Shared Flashcard Set

Details

ICND 100-101
Cisco Certified Network Associate Study Terms
557
Computer Networking
Professional
11/29/2012

Additional Computer Networking Flashcards

 


 

Cards

Term
IEEE 802.1q
Definition
IEEE 802.1q frame-tagging standard. Adds a 4 byte tag to the frame header that identifies the VLAN to which the frame belongs. All network devices understand the standard.

AKA: dot1q encapsulation method
Cisco IOS command: switchport trunk encap dot1q
Term
Name two TCP/IP transport layer protocols.
Definition
TCP, UDP
Term
Name two examples of TCP/IP data link layer protocols?
Definition
Ethernet, PPP
Term
The process of HTTP asking TCP to send some data and making sure that it is received correctly is an example of what?
Definition
Adjacent-layer interaction
Term
The process of TCP on one computer marking a TCP segment as segment 1, and the receiving computer then acknowledging the receipt of TCP segment 1 is an example of what?
Definition
Same-layer interaction
Term
The process of a web server adding a TCP header to the contents of a web page, followed by adding an IP header and then adding a data link header and trailer are examples of what?
Definition
Data encapsulation
Term
What term is used specifically to identify the entity created when
encapsulating data inside data link layer headers and trailers?
Definition
Frame
Term
Which OSI layer defines the functions of logical network-wide addressing and routing?
Definition
Layer 3 - Internet
Term
Which OSI layer defines the standards for cabling and connectors?
Definition
Layer 1 - Physical
Term
What are the names of the seven OSI layers?
Definition
Layer 7 - Application
Layer 6 - Presentation
Layer 5 - Session
Layer 4 - Transport
Layer 3 - Internet
Layer 2 - Data Link
Layer 1 - Physical
Term
Telnet is a protocol on which OSI layer?
Definition
Application, presentation, session (Layers 5-7)
Term
HTTP is a protocol on which OSI layer?
Definition
Application, presentation, session (Layers 5-7)
Term
FTP is a protocol on which OSI layer?
Definition
Application, presentation, session (Layers 5-7)
Term
SMTP is a protocol on which OSI layer?
Definition
Application, presentation, session (Layers 5-7)
Term
POP3 is a protocol on which OSI layer?
Definition
Application, presentation, session (Layers 5-7)
Term
SNMP is a protocol on which OSI layer?
Definition
Application, presentation, session (Layers 5-7)
Term
TCP is a protocol on which OSI layer?
Definition
Transport (Layer 4)
Term
UDP is a protocol on which OSI layer?
Definition
Transport (Layer 4)
Term
IP is a protocol on which OSI layer?
Definition
Internet (Layer 3)
Term
Ethernet (IEEE 802.3) is a protocol on which OSI layers?
Definition
Physical and Data link (Layers 1-2)
Term
HDLC is a protocol on which OSI layer?
Definition
Data link (Layers 2)
Term
PPP is a protocol on which OSI layer?
Definition
Data link (Layers 2)
Term
RJ-45 is a standard on which OSI layer?
Definition
Physical (Layer 1)
Term
A L2PDU is also known as?
Definition
Frame
Term
A L3PDU is also known as?
Definition
Packet
Term
A L4PDU is also known as?
Definition
Segment
Term
Define adjacent-layer interaction
Definition
On a single computer one layer provides a service to a higher layer.
Term
Define deencapsulation
Definition
Removing the headers and trailers used in lower layer protocols from data.
Term
Define encapsulation
Definition
Process of adding headers and possibly trailers around data .
Term
Define frame
Definition
Data link (layer 2) data unit.
Term
Explain the networking model
Definition
Way of thinking about the various tasks required to transmit data between computers that allows it to be broken down into discrete layers.
Term
Define packet
Definition
Internet (layer 3) data unit.
Term
Define protocol data unit (PDU)
Definition
Unit of encapsulated data including appropriate headers and trailers.
Term
Define same-layer interaction
Definition
Two computers using a single protocol to communicate with the same layer on another computer.
Term
Define segment
Definition
Transport (layer 4) data unit.
Term
In the LAN for a small office, some user devices connect to the LAN using a patch cable, while others connect using wireless technology (and no cable). Are all of these devices using the Ethernet protocol?
Definition
No, only the devices that use patch cables are using Ethernet (802.3). Wifi is 802.11
Term
Which Ethernet standard defines Gigabit Ethernet over UTP cabling?
Definition
1000BASE-T
Term
What is the difference between Ethernet crossover cables and straight through cables?
Definition
In a crossover cable pins 1 and 2 (tx+ and tx-)on one end of the cable connect to pins 3 and 6(rx+ and rx-) on the other end of the cable.
Term
What combinations of devices would require a crossover cable when MDIX is off or unavailable?
Definition
Any connection between two of the same types of devices (router to router, switch to switch, PC to PC). Also, PC to router, and switch to hub.
Term
What is the purpose of the CSMA/CD algorithm?
Definition
The algorithm defines how the computers should notice when a collision occurs and how to recover.
Term
Ethernet uses the FCS field for what purpose?
Definition
To verify data has not been corrupted in transit
Term
Define the Ethernet FCS field.
Definition
Frame Check Sequence, a 4 byte field in the trailer of an Ethernet frame that allows the receiving NIC to determine if a frame has been received without errors.
Term
What is an OUI code.
Definition
Organizationally Unique Identifier. The first half of a MAC address, it is a unique code that identifies the manufacturer of the network device.
Term
How many bytes is an OUI?
Definition
3 bytes
Term
What are the terms to describe Ethernet addresses that can be used to send one frame that is delivered to multiple devices on the LAN?
Definition
Broadcast and multicast addresses
Term
IEEE 802.3
Definition
Ethernet
Term
What is 1000BASE-LX
Definition
IEEE 802.3z, fiber optic cable allowing gigabit links up to 5000 meters long.
Term
UTP
Definition
Unshielded Twisted Pair
Term
Why are UTP cables twisted?
Definition
Twisting helps to cancel out electromagnetic interference between wire pairs (known as crosstalk).
Term
List the wire colors in order for a TIA 568-B connection.
Definition
White-orange, orange, white-green, blue, white-blue, green, white-brown, brown.
Term
What is the standard connector used for 8 wire network cables?
Definition
RJ45, 8p8c
Term
NIC
Definition
Network Interface Card
Term
SFP
Definition
Small form-factor pluggable, more modern swappable media interface for switches
Term
GBIC
Definition
Gigabit interface converter, older swappable media interface for switches
Term
Which pins are used in a straight through 10Base-T or 100Base-T connection?
Definition
TX - Pins 1 and 2
RX - Pins 3 and 6
Term
Explain the pinouts at each end of a 10/100Base-T crossover cable.
Definition
End A pin 1 (tx+)---- (rx+)pin 3 End B
End A pin 2 (tx-)---- (rx-)pin 6 End B
End A pin 3 (rx+)---- (tx+)pin 1 End B
End A pin 4 (n/a)---- pin 4 End B
End A pin 5 (n/a)---- pin 5 End B
End A pin 6 (rx-)---- (tx-)pin 2 End B
End A pin 7 (n/a)---- pin 7 End B
End A pin 8 (n/a)---- pin 8 End B
*Note that pins on pair 4/5, and 7/8 are not crossed as they are unused
Term
How many bytes in a MAC address?
Definition
6 bytes
Term
How many bytes in an IP address?
Definition
4 bytes
Term
What is the maximum transmission unit (MTU) of a packet?
Definition
1500 bytes
Term
MTU
Definition
Maximum Transmission Unit
Term
MAC
Definition
Media Access Control, unique address that identifies the specific device on an Ethernet network.
Term
Unicast
Definition
Ethernet transmission to a single device.
Term
Broadcast
Definition
Ethernet transmission to all devices in a network.
Term
Multicast
Definition
Ethernet transmission to more than one, but not all, devices on a network. The devices will have been configured to monitor for transmissions on a specific Multicast MAC address.
Term
FFFF.FFFF.FFFF
Definition
Broadcast MAC address
Term
Full Duplex
Definition
Data can be sent and received at the same time
Term
Half Duplex
Definition
Data can only be sent or received at any given time, only needed when devices are connected to a hub rather than a switch.
Term
What are the steps of CSMA/CD?
Definition
1 - Device listens to line to determine if it is in use.
2 - When the line is clear sender begins to send data.
3 - The sender listens while sending to discover whether a collision occurs; collisions might be caused by many reasons, including unfortunate timing. If a collision occurs, all currently
sending nodes do the following:
A. They send a jamming signal that tells all nodes that a collision happened.
B. They independently choose a random time to wait before trying again, to avoid unfortunate timing
C. The next attempt starts again at Step 1.
Term
Ethernet
Definition
A family of LAN standards that together define the physical and data link
layers of the world’s most popular wired LAN technology
Term
IEEE
Definition
Institute of Electrical and Electronics Engineers
Term
WAN
Definition
Wide Area Network
Term
In the cabling for a leased line, what device typically connects to a four-wire line provided by a telco?
Definition
CSU/DSU
Term
CSU/DSU
Definition
Channel Service Unit/ Data Service Unit
Term
What field do Cisco devices add to the standard HDLC header?
Definition
Type
Term
HDLC
Definition
High-Level Data Link Connection, Layer 2 protocol used in serial WAN links
Term
Two routers, R1 and R2, connect using an Ethernet over MPLS service. The service provides point-to-point service between these two routers only, as a Layer 2 Ethernet service. What type of header will be used on packets as the leave R1?
Definition
Ethernet
Term
Which Internet access technologies, used to connect a site to an ISP, generally offers asymmetric speeds?
Definition
Cable and DSL
Term
T1
Definition
A type of leased line providing a 1.544 Mbps connection from a telephone company
Term
Telco CO
Definition
Central Office, the source of the telephone lines that enter your building.
Term
CPE
Definition
Customer Premises Equipment, often a serial card and CSU/DSU
Term
DTE
Definition
Data terminal equipment, serial cable that goes from the internet access provider to your router. Straight through with a male connector.
Term
DCE
Definition
Data communications equipment, used to emulate a WAN serial link between routers. Wired as a crossover with a female connector. Router connected to DCE must provide the clocking signal.
Term
Clock Rate
Definition
Defines the interval between encoded bits on a serial connection.
Term
What happens to the layer 2 header and trailer after the frame arrives at a switch/router on its way to the final destination?
Definition
Data is de-encapsulated and the old header info is discarded. The router will then encapsulate the data with new info addressed to the next interface on the way to the destination.
Term
EoMPLS
Definition
Ethernet over MPLS, a type of leased line that acts as if it were a single fiber ethernet link between two devices.
Term
What is Ethernet Emulation?
Definition
A type of leased line that acts as if it were a single fiber ethernet link between two devices.
Term
MPLS
Definition
Multi Protocol Label Switching, a type of point to point WAN link.
Term
TCP/IP
Definition
Transmission Control Protocol/Internet Protocol
Term
DSLAM
Definition
Digital Subscriber Line Access Multiplexer, device that allows the telco to split the analog voice signal from the digital internet data on DSL circuit.
Term
What are the functions of a Layer 3 Protocol?
Definition
Logical addressing and path selection
Term
Imagine that PC1 needs to send some data to PC2, and PC1 and PC2 are separated by several
routers. Both PC1 and PC2 sit on different Ethernet LANs. What is the largest entity (in size) that makes it from PC1 to PC2?
Definition
L3 PDU, Packet
Term
What is assignable range of IP's for a class C host?
Definition
192.0.0.1 - 223.225.255.254
Term
What is the assignable range of values for the first octet for Class A IP networks?
Definition
1 to 126
Term
PC1 and PC2 are on two different Ethernet LANs that are separated by an IP router. PC1’s IP
address is 10.1.1.1, and no subnetting is used. What range of IP's can not be used for PC2
Definition
Without subnetting then you could not use any addresses in the 10.x.x.x network.
Term
What field does a router normally look at when making a decision about routing TCP/IP packets?
Definition
Destination IP address
Term
On a LAN, when does a Host send a packet to its default gateway?
Definition
Whenever the destination IP is on a different network than itself.
Term
On a LAN, when would a Host not send a packet to its default gateway?
Definition
When the destination IP is on the same network as itself.
Term
What are the functions of a routing Protocol?
Definition
1 - To dynamically learn and fill the routing table with a route to each subnet in the internetwork.
2 - If more than one route to a subnet is available, to place the best route in the routing table.
3 - To notice when routes in the table are no longer valid, and to remove them from the routing
table.
4 - If a route is removed from the routing table and another route through another neighboring router
is available, to add the route to the routing table. (Many people view this goal and the preceding one as a single goal.)
5 - To work quickly when adding new routes or replacing lost routes. (The time between losing the
route and finding a working replacement route is called convergence time.)
6 - To prevent routing loops.
Term
What are the steps of router forwarding logic?
Definition
1 - Use FCS to confirm there were no tranmission errors.
2 - Discard layer 2 header and trailer.
3 - Compare Destination IP Address to the routing table to determine which interface to transmit on.
4 - Encapsulate data with new Layer 2 header and trailer to send out the appropriate interface.
Term
ARP
Definition
Address Resolution Protocol, method for allowing a device to dynamically learn the MAC address for any IP address on the local LAN
Term
DDN
Definition
Dotted Decimal Notation, the method of breaking up a 32 bit IP address into 4 bytes(octets), ie 192.168.1.1
Term
Class A IP Address Range
Definition
Networks 1-126
Term
Class B IP Address Range
Definition
Networks 128.0-191.255
Term
Class C IP Address Range
Definition
Networks 192.0.0-223.255.255
Term
Number of hosts in Class C Network
Definition
254
Term
Number of hosts in Class B Network
Definition
65,534
Term
Number of hosts in Class A Network
Definition
16,777,214 (usually accepted as over 16 million)
Term
Number of Networks in Class A Range
Definition
126
Term
Number of Networks in Class B Range
Definition
16383 (usually accepted as over 16,000)
Term
Number of Networks in Class C Range
Definition
2,097,152 (usually accepted as over 2 million)
Term
Translate the following into DDN:
11000000 10101000 00000010 00001001
Definition
192.168.2.9
Term
Translate the following into binary:
78.101.221.254
Definition
01001110 01100101 11011101 11111110
Term
DNS
Definition
Domain Name System, protocol that allows a server to convert hostnames into ip addresses so users don't have to remember the IP of every device or website they want to connect to.
Term
What command do you use in windows to see the ARP table?
Definition
arp -a
Term
ICMP
Definition
Internet Control Message Protocol, set of commands and control messages built into the IP protocol that help to assess the status of a network, includes functions such as Ping and Traceroute
Term
What are the two most common layer 4 Protocols
Definition
TCP and UDP
Term
TCP
Definition
Transmission Control Protocol
Term
UDP
Definition
User Datagram protocol
Term
What are four typical functions of TCP?
Definition
Flow Control (windowing)
Error Recovery
Ordered Data Transfer
Multiplexing
Term
How does a computer know which application is the intended recipient of a data packet?
Definition
Based on the TCP or UDP port number in the header.
Term
Which transport layer protocol does not allow for windowing?
Definition
UDP
Term
What do you call data that includes the Layer 4 protocol header, and data given to Layer 4 by the upper layers, not including any headers and trailers from Layers 1 to 3?
Definition
Segment, Layer 4 PDU
Term
In the URL http://www.certskills.com/ICND1, which part identifies the web server?
Definition
www.certskills.com
Term
What are some applications where you benefit from UDP tranmission over TCP?
Definition
UDP is best when error recovery is not important and maximum thoughput with minimum latency is desired. Notably real time voice and video streaming favor UDP.
Term
Regarding the transport layer, what is windowing?
Definition
Process that adjusts window sizes to protect buffer space and to prevent routing devices from being overloaded.
Term
Regarding the transport layer, what is error recovery?
Definition
TCP Process of numbering and acknowledging data with the Sequence and Acknowledgement header fields.
Term
Which of the transport layer protocols is generally slower and why?
Definition
TCP due to its more complicated headers and allowing for error recovery.
Term
What role do ports play in transport layer protocols?
Definition
Port numbers are a component of a 'socket' which allows a computer to know which applications to direct a data packet to.
Term
TCP Port 20
Definition
FTP Data
Term
TCP Port 21
Definition
FTP Control
Term
TCP Port 22
Definition
SSH
Term
TCP Port 23
Definition
Telnet
Term
TCP Port 25
Definition
SMTP
Term
TCP/UDP Port 53
Definition
DNS
Term
UDP Port 67/68
Definition
DHCP
Term
UDP Port 69
Definition
TFTP
Term
TCP Port 80
Definition
HTTP
Term
TCP Port 110
Definition
POP3
Term
UDP Port 161
Definition
SNMP
Term
TCP Port 443
Definition
SSL
Term
TCP/UDP Port 500
Definition
IPSEC (for VPN)
Term
TCP/UDP Port 1723
Definition
Microsoft Point to Point Tunneling Protocol (for VPN)
Term
UDP Port 1701
Definition
Layer 2 Forwarding Protocol & Layer 2 Tunneling Protocol (for VPN)
Term
TCP/UDP Port 47
Definition
Generic Routing Encapsulation (GRE)
Term
UDP Port 4500
Definition
IPSEC Control path (for VPN)
Term
Regarding TCP, what is the three way handshake?
Definition
Process used to establish a TCP connection where PC1 sends a SYNchronize message listing the port they are trying to access and the port they want to receive signals back on. PC2 then sends a SYNchronization ACKnowledgement back. PC1 sends an ACK and the connection is established.
Term
Connection Oriented Protocol
Definition
Requires an exchange of messages before data transfer begins.
Term
Connectionless Protocol
Definition
Does not require any exchanges of messages before sending data.
Term
Why does DNS use UDP?
Definition
DNS is able to use UDP because if a packet is lost the user will just try again.
Term
How many bytes is TCP header?
Definition
20 bytes
Term
How many bytes is a UDP header?
Definition
8 bytes
Term
QoS
Definition
Quality of Service, method of organizing data into priority levels that allow for high priority frames to pass through faster and with less loss/jitter/latency
Term
jitter
Definition
variation in delay between packets, where some packets arrive quickly and others are delayed. VoIP is more sensitive to this type of issue than most other forms of data
Term
Delay
Definition
Length of time it takes a packet to get from sender to receiver.
Term
Loss
Definition
Percentage of packets discarded by the network before they arrive at their destination.
Term
Bandwidth
Definition
Volume of bits per second that travel across a network.
Term
Batch Applications
Definition
Software that is not especially sensitive to network speed/latency issues. Often runs unattended as a background process or automated backup.
Term
Interactive Applications
Definition
Applications such as web browsers with a regular stream of data going back and forth where some delay can be tolerated.
Term
Real Time Applications
Definition
Tolerates the least amount for latency and jitter as delays of .2 seconds can degrade call quality.
Term
URL
Definition
Uniform Resource Locator, standard format that allows the browser to know where to find the page you are requesting. Broken down into a format of "protocol" :// "host" / "location"
Term
Describe the process of how a switch decides to forward a frame destined for a known unicast MAC address?
Definition
It compares the unicast destination address to the bridging, or MAC address table. If there is a match it simply sends the frame out the appropriate interface. If there is no match the switch will flood the frame out all ports on the same VLAN except the one the frame arrived on. Once the destination device responds the switch will add that address to its MAC address table.
Term
Describe the process of how a LAN switch decides to forward a frame destined for a broadcast MAC address?
Definition
It forwards the frame out all interfaces in the same VLAN except for the incoming interface.
Term
What does a switch do with a frame destined for an unknown unicast address?
Definition
It forwards out all interfaces in the same VLAN except for the incoming interface.
Term
What header field does a switch look at to determine if it will add a new MAC address to its table?
Definition
It adds unicast source MAC addresses from whichever interface it receives them.
Term
What is the maximum allowable distance of a 1000Base-LX run using single mode fiber?
Definition
10 kilometers, or just over 6 miles
Term
What is the maximum allowable distance of a 1000Base-LX run using multimode fiber?
Definition
550 meters, or 1800 feet
Term
What is the maximum allowable distance of a 100Base-T run using CAT5e UTP cables?
Definition
100 meters, or 328 feet
Term
A Cisco LAN switch connects to three PCs (PC1, PC2, and PC3), each directly using a cable
that supports Ethernet UTP speeds up through 1000 Mbps (1 Gbps). PC1 uses a NIC that
supports only 10BASE-T, while PC2 has a 10/100 NIC, and PC3 has a 10/100/1000 NIC.
Assuming that the PCs and switch use IEEE autonegotiation, which PCs will use half-duplex?
Definition
None, with a switch they can all use full duplex
Term
Collision domain
Definition
A set of NIC cards where a transmission from one card could potentially interrupt a transmission from another card, generally cause by using old style hubs/bridges instead of modern switches.
Term
What is the MAC address on a broadcast frame?
Definition
FFFF.FFFF.FFFF
Term
What is a MAC address table?
Definition
A list including the MAC address and associated interface for devices that have sent frames that passed through the switch. These addresses are taken from the source MAC address field in the frame headers.
Term
Regarding switches, what is the inactivity timer
Definition
For each address in the MAC address table the switch tracks a timer. Every time the switch receives a packet from that device it resets the timer to 0 and starts counting up. If the switch runs out of space for MAC entries it will remove the addresses with the highest timer since they were last seen.
Term
STP
Definition
Spanning Tree Protocol, a method of preventing switching loops where the layer 2 interfaces dynamically determine which paths could cause a switching loop and causes them to be blocked. If a link goes down the blocking ports can be opened up to repair the paths in the network.
Term
Switching loop
Definition
When switches are linked together through more than one path and broadcast frames are forwarded indefinitely causing a broadcast storm.
Term
Regarding switches, what is store-and-forward processing?
Definition
Switch must receive the entire frame before it will begin to forward the first but of the frame.
Term
Regarding switches, what is cut-through processing?
Definition
The switch will begin to forward data as soon as it knows the destination address and can make its forwarding decision, but before it has verified that the frame is not corrupt. This provide minimal delay, but may propagate bad frames through the network.
Term
Regarding switches, what is fragment-free processing?
Definition
Switches will wait until they have received 64 bytes of data before forwarding them, this gives time to verify that no collision occurred during the transmission as they would normally happen in that first 64 byte window.
Term
Name some benefits of switches to a network.
Definition
Switch ports connected to a single device microsegment the LAN, providing dedicated bandwidth to that single device.
Switches allow multiple simultaneous conversations between devices on different ports.
Switch ports connected to a single device support full-duplex, in effect doubling the amount of bandwidth available to the device.
Switches support rate adaptation, which means that devices that use different Ethernet speeds can communicate through the switch (hubs cannot).
Term
Explain switch forwarding logic.
Definition
Step 1. Switches forward frames based on the destination address:
A. If the destination address is a broadcast, multicast, or unknown destination unicast (a unicast not listed in the MAC table), the switch floods the frame.
B. If the destination address is a known unicast address (a unicast address found in the MAC table):
i. If the outgoing interface listed in the MAC address table is different from the interface in which the frame was received, the switch forwards the frame out the outgoing interface.
ii. If the outgoing interface is the same as the interface in which the frame was received, the switch filters the frame, meaning that the switch simply ignores the frame and does
not forward it.
Step 2. Switches use the following logic to learn MAC address table entries:
A. For each received frame, examine the source MAC address and note the interface from which the frame was received.
B. If it is not already in the table, add the MAC address and interface it was learned on, setting the inactivity timer to 0.
C. If it is already in the table, reset the inactivity timer for the entry to 0.
Step 3. Switches use STP to prevent loops by causing some interfaces to block, meaning that they do not send or receive frames.
Term
VLAN
Definition
Virtual Local Area Network, a method of separating layer 2 networks into distinct broadcast domains. No traffic from a vlan will pass to another vlan without a layer 3 device such as a router connecting them.
Term
Broadcast Domain
Definition
This is a set of computers where if one of the devices sends out a broadcast it would be received by all the others in the set. Typically the boundaries of these are set with the use of layer 3 devices such as routers using different subnets and vlans
Term
Ethernet Bridge
Definition
A precursor to modern switches that allowed you to split a collision domain between hubs on both sides of the bridge. It would evaluate the destination MAC of a frame and if the destination is on the same interface that it received then it would not forward it to the other interfaces.
Term
Router
Definition
Layer 3 network device that can connect different IP networks and makes path selection decisions about the best way to send a packet from one network to another.
Term
Core Layer
Definition
Aggregates distribution switches in very large LANs, provides very fast forwarding rates. Small to medium sites often forego the core layer.
Term
Distribution Layer
Definition
Provide pathways between the access switches and the core, should not be connecting to end users.
Term
Access Layer
Definition
Connects directly to the end user workstations at the edge of the LAN.
Term
Autonegotiation
Definition
Method to allow a two devices to determine the fastest bandwidth and duplex settings that they both support. Cisco switches are able to sense transmission speeds outside of standard autonegotiation to determine the best speed to use. If autonegotiate fails the devices default to their slowest speed, and if the speed of the link is 10/100 they switch to half duplex, if it is higher they remain full duplex.
Term
Duplex mismatch
Definition
If one side of an ethernet link is set to half duplex and the other side is full then the half duplex side will assume many collisions that did not actually happen. This causes it to back off, resend unnecessary frames, and generally perform poorly.
Term
unknown unicast frame
Definition
Any frame that is directed to an address that is not already in the MAC address table. These frames are flooded out all ports except the one they are received on.
Term
In what modes can you execute the command show mac address-table?
Definition
User mode and Enable mode
Term
In which modes of the CLI could you issue the command reload to reboot the switch?
Definition
Enable
Term
What is a difference between Telnet and SSH as supported by a Cisco switch?
Definition
SSH encrypts all data exchange, including login passwords; Telnet encrypts nothing.
Term
What type of switch memory is used to store the configuration used by the switch when it is up and working?
Definition
RAM
Term
What IOS command copies the configuration from RAM into NVRAM?
Definition
copy running-config startup-config
Term
A switch user is currently in console line configuration mode. Which command/keystrokes would place the user in enable mode?
Definition
Using the end command once or Pressing the Ctrl-Z key sequence once
Term
CLI
Definition
Command-line interface, text interface used to control most Cisco switches and routers.
Term
Catalyst refers to which type Cisco products?
Definition
Switches
Term
Cisco IOS
Definition
Cisco Internetwork Operating System, software used on most Cisco routers and modern switches (older ones used CatOS)
Term
At what layer would you normally find Catalyst 2960 switches?
Definition
Access, these are considered to be enterprise class, full-features, low-cost wiring closet switches.
Term
What does the RPS LED on a switch refer to?
Definition
Redundant Power Supply status
Term
What does the STAT LED on a switch refer to?
Definition
When this is lit the indicator light over each port is showing the current status of the port. Usually off is down/disconnected, solid green is connected but no traffic, flashing green is connected and passing traffic, flashing amber is a port that is blocked by STP
Term
What does the DUPLX LED on a switch refer to?
Definition
When this is lit the indicator light over each port is showing the current duplex setting (full/half) of the port.
Term
What does the SPEED LED on a switch refer to?
Definition
When this is lit the indicator light over each port is showing the current speed of the port. Usually off means 10 Mbps, solid green is 100 Mbps, and flashing green is Gigabit.
Term
What does an amber light on the SYST LED mean?
Definition
System has power but is not functioning properly.
Term
Cisco TAC
Definition
Cisco Technical Assistance Center, support line for Cisco hardware.
Term
Terminal Emulator
Definition
Application used to access CLI, the basic example being Telnet.
Term
Console port
Definition
Used to access the CLI locally without connecting over the network. Usually requires a special cable, called a rollover cable, that has an RJ-45 on one end and a serial or USB connector on the other. Newer Cisco devices can come with a USB console port as well.
Term
Describe the pinouts of a rollover cable.
Definition
Side A pin 1 - pin 8 Side B
Side A pin 2 - pin 7 Side B
Side A pin 3 - pin 6 Side B
Side A pin 4 - pin 5 Side B
Side A pin 5 - pin 4 Side B
Side A pin 6 - pin 3 Side B
Side A pin 7 - pin 2 Side B
Side A pin 8 - pin 1 Side B
Term
What are the correct settings for a terminal emulator session to speak to a Cisco device?
Definition
9600 baud
no flow control
8 bit ASCII
no parity bits
1 stop bit
Term
What needs to be configured on a new Cisco device before you can connect to it with a TCP/IP Telnet/SSH Session?
Definition
The device must have an IP address assigned. It is also best practice to configure a vty password for security.
Term
Telnet
Definition
The basic terminal protocol used to access Cisco devices. Notably it does not support any encryption and is generally replaced by SSH. Sends traffic on TCP port 23.
Term
SSH
Definition
Secure Shell, terminal protocol similar to Telnet but encrypts all traffic. Uses TCP port 22.
Term
What are the commands to configure a console password in IOS?
Definition
R1>enable
R1#configure terminal
R1(config)#line console 0
R1(config-line)#password letmein
R1(config-line)#login
Term
What are the commands to configure a telnet password in IOS?
Definition
R1>enable
R1#configure terminal
R1(config)#line vty 0 15
R1(config-line)#password letmein
R1(config-line)#login
Term
In IOS what is meant by User Mode?
Definition
Default mode when accessing the CLI, also known as EXEC mode. You have a limited subset of commands available, mostly SHOW commands to gather information without breaking anything.
If the prompt shows as a > you are in user mode.
Term
In IOS what is meant by Privileged Mode?
Definition
By running the ENABLE command you are elevated to a privileged mode where you are able to make changes to the setup of the device. If the prompt shows as a # you are in privileged mode.
Term
In IOS what does RELOAD do?
Definition
Reboots the device.
Term
In IOS what command saves the current configuration to NVRAM?
Definition
COPY RUNNING-CONFIG STARTUP-CONFIG, there are other commands that can perform the same function but you should not use them while training for the exam as they are deprecated and will not function during the test.
Term
In IOS how do you get more information about a command?
Definition
Typing a ? will give you help about whatever commands are available in your current mode. If you start a command and add a ? it will tell you all the commands that start with those characters or give you more information about the command you are entering.
Term
In IOS how do you interrupt a command in progress?
Definition
CTRL-Shift-6
Term
What do DEBUG commands do?
Definition
Beyond showing you the current status of whatever you are debugging you it will also update you with ongoing status updates over time. These options will remain in effect until disabled by the user.
Term
In IOS what does the CTRL-Z keypress do?
Definition
Same as entering the END command, it takes you out of whatever config mode you are in and back to the privileged user prompt, #.
Term
In a Cisco device which type of memory would be lost when the device powers down?
Definition
RAM, this is where the running config is stored.
Term
What data would be found on a switch's ROM?
Definition
Bootloader, which finds the IOS image and loads it into the RAM.
Term
In a Cisco Device what type of file do you typically find in the flash memory?
Definition
Normally the IOS image, but any file type can be stored there.
Term
In a Cisco switch what data is found in the NVRAM?
Definition
The startup configuration is stored in NVRAM and is normally loaded immediately after the the switch boots.
Term
You are working on a config for a switch and have decided you want to cancel the changes you made and go back to the previous configuration, what command can you use?
Definition
RELOAD, but this will lose any changes since the last time the config was copied to the NVRAM
Term
What happens if you copy a previously saved config file into the running-config?
Definition
The file will be merged with the current running-config, as if all of those commands were just typed in on top of what you already had. This can give unintended behaviors.
Term
In IOS what is the result of the following commands. WRITE ERASE, or ERASE STARTUP-CONFIG, or ERASE NVRAM?
Definition
All three commands wipe the startup config from the NVRAM. If you reload from this point you will enter the initial configuration setup mode.
Term
What is the Cisco Setup Mode?
Definition
When the device starts with a blank NVRAM it can prompt you with a series of questions about how you would like to configure the device. This is a basic setup wizard.
Term
What command outputs the following information?
Cisco IOS Software, C3560 Software (C3560-IPBASEK9-M), Version 12.2(44)SE, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Sat 05-Jan-08 00:15 by weiliu
Image text-base: 0x00003000, data-base: 0x01500000

ROM: Bootstrap program is C3560 boot loader
BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(25r)SEE4, RELEASE SOFTWARE (fc1)

SWITCH1 uptime is 1 year, 33 weeks, 4 days, 15 hours, 36 minutes
System returned to ROM by power-on
System restarted at 16:49:06 pst Mon Nov 12 2012
System image file is "flash:c3560-ipbasek9-mz.122-44.SE/c3560-ipbasek9-mz.122-44.SE.bin"
Definition
SHOW VERSION
Term
in IOS which command will tell you how long since the switch last booted?
Definition
SHOW VERSION
Term
If you have just remoted into a switch and aren't sure how many interfaces it has and what type they are what command would be best to find that information out?
Definition
SHOW VERSION
Term
In IOS how do you change the name of the device you are working on?
Definition
HOSTNAME
Term
In IOS if you want to move back just one level into a higher configuration mode what command would you use?
Definition
EXIT
Term
In IOS if you want to move back all the way to the enable prompt what command would you use?
Definition
END
Term
In IOS starting at a Switch1> prompt what commands would you enter to be able to configure the 3rd fast ethernet port?
Definition
Switch1>enable
Switch1#configure terminal
switch1(config)#interface fa0/3
Term
In IOS what would you enter to disable all the running debugs?
Definition
NO DEBUG ALL or UNDEBUG ALL
Term
In IOS by default all logging messages are sent to which port?
Definition
Console
Term
In IOS how to do you allow a VTY connection to view logging and debug information?
Definition
TERMINAL MONITOR
Term
In IOS what command would you use to view the entire current configuration of a switch?
Definition
SHOW RUNNING-CONFIG
Term
In IOS how do you disconnect from a CLI session?
Definition
QUIT
Term
In IOS how would you leave the privileged user mode?
Definition
DISABLE
Term
In IOS what command would allow you to change configurations that affect the entire device?
Definition
CONFIGURE TERMINAL
Term
Imagine that you have configured the enable secret command, followed by the enable
password command, from the console. You log out of the switch and log back in at the console.
Which command defines the password that you had to enter to access privileged mode?
Definition
ENABLE SECRET, this command always overrides ENABLE PASSWORD when it is used.
Term
Why would ENABLE SECRET be preferred over ENABLE PASSWORD?
Definition
ENABLE PASSWORD stores the password in clear text in the config so anyone can just look at it and learn the password, ENABLE SECRET runs the password through an MD5 encryption and converts it to a hash that is much harder to crack.
Term
What is the only time when you would use ENABLE PASSWORD instead of ENABLE SECRET?
Definition
ENABLE PASSWORD should not be used except when SECRET is not supported on older devices and boot modes.
Term
The following command was copied and pasted into configuration mode when a user was
telnetted into a Cisco switch:
banner login this is the login banner
What occurs the next time a user logs in from the console?
Definition
The banner text “his is” is displayed.
Term
In IOS how would you disable IEEE standard autonegotiation on a 10/100 port on a Cisco switch?
Definition
Configure the speed 100 and duplex full interface subcommands
Term
In which mode of the CLI could you configure the duplex setting for interface Fast Ethernet 0/5?
Definition
Interface configuration mode
Term
What needs to be done in order to enable VTY on a new switch or router?
Definition
Device needs an IP configuration, login security needs to be enabled on the VTY lines, and to get into privileged mode you need to have an enable password configured.
Term
In IOS what command is used to protect access to privileged mode from unauthorized users?
Definition
ENABLE SECRET, one could also use ENABLE PASSWORD but it does not encrypt the password and is therefor insecure.
Term
In IOS what commands would be entered to configure and use a locally stored username and password?
Definition
SW1>enable
SW1#config terminal
SW1(config)#username marc password iscool
Term
In reference to security, what is an AAA server?
Definition
authentication, authorization, and accounting servers provide a method of confirming that a user is who they claim to be, what rights that user has within the system, and tracking of what actions those users take.
Term
What protocols are generally used to communicate between the network device and an AAA server?
Definition
Radius and TACACS+ are typicaly used.
Term
In IOS what additional steps must be taken to connect with SSH instead of Telnet?
Definition
Step 1. Configure the vty lines to use usernames, with either locally configured usernames (using the login local command) or a AAA server.
Step 2. If using locally defined usernames, add one or more username global configuration commands to configure username/password pairs.
Step 3. Configure the switch to generate a matched public and private key pair to use for encryption, using two commands:
A. As a prerequisite for the next command, configure a DNS domain name with the ip domain-name name global configuration command.
B. Create the encryption keys using the crypto key generate rsa global configuration command.
Step 4. (Optional) Enable SSH Version 2 using the ip ssh version 2 global command for enhanced security.
Term
What IOS command would generate the following output?
SSH Enabled - version 2.0
Authentication timeout: 120 secs; Authentication retries: 3
Minimum expected Diffie Hellman key size : 1024 bits
IOS Keys in SECSH format(ssh-rsa, base64 encoded):
Definition
SHOW IP SSH
Term
What IOS command would generate the following output?
Connection Version Mode Encryption Hmac State Username
0 2.0 IN aes128-cbc hmac-sha1 Session started wendell
0 2.0 OUT aes128-cbc hmac-sha1 Session started wendell
%No SSHv1 server connections running.
Definition
SHOW SSH
Term
In IOS what commands would you use to force only SSH connection on the VTY lines?
Definition
sw1>enable
sw1#config terminal
sw1(config)#line vty 0 15
sw1(config-line)#transport input ssh
Term
In IOS what commands would you use to disable any remote access on the VTY lines?
Definition
sw1>enable
sw1#config terminal
sw1(config)#line vty 0 15
sw1(config-line)#transport input none
Term
In IOS what command will change all clear text passwords in your config into an encrypted form?
Definition
SERVICE PASSWORD-ENCRYPTION
Term
What is the important thing to keep in mind about the SERVICE PASSWORD-ENCRYPTION command?
Definition
The "type 7" encryption Cisco uses for this command is a very weak method and is easily cracked by many online tools. It is only good for keeping people from glancing over your config and seeing passwords in clear text.
Term
Explain what happens when you run the following command:
show running-config | begin line vty
Definition
This is a show command pipe, in this case the command will show the running-config but will skip everything before the first instance of "line vty" and will include everything from that point forward.
Term
In IOS what command would you use to remove an MD5 encrypted enable password?
Definition
NO ENABLE SECRET, it is important to remember that from privileged user mode you can change/erase the enable password without actually having to know the old password.
Term
In IOS what command would produce the following output:
interface GigabitEthernet0/1
interface GigabitEthernet0/10
interface GigabitEthernet0/11
interface GigabitEthernet0/12
interface GigabitEthernet0/13
interface GigabitEthernet0/14
interface GigabitEthernet0/15
interface GigabitEthernet0/16
interface GigabitEthernet0/17
interface GigabitEthernet0/18
interface GigabitEthernet0/19
Definition
SHOW RUNNING-CONFIG | GigabitEthernet0/1
Note that the show filters are case sensitive.
Term
In IOS what command causes a message to display before the login prompt?
Definition
BANNER
Term
In IOS what command causes a message to display after the login prompt?
Definition
BANNER EXEC
Term
In IOS what command causes a message to display after the MOTD but before the login prompt?
Definition
BANNER LOGIN
Term
In IOS what command would allow you to see the last few commands you have entered?
Definition
SHOW HISTORY
Term
In IOS what command will prevent logging and debug messages from interrupting your outputs?
Definition
LOGGING SYNCHRONOUS
Term
In IOS what would be the result of the following command?
sw1(config-line)#exec-timeout 0 0
Definition
A 0 0 timeout will disable inactivity timeouts on that line.
Term
With a brand new switch what is the default state for all of the ports?
Definition
Default switch configuration is as follows:
switchport access vlan 1
duplex auto
speed auto
no shutdown
Term
In IOS what command would reset just interface fa0/3 to its default settings without affecting any other interfaces?
Definition
sw1(config)#default fastEthernet 0/3
Term
What do you call a switch that can route between VLAN's
Definition
Multilayer or Layer 3 switch
Term
SVI
Definition
Switched Virtual Interface, aka VLAN interface, which allows a switch to be managed remotely over an IP network.
Term
How would you configure a switch to use an address of 192.168.10.250 on VLAN 1, with a gateway of 192.168.10.1, and DNS servers of 8.8.8.8 and 8.8.4.4?
Definition
sw1>enable
sw1#configure terminal
sw1(config)#interface vlan 1
sw1(config-if)#ip address 192.168.10.250 255.255.255.0
sw1(config-if)#no shutdown
sw1(config-if)#exit
sw1(config)#ip default-gateway 192.168.10.1
sw1(config)#ip name-server 8.8.8.8 8.8.4.4
Term
Imagine you just finished programming an interface but it never connected. The show interface command has it listed as administratively down. What command did you forget when programming the interface?
Definition
NO SHUTDOWN
Term
In IOS what command is used to set an interface to send and receive data at the same time?
Definition
DUPLEX FULL
Term
In IOS what command would you use to label an interface with useful information?
Definition
DESCRIPTION
Term
In IOS how would you select a group of ports to apply the same settings to them all in one go?
Definition
sw1(config)#interface range fa0/1 - 24
Term
In IOS what command would produce the following output?
Port Name Status Vlan Duplex Speed Type
Fa0/1 Server1 connects h notconnect 1 full 100 10/100BaseTX
Fa0/2 notconnect 1 auto auto 10/100BaseTX
Fa0/3 notconnect 1 auto auto 10/100BaseTX
Fa0/4 connected 1 a-full a-100 10/100BaseTX
Fa0/5 notconnect 1 auto auto 10/100BaseTX
Fa0/6 connected 1 a-full a-100 10/100BaseTX
Fa0/7 notconnect 1 auto auto 10/100BaseTX
Definition
SHOW INTERFACES STATUS
Term
In IOS what information can you gather from the SHOW INTERFACES STATUS command?
Definition
Port #, description, connection status, vlan, duplex, speed, type (10/100/1000)
Term
In IOS what would it mean if an interface shows a-full and a-100 for its duplex and speed settings?
Definition
Starting with an a- indicates that this port was auto-negotiated and it is displaying the results of that negotiation.
Term
What is the main field being inspected by IOS port security settings?
Definition
Source MAC Address
Term
What is the default action taken by a switch when a port security violation has occurred?
Definition
Default is to shutdown the interface.
Term
What are the different responses that port security can take to a violation?
Definition
Protect — This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, no notification action is taken when traffic is dropped.
Restrict — This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with this mode, a syslog message is logged, a Simple Network Management Protocol (SNMP) trap is sent, and a violation counter is incremented when traffic is dropped.
Shutdown — This mode is the default violation mode; when in this mode, the switch will automatically force the switchport into an error disabled (err-disable) state when a violation occurs. While in this state, the switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the errdisable recovery cause CLI command or by disabling and reenabling the switchport.
Shutdown VLAN — This mode mimics the behavior of the shutdown mode but limits the error disabled state the specific violating VLAN.
Term
Can you use port security on a trunk port?
Definition
Yes, it works on statically assigned trunk or access ports, but not on any dynamic modes.
Term
What commands would you enter to enable port security on an interface?
Definition
Step 1. Make the switch interface either a static access or trunk interface, using the switchport
mode access or the switchport mode trunk interface subcommands, respectively.
Step 2. Enable port security using the switchport port-security interface subcommand.
Step 3. (Optional) Override the default maximum number of allowed MAC addresses associated with the interface (1) by using the switchport port-security maximum number interface subcommand.
Step 4. (Optional) Override the default action to take upon a security violation (shutdown) using the switchport port-security violation {protect | restrict | shutdown} interface subcommand.
Step 5. (Optional) Predefine any allowed source MAC address(es) for this interface, using the switchport port-security mac-address mac-address command. Use the command multiple
times to define more than one MAC address.
Step 6. (Optional) Tell the switch to “sticky learn” dynamically learned MAC addresses with the switchport port-security mac-address sticky interface subcommand.
Term
With the default settings on port-security how many MAC addresses can be seen before a violation occurs?
Definition
1 MAC Address
Term
Explain the sticky MAC address feature in port security.
Definition
The port will dynamically learn the MAC address that are attached to the port and add them to the running-config. If you reboot the device without saving the running-config these addresses will be lost. If you save it then the MAC address effectively becomes a static address.
Term
How do you recover from an errdisabled port state?
Definition
First you should determine the cause of the error, and fix it. Then you can use shutdown, no shutdown to restart the port. If you have errdisable recovery enabled the port will be turned back on in 5 minutes (300 seconds)
Term
What are the recommended methods to secure unused ports on a new Cisco switch?
Definition
Administratively disable the interface using the shutdown interface subcommand.
Prevent VLAN trunking by making the port a nontrunking interface using the switchport mode access interface subcommand.
Assign the port to an unused VLAN using the switchport access vlan number interface subcommand.
Set the native VLAN to not be VLAN 1, but to instead be an unused VLAN, using the switchport trunk native vlan vlan-id interface subcommand. (The native VLAN is discussed in Chapter 9.)
Term
In IOS what command generates your SSH key?
Definition
CRYPTO KEY GENERATE RSA
Term
Imagine a switch with three configured VLANs. How many IP subnets are required, assuming that all hosts in all VLANs want to use TCP/IP?
Definition
3
Term
Switch SW1 sends a frame to switch SW2 using 802.1Q trunking. Which of the answers
describes how SW1 changes or adds to the Ethernet frame before forwarding the frame to SW2?
Definition
Inserts a 4-byte header and does not change the MAC addresses
Term
For an 802.1Q trunk between two Ethernet switches, which frames do not include an 802.1Q header?
Definition
Frames in the native VLAN (only one)
Term
Imagine that you are told that switch 1 is configured with the dynamic auto parameter for
trunking on its Fa0/5 interface, which is connected to switch 2. You have to configure switch 2.
Which two settings for trunking could allow trunking to work?
Definition
Trunking turned on or dynamic desirable mode
Term
A switch has just arrived from Cisco. The switch has never been configured with any VLANs, but VTP has been disabled. An engineer gets into configuration mode and issues the vlan 22 command, followed by the name Hannahs-VLAN command. Does VLAN 22 show up in the SHOW VLAN BRIEF or not?
Definition
It does show up.
Term
List the common reasons for creating many small VLANs.
Definition
To reduce CPU overhead on each device by reducing the number of devices that receive each broadcast frame.
To reduce security risks by reducing the number of hosts that receive copies of frames that the switches flood (broadcasts, multicasts, and unknown unicasts)
To improve security for hosts that send sensitive data by keeping those hosts on a separate VLAN
To create more flexible designs that group users by department, or by groups that work together, instead of by physical location.
To solve problems more quickly, because the failure domain for many problems is the same set of devices as those in the same broadcast domain.
To reduce the workload for the Spanning Tree Protocol (STP) by limiting a VLAN to a single access switch.
Term
What is trunking?
Definition
Trunking is a method of allowing a single switch interface to carry data for multiple VLANs by tagging frame headers with a VLAN ID field.
Term
802.1Q
Definition
IEEE VLAN trunking standard most commonly used.
Term
What are the normal and extended VLAN ranges?
Definition
Normal is VLAN IDs 1-1005
Extended is 1006-4094
Term
Native VLAN
Definition
One a trunk port the native VLAN is where all frames that are not tagged with an 802.1Q header will go. This is essentially a method of maintaining compatibility with switches that do not support VLAN tagging. The native vlan can be any VLAN you choose but both sides of the trunk should be configured to match. You can set a different native VLAN for each port.
Term
What type of networking device is used to pass traffic between different VLANs?
Definition
Layer 3 devices such as routers or layer 3 switches. Devices with only layer 2 support cannot route between VLANs or subnets.
Term
Explain router on a stick.
Definition
Method of attaching a router on a trunk port for the purpose of allowing it to route your local traffic across subnets and VLANs. You configure the router port with subinterfaces for each VLAN/subnet.
Term
Explain the process of enabling a VLAN on a switch port.
Definition
Step 1. To configure a new VLAN, follow these steps:
A. From configuration mode, use the vlan vlan-id global configuration command to create the VLAN and to move the user into VLAN configuration mode.
B. (Optional) Use the name name VLAN subcommand to list a name for the VLAN. If not configured, the VLAN name is VLANZZZZ, where ZZZZ is the 4-digit decimal VLAN ID.
Step 2. For each access interface (each interface that does not trunk, but instead belongs to a single VLAN), follow these steps:
A. Use the interface command to move into interface configuration mode for each desired interface.
B. Use the switchport access vlan id-number interface subcommand to specify the VLAN number associated with that interface.
C. (Optional) To disable trunking on that same interface, so that the interface does not negotiate to become a trunk, use the switchport mode access interface subcommand.
Term
Which VLAN's are reserved for legacy technologies such as FDDI and token ring?
Definition
1002
1003
1004
1005
Term
What command created the following output?
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/15, Fa0/16, Fa0/17, Fa0/18
Fa0/19, Fa0/20, Fa0/21, Fa0/22
Fa0/23, Fa0/24, Gi0/1, Gi0/2
2 Freds-vlan active Fa0/13, Fa0/14
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
Definition
SHOW VLAN BRIEF
Term
What command created the following output?
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
2 Freds-vlan active Fa0/13, Fa0/14
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
2 enet 100010 1500 - - - - - 0 0
Remote SPAN VLAN
----------------
Disabled
Primary Secondary Type Ports
------- --------- ----------------- ------------------------------------------
Definition
SHOW VLAN ID 2
Term
In IOS what happens if you try to assign a port to a VLAN that has not been created on the switch?
Definition
The switch will create the VLAN with a default name of VLANxxx, the x's being the VLAN ID#.
Term
VTP
Definition
VLAN Trunking Protocol, a proprietary Cisco protocol that allows switches to advertise their VLANs and causes client machines to overwrite their VLAN lists. It is generally discouraged to be used. There are 3 VTP modes: Server, Client, and Transparent.
Term
What is VTP Server mode?
Definition
By becoming a VLAN Trunking Protocol server the device will push its VLAN list out to all VTP client devices on the network.
Term
Wha is VTP Transparent mode?
Definition
The switch will not participate in VTP, but it will forward VTP announcement frames out its trunk ports.
Term
In IOS what command would change the trunking mode between 802.1Q, ISL, or to negotiate?
Definition
SWITCHPORT TRUNK ENCAPSULATION
Term
In IOS what does Dynamic Desirable refer to?
Definition
Initiates negotiation messages and responds to negotiation messages to dynamically use trunking.
Term
In IOS what does Dynamic Auto refer to?
Definition
Passively waits to receive trunking requests but does not initiate them.
Term
When you have no trunk ports configured what will you see when you run the SHOW INTERFACES TRUNK command?
Definition
The command only displays trunked ports, so with none configured it will give a blank output.
Term
You have two switches, one end is set to switchport mode access, the other is set to dynamic auto. What behavior would you expect from this link?
Definition
Access mode
Term
You have two switches, one end is set to switchport mode access, the other is set to dynamic desirable. What behavior would you expect from this link?
Definition
Access mode
Term
You have two switches, one end is set to switchport mode access, the other is set to trunk. What behavior would you expect from this link?
Definition
The VLAN tags will be stripped from the packets as they arrive at the access node. Only devices that happen to be on the native VLAN would be able to communicate properly. All other VLANs may be have in erratic ways.
Term
You have two switches, one end is set to switchport mode trunk, the other is set to dynamic auto. What behavior would you expect from this link?
Definition
Trunk mode
Term
You have two switches, one end is set to switchport mode trunk, the other is set to dynamic desirable. What behavior would you expect from this link?
Definition
Trunk mode
Term
You have two switches, one end is set to switchport mode dynamic auto, the other is set to dynamic desirable. What behavior would you expect from this link?
Definition
Trunk mode
Term
You have two switches, one end is set to switchport mode dynamic auto, the other is set to dynamic auto. What behavior would you expect from this link?
Definition
Access mode
Term
What is the Cisco recommendation regarding DTP on access or unused ports?
Definition
Set the interface to SWITCHPORT NONEGOTIATE
Term
What VLANs are allowed by default on a trunk port?
Definition
All VLANS is the default.
Term
What is the command to remove a VLAN from a trunk interface?
Definition
SWITCHPORT TRUNK ALLOWED VLAN REMOVE
Term
What are the circumstances that will prevent a VLAN's traffic from crossing a trunk interface?
Definition
A VLAN has been removed from the trunk’s allowed VLAN list.
A VLAN does not exist in the switch’s configuration (as seen with the show vlan command).
A VLAN does exist, but has been administratively disabled (shutdown).
A VLAN has been automatically pruned by VTP.
A VLAN’s STP instance has placed the trunk interface into a blocking state.
Term
Imagine that a switch connects through an Ethernet cable to a router, and the router’s host name is R1. Which IOS commands could tell you information about the IOS version on R1 without establishing a Telnet connection to Hannah? (Choose two answers.)
Definition
SHOW CDP NEIGHBORS DETAIL
SHOW CDP ENTRY R1
Term
A switch is cabled to a router whose host name is H100. Which of the following CDP commands could identify H100's model of hardware? (Choose two answers.)
Definition
SHOW CDP NEIGHBORS
SHOW CDP ENTRY H100
Term
The output of the show interfaces status command on a 2960 switch shows interface Fa0/1 in a “disabled” state. What interface configuration command is the cause?
Definition
SHUTDOWN
Term
Switch SW1 uses its Gigabit 0/1 interface to connect to switch SW2’s Gigabit 0/2 interface.
SW2’s Gi0/2 interface is configured with the speed 1000 and duplex full commands. SW1 uses
all defaults for interface configuration commands on its Gi0/1 interface. At what speed and duplex level with the link actually perform?
Definition
1000 Mbps and full duplex.
Term
Which commands list the MAC address table entries for MAC addresses configured by port security? (Choose two answers.)
Definition
SHOW MAC ADDRESS-TABLE
SHOW MAC ADDRESS-TABLE STATIC
Term
On a Cisco Catalyst switch, you issue a show mac address-table command. Will the output include the IP address of the listed devices?
Definition
No, MAC Addressing is a completely layer 2 function. Mac to IP translation is handled by ARP.
Term
Layer 2 switches SW1 and SW2 connect through a link, with port G0/1 on SW1 and port G0/2 on SW2. The network engineer wants to use 802.1Q trunking on this link. The show interfaces
g0/1 switchport command on SW1 shows the output listed here:
SW1# show interfaces gigabit0/1 switchport
Name: Gi0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
What switchport mode options would allow this link to work as intended?
Definition
SW2 can be any of the following:
SWITCHPORT MODE TRUNK
SWITCHPORT MODE DYNAMIC AUTO
SWITCHPORT MODE DYNAMIC DESIRABLE
Term
CDP
Definition
Cisco Discovery Protocol, proprietary system that allows Cisco devices to broadcast some of their details out to other devices on the network. This allows for easier troubleshooting and documentation of a network.
Term
LLDP
Definition
Link Layer Discovery Protocol, IEEE standardized method of allowing network devices to broadcast some of the basic details to other devices on the network. Allows for easier troubleshooting and documentation of a network.
Term
What types of information can be learned used CDP?
Definition
- Hardware platform of devices
- Cisco IOS version running on Cisco devices
- Hostname
- Interfaces active on Cisco devices, including encapsulation type
- IP addresses of interfaces on devices
- Duplex setting
- VLAN Trunking Protocol (VTP) domain
- Native VLAN
- Locally connected devices advertising Cisco Discovery Protocol
Term
In IOS what command would give you the CDP details of whatever is connected to a specific interface?
Definition
SHOW CDP NEIGHBORS [interface type number]
Term
In IOS what command would produce the follow output:
Device ID: lab-7206
Entry address(es):
IP address: 172.19.169.83
Platform: cisco 7206VXR, Capabilities: Router
Interface: Ethernet0, Port ID (outgoing port): FastEthernet0/0/0
Holdtime : 123 sec

Version :
Cisco Internetwork Operating System Software
IOS (tm) 5800 Software (C5800-P4-M), Version 12.1(2)
Copyright (c) 1986-2002 by Cisco Systems, Inc.

advertisement version: 2
Duplex: half

-------------------------
Device ID: lab-as5300-1
Entry address(es):
IP address: 172.19.169.87
Platform: cisco AS5300, Capabilities: Router
--More--
Definition
SHOW CDP NEIGHBORS DETAIL
Term
In IOS what command will give you the detailed CDP information for a device named SW2?
Definition
SHOW CDP ENTRY SW2
Term
Based on the following output, which interface on SW2 is used to go to SW1?

Device ID Local Intrfce Holdtme Capability Platform Port ID
SW1 Gig 0/2 170 S I WS-C2960- Gig 0/1
Definition
Gig 0/2
Term
Under what circumstances is it recommended to disable CDP?
Definition
Since CDP exposes so much information about the network topology it should be disabled on any interface where you don't need to use it. CDP should be disabled on any interfaces that leave your network, and also on interfaces that go to end users that would not have a valid need for the data.
Term
In IOS what command allows you to see if CDP is running on the device overall?
Definition
SHOW CDP
Term
In IOS what command allows you to see if CDP is running on specifically interface fa/01?
Definition
SHOW CDP INTERFACE FA0/1
Term
Generally speaking which layer does an interface's "line status" refer to?
Definition
Layer 1 - Physical
Term
Generally speaking which layer does an interface's "protocol status" refer to?
Definition
Layer 2 - Data Link
Term
In IOS if you have an interface with a status other than "connected" or "up/up" what functionality will that interface currently have?
Definition
The switch will not receive or forward frame on that interface.
Term
In IOS What does "administratively down" mean on a line status?
Definition
The interface is configured with a shutdown command. Can also be shown as being "disabled"
Term
In IOS what could an interface status of "notconnect" mean?
Definition
There is no cable attached, or the cable is bad, there is a port speed mistmatch, the device on the other end is off or has disabled the interface on that side.
Term
Gigabit and faster connections always autonegotiate to what duplex setting?
Definition
Full Duplex
Term
SW1 Gig0/1 is set to auto negotiate speed and duplex settings on the connection to SW2 Gig0/2. SW2 is manually configured with SPEED 100 and DUPLEX FULL. Explain how the connection will function.
Definition
Because SW2 has been manually configured the autonegotiation from SW1 will fail. SW1 will sense the signal speed and determine SW2 is using 100 Mbps, and will use half duplex and end up with a duplex mismatch.
Term
Why is a duplex mismatch a problem?
Definition
The device that thinks the connection is half duplex will assume it cannot send and receive at the same time so if it receives a frame while it is sending it will stop sending, trigger a back off timer and try again despite there being no actual collision. The performance will be erratic and inefficient and the interface will still show as being connected (up/up) so the problem may be missed by a casual inspection.
Term
In IOS what is the interface input errors counter tracking?
Definition
A total of many counters, including runts, giants, no buffer, CRC, frame, overrun, and ignored counts.
Term
In IOS what is the interface runts counter tracking?
Definition
Frames that did not meet the minimum frame size requirement (64 bytes, including the 18-byte destination MAC, source MAC, Type, and FCS). Can be caused by collisions.
Term
In IOS what is the interface giants counter tracking?
Definition
Frames that exceed the maximum frame size requirement (1518 bytes, including the 18-byte destination MAC, source MAC, Type, and FCS).
Term
In IOS what is the interface CRC counter tracking?
Definition
Received frames that did not pass the FCS math; can be caused by collisions.
Term
In IOS what is the interface frame counter tracking?
Definition
Received frames that have an illegal format, for example, ending with a partial byte; can be caused by collisions.
Term
In IOS what is the interface packet output counter tracking?
Definition
Total number of packets (frames) forwarded out the interface.
Term
In IOS what is the interface output errors counter tracking?
Definition
Total number of packets (frames) that the switch port tried to transmit, but for which some problem occurred.
Term
In IOS what is the interface collisions counter tracking?
Definition
Counter of all collisions that occur when the interface is transmitting a frame.
Term
In IOS what is the interface late collisions counter tracking?
Definition
The subset of all collisions that happen after the 64th byte of the frame has been transmitted. (In a properly working Ethernet LAN, collisions should occur within the first 64 bytes; late collisions today often point to a duplex mismatch.)
Term
In IOS what would be a probable cause of an interface with many errors but notably the CRC errors grow and the collision counters do not?
Definition
Excessive electromagnetic interference on the cable.
Term
In IOS what command will show you only the MAC addresses that the switch has learned dynamically?
Definition
SHOW MAC ADDRESS-TABLE DYNAMIC
Term
Create your expected MAC address tables for the following scenario:
All devices on VLAN 10
SW1 port 9 connects to device 0200.1111.1111
SW1 port 12 connects to device 0200.2222.2222
SW1 port 16 connects to SW2 port 1
SW2 port 8 connects to R1 0200.5555.5555
Definition
SW1# show mac address-table dynamic
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
10 0200.1111.1111 DYNAMIC Fa0/9
10 0200.2222.2222 DYNAMIC Fa0/12
10 0200.5555.5555 DYNAMIC Fa/16
SW2# show mac address-table dynamic
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
10 0200.1111.1111 DYNAMIC Fa0/1
10 0200.2222.2222 DYNAMIC Fa0/1
10 0200.5555.5555 DYNAMIC Fa0/8
Term
ACL
Definition
Access Control List, filters frames and packets based on criteria determined in the ACL.
Term
Looking at a MAC address table what is distinctive about addresses that are entered via port security settings?
Definition
They will show up as static address, not dynamic.
Term
What should be the first command used in troubleshooting a potential VLAN misconfiguration?
Definition
SHOW VLAN
Term
What circumstances would cause the running config to not show all of the VLANs that a switch is aware of?
Definition
VTP clients and servers do not list their VLAN commands in the running or startup configs.
Term
In IOS what command would you use to learn if a switch is a VTP client?
Definition
SHOW VTP STATUS
Term
In IOS how would you set the VTP mode to transparent?
Definition
From global config enter VTP MODE TRANSPARENT
Term
In IOS you run a SHOW VLAN and see one with a status of act/lshut, what does this mean?
Definition
The VLAN has been shutdown and the switch will not forward frames on that VLAN.
Term
How would you shut down VLAN 10 from the global config?
Definition
SHUTDOWN VLAN 10
Term
How would you shut down VLAN 10 from within the VLAN config sub menu?
Definition
SHUTDOWN
Term
You have determined that a switch drops all frames it receives from VLAN 10, what is the likely cause and what command will resolve it?
Definition
VLAN 10 has been disabled, from global config enter NO SHUTDOWN VLAN 10.
Term
You have determined that a switch drops all frames it receives for VLAN 10 only the a trunked interface Gi0/1, what is the likely cause and what command will resolve it?
Definition
VLAN 10 has been removed from the allowed VLAN list on the interface. From the Gi0/1 interface enter SWITCHPORT TRUNK ALLOWED VLAN ADD 10.
Term
If an interface attempts to negotiate a DTP link and the other side of the link is set with SWITCHPORT NONEGOTIATE
what will happen?
Definition
If one side of a link is set to nonegotiate then all automatic DTP attempts will fail and the automatic side will be an access port.
Term
Host A is a PC, connected to switch SW1 and assigned to VLAN 1. What devices and interfaces are typically assigned an IP address in the same subnet as host A?
Definition
All other hosts on the same subnet as well as the router interface that connects to this LAN.
Term
Why does the formula for the number of hosts per subnet (2H – 2) require the subtraction of two hosts?
Definition
To reserve addresses for the subnet broadcast address and subnet ID
Term
A Class B network needs to be subnetted such that it supports 100 subnets and 100 hosts/subnet. What is the minimum number of bits you will need for host addresses, and what is the minimum number of bits for subnets?
Definition
7 host bits = up 126 hosts, and another 7 bits to allow for 128 subnets.
Term
Is 172.31.0.0 a private IP network?
Definition
Yes
Term
Is 172.32.0.0 a private IP network?
Definition
No
Term
Is 192.168.255.0 a private IP network?
Definition
Yes
Term
Is 192.1.168.0 a private IP network?
Definition
No
Term
Is 1.0.0.0 a private IP network?
Definition
No
Term
What is the Class A private network range?
Definition
10.0.0.0 through 10.255.255.255
Term
What is the Class B private network range?
Definition
172.16.0.0 through 172.31.255.255
Term
What is the Class C private network range?
Definition
192.168.0.0 through 192.168.255.255
Term
A network engineer spends time thinking about the entire Class B network 172.16.0.0, and how to subnet that network. He then chooses how to subnet this Class B network and creates an
addressing and subnetting plan, on paper, showing his choices. If you compare his thoughts about this network before subnetting the network, to his thoughts about this network after
mentally subnetting the network, what change will occur in the hosts side of the network addresses?
Definition
It will be reduced by one bit for each one that is used to subnet.
Term
Subnet
Definition
Method of dividing a network address range by taking bits from the host side of an address and adding them to the network side.
Term
PPDIOO
Definition
Cisco formal design process: Prepare, Plan, Design, Implement, Operate, Optimize
Term
What are the two basic rules regarding subnets?
Definition
Addresses in the same subnet cannot be separated by a router.
Addresses in different subnets need to be separated by at least one router.
Term
How many host addresses are available in a /30 network?
Definition
2
Term
What is the smallest functional subnet?
Definition
/30, also written as a 255.255.255.252 subnet mask
Term
Subnet Mask
Definition
Method for dividing IP addresses into two parts, one side for network addresses and the other for host addresses. Works based on expending the addresses into binary with all the network bits being a 1 and all the host bits as a 0. For example a mask of 255.255.0.0 would be equivalent to 11111111.11111111.00000000.00000000
Term
Subnet broadcast address
Definition
The last IP address in a subnet range, all devices on the subnet would receive this packet.
Term
VLSM
Definition
Variable Length Subnet Masks, method of using different subnet mask sizes for your subnets in order to minimize the waste of IP address.
Term
How many bits are in an IPV6 address?
Definition
128 bits
Term
NAT
Definition
Network Address Translation, method by which a router at the edge of your network will modify the IP packet headers that cross it for a variety of results. Examples include PAT, one-to-one mapping, or dynamic mapping.
Term
What are two main factors to consider when choose what size of subnet to use in your network?
Definition
Number of subnets required
Number of hosts on each subnet
Term
Translate this from binary to decimal:
11111111
Definition
255
Term
Translate this from binary to decimal:
01111111
Definition
127
Term
Translate this from binary to decimal:
00111111
Definition
63
Term
Translate this from binary to decimal:
00011111
Definition
31
Term
Translate this from binary to decimal:
00001111
Definition
15
Term
Translate this from binary to decimal:
00000111
Definition
7
Term
Translate this from binary to decimal:
00000011
Definition
3
Term
Translate this from binary to decimal:
00000001
Definition
1
Term
Translate this from binary to decimal:
01010101
Definition
85
Term
Translate this from binary to decimal:
01101101
Definition
109
Term
Translate this from binary to decimal:
01110000
Definition
112
Term
Translate this from binary to decimal:
10000001
Definition
129
Term
Translate this from binary to decimal:
10010000
Definition
144
Term
Translate this from binary to decimal:
11001110
Definition
206
Term
Translate this from binary to decimal:
11000011
Definition
195
Term
Translate this from binary to decimal:
01111110
Definition
126
Term
Translate this from binary to decimal:
01101111
Definition
111
Term
Translate this from binary to decimal:
11110110
Definition
242
Term
Translate this from binary to decimal:
01110001
Definition
113
Term
When planning a new network it is a common practice to assign what device to the first, usable IP address in a subnet?
Definition
The router interface/gateway
Term
What is a Public IP Network
Definition
IANA keeps a list of all the public IP addresses and assigns them to companies for their exclusive use. Public addresses should be unique in the whole world.
Term
What is a Private IP Network
Definition
IETC RFC 1918 defined a range of IP addresses that would be available for internal use. Packets destined for these addresses are dropped by core internet routers.
Term
Is 10.1.255.255 a valid network broadcast address?
Definition
No
Term
Is 192.168.255.1 a valid network broadcast address?
Definition
No
Term
Is 224.1.1.255 a valid network broadcast address?
Definition
No
Term
Is 172.30.255.255 a valid network broadcast address?
Definition
Yes
Term
What type of addresses do you find in the Class D address space?
Definition
Multicast
Term
What is the Class D IP address range?
Definition
224.0.0.0 through 239.255.255.255
Term
What is the Class E IP address range
Definition
240.0.0.0 through 255.255.255.255
Term
What IP address is used for loopback testing?
Definition
127.0.0.1
Term
What is the CIDR equivalent of the following network mask?
255.255.254.0
Definition
/23
Term
What is the CIDR equivalent of the following network mask?
255.255.255.240
Definition
/28
Term
What is the DDN equivalent of /22?
Definition
255.255.252.0
Term
What is the DDN equivalent of /18?
Definition
255.255.192.0
Term
An engineer is thinking about the following IP address and mask using classless IP addressing logic: 10.55.66.77, 255.255.255.0.
How many bits is the network side?
Definition
24 bits
Term
Is 11111111 00111111 11111111 0000 a valid Class C subnet mask?
Definition
No
Term
Is 255.237.0.0 a Valid Class B subnet mask?
Definition
No
Term
What is a prefix mask?
Definition
A method of displaying a subnet mask in the form of / followed by the number of network bits (/8, /16, /24 etc)
Term
List all of the valid values for an octet in a DDN subnet mask.
Definition
.128, .192, .224, .240, .248, .252, .254, .255
Term
The output of the show ip interface brief command on R1 lists interface status codes of “down” and “down” for interface Serial 0/0. What is the most likely cause?
Definition
Check to make sure the serial cable is connected.
Term
RJ48
Definition
Very similar to the RJ45, they use the same connector but have a different pinout scheme and are usually shielded. Used for WAN links to a CSU/DSU.
Term
WIC
Definition
WAN Interface Card, used in Cisco routers
Term
Cisco ISR
Definition
Integrated Services Router, Routing devices that combine other functions such as firewalls, VPN services, voice services, etc.
Term
What control switch does a Cisco router typically have that you would not find on a switch?
Definition
Power switch.
Term
In IOS what command would generate the following output?
Serial0/0/0 is up, line protocol is up
Hardware is WIC MBRD Serial
Description: Link in lab to R2's S0/0/1
Internet address is 172.16.4.1/24
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation HDLC, loopback not set
Keepalive set (10 sec)
Last input 00:00:03, output 00:00:06, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
42 packets input, 3584 bytes, 0 no buffer
Received 42 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
41 packets output, 3481 bytes, 0 underruns
0 output errors, 0 collisions, 4 interface resets
3 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
DCD=up DSR=up DTR=up RTS=up CTS=up
Definition
SHOW INTERFACES SERIAL 0/0/0
Term
In IOS what command would generate the following output?
Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down
GigabitEthernet0/0 172.16.1.1 YES NVRAM down down
GigabitEthernet0/1 unassigned YES manual administratively down down
Serial0/0/0 172.16.4.1 YES NVRAM up up
Serial0/0/1 172.16.5.1 YES NVRAM up up
Serial0/1/0 unassigned YES NVRAM up up
Serial0/1/1 unassigned YES NVRAM administratively down down
Definition
SHOW IP INTERFACES BRIEF
Term
What is the simple explanation of what is going on in the following output:
Interface IP-Address OK? Method Status Protocol
Embedded-Service-Engine0/0 unassigned YES NVRAM administratively down down
Definition
Port is configured with a SHUTDOWN command
Term
What is the simple explanation of what is going on in the following output:
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 172.16.1.1 YES NVRAM down down
Definition
Interface likely has no cable connected; or the cable has a layer 1 issue; or the remote end of the cable is not connected/powered down.
Term
What is the simple explanation of what is going on in the following output:
Interface IP-Address OK? Method Status Protocol
Serial0/0/0 172.16.4.1 YES NVRAM up up
Definition
Connection is working fine at layer 1 and 2.
Term
What is the simple explanation of what is going on in the following output:
Interface IP-Address OK? Method Status Protocol
Serial0/0/0 172.16.4.1 YES NVRAM up down
Definition
Cable is physically connected but there is probably a problem with the configuration.
Term
How will a Cisco router treat an interface that does not have an IP and subnet mask configured?
Definition
Router will not route any traffic to a port without those two details.
Term
What is the command to assign IP 192.168.1.100 255.255.255.0 to a router interface?
Definition
From the interface config,
IP ADDRESS 192.168.1.100 255.255.255.0
Term
In IOS what command would produce the following output:
Global values:
Internet Protocol routing is enabled
Embedded-Service-Engine0/0 is administratively down, line protocol is down
GigabitEthernet0/0 is up, line protocol is up
Internet address is 172.16.1.1/24
GigabitEthernet0/1 is administratively down, line protocol is down
Serial0/0/0 is up, line protocol is up
Internet address is 172.16.4.1/24
Serial0/0/1 is up, line protocol is up
Internet address is 172.16.5.1/24
Serial0/1/0 is administratively down, line protocol is down
Serial0/1/1 is administratively down, line protocol is down
Definition
SHOW PROTOCOLS
Term
Which type of serial cable has the transmit and receive pins cross over?
Definition
DCE
Term
Which type of serial cable does not have the transmit and receive pins cross over?
Definition
DTE
Term
Which type of serial cable do you plug into a router that will be providing clocking to a serial connection?
Definition
DCE
Term
What is the Auxiliary Port on a router used for?
Definition
Typically it is used to allow a user to dial a telephone connection into a router using a modem. It supports the same commands as the console interface.
Term
Which routing protocols do not support VLSM?
Definition
RIP-1 and IGRIP
Term
VLSM
Definition
Variable Length Subnet Mask, when a network uses subnets with different lengths of masks within a single classful network.
Term
Classful routing protocol
Definition
Subnet masks are not advertised as standard classes are assumed (1-126 class A and an 8 bit mask, 128-191 Class B and 16 bits masked, and 192-224 with 24 bits masked.)
Term
Classless routing protocol
Definition
All advertised routes include the subnet mask to be applied.
Term
What is a route summary?
Definition
In order to reduce the number of entries in the routing table a summary is entered which is one entry that covers the span of many smaller subnets that would be found through the specified interface.
Term
Explain the process for determining the best summary route.
Definition
You want to determine the subnet that will cover all the required networks with minimum excess. To do so you first determine the lowest network ID in the set, and then the highest broadcast address in the set. Expand the subnet by 1 host bit and check if both of the previously mentioned addresses are contained. If yes then use this prefix mask, if not then repeat the process of expanding the subnet range by 1 bit until you find one that contains both the network and broadcast address you need.
Term
ACL
Definition
Access Control List, a method of identifying packets based on the contents of their IP, TCP, UDP headers. This is generally used to restrict certain types of access or to apply QoS policies.
Term
What is the standard ACL range?
Definition
1-99, 1300-1999
Term
What is the extended ACL range?
Definition
100-199, 2000-2699
Term
What is the last line of any ACL?
Definition
Deny All
Term
In IOS what command would you use to allow packets from host 10.1.2.3 using ACL 99?
Definition
ACCESS-LIST 99 PERMIT 10.1.2.3
Term
What is a wildcard mask?
Definition
In an ACL the wildcard mask represents the IP address bits that should be ignored when applying a rule. For example to block the 192.168.1.x /24 subnet you would enter a mask of 0.0.0.255
Term
In IOS what command would you use to block packets from subnet 10.1.2.0 /24 using ACL 99?
Definition
ACCESS-LIST 99 DENY 10.1.2.0 0.0.0.255
Term
Under what circumstances would you want to manually include a DENY ANY line in your ACL?
Definition
In the ACL show commands there is a way to view counters for how many packets match each line of an ACL, but it does not count the implied deny all so by manually entering the deny you can get more detailed information about what the ACL is doing to packets as they pass through.
Term
When applying a standard ACL it should be applied at what region of the forward path?
Definition
As near as possible to the destination to avoid blocking unrelated traffic.
Term
A standard ACL makes forwarding decisions based on what?
Definition
Source IP Address
Term
How does a standard ACL determine which rule to apply to a packet first?
Definition
The first rule that matches the source IP is applied and the packet is either allowed or denied. Nothing further down in the list is checked. If no rule matches then at the end of the list the packet is dropped by the implied deny any.
Term
In IOS what command would you enter to apply an existing ACL 10 to packets coming into Fa 0/6?
Definition
CONFIGURE TERMINAL
INTERFACE FA0/6
IP ACCESS-GROUP 10 IN
Term
What is the difference between SHOW IP ACCESS-LISTS and SHOW ACCESS-LISTS?
Definition
Show IP includes only IPV4 ACL's while show access-lists includes all active protocols including IPV6.
Term
When applying an extended ACL it should be applied at what region of the forward path?
Definition
As near to the source as possible, to eliminate unnecessary traffic as early as possible.
Term
In IOS how would you leave a comment on an ACL?
Definition
ACCESS-LIST REMARK (text)
Term
When you configure a router with an outbound ACL what kind of packets will not have the ACL applied even though they are moving outbound on the specified interface?
Definition
Routers don't apply ACL filters to data that they generate themselves, so things such as routing protocols or ICMP commands that originate within the router will not be filtered.
Term
1000Base-T uses which pins to send and which pins to receive?
Definition
Gigabit ethernet uses each pin bidirectionally, so each pin will send and receive.
Term
What does the 0.0.0.252 in the following command represent?
ACCESS-LIST 1 DENY 10.1.1.0 0.0.0.252
Definition
0.0.0.252 is a wildcard mask, it tells the ACL to ignore the last 7 bits of the IP address.
Term
In IOS what command would you enter to apply an existing ACL 10 to packets going out of Fa 0/6?
Definition
CONFIGURE TERMINAL
INT FA0/6
IP ACCESS-LIST 10 OUT
Term
Create an access list to allow packets from 172.16.5.4
Definition
ACCESS-LIST 1 PERMIT 172.16.5.4
Term
Create an access list to allow packets from hosts with 10.3.2 as the first three octets
Definition
ACCESS-LIST 1 PERMIT 10.3.2.0 0.0.0.255
Term
Create an access list to allow packets from hosts with 10.3 as the first two octets
Definition
ACCESS-LIST 1 PERMIT 10.3.0.0 0.0.255.255
Term
Create an access list to allow packets from any host
Definition
ACCESS-LIST 1 PERMIT ANY
Term
Create an access list to allow packets from the same subnet as 10.3.100.1/21
Definition
ACCESS-LIST 1 PERMIT 10.3.96.0 0.0.7.255
Term
Create an access list to allow packets from the same subnet as 10.3.100.1/23
Definition
ACCESS-LIST 1 PERMIT 10.3.100.0 0.0.1.255
Term
Create an access list to allow packets from the same subnet as 10.3.100.1/26
Definition
ACCESS-LIST 1 PERMIT 10.3.100.0 0.0.0.63
Term
Create an access list to allow packets from the same subnet as 10.3.100.1/27
Definition
ACCESS-LIST 1 PERMIT 10.3.100.0 0.0.0.31
Term
Create an access list to allow packets from the same subnet as 10.3.100.1/28
Definition
ACCESS-LIST 1 PERMIT 10.3.100.0 0.0.0.15
Term
Create an access list to allow packets from the same subnet as 10.3.100.1/30
Definition
ACCESS-LIST 1 PERMIT 10.3.100.0 0.0.0.3
Term
What IP address or range is allowed by the following ACL
ACCESS-LIST 1 PERMIT 192.168.6.1
Definition
192.168.6.1 only
Term
What IP address or range is allowed by the following ACL
ACCESS-LIST 1 PERMIT 192.168.6.0 0.0.0.15
Definition
192.168.6.0-.15
Term
What IP address or range is allowed by the following ACL
ACCESS-LIST 1 PERMIT 192.168.6.0 0.0.0.127
Definition
192.168.6.0-.127
Term
What IP address or range is allowed by the following ACL
ACCESS-LIST 1 PERMIT 192.168.6.0 0.0.0.31
Definition
192.168.6.0-.31
Term
What IP address or range is allowed by the following ACL
ACCESS-LIST 1 PERMIT 192.168.4.0 0.0.3.255
Definition
192.168.4.0-192.168.7.255
Term
What IP address or range is allowed by the following ACL
ACCESS-LIST 1 PERMIT 192.168.6.0 0.0.0.63
Definition
192.168.6.63
Term
What IP address or range is allowed by the following ACL
ACCESS-LIST 1 PERMIT 192.168.6.0 0.0.1.255
Definition
192.168.6.0-192.168.7.255
Term
What IP address or range is allowed by the following ACL
ACCESS-LIST 1 PERMIT 192.168.0.0 0.0.63.255
Definition
192.168.0.0-192.168.63.255
Term
What does IOS do if you enter the wild card bits incorrectly into an ACL?
Definition
IOS assumes the wildcard bits are correct and will change your network address to match up to whatever wildcard you enter.
Term
What fields can an extended ACL be configured to look at?
Definition
Source IP, Destination IP, Protocol, Source and Destination Ports
Term
What is the syntax of an extended ACL command?
Definition
ACCESS-LIST name/number[100-199, 2000-2699] [PERMIT/DENY] protocol source_ip source_port dest_ip dest_port
Term
What keyword is required to have an extended ACL apply only to a specific IP address?
Definition
HOST needs to go in before the IP address
Term
In an ACL, how would you mark it to equal a specific port number?
Definition
eq (port number)
Term
In an ACL, how would you mark it to be not equal to a specific port number?
Definition
ne
Term
In an ACL, how would you mark it to a specific port range?
Definition
range
Term
In an ACL, how would you mark it to greater than a specific port number?
Definition
gt
Term
In an ACL, how would you mark it to less than a specific port number?
Definition
lt
Term
In an extended ACL what is the keyword that can also be used match traffic on tcp port 20?
Definition
ftp-data
Term
In an extended ACL what is the keyword that can also be used match traffic on tcp port 21?
Definition
ftp
Term
In an extended ACL what is the keyword that can also be used match traffic on tcp port 23?
Definition
telnet
Term
In an extended ACL what is the keyword that can also be used match traffic on tcp port 25?
Definition
smtp
Term
In an extended ACL what is the keyword that can also be used match traffic on tcp/udp port 53?
Definition
domain
Term
In an extended ACL what is the keyword that can also be used match traffic on udp ports 67/68?
Definition
nameserver
Term
In an extended ACL what is the keyword that can also be used match traffic on udp port 69?
Definition
tftp
Term
In an extended ACL what is the keyword that can also be used match traffic on tcp port 80?
Definition
www
Term
In an extended ACL what is the keyword that can also be used match traffic on tcp port 110?
Definition
pop3
Term
In an extended ACL what is the keyword that can also be used match traffic on udp port 161?
Definition
snmp
Term
In an extended ACL what protocols are you able to match packets against?
Definition
TCP, IP, UDP, ICMP
Term
How does a named ACL differ from older style numbered ACL's?
Definition
You can use names to identify them, you define them with ACL subcommands instead of global commands.
Term
How can you remove a single line from an ACL?
Definition
enter the no... form of the line you want to remove from the ACL submenu, or enter no [sequence number of line you want to remove].
Term
How would you insert a new line into an ACL and not have it show up at the end?
Definition
From the ACL submenu enter your new command with a sequence number indicating where you would like to insert it.
Term
In an ACL if you enter a new statement without specifying a sequence number where does it end up in the list?
Definition
At the end of the list
Term
In the VTY subconfiguration what is an access-class for?
Definition
Used to match packets to an ACL.
Term
In the VTY subconfiguration what is the important quirk to be aware of about using an outbound access-class?
Definition
Instead of the standard ACL function of filtering based on source IP they will filter based on the destination IP.
Term
When editing an ACL what should you do to the interfaces it is applied to?
Definition
Do not work on an ACL while it is active on an interface, it is very likely that you will block traffic that you did not intend to block while you are entering the various permit commands. Depending on your route to the device you can also cut yourself off.
Term
Why is your NTP configuration considered an important element of network security?
Definition
If you are trying to investigate a possible breach you will have a much easier time tracking movement through the network if all of the devices are using consistent time stamps.
Term
What is the command to become an NTP client?
Definition
from global config,
NTP SERVER [SERVER IP ADDRESS]
Term
How would you see information about NTP relationships a router has with other devices such as clients, peers, and servers?
Definition
SHOW NTP ASSOCIATIONS
Term
How would you set up a password to secure NTP?
Definition
from global config,
NTP AUTHENTICATION KEY
Term
How do you set a network device to be an NTP server?
Definition
NTP MASTER
Term
What does CIDR stand for?
Definition
Classless Interdomain Routing
Term
Is 191.168.1.1 a private or public IP address according to RFC 1918?
Definition
Public
Term
Is 172.31.1.1 a private or public IP address according to RFC 1918?
Definition
Private
Term
Is 172.33.1.1 a private or public IP address according to RFC 1918?
Definition
Public
Term
Is 10.1.255.1 a private or public IP address according to RFC 1918?
Definition
Private
Term
With static NAT, performing translation for inside addresses only, what causes NAT table
entries to be created?
Definition
Configuration using the ip nat inside source command
Term
With dynamic NAT, performing translation for inside addresses only, what causes NAT table
entries to be created?
Definition
The first packet from the inside network to the outside network
Term
What NAT command would you use to match specific hosts based on an access-list?
Definition
IP NAT INSIDE SOURCE LIST [NUMBER] POOL [NAME]
Term
How does classless routing differ from classful?
Definition
Classless ignores the old A, B, or C class ranges. These protocols also require a subnet mask to be included since they cannot make assumptions.
Term
Explain the operation of static NAT.
Definition
The router will have a one to one mapping of internal private addresses and the public address that it will give their packets when they go outside the network. This limits the number of private addresses to the same as your public addresses.
Term
In terms of NAT, explain what is meant by inside local and inside global addresses?
Definition
Inside local address is the private address assigned to a device and the inside global is the address the router will use to represent that device outside the local network.
Term
In terms of NAT, explain what is meant by outside local and outside global addresses?
Definition
A less common use case where the external device is assigned a private address (outside local) to be referenced by devices on the local network. The outside global address is the public IP that the device responds to outside the local network.
Term
Explain the operation of basic dynamic NAT.
Definition
Still uses a one to one mapping of private and public addresses, but dynamically assigns the public IP address to be used from a defined pool of addresses.
Term
Explain the operation of PAT.
Definition
Port Address Translation, also called NAT overload, creates a map between every combination of inside local (private) addresses and ports to an inside global (public) address and port. In many cases a single public IP can handle connections for all internal addresses. By far the most popular type of NAT configuration.
Term
What command would you use to have an interface learn it's IP address by DHCP?
Definition
From the interface subconfiguration prompt,
IP ADDRESS DHCP
Term
What does the IP ADDRESS DHCP command do?
Definition
Configures an interface to learn it's IP address from a dhcp server.
Term
On a router, how do you configure an interface to be treated as an internal connection in terms of NAT
Definition
From the interface subconfiguration prompt,
IP NAT INSIDE
Term
On a router, how do you configure an interface to be treated as an external connection in terms of NAT
Definition
From the interface subconfiguration prompt,
IP NAT OUTSIDE
Term
On a router, what is the command to use static NAT to map private to public IP addresses?
Definition
IP NAT INSIDE SOURCE STATIC [INSIDE-LOCAL IP ADDRESS] [INSIDE-GLOBAL IP ADDRESS]
Term
What is the IOS command to clear the dynamic NAT table?
Definition
CLEAR IP NAT TRANSLATION *
Term
What does a router do with packets destined for an outside network if the NAT table does not have any available local global addresses?
Definition
Those packets are dropped.
Term
How does dynamic NAT determine which IP addresses need to be translated out?
Definition
The addresses are matched against an ACL.
Term
In IOS, what is the command to set up a dynamic NAT pool?
Definition
From the global config prompt,
IP NATE POOL [NAME] [FIRST IP] [LAST IP] NETMASK [SUBNET MASK]
Term
What show commands would you use to find out about NAT setup on a router?
Definition
SHOW IP NAT TRANSLATIONS
SHOW IP NAT STATISTICS
Term
The command SHOW IP NAT STATISTICS lists two kinds of misses, what do they tell you?
Definition
The first is the Hits: and Misses: which lets you know the number of packets that have matched the requirements to be translated. The first packet of a stream will generally be a miss as there is not an existing NAT entry in place yet.

The second allocated, misses line refers to devices that have requested NAT addresses but were unable to due to the pool being exhausted.
Supporting users have an ad free experience!