge ID and port ID can break ties.

Practice set

Spanning Tree questions

20 questions · select your answer, then reveal the explanation

Question 1mediummulti select
Open the full STP breakdown →

Which TWO switch port configurations are required when connecting a Cisco IP phone and a desktop PC to a single access port?

Question 2hardmultiple choice
Open the full VLAN trunking answer →

In a network running STP, SW2 became the root bridge for VLAN 10. Both SW1 and SW2 have the same bridge priority. Why did SW2 become the root?

Exhibit

SW1# show spanning-tree vlan 10
VLAN0010
  Root ID    Priority    32778
             Address     0011.2233.4456
  Bridge ID  Priority    32778
             Address     0011.2233.4456

SW2# show spanning-tree vlan 10
VLAN0010
  Root ID    Priority    32778
             Address     0011.2233.4455
  Bridge ID  Priority    32778
             Address     0011.2233.4455
Question 3hardmultiple choice
Review the full OSPF breakdown →

You are verifying OSPF operation on router R1. After confirming that OSPF is configured on the correct interfaces, which command should you use next to directly check whether R1 has established a neighbor adjacency with another OSPF router?

Exhibit

R1#
router ospf 1
 network 10.1.12.0 0.0.0.255 area 0
!
interface GigabitEthernet0/0
 ip address 10.1.12.1 255.255.255.0
Question 4mediummulti select
Open the full VLAN trunking answer →

Which of the following statements about VLAN configuration and trunking on a Cisco switch are correct? (Choose all that apply.)

Question 5easymultiple choice
Open the full STP breakdown →

What problem does Spanning Tree Protocol solve in a switched network?

Question 6hardmultiple choice
Open the full STP breakdown →

A port connected to an end host is configured with PortFast and BPDU Guard. What is the most likely result if a small unmanaged switch is connected and starts sending BPDUs?

Question 7hardmultiple choice
Open the full VLAN trunking answer →

Exhibit: Users on SW2 in VLAN 30 can reach local devices but not hosts in VLAN 30 on SW1. What is the most likely reason?

Exhibit

SW1 Gi0/1 trunk allowed vlan 10,20
SW2 Gi0/1 trunk allowed vlan 10,20
Both switches have VLAN 30 configured and access ports assigned correctly.
Question 8mediummultiple choice
Open the full STP breakdown →

When spanning tree elects a root bridge, which value is considered first?

Question 9hardmultiple choice
Open the full STP breakdown →

A switch receives BPDUs on a user-facing port configured as an edge port, but instead of just blocking the port role it fully error-disables it. Which protection feature most likely explains that behavior?

Question 10mediumdrag order
Open the full STP breakdown →

Drag and drop the following steps into the correct order to configure Rapid PVST+ with a designated root bridge, PortFast, and BPDU Guard on access ports.

Question 11mediumdrag order
Open the full STP breakdown →

Drag and drop the following steps into the correct order to configure Rapid PVST+ on SW1, make it the root bridge, and enable PortFast with BPDU Guard on all access ports.

Question 12mediummultiple choice
Open the full STP breakdown →

An engineer wants users to get fast link-up on access ports but also wants the switch to disable a port if another switch is connected and sends BPDUs.

Which combination of features best meets that requirement?

Question 13mediumdrag order
Open the full STP breakdown →

Drag and drop the following steps into the correct order to configure a switch port for data and voice traffic.

Question 14mediumdrag order
Open the full STP breakdown →

Drag and drop the following steps into the correct order to configure spanning-tree protection features including BPDU Guard, Root Guard, and Loop Guard on a Cisco switch.

Question 15hardmultiple choice
Open the full STP breakdown →

A security policy requires that only one management subnet be able to initiate SSH to a router. Which approach most directly supports that requirement?

Question 16hardmultiple choice
Open the full STP breakdown →

An administrator wants to block all Telnet access to a router’s VTY lines and allow only SSH. Which change most directly supports that goal?

Question 17hardmultiple choice
Open the full STP breakdown →

A Layer 2 switch port connected to an end host should move to forwarding quickly but also shut down if a BPDU is received. Which pair of features best supports that design?

You are connected to switch SW1. Configure Rapid-PVST+ so that SW1 becomes the root bridge for VLAN 10 and VLAN 20. On interface GigabitEthernet0/2, enable PortFast and BPDUGuard. Then, a BPDU is received on that port, causing err-disable. Diagnose the issue and recover the interface without rebooting the switch.

Exhibit

SW1# show spanning-tree vlan 10

VLAN0010
  Spanning tree enabled protocol rstp
  Root ID    Priority    32768
             Address     0011.2233.4455
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32768
             Address     0011.2233.4455
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1               Desg FWD 4         128.1    P2p
Gi0/2               Desg FWD 4         128.2    P2p

SW1# show running-config | include bpduguard
spanning-tree portfast bpduguard default

SW1# show interfaces gigabitethernet 0/2
GigabitEthernet0/2 is down, line protocol is down (err-disabled)
  Hardware is Gigabit Ethernet, address is 0011.2233.4456
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Auto-duplex,  Auto-speed
  input flow-control is off, output flow-control is off
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts (0 IP multicasts)
     0 runts, 0 giants, 0 throttles
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 0 multicast, 0 pause input
     0 input packets with dribble condition detected
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 0 interface resets
     0 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped out

SW1# show errdisable recovery
ErrDisable Reason    Timer Status
----------------    --------------
bpduguard           Enabled

SW1# show spanning-tree vlan 20
VLAN0020
  Spanning tree enabled protocol rstp
  Root ID    Priority    32778
             Address     0055.6677.8899
             This bridge is the root
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    32778
             Address     0055.6677.8899
             Hello Time   2 sec  Max Age 20 sec  Forward Delay 15 sec
             Aging Time  300 sec

Interface           Role Sts Cost      Prio.Nbr Type
------------------- ---- --- --------- -------- --------------------------------
Gi0/1               Desg FWD 4         128.1    P2p
Gi0/2               Desg FWD 4         128.2    P2p
Question 19hardScenario
Open the full STP breakdown →

You are connected to a multilayer switch MLS1. Configure Root Guard on the designated port facing another switch SW2 to prevent it from becoming root, configure Loop Guard on the uplink port to the core, and configure BPDU Guard on a PortFast-enabled access port. After configuration, a superior BPDU arrives on the designated port—confirm it is blocked by Root Guard. Then, simulate a BPDU on the access port to verify it goes err-disabled due to BPDU Guard.

Exhibit

MLS1# show spanning-tree

VLAN0001
  Spanning tree enabled protocol ieee
  Root ID    Priority    32769
             Address      aabb.cc00.0100
             This bridge is the root

  Bridge ID  Priority    32769  (priority 32768 sys-id-ext 1)
             Address      aabb.cc00.0100

  Interface        Role Sts Cost      Prio.Nbr Type
  ------------------- --- --- --------- -------- --------------------------------
  Gi0/0             Desg FWD 4         128.1    P2p
  Gi0/1             Desg FWD 4         128.2    P2p
  Gi0/2             Desg FWD 4         128.3    P2p

Gi0/2 is connected to SW2. Gi0/1 is uplink to core. Gi0/0 is access port with PortFast enabled.

MLS1# show running-config | section interface
interface GigabitEthernet0/0
 switchport mode access
 spanning-tree portfast
!
interface GigabitEthernet0/1
 switchport mode trunk
!
interface GigabitEthernet0/2
 switchport mode trunk
!
Question 20hardmultiple choice
Open the full STP breakdown →

After connecting a new switch to interface GigabitEthernet1/0/1 on a distribution switch, a network engineer notices that the interface is in err-disable state. The engineer checks the configuration and finds that spanning-tree portfast and spanning-tree bpduguard enable are applied to the interface. What is the most likely cause of the err-disable state?

Free account

Track your progress over time

Create a free account to save your results and see which topics improve across sessions.

Focused Spanning Tree sessions

Start a Spanning Tree only practice session

Every question in these sessions is drawn from the Spanning Tree domain — nothing else.

Related practice questions

Related 200-301 topic practice pages

Move into related areas when this topic feels solid.

Frequently asked questions

What does the 200-301 exam test about Spanning Tree?
STP questions usually test root bridge election, port roles, path cost and how spanning tree prevents Layer 2 loops.
How should I use these practice questions?
Select your answer before revealing the explanation. Then read why each option is right or wrong — this active recall approach builds retention far faster than re-reading notes.
Can I practise just Spanning Tree questions in a focused session?
Yes — the session launcher on this page draws every question from the Spanning Tree domain. Use a 10-question session first to gauge your baseline, then move to 20 or 30 once the weak spots are clear.
Where can I practise other 200-301 topics?
Use the topic links above to move to related areas, or go back to the 200-301 question bank to see all topics.
Are these real exam questions or dumps?
These are original practice questions written to test the same concepts the 200-301 exam covers. They are not copied from any real exam or dump site.