network cisco ccna gns3 certification arteq

network cisco ccna gns3 certification arteq
a network runs through it

Search insearchofthecert

Tuesday, January 17, 2012

more questions in the form of answers...

try to figure out the question... rough...

1.  Switches increase the number of collision domains in a network

2.  Switches forward broadcasts and multicasts by default to all ports within the same vlan.  Routers block all broadcasts by default.

3.  A switch is a multiport bridge which learns mac addresses by examining source mac addresses of incoming frames

4.  The main function of a router is to connect different separated networks together. A subset of  this function is switching packets and providing network communication and also filtering of addresses and applications at the port level.

5.  Hubs can be used at layer one to repeat an electrical signal, (extend) and increase the amount of stations supported on a lan.  Repeaters do not interpret bits but do examine and generate electrical signals.

6.  Packet switching and path selection are the primary functions of a router.

7.  Switches usually have a higher number of ports than bridges.  Bridges and switches forward layer 2 broadcasts and make forwarding decisions based on layer 2 addresses.

8.  A csu/dsu terminates a digital local loop. A modem terminates an analog local loop. A router is commonly considered a dte device.

9.  Switches are capable of filtering frames based on layer 2 fields and also have the potential for 100Mb full duplex communication.

10.  CDP can be used to determine the ip address of a directly connected device and to verify layer 2  connectivity.

11.  CDP can supply device id’s (hostname), capabilities (router, switch, etc.), platforms (ios and version), port id (interface), and layer 2 and 3 addresses of directly connected layer 2 devices.

12.  100 MB utp has a distance limit of 100 meters. However, fiber is not prone to voltage potential differences (not susceptible to electrical interference and provides a lack of emissions).

Page 2

13.  Switches on different networks (subnets, vlans) will need a router between them connected by a straight through cable.  Like devices require a crossover, unlike devices, straight through  and a console cable for the router must be a rollover cable.

14.  WAN connections operate at layer 1 and layer 2 of the osi model. Occasionally they operate at layer 3 (in the case of x.25)

15.  ICMP is a protocol that helps manage, control and verify the veracity of a TCP/IP network at the layer 3 (network) layer.

16.  Layer 7 (application layer) is the highest layer of the osi model.  It describes the use of applications such as http, ftp, tftp, etc.

17.  IP addressing and routing reside at OSI layer 3 (network layer)

18.  The transport layer (layer 4) provides end to end connectivity for connection oriented (TCP) and connectionless oriented (UDP) protocols.  TCP is connection oriented because it includes reliability and flow control functions. UDP is connectionless because it is merely best effort.

19.  The network layer creates logical paths between host systems on a LAN.

20.  The transport layer is concerned with transmission acknowledgement (syn, syn-ack, ack) sequencing and flow control on a network, as well as error recovery. 

21.  As a packet traverses a network it retains the address of the destination host (OSI layer header) whereas, the layer 2 address represents only the hardware address of the next hop device.  Layer 2 information remains local (never passes through a router).

22.  The transport layer provides mechanisms for segmenting upper layer applications, the establishment, maintenance and orderly termination of virtual circuits, flow control and reliability via TCP, transport fault detection and recovery.  The network layer uses layer 3 addresses for path determination and packet forwarding.  Packets are encapsulated, not frames.  The datalink layer adds hardware source and destination addresses to frames, not segments.

23.  The transport layer provides reliability through acknowledgements, sequencing and flow control.  Data segments are sequenced into their original order upon arrival to the destination.  It uses flow control to prevent packet flooding to the destination host.

24.  skipped.

Page 3

25. The TCP segment includes 12 fields:
1. Source port  2. Destination port.  These first two fields identify the upper layer source and destination ports processed by TCP services. 3.  Sequence number usually specifies the number assigned to the first byte of data in the current message. It can also be used to identify an initial sequence number for a future transmission. 4.  Acknowledgement number, contains the sequence number of  the next byte of data the sender expects to receive.  5.  Data offset indicates the number of 32 bit words in the TCP header.  6.  Reserved-for future use. 7.  Flags- carries control information, including syn-ack bits for connection establishment, and FIN for connection termination.  8.  Window-specifies the size of the sender’s receive window (buffer space available for incoming data) 9.  Checksum-indicating header transmission damage if applicable.  10.  Urgent pointer- points to the first urgent byte in the packet 11.  Options-various tcp options, and 12. Data, contains upper layer information.

26. skipped

27.   In order to configure a static (1 to 1) NAT the ip nat inside source static  (inside-address) (outside-address) command must be issued in global configuration mode.  Then the corresponding interfaces must be configured for nat, ie:
int fa0/0
ip address
ip nat inside

int s0/0
ip address
ip nat outside

28.  https uses  TCP port 443 for a secure web connection at layer 4.

29.  Telnet and FTP are both examples of programs  that use the Application layer of the OSI model (layer 7). Also www browsers, NFS, SMTP, SNMP, HTTP.

30.  The OSI model encourages industry standardization by defining what functions should occur at each layer, and divides the communication process into smaller and simpler components, aiding component development, design and troubleshooting.

Page 4

31.  Types of flow control used in a network: (layer 4)
Congestion avoidance, windowing and buffering.

32.  SMTP, FTP, HTTP and HTTPS all use TCP at layer 4 because of its reliable delivery.

33.  A tcp header (layer 4) contains source port, destination port, sequence number, acknowledgement  number  and window size fields.  The acknowledgement number refers to the sequence number of the last pdu received.

34.  A TCP header contains a source port (ie 21 for FTP0 an acknowledgement number and a window field.
Source port = 16 bits
Destination port = 16 bits
Sequence number = 32 bits
(the sequence number of the first data byte. If the SYN bit is set, the sequence number in the first byte of data is the initial sequence number plus 1).
Acknowledgement number = 32 bits
(if the ack bit is set this field has the value of the next number the sender is expecting to receive)
Data offset = 4 bits
(the number of 32 bit words in the TCP header, indicating where the data begins.  The length of the TCP header is always a multiple of 32 bits).
Reserved 3 bits (must be cleared to zero.
ECN = 3 bits Explicit Congestion Notification (rfc 3168)
Control bits = 6 bits
Window = 16 bits (number of data bytes which the sender will accept).
Checksum = 16 bits. 
Urgent pointer = 16 bits
Options = 0 – 44 bytes
Data = Variable length.

35.  Acknowledgement, sequencing and flow control are functions of the transport layer.

36.  If a receiving host is failing to receive all the segments that should be acknowledged, the receiver can decrease the window size, however this will reduce throughput overall as the segments are smaller and more acknowledgements will need to be sent.

Page 5

37.  The highest layer used by FTP is the application layer.  Naturally, in the course of the communication, all OSI layers will be used.

38.  ICMP is used for network troubleshooting and verification.  It can provide hosts with information about network problems and is encapsulated within IP datagrams.  ICMP is a an IP protocol.  No source or destination ports are included in its packets. 

39.  SMTP, FTP and HTTP use TCP for reliable data delivery.

40.  Buffering, windowing and congestion avoidance are type of flow control used by the transport layer.

41.  Telnet uses TCP port 23 at layer 4.

42.  DNS uses both  TCP and UDP at layer 4.
FTP ports 20 and 21, SMTP port 25, Telnet port 23 all use TCP at layer 4.

43.  A switch with VLAN’s is the best method to segregate traffic at layer 2, with the aid of a router (LAYER 3).

44.  Applications that use UDP for transport are tolerant of UDP’s connectionless quality and usually have some mechanism to recover data loss.  Therefore in the case of VOIP, UDP will pass the datagrams up to the next layer of OSI in the order that they arrive, and the application will sort it out.

46.  A fully meshed network (all network devices connected directly to all other network devices) creates maximum redundancy, and minimum latency.

47.   Partially meshed skipped.  See partially meshed.

48.  Hub and spoke.  All connections linked to a single Hub. 

Page 6

54.  when packets leave hostA destined for hostB, the packet contains the source ip address of hostA, the destination ip address of hostB, but arrives bearing the mac address of the default gateway for hostB.

57.  a router that does not responf to a trace can be a potential problem in a network path.

58.  A mac address is changed after crossing each broadcast domain.  Ie. A packet leaves a host, it’s ip address remains intact throughout the trip.  The mac address will be the mac address of its default gateway.  For the receiving host, the mac address will be the mac address of its gateway.

59.  a packet destined for an http server leaves a host.  The destination port number will be 80.  the source port is chosen randomly but in this case the destination port will be 80 (http) the destination ip remains the same but the destination mac will be that of the receiving host’s default gateway.

60.  routers forward packets based on the network address.  They build a new mac header which includes  the router’s mac address and the final destination’s mac, or the mac address of the next router in the path.

61.  as a packet traverses its path the source and destination ip address does not change.  The mac address will be the default gateway of the sender, unless it passes through another router.

62.  a packet’s ip addresses remains the same as it traverses the network but the destination’s physical address is the gateway router’s physical address.

63.  as a packet traverses a network it retains its source and destination ip addresses.  The destination mac address will be that of the receiving host’s gateway router.

 Page 7

64.  packets destined for a host on another network will begin the journey with the hardware address of it’s gateway router.

65.  if a destination ip address resides on a different network, the frame begin’s its journey with the mac address of the sending hosts gateway.  It will arrive at the host with the mac address of its own gateway router.

66.  source and destination ip addresses never change as a packet traverses an internetwork.  The frame however begins the journey with the senders gateway mac, and ends the journey with the receivers gateway mac.

67.  another name for a mac address is content addressable memory. 

68.  BGP is unnecessary on networks that contain only a single link to the internet.  IGP’s are usually not supported by ISP’s.

69.  setting a default route can be done two ways; using the interface name of the originating router, or the address of the next hop address.  Ie., s0/0 (of the originating router) or (s0/1 address of next hop)

70.  review config-router#default-information originate for OSPF networks

71.  a default ip route. Ip route and a default network route, ip default-network, are the same basic ideas

72.  to provide a wan connection to an isp through the local loop to the CO of the provider use a csu/dsu or a modem

73.  STP takes 30 to 50 seconds to converge. If a primary trunk goes down, the blocked trunk, redundant link will take over after convergence.

74.  show cdp neighbor detail will give you layer 3 information about directly connected layer 2 devices.

75.  if a directly connected link is up, and you have no layer 2 communication, you have a layer 2 problem.

 Page 8

76.  with link lights and no ability to ping (request timed out) the problem is most likely a layer 3 problem.

77.  straight through cables connect unlike devices, host to switch, switch to router. Crossovers connect like devices.  Lights at the links mean physically, links are good.  An encapsulation problem would have lights but no connectivity (layer 2 problem)

78.  administratively down means the administrator has the port in shutdown (or out of the box config), just down indicates a physical problem and line protocol down indicates a layer 2 problem

79.  CDP is a device discovery protocol (cisco proprietary) that operates at layer 2 (datalink)

80.  https, smtp and tftp are application layer protocols

81.  full duplex Ethernet can provide higher throughput than half duplex of the same bandwidth.

82.  in store and forward switching the frame is received before forwarding. Store and forward may increase latency but it can reduce the amount of errors forwarded through the network.

83.  split horizon means that information about a route should never be sent back in the direction in which it came.

84.  PPP is not an option for lan interfaces. CHAP authentication can only be used on PPP encapsulated interfaces. The speed command is not used on WAN interfaces

85.  use straight through for unlike devices, crossover for like devices, and a console cable from host to router.

86.  a crossover cable should be used between switches for trunking (like devices)

87.  trunked links should be provisioned with 100M cables at a minimum between switch and router to provide IVR. Either isl or 802.1q may be employed for the trunk.

88.  like devices used crossed cables, unlike, straight through, router to host (console) uses rollover.

 Page 9

89.  two pc’s connected together need a crossed cable and need to be in the same subnet.

90.  10baset has a distance limitation of 100 meters. 100basetx (fastethernet) and 1000baset (1 gig)

91.  full duplex provides higher throughput than does half duplex

92.  port security (mac security) . if a mac address other than one designated attempts to access a secure port the port shuts down permanently (default), shuts down based on a time constraint or drops the packets.

93.  the max segment length for an Ethernet cable should not exceed 100 meters.

94.  ieee 802.3u describes 100base-tx.  802.3z describes  1000 base-sx. 802.3ab describes 1000base-t.

95.  too many hosts in a broadcast domain, broadcast storms and low bandwidth can contribute to lan congestion.

96. on a csma/cd Ethernet
a device with a frame to send listens for the Ethernet to be not busy
the device sends the frame after not busy detected
the sender listens to insure no collision has been detected
after a collision is detected, they each send a jamming signal to ensure all stations 
     recognize the collision
after jamming is complete each sender randomizes a timer and waits
after timer expiration start step 1

97.  half-duplex Ethernet uses a loopback circuit to detect collisions. Full duplex uses two wire pairs to avoid collisions altogether.

98.  Full duplex is good because it is collision free with increased throughput

99.  half duplex means you can’t send and receive at the same time

100. a device with a frame to send listens for the Ethernet to be not busy
the device sends the frame after not busy detected
the sender listens to insure no collision has been detected
after a collision is detected, they each send a jamming signal to ensure all stations 

Page 10

     recognize the collision
after jamming is complete each sender randomizes a timer and waits
after timer expiration start step 1

101.  logical bus and ring topologies are often organized as  a star topology.  Ethernet 802.3 networks are primarily bus topologies.

102.  csma/cd: a device listens and waits until the media is not busy.  All devices see data that passes on the network medium.

102.  .  csma/cd: a device listens and waits until the media is not busy.  All devices see data that passes on the network medium.

103.  on a csma/cd Ethernet
a device with a frame to send listens for the Ethernet to be not busy
the device sends the frame after not busy detected
the sender listens to insure no collision has been detected
after a collision is detected, they each send a jamming signal to ensure all stations 
     recognize the collision
after jamming is complete each sender randomizes a timer and waits
after timer expiration start step 1

104.  for every switch port there is one collision domain. For every hub there is one collision domain.  For every port on a router there is one broadcast domain.

105. a switch and a hub are each connected to an interface on a router. The switch has four hosts.  There are 5 collision domains from the vantage point of the switch (4 hosts + 1 connection to the router. The hub provides 1  the router provides 2 broadcast domains.  The router segments broadcast domains.

106.  routers are good for a network because they filter layer 3 information  and don’t forward broadcasts.

107.  switches, bridges and routers work together to segment a collision domain using vlans.

Page 11

108.  a switch and a hub are each connected to an interface on a router. The switch has four hosts.  There are 5 collision domains from the vantage point of the switch (4 hosts + 1 connection to the router. The hub provides 1  the router provides 2 broadcast domains.  The router separates broadcast domains.

109.  routers do not forward broadcasts by default, routers separate broadcatsts, unless you use ip helper-address

110. root bridge selection is determined by mac address and bridge priority.

111.  if a switch receives a frame with a destination MAC in it’s table it will forward the frame to the corresponding port. See diag.

112.  Multiple frame copies can cause MAC database instability.  If multiple connections between switches (redundancy) network loops can occur in an improperly designed topology.

113.  skipped. See diag.

114.  In spanning tree a lower priority means better.

115.  an unknown host sends a frame to a host on the other side of the switch. The first thing the switch does is update it’s mac table with unknown’s  mac address.

116.  A broadcast address will never be the source address of a frame for input into a mac-address-table.

118.  if a switch receives a frame destined for a host whose mac address is not in its mac table it will flood the frame back out all ports except the one upon which it was received.

119.  if a source address is not in the mac table a switch will flood thye frame out all ports except the one upon which it was received.

120.  if a source address is received by a switch but is not in the mac table, but the destination is, the switch will add the new source mac to its table and forward the frame to the proper destination port.

121.  if a switch receives a frame from a source mac in it’s table destined for a mac also in its table it will forward the frame to the destination mac.

Page 12

122.  if two mac’s populate a mac table and those two macs are off a hub, there are two macs in the switches table assigned to one port because a hub is a single collision domain and the switch will assign the one port both addresses dynamically.

123.  mtu is maximum transmit unit which in this example 1500 is the supported mtu size of the packet.

124.  see diagram

125.  ip default-gateway (address) will set the default gateway on a switch to it’s directly connected next hop router.  The default gateway receives unresolved destination ip’s from the switch.

126.  assigning an ip to a switch will allow the switch to be manged on the network.

127.  all fa and gig links by default are capable of trunk negotiation using dtp. On auto or desirable.  If  both ends are set to auto as dtp considers this passive, they will be set to non-trunking.

128.  when setting a switch first configure the default-gateway of the next hop router in global configuration mode, then set the ip address of int vlan 1?  And issue the no shut command.  A copy run start wouldn’t hurt either

129.  to configure a switch remotely two criteria must be met; it has to be reachable through a vlan management port, and it must have an ip address, subnet, mask and ip default-gateway.

130.  for telnet a switch must have an ip, subnet mask and default gateway assigned.

131.  for a switch to use telnet a default gateway, and interface ip and subnet mask must  be configured.

132.  for a switch to communicate across a router that is directly connected, the switch will need a default gateway, and ip and subnet mask on a switch interface.

133.  unicast icmp packets are required to be sent to a host in order to receive a ping reply.

134.  an alternating amber and green light on a switch port  means the port is experiencing errors.

Page 13

137.  in arp establishes correspondence between ip and an Ethernet hardware address. Serial interfaces will never appear, only the local Ethernet address.

138.  from a router show arp will display entries in the arp table, layer 2 , associated to layer 3 addresses. As will sh int

139.  arp finds a hardware address from a known ip address

140.  sh ip arp will show ip addresses and associated hardware addresses.

141.  a switchport operating in a csma/cd network is at half duplex but may or not be at 10 mbps.

142.  for a vlan trunk the valid modes of operation are on, dyn auto, dyn desirable.  Off an nonegotiate are the other two modes.

143.  isl and 802.1q are the two trunking encapsulations used on cisco switches.

144.  a duplex mismatch will normally result in performance issues.  (fcs’s)

145.  a lan segment with too many hosts,  broadcast storms and low bandwidth are usually the causes of network congestion.

146.  unlike devices require straight through cabling.

147.  do not use portfast on trunks

148.  vtp is used by a router (layer 3 switch) to propagate vlan configuration information in a network

149.  vtp allows switches to share vlan configuration information.

150.  a switch in vlan transparent mode can have it’s local vlan database configured but will not propagate this information across the wire.

Page 14

151.  if a switch has another vlan added to it, that switch will support another broadcast domain

152.  for vlan information to pass through a network, a switch in server mode is needed, the switches need to be in the same vtp domain, and tagging has to be the same (trunking, isl or 802.1q)

152.  to ensure a switch becomes the root switch in the network, set the swich’s id to the lowest value (combination BID and mac address; lower value, higher priority)

153.  STP is a layer 2 protocol used to maintain a loop free environment int a meshed or partially meshed switch fabric.

154.  the spanning tree cost is the accumulated path cost based on the bandwidth of each of the links.

155.  stp in redundant lans works to prevent loops.

156.  the bridge with the lowest priority value (the bridge id is made up of  priority number, first part of number, and wins regardless of mac number)

157.  4 stp states for a bridge port; blocking , listening, learning, forwarding in that order.

158.  a fully converged switch network for spanning tree is when all bridge ports are in blocking or forwarding state.

159.  full convergence in spanning tree is when all bridge ports are forwarding or blocking.

160.  in a redundant switch fabric, stp works to prevent switching loops using 802.1d IEEE algorithm

161.  stp prevents loops in redundant switch environments by placing links in forwarding or blocking state, blocking redundant paths,

162.  in both the learning and forwarding states will an stp switch learn mac addresses.

163.  the root bridge will have the lowest mac address according to the diagram

164.  spanning tree protocol prevents loops in switches connected by multiple paths by placing ports in forwarding and blocking states.

Page 15

165.  stp’s primary purpose is to prevent loops in redundant topologies

166.  when every operating switch has it’s ports either blocking or forwarding, spanning tree is converged.

169.  the purpose of stp is to maintain a loop free layer 2 topology

170.  disabled ports are admin down, or shut down by the system due to faults
          a blocked port still receives bpdu’s
          listening occurs when the root switch determines the port can be ready to forward
          after forward delay, a port can move into learning and can place mac addresses in its table
          after forward delay the port becomes forwarding

171.  the root bridge is elected root because of its lower priority. In case of a tie, the lowest mac address is the tie breaker.

173.  the root port is the port closest to the root switch in terms of cost.

174. an 8 byte value consisting of  BID 2 bytes (prioriy), and mac 6 bytes.  The lower priority wins, go to mac’s if tied.

175.  spanning tree can only be converged after, root bridge, root ports and designated ports are elected. The root port is always either directly connected to root or the least cost path to the root based on bandwidth.

176.  an admin would change a switch’s priority in order to optimize the path frames take from source to destination.

177.  the least cost path to root determines which port becomes the root port for non-root switches.

Page 16

180.  VTP will accomplish a single vlan management domain in a switched network 
182.  vlans segment traffic into multiple smaller lans. This enhances security and efficiency as traffic remains in the vlans whenever possible.

183.  vlans will segment a lan into smaller broadcast domains.

184.  vlans group users by department or groups, reduce overhead by limiting the size of broadcast domains, increase security by keeping traffic separated per vlan, and separate traffic overall, ie, voip on a separate vlan.

185.  vlans can subdivide collision domains into smaller functional units, without being hampered by location.  Vlans logically divide a switch into multiple switches at layer 2.

186.  vlans establish broadcast domains in switched networks, thereby creating many and more efficient broadcast domains as well as reducing congestion which enhances throughput overall.

188.  vlans are great for segmenting departments into separate segments at layer 2.  another option would be to create two wholly separate networks and route between them.

189.  a vlan needs a router to route traffic between or separate vlans will not intercommunicate. 

190.  a trunk port is needed between a single link on a switch to a router to support subinterfaces.

191.  subinterfaces need to be on the same vlan to support a host on that vlan.

192.  inter vlan communication requires the use of a router.

194.  if the link supporting a trunk is down the subinterfaces are also down.

 Page 17

195.  vlans are good, because of; increased performance, improved manageability, tuning and simplification of software configs, physical topology independence, increased security, and increased performance.

196.  if a routers interface that is connecting the vlans is down, hosts in the same network would still be able to communicate with each other but not with hosts in other vlans.

197.  the only requirements for creating a vlan, are number… these last two are incorrect name and assigned ports.

200.  a switchport will need to be in the proper vlan to support particular system resources for a given host (pc)

201.  sh vlan will give you the vlan names and port members of those named vlans

202.  sh vlan will show all ports in access mode… ports that are missing are trunks

203.  all vlans are allowed over trunks by default.

204.  by making a vlan native it will designate that vlan for untagged traffic

206.  isl (cisco) and dot1q (IEEE) are the two main choices for trunk links.

207.  the two essentials for setting up a trunk link are, vtp server, and vtp domain (case sensitive)

208.  all vlans are allowed on trunks by default.

209.  frame tagging allows for trunk encapsulations to use vlans

210.  VTP is a protocol that allows information about a new or existing vlan to be shared across a switched network.

Page 18

211.  two encapsulation types are configurable on cisco trunks, isl and 802.1q

212.  swichport encap dot1q then sw mode trunk are the two necessary commands to make a trunk.

213.  encap frame types for cisco switches are isl and dot1q

214.  without a router a host can only ping hosts who are members of the same vlan

215.  without a router hosts across two switches will still need a trunked link to communicate in the same vlan.

216.  trunks are used only between routers and switches, never end stations or servers.

217.  hosts need to be in the same vlan as the vlan  supported by it’s router’s gateway.

219.  split up a single trunk to support subinterfaces for a router to isolate vlans

220.  use subinterfaces for inter-vlan comm. On a trunk to a switch/ switch switch/router

221.  the subinterface on the trunk to the router corresponding to that vlan is the gateway for a host.

225.  the vtp password is used to validate sources of vtp adverts between switches.

226.  for switches to share vtp information they must also share the same vtp domain name.

227.  a switch in vtp client more cannot save changes to nvram

228.  a switch is required to be in server mode to make changes to a vtp domain. 

229.  in transparent mode a switch can forward advertisements but does not participate in vtp processing.

Page 19

230.  in client mode a switch will forward advertisements and participate in vtp processing.

231.  if a switch in client mode, although receiving update information from a server mode switch will ignore that servers updates if the client switch has a higher revision number.

232.  a client forwards but does not save

233.  a vtp client will forward information to other vtp enabled switches in the domain.

234.  change disparate names of vtp domains to be the same so that vtp servers and clients can participate in vtp

235.  see 234

236.  an arp request is a broadcast and without the aid of spanning tree in a redundant switched network there is a potential for a broadcast loop.

237.  non-designated  ports equal blocked ports by spanning tree, flows are through root and dp’s

238.  a root switch has all ports in non-blocking

239.  the lowest bridge priority value will win the election.

241.  100,000 kbits is fast Ethernet…

242.  if a switch receives a frame that is not in its mac table, it will flood the frame out all the ports except the one upon which it was received. A mac address will age out after 300 seconds

244.  use port security on a switch port and/or static entry to ensure that  only the assigned mac is allowed.

Page 20

245.  mac layer security will restrict access to that port based on a number of criteria.  Restrict to single mac, restrict to a subset of macs. Restrict to a defined maximum of sticky’s…

246.  sw port-security max 1 would limit a host of 1 on that port. If violation is set to shut down, guess what, the port shuts down.

247.  sticky addresses can be learned dynamically. Port security sticky will retain dynamically learned addresses even after the link goes down.

248. with port security dynamically learned addresses run in running config and can be saved to start so they are there on next restart.

249.  use mac security to limit a host or hosts to a port on the switch. 

250. private addresses are – 172.16- and 192.168. –

251.  private addresses are not routable and were devised as a way of conserving addresses on the internet

252.  rfc 1918 defines the private, non royable addresses for use on private networks.  They are 10 – 172.16 – and

253.  all addresses in the rfc defined private ranges are not routable on the internet.  Those except the private addresses and beyond are not routable.  Privates are /8 /12 /16

254.  typically a small network will be issued public addresses by an isp.  Isp’s typically get their registered addresses from IANA RIPE or ARIN

255.  a dhcp server typically automates/assigns ip addresses, and masks, host gateways and dns server information.

256.  dhcp uses udp at the transport layer (port 67 dhcp server, port 68, client).  A broadcast of dhcpdiscover leads to dhcpoffer from the server. 

257.  dns uses both tcp and udp at the transport layer.  Udp messages are not larger than 512 bytes.  Tcp is connection-oriented and zone transfers must be reliable.  Udp is responsible for name lookup

Page 21

258.  an ip address must be assigned to an interface before it can be used by dhcp access lists

259.  ensure that a host ip falls within the subnet of it’s router’s (gateway) subnet.

260.  see question for details

261.  use ip subnet-zero to get more subnet bits out of a tight subnet requirement

262.  be careful of subnet questions that pose different masks from slash notation to decimal notation

263.  for the host the gateway is always the ip address of the next hop router. Careful of slash v. decimal notation in the same question

269.  be careful when asked which one host when two answers are right… correct here

270.  the gateway router and a host need to be in the same subnet, correct

271.  for class b address the third octect, ie, and 16.0 in a /21 or 248.0 would be network addresses, correct

272.  the default gateway is always the next hop router, and they have to be in the same subnet. Correct

313.  incorrect.  Route aggregation means combining routes to multiple networks into one, summarization and supernetting.  These are the SAME

328.  correct a router rorwards an incoming packet by finding routes that match the destination address of the packet, and forwards it to the closest applicable one.  An entry with a host address rather than a network address is the closest of all.

329.  a routing protocol must be enabled to route packets to discontiguous network addresses.

330.  if a router cannot find a boot image in flash it will try a tftp server, unless there are specific boot system instructions

331.  x2102 default boot from flash, x2142 bypass start in nvram, x2100 boot into rommon

332.  if no boot system in nvram,  then tftp, then setup

333.  if a valid start is not found in nvram, nor tftp, the router

334.  up arrow recalls the last command

335.  show history will open the history buffer

page 25

336.  setup mode is usually run out of the box on a new router.  If a router can’t load start from nvram it will load setup…  what about tftp?

337.  x2102 loads ios from flash and start from nvram. X2142 will by pass start in nvram for password recovery.  If there is a physical problem in flash or nvram it won’t boot properly and will not go to setup

338.  ctrl-c will bust you out of  setup

339.  o/r 0x2142 will tell the registry to bypass nvram

340.  nvram is the storage location for start

341.  use 0x2142 to recover the console password, or enable secret after overwriting start

342.  on boot up the router, performs podt(hardware checks), loads and runs bootstrap code from rom, finds and runs ios and other software, finds start in nvram and loads it into run

343.  to recover a password, set the config-register to 0x2142 (which bypasses start) then rename config.text in nvram to config.old and reboot.  Set new password,  rename start, copy run to start and reboot

344.  if a router has not been configured it will go into setup, otherwise it will load start into ram

345.  two ways a router gets into setup, config is missing in nvram, or setup is run from priviledged mode.

346.  ios will only be overwritten if there is not enough space available.

347.  0x2102 is normal for config register it means load start from nvram into ram

348.  boot sequence is flash, tftp, rom (not full ios)

349.  if start is not found in nvram, the router searches tftp, and if not, will run setup

350.  boot sequence nvram, flash, tftp, or rom (partial ios) rommon 1> means ios in flash invalid or corrupt and admin should attempt ios transfer from tftp

Page 26

351.  rommon is an operating system used for hw troubleshooting and password recovery. Also used after break sequence

352.  use a straight through cable to connect a router to a switch.

353.  you can connect a pc to router using crossover cable.  Try this

354.  connect pc to router, crossed, switch to switch crossed

356.  if serial 0/0 is down, layer 1 or incorrect cable is being used

357.  a serial interface on a router would be used for a t1 connect

359.  rip v2 supports authentication, is classless and has the same max hop count as 1

360.  DV’s use split horizon  and hold down timers to avoid routing loops

361.  for dynamic routing in hub and spoke topologies configure subinterfaces and define each as point to point

362.  for rip [120/2] means default admin distance, and two hops away

363.  use disco to get rid of a vty line from the hosting router, use exit from the router you moved to

364.  you can set a vty line to one line by; line vty 0 and it works

365.  if a router is set up with ip addressing and telnet is enabled you can connect to the router, Ethernet to Ethernet using a crossed cable

366.  connect to a router’s console port using a rolled cable from your pc

367.  disco, sh sess and resume are valid commands to manage telnet TO other routers

368.  transport input ssh will configure ssh connectivity only

369.  global config = router(config)#

page 27

371.  if a router is up down on a serial int possible problems are clock rate, encap and/or no keepalives.

372.  issue command no shut when an interface is administratively down

373.  sh interfaces gives you the configurable parameters and stats of all interfaces

374.  in full duplex mode there should never be any collisions on an interface

375.  there is no e0 on the router just fe’s

376.  when an interface is admin down, issue no shut on the int

377.  keep alives are essential to line protocol up status

379.  to use telnet on a remote router make sure the remote router’s vty’s are configured

380.  to check the protocol (ip) stack ping the loopback

381.  the ip stack for a pc is checked by issuing ping… it is working if there is an icmp reply

383.  extended ping is not available from user mode, and cannot specify tcp or udp ports

384.  echo request and reply are the two most common pair that will be seen

385.  destination host unreachable- no local or remote route exists for a destination host

386.  tricky, you know static routes but if no AD is presented, it uses the default AD… be careful read the fucking question

387.  to establish a static route, use the ip route command, dest net and mask and either next hop ip or local outgoing interface

Page 28

388.    format for default route is ip route ip address of next hop

389.  static routes are good for isp to stub networks

390.  static route is ip route dest net mask next hop ip and AD if applicable

391.  to get to network, use next hop or local outgoing interface… that is a static route

392.  for default route use ip of next hop or local outgoing interface

393.  ip route s/0 or ip address of next hop

394.  correct see diagram

395.  static routes are good for stubs

396.  a static route is primarily used for packets sent to a remote network for which a routing protocol has not been configured.

397.  flash is the default storage area for IOS

398.  start is normally saved in nvram

399.  0x2102 is normal boot for a router… review diagram here

400.  before copy tftp flash ensure connectivity to tftp server

402.  flash, tftp then rommon boot sequence

403.  0x2142 means boot w/o start in nvram

404.  with 0x2142 the router bypasses start in nvram and goes to set up… check this

405.  use copy flash tftp to back up ios to tftp server

407.  verify memory and flash before upgrading

page 29

409.  show ver will show you the config-register

410.  router# is the enable prompt

411.  a command from global config  mode is global and affects the entire router

412.  sh ver and sh flash will give the ios image file

413.  check the config-register setting before rebooting to make sure it is 0x2102

414.  copy from to, copy from to. Copy from to….

415.  wrong subnet… correct but look at it again

416.  3 minimum requirements for tftp transfer tftp server running, ip address and tftp must be in same subnet

417.  from an ios name can be determined feature capabilities, hardware platform, run location

418.  sh flaqsh will give you size and used

419.  sh version will give the amount of ram and flash plus file name… show flash will give used space and ios name plus total space available

420.  to back uo ios make sure the server is accessible, has room, verify naming and path conventions

421.  sh ver gives the ios running in ram review the graphic

422.  the graphic is mismarked ignore

423.  rip uses hop count, eigrp has lower admin distance than ospf, and eigrp load balances by default for equal cost paths

424.  ospf uses a hierarchical design to speed convergence, to confine instability to single areas, and to reduce routing overhead REVIEW hierarchical design

page 30

425.  OSPF provides scalability, vlsm, interoperability and minimal overhead

426.  IGRP and EIGRP support unequal cost path load balancing or variance. 

427.  only eigrp will support multiple protocols, ip appletalk and ipx because of built in pdm’s, protocol dependant modules.

428.  eigrp, rip2 and ospf all support vlam and route summarization

429.  ospf is-is eigrp bgp and rip2 support vlsm

430.  rip1 igrp do not support vlsm

431.  eigrp supports multiple protocols, appletalk, ip, ipx because of pdm, and cidr and vlsm

433.  rip2, eigrp and ospf  support vlsm, which is required by the diagram

434.  with ip subnets and variable length masks vlsm, rip2 eigrp or ospf

435.  vlsm support is provided by ospf, eigrp and rip2

436.  ospf is cpu intensive, and requires lots of memory, ripv2 does not

437.  ospf rip2 and eigrp support vlsm

438.  a static route has an AD of 1, directly connected 0

439.  to force a route to be selected versus ospf and rip, lower the AD for rip below that of ospf

440.  static routes, review

441.  ospf beats eigrp when all things equal except size (amount of routers)

442.  eigrp uses bandwidth and delay of the line as metrics by default

443.  rip2 ospf and eigrp minimize the complexity of discontiguous networks

 Page 31

444.  split horizon and poison reverse are two methods of preventing routing loops.  Split horizon guarantees it won’t send a reply update out the same interface upon which it was received, and poison reverse will poison a route with an infinite metric of 16 out all interfaces. A hold down time is activated after a route has failed and any updates about that route will not be believed until the hold down expires.

445.  rip2 ospf and eigrp are prone to less problems in discontiguous networks

446.  link state routing (ospf, is-is) is defined by exchanging triggered updates, routing packets based on shortest path, and every router in an ospf area is capable of representing the entire network topology

447.  correct, but this question’s answer for DV is dubious, review

448.  split horizon states that a routing update will never be sent out the same interface upon which the udate was received.

449.  ripv2 supports classless routing and vlsm is allowed

450.  rip uses hop count as its determining path metric, while eigrp uses bandwidth

451.  ospf is not vendor specific, unlike eigrp, and it operates within a hierarchy.  The largest entity is the autonomous system, a collection of networks under a common administration that shares a routing strategy. 

452.  review big time

453.  link state algorithms sned only the portion of its routing table that describes the state of its links. Link state’s send small portions of tables everywhere whereas DV’s send all or portions only to neighbors

454.  in subnet masks only bits set to 1 are acted upon… in wildcard masks only bits set to 0 are acted upon.  Remember this. Care, don’t care. Subnet masks 1 = care, wildcard masks 0 bits = care

456.  dr and bdr are elcted on broadcast and non-broadcast multi access networks… review this

page 32.

457.  hello  and dead timers for routers to create and adjacency have to be the same

458.  OSPF CANNOT use process id 0…  OSPF cannot use process id 0

459.  in point to point ospf there is no need for a dr or bdr election.  By definition only two routers exist on a point to point connection.

460.  the highest number interface would be the router id in ospf, unless it is shutdown, then ospf would choose the next lower id

461.  in ospf area 0 is known as the backbone and multiple ospf area must connect to area 0

462.  bandwidth calculation… if bw =64kbps,  that is (default 100,000,00) /64000 or 1562.5

463.  the hierarchical design of ospf reduce routing overhead, it doesn’t route between AS’s, uses cost for its metric, supports vlsm, uses short hello messages at a regular interval … review for more

464.  for ospf, multiple areas must connect to area 0 and area 0 is called the backbone

465.  bdr’s and dr’s are elected in non-broadcast multi access networks and broadcast networks. 

466.  ways to make a router ; configure an interface to a higher value than any other on the network, configure a higher loopback address higher than the rest, or set the others to zero… this will not take effect until routers reboot

467.  ospf on the wan maintains neighbor relationships and provides dynamic neighbor discovery

468. is the ospf multicast address point to point links are no different

469.  the process id is locally significant and it is used to identify a unique instance of the ospf database

470.  the highest loopback address will be the router id, no loopback and it will go to highest active interface

Page 32

471.  for interfaces to participate in ospf they have to fall within the vlsm area of the network statement

472.  sh ip ospf int fa0/0 will give dr and bdr information… s0/0 will not because it is point to point on my network

473.  hello and dead timers must match for an adjacency to form

474.  for ospf the wildcard mask is inverse

475.  for neighbor adjacency routers must be in the same area

476.  the dr is responsible for making adjacencies with all neighbors on a multi-access networkb. The bdr backs up the dr if the dr fails.  In interface config mode set a priority from 0-255 manually with ip ospf priority (number)

477.  timers, hello and dead and subnet masks must match for an adjacency to form, and area

480.  the hello protocol in opsf provides dynamic neighbor discovery, and maintain neighbor relationships

481.  for router id, the hifhest logical (loopback address) is used for determination.  If none exist, highest ACTIVE physical interface address

482.  with point to point connections there is no need for a designated router or bdr election.  In broadcast and multicast network, elections occur. The backbone area 0 is not a network type, rather a collection of links.

483.  traits of ospf network, area 0 is the backbone area, multiple areas are not required but multiple areas must connect to area 0

484.  the AD of ospf is 110

Page 33

485.  hello packets are what are used by ospf to keep up with neighbor states (links)

487.  a loopback interface creates stability for the routing process (database) and specifies its router id

488.  d is the letter designation for EIGRP

489.  when EIGRP receives multiple paths to the same destination with the same prefix it adds these routes to its table and bases a best path decision upon the metrics in these updates. EIGRP determines closeness (lowest metric) as the winner and then installs the lowest metric/best path in its routing table.
THIS is the successor...
the default is four equal cost paths for determination, but this can be adjusted to include more or less paths... equal is a relative term and allowances can be determined using variance (to establish near equality)
a feasible successor is a path determined close, but not best after the calculation... this so called backup neighbor may be placed in the topology table and utilized in the event of successor failure
bandwidth and delay are EIGRP's default calculators... load and reliability can also be considered... see below...
r2620_01#sh int fa0/0
fastEthernet0/0 is up, line protocol is up
  Hardware is AmdFE, address is 000f.2394.6c40 (bia 000f.2394.6c40)
  Internet address is
  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
  reliability 255/255, txload 1/255,
rxload 1/255
490.  network statements under routing protocols need to advertise all interface networks

page 34

491.  the eigrp topology table shows all routes to a destination

492.  summary… correct

493.  to enable eigrp…  router eigrp 1, network number

494.  incorrect look again

495.  eigrp maintains a neighbor table and topology table in ram through hello and update packet.  Review eigrp tables

496.  use no auto-summ in eigrp to get specific subnets

497.  review eigrp

498.  sh ip eigrp neighbors contains ip addresses of adjacent neighbors

499.  turn off auto-summ on eigrp to get non-summarized neighbors

500.  sh ip eigrp route will show only eigrp learned routes, versus sh ip route which will show all routes

501.  debug ip eigrp will give you all eigrp related activities in real time.

502.  eigrp as’s must match and eigrp needs to be turned on for all routers

503.  unfair question.  Review

504.  correct, but review

505.  eigrp summarizes at network boundaries.  Turn that shit off for discontiguous networks

506.  the eigrp composite metric is 32 bits and can support external routes (those supported by another routing protocol

507.  a feasible successor in EIGRP is known as a backup route and stored in the topology table.
Feasible distance the lowest calculated metric to each distance
Feasibility condition  is met if a neighbor’s advertised distance is lower than the router’s feasible destination to that network

Page 35

508.  successor, still not clear

509.  if a successor fails and there is no feasible successor, the router sends queries out to neighbors until a new successor is found

510.  if a successor is in active status (go into active state here) and there is no feasible successor, the router sends a multicast query for available routing paths to that destination.

511.  telnet sends text in the plain and the destination device has to be configured to accept a session

512.  ping trace sh int and sh ip route are great tools to troubleshoot ip connectivity on a router

513.  ping verifies connectivity between hosts using icmp echo messages

514.  if a link is down the router on that link will send a destination unreachable message to the originating host.  Lab this

515.  icmp sends an echo request to test connectivity

516.  every interface is a broadcast domain on a router

517.  rip will make a route invalid after 30 seconds (remove it from the table) review lab this

518.  ip classless will allow a router to forward a packet that is destined for a classful discontiguous network

519.  serial interfaces need to be on the same subnet for routers to communicate and they are usually configured with a /30

520.  see diagram, correct

521.  correct but see diagram

522. runts are the result of faulty nics, collisions, duplex mismatch, or trunk issue review

523.  sh proc issues details about active processes.  Check cpu utilization before debugging

page 36

524.  use sho cdp neigh det to verify layer 2 connectivity from one router to another and also see the ip address of the neighbor

525.  in a frame network use sh int sh frame map and sh frame pvc  to troubleshoot connectivity…  back to the lab on frame REVIEW p-to-p multipoint subs, the whole smash

526.  use term mon to display info to the terminal if telnetted to a remote router

527.  sh interfaces is usually the first troubleshooting step in connectivity from a router

528.  line vty 0 pass cisco login will enable telnet on line 0

529.  the telnet password is mandatory

530.  make telnet available with the above commands and lock it up with access-class on the lines in vty config

531.  service password-encry enables encryption on all current and future passwords.

532.  use banner motd for messages upon login to telnet review this stupid shit

533.  the enable secret always takes precedence

534.  service password-encry encrypts all passwords, new or old

535.  be careful… vty access can be prohibited by a password and acl

536.  review big time

537.  802.11b is 11meg 802.11a and g are 54… review all wireless

538.  802.11 is IEEE wi-fi standard… wi-fi alliance sets interoperability standards

539.  dsss is spread spectrum technology… review wireless

540.  bss basic service set, peer to peer review

541.  cordless phones antenna type or direction and metal file cabinets can all cause wireless problems

page 37

542.  using an access point defines ess, review channel distribution here

543.  wpa specifies the use of dynamic encryption keys, and includes authentication by psk

544.  wpa is defined by psk authentication and dynamic encryption keys

545.  wpa keys are dynamic and can change while the system is being used

546.  if an access point has broadcasting disabled, set the ssid to match that which is configured on the AP

547.  IR has a high data rate but limited distance, and require line of sight

548.  microwave ovens and cordless phones can interfere with wireless networks because they operate on similar freq’s

549.  physical security is perhaps the first line of security in a network

550 a DoS attack is defined by a flood of tcp packets requesting server connection. To make it unavailable.  SYN flood

551.  from the outside in, use a firewall to restrict access and ssh to obtain access to network devices.

552.  line vty 0 password cisco login

553.  ids and ips? Are intrusion detection systems…  what the fuck is ips.

554.  use a vlan to segregate student groups from faculty

555.  3 good reasons to assign ports to vlans, isolate broadcast traffic, logically group hosts according to function, increase network security

556.  line cons 0, password, login

557.  use  cdp to enable layer 2 identification in a network.  Use no cdp enable on an interface facing the internet to avoid cdp exploitation on the inside originating from the wild while keeping it on the inside network

page 38

558.  extended acl’s can be used with source and destination ip’s, protocol, and ycp and udp port numbers

559.  use acl’s to filter traffic as it passes through a router and to control vty access

560.  inbound acl’s are processed as part of ingress, outbound as part of egress

561.  acl’s can identify interesting traffic for ddr in isdn networks and can provide ip route filtering among others

562.  with named acl’s, specify whether standard or extended, individual statemements can be deleted and you can use the ip access-list command to create them

563.  standard acl’s filter on source address only

564.  acls are used to filter traffic as it passes through a router and for vty security

565.  named access-lists can have individual statements deleted, must be specified standard or extended and can be created with the command, ip access-list

566.  standard acl’s should be placed close to the destination, while extended should be placed close to the source.  Because extended acl’s have destination information, place it as close to the source as possible so the filtering happens before it traverses

567.  correct see diagram

568.  block icmp to prevent pings, ie, ip access-list ext no_ping
deny icmp any any echo
permit ip any any
ip access-group no_pings in

569.  use vlans and acl’s to increase security in a network

No comments:

Post a Comment