What is the difference between managed and unmanaged switches? (pg. 396)

A. Managed switches have an OS that enables device configuration, unmanaged switches do not.

B. Unmanaged switches require an admin to handle all configuration with no support from the vendor, but managed switches come with a warranty for vendor support.

C. Managed switches can be monitored and controlled any time from external applications, but unmanaged switches can only be configured from the hardware.

D. Unmanaged switches broadcast traffic to every device connected to it, but managed switches can be configured for specific IP ranges and MAC addresses.

A common feature among managed switches that enables a physical network to segment into multiple discreet networks without needing additional hardware. (pg. 400)

A. Trunking

B. Subnetting

C. Virtual local area network (VLAN)

D. Network sharing

C. VLANs help networks by reducing the number of broadcast domains per network device and network subnet. This allows multiple networks to share the same physical infrastructure as well.

Trunking is the process of transferring VLAN traffic between two or more switches.

Subnetting is the process of taking a span of IP addresses and dividing it into smaller groups.

Network Sharing is a Windows feature that allows computers on the same network to share resources like files or USB devices

The process of transferring VLAN traffic between two or more switches. (pg. 401)

A. Trunking

B. Tagging

C. Network Address Translation

D. Routing

A. For trunking to work, a port on each switch is configured as the trunk port to carry all traffic between all switches in a LAN.

A tag is a field in a frame's Ethernet header.

Network Address Translation is a way to map multiple private IP addresses onto a single public IP address before transferring information onto the Internet.

Routing is what enables us to connect individual LANs into WANs.

Cisco's proprietary protocol for automating updates of multiple VLAN switches. (pg. 406)

A. inter-VLAN routing protocol (IVRP)

B. Smart Queue Management Protocol (SQMP)

C. VLAN Trunking Protocol (VTP)

D. Port Tagging Protocol (PTP)

C. When you make changes to the VLAN configuration of a VTP server switch, all the connected VTP clients and VTP servers update their configurations within minutes.

inter-VLAN routing, Smart Queue Management and port tagging aren't actually protocols.

inter-VLAN routing is the process of passing traffic between two VLANs.

Smart Queue Management is the quality of service configuration tool for Ubiquiti routers.

Port tagging is the tool switches switches in different VLANs use to route frames to each other.

The process of passing traffic between two VLANs. (pg. 407)

A. trunking

B. load balancing

C. inter-VLAN routing

D. tagging

B. Each VLAN is its own broadcast domain, even if it's on the same switch as other VLANs. Inter-VLAN routing can be done using a router with multiple ports, but it is more common to see a router-on-a-stick configuration (a signle router interface to connect to multiple VLANs on a switch).

Trunking is the process of transferring VLAN traffic between two or more switches.

Load balancing is a feature that distributes requests evenly among Internet servers.

The feature that allows a router to pass DHCP messages across different router interfaces, allowing a single DHCP server to address multiple networks or subnetworks. (pg. 408-409)

A. out-of-band management

B. inter-VLAN routing

C. DHCP relay

D. port tagging

C. DHCP relay, also know as a relay agent, accepts DHCP broadcasts from clients and sends them via unicast addresses directly to the DHCP server.

Out-of-band management is the process of connecting to a switch that's totally separate from the rest of the network.

Inter-VLAN routing is the process of passing traffic between two VLANs.

Port tagging is when a switch adds a field to a frame's Ethernet header to let the next switch associate it with the correct VLAN.

True or false:

On a classic Layer 2 switch, individual ports have IP addresses because the routing table uses the IP address to determine where to send packets. (pg. 409)

The concept of making a bunch of servers look like a single server, creating a server cluster. (pg. 411)

A. cloud computing

B. load balancing

C. Redundant Array of Independent Disks (RAID)

D. server farm

B. Load balancing not only makes several servers look like one, but it also makes sure that the request load is distributed evenly so that no one is bogged down while another is idle.

Cloud computing is the use of hosted services, such as data storage, servers, databases, networking, and software over the Internet.

RAID is a way to create a fault-tolerant system using physical disk drives.

A server farm is the section of a data center dedicated to storing and operating racks of servers and equipment.

Policies that allow you to prioritize traffic based on certain rules (pg. 413)

A. in-band management

B. quality of service (QoS)

C. load balancing

D. Smart Queue Management (SQM)

B. QoS policies control how much bandwidth a protocol, PC, user, VLAN or IP address may use.

In-band management is the method of configuring a switch that's on the same network.

Load balancing is distributing requests across a cluster of servers to make them look like one.

SQM is the proprietary QoL software for Ubiquiti EdgeMAX routers.

Policies that allow you to prioritize traffic based on certain rules (pg. 413)

A. in-band management

B. quality of service (QoS)

C. load balancing

D. Smart Queue Management (SQM)

B. QoS policies control how much bandwidth a protocol, PC, user, VLAN or IP address may use.

In-band management is the method of configuring a switch that's on the same network.

Load balancing is distributing requests across a cluster of servers to make them look like one.

SQM is the proprietary QoL software for Ubiquiti EdgeMAX routers.

The concept of making a bunch of servers look like a single server, creating a server cluster. (pg. 411)

A. cloud computing

B. load balancing

C. Redundant Array of Independent Disks (RAID)

D. server farm

B. Load balancing not only makes several servers look like one, but it also makes sure that the request load is distributed evenly so that no one is bogged down while another is idle.

Cloud computing is the use of hosted services, such as data storage, servers, databases, networking, and software over the Internet.

RAID is a way to create a fault-tolerant system using physical disk drives.

A server farm is the section of a data center dedicated to storing and operating racks of servers and equipment.

Policies that allow you to prioritize traffic based on certain rules (pg. 413)

A. in-band management

B. quality of service (QoS)

C. load balancing

D. Smart Queue Management (SQM)

B. QoS policies control how much bandwidth a protocol, PC, user, VLAN or IP address may use.

In-band management is the method of configuring a switch that's on the same network.

Load balancing is distributing requests across a cluster of servers to make them look like one.

SQM is the proprietary QoL software for Ubiquiti EdgeMAX routers.

Controlling the flow of packets into or out of the network according to the type of packet or other rules (pg. 413)

A. quality of service

B. load balancing

C. trunking

D. traffic shaping

D. Traffic shaping (also known as bandwidth shaping) is very important when you must guarantee a device or application a certain amount of bandwidth and/or latency, such as with VoIP or video.

Quality of service controls how much of your bandwidth is used for certain devices or applications. You can implement QoS through traffic shaping's bandwidth management.

Load balancing means making a bunch of servers look like a single server, creating a server cluster.

Trunking is the process of transferring VLAN traffic between two or more switches.

To join two or more connections logically in a switch so that the resulting bandwidth is treated as a signle connection and the throughput is multiplied by the number of linked connectors. (pg. 414)

A. link aggregation

B. port bonding

C. port aggregation

D. NIC teaming

A., B. C. and D. These are all different terms for the same concept.

Port bonding is a way to achieve high-speed links between devices without having to upgrade the infrastructure.

What are three ways to connect to a managed switch to configure it? (pg. 396)

A. Use the switch's built-in user interface with the tactile buttons or a touch panel.

B.Connect the switch to the network and use the switch's built-in Web interface.

C. Attach the switch to the network and then use a virtual terminal over SSH to connect to the same command-line interface.

D. Directly plug into a serial interface and use a virtual terminal program to connect to a command-line interface.

What is port security? (pg. 399)

A. Scanning active ports with security software to strengthen authentication and integrity.

B. Providing manual support for older hardware with less modern features.

C. To lock switch ports to specific MAC addresses.

D. Disabling unused or inactive ports to prevent bad actors from network access.

Hardware or software tools that filter traffic based on various criteria such as port number, IP address or protocol. (pg. 415)

A. port security

B. intrusion prevention system (IPS)

C. traffic shaper

D. firewall

D. A firewall works at the border of a network, between the inside and outside. A host-based firewall is installed on a single computer and similarly works on the border of that system.

The concept of port security is to lock switch ports to specific MAC addresses, not to filter traffic.

An IPS is similar sits directly in the flow of network traffic instead of between the inside and outside of the network like a firewall.

Traffic shapers are routers and switches that can implement traffic shaping, the control of packet flow into or out of the network.

An application inside the network that inspects packets, looking for active intrusions. (pg. 415)

A.intrusion prevention system (IPS)

B. proxy

C. intrusion detection system (IDS)

D. firewall

A. An IDS tries to find attacks that a firewall might miss, such as viruses and illegal logon attempts.

An IPS is similar to an IDS but sits directly in the flow of network traffic.

A proxy (server) sits in between clients and external servers, pocketing the requests from the clients for server resources and making those requests itself.

A firewall sits between inside and outside of the network to filter traffic.

True or false:

If the intrusion detection system (IDS) goes down, traffic linked to it might go down too. (pg. 415)

False. When an IDS goes down, traffic continues to flow normally because IDS creates a copy of every packet on a network.

An intrusion prevention system (IPS) may block traffic from flowing if it goes down because it sits directly in the middle of it.

True or false:

An intrusion prevent system (IPS) can detect when an attack on the network is taking place, but can't stop it; it has to request assistance from other devices like a firewall and notify a network admin. (pg. 417)

False

An intrusion prevent system (IPS) can stop an attack while it is happening without needing help from other devices. It can block incoming packets on-the-fly based on IP address, port number or application type.

An intrusion detection system (IDS) has no way to stop a live attack without help from other devices.

The ability for managed switches to copy data from any or all physical ports on a switch to a single physical port. (pg. 417)

A. port aggregation

B. port trunking

C. port bonding

D. port mirroring

D. Port mirroring is incredibly useful for any type of situation where an administrator needs to inspect packets coming to or from certain computers.

Port aggregation and port bonding are two terms for the same thing: joining two or more connections' ports logically in a switch.

Trunking is about moving VLAN traffic across switches, not ports.

A server that sits between clients and external servers, making requests for server resources on behalf of the clients. (pg. 417)

A. proxy

B. Smart Queue Management (SQM)

C. content switch

D. relay agent

A. With a proxy server, the client computers never touch the outside servers and thus stay protected from any unwanted activity. This prevents Web servers from knowing where the client is located.

SQM is the proprietary QoL software for Ubiquiti EdgeMAX routers.

A content switch works with Web servers to perform advanced actions such as load balancing.

A relay agent accepts sends broadcasts to DHCP servers on behalf of clients. It allows a single DHCP server to address multiple networks.

Which of the following is the trunking protocol used in today's VLANs? (pg. 405)

A. 802.1z

B. 802.1t

C. 802.1X

D. 802.1Q

D. The 802.1 standard is used almost universally for port trunking.

802.1X is the protocol used for port authentication.

Which IEEE protocol enables port bonding? (pg. 414)

A. ZACP

B.PAgP

C. 802.1Q

D. LACP

D. Link Aggregation Control Protocol (LACP) specifies a number of features and options to automate the negotiation, management, load balancing and failure nodes of aggregated ports.

Port Aggregation Protocol (PAgP) is the proprietary Cisco protocol for port bonding.

802.1Q is the protocol for VLAN trunking.

ZACP is made up.