CCNA3 Chap 2 Study Questions

advertisement
CCNA3 Exploration Chapter 2. Study questions. Answers
2.1
How does CSMA/CD work?
A device that needs to transmit must listen for traffic on the shared medium. If
there is traffic then it waits. If there is no traffic then it sends.
The device continues to listen while sending.
If another device also sends then the signals will meet and there is a collision.
The device detects a collision if it receives signals while it is transmitting.
On detecting a collision, the transmitting devices send out a jamming signal to
warn all devices on the network that there is a collision.
All devices stop transmissions and run the backoff algorithm that gives them a
random time to wait before attempting to transmit again.
Any device may be the first to transmit after the backoff period. The devices
that were transmitting at the time of the collision do not have any priority.
What are unicast, broadcast and multicast transmissions?
A unicast transmission is addressed to one host. The majority of
transmissions are unicast. A broadcast transmission is addressed to all hosts
on the network, e.g. ARP request, RIPv1 updates. A multicast transmission is
addressed to a specific group of devices. RIPv2 updates are multicast and
processed only by routers running RIPv2. Videoconferencing between a group
of hosts would use multicast messages.
In an Ethernet frame, which field comes immediately after the start frame
delimiter, and how long is this field?
The Destination MAC Address field, which is 6 bytes long.
What is the purpose of the Length/Type field?
If the value in the Length/Type field is less than 0x0600 then it gives the
length of the frame’s data field. If the value is 0x0600 or more then it is a code
to identify the type of protocol running at OSI layer 3.
How long is the data field, and why is a pad sometimes needed?
The data field can be anything from 46 to 1500 bytes. A data field of 46 bytes
would give a total frame length of 64 bytes, and this is the smallest frame
allowed in order for collisions to be detected in time for the CSMA/CD process
to work properly. If the amount of data is less than 46 bytes then a pad is
added to make the length up to 46 bytes.
SW
3/8/2016
533580526
1
What is the purpose of the field in the frame trailer?
The trailer contains the Frame Check Sequence Field. The sending device
carries out a cyclic redundancy check calculation based on the contents of the
frame, and stores the result in this field. The receiving device carried out the
same calculation and compares the result with the contents of the field. If they
are different then the frame has been corrupted in transmission and should be
discarded.
How long is a MAC address and how is it written?
48 bits. It is written as 12 hexadecimal digits in one of three formats:
00-05-9A-3C-78-00, 00:05:9A:3C:78:00, or 0005.9A3C.7800.
How does the NIC of a receiving PC use the destination MAC address?
If the destination MAC address is the address of the Ethernet port of the NIC,
or is a broadcast address or a multicast address being used by the device,
then the frame is passed up to the network layer for further processing. If not,
then the frame is discarded.
What is the Organizational Unique Identifier?
The first 24 bits of a MAC address. It identifies the manufacturer of the NIC or
device.
Where must half duplex transmission be used on an Ethernet network?
Where there is a shared medium, for example where devices are connected
by a hub. Ports set to use full duplex have their collision detection capabilities
disabled, so full duplex must not be used on a shared medium.
What are the conditions for collision-free operation on an Ethernet network?
Fully switched and full duplex so that each end device has a dedicated link in
each direction to the switch.
What is the advantage of having a switch port set to auto, rather than full or
half, and what is a potential problem?
A switch port set to auto will attempt to negotiate with the device at the other
end of the link on whether the link should operate using full or half duplex. If
the other device is also able to autonegotiate then they will choose the best
option that they can both manage, which should be full duplex. There is no
need for manual configuration. There could be a problem if the other device is
not able to autonegotiate, but is set to use full duplex. When autonegotiation
fails, the switch will default to half duplex and there will be a mismatch leading
to errors.
SW
3/8/2016
533580526
2
What is the advantage of having the auto-MDIX feature enabled on a switch
port?
You can use either a straight-through or a crossover cable. The switch will
detect which is in use and compensate accordingly.
What is the purpose of a switch MAC address table?
It contains a list of switch ports with the MAC address of the device connected
to each port. When a frame arrives, the switch reads the destination MAC
address and forwards the frame out of the correct port.
How does a switch build its MAC address table?
It reads the source MAC address in each incoming frame and matches it to
the entry port. It adds the information to its table. (Or refreshes the information
if it is already there.)
What does a switch do if a frame arrives and the destination MAC address is
not in its MAC address table?
It floods the frame out of all ports except the incoming port.
What does a switch do with a broadcast frame?
It floods the frame out of all ports except the incoming port.
You replace a hub with a layer 2 switch. How does this affect collision
domains?
It replaces a large collision domain with many small collision domains. (This
should reduce the number of collisions and improve performance.)
You replace a hub with a layer 2 switch. How does this affect broadcast
domains?
It has no effect on broadcast domains.
Why can switch based latency be a problem if cheap switches are used on a
busy network?
Entry level switches (the cheaper models) may not have enough internal
processing power to cope with all their ports operating simultaneously at their
maximum bandwidth. This can cause delays. More expensive models of
switch should have enough internal throughput to work at “wire speed” so that
switch based latency is not an issue.
SW
3/8/2016
533580526
3
Why do routers typically add more latency than switches?
Routers work with layer 3 data, which is more deeply encapsulated and takes
longer to extract from a frame, and they carry out more complicated
processing on the data.
Why does a router split a network into separate broadcast domains?
Because a router does not forward broadcasts by default.
Which forwarding method is used on current models of Cisco switch?
Store and forward is used on current switch models.
What are the two varieties of cut-through switching, and how do they work?
Fast forward reads an incoming frame only as far as the end of the destination
MAC address and then immediately starts to transmit on the outgoing port
while the remainder of the frame is still being received. It does not carry out
any kind of checking of the frame.
Fragment free reads the first 64 bytes of the frame before starting to forward
it. This ensures that the frame is at least 64 bytes long and therefore not a
collision fragment. There is no other checking.
How does store and forward switching work?
The switch stores the whole of an incoming frame into a buffer, reads the
whole frame and carries out a cyclic redundancy check. Damaged frames are
discarded. The frame is then forwarded through the appropriate port.
What is the main advantage of cut-through switching?
Low and predictable latency.
What are the advantages of store and forward switching?
All frames are checked so that corrupted frames are not forwarded to take up
bandwidth and processing time on other devices.
It is possible to carry out quality of service (QoS) processing to give priority to
voice and video traffic, so this form of switching is necessary on converged
networks.
It is possible to read a frame entering at one bandwidth and transmit it at a
different bandwidth.
What is the difference between a symmetric switch and an asymmetric
switch?
A symmetric switch has all ports working at the same bandwidth. An
asymmetric switch is capable of operating with ports working at different
bandwidths. Most modern switches are asymmetric.
SW
3/8/2016
533580526
4
How is shared memory buffering better than port-based memory buffering?
Port-based memory buffering has a separate buffer of fixed capacity for each
incoming port. Shared memory buffering puts all incoming frames into the
same buffer so that the memory can be allocated dynamically as required.
This can allow larger frames to be processed.
Port-based memory buffering keeps frames entering by each port in a
separate queue. If the frame at the front of the queue needs an exit port that is
busy, then the frames behind it have to wait even if their exit ports are
available. In shared memory buffering, each frame can leave as soon as its
exit port is available.
Where ports are operating at different bandwidths, shared memory buffering is
particularly important.
How does a layer 3 switch differ from a layer 2 switch?
The traditional Ethernet switch is a layer 2 switch, which processes layer 2
MAC addresses in order to determine how to forward frames. A layer 3 switch
can do this, but it can also process layer 3 IP addresses and use them to
make switching decisions. This enables layer 3 switches to carry out some
routing operations that would traditionally be carried out by a router.
What factors would you take into account when choosing between a layer 3
switch and a router?
The need for speed – the switch is faster.
The need for WAN connections – router is normally better.
The need for advanced layer 3 services – need a router.
Switch>enable
What are you doing if you give this command? What prompt will you see
next?
Changing from user exec mode to privileged exec mode.
Switch#
Which commands would you give in order to enter interface configuration
mode for interface Fa0/1, starting with the following prompt?
Switch>
Switch>enable
Switch#configure terminal
Switch(config)#interface fa0/1
Switch(config-if)#
SW
3/8/2016
533580526
5
What is Cisco Network Assistant?
Cisco Network Assistant is an application that can be downloaded from Cisco
if you have a valid CCO account. It lets you manage single switches or groups
of switches by using a graphical user interface rather than the command line
interface.
What is Cisco Device Manager?
Cisco Device Manager is software that lets you configure and manage a
switch using a web browser from anywhere in the network. This software is
provided with the switch.
What are the two ways of using ? to obtain help when using the command line
interface?
Start entering a command word and type ? without a space in front of it. You
should see a list of possible ways of completing the word.
Type ? with a space in front of it. You should be given a list of words that can
be entered next.
What is the command history buffer, and how can you show its contents?
It stores the last 10 commands that were entered. (By default. You can
change the number.) Each mode has its own buffer.
show history is the command to list the contents. You need to give it at the
right prompt, depending on which mode’s commands you want to list.
What happens when you power up a switch?
Boot loader software loaded from NVRAM.
CPU initialisation and POST.
Flash initialised.
Operating system found and loaded.
Configuration file loaded.
Prompt displayed.
How do you know whether a switch has passed or failed the POST?
The SYST LED will blink green if the POST was successfully completed, but
turn amber if it was not.
POST messages are also displayed if you have a console connection active
as you start the switch.
Does a switch need an IP address?
A switch will operate without an IP address. If you want to access the switch
remotely by Telnet or using the web based interface or if you want to be able
to ping it for test purposes then you need to give it an IP address.
SW
3/8/2016
533580526
6
Which switch interface(s) should be configured with an IP address, and do
you need a different IP address for each interface?
Unlike a router, a switch is configured with just one IP address. This address
is not configured on any of the physical interfaces. Instead it is configured on
a virtual interface: a VLAN interface. At least one of the physical interfaces
needs to be assigned to the VLAN that has the IP address.
By default, which VLAN is used for switch management, and is it considered
good practice to keep to this default?
By default, VLAN 1 is used. This can lead to security problems so it is
advisable to use a different VLAN for management purposes. (In the example,
VLAN 99 is used, but this does not have to be the case.)
Starting from privileged exec mode on switch SW1, how would you configure
the ip address 192.168.1.2/24 on VLAN 99 and associate the physical
FastEthernet 0/24 interface with this VLAN? Go on to configure the default
gateway 192.168.1.1 and save the configuration.
SW1#configure terminal
SW1(config)#interface vlan 99
SW1(config-if)#ip address 192.168.1.2 255.255.255.0
SW1(config-if)#no shutdown
SW1(config-if)#exit
SW1(config)#interface fa 0/24
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 99
SW1(config-if)#exit
SW1(config)#ip default-gateway 192.168.1.1
SW1(config)#exit
SW1#copy run start
What is the effect of the commands duplex auto and speed auto given in
interface configuration mode on a switch?
That switch port will attempt to autonegotiate the duplex setting and the
bandwidth with the attached device. (This is the default condition on most
switches, so you should not need to give these commands if you want
autonegotiation.)
What is the advantage of including the command ip http server in the switch
configuration?
It allows you to use the web based GUI interface for configuring the switch if
you access the switch remotely.
SW
3/8/2016
533580526
7
How does a dynamic address get into the switch MAC address table?
The switch learns it by inspecting the source MAC address of an incoming
frame.
What is the advantage of using static addresses?
It provides security. Only the device with the specified MAC address can
connect to the switch port. Also, static addresses are not aged out and
removed from the table.
What command would you give to map the MAC address 000c.7671.7d90 to
interface fa 0/6 on VLAN 3?
mac-address-table static 000c.7671.7d90 vlan 3 interface fa 0/6
Which command would display the saved configuration?
Show startup-config
Which command would display the configuration currently in RAM?
Show running-config
Which command would give information about the hardware and the operating
system?
Show version
Which command would display the table of MAC addresses and associated
ports?
Show mac-address-table
Which command would tell you if ports are operational, and give their duplex
and speed settings?
Show interfaces
You can save a switch configuration by entering copy run start
but what is the full formal version of this command? What assumptions are
made when you use the short version?
Copy system:running-config flash:startup-config
The short version assumes that the running configuration is in RAM (system)
and that you want to save the configuration to flash NVRAM memory.
SW
3/8/2016
533580526
8
How would you make a copy of your saved configuration to a file called
backupJan08 in flash memory?
Copy startup-config flash:backupJan08
(Or shorten to Copy start flash:backupJan08 )
You want to go back to the saved configuration. Why is it better to reload the
switch rather than using the command copy start run?
Copy start run will read the saved configuration into RAM, but it will not
remove the commands already in RAM, it will just add to the existing running
configuration. This may not be what you want.
Which command would you use to make a copy of the running configuration
to a file called SW1config on a PC with IP address 192.168.13.6 that is
running TFTP server software?
copy system:running-config tftp://192.168.13.6/SW1config
(copy run tftp://192.168.13.6/SW1config)
If you just enter copy run tftp then the system will prompt you for the IP
address and the file name.
You have used the command erase start to remove a saved startup
configuration. Which command has the same effect?
erase nvram:
How would you remove a file called backupJan08 from flash memory?
delete flash:backupJan08
(Be very careful when deleting files from flash. The IOS is held there with
other vital files.)
How would you configure switch SW1 so that console access and telnet
access are protected by a password? Start in privileged exec mode and return
there. Assume that the switch has 16 vty lines. Use cisco as the password in
every case as you would in the lab (though of course you would not use this
password on a “real” network).
SW1#configure terminal
SW1(config)#line con 0
SW1(config-line)#password cisco
SW1(config-line)#login
SW1(config-line)#line vty 0 15
SW1(config-line)# password cisco
SW1(config-line)# login
SW1(config-line)#end
SW
3/8/2016
533580526
9
Which password is encrypted by default?
Enable secret, which protects access to privileged exec mode.
How can the login passwords, which are not normally encrypted, be given
weak encryption?
service password-encryption
You want to establish a console connection with a 2960 switch, but you have
forgotten the login password. You want to keep the existing saved switch
configuration. What do you do?












Set up a Hyperterminal connection in the usual way.
Power the switch off.
Power the switch on, and press the Mode button within 15 seconds
while the SYS LED is still flashing green. Hold the mode button down
until the LED goes amber then solid green.
Give the following commands:
flash_init
load_helper
dir flash (to show the files in flash memory)
Check that the configuration file is there. It should be called config.text.
Rename the configuration file so that the switch cannot find and load it.
The suggestion is to call it config.text.old, though you could call it
anything you like.
rename flash:config.text flash:config.text.old
Give the command to boot the switch so that it loads its operating
system. It will also try and fail to find a saved configuration to load.
boot
There is no configuration in force and therefore no passwords. You
have access to the switch. Do not enter the setup dialogue.
You see the user exec prompt. Go to privileged exec mode. You are
now safely in past any passwords, so you can restore the configuration.
Give the configuration file its original name back.
rename flash:config.text.old flash:config.text
Copy the configuration into RAM
flash:config.text system:running-config
and confirm this when prompted.
Set new passwords as required and save the new configuration.
If you configure both a login banner and a motd banner, which will display
first?
The motd banner.
SW
3/8/2016
533580526
10
Why should SSH be preferred to Telnet for remote access whenever
possible?
SSH messages are encrypted but Telnet messages are not.
What is happening here?
SW1(config)#ip domain-name ourdomain.com
SW1(config)#crypto key generate rsa
SW1(config)#ip ssh version 2
SW1(config)#line vty 0 15
SW1(config-line)#transport input SSH
The switch is being configured to use SSH instead of Telnet on the vty lines.
Which command would allow either SSH or Telnet to be used?
SW1(config-line)#transport input all
What is a MAC flooding attack?
This attack depends on the facts that a switch MAC address table is limited in
size, and that a switch will flood frames whose destination MAC address is
unknown. The attacker makes a connection to the switch and sends the
switch a large number of frames with fake source MAC addresses by using a
network attack tool. This fills the table up. The switch then floods all incoming
frames (fail-open mode). The attacker therefore receives all frames addressed
to any host on the network.
What is a DHCP spoofing attack?
The attacker introduces a rogue DHCP server that is on the network segment
under attack and therefore likely to be closer than the genuine DHCP server.
When a host requests an IP address, the rogue DHCP server replies first and
gives the host an IP address and a default gateway which directs traffic to the
attacker’s device. Traffic from the host that should go to a remote network will
go to the attacker instead.
What is DHCP snooping?
It is a security feature on a Cisco catalyst switch. It allows certain ports to be
configured as trusted. Only devices connected to these ports are allowed to
provide DHCP information to clients. All devices can still request IP
addresses. It can also limit the rate at which DHCP requests can be sent.
Why is CDP a security risk?
An attacker using Wireshark (or similar) could inspect the contents of CDP
packets and find out about devices. The attacker could also fake CDP packets
to give false information to neighbour devices. CDP should therefore be
disabled unless it is required.
SW
3/8/2016
533580526
11
What are the three types of secure MAC address that can be configured on a
switch port?
Static, dynamic and sticky.
By default, what is the security violation mode of a switch port?
Shutdown.
Which type of port security is being configured here?
SW1(config)#int fa 0/12
SW1(config-if)#switchport mode access
SW1(config-if)#switchport port-security
Dynamic
How would you configure switch port 0/13 to learn and accept the first four
MAC addresses that connect to it, as secure sticky addresses, but then reject
any other MAC addresses?
Start at the prompt SW1(config)#
SW1(config)#int fa 0/13
SW1(config-if)#switchport mode access
SW1(config-if)#switchport port-security
SW1(config-if)# switchport port-security maximum 4
SW1(config-if)# switchport port-security mac-address sticky
SW1(config-if)#end
Your switch has 24 ports but you are only using 14 ports at present. What
should you do to enhance security?
Disable all the unused ports using the shutdown command.
SW
3/8/2016
533580526
12
Download